diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 826af923..86f494e4 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -124,7 +124,8 @@ jobs: while IFS= read -r provider do echo "testing ${provider}..." - sh test-provider.sh $provider true $providersdir + tree $providersdir + sh test-provider.sh $provider false $providersdir done < ../providers.txt # diff --git a/.gitignore b/.gitignore index 276bd9ee..d007d916 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,8 @@ ed25519tool .DS_Store scripts/*/node_modules/ -scripts/*/package-lock.json \ No newline at end of file +scripts/*/package-lock.json +stackql*.sh +stackql +stackql-zip +.stackql/ \ No newline at end of file diff --git a/providers/src/awscc/v00.00.00000/provider.yaml b/providers/src/awscc/v00.00.00000/provider.yaml new file mode 100644 index 00000000..e5e7951d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/provider.yaml @@ -0,0 +1,1873 @@ +id: awscc +name: awscc +version: v00.00.00000 +providerServices: + accessanalyzer: + id: accessanalyzer:v00.00.00000 + name: accessanalyzer + preferred: true + service: + $ref: awscc/v00.00.00000/services/accessanalyzer.yaml + title: accessanalyzer + version: v00.00.00000 + description: accessanalyzer + acmpca: + id: acmpca:v00.00.00000 + name: acmpca + preferred: true + service: + $ref: awscc/v00.00.00000/services/acmpca.yaml + title: acmpca + version: v00.00.00000 + description: acmpca + amplify: + id: amplify:v00.00.00000 + name: amplify + preferred: true + service: + $ref: awscc/v00.00.00000/services/amplify.yaml + title: amplify + version: v00.00.00000 + description: amplify + amplifyuibuilder: + id: amplifyuibuilder:v00.00.00000 + name: amplifyuibuilder + preferred: true + service: + $ref: awscc/v00.00.00000/services/amplifyuibuilder.yaml + title: amplifyuibuilder + version: v00.00.00000 + description: amplifyuibuilder + apigateway: + id: apigateway:v00.00.00000 + name: apigateway + preferred: true + service: + $ref: awscc/v00.00.00000/services/apigateway.yaml + title: apigateway + version: v00.00.00000 + description: apigateway + apigatewayv2: + id: apigatewayv2:v00.00.00000 + name: apigatewayv2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/apigatewayv2.yaml + title: apigatewayv2 + version: v00.00.00000 + description: apigatewayv2 + appconfig: + id: appconfig:v00.00.00000 + name: appconfig + preferred: true + service: + $ref: awscc/v00.00.00000/services/appconfig.yaml + title: appconfig + version: v00.00.00000 + description: appconfig + appflow: + id: appflow:v00.00.00000 + name: appflow + preferred: true + service: + $ref: awscc/v00.00.00000/services/appflow.yaml + title: appflow + version: v00.00.00000 + description: appflow + appintegrations: + id: appintegrations:v00.00.00000 + name: appintegrations + preferred: true + service: + $ref: awscc/v00.00.00000/services/appintegrations.yaml + title: appintegrations + version: v00.00.00000 + description: appintegrations + applicationautoscaling: + id: applicationautoscaling:v00.00.00000 + name: applicationautoscaling + preferred: true + service: + $ref: awscc/v00.00.00000/services/applicationautoscaling.yaml + title: applicationautoscaling + version: v00.00.00000 + description: applicationautoscaling + applicationinsights: + id: applicationinsights:v00.00.00000 + name: applicationinsights + preferred: true + service: + $ref: awscc/v00.00.00000/services/applicationinsights.yaml + title: applicationinsights + version: v00.00.00000 + description: applicationinsights + apprunner: + id: apprunner:v00.00.00000 + name: apprunner + preferred: true + service: + $ref: awscc/v00.00.00000/services/apprunner.yaml + title: apprunner + version: v00.00.00000 + description: apprunner + appstream: + id: appstream:v00.00.00000 + name: appstream + preferred: true + service: + $ref: awscc/v00.00.00000/services/appstream.yaml + title: appstream + version: v00.00.00000 + description: appstream + appsync: + id: appsync:v00.00.00000 + name: appsync + preferred: true + service: + $ref: awscc/v00.00.00000/services/appsync.yaml + title: appsync + version: v00.00.00000 + description: appsync + aps: + id: aps:v00.00.00000 + name: aps + preferred: true + service: + $ref: awscc/v00.00.00000/services/aps.yaml + title: aps + version: v00.00.00000 + description: aps + arczonalshift: + id: arczonalshift:v00.00.00000 + name: arczonalshift + preferred: true + service: + $ref: awscc/v00.00.00000/services/arczonalshift.yaml + title: arczonalshift + version: v00.00.00000 + description: arczonalshift + athena: + id: athena:v00.00.00000 + name: athena + preferred: true + service: + $ref: awscc/v00.00.00000/services/athena.yaml + title: athena + version: v00.00.00000 + description: athena + auditmanager: + id: auditmanager:v00.00.00000 + name: auditmanager + preferred: true + service: + $ref: awscc/v00.00.00000/services/auditmanager.yaml + title: auditmanager + version: v00.00.00000 + description: auditmanager + autoscaling: + id: autoscaling:v00.00.00000 + name: autoscaling + preferred: true + service: + $ref: awscc/v00.00.00000/services/autoscaling.yaml + title: autoscaling + version: v00.00.00000 + description: autoscaling + b2bi: + id: b2bi:v00.00.00000 + name: b2bi + preferred: true + service: + $ref: awscc/v00.00.00000/services/b2bi.yaml + title: b2bi + version: v00.00.00000 + description: b2bi + backup: + id: backup:v00.00.00000 + name: backup + preferred: true + service: + $ref: awscc/v00.00.00000/services/backup.yaml + title: backup + version: v00.00.00000 + description: backup + backupgateway: + id: backupgateway:v00.00.00000 + name: backupgateway + preferred: true + service: + $ref: awscc/v00.00.00000/services/backupgateway.yaml + title: backupgateway + version: v00.00.00000 + description: backupgateway + batch: + id: batch:v00.00.00000 + name: batch + preferred: true + service: + $ref: awscc/v00.00.00000/services/batch.yaml + title: batch + version: v00.00.00000 + description: batch + billingconductor: + id: billingconductor:v00.00.00000 + name: billingconductor + preferred: true + service: + $ref: awscc/v00.00.00000/services/billingconductor.yaml + title: billingconductor + version: v00.00.00000 + description: billingconductor + budgets: + id: budgets:v00.00.00000 + name: budgets + preferred: true + service: + $ref: awscc/v00.00.00000/services/budgets.yaml + title: budgets + version: v00.00.00000 + description: budgets + cassandra: + id: cassandra:v00.00.00000 + name: cassandra + preferred: true + service: + $ref: awscc/v00.00.00000/services/cassandra.yaml + title: cassandra + version: v00.00.00000 + description: cassandra + ce: + id: ce:v00.00.00000 + name: ce + preferred: true + service: + $ref: awscc/v00.00.00000/services/ce.yaml + title: ce + version: v00.00.00000 + description: ce + certificatemanager: + id: certificatemanager:v00.00.00000 + name: certificatemanager + preferred: true + service: + $ref: awscc/v00.00.00000/services/certificatemanager.yaml + title: certificatemanager + version: v00.00.00000 + description: certificatemanager + chatbot: + id: chatbot:v00.00.00000 + name: chatbot + preferred: true + service: + $ref: awscc/v00.00.00000/services/chatbot.yaml + title: chatbot + version: v00.00.00000 + description: chatbot + cleanrooms: + id: cleanrooms:v00.00.00000 + name: cleanrooms + preferred: true + service: + $ref: awscc/v00.00.00000/services/cleanrooms.yaml + title: cleanrooms + version: v00.00.00000 + description: cleanrooms + cloudformation: + id: cloudformation:v00.00.00000 + name: cloudformation + preferred: true + service: + $ref: awscc/v00.00.00000/services/cloudformation.yaml + title: cloudformation + version: v00.00.00000 + description: cloudformation + cloudfront: + id: cloudfront:v00.00.00000 + name: cloudfront + preferred: true + service: + $ref: awscc/v00.00.00000/services/cloudfront.yaml + title: cloudfront + version: v00.00.00000 + description: cloudfront + cloudtrail: + id: cloudtrail:v00.00.00000 + name: cloudtrail + preferred: true + service: + $ref: awscc/v00.00.00000/services/cloudtrail.yaml + title: cloudtrail + version: v00.00.00000 + description: cloudtrail + cloudwatch: + id: cloudwatch:v00.00.00000 + name: cloudwatch + preferred: true + service: + $ref: awscc/v00.00.00000/services/cloudwatch.yaml + title: cloudwatch + version: v00.00.00000 + description: cloudwatch + codeartifact: + id: codeartifact:v00.00.00000 + name: codeartifact + preferred: true + service: + $ref: awscc/v00.00.00000/services/codeartifact.yaml + title: codeartifact + version: v00.00.00000 + description: codeartifact + codebuild: + id: codebuild:v00.00.00000 + name: codebuild + preferred: true + service: + $ref: awscc/v00.00.00000/services/codebuild.yaml + title: codebuild + version: v00.00.00000 + description: codebuild + codedeploy: + id: codedeploy:v00.00.00000 + name: codedeploy + preferred: true + service: + $ref: awscc/v00.00.00000/services/codedeploy.yaml + title: codedeploy + version: v00.00.00000 + description: codedeploy + codeguruprofiler: + id: codeguruprofiler:v00.00.00000 + name: codeguruprofiler + preferred: true + service: + $ref: awscc/v00.00.00000/services/codeguruprofiler.yaml + title: codeguruprofiler + version: v00.00.00000 + description: codeguruprofiler + codegurureviewer: + id: codegurureviewer:v00.00.00000 + name: codegurureviewer + preferred: true + service: + $ref: awscc/v00.00.00000/services/codegurureviewer.yaml + title: codegurureviewer + version: v00.00.00000 + description: codegurureviewer + codepipeline: + id: codepipeline:v00.00.00000 + name: codepipeline + preferred: true + service: + $ref: awscc/v00.00.00000/services/codepipeline.yaml + title: codepipeline + version: v00.00.00000 + description: codepipeline + codestarconnections: + id: codestarconnections:v00.00.00000 + name: codestarconnections + preferred: true + service: + $ref: awscc/v00.00.00000/services/codestarconnections.yaml + title: codestarconnections + version: v00.00.00000 + description: codestarconnections + codestarnotifications: + id: codestarnotifications:v00.00.00000 + name: codestarnotifications + preferred: true + service: + $ref: awscc/v00.00.00000/services/codestarnotifications.yaml + title: codestarnotifications + version: v00.00.00000 + description: codestarnotifications + cognito: + id: cognito:v00.00.00000 + name: cognito + preferred: true + service: + $ref: awscc/v00.00.00000/services/cognito.yaml + title: cognito + version: v00.00.00000 + description: cognito + comprehend: + id: comprehend:v00.00.00000 + name: comprehend + preferred: true + service: + $ref: awscc/v00.00.00000/services/comprehend.yaml + title: comprehend + version: v00.00.00000 + description: comprehend + config: + id: config:v00.00.00000 + name: config + preferred: true + service: + $ref: awscc/v00.00.00000/services/config.yaml + title: config + version: v00.00.00000 + description: config + connect: + id: connect:v00.00.00000 + name: connect + preferred: true + service: + $ref: awscc/v00.00.00000/services/connect.yaml + title: connect + version: v00.00.00000 + description: connect + connectcampaigns: + id: connectcampaigns:v00.00.00000 + name: connectcampaigns + preferred: true + service: + $ref: awscc/v00.00.00000/services/connectcampaigns.yaml + title: connectcampaigns + version: v00.00.00000 + description: connectcampaigns + controltower: + id: controltower:v00.00.00000 + name: controltower + preferred: true + service: + $ref: awscc/v00.00.00000/services/controltower.yaml + title: controltower + version: v00.00.00000 + description: controltower + cur: + id: cur:v00.00.00000 + name: cur + preferred: true + service: + $ref: awscc/v00.00.00000/services/cur.yaml + title: cur + version: v00.00.00000 + description: cur + customerprofiles: + id: customerprofiles:v00.00.00000 + name: customerprofiles + preferred: true + service: + $ref: awscc/v00.00.00000/services/customerprofiles.yaml + title: customerprofiles + version: v00.00.00000 + description: customerprofiles + databrew: + id: databrew:v00.00.00000 + name: databrew + preferred: true + service: + $ref: awscc/v00.00.00000/services/databrew.yaml + title: databrew + version: v00.00.00000 + description: databrew + datapipeline: + id: datapipeline:v00.00.00000 + name: datapipeline + preferred: true + service: + $ref: awscc/v00.00.00000/services/datapipeline.yaml + title: datapipeline + version: v00.00.00000 + description: datapipeline + datasync: + id: datasync:v00.00.00000 + name: datasync + preferred: true + service: + $ref: awscc/v00.00.00000/services/datasync.yaml + title: datasync + version: v00.00.00000 + description: datasync + datazone: + id: datazone:v00.00.00000 + name: datazone + preferred: true + service: + $ref: awscc/v00.00.00000/services/datazone.yaml + title: datazone + version: v00.00.00000 + description: datazone + detective: + id: detective:v00.00.00000 + name: detective + preferred: true + service: + $ref: awscc/v00.00.00000/services/detective.yaml + title: detective + version: v00.00.00000 + description: detective + devopsguru: + id: devopsguru:v00.00.00000 + name: devopsguru + preferred: true + service: + $ref: awscc/v00.00.00000/services/devopsguru.yaml + title: devopsguru + version: v00.00.00000 + description: devopsguru + directoryservice: + id: directoryservice:v00.00.00000 + name: directoryservice + preferred: true + service: + $ref: awscc/v00.00.00000/services/directoryservice.yaml + title: directoryservice + version: v00.00.00000 + description: directoryservice + dms: + id: dms:v00.00.00000 + name: dms + preferred: true + service: + $ref: awscc/v00.00.00000/services/dms.yaml + title: dms + version: v00.00.00000 + description: dms + docdbelastic: + id: docdbelastic:v00.00.00000 + name: docdbelastic + preferred: true + service: + $ref: awscc/v00.00.00000/services/docdbelastic.yaml + title: docdbelastic + version: v00.00.00000 + description: docdbelastic + dynamodb: + id: dynamodb:v00.00.00000 + name: dynamodb + preferred: true + service: + $ref: awscc/v00.00.00000/services/dynamodb.yaml + title: dynamodb + version: v00.00.00000 + description: dynamodb + ecr: + id: ecr:v00.00.00000 + name: ecr + preferred: true + service: + $ref: awscc/v00.00.00000/services/ecr.yaml + title: ecr + version: v00.00.00000 + description: ecr + ecs: + id: ecs:v00.00.00000 + name: ecs + preferred: true + service: + $ref: awscc/v00.00.00000/services/ecs.yaml + title: ecs + version: v00.00.00000 + description: ecs + efs: + id: efs:v00.00.00000 + name: efs + preferred: true + service: + $ref: awscc/v00.00.00000/services/efs.yaml + title: efs + version: v00.00.00000 + description: efs + eks: + id: eks:v00.00.00000 + name: eks + preferred: true + service: + $ref: awscc/v00.00.00000/services/eks.yaml + title: eks + version: v00.00.00000 + description: eks + elasticache: + id: elasticache:v00.00.00000 + name: elasticache + preferred: true + service: + $ref: awscc/v00.00.00000/services/elasticache.yaml + title: elasticache + version: v00.00.00000 + description: elasticache + elasticbeanstalk: + id: elasticbeanstalk:v00.00.00000 + name: elasticbeanstalk + preferred: true + service: + $ref: awscc/v00.00.00000/services/elasticbeanstalk.yaml + title: elasticbeanstalk + version: v00.00.00000 + description: elasticbeanstalk + elasticloadbalancingv2: + id: elasticloadbalancingv2:v00.00.00000 + name: elasticloadbalancingv2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/elasticloadbalancingv2.yaml + title: elasticloadbalancingv2 + version: v00.00.00000 + description: elasticloadbalancingv2 + emr: + id: emr:v00.00.00000 + name: emr + preferred: true + service: + $ref: awscc/v00.00.00000/services/emr.yaml + title: emr + version: v00.00.00000 + description: emr + emrcontainers: + id: emrcontainers:v00.00.00000 + name: emrcontainers + preferred: true + service: + $ref: awscc/v00.00.00000/services/emrcontainers.yaml + title: emrcontainers + version: v00.00.00000 + description: emrcontainers + emrserverless: + id: emrserverless:v00.00.00000 + name: emrserverless + preferred: true + service: + $ref: awscc/v00.00.00000/services/emrserverless.yaml + title: emrserverless + version: v00.00.00000 + description: emrserverless + entityresolution: + id: entityresolution:v00.00.00000 + name: entityresolution + preferred: true + service: + $ref: awscc/v00.00.00000/services/entityresolution.yaml + title: entityresolution + version: v00.00.00000 + description: entityresolution + events: + id: events:v00.00.00000 + name: events + preferred: true + service: + $ref: awscc/v00.00.00000/services/events.yaml + title: events + version: v00.00.00000 + description: events + eventschemas: + id: eventschemas:v00.00.00000 + name: eventschemas + preferred: true + service: + $ref: awscc/v00.00.00000/services/eventschemas.yaml + title: eventschemas + version: v00.00.00000 + description: eventschemas + evidently: + id: evidently:v00.00.00000 + name: evidently + preferred: true + service: + $ref: awscc/v00.00.00000/services/evidently.yaml + title: evidently + version: v00.00.00000 + description: evidently + finspace: + id: finspace:v00.00.00000 + name: finspace + preferred: true + service: + $ref: awscc/v00.00.00000/services/finspace.yaml + title: finspace + version: v00.00.00000 + description: finspace + fis: + id: fis:v00.00.00000 + name: fis + preferred: true + service: + $ref: awscc/v00.00.00000/services/fis.yaml + title: fis + version: v00.00.00000 + description: fis + fms: + id: fms:v00.00.00000 + name: fms + preferred: true + service: + $ref: awscc/v00.00.00000/services/fms.yaml + title: fms + version: v00.00.00000 + description: fms + forecast: + id: forecast:v00.00.00000 + name: forecast + preferred: true + service: + $ref: awscc/v00.00.00000/services/forecast.yaml + title: forecast + version: v00.00.00000 + description: forecast + frauddetector: + id: frauddetector:v00.00.00000 + name: frauddetector + preferred: true + service: + $ref: awscc/v00.00.00000/services/frauddetector.yaml + title: frauddetector + version: v00.00.00000 + description: frauddetector + fsx: + id: fsx:v00.00.00000 + name: fsx + preferred: true + service: + $ref: awscc/v00.00.00000/services/fsx.yaml + title: fsx + version: v00.00.00000 + description: fsx + gamelift: + id: gamelift:v00.00.00000 + name: gamelift + preferred: true + service: + $ref: awscc/v00.00.00000/services/gamelift.yaml + title: gamelift + version: v00.00.00000 + description: gamelift + globalaccelerator: + id: globalaccelerator:v00.00.00000 + name: globalaccelerator + preferred: true + service: + $ref: awscc/v00.00.00000/services/globalaccelerator.yaml + title: globalaccelerator + version: v00.00.00000 + description: globalaccelerator + glue: + id: glue:v00.00.00000 + name: glue + preferred: true + service: + $ref: awscc/v00.00.00000/services/glue.yaml + title: glue + version: v00.00.00000 + description: glue + grafana: + id: grafana:v00.00.00000 + name: grafana + preferred: true + service: + $ref: awscc/v00.00.00000/services/grafana.yaml + title: grafana + version: v00.00.00000 + description: grafana + greengrassv2: + id: greengrassv2:v00.00.00000 + name: greengrassv2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/greengrassv2.yaml + title: greengrassv2 + version: v00.00.00000 + description: greengrassv2 + groundstation: + id: groundstation:v00.00.00000 + name: groundstation + preferred: true + service: + $ref: awscc/v00.00.00000/services/groundstation.yaml + title: groundstation + version: v00.00.00000 + description: groundstation + guardduty: + id: guardduty:v00.00.00000 + name: guardduty + preferred: true + service: + $ref: awscc/v00.00.00000/services/guardduty.yaml + title: guardduty + version: v00.00.00000 + description: guardduty + healthimaging: + id: healthimaging:v00.00.00000 + name: healthimaging + preferred: true + service: + $ref: awscc/v00.00.00000/services/healthimaging.yaml + title: healthimaging + version: v00.00.00000 + description: healthimaging + healthlake: + id: healthlake:v00.00.00000 + name: healthlake + preferred: true + service: + $ref: awscc/v00.00.00000/services/healthlake.yaml + title: healthlake + version: v00.00.00000 + description: healthlake + iam: + id: iam:v00.00.00000 + name: iam + preferred: true + service: + $ref: awscc/v00.00.00000/services/iam.yaml + title: iam + version: v00.00.00000 + description: iam + identitystore: + id: identitystore:v00.00.00000 + name: identitystore + preferred: true + service: + $ref: awscc/v00.00.00000/services/identitystore.yaml + title: identitystore + version: v00.00.00000 + description: identitystore + imagebuilder: + id: imagebuilder:v00.00.00000 + name: imagebuilder + preferred: true + service: + $ref: awscc/v00.00.00000/services/imagebuilder.yaml + title: imagebuilder + version: v00.00.00000 + description: imagebuilder + inspector: + id: inspector:v00.00.00000 + name: inspector + preferred: true + service: + $ref: awscc/v00.00.00000/services/inspector.yaml + title: inspector + version: v00.00.00000 + description: inspector + inspectorv2: + id: inspectorv2:v00.00.00000 + name: inspectorv2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/inspectorv2.yaml + title: inspectorv2 + version: v00.00.00000 + description: inspectorv2 + internetmonitor: + id: internetmonitor:v00.00.00000 + name: internetmonitor + preferred: true + service: + $ref: awscc/v00.00.00000/services/internetmonitor.yaml + title: internetmonitor + version: v00.00.00000 + description: internetmonitor + iot: + id: iot:v00.00.00000 + name: iot + preferred: true + service: + $ref: awscc/v00.00.00000/services/iot.yaml + title: iot + version: v00.00.00000 + description: iot + iotanalytics: + id: iotanalytics:v00.00.00000 + name: iotanalytics + preferred: true + service: + $ref: awscc/v00.00.00000/services/iotanalytics.yaml + title: iotanalytics + version: v00.00.00000 + description: iotanalytics + iotcoredeviceadvisor: + id: iotcoredeviceadvisor:v00.00.00000 + name: iotcoredeviceadvisor + preferred: true + service: + $ref: awscc/v00.00.00000/services/iotcoredeviceadvisor.yaml + title: iotcoredeviceadvisor + version: v00.00.00000 + description: iotcoredeviceadvisor + iotevents: + id: iotevents:v00.00.00000 + name: iotevents + preferred: true + service: + $ref: awscc/v00.00.00000/services/iotevents.yaml + title: iotevents + version: v00.00.00000 + description: iotevents + iotfleethub: + id: iotfleethub:v00.00.00000 + name: iotfleethub + preferred: true + service: + $ref: awscc/v00.00.00000/services/iotfleethub.yaml + title: iotfleethub + version: v00.00.00000 + description: iotfleethub + iotfleetwise: + id: iotfleetwise:v00.00.00000 + name: iotfleetwise + preferred: true + service: + $ref: awscc/v00.00.00000/services/iotfleetwise.yaml + title: iotfleetwise + version: v00.00.00000 + description: iotfleetwise + iotsitewise: + id: iotsitewise:v00.00.00000 + name: iotsitewise + preferred: true + service: + $ref: awscc/v00.00.00000/services/iotsitewise.yaml + title: iotsitewise + version: v00.00.00000 + description: iotsitewise + iottwinmaker: + id: iottwinmaker:v00.00.00000 + name: iottwinmaker + preferred: true + service: + $ref: awscc/v00.00.00000/services/iottwinmaker.yaml + title: iottwinmaker + version: v00.00.00000 + description: iottwinmaker + iotwireless: + id: iotwireless:v00.00.00000 + name: iotwireless + preferred: true + service: + $ref: awscc/v00.00.00000/services/iotwireless.yaml + title: iotwireless + version: v00.00.00000 + description: iotwireless + ivs: + id: ivs:v00.00.00000 + name: ivs + preferred: true + service: + $ref: awscc/v00.00.00000/services/ivs.yaml + title: ivs + version: v00.00.00000 + description: ivs + ivschat: + id: ivschat:v00.00.00000 + name: ivschat + preferred: true + service: + $ref: awscc/v00.00.00000/services/ivschat.yaml + title: ivschat + version: v00.00.00000 + description: ivschat + kafkaconnect: + id: kafkaconnect:v00.00.00000 + name: kafkaconnect + preferred: true + service: + $ref: awscc/v00.00.00000/services/kafkaconnect.yaml + title: kafkaconnect + version: v00.00.00000 + description: kafkaconnect + kendra: + id: kendra:v00.00.00000 + name: kendra + preferred: true + service: + $ref: awscc/v00.00.00000/services/kendra.yaml + title: kendra + version: v00.00.00000 + description: kendra + kendraranking: + id: kendraranking:v00.00.00000 + name: kendraranking + preferred: true + service: + $ref: awscc/v00.00.00000/services/kendraranking.yaml + title: kendraranking + version: v00.00.00000 + description: kendraranking + kinesis: + id: kinesis:v00.00.00000 + name: kinesis + preferred: true + service: + $ref: awscc/v00.00.00000/services/kinesis.yaml + title: kinesis + version: v00.00.00000 + description: kinesis + kinesisanalyticsv2: + id: kinesisanalyticsv2:v00.00.00000 + name: kinesisanalyticsv2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/kinesisanalyticsv2.yaml + title: kinesisanalyticsv2 + version: v00.00.00000 + description: kinesisanalyticsv2 + kinesisfirehose: + id: kinesisfirehose:v00.00.00000 + name: kinesisfirehose + preferred: true + service: + $ref: awscc/v00.00.00000/services/kinesisfirehose.yaml + title: kinesisfirehose + version: v00.00.00000 + description: kinesisfirehose + kinesisvideo: + id: kinesisvideo:v00.00.00000 + name: kinesisvideo + preferred: true + service: + $ref: awscc/v00.00.00000/services/kinesisvideo.yaml + title: kinesisvideo + version: v00.00.00000 + description: kinesisvideo + kms: + id: kms:v00.00.00000 + name: kms + preferred: true + service: + $ref: awscc/v00.00.00000/services/kms.yaml + title: kms + version: v00.00.00000 + description: kms + lakeformation: + id: lakeformation:v00.00.00000 + name: lakeformation + preferred: true + service: + $ref: awscc/v00.00.00000/services/lakeformation.yaml + title: lakeformation + version: v00.00.00000 + description: lakeformation + lambda: + id: lambda:v00.00.00000 + name: lambda + preferred: true + service: + $ref: awscc/v00.00.00000/services/lambda.yaml + title: lambda + version: v00.00.00000 + description: lambda + lex: + id: lex:v00.00.00000 + name: lex + preferred: true + service: + $ref: awscc/v00.00.00000/services/lex.yaml + title: lex + version: v00.00.00000 + description: lex + licensemanager: + id: licensemanager:v00.00.00000 + name: licensemanager + preferred: true + service: + $ref: awscc/v00.00.00000/services/licensemanager.yaml + title: licensemanager + version: v00.00.00000 + description: licensemanager + lightsail: + id: lightsail:v00.00.00000 + name: lightsail + preferred: true + service: + $ref: awscc/v00.00.00000/services/lightsail.yaml + title: lightsail + version: v00.00.00000 + description: lightsail + location: + id: location:v00.00.00000 + name: location + preferred: true + service: + $ref: awscc/v00.00.00000/services/location.yaml + title: location + version: v00.00.00000 + description: location + logs: + id: logs:v00.00.00000 + name: logs + preferred: true + service: + $ref: awscc/v00.00.00000/services/logs.yaml + title: logs + version: v00.00.00000 + description: logs + lookoutequipment: + id: lookoutequipment:v00.00.00000 + name: lookoutequipment + preferred: true + service: + $ref: awscc/v00.00.00000/services/lookoutequipment.yaml + title: lookoutequipment + version: v00.00.00000 + description: lookoutequipment + lookoutmetrics: + id: lookoutmetrics:v00.00.00000 + name: lookoutmetrics + preferred: true + service: + $ref: awscc/v00.00.00000/services/lookoutmetrics.yaml + title: lookoutmetrics + version: v00.00.00000 + description: lookoutmetrics + lookoutvision: + id: lookoutvision:v00.00.00000 + name: lookoutvision + preferred: true + service: + $ref: awscc/v00.00.00000/services/lookoutvision.yaml + title: lookoutvision + version: v00.00.00000 + description: lookoutvision + m2: + id: m2:v00.00.00000 + name: m2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/m2.yaml + title: m2 + version: v00.00.00000 + description: m2 + macie: + id: macie:v00.00.00000 + name: macie + preferred: true + service: + $ref: awscc/v00.00.00000/services/macie.yaml + title: macie + version: v00.00.00000 + description: macie + managedblockchain: + id: managedblockchain:v00.00.00000 + name: managedblockchain + preferred: true + service: + $ref: awscc/v00.00.00000/services/managedblockchain.yaml + title: managedblockchain + version: v00.00.00000 + description: managedblockchain + mediaconnect: + id: mediaconnect:v00.00.00000 + name: mediaconnect + preferred: true + service: + $ref: awscc/v00.00.00000/services/mediaconnect.yaml + title: mediaconnect + version: v00.00.00000 + description: mediaconnect + medialive: + id: medialive:v00.00.00000 + name: medialive + preferred: true + service: + $ref: awscc/v00.00.00000/services/medialive.yaml + title: medialive + version: v00.00.00000 + description: medialive + mediapackage: + id: mediapackage:v00.00.00000 + name: mediapackage + preferred: true + service: + $ref: awscc/v00.00.00000/services/mediapackage.yaml + title: mediapackage + version: v00.00.00000 + description: mediapackage + mediapackagev2: + id: mediapackagev2:v00.00.00000 + name: mediapackagev2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/mediapackagev2.yaml + title: mediapackagev2 + version: v00.00.00000 + description: mediapackagev2 + mediatailor: + id: mediatailor:v00.00.00000 + name: mediatailor + preferred: true + service: + $ref: awscc/v00.00.00000/services/mediatailor.yaml + title: mediatailor + version: v00.00.00000 + description: mediatailor + memorydb: + id: memorydb:v00.00.00000 + name: memorydb + preferred: true + service: + $ref: awscc/v00.00.00000/services/memorydb.yaml + title: memorydb + version: v00.00.00000 + description: memorydb + msk: + id: msk:v00.00.00000 + name: msk + preferred: true + service: + $ref: awscc/v00.00.00000/services/msk.yaml + title: msk + version: v00.00.00000 + description: msk + mwaa: + id: mwaa:v00.00.00000 + name: mwaa + preferred: true + service: + $ref: awscc/v00.00.00000/services/mwaa.yaml + title: mwaa + version: v00.00.00000 + description: mwaa + neptune: + id: neptune:v00.00.00000 + name: neptune + preferred: true + service: + $ref: awscc/v00.00.00000/services/neptune.yaml + title: neptune + version: v00.00.00000 + description: neptune + neptunegraph: + id: neptunegraph:v00.00.00000 + name: neptunegraph + preferred: true + service: + $ref: awscc/v00.00.00000/services/neptunegraph.yaml + title: neptunegraph + version: v00.00.00000 + description: neptunegraph + networkfirewall: + id: networkfirewall:v00.00.00000 + name: networkfirewall + preferred: true + service: + $ref: awscc/v00.00.00000/services/networkfirewall.yaml + title: networkfirewall + version: v00.00.00000 + description: networkfirewall + networkmanager: + id: networkmanager:v00.00.00000 + name: networkmanager + preferred: true + service: + $ref: awscc/v00.00.00000/services/networkmanager.yaml + title: networkmanager + version: v00.00.00000 + description: networkmanager + nimblestudio: + id: nimblestudio:v00.00.00000 + name: nimblestudio + preferred: true + service: + $ref: awscc/v00.00.00000/services/nimblestudio.yaml + title: nimblestudio + version: v00.00.00000 + description: nimblestudio + oam: + id: oam:v00.00.00000 + name: oam + preferred: true + service: + $ref: awscc/v00.00.00000/services/oam.yaml + title: oam + version: v00.00.00000 + description: oam + omics: + id: omics:v00.00.00000 + name: omics + preferred: true + service: + $ref: awscc/v00.00.00000/services/omics.yaml + title: omics + version: v00.00.00000 + description: omics + opensearchserverless: + id: opensearchserverless:v00.00.00000 + name: opensearchserverless + preferred: true + service: + $ref: awscc/v00.00.00000/services/opensearchserverless.yaml + title: opensearchserverless + version: v00.00.00000 + description: opensearchserverless + opensearchservice: + id: opensearchservice:v00.00.00000 + name: opensearchservice + preferred: true + service: + $ref: awscc/v00.00.00000/services/opensearchservice.yaml + title: opensearchservice + version: v00.00.00000 + description: opensearchservice + opsworkscm: + id: opsworkscm:v00.00.00000 + name: opsworkscm + preferred: true + service: + $ref: awscc/v00.00.00000/services/opsworkscm.yaml + title: opsworkscm + version: v00.00.00000 + description: opsworkscm + organizations: + id: organizations:v00.00.00000 + name: organizations + preferred: true + service: + $ref: awscc/v00.00.00000/services/organizations.yaml + title: organizations + version: v00.00.00000 + description: organizations + osis: + id: osis:v00.00.00000 + name: osis + preferred: true + service: + $ref: awscc/v00.00.00000/services/osis.yaml + title: osis + version: v00.00.00000 + description: osis + panorama: + id: panorama:v00.00.00000 + name: panorama + preferred: true + service: + $ref: awscc/v00.00.00000/services/panorama.yaml + title: panorama + version: v00.00.00000 + description: panorama + pcaconnectorad: + id: pcaconnectorad:v00.00.00000 + name: pcaconnectorad + preferred: true + service: + $ref: awscc/v00.00.00000/services/pcaconnectorad.yaml + title: pcaconnectorad + version: v00.00.00000 + description: pcaconnectorad + personalize: + id: personalize:v00.00.00000 + name: personalize + preferred: true + service: + $ref: awscc/v00.00.00000/services/personalize.yaml + title: personalize + version: v00.00.00000 + description: personalize + pinpoint: + id: pinpoint:v00.00.00000 + name: pinpoint + preferred: true + service: + $ref: awscc/v00.00.00000/services/pinpoint.yaml + title: pinpoint + version: v00.00.00000 + description: pinpoint + pipes: + id: pipes:v00.00.00000 + name: pipes + preferred: true + service: + $ref: awscc/v00.00.00000/services/pipes.yaml + title: pipes + version: v00.00.00000 + description: pipes + proton: + id: proton:v00.00.00000 + name: proton + preferred: true + service: + $ref: awscc/v00.00.00000/services/proton.yaml + title: proton + version: v00.00.00000 + description: proton + qldb: + id: qldb:v00.00.00000 + name: qldb + preferred: true + service: + $ref: awscc/v00.00.00000/services/qldb.yaml + title: qldb + version: v00.00.00000 + description: qldb + quicksight: + id: quicksight:v00.00.00000 + name: quicksight + preferred: true + service: + $ref: awscc/v00.00.00000/services/quicksight.yaml + title: quicksight + version: v00.00.00000 + description: quicksight + ram: + id: ram:v00.00.00000 + name: ram + preferred: true + service: + $ref: awscc/v00.00.00000/services/ram.yaml + title: ram + version: v00.00.00000 + description: ram + rds: + id: rds:v00.00.00000 + name: rds + preferred: true + service: + $ref: awscc/v00.00.00000/services/rds.yaml + title: rds + version: v00.00.00000 + description: rds + redshift: + id: redshift:v00.00.00000 + name: redshift + preferred: true + service: + $ref: awscc/v00.00.00000/services/redshift.yaml + title: redshift + version: v00.00.00000 + description: redshift + redshiftserverless: + id: redshiftserverless:v00.00.00000 + name: redshiftserverless + preferred: true + service: + $ref: awscc/v00.00.00000/services/redshiftserverless.yaml + title: redshiftserverless + version: v00.00.00000 + description: redshiftserverless + refactorspaces: + id: refactorspaces:v00.00.00000 + name: refactorspaces + preferred: true + service: + $ref: awscc/v00.00.00000/services/refactorspaces.yaml + title: refactorspaces + version: v00.00.00000 + description: refactorspaces + rekognition: + id: rekognition:v00.00.00000 + name: rekognition + preferred: true + service: + $ref: awscc/v00.00.00000/services/rekognition.yaml + title: rekognition + version: v00.00.00000 + description: rekognition + resiliencehub: + id: resiliencehub:v00.00.00000 + name: resiliencehub + preferred: true + service: + $ref: awscc/v00.00.00000/services/resiliencehub.yaml + title: resiliencehub + version: v00.00.00000 + description: resiliencehub + resourceexplorer2: + id: resourceexplorer2:v00.00.00000 + name: resourceexplorer2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/resourceexplorer2.yaml + title: resourceexplorer2 + version: v00.00.00000 + description: resourceexplorer2 + resourcegroups: + id: resourcegroups:v00.00.00000 + name: resourcegroups + preferred: true + service: + $ref: awscc/v00.00.00000/services/resourcegroups.yaml + title: resourcegroups + version: v00.00.00000 + description: resourcegroups + robomaker: + id: robomaker:v00.00.00000 + name: robomaker + preferred: true + service: + $ref: awscc/v00.00.00000/services/robomaker.yaml + title: robomaker + version: v00.00.00000 + description: robomaker + rolesanywhere: + id: rolesanywhere:v00.00.00000 + name: rolesanywhere + preferred: true + service: + $ref: awscc/v00.00.00000/services/rolesanywhere.yaml + title: rolesanywhere + version: v00.00.00000 + description: rolesanywhere + route53: + id: route53:v00.00.00000 + name: route53 + preferred: true + service: + $ref: awscc/v00.00.00000/services/route53.yaml + title: route53 + version: v00.00.00000 + description: route53 + route53recoverycontrol: + id: route53recoverycontrol:v00.00.00000 + name: route53recoverycontrol + preferred: true + service: + $ref: awscc/v00.00.00000/services/route53recoverycontrol.yaml + title: route53recoverycontrol + version: v00.00.00000 + description: route53recoverycontrol + route53recoveryreadiness: + id: route53recoveryreadiness:v00.00.00000 + name: route53recoveryreadiness + preferred: true + service: + $ref: awscc/v00.00.00000/services/route53recoveryreadiness.yaml + title: route53recoveryreadiness + version: v00.00.00000 + description: route53recoveryreadiness + route53resolver: + id: route53resolver:v00.00.00000 + name: route53resolver + preferred: true + service: + $ref: awscc/v00.00.00000/services/route53resolver.yaml + title: route53resolver + version: v00.00.00000 + description: route53resolver + rum: + id: rum:v00.00.00000 + name: rum + preferred: true + service: + $ref: awscc/v00.00.00000/services/rum.yaml + title: rum + version: v00.00.00000 + description: rum + s3: + id: s3:v00.00.00000 + name: s3 + preferred: true + service: + $ref: awscc/v00.00.00000/services/s3.yaml + title: s3 + version: v00.00.00000 + description: s3 + s3express: + id: s3express:v00.00.00000 + name: s3express + preferred: true + service: + $ref: awscc/v00.00.00000/services/s3express.yaml + title: s3express + version: v00.00.00000 + description: s3express + s3objectlambda: + id: s3objectlambda:v00.00.00000 + name: s3objectlambda + preferred: true + service: + $ref: awscc/v00.00.00000/services/s3objectlambda.yaml + title: s3objectlambda + version: v00.00.00000 + description: s3objectlambda + s3outposts: + id: s3outposts:v00.00.00000 + name: s3outposts + preferred: true + service: + $ref: awscc/v00.00.00000/services/s3outposts.yaml + title: s3outposts + version: v00.00.00000 + description: s3outposts + sagemaker: + id: sagemaker:v00.00.00000 + name: sagemaker + preferred: true + service: + $ref: awscc/v00.00.00000/services/sagemaker.yaml + title: sagemaker + version: v00.00.00000 + description: sagemaker + scheduler: + id: scheduler:v00.00.00000 + name: scheduler + preferred: true + service: + $ref: awscc/v00.00.00000/services/scheduler.yaml + title: scheduler + version: v00.00.00000 + description: scheduler + secretsmanager: + id: secretsmanager:v00.00.00000 + name: secretsmanager + preferred: true + service: + $ref: awscc/v00.00.00000/services/secretsmanager.yaml + title: secretsmanager + version: v00.00.00000 + description: secretsmanager + securityhub: + id: securityhub:v00.00.00000 + name: securityhub + preferred: true + service: + $ref: awscc/v00.00.00000/services/securityhub.yaml + title: securityhub + version: v00.00.00000 + description: securityhub + servicecatalog: + id: servicecatalog:v00.00.00000 + name: servicecatalog + preferred: true + service: + $ref: awscc/v00.00.00000/services/servicecatalog.yaml + title: servicecatalog + version: v00.00.00000 + description: servicecatalog + servicecatalogappregistry: + id: servicecatalogappregistry:v00.00.00000 + name: servicecatalogappregistry + preferred: true + service: + $ref: awscc/v00.00.00000/services/servicecatalogappregistry.yaml + title: servicecatalogappregistry + version: v00.00.00000 + description: servicecatalogappregistry + ses: + id: ses:v00.00.00000 + name: ses + preferred: true + service: + $ref: awscc/v00.00.00000/services/ses.yaml + title: ses + version: v00.00.00000 + description: ses + shield: + id: shield:v00.00.00000 + name: shield + preferred: true + service: + $ref: awscc/v00.00.00000/services/shield.yaml + title: shield + version: v00.00.00000 + description: shield + signer: + id: signer:v00.00.00000 + name: signer + preferred: true + service: + $ref: awscc/v00.00.00000/services/signer.yaml + title: signer + version: v00.00.00000 + description: signer + simspaceweaver: + id: simspaceweaver:v00.00.00000 + name: simspaceweaver + preferred: true + service: + $ref: awscc/v00.00.00000/services/simspaceweaver.yaml + title: simspaceweaver + version: v00.00.00000 + description: simspaceweaver + sns: + id: sns:v00.00.00000 + name: sns + preferred: true + service: + $ref: awscc/v00.00.00000/services/sns.yaml + title: sns + version: v00.00.00000 + description: sns + sqs: + id: sqs:v00.00.00000 + name: sqs + preferred: true + service: + $ref: awscc/v00.00.00000/services/sqs.yaml + title: sqs + version: v00.00.00000 + description: sqs + ssm: + id: ssm:v00.00.00000 + name: ssm + preferred: true + service: + $ref: awscc/v00.00.00000/services/ssm.yaml + title: ssm + version: v00.00.00000 + description: ssm + ssmcontacts: + id: ssmcontacts:v00.00.00000 + name: ssmcontacts + preferred: true + service: + $ref: awscc/v00.00.00000/services/ssmcontacts.yaml + title: ssmcontacts + version: v00.00.00000 + description: ssmcontacts + ssmincidents: + id: ssmincidents:v00.00.00000 + name: ssmincidents + preferred: true + service: + $ref: awscc/v00.00.00000/services/ssmincidents.yaml + title: ssmincidents + version: v00.00.00000 + description: ssmincidents + sso: + id: sso:v00.00.00000 + name: sso + preferred: true + service: + $ref: awscc/v00.00.00000/services/sso.yaml + title: sso + version: v00.00.00000 + description: sso + stepfunctions: + id: stepfunctions:v00.00.00000 + name: stepfunctions + preferred: true + service: + $ref: awscc/v00.00.00000/services/stepfunctions.yaml + title: stepfunctions + version: v00.00.00000 + description: stepfunctions + supportapp: + id: supportapp:v00.00.00000 + name: supportapp + preferred: true + service: + $ref: awscc/v00.00.00000/services/supportapp.yaml + title: supportapp + version: v00.00.00000 + description: supportapp + synthetics: + id: synthetics:v00.00.00000 + name: synthetics + preferred: true + service: + $ref: awscc/v00.00.00000/services/synthetics.yaml + title: synthetics + version: v00.00.00000 + description: synthetics + systemsmanagersap: + id: systemsmanagersap:v00.00.00000 + name: systemsmanagersap + preferred: true + service: + $ref: awscc/v00.00.00000/services/systemsmanagersap.yaml + title: systemsmanagersap + version: v00.00.00000 + description: systemsmanagersap + timestream: + id: timestream:v00.00.00000 + name: timestream + preferred: true + service: + $ref: awscc/v00.00.00000/services/timestream.yaml + title: timestream + version: v00.00.00000 + description: timestream + transfer: + id: transfer:v00.00.00000 + name: transfer + preferred: true + service: + $ref: awscc/v00.00.00000/services/transfer.yaml + title: transfer + version: v00.00.00000 + description: transfer + verifiedpermissions: + id: verifiedpermissions:v00.00.00000 + name: verifiedpermissions + preferred: true + service: + $ref: awscc/v00.00.00000/services/verifiedpermissions.yaml + title: verifiedpermissions + version: v00.00.00000 + description: verifiedpermissions + voiceid: + id: voiceid:v00.00.00000 + name: voiceid + preferred: true + service: + $ref: awscc/v00.00.00000/services/voiceid.yaml + title: voiceid + version: v00.00.00000 + description: voiceid + vpclattice: + id: vpclattice:v00.00.00000 + name: vpclattice + preferred: true + service: + $ref: awscc/v00.00.00000/services/vpclattice.yaml + title: vpclattice + version: v00.00.00000 + description: vpclattice + wafv2: + id: wafv2:v00.00.00000 + name: wafv2 + preferred: true + service: + $ref: awscc/v00.00.00000/services/wafv2.yaml + title: wafv2 + version: v00.00.00000 + description: wafv2 + wisdom: + id: wisdom:v00.00.00000 + name: wisdom + preferred: true + service: + $ref: awscc/v00.00.00000/services/wisdom.yaml + title: wisdom + version: v00.00.00000 + description: wisdom + workspaces: + id: workspaces:v00.00.00000 + name: workspaces + preferred: true + service: + $ref: awscc/v00.00.00000/services/workspaces.yaml + title: workspaces + version: v00.00.00000 + description: workspaces + workspacesthinclient: + id: workspacesthinclient:v00.00.00000 + name: workspacesthinclient + preferred: true + service: + $ref: awscc/v00.00.00000/services/workspacesthinclient.yaml + title: workspacesthinclient + version: v00.00.00000 + description: workspacesthinclient + workspacesweb: + id: workspacesweb:v00.00.00000 + name: workspacesweb + preferred: true + service: + $ref: awscc/v00.00.00000/services/workspacesweb.yaml + title: workspacesweb + version: v00.00.00000 + description: workspacesweb + xray: + id: xray:v00.00.00000 + name: xray + preferred: true + service: + $ref: awscc/v00.00.00000/services/xray.yaml + title: xray + version: v00.00.00000 + description: xray + cloud_control: + id: cloud_control:v00.00.00000 + name: cloud_control + preferred: true + service: + $ref: awscc/v00.00.00000/services/cloud_control.yaml + title: cloud_control + version: v00.00.00000 + description: cloud_control +config: + auth: + type: aws_signing_v4 + credentialsenvvar: AWS_SECRET_ACCESS_KEY + keyIDenvvar: AWS_ACCESS_KEY_ID + \ No newline at end of file diff --git a/providers/src/awscc/v00.00.00000/services/accessanalyzer.yaml b/providers/src/awscc/v00.00.00000/services/accessanalyzer.yaml new file mode 100644 index 00000000..dff4ffdd --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/accessanalyzer.yaml @@ -0,0 +1,211 @@ +openapi: 3.0.0 +info: + title: AccessAnalyzer + version: 1.0.0 +paths: {} +components: + schemas: + ArchiveRule: + description: An Access Analyzer archive rule. Archive rules automatically archive new findings that meet the criteria you define when you create the rule. + type: object + properties: + Filter: + type: array + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/Filter' + RuleName: + type: string + description: The archive rule name + required: + - Filter + - RuleName + additionalProperties: false + Filter: + type: object + properties: + Contains: + type: array + x-insertionOrder: false + items: + type: string + Eq: + type: array + x-insertionOrder: false + items: + type: string + Exists: + type: boolean + Property: + type: string + Neq: + type: array + x-insertionOrder: false + items: + type: string + required: + - Property + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 127 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 255 + required: + - Key + - Value + additionalProperties: false + UnusedAccessConfiguration: + description: The Configuration for Unused Access Analyzer + type: object + properties: + UnusedAccessAge: + description: The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 180 days. + type: integer + minimum: 1 + maximum: 180 + additionalProperties: false + Analyzer: + type: object + properties: + AnalyzerName: + description: Analyzer name + type: string + minLength: 1 + maxLength: 1024 + ArchiveRules: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ArchiveRule' + Arn: + description: Amazon Resource Name (ARN) of the analyzer + type: string + minLength: 1 + maxLength: 1600 + Tags: + type: array + maxItems: 50 + x-insertionOrder: false + uniqueItems: true + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + Type: + description: The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS + type: string + minLength: 0 + maxLength: 1024 + AnalyzerConfiguration: + description: The configuration for the analyzer + type: object + properties: + UnusedAccessConfiguration: + $ref: '#/components/schemas/UnusedAccessConfiguration' + additionalProperties: false + required: + - Type + x-stackql-resource-name: analyzer + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - AnalyzerName + - Type + - AnalyzerConfiguration + x-read-only-properties: + - Arn + x-required-permissions: + create: + - access-analyzer:CreateAnalyzer + - access-analyzer:TagResource + - iam:CreateServiceLinkedRole + - organizations:ListAWSServiceAccessForOrganization + - organizations:ListDelegatedAdministrators + read: + - access-analyzer:ListAnalyzers + - access-analyzer:GetAnalyzer + - access-analyzer:ListArchiveRules + update: + - access-analyzer:CreateArchiveRule + - access-analyzer:DeleteArchiveRule + - access-analyzer:ListAnalyzers + - access-analyzer:TagResource + - access-analyzer:UntagResource + - access-analyzer:UpdateArchiveRule + delete: + - access-analyzer:DeleteAnalyzer + list: + - access-analyzer:ListAnalyzers + x-stackQL-resources: + analyzers: + name: analyzers + id: awscc.accessanalyzer.analyzers + x-cfn-schema-name: Analyzer + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' + AND region = 'us-east-1' + analyzer: + name: analyzer + id: awscc.accessanalyzer.analyzer + x-cfn-schema-name: Analyzer + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AnalyzerName') as analyzer_name, + JSON_EXTRACT(Properties, '$.ArchiveRules') as archive_rules, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.AnalyzerConfiguration') as analyzer_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AnalyzerName') as analyzer_name, + json_extract_path_text(Properties, 'ArchiveRules') as archive_rules, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'AnalyzerConfiguration') as analyzer_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/acmpca.yaml b/providers/src/awscc/v00.00.00000/services/acmpca.yaml new file mode 100644 index 00000000..04e7a34d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/acmpca.yaml @@ -0,0 +1,871 @@ +openapi: 3.0.0 +info: + title: ACMPCA + version: 1.0.0 +paths: {} +components: + schemas: + ApiPassthrough: + description: |- + Contains X.509 certificate information to be placed in an issued certificate. An ``APIPassthrough`` or ``APICSRPassthrough`` template variant must be selected, or else this parameter is ignored. + If conflicting or duplicate certificate information is supplied from other sources, AWS Private CA applies [order of operation rules](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#template-order-of-operations) to determine what information is used. + type: object + additionalProperties: false + properties: + Extensions: + $ref: '#/components/schemas/Extensions' + description: Specifies X.509 extension information for a certificate. + Subject: + $ref: '#/components/schemas/Subject' + description: Contains information about the certificate subject. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. + Arn: + type: string + CertificatePolicyList: + type: array + items: + $ref: '#/components/schemas/PolicyInformation' + ExtendedKeyUsage: + description: Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the ``KeyUsage`` extension. + type: object + additionalProperties: false + properties: + ExtendedKeyUsageType: + type: string + description: Specifies a standard ``ExtendedKeyUsage`` as defined as in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). + ExtendedKeyUsageObjectIdentifier: + $ref: '#/components/schemas/CustomObjectIdentifier' + description: Specifies a custom ``ExtendedKeyUsage`` with an object identifier (OID). + ExtendedKeyUsageList: + type: array + items: + $ref: '#/components/schemas/ExtendedKeyUsage' + Extensions: + description: Contains X.509 extension information for a certificate. + type: object + additionalProperties: false + properties: + CertificatePolicies: + $ref: '#/components/schemas/CertificatePolicyList' + description: |- + Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier). + In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate. + ExtendedKeyUsage: + $ref: '#/components/schemas/ExtendedKeyUsageList' + description: Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the ``KeyUsage`` extension. + KeyUsage: + $ref: '#/components/schemas/KeyUsage' + description: Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false. + SubjectAlternativeNames: + $ref: '#/components/schemas/GeneralNameList' + description: The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate. + CustomExtensions: + $ref: '#/components/schemas/CustomExtensionList' + description: Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29) + CustomExtensionList: + description: Array of X.509 extensions for a certificate. + type: array + items: + $ref: '#/components/schemas/CustomExtension' + CustomExtension: + description: |- + Specifies the X.509 extension information for a certificate. + Extensions present in ``CustomExtensions`` follow the ``ApiPassthrough`` [template rules](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#template-order-of-operations). + type: object + additionalProperties: false + properties: + Critical: + type: boolean + description: Specifies the critical flag of the X.509 extension. + ObjectIdentifier: + $ref: '#/components/schemas/CustomObjectIdentifier' + description: Specifies the object identifier (OID) of the X.509 extension. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29) + Value: + type: string + description: Specifies the base64-encoded value of the X.509 extension. + required: + - ObjectIdentifier + - Value + GeneralNameList: + type: array + items: + $ref: '#/components/schemas/GeneralName' + GeneralName: + description: Structure that contains X.509 GeneralName information. Assign one and ONLY one field. + type: object + additionalProperties: false + properties: + OtherName: + $ref: '#/components/schemas/OtherName' + Rfc822Name: + $ref: '#/components/schemas/Rfc822Name' + DnsName: + $ref: '#/components/schemas/DnsName' + DirectoryName: + $ref: '#/components/schemas/Subject' + EdiPartyName: + $ref: '#/components/schemas/EdiPartyName' + UniformResourceIdentifier: + $ref: '#/components/schemas/UniformResourceIdentifier' + IpAddress: + $ref: '#/components/schemas/IpAddress' + RegisteredId: + $ref: '#/components/schemas/CustomObjectIdentifier' + KeyUsage: + description: Structure that contains X.509 KeyUsage information. + type: object + additionalProperties: false + properties: + DigitalSignature: + type: boolean + default: false + NonRepudiation: + type: boolean + default: false + KeyEncipherment: + type: boolean + default: false + DataEncipherment: + type: boolean + default: false + KeyAgreement: + type: boolean + default: false + KeyCertSign: + type: boolean + default: false + CRLSign: + type: boolean + default: false + EncipherOnly: + type: boolean + default: false + DecipherOnly: + type: boolean + default: false + PolicyInformation: + description: Defines the X.509 ``CertificatePolicies`` extension. + type: object + additionalProperties: false + properties: + CertPolicyId: + $ref: '#/components/schemas/CustomObjectIdentifier' + description: Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier). + PolicyQualifiers: + $ref: '#/components/schemas/PolicyQualifierInfoList' + description: Modifies the given ``CertPolicyId`` with a qualifier. AWS Private CA supports the certification practice statement (CPS) qualifier. + required: + - CertPolicyId + PolicyQualifierInfo: + description: Modifies the ``CertPolicyId`` of a ``PolicyInformation`` object with a qualifier. AWS Private CA supports the certification practice statement (CPS) qualifier. + type: object + additionalProperties: false + properties: + PolicyQualifierId: + type: string + description: Identifies the qualifier modifying a ``CertPolicyId``. + Qualifier: + $ref: '#/components/schemas/Qualifier' + description: Defines the qualifier type. AWS Private CA supports the use of a URI for a CPS qualifier in this field. + required: + - PolicyQualifierId + - Qualifier + PolicyQualifierInfoList: + type: array + items: + $ref: '#/components/schemas/PolicyQualifierInfo' + Qualifier: + description: Defines a ``PolicyInformation`` qualifier. AWS Private CA supports the [certification practice statement (CPS) qualifier](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4) defined in RFC 5280. + type: object + additionalProperties: false + properties: + CpsUri: + type: string + description: Contains a pointer to a certification practice statement (CPS) published by the CA. + required: + - CpsUri + Subject: + description: Structure that contains X.500 distinguished name information for your CA. + type: object + additionalProperties: false + properties: + Country: + type: string + Organization: + type: string + OrganizationalUnit: + type: string + DistinguishedNameQualifier: + type: string + State: + type: string + CommonName: + type: string + SerialNumber: + type: string + Locality: + type: string + Title: + type: string + Surname: + type: string + GivenName: + type: string + Initials: + type: string + Pseudonym: + type: string + GenerationQualifier: + type: string + CustomAttributes: + $ref: '#/components/schemas/CustomAttributeList' + CustomAttributeList: + description: Array of X.500 attribute type and value. CustomAttributes cannot be used along with pre-defined attributes. + type: array + items: + $ref: '#/components/schemas/CustomAttribute' + CustomAttribute: + description: Structure that contains X.500 attribute type and value. + type: object + additionalProperties: false + properties: + ObjectIdentifier: + $ref: '#/components/schemas/CustomObjectIdentifier' + Value: + type: string + required: + - ObjectIdentifier + - Value + Validity: + description: Length of time for which the certificate issued by your private certificate authority (CA), or by the private CA itself, is valid in days, months, or years. You can issue a certificate by calling the ``IssueCertificate`` operation. + type: object + additionalProperties: false + properties: + Value: + type: number + description: A long integer interpreted according to the value of ``Type``, below. + Type: + type: string + description: Specifies whether the ``Value`` parameter represents days, months, or years. + required: + - Value + - Type + CustomObjectIdentifier: + description: String that contains X.509 ObjectIdentifier information. + type: string + OtherName: + description: Structure that contains X.509 OtherName information. + type: object + additionalProperties: false + properties: + TypeId: + $ref: '#/components/schemas/CustomObjectIdentifier' + Value: + type: string + required: + - TypeId + - Value + Rfc822Name: + description: String that contains X.509 Rfc822Name information. + type: string + DnsName: + description: String that contains X.509 DnsName information. + type: string + EdiPartyName: + description: Structure that contains X.509 EdiPartyName information. + type: object + additionalProperties: false + properties: + PartyName: + type: string + NameAssigner: + type: string + required: + - PartyName + - NameAssigner + UniformResourceIdentifier: + description: String that contains X.509 UniformResourceIdentifier information. + type: string + IpAddress: + description: String that contains X.509 IpAddress information. + type: string + Certificate: + type: object + properties: + ApiPassthrough: + description: Specifies X.509 certificate information to be included in the issued certificate. An ``APIPassthrough`` or ``APICSRPassthrough`` template variant must be selected, or else this parameter is ignored. + $ref: '#/components/schemas/ApiPassthrough' + CertificateAuthorityArn: + description: The Amazon Resource Name (ARN) for the private CA issues the certificate. + $ref: '#/components/schemas/Arn' + CertificateSigningRequest: + description: The certificate signing request (CSR) for the certificate. + type: string + minLength: 1 + SigningAlgorithm: + description: |- + The name of the algorithm that will be used to sign the certificate to be issued. + This parameter should not be confused with the ``SigningAlgorithm`` parameter used to sign a CSR in the ``CreateCertificateAuthority`` action. + The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. + type: string + TemplateArn: + description: Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, PCAshort defaults to the ``EndEntityCertificate/V1`` template. For more information about PCAshort templates, see [Using Templates](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html). + $ref: '#/components/schemas/Arn' + Validity: + description: The period of time during which the certificate will be valid. + $ref: '#/components/schemas/Validity' + ValidityNotBefore: + description: |- + Information describing the start of the validity period of the certificate. This parameter sets the “Not Before" date for the certificate. + By default, when issuing a certificate, PCAshort sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ``ValidityNotBefore`` parameter can be used to customize the “Not Before” value. + Unlike the ``Validity`` parameter, the ``ValidityNotBefore`` parameter is optional. + The ``ValidityNotBefore`` value is expressed as an explicit date and time, using the ``Validity`` type value ``ABSOLUTE``. + $ref: '#/components/schemas/Validity' + Certificate: + description: '' + type: string + Arn: + description: '' + $ref: '#/components/schemas/Arn' + required: + - CertificateAuthorityArn + - CertificateSigningRequest + - SigningAlgorithm + - Validity + x-stackql-resource-name: certificate + x-stackql-primaryIdentifier: + - Arn + - CertificateAuthorityArn + x-create-only-properties: + - ApiPassthrough + - CertificateAuthorityArn + - CertificateSigningRequest + - SigningAlgorithm + - TemplateArn + - Validity + - ValidityNotBefore + x-read-only-properties: + - Arn + - Certificate + x-required-permissions: + create: + - acm-pca:IssueCertificate + - acm-pca:GetCertificate + read: + - acm-pca:GetCertificate + delete: + - acm-pca:GetCertificate + update: [] + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + CrlDistributionPointExtensionConfiguration: + description: Configures the default behavior of the CRL Distribution Point extension for certificates issued by your certificate authority + type: object + additionalProperties: false + properties: + OmitExtension: + type: boolean + required: + - OmitExtension + CrlConfiguration: + description: Your certificate authority can create and maintain a certificate revocation list (CRL). A CRL contains information about certificates that have been revoked. + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + ExpirationInDays: + type: integer + CustomCname: + type: string + S3BucketName: + type: string + S3ObjectAcl: + type: string + CrlDistributionPointExtensionConfiguration: + $ref: '#/components/schemas/CrlDistributionPointExtensionConfiguration' + OcspConfiguration: + description: Helps to configure online certificate status protocol (OCSP) responder for your certificate authority + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + OcspCustomCname: + type: string + RevocationConfiguration: + description: Certificate Authority revocation information. + type: object + additionalProperties: false + properties: + CrlConfiguration: + $ref: '#/components/schemas/CrlConfiguration' + OcspConfiguration: + $ref: '#/components/schemas/OcspConfiguration' + AccessMethodType: + description: Pre-defined enum string for X.509 AccessMethod ObjectIdentifiers. + type: string + AccessMethod: + description: Structure that contains X.509 AccessMethod information. Assign one and ONLY one field. + type: object + additionalProperties: false + properties: + CustomObjectIdentifier: + $ref: '#/components/schemas/CustomObjectIdentifier' + AccessMethodType: + $ref: '#/components/schemas/AccessMethodType' + AccessDescription: + description: Structure that contains X.509 AccessDescription information. + type: object + additionalProperties: false + properties: + AccessMethod: + $ref: '#/components/schemas/AccessMethod' + AccessLocation: + $ref: '#/components/schemas/GeneralName' + required: + - AccessMethod + - AccessLocation + SubjectInformationAccess: + description: Array of X.509 AccessDescription. + type: array + items: + $ref: '#/components/schemas/AccessDescription' + CsrExtensions: + description: Structure that contains CSR pass though extensions information. + type: object + additionalProperties: false + properties: + KeyUsage: + $ref: '#/components/schemas/KeyUsage' + SubjectInformationAccess: + $ref: '#/components/schemas/SubjectInformationAccess' + CertificateAuthority: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the certificate authority. + $ref: '#/components/schemas/Arn' + Type: + description: The type of the certificate authority. + type: string + KeyAlgorithm: + description: Public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. + type: string + SigningAlgorithm: + description: Algorithm your CA uses to sign certificate requests. + type: string + Subject: + description: Structure that contains X.500 distinguished name information for your CA. + $ref: '#/components/schemas/Subject' + RevocationConfiguration: + description: Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. + $ref: '#/components/schemas/RevocationConfiguration' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + CertificateSigningRequest: + description: The base64 PEM-encoded certificate signing request (CSR) for your certificate authority certificate. + type: string + CsrExtensions: + description: Structure that contains CSR pass through extension information used by the CreateCertificateAuthority action. + $ref: '#/components/schemas/CsrExtensions' + KeyStorageSecurityStandard: + description: KeyStorageSecurityStadard defines a cryptographic key management compliance standard used for handling CA keys. + type: string + UsageMode: + description: Usage mode of the ceritificate authority. + type: string + required: + - Type + - KeyAlgorithm + - SigningAlgorithm + - Subject + x-stackql-resource-name: certificate_authority + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Type + - KeyAlgorithm + - SigningAlgorithm + - Subject + - CsrExtensions + - KeyStorageSecurityStandard + - UsageMode + x-read-only-properties: + - Arn + - CertificateSigningRequest + x-required-permissions: + create: + - acm-pca:CreateCertificateAuthority + - acm-pca:DescribeCertificateAuthority + - acm-pca:GetCertificateAuthorityCsr + read: + - acm-pca:DescribeCertificateAuthority + - acm-pca:GetCertificateAuthorityCsr + - acm-pca:ListTags + update: + - acm-pca:ListTags + - acm-pca:TagCertificateAuthority + - acm-pca:UntagCertificateAuthority + - acm-pca:UpdateCertificateAuthority + delete: + - acm-pca:DeleteCertificateAuthority + - acm-pca:DescribeCertificateAuthority + list: + - acm-pca:DescribeCertificateAuthority + - acm-pca:GetCertificateAuthorityCsr + - acm-pca:ListCertificateAuthorities + - acm-pca:ListTags + CertificateAuthorityActivation: + type: object + properties: + CertificateAuthorityArn: + description: Arn of the Certificate Authority. + type: string + Certificate: + description: Certificate Authority certificate that will be installed in the Certificate Authority. + type: string + CertificateChain: + description: Certificate chain for the Certificate Authority certificate. + type: string + Status: + description: The status of the Certificate Authority. + type: string + CompleteCertificateChain: + description: The complete certificate chain, including the Certificate Authority certificate. + type: string + required: + - CertificateAuthorityArn + - Certificate + x-stackql-resource-name: certificate_authority_activation + x-stackql-primaryIdentifier: + - CertificateAuthorityArn + x-create-only-properties: + - CertificateAuthorityArn + x-read-only-properties: + - CompleteCertificateChain + x-required-permissions: + create: + - acm-pca:ImportCertificateAuthorityCertificate + - acm-pca:UpdateCertificateAuthority + read: + - acm-pca:GetCertificateAuthorityCertificate + - acm-pca:DescribeCertificateAuthority + delete: + - acm-pca:UpdateCertificateAuthority + update: + - acm-pca:ImportCertificateAuthorityCertificate + - acm-pca:UpdateCertificateAuthority + Permission: + type: object + properties: + Actions: + description: The actions that the specified AWS service principal can use. Actions IssueCertificate, GetCertificate and ListPermissions must be provided. + type: array + x-insertionOrder: false + items: + type: string + CertificateAuthorityArn: + description: The Amazon Resource Name (ARN) of the Private Certificate Authority that grants the permission. + type: string + Principal: + description: The AWS service or identity that receives the permission. At this time, the only valid principal is acm.amazonaws.com. + type: string + SourceAccount: + description: The ID of the calling account. + type: string + required: + - Actions + - CertificateAuthorityArn + - Principal + x-stackql-resource-name: permission + x-stackql-primaryIdentifier: + - CertificateAuthorityArn + - Principal + x-create-only-properties: + - Actions + - CertificateAuthorityArn + - Principal + - SourceAccount + x-required-permissions: + create: + - acm-pca:CreatePermission + - acm-pca:ListPermissions + read: + - acm-pca:ListPermissions + delete: + - acm-pca:DeletePermission + x-stackQL-resources: + certificates: + name: certificates + id: awscc.acmpca.certificates + x-cfn-schema-name: Certificate + x-type: list + x-identifiers: + - Arn + - CertificateAuthorityArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CertificateAuthorityArn') as certificate_authority_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::Certificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CertificateAuthorityArn') as certificate_authority_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::Certificate' + AND region = 'us-east-1' + certificate: + name: certificate + id: awscc.acmpca.certificate + x-cfn-schema-name: Certificate + x-type: get + x-identifiers: + - Arn + - CertificateAuthorityArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiPassthrough') as api_passthrough, + JSON_EXTRACT(Properties, '$.CertificateAuthorityArn') as certificate_authority_arn, + JSON_EXTRACT(Properties, '$.CertificateSigningRequest') as certificate_signing_request, + JSON_EXTRACT(Properties, '$.SigningAlgorithm') as signing_algorithm, + JSON_EXTRACT(Properties, '$.TemplateArn') as template_arn, + JSON_EXTRACT(Properties, '$.Validity') as validity, + JSON_EXTRACT(Properties, '$.ValidityNotBefore') as validity_not_before, + JSON_EXTRACT(Properties, '$.Certificate') as certificate, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiPassthrough') as api_passthrough, + json_extract_path_text(Properties, 'CertificateAuthorityArn') as certificate_authority_arn, + json_extract_path_text(Properties, 'CertificateSigningRequest') as certificate_signing_request, + json_extract_path_text(Properties, 'SigningAlgorithm') as signing_algorithm, + json_extract_path_text(Properties, 'TemplateArn') as template_arn, + json_extract_path_text(Properties, 'Validity') as validity, + json_extract_path_text(Properties, 'ValidityNotBefore') as validity_not_before, + json_extract_path_text(Properties, 'Certificate') as certificate, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + certificate_authorities: + name: certificate_authorities + id: awscc.acmpca.certificate_authorities + x-cfn-schema-name: CertificateAuthority + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthority' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthority' + AND region = 'us-east-1' + certificate_authority: + name: certificate_authority + id: awscc.acmpca.certificate_authority + x-cfn-schema-name: CertificateAuthority + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.KeyAlgorithm') as key_algorithm, + JSON_EXTRACT(Properties, '$.SigningAlgorithm') as signing_algorithm, + JSON_EXTRACT(Properties, '$.Subject') as subject, + JSON_EXTRACT(Properties, '$.RevocationConfiguration') as revocation_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CertificateSigningRequest') as certificate_signing_request, + JSON_EXTRACT(Properties, '$.CsrExtensions') as csr_extensions, + JSON_EXTRACT(Properties, '$.KeyStorageSecurityStandard') as key_storage_security_standard, + JSON_EXTRACT(Properties, '$.UsageMode') as usage_mode + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthority' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'KeyAlgorithm') as key_algorithm, + json_extract_path_text(Properties, 'SigningAlgorithm') as signing_algorithm, + json_extract_path_text(Properties, 'Subject') as subject, + json_extract_path_text(Properties, 'RevocationConfiguration') as revocation_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CertificateSigningRequest') as certificate_signing_request, + json_extract_path_text(Properties, 'CsrExtensions') as csr_extensions, + json_extract_path_text(Properties, 'KeyStorageSecurityStandard') as key_storage_security_standard, + json_extract_path_text(Properties, 'UsageMode') as usage_mode + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthority' + AND data__Identifier = '' + AND region = 'us-east-1' + certificate_authority_activations: + name: certificate_authority_activations + id: awscc.acmpca.certificate_authority_activations + x-cfn-schema-name: CertificateAuthorityActivation + x-type: list + x-identifiers: + - CertificateAuthorityArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateAuthorityArn') as certificate_authority_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthorityActivation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateAuthorityArn') as certificate_authority_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthorityActivation' + AND region = 'us-east-1' + certificate_authority_activation: + name: certificate_authority_activation + id: awscc.acmpca.certificate_authority_activation + x-cfn-schema-name: CertificateAuthorityActivation + x-type: get + x-identifiers: + - CertificateAuthorityArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateAuthorityArn') as certificate_authority_arn, + JSON_EXTRACT(Properties, '$.Certificate') as certificate, + JSON_EXTRACT(Properties, '$.CertificateChain') as certificate_chain, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.CompleteCertificateChain') as complete_certificate_chain + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthorityActivation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateAuthorityArn') as certificate_authority_arn, + json_extract_path_text(Properties, 'Certificate') as certificate, + json_extract_path_text(Properties, 'CertificateChain') as certificate_chain, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'CompleteCertificateChain') as complete_certificate_chain + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::CertificateAuthorityActivation' + AND data__Identifier = '' + AND region = 'us-east-1' + permissions: + name: permissions + id: awscc.acmpca.permissions + x-cfn-schema-name: Permission + x-type: list + x-identifiers: + - CertificateAuthorityArn + - Principal + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateAuthorityArn') as certificate_authority_arn, + JSON_EXTRACT(Properties, '$.Principal') as principal + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::Permission' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateAuthorityArn') as certificate_authority_arn, + json_extract_path_text(Properties, 'Principal') as principal + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ACMPCA::Permission' + AND region = 'us-east-1' + permission: + name: permission + id: awscc.acmpca.permission + x-cfn-schema-name: Permission + x-type: get + x-identifiers: + - CertificateAuthorityArn + - Principal + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.CertificateAuthorityArn') as certificate_authority_arn, + JSON_EXTRACT(Properties, '$.Principal') as principal, + JSON_EXTRACT(Properties, '$.SourceAccount') as source_account + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::Permission' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'CertificateAuthorityArn') as certificate_authority_arn, + json_extract_path_text(Properties, 'Principal') as principal, + json_extract_path_text(Properties, 'SourceAccount') as source_account + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ACMPCA::Permission' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/amplify.yaml b/providers/src/awscc/v00.00.00000/services/amplify.yaml new file mode 100644 index 00000000..729a59d6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/amplify.yaml @@ -0,0 +1,780 @@ +openapi: 3.0.0 +info: + title: Amplify + version: 1.0.0 +paths: {} +components: + schemas: + AutoBranchCreationConfig: + type: object + additionalProperties: false + properties: + AutoBranchCreationPatterns: + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 2048 + BasicAuthConfig: + $ref: '#/components/schemas/BasicAuthConfig' + BuildSpec: + type: string + minLength: 1 + maxLength: 25000 + EnableAutoBranchCreation: + type: boolean + EnableAutoBuild: + type: boolean + EnablePerformanceMode: + type: boolean + EnablePullRequestPreview: + type: boolean + EnvironmentVariables: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/EnvironmentVariable' + Framework: + type: string + maxLength: 255 + pattern: (?s).* + PullRequestEnvironmentName: + type: string + maxLength: 20 + pattern: (?s).* + Stage: + type: string + enum: + - EXPERIMENTAL + - BETA + - PULL_REQUEST + - PRODUCTION + - DEVELOPMENT + BasicAuthConfig: + type: object + additionalProperties: false + properties: + EnableBasicAuth: + type: boolean + Username: + type: string + minLength: 1 + maxLength: 255 + Password: + type: string + minLength: 1 + maxLength: 255 + required: + - Username + - Password + CustomRule: + type: object + additionalProperties: false + properties: + Condition: + type: string + minLength: 0 + maxLength: 2048 + pattern: (?s).* + Status: + type: string + minLength: 3 + maxLength: 7 + pattern: .{3,7} + Target: + type: string + minLength: 1 + maxLength: 2048 + pattern: (?s).+ + Source: + type: string + minLength: 1 + maxLength: 2048 + pattern: (?s).+ + required: + - Target + - Source + EnvironmentVariable: + type: object + additionalProperties: false + properties: + Name: + type: string + maxLength: 255 + pattern: (?s).* + Value: + type: string + maxLength: 5500 + pattern: (?s).* + required: + - Name + - Value + Tag: + type: object + additionalProperties: false + x-insertionOrder: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + Value: + type: string + minLength: 0 + maxLength: 256 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + required: + - Key + - Value + App: + type: object + properties: + AccessToken: + type: string + minLength: 1 + maxLength: 255 + AppId: + type: string + minLength: 1 + maxLength: 20 + pattern: d[a-z0-9]+ + AppName: + type: string + minLength: 1 + maxLength: 255 + pattern: (?s).+ + Arn: + type: string + maxLength: 1000 + pattern: (?s).* + AutoBranchCreationConfig: + $ref: '#/components/schemas/AutoBranchCreationConfig' + BasicAuthConfig: + $ref: '#/components/schemas/BasicAuthConfig' + BuildSpec: + type: string + minLength: 1 + maxLength: 25000 + pattern: (?s).+ + CustomHeaders: + type: string + minLength: 0 + maxLength: 25000 + pattern: (?s).* + CustomRules: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/CustomRule' + DefaultDomain: + type: string + minLength: 0 + maxLength: 1000 + Description: + type: string + maxLength: 1000 + pattern: (?s).* + EnableBranchAutoDeletion: + type: boolean + EnvironmentVariables: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/EnvironmentVariable' + IAMServiceRole: + type: string + minLength: 1 + maxLength: 1000 + pattern: (?s).* + Name: + type: string + minLength: 1 + maxLength: 255 + pattern: (?s).+ + OauthToken: + type: string + maxLength: 1000 + pattern: (?s).* + Platform: + type: string + enum: + - WEB + - WEB_DYNAMIC + - WEB_COMPUTE + Repository: + type: string + pattern: (?s).* + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: app + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - AppId + - AppName + - Arn + - DefaultDomain + x-required-permissions: + create: + - amplify:GetApp + - amplify:CreateApp + - amplify:TagResource + - codecommit:GetRepository + - codecommit:PutRepositoryTriggers + - codecommit:GetRepositoryTriggers + - sns:CreateTopic + - sns:Subscribe + - iam:PassRole + delete: + - amplify:GetApp + - amplify:DeleteApp + - codecommit:GetRepository + - codecommit:GetRepositoryTriggers + - codecommit:PutRepositoryTriggers + - sns:Unsubscribe + - iam:PassRole + list: + - amplify:GetApp + - amplify:ListApps + - amplify:ListTagsForResource + - iam:PassRole + read: + - amplify:GetApp + - amplify:ListTagsForResource + - codecommit:GetRepository + - codecommit:GetRepositoryTriggers + - iam:PassRole + update: + - amplify:GetApp + - amplify:UpdateApp + - amplify:ListTagsForResource + - amplify:TagResource + - amplify:UntagResource + - codecommit:GetRepository + - codecommit:PutRepositoryTriggers + - codecommit:GetRepositoryTriggers + - sns:CreateTopic + - sns:Subscribe + - sns:Unsubscribe + - iam:PassRole + Backend: + type: object + additionalProperties: false + properties: + StackArn: + type: string + minLength: 20 + maxLength: 2048 + Branch: + type: object + properties: + AppId: + type: string + minLength: 1 + maxLength: 20 + pattern: d[a-z0-9]+ + Arn: + type: string + maxLength: 1000 + pattern: (?s).* + BasicAuthConfig: + $ref: '#/components/schemas/BasicAuthConfig' + Backend: + $ref: '#/components/schemas/Backend' + BranchName: + type: string + minLength: 1 + maxLength: 255 + pattern: (?s).+ + BuildSpec: + type: string + minLength: 1 + maxLength: 25000 + pattern: (?s).+ + Description: + type: string + maxLength: 1000 + pattern: (?s).* + EnableAutoBuild: + type: boolean + EnablePerformanceMode: + type: boolean + EnablePullRequestPreview: + type: boolean + EnvironmentVariables: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/EnvironmentVariable' + Framework: + type: string + maxLength: 255 + pattern: (?s).* + PullRequestEnvironmentName: + type: string + maxLength: 20 + pattern: (?s).* + Stage: + type: string + enum: + - EXPERIMENTAL + - BETA + - PULL_REQUEST + - PRODUCTION + - DEVELOPMENT + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - AppId + - BranchName + x-stackql-resource-name: branch + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - AppId + - BranchName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - amplify:GetBranch + - amplify:CreateBranch + - amplify:TagResource + - codecommit:GetRepository + - codecommit:PutRepositoryTriggers + - codecommit:GetRepositoryTriggers + - s3:GetObject + - s3:GetObjectAcl + - s3:PutObject + - s3:PutObjectAcl + - sns:CreateTopic + - sns:Subscribe + - iam:PassRole + delete: + - amplify:GetBranch + - amplify:DeleteBranch + - codecommit:GetRepository + - codecommit:GetRepositoryTriggers + - sns:Unsubscribe + - iam:PassRole + list: + - amplify:GetBranch + - amplify:ListBranches + - amplify:ListTagsForResource + - iam:PassRole + read: + - amplify:GetBranch + - amplify:ListTagsForResource + - codecommit:GetRepository + - codecommit:GetRepositoryTriggers + - s3:GetObject + - s3:GetObjectAcl + - iam:PassRole + update: + - amplify:GetBranch + - amplify:UpdateBranch + - amplify:ListTagsForResource + - amplify:TagResource + - amplify:UntagResource + - codecommit:GetRepository + - codecommit:PutRepositoryTriggers + - codecommit:GetRepositoryTriggers + - s3:GetObject + - s3:GetObjectAcl + - s3:PutObject + - s3:PutObjectAcl + - sns:CreateTopic + - sns:Subscribe + - sns:Unsubscribe + - iam:PassRole + CertificateSettings: + type: object + additionalProperties: false + properties: + CertificateType: + type: string + enum: + - AMPLIFY_MANAGED + - CUSTOM + CustomCertificateArn: + type: string + pattern: '"^arn:aws:acm:[a-z0-9-]+:\d{12}:certificate\/.+$"' + Certificate: + type: object + additionalProperties: false + properties: + CertificateType: + type: string + enum: + - AMPLIFY_MANAGED + - CUSTOM + CertificateArn: + type: string + pattern: '"^arn:aws:acm:[a-z0-9-]+:\d{12}:certificate\/.+$"' + CertificateVerificationDNSRecord: + type: string + maxLength: 1000 + SubDomainSetting: + type: object + additionalProperties: false + properties: + Prefix: + type: string + maxLength: 255 + pattern: (?s).* + BranchName: + type: string + minLength: 1 + maxLength: 255 + pattern: (?s).+ + required: + - Prefix + - BranchName + Domain: + type: object + properties: + AppId: + type: string + minLength: 1 + maxLength: 20 + pattern: d[a-z0-9]+ + Arn: + type: string + maxLength: 1000 + pattern: (?s).* + AutoSubDomainCreationPatterns: + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 2048 + pattern: (?s).+ + AutoSubDomainIAMRole: + type: string + pattern: ^$|^arn:.+:iam::\d{12}:role.+ + maxLength: 1000 + CertificateRecord: + type: string + maxLength: 1000 + Certificate: + $ref: '#/components/schemas/Certificate' + CertificateSettings: + $ref: '#/components/schemas/CertificateSettings' + DomainName: + type: string + pattern: ^(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])(\.)?$ + maxLength: 255 + DomainStatus: + type: string + UpdateStatus: + type: string + EnableAutoSubDomain: + type: boolean + StatusReason: + type: string + maxLength: 1000 + SubDomainSettings: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/SubDomainSetting' + maxItems: 255 + required: + - AppId + - DomainName + - SubDomainSettings + x-stackql-resource-name: domain + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - AppId + - DomainName + x-read-only-properties: + - Arn + - DomainStatus + - StatusReason + - CertificateRecord + x-required-permissions: + create: + - amplify:CreateDomainAssociation + - route53:ListHostedZones + - route53:ChangeResourceRecordSets + - iam:PassRole + - amplify:TagResource + delete: + - amplify:DeleteDomainAssociation + - iam:PassRole + - amplify:DeleteDomainAssociation + list: + - amplify:ListDomainAssociations + - iam:PassRole + - amplify:ListTagsForResource + read: + - amplify:GetDomainAssociation + - route53:ListHostedZones + - iam:PassRole + - amplify:ListTagsForResource + update: + - amplify:UpdateDomainAssociation + - route53:ListHostedZones + - route53:ChangeResourceRecordSets + - iam:PassRole + - amplify:ListTagsForResource + - amplify:TagResource + - amplify:UntagResource + x-stackQL-resources: + apps: + name: apps + id: awscc.amplify.apps + x-cfn-schema-name: App + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Amplify::App' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Amplify::App' + AND region = 'us-east-1' + app: + name: app + id: awscc.amplify.app + x-cfn-schema-name: App + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessToken') as access_token, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.AppName') as app_name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AutoBranchCreationConfig') as auto_branch_creation_config, + JSON_EXTRACT(Properties, '$.BasicAuthConfig') as basic_auth_config, + JSON_EXTRACT(Properties, '$.BuildSpec') as build_spec, + JSON_EXTRACT(Properties, '$.CustomHeaders') as custom_headers, + JSON_EXTRACT(Properties, '$.CustomRules') as custom_rules, + JSON_EXTRACT(Properties, '$.DefaultDomain') as default_domain, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EnableBranchAutoDeletion') as enable_branch_auto_deletion, + JSON_EXTRACT(Properties, '$.EnvironmentVariables') as environment_variables, + JSON_EXTRACT(Properties, '$.IAMServiceRole') as i_am_service_role, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.OauthToken') as oauth_token, + JSON_EXTRACT(Properties, '$.Platform') as platform, + JSON_EXTRACT(Properties, '$.Repository') as repository, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Amplify::App' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessToken') as access_token, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'AppName') as app_name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AutoBranchCreationConfig') as auto_branch_creation_config, + json_extract_path_text(Properties, 'BasicAuthConfig') as basic_auth_config, + json_extract_path_text(Properties, 'BuildSpec') as build_spec, + json_extract_path_text(Properties, 'CustomHeaders') as custom_headers, + json_extract_path_text(Properties, 'CustomRules') as custom_rules, + json_extract_path_text(Properties, 'DefaultDomain') as default_domain, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EnableBranchAutoDeletion') as enable_branch_auto_deletion, + json_extract_path_text(Properties, 'EnvironmentVariables') as environment_variables, + json_extract_path_text(Properties, 'IAMServiceRole') as i_am_service_role, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'OauthToken') as oauth_token, + json_extract_path_text(Properties, 'Platform') as platform, + json_extract_path_text(Properties, 'Repository') as repository, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Amplify::App' + AND data__Identifier = '' + AND region = 'us-east-1' + branches: + name: branches + id: awscc.amplify.branches + x-cfn-schema-name: Branch + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Amplify::Branch' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Amplify::Branch' + AND region = 'us-east-1' + branch: + name: branch + id: awscc.amplify.branch + x-cfn-schema-name: Branch + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.BasicAuthConfig') as basic_auth_config, + JSON_EXTRACT(Properties, '$.Backend') as backend, + JSON_EXTRACT(Properties, '$.BranchName') as branch_name, + JSON_EXTRACT(Properties, '$.BuildSpec') as build_spec, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EnableAutoBuild') as enable_auto_build, + JSON_EXTRACT(Properties, '$.EnablePerformanceMode') as enable_performance_mode, + JSON_EXTRACT(Properties, '$.EnablePullRequestPreview') as enable_pull_request_preview, + JSON_EXTRACT(Properties, '$.EnvironmentVariables') as environment_variables, + JSON_EXTRACT(Properties, '$.Framework') as framework, + JSON_EXTRACT(Properties, '$.PullRequestEnvironmentName') as pull_request_environment_name, + JSON_EXTRACT(Properties, '$.Stage') as stage, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Amplify::Branch' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'BasicAuthConfig') as basic_auth_config, + json_extract_path_text(Properties, 'Backend') as backend, + json_extract_path_text(Properties, 'BranchName') as branch_name, + json_extract_path_text(Properties, 'BuildSpec') as build_spec, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EnableAutoBuild') as enable_auto_build, + json_extract_path_text(Properties, 'EnablePerformanceMode') as enable_performance_mode, + json_extract_path_text(Properties, 'EnablePullRequestPreview') as enable_pull_request_preview, + json_extract_path_text(Properties, 'EnvironmentVariables') as environment_variables, + json_extract_path_text(Properties, 'Framework') as framework, + json_extract_path_text(Properties, 'PullRequestEnvironmentName') as pull_request_environment_name, + json_extract_path_text(Properties, 'Stage') as stage, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Amplify::Branch' + AND data__Identifier = '' + AND region = 'us-east-1' + domains: + name: domains + id: awscc.amplify.domains + x-cfn-schema-name: Domain + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Amplify::Domain' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Amplify::Domain' + AND region = 'us-east-1' + domain: + name: domain + id: awscc.amplify.domain + x-cfn-schema-name: Domain + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AutoSubDomainCreationPatterns') as auto_sub_domain_creation_patterns, + JSON_EXTRACT(Properties, '$.AutoSubDomainIAMRole') as auto_sub_domain_ia_mrole, + JSON_EXTRACT(Properties, '$.CertificateRecord') as certificate_record, + JSON_EXTRACT(Properties, '$.Certificate') as certificate, + JSON_EXTRACT(Properties, '$.CertificateSettings') as certificate_settings, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.DomainStatus') as domain_status, + JSON_EXTRACT(Properties, '$.UpdateStatus') as update_status, + JSON_EXTRACT(Properties, '$.EnableAutoSubDomain') as enable_auto_sub_domain, + JSON_EXTRACT(Properties, '$.StatusReason') as status_reason, + JSON_EXTRACT(Properties, '$.SubDomainSettings') as sub_domain_settings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Amplify::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AutoSubDomainCreationPatterns') as auto_sub_domain_creation_patterns, + json_extract_path_text(Properties, 'AutoSubDomainIAMRole') as auto_sub_domain_ia_mrole, + json_extract_path_text(Properties, 'CertificateRecord') as certificate_record, + json_extract_path_text(Properties, 'Certificate') as certificate, + json_extract_path_text(Properties, 'CertificateSettings') as certificate_settings, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'DomainStatus') as domain_status, + json_extract_path_text(Properties, 'UpdateStatus') as update_status, + json_extract_path_text(Properties, 'EnableAutoSubDomain') as enable_auto_sub_domain, + json_extract_path_text(Properties, 'StatusReason') as status_reason, + json_extract_path_text(Properties, 'SubDomainSettings') as sub_domain_settings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Amplify::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/amplifyuibuilder.yaml b/providers/src/awscc/v00.00.00000/services/amplifyuibuilder.yaml new file mode 100644 index 00000000..01dc53f8 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/amplifyuibuilder.yaml @@ -0,0 +1,1089 @@ +openapi: 3.0.0 +info: + title: AmplifyUIBuilder + version: 1.0.0 +paths: {} +components: + schemas: + ActionParameters: + type: object + properties: + Type: + $ref: '#/components/schemas/ComponentProperty' + Url: + $ref: '#/components/schemas/ComponentProperty' + Anchor: + $ref: '#/components/schemas/ComponentProperty' + Target: + $ref: '#/components/schemas/ComponentProperty' + Global: + $ref: '#/components/schemas/ComponentProperty' + Model: + type: string + Id: + $ref: '#/components/schemas/ComponentProperty' + Fields: + $ref: '#/components/schemas/ComponentProperties' + State: + $ref: '#/components/schemas/MutationActionSetStateParameter' + additionalProperties: false + ComponentBindingProperties: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/ComponentBindingPropertiesValue' + additionalProperties: false + ComponentBindingPropertiesValue: + type: object + properties: + Type: + type: string + BindingProperties: + $ref: '#/components/schemas/ComponentBindingPropertiesValueProperties' + DefaultValue: + type: string + additionalProperties: false + ComponentBindingPropertiesValueProperties: + type: object + properties: + Model: + type: string + Field: + type: string + Predicates: + type: array + items: + $ref: '#/components/schemas/Predicate' + UserAttribute: + type: string + Bucket: + type: string + Key: + type: string + DefaultValue: + type: string + SlotName: + type: string + additionalProperties: false + ComponentChild: + type: object + properties: + ComponentType: + type: string + Name: + type: string + Properties: + $ref: '#/components/schemas/ComponentProperties' + Children: + type: array + items: + $ref: '#/components/schemas/ComponentChild' + Events: + $ref: '#/components/schemas/ComponentEvents' + SourceId: + type: string + required: + - ComponentType + - Name + - Properties + additionalProperties: false + ComponentCollectionProperties: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/ComponentDataConfiguration' + additionalProperties: false + ComponentConditionProperty: + type: object + properties: + Property: + type: string + Field: + type: string + Operator: + type: string + Operand: + type: string + Then: + $ref: '#/components/schemas/ComponentProperty' + Else: + $ref: '#/components/schemas/ComponentProperty' + OperandType: + type: string + additionalProperties: false + ComponentDataConfiguration: + type: object + properties: + Model: + type: string + Sort: + type: array + items: + $ref: '#/components/schemas/SortProperty' + Predicate: + $ref: '#/components/schemas/Predicate' + Identifiers: + type: array + items: + type: string + required: + - Model + additionalProperties: false + ComponentEvent: + type: object + properties: + Action: + type: string + Parameters: + $ref: '#/components/schemas/ActionParameters' + BindingEvent: + type: string + additionalProperties: false + ComponentEvents: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/ComponentEvent' + additionalProperties: false + ComponentOverrides: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/ComponentOverridesValue' + additionalProperties: false + ComponentOverridesValue: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + ComponentProperties: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/ComponentProperty' + additionalProperties: false + ComponentProperty: + type: object + properties: + Value: + type: string + BindingProperties: + $ref: '#/components/schemas/ComponentPropertyBindingProperties' + CollectionBindingProperties: + $ref: '#/components/schemas/ComponentPropertyBindingProperties' + DefaultValue: + type: string + Model: + type: string + Bindings: + $ref: '#/components/schemas/FormBindings' + Event: + type: string + UserAttribute: + type: string + Concat: + type: array + items: + $ref: '#/components/schemas/ComponentProperty' + Condition: + $ref: '#/components/schemas/ComponentConditionProperty' + Configured: + type: boolean + Type: + type: string + ImportedValue: + type: string + ComponentName: + type: string + Property: + type: string + additionalProperties: false + ComponentPropertyBindingProperties: + type: object + properties: + Property: + type: string + Field: + type: string + required: + - Property + additionalProperties: false + ComponentVariant: + type: object + properties: + VariantValues: + $ref: '#/components/schemas/ComponentVariantValues' + Overrides: + $ref: '#/components/schemas/ComponentOverrides' + additionalProperties: false + ComponentVariantValues: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + FormBindingElement: + type: object + properties: + Element: + type: string + Property: + type: string + required: + - Element + - Property + additionalProperties: false + FormBindings: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/FormBindingElement' + additionalProperties: false + MutationActionSetStateParameter: + type: object + properties: + ComponentName: + type: string + Property: + type: string + Set: + $ref: '#/components/schemas/ComponentProperty' + required: + - ComponentName + - Property + - Set + additionalProperties: false + Predicate: + type: object + properties: + Or: + type: array + items: + $ref: '#/components/schemas/Predicate' + And: + type: array + items: + $ref: '#/components/schemas/Predicate' + Field: + type: string + Operator: + type: string + Operand: + type: string + OperandType: + type: string + pattern: ^boolean|string|number$ + additionalProperties: false + SortDirection: + type: string + enum: + - ASC + - DESC + SortProperty: + type: object + properties: + Field: + type: string + Direction: + $ref: '#/components/schemas/SortDirection' + required: + - Direction + - Field + additionalProperties: false + Tags: + type: object + x-patternProperties: + ^(?!aws:)[a-zA-Z+-=._:/]+$: + type: string + maxLength: 256 + minLength: 1 + additionalProperties: false + Component: + type: object + properties: + AppId: + type: string + BindingProperties: + $ref: '#/components/schemas/ComponentBindingProperties' + Children: + type: array + items: + $ref: '#/components/schemas/ComponentChild' + CollectionProperties: + $ref: '#/components/schemas/ComponentCollectionProperties' + ComponentType: + type: string + maxLength: 255 + minLength: 1 + CreatedAt: + type: string + format: date-time + EnvironmentName: + type: string + Events: + $ref: '#/components/schemas/ComponentEvents' + Id: + type: string + ModifiedAt: + type: string + format: date-time + Name: + type: string + maxLength: 255 + minLength: 1 + Overrides: + $ref: '#/components/schemas/ComponentOverrides' + Properties: + $ref: '#/components/schemas/ComponentProperties' + SchemaVersion: + type: string + SourceId: + type: string + Tags: + $ref: '#/components/schemas/Tags' + Variants: + type: array + items: + $ref: '#/components/schemas/ComponentVariant' + x-stackql-resource-name: component + x-stackql-primaryIdentifier: + - AppId + - EnvironmentName + - Id + x-create-only-properties: + - AppId + - EnvironmentName + x-read-only-properties: + - CreatedAt + - Id + - ModifiedAt + x-required-permissions: + create: + - amplify:GetApp + - amplifyuibuilder:CreateComponent + - amplifyuibuilder:GetComponent + - amplifyuibuilder:TagResource + read: + - amplify:GetApp + - amplifyuibuilder:GetComponent + update: + - amplify:GetApp + - amplifyuibuilder:GetComponent + - amplifyuibuilder:TagResource + - amplifyuibuilder:UntagResource + - amplifyuibuilder:UpdateComponent + delete: + - amplify:GetApp + - amplifyuibuilder:DeleteComponent + - amplifyuibuilder:GetComponent + - amplifyuibuilder:UntagResource + list: + - amplify:GetApp + - amplifyuibuilder:ListComponents + FieldConfig: + type: object + properties: + Label: + type: string + Position: + $ref: '#/components/schemas/FieldPosition' + Excluded: + type: boolean + InputType: + $ref: '#/components/schemas/FieldInputConfig' + Validations: + type: array + items: + $ref: '#/components/schemas/FieldValidationConfiguration' + additionalProperties: false + FieldInputConfig: + type: object + properties: + Type: + type: string + Required: + type: boolean + ReadOnly: + type: boolean + Placeholder: + type: string + DefaultValue: + type: string + DescriptiveText: + type: string + DefaultChecked: + type: boolean + DefaultCountryCode: + type: string + ValueMappings: + $ref: '#/components/schemas/ValueMappings' + Name: + type: string + MinValue: + type: number + MaxValue: + type: number + Step: + type: number + Value: + type: string + IsArray: + type: boolean + FileUploaderConfig: + $ref: '#/components/schemas/FileUploaderFieldConfig' + required: + - Type + additionalProperties: false + FieldPosition: + oneOf: + - type: object + title: Fixed + properties: + Fixed: + $ref: '#/components/schemas/FixedPosition' + required: + - Fixed + additionalProperties: false + - type: object + title: RightOf + properties: + RightOf: + type: string + required: + - RightOf + additionalProperties: false + - type: object + title: Below + properties: + Below: + type: string + required: + - Below + additionalProperties: false + FieldValidationConfiguration: + type: object + properties: + Type: + type: string + StrValues: + type: array + items: + type: string + NumValues: + type: array + items: + type: number + ValidationMessage: + type: string + required: + - Type + additionalProperties: false + FieldsMap: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/FieldConfig' + additionalProperties: false + FileUploaderFieldConfig: + type: object + properties: + AccessLevel: + $ref: '#/components/schemas/StorageAccessLevel' + AcceptedFileTypes: + type: array + items: + type: string + ShowThumbnails: + type: boolean + IsResumable: + type: boolean + MaxFileCount: + type: number + MaxSize: + type: number + required: + - AcceptedFileTypes + - AccessLevel + additionalProperties: false + FixedPosition: + type: string + enum: + - first + FormActionType: + type: string + enum: + - create + - update + FormButton: + type: object + properties: + Excluded: + type: boolean + Children: + type: string + Position: + $ref: '#/components/schemas/FieldPosition' + additionalProperties: false + FormButtonsPosition: + type: string + enum: + - top + - bottom + - top_and_bottom + FormCTA: + type: object + properties: + Position: + $ref: '#/components/schemas/FormButtonsPosition' + Clear: + $ref: '#/components/schemas/FormButton' + Cancel: + $ref: '#/components/schemas/FormButton' + Submit: + $ref: '#/components/schemas/FormButton' + additionalProperties: false + FormDataSourceType: + type: string + enum: + - DataStore + - Custom + FormDataTypeConfig: + type: object + properties: + DataSourceType: + $ref: '#/components/schemas/FormDataSourceType' + DataTypeName: + type: string + required: + - DataSourceType + - DataTypeName + additionalProperties: false + FormInputBindingProperties: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/FormInputBindingPropertiesValue' + additionalProperties: false + FormInputBindingPropertiesValue: + type: object + properties: + Type: + type: string + BindingProperties: + $ref: '#/components/schemas/FormInputBindingPropertiesValueProperties' + additionalProperties: false + FormInputBindingPropertiesValueProperties: + type: object + properties: + Model: + type: string + additionalProperties: false + FormInputValueProperty: + type: object + properties: + Value: + type: string + BindingProperties: + $ref: '#/components/schemas/FormInputValuePropertyBindingProperties' + Concat: + type: array + items: + $ref: '#/components/schemas/FormInputValueProperty' + additionalProperties: false + FormInputValuePropertyBindingProperties: + type: object + properties: + Property: + type: string + Field: + type: string + required: + - Property + additionalProperties: false + FormStyle: + type: object + properties: + HorizontalGap: + $ref: '#/components/schemas/FormStyleConfig' + VerticalGap: + $ref: '#/components/schemas/FormStyleConfig' + OuterPadding: + $ref: '#/components/schemas/FormStyleConfig' + additionalProperties: false + FormStyleConfig: + oneOf: + - type: object + title: TokenReference + properties: + TokenReference: + type: string + required: + - TokenReference + additionalProperties: false + - type: object + title: Value + properties: + Value: + type: string + required: + - Value + additionalProperties: false + LabelDecorator: + type: string + enum: + - required + - optional + - none + SectionalElement: + type: object + properties: + Type: + type: string + Position: + $ref: '#/components/schemas/FieldPosition' + Text: + type: string + Level: + type: number + Orientation: + type: string + Excluded: + type: boolean + required: + - Type + additionalProperties: false + SectionalElementMap: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/SectionalElement' + additionalProperties: false + StorageAccessLevel: + type: string + enum: + - public + - protected + - private + ValueMapping: + type: object + properties: + DisplayValue: + $ref: '#/components/schemas/FormInputValueProperty' + Value: + $ref: '#/components/schemas/FormInputValueProperty' + required: + - Value + additionalProperties: false + ValueMappings: + type: object + properties: + Values: + type: array + items: + $ref: '#/components/schemas/ValueMapping' + BindingProperties: + $ref: '#/components/schemas/FormInputBindingProperties' + required: + - Values + additionalProperties: false + Form: + type: object + properties: + AppId: + type: string + Cta: + $ref: '#/components/schemas/FormCTA' + DataType: + $ref: '#/components/schemas/FormDataTypeConfig' + EnvironmentName: + type: string + Fields: + $ref: '#/components/schemas/FieldsMap' + FormActionType: + $ref: '#/components/schemas/FormActionType' + Id: + type: string + LabelDecorator: + $ref: '#/components/schemas/LabelDecorator' + Name: + type: string + maxLength: 255 + minLength: 1 + SchemaVersion: + type: string + SectionalElements: + $ref: '#/components/schemas/SectionalElementMap' + Style: + $ref: '#/components/schemas/FormStyle' + Tags: + $ref: '#/components/schemas/Tags' + x-stackql-resource-name: form + x-stackql-primaryIdentifier: + - AppId + - EnvironmentName + - Id + x-create-only-properties: + - AppId + - EnvironmentName + x-read-only-properties: + - Id + x-required-permissions: + create: + - amplify:GetApp + - amplifyuibuilder:CreateForm + - amplifyuibuilder:GetForm + - amplifyuibuilder:TagResource + - amplifyuibuilder:UntagResource + read: + - amplify:GetApp + - amplifyuibuilder:GetForm + - amplifyuibuilder:TagResource + update: + - amplify:GetApp + - amplifyuibuilder:GetForm + - amplifyuibuilder:TagResource + - amplifyuibuilder:UntagResource + - amplifyuibuilder:UpdateForm + delete: + - amplify:GetApp + - amplifyuibuilder:DeleteForm + - amplifyuibuilder:TagResource + - amplifyuibuilder:UntagResource + list: + - amplify:GetApp + - amplifyuibuilder:ListForms + ThemeValue: + type: object + properties: + Value: + type: string + Children: + type: array + items: + $ref: '#/components/schemas/ThemeValues' + additionalProperties: false + ThemeValues: + type: object + properties: + Key: + type: string + Value: + $ref: '#/components/schemas/ThemeValue' + additionalProperties: false + Theme: + type: object + properties: + AppId: + type: string + CreatedAt: + type: string + format: date-time + EnvironmentName: + type: string + Id: + type: string + ModifiedAt: + type: string + format: date-time + Name: + type: string + maxLength: 255 + minLength: 1 + Overrides: + type: array + items: + $ref: '#/components/schemas/ThemeValues' + Tags: + $ref: '#/components/schemas/Tags' + Values: + type: array + items: + $ref: '#/components/schemas/ThemeValues' + x-stackql-resource-name: theme + x-stackql-primaryIdentifier: + - AppId + - EnvironmentName + - Id + x-create-only-properties: + - AppId + - EnvironmentName + x-read-only-properties: + - CreatedAt + - Id + - ModifiedAt + x-required-permissions: + create: + - amplify:GetApp + - amplifyuibuilder:CreateTheme + - amplifyuibuilder:GetTheme + - amplifyuibuilder:TagResource + read: + - amplify:GetApp + - amplifyuibuilder:GetTheme + update: + - amplify:GetApp + - amplifyuibuilder:GetTheme + - amplifyuibuilder:TagResource + - amplifyuibuilder:UntagResource + - amplifyuibuilder:UpdateTheme + delete: + - amplify:GetApp + - amplifyuibuilder:DeleteTheme + - amplifyuibuilder:UntagResource + list: + - amplify:GetApp + - amplifyuibuilder:ListThemes + x-stackQL-resources: + components: + name: components + id: awscc.amplifyuibuilder.components + x-cfn-schema-name: Component + x-type: list + x-identifiers: + - AppId + - EnvironmentName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Component' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Component' + AND region = 'us-east-1' + component: + name: component + id: awscc.amplifyuibuilder.component + x-cfn-schema-name: Component + x-type: get + x-identifiers: + - AppId + - EnvironmentName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.BindingProperties') as binding_properties, + JSON_EXTRACT(Properties, '$.Children') as children, + JSON_EXTRACT(Properties, '$.CollectionProperties') as collection_properties, + JSON_EXTRACT(Properties, '$.ComponentType') as component_type, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.Events') as events, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Overrides') as overrides, + JSON_EXTRACT(Properties, '$.Properties') as properties, + JSON_EXTRACT(Properties, '$.SchemaVersion') as schema_version, + JSON_EXTRACT(Properties, '$.SourceId') as source_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Variants') as variants + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Component' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'BindingProperties') as binding_properties, + json_extract_path_text(Properties, 'Children') as children, + json_extract_path_text(Properties, 'CollectionProperties') as collection_properties, + json_extract_path_text(Properties, 'ComponentType') as component_type, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'Events') as events, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Overrides') as overrides, + json_extract_path_text(Properties, 'Properties') as properties, + json_extract_path_text(Properties, 'SchemaVersion') as schema_version, + json_extract_path_text(Properties, 'SourceId') as source_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Variants') as variants + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Component' + AND data__Identifier = '' + AND region = 'us-east-1' + forms: + name: forms + id: awscc.amplifyuibuilder.forms + x-cfn-schema-name: Form + x-type: list + x-identifiers: + - AppId + - EnvironmentName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Form' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Form' + AND region = 'us-east-1' + form: + name: form + id: awscc.amplifyuibuilder.form + x-cfn-schema-name: Form + x-type: get + x-identifiers: + - AppId + - EnvironmentName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.Cta') as cta, + JSON_EXTRACT(Properties, '$.DataType') as data_type, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.Fields') as fields, + JSON_EXTRACT(Properties, '$.FormActionType') as form_action_type, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LabelDecorator') as label_decorator, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SchemaVersion') as schema_version, + JSON_EXTRACT(Properties, '$.SectionalElements') as sectional_elements, + JSON_EXTRACT(Properties, '$.Style') as style, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Form' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'Cta') as cta, + json_extract_path_text(Properties, 'DataType') as data_type, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'Fields') as fields, + json_extract_path_text(Properties, 'FormActionType') as form_action_type, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LabelDecorator') as label_decorator, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SchemaVersion') as schema_version, + json_extract_path_text(Properties, 'SectionalElements') as sectional_elements, + json_extract_path_text(Properties, 'Style') as style, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Form' + AND data__Identifier = '' + AND region = 'us-east-1' + themes: + name: themes + id: awscc.amplifyuibuilder.themes + x-cfn-schema-name: Theme + x-type: list + x-identifiers: + - AppId + - EnvironmentName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Theme' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Theme' + AND region = 'us-east-1' + theme: + name: theme + id: awscc.amplifyuibuilder.theme + x-cfn-schema-name: Theme + x-type: get + x-identifiers: + - AppId + - EnvironmentName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppId') as app_id, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Overrides') as overrides, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Values') as _values + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Theme' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppId') as app_id, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Overrides') as overrides, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Values') as _values + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AmplifyUIBuilder::Theme' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/apigateway.yaml b/providers/src/awscc/v00.00.00000/services/apigateway.yaml new file mode 100644 index 00000000..075bbb3e --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/apigateway.yaml @@ -0,0 +1,2791 @@ +openapi: 3.0.0 +info: + title: ApiGateway + version: 1.0.0 +paths: {} +components: + schemas: + Account: + type: object + properties: + Id: + description: '' + type: string + CloudWatchRoleArn: + description: The ARN of an Amazon CloudWatch role for the current Account. + type: string + x-stackql-resource-name: account + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - apigateway:PATCH + - iam:GetRole + - iam:PassRole + read: + - apigateway:GET + update: + - apigateway:PATCH + - iam:GetRole + - iam:PassRole + delete: [] + StageKey: + type: object + additionalProperties: false + properties: + RestApiId: + description: The string identifier of the associated RestApi. + type: string + StageName: + description: The stage name associated with the stage key. + type: string + description: '``StageKey`` is a property of the [AWS::ApiGateway::ApiKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html) resource that specifies the stage to associate with the API key. This association allows only clients with the key to make requests to methods in that stage.' + Tag: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + ApiKey: + type: object + properties: + APIKeyId: + description: '' + type: string + CustomerId: + description: An MKT customer identifier, when integrating with the AWS SaaS Marketplace. + type: string + Description: + description: The description of the ApiKey. + type: string + Enabled: + description: Specifies whether the ApiKey can be used by callers. + default: false + type: boolean + GenerateDistinctId: + description: Specifies whether (``true``) or not (``false``) the key identifier is distinct from the created API key value. This parameter is deprecated and should not be used. + type: boolean + Name: + description: |- + A name for the API key. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the API key name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html). + If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. + type: string + StageKeys: + description: DEPRECATED FOR USAGE PLANS - Specifies stages associated with the API key. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/StageKey' + Tags: + description: The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with ``aws:``. The tag value can be up to 256 characters. + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + Value: + description: Specifies a value of the API key. + type: string + x-stackql-resource-name: api_key + x-stackql-primaryIdentifier: + - APIKeyId + x-create-only-properties: + - GenerateDistinctId + - Name + - Value + x-read-only-properties: + - APIKeyId + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:PATCH + - apigateway:PUT + - apigateway:DELETE + delete: + - apigateway:DELETE + - apigateway:GET + list: + - apigateway:GET + Authorizer: + type: object + properties: + RestApiId: + description: The string identifier of the associated RestApi. + type: string + AuthorizerId: + type: string + description: '' + AuthType: + description: Optional customer-defined field, used in OpenAPI imports and exports without functional impact. + type: string + AuthorizerCredentials: + description: Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null. + type: string + AuthorizerResultTtlInSeconds: + description: The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour. + type: integer + AuthorizerUri: + description: >- + Specifies the authorizer's Uniform Resource Identifier (URI). For ``TOKEN`` or ``REQUEST`` authorizers, this must be a well-formed Lambda function URI, for example, ``arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations``. In general, the URI has this form ``arn:aws:apigateway:{region}:lambda:path/{service_api}``, where ``{region}`` is the same as the region hosting the Lambda function, + ``path`` indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial ``/``. For Lambda functions, this is usually of the form ``/2015-03-31/functions/[FunctionARN]/invocations``. + type: string + IdentitySource: + description: >- + The identity source for which authorization is requested. For a ``TOKEN`` or ``COGNITO_USER_POOLS`` authorizer, this is required and specifies the request header mapping expression for the custom header holding the authorization token submitted by the client. For example, if the token header name is ``Auth``, the header mapping expression is ``method.request.header.Auth``. For the ``REQUEST`` authorizer, this is required when authorization caching is enabled. The value is a + comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an ``Auth`` header, a ``Name`` query string parameter are defined as identity sources, this value is ``method.request.header.Auth, method.request.querystring.Name``. These parameters will be used to derive the authorization caching key and to perform runtime validation of the ``REQUEST`` authorizer by verifying all of the identity-related request parameters are present, not + null and non-empty. Only when thi + type: string + IdentityValidationExpression: + description: >- + A validation expression for the incoming identity token. For ``TOKEN`` authorizers, this value is a regular expression. For ``COGNITO_USER_POOLS`` authorizers, API Gateway will match the ``aud`` field of the incoming token from the client against the specified regular expression. It will invoke the authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without calling the Lambda function. The validation expression does not apply to + the ``REQUEST`` authorizer. + type: string + Name: + description: The name of the authorizer. + type: string + ProviderARNs: + description: 'A list of the Amazon Cognito user pool ARNs for the ``COGNITO_USER_POOLS`` authorizer. Each element is of this format: ``arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}``. For a ``TOKEN`` or ``REQUEST`` authorizer, this is not defined.' + type: array + uniqueItems: true + items: + type: string + x-insertionOrder: false + Type: + description: The authorizer type. Valid values are ``TOKEN`` for a Lambda function using a single authorization token submitted in a custom header, ``REQUEST`` for a Lambda function using incoming request parameters, and ``COGNITO_USER_POOLS`` for using an Amazon Cognito user pool. + type: string + required: + - RestApiId + - Type + - Name + x-stackql-resource-name: authorizer + x-stackql-primaryIdentifier: + - RestApiId + - AuthorizerId + x-create-only-properties: + - RestApiId + x-read-only-properties: + - AuthorizerId + x-required-permissions: + create: + - apigateway:POST + - iam:PassRole + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:PATCH + - iam:PassRole + delete: + - apigateway:DELETE + list: + - apigateway:GET + BasePathMapping: + type: object + properties: + BasePath: + type: string + description: The base path name that callers of the API must provide as part of the URL after the domain name. + DomainName: + type: string + description: The domain name of the BasePathMapping resource to be described. + RestApiId: + type: string + description: The string identifier of the associated RestApi. + Stage: + type: string + description: The name of the associated stage. + required: + - DomainName + x-stackql-resource-name: base_path_mapping + x-stackql-primaryIdentifier: + - DomainName + - BasePath + x-create-only-properties: + - DomainName + - BasePath + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:DELETE + - apigateway:PATCH + delete: + - apigateway:DELETE + list: + - apigateway:GET + ClientCertificate: + type: object + properties: + ClientCertificateId: + description: '' + type: string + Description: + description: The description of the client certificate. + type: string + Tags: + description: The collection of tags. Each tag element is associated with a given resource. + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: client_certificate + x-stackql-primaryIdentifier: + - ClientCertificateId + x-read-only-properties: + - ClientCertificateId + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:PATCH + - apigateway:PUT + - apigateway:DELETE + delete: + - apigateway:DELETE + list: + - apigateway:GET + StageDescription: + type: object + additionalProperties: false + properties: + AccessLogSetting: + description: Specifies settings for logging access in this stage. + $ref: '#/components/schemas/AccessLogSetting' + CacheClusterEnabled: + description: Specifies whether a cache cluster is enabled for the stage. + type: boolean + CacheClusterSize: + description: The size of the stage's cache cluster. For more information, see [cacheClusterSize](https://docs.aws.amazon.com/apigateway/latest/api/API_CreateStage.html#apigw-CreateStage-request-cacheClusterSize) in the *API Gateway API Reference*. + type: string + CacheDataEncrypted: + description: Indicates whether the cached responses are encrypted. + type: boolean + CacheTtlInSeconds: + description: The time-to-live (TTL) period, in seconds, that specifies how long API Gateway caches responses. + type: integer + CachingEnabled: + description: Indicates whether responses are cached and returned for requests. You must enable a cache cluster on the stage to cache responses. For more information, see [Enable API Gateway Caching in a Stage to Enhance API Performance](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html) in the *API Gateway Developer Guide*. + type: boolean + CanarySetting: + description: Specifies settings for the canary deployment in this stage. + $ref: '#/components/schemas/CanarySetting' + ClientCertificateId: + description: The identifier of the client certificate that API Gateway uses to call your integration endpoints in the stage. + type: string + DataTraceEnabled: + description: Indicates whether data trace logging is enabled for methods in the stage. API Gateway pushes these logs to Amazon CloudWatch Logs. + type: boolean + Description: + description: A description of the purpose of the stage. + type: string + DocumentationVersion: + description: The version identifier of the API documentation snapshot. + type: string + LoggingLevel: + description: The logging level for this method. For valid values, see the ``loggingLevel`` property of the [MethodSetting](https://docs.aws.amazon.com/apigateway/latest/api/API_MethodSetting.html) resource in the *Amazon API Gateway API Reference*. + type: string + MethodSettings: + description: Configures settings for all of the stage's methods. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MethodSetting' + MetricsEnabled: + description: Indicates whether Amazon CloudWatch metrics are enabled for methods in the stage. + type: boolean + Tags: + description: An array of arbitrary tags (key-value pairs) to associate with the stage. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + ThrottlingBurstLimit: + description: The target request burst rate limit. This allows more requests through for a period of time than the target rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide*. + type: integer + ThrottlingRateLimit: + description: The target request steady-state rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide*. + type: number + TracingEnabled: + description: |- + Specifies whether active tracing with X-ray is enabled for this stage. + For more information, see [Trace API Gateway API Execution with X-Ray](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-xray.html) in the *API Gateway Developer Guide*. + type: boolean + Variables: + description: 'A map that defines the stage variables. Variable names must consist of alphanumeric characters, and the values must match the following regular expression: ``[A-Za-z0-9-._~:/?#&=,]+``.' + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + description: '``StageDescription`` is a property of the [AWS::ApiGateway::Deployment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html) resource that configures a deployment stage.' + DeploymentCanarySettings: + type: object + additionalProperties: false + properties: + PercentTraffic: + description: The percentage (0.0-100.0) of traffic routed to the canary deployment. + type: number + StageVariableOverrides: + description: A stage variable overrides used for the canary release deployment. They can override existing stage variables or add new stage variables for the canary release deployment. These stage variables are represented as a string-to-string map between stage variable names and their values. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + UseStageCache: + description: A Boolean flag to indicate whether the canary release deployment uses the stage cache or not. + type: boolean + description: The ``DeploymentCanarySettings`` property type specifies settings for the canary deployment. + AccessLogSetting: + description: |- + The ``AccessLogSetting`` property type specifies settings for logging access in this stage. + ``AccessLogSetting`` is a property of the [AWS::ApiGateway::Stage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html) resource. + type: object + additionalProperties: false + properties: + DestinationArn: + description: The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with ``amazon-apigateway-``. This parameter is required to enable access logging. + type: string + Format: + description: A single line format of the access logs of data, as specified by selected [$context variables](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference). The format must include at least ``$context.requestId``. This parameter is required to enable access logging. + type: string + CanarySetting: + description: Configuration settings of a canary deployment. + type: object + additionalProperties: false + properties: + DeploymentId: + description: The ID of the canary deployment. + type: string + PercentTraffic: + description: The percent (0-100) of traffic diverted to a canary deployment. + type: number + minimum: 0 + maximum: 100 + StageVariableOverrides: + description: Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + UseStageCache: + description: A Boolean flag to indicate whether the canary deployment uses the stage cache or not. + type: boolean + MethodSetting: + description: |- + The ``MethodSetting`` property type configures settings for all methods in a stage. + The ``MethodSettings`` property of the ``AWS::ApiGateway::Stage`` resource contains a list of ``MethodSetting`` property types. + type: object + additionalProperties: false + properties: + CacheDataEncrypted: + description: Specifies whether the cached responses are encrypted. + type: boolean + CacheTtlInSeconds: + description: Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached. + type: integer + CachingEnabled: + description: Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached. + type: boolean + DataTraceEnabled: + description: Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs. + type: boolean + HttpMethod: + description: The HTTP method. To apply settings to multiple resources and methods, specify an asterisk (``*``) for the ``HttpMethod`` and ``/*`` for the ``ResourcePath``. This parameter is required when you specify a ``MethodSetting``. + type: string + LoggingLevel: + description: Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are ``OFF``, ``ERROR``, and ``INFO``. Choose ``ERROR`` to write only error-level entries to CloudWatch Logs, or choose ``INFO`` to include all ``ERROR`` events as well as extra informational events. + type: string + MetricsEnabled: + description: Specifies whether Amazon CloudWatch metrics are enabled for this method. + type: boolean + ResourcePath: + description: >- + The resource path for this method. Forward slashes (``/``) are encoded as ``~1`` and the initial slash must include a forward slash. For example, the path value ``/resource/subresource`` must be encoded as ``/~1resource~1subresource``. To specify the root path, use only a slash (``/``). To apply settings to multiple resources and methods, specify an asterisk (``*``) for the ``HttpMethod`` and ``/*`` for the ``ResourcePath``. This parameter is required when you specify a + ``MethodSetting``. + type: string + ThrottlingBurstLimit: + description: Specifies the throttling burst limit. + type: integer + minimum: 0 + ThrottlingRateLimit: + description: Specifies the throttling rate limit. + type: number + minimum: 0 + Deployment: + type: object + properties: + DeploymentId: + type: string + description: '' + DeploymentCanarySettings: + $ref: '#/components/schemas/DeploymentCanarySettings' + description: The input configuration for a canary deployment. + Description: + type: string + description: The description for the Deployment resource to create. + RestApiId: + type: string + description: The string identifier of the associated RestApi. + StageDescription: + $ref: '#/components/schemas/StageDescription' + description: The description of the Stage resource for the Deployment resource to create. To specify a stage description, you must also provide a stage name. + StageName: + type: string + description: The name of the Stage resource for the Deployment resource to create. + required: + - RestApiId + x-stackql-resource-name: deployment + x-stackql-primaryIdentifier: + - DeploymentId + - RestApiId + x-create-only-properties: + - DeploymentCanarySettings + - RestApiId + x-read-only-properties: + - DeploymentId + x-required-permissions: + create: + - apigateway:POST + - apigateway:PATCH + - apigateway:PUT + - apigateway:GET + read: + - apigateway:GET + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + - apigateway:DELETE + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + Location: + type: object + additionalProperties: false + properties: + Method: + description: >- + The HTTP verb of a method. It is a valid field for the API entity types of ``METHOD``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY``, ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. The default value is ``*`` for any method. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other ``location`` attributes, the child entity's ``method`` attribute must match that of the + parent entity exactly. + type: string + Name: + description: The name of the targeted API entity. It is a valid and required field for the API entity types of ``AUTHORIZER``, ``MODEL``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY`` and ``RESPONSE_HEADER``. It is an invalid field for any other entity type. + type: string + Path: + description: >- + The URL path of the target. It is a valid field for the API entity types of ``RESOURCE``, ``METHOD``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY``, ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. The default value is ``/`` for the root resource. When an applicable child entity inherits the content of another entity of the same type with more general specifications of the other ``location`` attributes, the child entity's ``path`` attribute + must match that of the parent entity as a prefix. + type: string + StatusCode: + description: The HTTP status code of a response. It is a valid field for the API entity types of ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. The default value is ``*`` for any status code. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other ``location`` attributes, the child entity's ``statusCode`` attribute must match that of the parent entity exactly. + type: string + Type: + description: The type of API entity to which the documentation content applies. Valid values are ``API``, ``AUTHORIZER``, ``MODEL``, ``RESOURCE``, ``METHOD``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY``, ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. Content inheritance does not apply to any entity of the ``API``, ``AUTHORIZER``, ``METHOD``, ``MODEL``, ``REQUEST_BODY``, or ``RESOURCE`` type. + type: string + enum: + - API + - AUTHORIZER + - MODEL + - RESOURCE + - METHOD + - PATH_PARAMETER + - QUERY_PARAMETER + - REQUEST_HEADER + - REQUEST_BODY + - RESPONSE + - RESPONSE_HEADER + - RESPONSE_BODY + description: |- + The ``Location`` property specifies the location of the Amazon API Gateway API entity that the documentation applies to. ``Location`` is a property of the [AWS::ApiGateway::DocumentationPart](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-documentationpart.html) resource. + For more information about each property, including constraints and valid values, see [DocumentationPart](https://docs.aws.amazon.com/apigateway/latest/api/API_DocumentationPartLocation.html) in the *Amazon API Gateway REST API Reference*. + DocumentationPart: + type: object + properties: + DocumentationPartId: + description: '' + type: string + Location: + description: The location of the targeted API entity of the to-be-created documentation part. + $ref: '#/components/schemas/Location' + Properties: + description: The new documentation content map of the targeted API entity. Enclosed key-value pairs are API-specific, but only OpenAPI-compliant key-value pairs can be exported and, hence, published. + type: string + RestApiId: + description: The string identifier of the associated RestApi. + type: string + required: + - Location + - Properties + - RestApiId + x-stackql-resource-name: documentation_part + x-stackql-primaryIdentifier: + - DocumentationPartId + - RestApiId + x-create-only-properties: + - Location + - RestApiId + x-read-only-properties: + - DocumentationPartId + x-required-permissions: + create: + - apigateway:GET + - apigateway:POST + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:PATCH + delete: + - apigateway:DELETE + list: + - apigateway:GET + DocumentationVersion: + type: object + properties: + Description: + description: A description about the new documentation snapshot. + type: string + DocumentationVersion: + description: The version identifier of the to-be-updated documentation version. + type: string + minLength: 1 + RestApiId: + description: The string identifier of the associated RestApi. + type: string + minLength: 1 + required: + - DocumentationVersion + - RestApiId + x-stackql-resource-name: documentation_version + x-stackql-primaryIdentifier: + - DocumentationVersion + - RestApiId + x-create-only-properties: + - DocumentationVersion + - RestApiId + x-required-permissions: + create: + - apigateway:GET + - apigateway:POST + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:PATCH + delete: + - apigateway:DELETE + list: + - apigateway:GET + EndpointConfiguration: + type: object + additionalProperties: false + properties: + Types: + type: array + uniqueItems: true + items: + type: string + description: A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is ``"EDGE"``. For a regional API and its custom domain name, the endpoint type is ``REGIONAL``. For a private API, the endpoint type is ``PRIVATE``. + VpcEndpointIds: + type: array + uniqueItems: true + items: + type: string + description: A list of VpcEndpointIds of an API (RestApi) against which to create Route53 ALIASes. It is only supported for ``PRIVATE`` endpoint type. + description: |- + The ``EndpointConfiguration`` property type specifies the endpoint types of a REST API. + ``EndpointConfiguration`` is a property of the [AWS::ApiGateway::RestApi](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource. + MutualTlsAuthentication: + type: object + properties: + TruststoreUri: + type: string + TruststoreVersion: + type: string + additionalProperties: false + DomainName: + type: object + properties: + DomainName: + type: string + DistributionDomainName: + type: string + DistributionHostedZoneId: + type: string + EndpointConfiguration: + $ref: '#/components/schemas/EndpointConfiguration' + MutualTlsAuthentication: + $ref: '#/components/schemas/MutualTlsAuthentication' + RegionalDomainName: + type: string + RegionalHostedZoneId: + type: string + CertificateArn: + type: string + RegionalCertificateArn: + type: string + OwnershipVerificationCertificateArn: + type: string + SecurityPolicy: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: domain_name + x-stackql-primaryIdentifier: + - DomainName + x-create-only-properties: + - DomainName + x-read-only-properties: + - RegionalHostedZoneId + - DistributionDomainName + - RegionalDomainName + - DistributionHostedZoneId + x-required-permissions: + create: + - apigateway:* + read: + - apigateway:* + update: + - apigateway:* + delete: + - apigateway:* + list: + - apigateway:* + GatewayResponse: + type: object + properties: + Id: + description: '' + type: string + RestApiId: + description: The string identifier of the associated RestApi. + type: string + ResponseType: + description: The response type of the associated GatewayResponse. + type: string + StatusCode: + description: The HTTP status code for this GatewayResponse. + type: string + ResponseParameters: + description: Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + ResponseTemplates: + description: Response templates of the GatewayResponse as a string-to-string map of key-value pairs. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + required: + - ResponseType + - RestApiId + x-stackql-resource-name: gateway_response + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ResponseType + - RestApiId + x-read-only-properties: + - Id + x-required-permissions: + create: + - apigateway:PUT + - apigateway:GET + update: + - apigateway:GET + - apigateway:PUT + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + Integration: + type: object + additionalProperties: false + properties: + CacheKeyParameters: + description: A list of request parameters whose values API Gateway caches. To be valid values for ``cacheKeyParameters``, these parameters must also be specified for Method ``requestParameters``. + type: array + uniqueItems: true + items: + type: string + CacheNamespace: + description: Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the ``cacheNamespace``. You can specify the same ``cacheNamespace`` across resources to return the same cached data for requests to different resources. + type: string + ConnectionId: + description: The ID of the VpcLink used for the integration when ``connectionType=VPC_LINK`` and undefined, otherwise. + type: string + ConnectionType: + description: The type of the network connection to the integration endpoint. The valid value is ``INTERNET`` for connections through the public routable internet or ``VPC_LINK`` for private connections between API Gateway and a network load balancer in a VPC. The default value is ``INTERNET``. + type: string + enum: + - INTERNET + - VPC_LINK + ContentHandling: + description: |- + Specifies how to handle request payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors: + If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the ``passthroughBehavior`` is configured to support payload pass-through. + type: string + enum: + - CONVERT_TO_BINARY + - CONVERT_TO_TEXT + Credentials: + description: Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string ``arn:aws:iam::\*:user/\*``. To use resource-based permissions on supported AWS services, specify null. + type: string + IntegrationHttpMethod: + description: Specifies the integration's HTTP method type. For the Type property, if you specify ``MOCK``, this property is optional. For Lambda integrations, you must set the integration method to ``POST``. For all other types, you must specify this property. + type: string + IntegrationResponses: + description: Specifies the integration's responses. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/IntegrationResponse' + PassthroughBehavior: + description: >- + Specifies how the method request body of an unmapped content type will be passed through the integration request to the back end without transformation. A content type is unmapped if no mapping template is defined in the integration or the content type does not match any of the mapped content types, as specified in ``requestTemplates``. The valid value is one of the following: ``WHEN_NO_MATCH``: passes the method request body through the integration request to the back end without + transformation when the method request content type does not match any content type associated with the mapping templates defined in the integration request. ``WHEN_NO_TEMPLATES``: passes the method request body through the integration request to the back end without transformation when no mapping template is defined in the integration request. If a template is defined when this option is selected, the method request of an unmapped content-type will be rejected with an HTTP 415 + Unsupported Media Type response + type: string + enum: + - WHEN_NO_MATCH + - WHEN_NO_TEMPLATES + - NEVER + RequestParameters: + description: >- + A key-value map specifying request parameters that are passed from the method request to the back end. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request parameter value must match the pattern of ``method.request.{location}.{name}``, where ``location`` is ``querystring``, ``path``, or ``header`` and + ``name`` must be a valid and unique method request parameter name. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + RequestTemplates: + description: Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + TimeoutInMillis: + description: Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds. + type: integer + minimum: 50 + Type: + description: |- + Specifies an API method integration type. The valid value is one of the following: + For the HTTP and HTTP proxy integrations, each integration can specify a protocol (``http/https``), port and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy integration with a ``connectionType`` of ``VPC_LINK`` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC. + type: string + enum: + - AWS + - AWS_PROXY + - HTTP + - HTTP_PROXY + - MOCK + Uri: + description: |- + Specifies Uniform Resource Identifier (URI) of the integration endpoint. + For ``HTTP`` or ``HTTP_PROXY`` integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification for standard integrations. If ``connectionType`` is ``VPC_LINK`` specify the Network Load Balancer DNS name. For ``AWS`` or ``AWS_PROXY`` integrations, the URI is of the form ``arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}``. Here, {Region} is the API Gateway region (e.g., us-east-1); {service} is the name of the integrated AWS service (e.g., s3); and {subdomain} is a designated subdomain supported by certain AWS service for fast host-name lookup. action can be used for an AWS service action-based API, using an Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action {name} plus any required input parameters. Alternatively, path can be used for an AWS service path-based API. The ensuing service_ap + type: string + required: + - Type + description: '``Integration`` is a property of the [AWS::ApiGateway::Method](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html) resource that specifies information about the target backend that a method calls.' + MethodResponse: + type: object + additionalProperties: false + properties: + ResponseModels: + description: Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + ResponseParameters: + description: >- + A key-value map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header and the value specifies whether the associated method response header is required or not. The expression of the key must match the pattern ``method.response.header.{name}``, where ``name`` is a valid and unique header name. API Gateway passes certain integration response data to the method response headers specified here according to + the mapping you prescribe in the API's IntegrationResponse. The integration response data that can be mapped include an integration response header expressed in ``integration.response.header.{name}``, a static value enclosed within a pair of single quotes (e.g., ``'application/json'``), or a JSON expression from the back-end response payload in the form of ``integration.response.body.{JSON-expression}``, where ``JSON-expression`` is a valid JSON expression without the ``$`` prefix.) + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: boolean + StatusCode: + description: The method response's status code. + type: string + required: + - StatusCode + description: Represents a method response of a given HTTP status code returned to the client. The method response is passed from the back end through the associated integration response that can be transformed using a mapping template. + IntegrationResponse: + type: object + additionalProperties: false + properties: + ContentHandling: + description: |- + Specifies how to handle response payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors: + If this property is not defined, the response payload will be passed through from the integration response to the method response without modification. + type: string + enum: + - CONVERT_TO_BINARY + - CONVERT_TO_TEXT + ResponseParameters: + description: >- + A key-value map specifying response parameters that are passed to the method response from the back end. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of ``method.response.header.{name}``, where ``name`` is a valid and unique header name. The mapped non-static value + must match the pattern of ``integration.response.header.{name}`` or ``integration.response.body.{JSON-expression}``, where ``name`` is a valid and unique response header name and ``JSON-expression`` is a valid JSON expression without the ``$`` prefix. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + ResponseTemplates: + description: Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + SelectionPattern: + description: >- + Specifies the regular expression (regex) pattern used to choose an integration response based on the response from the back end. For example, if the success response returns nothing and the error response returns some string, you could use the ``.+`` regex to match error response. However, make sure that the error response does not contain any newline (``\n``) character in such cases. If the back end is an LAMlong function, the LAMlong function error header is matched. For all other + HTTP and AWS back ends, the HTTP status code is matched. + type: string + StatusCode: + description: Specifies the status code that is used to map the integration response to an existing MethodResponse. + type: string + required: + - StatusCode + description: '``IntegrationResponse`` is a property of the [Amazon API Gateway Method Integration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apitgateway-method-integration.html) property type that specifies the response that API Gateway sends after a method''s backend finishes processing a request.' + Method: + type: object + properties: + ApiKeyRequired: + description: A boolean flag specifying whether a valid ApiKey is required to invoke this method. + type: boolean + AuthorizationScopes: + description: >- + A list of authorization scopes configured on the method. The scopes are used with a ``COGNITO_USER_POOLS`` authorizer to authorize the method invocation. The authorization works by matching the method scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the method scope is configured, the client must provide + an access token instead of an identity token for authorization purposes. + type: array + items: + type: string + AuthorizationType: + description: |- + The method's authorization type. This parameter is required. For valid values, see [Method](https://docs.aws.amazon.com/apigateway/latest/api/API_Method.html) in the *API Gateway API Reference*. + If you specify the ``AuthorizerId`` property, specify ``CUSTOM`` or ``COGNITO_USER_POOLS`` for this property. + type: string + enum: + - NONE + - AWS_IAM + - CUSTOM + - COGNITO_USER_POOLS + AuthorizerId: + description: The identifier of an authorizer to use on this method. The method's authorization type must be ``CUSTOM`` or ``COGNITO_USER_POOLS``. + type: string + HttpMethod: + description: The method's HTTP verb. + type: string + Integration: + description: Represents an ``HTTP``, ``HTTP_PROXY``, ``AWS``, ``AWS_PROXY``, or Mock integration. + $ref: '#/components/schemas/Integration' + MethodResponses: + description: Gets a method response associated with a given HTTP status code. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/MethodResponse' + OperationName: + description: A human-friendly operation identifier for the method. For example, you can assign the ``operationName`` of ``ListPets`` for the ``GET /pets`` method in the ``PetStore`` example. + type: string + RequestModels: + description: A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key). + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + RequestParameters: + description: >- + A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A key is a method request parameter name matching the pattern of ``method.request.{location}.{name}``, where ``location`` is ``querystring``, ``path``, or ``header`` and ``name`` is a valid and unique parameter name. The value associated with the key is a Boolean flag indicating whether the parameter is required (``true``) or optional (``false``). The method request parameter + names defined here are available in Integration to be mapped to integration request parameters or templates. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: boolean + RequestValidatorId: + description: The identifier of a RequestValidator for request validation. + type: string + ResourceId: + description: The Resource identifier for the MethodResponse resource. + type: string + RestApiId: + description: The string identifier of the associated RestApi. + type: string + required: + - RestApiId + - ResourceId + - HttpMethod + x-stackql-resource-name: method + x-stackql-primaryIdentifier: + - RestApiId + - ResourceId + - HttpMethod + x-create-only-properties: + - RestApiId + - ResourceId + - HttpMethod + x-required-permissions: + create: + - apigateway:PUT + - apigateway:GET + - iam:PassRole + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:DELETE + - apigateway:PUT + - iam:PassRole + delete: + - apigateway:DELETE + Model: + type: object + properties: + ContentType: + type: string + description: The content-type for the model. + Description: + type: string + description: The description of the model. + Name: + type: string + description: |- + A name for the model. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the model name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html). + If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. + RestApiId: + type: string + description: The string identifier of the associated RestApi. + Schema: + description: The schema for the model. For ``application/json`` models, this should be JSON schema draft 4 model. Do not include "\*/" characters in the description of any properties because such "\*/" characters may be interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the installation of your API's SDK generated by API Gateway to fail. + type: object + required: + - RestApiId + x-stackql-resource-name: model + x-stackql-primaryIdentifier: + - RestApiId + - Name + x-create-only-properties: + - ContentType + - Name + - RestApiId + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + read: + - apigateway:GET + update: + - apigateway:PATCH + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + RequestValidator: + type: object + properties: + RequestValidatorId: + description: '' + type: string + Name: + description: The name of this RequestValidator + type: string + RestApiId: + description: The string identifier of the associated RestApi. + type: string + ValidateRequestBody: + description: A Boolean flag to indicate whether to validate a request body according to the configured Model schema. + type: boolean + ValidateRequestParameters: + description: A Boolean flag to indicate whether to validate request parameters (``true``) or not (``false``). + type: boolean + required: + - RestApiId + x-stackql-resource-name: request_validator + x-stackql-primaryIdentifier: + - RestApiId + - RequestValidatorId + x-create-only-properties: + - Name + - RestApiId + x-read-only-properties: + - RequestValidatorId + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + update: + - apigateway:PATCH + - apigateway:GET + delete: + - apigateway:DELETE + read: + - apigateway:GET + list: + - apigateway:GET + Resource: + type: object + properties: + ResourceId: + description: '' + type: string + RestApiId: + description: The string identifier of the associated RestApi. + type: string + ParentId: + description: The parent resource's identifier. + type: string + PathPart: + description: The last path segment for this resource. + type: string + required: + - ParentId + - PathPart + - RestApiId + x-stackql-resource-name: resource + x-stackql-primaryIdentifier: + - RestApiId + - ResourceId + x-create-only-properties: + - PathPart + - ParentId + - RestApiId + x-read-only-properties: + - ResourceId + x-required-permissions: + read: + - apigateway:GET + create: + - apigateway:POST + update: + - apigateway:GET + - apigateway:PATCH + delete: + - apigateway:DELETE + list: + - apigateway:GET + S3Location: + type: object + additionalProperties: false + properties: + Bucket: + type: string + description: The name of the S3 bucket where the OpenAPI file is stored. + ETag: + type: string + description: The Amazon S3 ETag (a file checksum) of the OpenAPI file. If you don't specify a value, API Gateway skips ETag validation of your OpenAPI file. + Version: + type: string + description: For versioning-enabled buckets, a specific version of the OpenAPI file. + Key: + type: string + description: The file name of the OpenAPI file (Amazon S3 object name). + description: |- + ``S3Location`` is a property of the [AWS::ApiGateway::RestApi](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource that specifies the Amazon S3 location of a OpenAPI (formerly Swagger) file that defines a set of RESTful APIs in JSON or YAML. + On January 1, 2016, the Swagger Specification was donated to the [OpenAPI initiative](https://docs.aws.amazon.com/https://www.openapis.org/), becoming the foundation of the OpenAPI Specification. + RestApi: + type: object + properties: + RestApiId: + type: string + description: '' + RootResourceId: + type: string + description: '' + ApiKeySourceType: + type: string + description: 'The source of the API key for metering requests according to a usage plan. Valid values are: ``HEADER`` to read the API key from the ``X-API-Key`` header of a request. ``AUTHORIZER`` to read the API key from the ``UsageIdentifierKey`` from a custom authorizer.' + BinaryMediaTypes: + type: array + uniqueItems: true + items: + type: string + description: The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads. + Body: + type: object + description: An OpenAPI specification that defines a set of RESTful APIs in JSON format. For YAML templates, you can also provide the specification in YAML format. + BodyS3Location: + $ref: '#/components/schemas/S3Location' + description: The Amazon Simple Storage Service (Amazon S3) location that points to an OpenAPI file, which defines a set of RESTful APIs in JSON or YAML format. + CloneFrom: + type: string + description: The ID of the RestApi that you want to clone from. + EndpointConfiguration: + $ref: '#/components/schemas/EndpointConfiguration' + description: A list of the endpoint types of the API. Use this property when creating an API. When importing an existing API, specify the endpoint configuration types using the ``Parameters`` property. + Description: + type: string + description: The description of the RestApi. + DisableExecuteApiEndpoint: + type: boolean + description: Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default ``https://{api_id}.execute-api.{region}.amazonaws.com`` endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint + FailOnWarnings: + type: boolean + description: A query parameter to indicate whether to rollback the API update (``true``) or not (``false``) when a warning is encountered. The default value is ``false``. + Name: + type: string + description: The name of the RestApi. A name is required if the REST API is not based on an OpenAPI specification. + MinimumCompressionSize: + type: integer + description: A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size. + Mode: + type: string + description: |- + This property applies only when you use OpenAPI to define your REST API. The ``Mode`` determines how API Gateway handles resource updates. + Valid values are ``overwrite`` or ``merge``. + For ``overwrite``, the new API definition replaces the existing one. The existing API identifier remains unchanged. + For ``merge``, the new API definition is merged with the existing API. + If you don't specify this property, a default value is chosen. For REST APIs created before March 29, 2021, the default is ``overwrite``. For REST APIs created after March 29, 2021, the new API definition takes precedence, but any container types such as endpoint configurations and binary media types are merged with the existing API. + Use the default mode to define top-level ``RestApi`` properties in addition to using OpenAPI. Generally, it's preferred to use API Gateway's OpenAPI extensions to model these properties. + Policy: + type: object + description: A policy document that contains the permissions for the ``RestApi`` resource. To set the ARN for the policy, use the ``!Join`` intrinsic function with ``""`` as delimiter and values of ``"execute-api:/"`` and ``"*"``. + Parameters: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + description: Custom header parameters as part of the request. For example, to exclude DocumentationParts from an imported API, set ``ignore=documentation`` as a ``parameters`` value, as in the AWS CLI command of ``aws apigateway import-rest-api --parameters ignore=documentation --body 'file:///path/to/imported-api-body.json'``. + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + description: The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with ``aws:``. The tag value can be up to 256 characters. + x-stackql-resource-name: rest_api + x-stackql-primaryIdentifier: + - RestApiId + x-read-only-properties: + - RestApiId + - RootResourceId + x-required-permissions: + create: + - apigateway:GET + - apigateway:POST + - apigateway:PUT + - apigateway:PATCH + - apigateway:UpdateRestApiPolicy + - s3:GetObject + - iam:PassRole + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:DELETE + - apigateway:PATCH + - apigateway:PUT + - apigateway:UpdateRestApiPolicy + - s3:GetObject + - iam:PassRole + delete: + - apigateway:DELETE + list: + - apigateway:GET + Stage: + type: object + properties: + AccessLogSetting: + description: Access log settings, including the access log format and access log destination ARN. + $ref: '#/components/schemas/AccessLogSetting' + CacheClusterEnabled: + description: Specifies whether a cache cluster is enabled for the stage. + type: boolean + CacheClusterSize: + description: The stage's cache capacity in GB. For more information about choosing a cache size, see [Enabling API caching to enhance responsiveness](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html). + type: string + CanarySetting: + description: Settings for the canary deployment in this stage. + $ref: '#/components/schemas/CanarySetting' + ClientCertificateId: + description: The identifier of a client certificate for an API stage. + type: string + DeploymentId: + description: The identifier of the Deployment that the stage points to. + type: string + Description: + description: The stage's description. + type: string + DocumentationVersion: + description: The version of the associated API documentation. + type: string + MethodSettings: + description: A map that defines the method settings for a Stage resource. Keys (designated as ``/{method_setting_key`` below) are method paths defined as ``{resource_path}/{http_method}`` for an individual method override, or ``/\*/\*`` for overriding all methods in the stage. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MethodSetting' + RestApiId: + description: The string identifier of the associated RestApi. + type: string + StageName: + description: The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters. + type: string + Tags: + description: The collection of tags. Each tag element is associated with a given resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TracingEnabled: + description: Specifies whether active tracing with X-ray is enabled for the Stage. + type: boolean + Variables: + description: 'A map (string-to-string map) that defines the stage variables, where the variable name is the key and the variable value is the value. Variable names are limited to alphanumeric characters. Values must match the following regular expression: ``[A-Za-z0-9-._~:/?#&=,]+``.' + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + required: + - RestApiId + x-stackql-resource-name: stage + x-stackql-primaryIdentifier: + - RestApiId + - StageName + x-create-only-properties: + - RestApiId + - StageName + x-required-permissions: + create: + - apigateway:POST + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:PATCH + - apigateway:PUT + - apigateway:DELETE + delete: + - apigateway:DELETE + list: + - apigateway:GET + ApiStage: + type: object + additionalProperties: false + properties: + ApiId: + type: string + description: API Id of the associated API stage in a usage plan. + Stage: + type: string + description: API stage name of the associated API stage in a usage plan. + Throttle: + type: object + description: Map containing method level throttling information for API stage in a usage plan. + additionalProperties: false + x-patternProperties: + .*: + $ref: '#/components/schemas/ThrottleSettings' + description: API stage name of the associated API stage in a usage plan. + ThrottleSettings: + type: object + additionalProperties: false + properties: + BurstLimit: + type: integer + minimum: 0 + description: The API target request burst rate limit. This allows more requests through for a period of time than the target rate limit. + RateLimit: + type: number + minimum: 0 + description: The API target request rate limit. + description: '``ThrottleSettings`` is a property of the [AWS::ApiGateway::UsagePlan](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html) resource that specifies the overall request rate (average requests per second) and burst capacity when users call your REST APIs.' + QuotaSettings: + type: object + additionalProperties: false + properties: + Limit: + type: integer + minimum: 0 + description: The target maximum number of requests that can be made in a given time period. + Offset: + type: integer + minimum: 0 + description: The number of requests subtracted from the given limit in the initial time period. + Period: + type: string + description: The time period in which the limit applies. Valid values are "DAY", "WEEK" or "MONTH". + description: |- + ``QuotaSettings`` is a property of the [AWS::ApiGateway::UsagePlan](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html) resource that specifies a target for the maximum number of requests users can make to your REST APIs. + In some cases clients can exceed the targets that you set. Don’t rely on usage plans to control costs. Consider using [](https://docs.aws.amazon.com/cost-management/latest/userguide/budgets-managing-costs.html) to monitor costs and [](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) to manage API requests. + UsagePlan: + type: object + properties: + Id: + type: string + description: '' + ApiStages: + type: array + description: The associated API stages of a usage plan. + uniqueItems: true + items: + $ref: '#/components/schemas/ApiStage' + Description: + type: string + description: The description of a usage plan. + Quota: + $ref: '#/components/schemas/QuotaSettings' + description: The target maximum number of permitted requests per a given unit time interval. + Tags: + type: array + description: The collection of tags. Each tag element is associated with a given resource. + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + Throttle: + $ref: '#/components/schemas/ThrottleSettings' + description: A map containing method level throttling information for API stage in a usage plan. + UsagePlanName: + type: string + description: The name of a usage plan. + x-stackql-resource-name: usage_plan + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + update: + - apigateway:GET + - apigateway:DELETE + - apigateway:PATCH + - apigateway:PUT + delete: + - apigateway:DELETE + - apigateway:GET + - apigateway:PATCH + list: + - apigateway:GET + UsagePlanKey: + type: object + properties: + KeyId: + description: The Id of the UsagePlanKey resource. + type: string + KeyType: + description: The type of a UsagePlanKey resource for a plan customer. + type: string + enum: + - API_KEY + UsagePlanId: + description: The Id of the UsagePlan resource representing the usage plan containing the UsagePlanKey resource representing a plan customer. + type: string + Id: + description: '' + type: string + required: + - KeyType + - UsagePlanId + - KeyId + x-stackql-resource-name: usage_plan_key + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - KeyId + - UsagePlanId + - KeyType + x-read-only-properties: + - Id + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + read: + - apigateway:GET + delete: + - apigateway:DELETE + - apigateway:GET + list: + - apigateway:GET + VpcLink: + type: object + properties: + Name: + description: A name for the VPC link. + type: string + Description: + description: A description of the VPC link. + type: string + Tags: + description: An array of arbitrary tags (key-value pairs) to associate with the stage. + x-insertionOrder: false + uniqueItems: true + type: array + items: + $ref: '#/components/schemas/Tag' + TargetArns: + description: The ARN of network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same AWS account of the API owner. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + VpcLinkId: + description: The ID of the instance that backs VPC link. + type: string + required: + - Name + - TargetArns + x-stackql-resource-name: vpc_link + x-stackql-primaryIdentifier: + - VpcLinkId + x-create-only-properties: + - TargetArns + x-read-only-properties: + - VpcLinkId + x-required-permissions: + create: + - apigateway:POST + - apigateway:PUT + - apigateway:GET + - ec2:CreateVpcEndpointServiceConfiguration + - ec2:DeleteVpcEndpointServiceConfigurations + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:ModifyVpcEndpointServicePermissions + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + - ec2:CreateVpcEndpointServiceConfiguration + - ec2:DeleteVpcEndpointServiceConfigurations + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:ModifyVpcEndpointServicePermissions + read: + - apigateway:GET + - ec2:CreateVpcEndpointServiceConfiguration + - ec2:DeleteVpcEndpointServiceConfigurations + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:ModifyVpcEndpointServicePermissions + list: + - apigateway:GET + - ec2:CreateVpcEndpointServiceConfiguration + - ec2:DeleteVpcEndpointServiceConfigurations + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:ModifyVpcEndpointServicePermissions + delete: + - apigateway:GET + - apigateway:DELETE + - apigateway:PUT + - ec2:CreateVpcEndpointServiceConfiguration + - ec2:DeleteVpcEndpointServiceConfigurations + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:ModifyVpcEndpointServicePermissions + x-stackQL-resources: + accounts: + name: accounts + id: awscc.apigateway.accounts + x-cfn-schema-name: Account + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Account' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Account' + AND region = 'us-east-1' + account: + name: account + id: awscc.apigateway.account + x-cfn-schema-name: Account + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.CloudWatchRoleArn') as cloud_watch_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Account' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'CloudWatchRoleArn') as cloud_watch_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Account' + AND data__Identifier = '' + AND region = 'us-east-1' + api_keys: + name: api_keys + id: awscc.apigateway.api_keys + x-cfn-schema-name: ApiKey + x-type: list + x-identifiers: + - APIKeyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.APIKeyId') as a_pi_key_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::ApiKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'APIKeyId') as a_pi_key_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::ApiKey' + AND region = 'us-east-1' + api_key: + name: api_key + id: awscc.apigateway.api_key + x-cfn-schema-name: ApiKey + x-type: get + x-identifiers: + - APIKeyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.APIKeyId') as a_pi_key_id, + JSON_EXTRACT(Properties, '$.CustomerId') as customer_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.GenerateDistinctId') as generate_distinct_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.StageKeys') as stage_keys, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Value') as value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::ApiKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'APIKeyId') as a_pi_key_id, + json_extract_path_text(Properties, 'CustomerId') as customer_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'GenerateDistinctId') as generate_distinct_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'StageKeys') as stage_keys, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Value') as value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::ApiKey' + AND data__Identifier = '' + AND region = 'us-east-1' + authorizers: + name: authorizers + id: awscc.apigateway.authorizers + x-cfn-schema-name: Authorizer + x-type: list + x-identifiers: + - RestApiId + - AuthorizerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.AuthorizerId') as authorizer_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Authorizer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'AuthorizerId') as authorizer_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Authorizer' + AND region = 'us-east-1' + authorizer: + name: authorizer + id: awscc.apigateway.authorizer + x-cfn-schema-name: Authorizer + x-type: get + x-identifiers: + - RestApiId + - AuthorizerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.AuthorizerId') as authorizer_id, + JSON_EXTRACT(Properties, '$.AuthType') as auth_type, + JSON_EXTRACT(Properties, '$.AuthorizerCredentials') as authorizer_credentials, + JSON_EXTRACT(Properties, '$.AuthorizerResultTtlInSeconds') as authorizer_result_ttl_in_seconds, + JSON_EXTRACT(Properties, '$.AuthorizerUri') as authorizer_uri, + JSON_EXTRACT(Properties, '$.IdentitySource') as identity_source, + JSON_EXTRACT(Properties, '$.IdentityValidationExpression') as identity_validation_expression, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ProviderARNs') as provider_arns, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Authorizer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'AuthorizerId') as authorizer_id, + json_extract_path_text(Properties, 'AuthType') as auth_type, + json_extract_path_text(Properties, 'AuthorizerCredentials') as authorizer_credentials, + json_extract_path_text(Properties, 'AuthorizerResultTtlInSeconds') as authorizer_result_ttl_in_seconds, + json_extract_path_text(Properties, 'AuthorizerUri') as authorizer_uri, + json_extract_path_text(Properties, 'IdentitySource') as identity_source, + json_extract_path_text(Properties, 'IdentityValidationExpression') as identity_validation_expression, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ProviderARNs') as provider_arns, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Authorizer' + AND data__Identifier = '' + AND region = 'us-east-1' + base_path_mappings: + name: base_path_mappings + id: awscc.apigateway.base_path_mappings + x-cfn-schema-name: BasePathMapping + x-type: list + x-identifiers: + - DomainName + - BasePath + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.BasePath') as base_path + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::BasePathMapping' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'BasePath') as base_path + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::BasePathMapping' + AND region = 'us-east-1' + base_path_mapping: + name: base_path_mapping + id: awscc.apigateway.base_path_mapping + x-cfn-schema-name: BasePathMapping + x-type: get + x-identifiers: + - DomainName + - BasePath + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BasePath') as base_path, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.Stage') as stage + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::BasePathMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BasePath') as base_path, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'Stage') as stage + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::BasePathMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + client_certificates: + name: client_certificates + id: awscc.apigateway.client_certificates + x-cfn-schema-name: ClientCertificate + x-type: list + x-identifiers: + - ClientCertificateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClientCertificateId') as client_certificate_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::ClientCertificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClientCertificateId') as client_certificate_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::ClientCertificate' + AND region = 'us-east-1' + client_certificate: + name: client_certificate + id: awscc.apigateway.client_certificate + x-cfn-schema-name: ClientCertificate + x-type: get + x-identifiers: + - ClientCertificateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClientCertificateId') as client_certificate_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::ClientCertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClientCertificateId') as client_certificate_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::ClientCertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + deployments: + name: deployments + id: awscc.apigateway.deployments + x-cfn-schema-name: Deployment + x-type: list + x-identifiers: + - DeploymentId + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeploymentId') as deployment_id, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Deployment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeploymentId') as deployment_id, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Deployment' + AND region = 'us-east-1' + deployment: + name: deployment + id: awscc.apigateway.deployment + x-cfn-schema-name: Deployment + x-type: get + x-identifiers: + - DeploymentId + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeploymentId') as deployment_id, + JSON_EXTRACT(Properties, '$.DeploymentCanarySettings') as deployment_canary_settings, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.StageDescription') as stage_description, + JSON_EXTRACT(Properties, '$.StageName') as stage_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Deployment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeploymentId') as deployment_id, + json_extract_path_text(Properties, 'DeploymentCanarySettings') as deployment_canary_settings, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'StageDescription') as stage_description, + json_extract_path_text(Properties, 'StageName') as stage_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Deployment' + AND data__Identifier = '' + AND region = 'us-east-1' + documentation_parts: + name: documentation_parts + id: awscc.apigateway.documentation_parts + x-cfn-schema-name: DocumentationPart + x-type: list + x-identifiers: + - DocumentationPartId + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DocumentationPartId') as documentation_part_id, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::DocumentationPart' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DocumentationPartId') as documentation_part_id, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::DocumentationPart' + AND region = 'us-east-1' + documentation_part: + name: documentation_part + id: awscc.apigateway.documentation_part + x-cfn-schema-name: DocumentationPart + x-type: get + x-identifiers: + - DocumentationPartId + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DocumentationPartId') as documentation_part_id, + JSON_EXTRACT(Properties, '$.Location') as location, + JSON_EXTRACT(Properties, '$.Properties') as properties, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::DocumentationPart' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DocumentationPartId') as documentation_part_id, + json_extract_path_text(Properties, 'Location') as location, + json_extract_path_text(Properties, 'Properties') as properties, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::DocumentationPart' + AND data__Identifier = '' + AND region = 'us-east-1' + documentation_versions: + name: documentation_versions + id: awscc.apigateway.documentation_versions + x-cfn-schema-name: DocumentationVersion + x-type: list + x-identifiers: + - DocumentationVersion + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DocumentationVersion') as documentation_version, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::DocumentationVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DocumentationVersion') as documentation_version, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::DocumentationVersion' + AND region = 'us-east-1' + documentation_version: + name: documentation_version + id: awscc.apigateway.documentation_version + x-cfn-schema-name: DocumentationVersion + x-type: get + x-identifiers: + - DocumentationVersion + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DocumentationVersion') as documentation_version, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::DocumentationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DocumentationVersion') as documentation_version, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::DocumentationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + domain_names: + name: domain_names + id: awscc.apigateway.domain_names + x-cfn-schema-name: DomainName + x-type: list + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::DomainName' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::DomainName' + AND region = 'us-east-1' + domain_name: + name: domain_name + id: awscc.apigateway.domain_name + x-cfn-schema-name: DomainName + x-type: get + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.DistributionDomainName') as distribution_domain_name, + JSON_EXTRACT(Properties, '$.DistributionHostedZoneId') as distribution_hosted_zone_id, + JSON_EXTRACT(Properties, '$.EndpointConfiguration') as endpoint_configuration, + JSON_EXTRACT(Properties, '$.MutualTlsAuthentication') as mutual_tls_authentication, + JSON_EXTRACT(Properties, '$.RegionalDomainName') as regional_domain_name, + JSON_EXTRACT(Properties, '$.RegionalHostedZoneId') as regional_hosted_zone_id, + JSON_EXTRACT(Properties, '$.CertificateArn') as certificate_arn, + JSON_EXTRACT(Properties, '$.RegionalCertificateArn') as regional_certificate_arn, + JSON_EXTRACT(Properties, '$.OwnershipVerificationCertificateArn') as ownership_verification_certificate_arn, + JSON_EXTRACT(Properties, '$.SecurityPolicy') as security_policy, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::DomainName' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'DistributionDomainName') as distribution_domain_name, + json_extract_path_text(Properties, 'DistributionHostedZoneId') as distribution_hosted_zone_id, + json_extract_path_text(Properties, 'EndpointConfiguration') as endpoint_configuration, + json_extract_path_text(Properties, 'MutualTlsAuthentication') as mutual_tls_authentication, + json_extract_path_text(Properties, 'RegionalDomainName') as regional_domain_name, + json_extract_path_text(Properties, 'RegionalHostedZoneId') as regional_hosted_zone_id, + json_extract_path_text(Properties, 'CertificateArn') as certificate_arn, + json_extract_path_text(Properties, 'RegionalCertificateArn') as regional_certificate_arn, + json_extract_path_text(Properties, 'OwnershipVerificationCertificateArn') as ownership_verification_certificate_arn, + json_extract_path_text(Properties, 'SecurityPolicy') as security_policy, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::DomainName' + AND data__Identifier = '' + AND region = 'us-east-1' + gateway_responses: + name: gateway_responses + id: awscc.apigateway.gateway_responses + x-cfn-schema-name: GatewayResponse + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::GatewayResponse' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::GatewayResponse' + AND region = 'us-east-1' + gateway_response: + name: gateway_response + id: awscc.apigateway.gateway_response + x-cfn-schema-name: GatewayResponse + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.ResponseType') as response_type, + JSON_EXTRACT(Properties, '$.StatusCode') as status_code, + JSON_EXTRACT(Properties, '$.ResponseParameters') as response_parameters, + JSON_EXTRACT(Properties, '$.ResponseTemplates') as response_templates + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::GatewayResponse' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'ResponseType') as response_type, + json_extract_path_text(Properties, 'StatusCode') as status_code, + json_extract_path_text(Properties, 'ResponseParameters') as response_parameters, + json_extract_path_text(Properties, 'ResponseTemplates') as response_templates + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::GatewayResponse' + AND data__Identifier = '' + AND region = 'us-east-1' + methods: + name: methods + id: awscc.apigateway.methods + x-cfn-schema-name: Method + x-type: list + x-identifiers: + - RestApiId + - ResourceId + - HttpMethod + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.HttpMethod') as http_method + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Method' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'HttpMethod') as http_method + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Method' + AND region = 'us-east-1' + method: + name: method + id: awscc.apigateway.method + x-cfn-schema-name: Method + x-type: get + x-identifiers: + - RestApiId + - ResourceId + - HttpMethod + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiKeyRequired') as api_key_required, + JSON_EXTRACT(Properties, '$.AuthorizationScopes') as authorization_scopes, + JSON_EXTRACT(Properties, '$.AuthorizationType') as authorization_type, + JSON_EXTRACT(Properties, '$.AuthorizerId') as authorizer_id, + JSON_EXTRACT(Properties, '$.HttpMethod') as http_method, + JSON_EXTRACT(Properties, '$.Integration') as integration, + JSON_EXTRACT(Properties, '$.MethodResponses') as method_responses, + JSON_EXTRACT(Properties, '$.OperationName') as operation_name, + JSON_EXTRACT(Properties, '$.RequestModels') as request_models, + JSON_EXTRACT(Properties, '$.RequestParameters') as request_parameters, + JSON_EXTRACT(Properties, '$.RequestValidatorId') as request_validator_id, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Method' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiKeyRequired') as api_key_required, + json_extract_path_text(Properties, 'AuthorizationScopes') as authorization_scopes, + json_extract_path_text(Properties, 'AuthorizationType') as authorization_type, + json_extract_path_text(Properties, 'AuthorizerId') as authorizer_id, + json_extract_path_text(Properties, 'HttpMethod') as http_method, + json_extract_path_text(Properties, 'Integration') as integration, + json_extract_path_text(Properties, 'MethodResponses') as method_responses, + json_extract_path_text(Properties, 'OperationName') as operation_name, + json_extract_path_text(Properties, 'RequestModels') as request_models, + json_extract_path_text(Properties, 'RequestParameters') as request_parameters, + json_extract_path_text(Properties, 'RequestValidatorId') as request_validator_id, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Method' + AND data__Identifier = '' + AND region = 'us-east-1' + models: + name: models + id: awscc.apigateway.models + x-cfn-schema-name: Model + x-type: list + x-identifiers: + - RestApiId + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Model' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Model' + AND region = 'us-east-1' + model: + name: model + id: awscc.apigateway.model + x-cfn-schema-name: Model + x-type: get + x-identifiers: + - RestApiId + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContentType') as content_type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.Schema') as _schema + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Model' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContentType') as content_type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'Schema') as _schema + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Model' + AND data__Identifier = '' + AND region = 'us-east-1' + request_validators: + name: request_validators + id: awscc.apigateway.request_validators + x-cfn-schema-name: RequestValidator + x-type: list + x-identifiers: + - RestApiId + - RequestValidatorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.RequestValidatorId') as request_validator_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::RequestValidator' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'RequestValidatorId') as request_validator_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::RequestValidator' + AND region = 'us-east-1' + request_validator: + name: request_validator + id: awscc.apigateway.request_validator + x-cfn-schema-name: RequestValidator + x-type: get + x-identifiers: + - RestApiId + - RequestValidatorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RequestValidatorId') as request_validator_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.ValidateRequestBody') as validate_request_body, + JSON_EXTRACT(Properties, '$.ValidateRequestParameters') as validate_request_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::RequestValidator' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RequestValidatorId') as request_validator_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'ValidateRequestBody') as validate_request_body, + json_extract_path_text(Properties, 'ValidateRequestParameters') as validate_request_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::RequestValidator' + AND data__Identifier = '' + AND region = 'us-east-1' + resources: + name: resources + id: awscc.apigateway.resources + x-cfn-schema-name: Resource + x-type: list + x-identifiers: + - RestApiId + - ResourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Resource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'ResourceId') as resource_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Resource' + AND region = 'us-east-1' + resource: + name: resource + id: awscc.apigateway.resource + x-cfn-schema-name: Resource + x-type: get + x-identifiers: + - RestApiId + - ResourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.ParentId') as parent_id, + JSON_EXTRACT(Properties, '$.PathPart') as path_part + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Resource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'ParentId') as parent_id, + json_extract_path_text(Properties, 'PathPart') as path_part + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Resource' + AND data__Identifier = '' + AND region = 'us-east-1' + rest_apis: + name: rest_apis + id: awscc.apigateway.rest_apis + x-cfn-schema-name: RestApi + x-type: list + x-identifiers: + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::RestApi' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::RestApi' + AND region = 'us-east-1' + rest_api: + name: rest_api + id: awscc.apigateway.rest_api + x-cfn-schema-name: RestApi + x-type: get + x-identifiers: + - RestApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.RootResourceId') as root_resource_id, + JSON_EXTRACT(Properties, '$.ApiKeySourceType') as api_key_source_type, + JSON_EXTRACT(Properties, '$.BinaryMediaTypes') as binary_media_types, + JSON_EXTRACT(Properties, '$.Body') as body, + JSON_EXTRACT(Properties, '$.BodyS3Location') as body_s3_location, + JSON_EXTRACT(Properties, '$.CloneFrom') as clone_from, + JSON_EXTRACT(Properties, '$.EndpointConfiguration') as endpoint_configuration, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisableExecuteApiEndpoint') as disable_execute_api_endpoint, + JSON_EXTRACT(Properties, '$.FailOnWarnings') as fail_on_warnings, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.MinimumCompressionSize') as minimum_compression_size, + JSON_EXTRACT(Properties, '$.Mode') as mode, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::RestApi' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'RootResourceId') as root_resource_id, + json_extract_path_text(Properties, 'ApiKeySourceType') as api_key_source_type, + json_extract_path_text(Properties, 'BinaryMediaTypes') as binary_media_types, + json_extract_path_text(Properties, 'Body') as body, + json_extract_path_text(Properties, 'BodyS3Location') as body_s3_location, + json_extract_path_text(Properties, 'CloneFrom') as clone_from, + json_extract_path_text(Properties, 'EndpointConfiguration') as endpoint_configuration, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisableExecuteApiEndpoint') as disable_execute_api_endpoint, + json_extract_path_text(Properties, 'FailOnWarnings') as fail_on_warnings, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'MinimumCompressionSize') as minimum_compression_size, + json_extract_path_text(Properties, 'Mode') as mode, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::RestApi' + AND data__Identifier = '' + AND region = 'us-east-1' + stages: + name: stages + id: awscc.apigateway.stages + x-cfn-schema-name: Stage + x-type: list + x-identifiers: + - RestApiId + - StageName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.StageName') as stage_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Stage' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'StageName') as stage_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::Stage' + AND region = 'us-east-1' + stage: + name: stage + id: awscc.apigateway.stage + x-cfn-schema-name: Stage + x-type: get + x-identifiers: + - RestApiId + - StageName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessLogSetting') as access_log_setting, + JSON_EXTRACT(Properties, '$.CacheClusterEnabled') as cache_cluster_enabled, + JSON_EXTRACT(Properties, '$.CacheClusterSize') as cache_cluster_size, + JSON_EXTRACT(Properties, '$.CanarySetting') as canary_setting, + JSON_EXTRACT(Properties, '$.ClientCertificateId') as client_certificate_id, + JSON_EXTRACT(Properties, '$.DeploymentId') as deployment_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DocumentationVersion') as documentation_version, + JSON_EXTRACT(Properties, '$.MethodSettings') as method_settings, + JSON_EXTRACT(Properties, '$.RestApiId') as rest_api_id, + JSON_EXTRACT(Properties, '$.StageName') as stage_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TracingEnabled') as tracing_enabled, + JSON_EXTRACT(Properties, '$.Variables') as variables + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Stage' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessLogSetting') as access_log_setting, + json_extract_path_text(Properties, 'CacheClusterEnabled') as cache_cluster_enabled, + json_extract_path_text(Properties, 'CacheClusterSize') as cache_cluster_size, + json_extract_path_text(Properties, 'CanarySetting') as canary_setting, + json_extract_path_text(Properties, 'ClientCertificateId') as client_certificate_id, + json_extract_path_text(Properties, 'DeploymentId') as deployment_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DocumentationVersion') as documentation_version, + json_extract_path_text(Properties, 'MethodSettings') as method_settings, + json_extract_path_text(Properties, 'RestApiId') as rest_api_id, + json_extract_path_text(Properties, 'StageName') as stage_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TracingEnabled') as tracing_enabled, + json_extract_path_text(Properties, 'Variables') as variables + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::Stage' + AND data__Identifier = '' + AND region = 'us-east-1' + usage_plans: + name: usage_plans + id: awscc.apigateway.usage_plans + x-cfn-schema-name: UsagePlan + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::UsagePlan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::UsagePlan' + AND region = 'us-east-1' + usage_plan: + name: usage_plan + id: awscc.apigateway.usage_plan + x-cfn-schema-name: UsagePlan + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ApiStages') as api_stages, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Quota') as quota, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Throttle') as throttle, + JSON_EXTRACT(Properties, '$.UsagePlanName') as usage_plan_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::UsagePlan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ApiStages') as api_stages, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Quota') as quota, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Throttle') as throttle, + json_extract_path_text(Properties, 'UsagePlanName') as usage_plan_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::UsagePlan' + AND data__Identifier = '' + AND region = 'us-east-1' + usage_plan_keys: + name: usage_plan_keys + id: awscc.apigateway.usage_plan_keys + x-cfn-schema-name: UsagePlanKey + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::UsagePlanKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::UsagePlanKey' + AND region = 'us-east-1' + usage_plan_key: + name: usage_plan_key + id: awscc.apigateway.usage_plan_key + x-cfn-schema-name: UsagePlanKey + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyId') as key_id, + JSON_EXTRACT(Properties, '$.KeyType') as key_type, + JSON_EXTRACT(Properties, '$.UsagePlanId') as usage_plan_id, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::UsagePlanKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyId') as key_id, + json_extract_path_text(Properties, 'KeyType') as key_type, + json_extract_path_text(Properties, 'UsagePlanId') as usage_plan_id, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::UsagePlanKey' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_links: + name: vpc_links + id: awscc.apigateway.vpc_links + x-cfn-schema-name: VpcLink + x-type: list + x-identifiers: + - VpcLinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VpcLinkId') as vpc_link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::VpcLink' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VpcLinkId') as vpc_link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGateway::VpcLink' + AND region = 'us-east-1' + vpc_link: + name: vpc_link + id: awscc.apigateway.vpc_link + x-cfn-schema-name: VpcLink + x-type: get + x-identifiers: + - VpcLinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TargetArns') as target_arns, + JSON_EXTRACT(Properties, '$.VpcLinkId') as vpc_link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::VpcLink' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TargetArns') as target_arns, + json_extract_path_text(Properties, 'VpcLinkId') as vpc_link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGateway::VpcLink' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/apigatewayv2.yaml b/providers/src/awscc/v00.00.00000/services/apigatewayv2.yaml new file mode 100644 index 00000000..582983fd --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/apigatewayv2.yaml @@ -0,0 +1,1437 @@ +openapi: 3.0.0 +info: + title: ApiGatewayV2 + version: 1.0.0 +paths: {} +components: + schemas: + BodyS3Location: + type: object + additionalProperties: false + properties: + Etag: + type: string + description: The Etag of the S3 object. + Bucket: + type: string + description: The S3 bucket that contains the OpenAPI definition to import. Required if you specify a ``BodyS3Location`` for an API. + Version: + type: string + description: The version of the S3 object. + Key: + type: string + description: The key of the S3 object. Required if you specify a ``BodyS3Location`` for an API. + description: The ``BodyS3Location`` property specifies an S3 location from which to import an OpenAPI definition. Supported only for HTTP APIs. + Cors: + type: object + additionalProperties: false + properties: + AllowOrigins: + type: array + uniqueItems: false + items: + type: string + description: Represents a collection of allowed origins. Supported only for HTTP APIs. + AllowCredentials: + type: boolean + description: Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs. + ExposeHeaders: + type: array + uniqueItems: false + items: + type: string + description: Represents a collection of exposed headers. Supported only for HTTP APIs. + AllowHeaders: + type: array + uniqueItems: false + items: + type: string + description: Represents a collection of allowed headers. Supported only for HTTP APIs. + MaxAge: + type: integer + description: The number of seconds that the browser should cache preflight request results. Supported only for HTTP APIs. + AllowMethods: + type: array + uniqueItems: false + items: + type: string + description: Represents a collection of allowed HTTP methods. Supported only for HTTP APIs. + description: The ``Cors`` property specifies a CORS configuration for an API. Supported only for HTTP APIs. See [Configuring CORS](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) for more information. + Api: + type: object + properties: + RouteSelectionExpression: + type: string + description: The route selection expression for the API. For HTTP APIs, the ``routeSelectionExpression`` must be ``${request.method} ${request.path}``. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs. + BodyS3Location: + $ref: '#/components/schemas/BodyS3Location' + description: The S3 location of an OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a ``Body`` or ``BodyS3Location``. If you specify a ``Body`` or ``BodyS3Location``, don't specify CloudFormation resources such as ``AWS::ApiGatewayV2::Authorizer`` or ``AWS::ApiGatewayV2::Route``. API Gateway doesn't support the combination of OpenAPI and CloudFormation resources. + Description: + type: string + description: The description of the API. + ApiEndpoint: + type: string + description: '' + BasePath: + type: string + description: Specifies how to interpret the base path of the API during import. Valid values are ``ignore``, ``prepend``, and ``split``. The default value is ``ignore``. To learn more, see [Set the OpenAPI basePath Property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api-basePath.html). Supported only for HTTP APIs. + FailOnWarnings: + type: boolean + description: Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered. + DisableExecuteApiEndpoint: + type: boolean + description: Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint. + DisableSchemaValidation: + type: boolean + description: Avoid validating models when creating a deployment. Supported only for WebSocket APIs. + Name: + type: string + description: The name of the API. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation``. + Target: + type: string + description: This property is part of quick create. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs. + CredentialsArn: + type: string + description: >- + This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify ``arn:aws:iam::*:user/*``. To use resource-based permissions on supported AWS services, specify ``null``. Currently, this property is not used for HTTP + integrations. Supported only for HTTP APIs. + CorsConfiguration: + $ref: '#/components/schemas/Cors' + description: A CORS configuration. Supported only for HTTP APIs. See [Configuring CORS](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) for more information. + Version: + type: string + description: A version identifier for the API. + ProtocolType: + type: string + description: The API protocol. Valid values are ``WEBSOCKET`` or ``HTTP``. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation``. + RouteKey: + type: string + description: This property is part of quick create. If you don't specify a ``routeKey``, a default route of ``$default`` is created. The ``$default`` route acts as a catch-all for any request made to your API, for a particular stage. The ``$default`` route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs. + ApiId: + type: string + description: '' + Body: + type: object + description: The OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a ``Body`` or ``BodyS3Location``. If you specify a ``Body`` or ``BodyS3Location``, don't specify CloudFormation resources such as ``AWS::ApiGatewayV2::Authorizer`` or ``AWS::ApiGatewayV2::Route``. API Gateway doesn't support the combination of OpenAPI and CloudFormation resources. + Tags: + type: object + description: The collection of tags. Each tag element is associated with a given resource. + additionalProperties: false + x-patternProperties: + .*: + type: string + ApiKeySelectionExpression: + type: string + description: An API key selection expression. Supported only for WebSocket APIs. See [API Key Selection Expressions](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions). + x-stackql-resource-name: api + x-stackql-primaryIdentifier: + - ApiId + x-create-only-properties: + - ProtocolType + x-read-only-properties: + - ApiId + - ApiEndpoint + x-required-permissions: + create: + - apigateway:POST + - apigateway:PUT + - s3:getObject + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + - apigateway:POST + - s3:getObject + read: + - apigateway:GET + - s3:getObject + delete: + - apigateway:GET + - apigateway:DELETE + - s3:getObject + list: + - apigateway:GET + - s3:getObject + ApiMapping: + type: object + properties: + ApiMappingId: + description: '' + type: string + DomainName: + description: The domain name. + type: string + Stage: + description: The API stage. + type: string + ApiMappingKey: + description: The API mapping key. + type: string + ApiId: + description: The identifier of the API. + type: string + required: + - DomainName + - Stage + - ApiId + x-stackql-resource-name: api_mapping + x-stackql-primaryIdentifier: + - ApiMappingId + - DomainName + x-create-only-properties: + - DomainName + x-read-only-properties: + - ApiMappingId + x-required-permissions: + create: + - apigateway:POST + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + delete: + - apigateway:DELETE + list: + - apigateway:GET + JWTConfiguration: + type: object + additionalProperties: false + properties: + Issuer: + type: string + description: 'The base domain of the identity provider that issues JSON Web Tokens. For example, an Amazon Cognito user pool has the following format: ``https://cognito-idp.{region}.amazonaws.com/{userPoolId}``. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs.' + Audience: + type: array + uniqueItems: false + items: + type: string + description: A list of the intended recipients of the JWT. A valid JWT must provide an ``aud`` that matches at least one entry in this list. See [RFC 7519](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc7519#section-4.1.3). Required for the ``JWT`` authorizer type. Supported only for HTTP APIs. + description: The ``JWTConfiguration`` property specifies the configuration of a JWT authorizer. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs. + Authorizer: + type: object + properties: + IdentityValidationExpression: + type: string + description: This parameter is not used. + AuthorizerUri: + type: string + description: >- + The authorizer's Uniform Resource Identifier (URI). For ``REQUEST`` authorizers, this must be a well-formed Lambda function URI, for example, ``arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations``. In general, the URI has this form: ``arn:aws:apigateway:{region}:lambda:path/{service_api}``, where *{region}* is the same as the region hosting the Lambda function, path indicates that the + remaining substring in the URI should be treated as the path to the resource, including the initial ``/``. For Lambda functions, this is usually of the form ``/2015-03-31/functions/[FunctionARN]/invocations``. + AuthorizerCredentialsArn: + type: string + description: Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null. Supported only for ``REQUEST`` authorizers. + AuthorizerType: + type: string + description: The authorizer type. Specify ``REQUEST`` for a Lambda function using incoming request parameters. Specify ``JWT`` to use JSON Web Tokens (supported only for HTTP APIs). + JwtConfiguration: + $ref: '#/components/schemas/JWTConfiguration' + description: The ``JWTConfiguration`` property specifies the configuration of a JWT authorizer. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs. + AuthorizerResultTtlInSeconds: + type: integer + description: The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers. + IdentitySource: + type: array + uniqueItems: false + items: + type: string + description: |- + The identity source for which authorization is requested. + For a ``REQUEST`` authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with ``$``, for example, ``$request.header.Auth``, ``$request.querystring.Name``. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html). + For ``JWT``, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example ``$request.header.Authorization``. + AuthorizerPayloadFormatVersion: + type: string + description: Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are ``1.0`` and ``2.0``. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html). + ApiId: + type: string + description: The API identifier. + EnableSimpleResponses: + type: boolean + description: Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html). + AuthorizerId: + type: string + description: '' + Name: + type: string + description: The name of the authorizer. + required: + - AuthorizerType + - ApiId + - Name + x-stackql-resource-name: authorizer + x-stackql-primaryIdentifier: + - AuthorizerId + - ApiId + x-create-only-properties: + - ApiId + x-read-only-properties: + - AuthorizerId + x-required-permissions: + create: + - apigateway:POST + - iam:PassRole + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + - iam:PassRole + read: + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + Deployment: + type: object + properties: + DeploymentId: + type: string + description: '' + Description: + type: string + description: The description for the deployment resource. + StageName: + type: string + description: The name of an existing stage to associate with the deployment. + ApiId: + type: string + description: The API identifier. + required: + - ApiId + x-stackql-resource-name: deployment + x-stackql-primaryIdentifier: + - ApiId + - DeploymentId + x-create-only-properties: + - ApiId + x-read-only-properties: + - DeploymentId + x-required-permissions: + create: + - apigateway:POST + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + MutualTlsAuthentication: + type: object + additionalProperties: false + properties: + TruststoreVersion: + type: string + description: The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket. + TruststoreUri: + type: string + description: An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, ``s3://bucket-name/key-name``. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object. + description: If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API. + DomainNameConfiguration: + type: object + additionalProperties: false + properties: + OwnershipVerificationCertificateArn: + type: string + description: The Amazon resource name (ARN) for the public certificate issued by ACMlong. This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn. + EndpointType: + type: string + description: The endpoint type. + CertificateName: + type: string + description: The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name. + SecurityPolicy: + type: string + description: The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are ``TLS_1_0`` and ``TLS_1_2``. + CertificateArn: + type: string + description: An AWS-managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source. + description: |- + The ``DomainNameConfiguration`` property type specifies the configuration for an API's domain name. + ``DomainNameConfiguration`` is a property of the [AWS::ApiGatewayV2::DomainName](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-domainname.html) resource. + DomainName: + type: object + properties: + MutualTlsAuthentication: + description: The mutual TLS authentication configuration for a custom domain name. + $ref: '#/components/schemas/MutualTlsAuthentication' + RegionalHostedZoneId: + description: '' + type: string + RegionalDomainName: + description: '' + type: string + DomainName: + description: The custom domain name for your API in Amazon API Gateway. Uppercase letters are not supported. + type: string + DomainNameConfigurations: + description: The domain name configurations. + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/DomainNameConfiguration' + Tags: + type: object + description: The collection of tags associated with a domain name. + additionalProperties: false + x-patternProperties: + .*: + type: string + required: + - DomainName + x-stackql-resource-name: domain_name + x-stackql-primaryIdentifier: + - DomainName + x-create-only-properties: + - DomainName + x-read-only-properties: + - RegionalDomainName + - RegionalHostedZoneId + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + - apigateway:PUT + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + IntegrationResponse: + type: object + properties: + IntegrationResponseId: + description: '' + type: string + ResponseTemplates: + description: The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value. + type: object + TemplateSelectionExpression: + description: The template selection expression for the integration response. Supported only for WebSocket APIs. + type: string + ResponseParameters: + description: >- + A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of ``method.response.header.{name}``, where name is a valid and unique header name. The mapped non-static value must + match the pattern of ``integration.response.header.{name}`` or ``integration.response.body.{JSON-expression}``, where ``{name}`` is a valid and unique response header name and ``{JSON-expression}`` is a valid JSON expression without the ``$`` prefix. + type: object + ContentHandlingStrategy: + description: |- + Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors: + ``CONVERT_TO_BINARY``: Converts a response payload from a Base64-encoded string to the corresponding binary blob. + ``CONVERT_TO_TEXT``: Converts a response payload from a binary blob to a Base64-encoded string. + If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification. + type: string + IntegrationId: + description: The integration ID. + type: string + IntegrationResponseKey: + description: The integration response key. + type: string + ApiId: + description: The API identifier. + type: string + required: + - ApiId + - IntegrationId + - IntegrationResponseKey + x-stackql-resource-name: integration_response + x-stackql-primaryIdentifier: + - ApiId + - IntegrationId + - IntegrationResponseId + x-create-only-properties: + - ApiId + - IntegrationId + x-read-only-properties: + - IntegrationResponseId + x-required-permissions: + create: + - apigateway:POST + read: + - apigateway:GET + update: + - apigateway:PATCH + - apigateway:PUT + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + Model: + type: object + properties: + ModelId: + type: string + description: '' + Description: + type: string + description: The description of the model. + ContentType: + type: string + description: The content-type for the model, for example, "application/json". + Schema: + type: object + description: The schema for the model. For application/json models, this should be JSON schema draft 4 model. + ApiId: + type: string + description: The API identifier. + Name: + type: string + description: The name of the model. + required: + - ApiId + - Schema + - Name + x-stackql-resource-name: model + x-stackql-primaryIdentifier: + - ApiId + - ModelId + x-create-only-properties: + - ApiId + x-read-only-properties: + - ModelId + x-required-permissions: + create: + - apigateway:POST + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + ParameterConstraints: + type: object + properties: + Required: + type: boolean + description: Specifies whether the parameter is required. + required: + - Required + additionalProperties: false + description: Specifies whether the parameter is required. + Route: + type: object + properties: + RouteId: + type: string + description: '' + RouteResponseSelectionExpression: + type: string + description: The route response selection expression for the route. Supported only for WebSocket APIs. + RequestModels: + type: object + description: The request models for the route. Supported only for WebSocket APIs. + OperationName: + type: string + description: The operation name for the route. + AuthorizationScopes: + type: array + uniqueItems: false + items: + type: string + description: The authorization scopes supported by this route. + ApiKeyRequired: + type: boolean + description: Specifies whether an API key is required for the route. Supported only for WebSocket APIs. + RouteKey: + type: string + description: The route key for the route. For HTTP APIs, the route key can be either ``$default``, or a combination of an HTTP method and resource path, for example, ``GET /pets``. + AuthorizationType: + type: string + description: The authorization type for the route. For WebSocket APIs, valid values are ``NONE`` for open access, ``AWS_IAM`` for using AWS IAM permissions, and ``CUSTOM`` for using a Lambda authorizer. For HTTP APIs, valid values are ``NONE`` for open access, ``JWT`` for using JSON Web Tokens, ``AWS_IAM`` for using AWS IAM permissions, and ``CUSTOM`` for using a Lambda authorizer. + ModelSelectionExpression: + type: string + description: The model selection expression for the route. Supported only for WebSocket APIs. + ApiId: + type: string + description: The API identifier. + RequestParameters: + type: object + items: + $ref: '#/components/schemas/ParameterConstraints' + description: The request parameters for the route. Supported only for WebSocket APIs. + Target: + type: string + description: The target for the route. + AuthorizerId: + type: string + description: The identifier of the ``Authorizer`` resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer. + required: + - RouteKey + - ApiId + x-stackql-resource-name: route + x-stackql-primaryIdentifier: + - ApiId + - RouteId + x-create-only-properties: + - ApiId + x-read-only-properties: + - RouteId + x-required-permissions: + create: + - apigateway:POST + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + RouteParameters: + x-patternProperties: + ^.+$: + $ref: '#/components/schemas/ParameterConstraints' + additionalProperties: false + RouteResponse: + type: object + properties: + RouteResponseKey: + type: string + description: The route response key. + ResponseParameters: + $ref: '#/components/schemas/RouteParameters' + description: The route response parameters. + RouteId: + type: string + description: The route ID. + ModelSelectionExpression: + type: string + description: The model selection expression for the route response. Supported only for WebSocket APIs. + ApiId: + type: string + description: The API identifier. + ResponseModels: + type: object + description: The response models for the route response. + RouteResponseId: + type: string + description: '' + required: + - RouteResponseKey + - RouteId + - ApiId + x-stackql-resource-name: route_response + x-stackql-primaryIdentifier: + - ApiId + - RouteId + - RouteResponseId + x-create-only-properties: + - ApiId + - RouteId + x-read-only-properties: + - RouteResponseId + x-required-permissions: + create: + - apigateway:POST + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:PUT + read: + - apigateway:GET + delete: + - apigateway:GET + - apigateway:DELETE + list: + - apigateway:GET + VpcLink: + type: object + properties: + VpcLinkId: + type: string + description: '' + SubnetIds: + type: array + uniqueItems: false + items: + type: string + description: A list of subnet IDs to include in the VPC link. + SecurityGroupIds: + type: array + uniqueItems: false + items: + type: string + description: A list of security group IDs for the VPC link. + Tags: + type: object + description: The collection of tags. Each tag element is associated with a given resource. + additionalProperties: false + x-patternProperties: + .*: + type: string + Name: + type: string + description: The name of the VPC link. + required: + - SubnetIds + - Name + x-stackql-resource-name: vpc_link + x-stackql-primaryIdentifier: + - VpcLinkId + x-create-only-properties: + - SecurityGroupIds + - SubnetIds + x-read-only-properties: + - VpcLinkId + x-required-permissions: + create: + - apigateway:POST + - apigateway:GET + - apigateway:TagResource + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + update: + - apigateway:PATCH + - apigateway:GET + - apigateway:TagResource + - apigateway:unTagResource + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + read: + - apigateway:GET + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + delete: + - apigateway:GET + - apigateway:DELETE + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + list: + - apigateway:GET + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + x-stackQL-resources: + apis: + name: apis + id: awscc.apigatewayv2.apis + x-cfn-schema-name: Api + x-type: list + x-identifiers: + - ApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiId') as api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Api' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiId') as api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Api' + AND region = 'us-east-1' + api: + name: api + id: awscc.apigatewayv2.api + x-cfn-schema-name: Api + x-type: get + x-identifiers: + - ApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RouteSelectionExpression') as route_selection_expression, + JSON_EXTRACT(Properties, '$.BodyS3Location') as body_s3_location, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ApiEndpoint') as api_endpoint, + JSON_EXTRACT(Properties, '$.BasePath') as base_path, + JSON_EXTRACT(Properties, '$.FailOnWarnings') as fail_on_warnings, + JSON_EXTRACT(Properties, '$.DisableExecuteApiEndpoint') as disable_execute_api_endpoint, + JSON_EXTRACT(Properties, '$.DisableSchemaValidation') as disable_schema_validation, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Target') as target, + JSON_EXTRACT(Properties, '$.CredentialsArn') as credentials_arn, + JSON_EXTRACT(Properties, '$.CorsConfiguration') as cors_configuration, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.ProtocolType') as protocol_type, + JSON_EXTRACT(Properties, '$.RouteKey') as route_key, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.Body') as body, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ApiKeySelectionExpression') as api_key_selection_expression + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Api' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RouteSelectionExpression') as route_selection_expression, + json_extract_path_text(Properties, 'BodyS3Location') as body_s3_location, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ApiEndpoint') as api_endpoint, + json_extract_path_text(Properties, 'BasePath') as base_path, + json_extract_path_text(Properties, 'FailOnWarnings') as fail_on_warnings, + json_extract_path_text(Properties, 'DisableExecuteApiEndpoint') as disable_execute_api_endpoint, + json_extract_path_text(Properties, 'DisableSchemaValidation') as disable_schema_validation, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Target') as target, + json_extract_path_text(Properties, 'CredentialsArn') as credentials_arn, + json_extract_path_text(Properties, 'CorsConfiguration') as cors_configuration, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'ProtocolType') as protocol_type, + json_extract_path_text(Properties, 'RouteKey') as route_key, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'Body') as body, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ApiKeySelectionExpression') as api_key_selection_expression + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Api' + AND data__Identifier = '' + AND region = 'us-east-1' + api_mappings: + name: api_mappings + id: awscc.apigatewayv2.api_mappings + x-cfn-schema-name: ApiMapping + x-type: list + x-identifiers: + - ApiMappingId + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiMappingId') as api_mapping_id, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::ApiMapping' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiMappingId') as api_mapping_id, + json_extract_path_text(Properties, 'DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::ApiMapping' + AND region = 'us-east-1' + api_mapping: + name: api_mapping + id: awscc.apigatewayv2.api_mapping + x-cfn-schema-name: ApiMapping + x-type: get + x-identifiers: + - ApiMappingId + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiMappingId') as api_mapping_id, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Stage') as stage, + JSON_EXTRACT(Properties, '$.ApiMappingKey') as api_mapping_key, + JSON_EXTRACT(Properties, '$.ApiId') as api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::ApiMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiMappingId') as api_mapping_id, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Stage') as stage, + json_extract_path_text(Properties, 'ApiMappingKey') as api_mapping_key, + json_extract_path_text(Properties, 'ApiId') as api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::ApiMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + authorizers: + name: authorizers + id: awscc.apigatewayv2.authorizers + x-cfn-schema-name: Authorizer + x-type: list + x-identifiers: + - AuthorizerId + - ApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AuthorizerId') as authorizer_id, + JSON_EXTRACT(Properties, '$.ApiId') as api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Authorizer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AuthorizerId') as authorizer_id, + json_extract_path_text(Properties, 'ApiId') as api_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Authorizer' + AND region = 'us-east-1' + authorizer: + name: authorizer + id: awscc.apigatewayv2.authorizer + x-cfn-schema-name: Authorizer + x-type: get + x-identifiers: + - AuthorizerId + - ApiId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityValidationExpression') as identity_validation_expression, + JSON_EXTRACT(Properties, '$.AuthorizerUri') as authorizer_uri, + JSON_EXTRACT(Properties, '$.AuthorizerCredentialsArn') as authorizer_credentials_arn, + JSON_EXTRACT(Properties, '$.AuthorizerType') as authorizer_type, + JSON_EXTRACT(Properties, '$.JwtConfiguration') as jwt_configuration, + JSON_EXTRACT(Properties, '$.AuthorizerResultTtlInSeconds') as authorizer_result_ttl_in_seconds, + JSON_EXTRACT(Properties, '$.IdentitySource') as identity_source, + JSON_EXTRACT(Properties, '$.AuthorizerPayloadFormatVersion') as authorizer_payload_format_version, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.EnableSimpleResponses') as enable_simple_responses, + JSON_EXTRACT(Properties, '$.AuthorizerId') as authorizer_id, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Authorizer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityValidationExpression') as identity_validation_expression, + json_extract_path_text(Properties, 'AuthorizerUri') as authorizer_uri, + json_extract_path_text(Properties, 'AuthorizerCredentialsArn') as authorizer_credentials_arn, + json_extract_path_text(Properties, 'AuthorizerType') as authorizer_type, + json_extract_path_text(Properties, 'JwtConfiguration') as jwt_configuration, + json_extract_path_text(Properties, 'AuthorizerResultTtlInSeconds') as authorizer_result_ttl_in_seconds, + json_extract_path_text(Properties, 'IdentitySource') as identity_source, + json_extract_path_text(Properties, 'AuthorizerPayloadFormatVersion') as authorizer_payload_format_version, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'EnableSimpleResponses') as enable_simple_responses, + json_extract_path_text(Properties, 'AuthorizerId') as authorizer_id, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Authorizer' + AND data__Identifier = '' + AND region = 'us-east-1' + deployments: + name: deployments + id: awscc.apigatewayv2.deployments + x-cfn-schema-name: Deployment + x-type: list + x-identifiers: + - ApiId + - DeploymentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.DeploymentId') as deployment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Deployment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'DeploymentId') as deployment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Deployment' + AND region = 'us-east-1' + deployment: + name: deployment + id: awscc.apigatewayv2.deployment + x-cfn-schema-name: Deployment + x-type: get + x-identifiers: + - ApiId + - DeploymentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeploymentId') as deployment_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.StageName') as stage_name, + JSON_EXTRACT(Properties, '$.ApiId') as api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Deployment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeploymentId') as deployment_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'StageName') as stage_name, + json_extract_path_text(Properties, 'ApiId') as api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Deployment' + AND data__Identifier = '' + AND region = 'us-east-1' + domain_names: + name: domain_names + id: awscc.apigatewayv2.domain_names + x-cfn-schema-name: DomainName + x-type: list + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::DomainName' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::DomainName' + AND region = 'us-east-1' + domain_name: + name: domain_name + id: awscc.apigatewayv2.domain_name + x-cfn-schema-name: DomainName + x-type: get + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MutualTlsAuthentication') as mutual_tls_authentication, + JSON_EXTRACT(Properties, '$.RegionalHostedZoneId') as regional_hosted_zone_id, + JSON_EXTRACT(Properties, '$.RegionalDomainName') as regional_domain_name, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.DomainNameConfigurations') as domain_name_configurations, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::DomainName' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MutualTlsAuthentication') as mutual_tls_authentication, + json_extract_path_text(Properties, 'RegionalHostedZoneId') as regional_hosted_zone_id, + json_extract_path_text(Properties, 'RegionalDomainName') as regional_domain_name, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'DomainNameConfigurations') as domain_name_configurations, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::DomainName' + AND data__Identifier = '' + AND region = 'us-east-1' + integration_responses: + name: integration_responses + id: awscc.apigatewayv2.integration_responses + x-cfn-schema-name: IntegrationResponse + x-type: list + x-identifiers: + - ApiId + - IntegrationId + - IntegrationResponseId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.IntegrationId') as integration_id, + JSON_EXTRACT(Properties, '$.IntegrationResponseId') as integration_response_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::IntegrationResponse' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'IntegrationId') as integration_id, + json_extract_path_text(Properties, 'IntegrationResponseId') as integration_response_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::IntegrationResponse' + AND region = 'us-east-1' + integration_response: + name: integration_response + id: awscc.apigatewayv2.integration_response + x-cfn-schema-name: IntegrationResponse + x-type: get + x-identifiers: + - ApiId + - IntegrationId + - IntegrationResponseId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IntegrationResponseId') as integration_response_id, + JSON_EXTRACT(Properties, '$.ResponseTemplates') as response_templates, + JSON_EXTRACT(Properties, '$.TemplateSelectionExpression') as template_selection_expression, + JSON_EXTRACT(Properties, '$.ResponseParameters') as response_parameters, + JSON_EXTRACT(Properties, '$.ContentHandlingStrategy') as content_handling_strategy, + JSON_EXTRACT(Properties, '$.IntegrationId') as integration_id, + JSON_EXTRACT(Properties, '$.IntegrationResponseKey') as integration_response_key, + JSON_EXTRACT(Properties, '$.ApiId') as api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::IntegrationResponse' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IntegrationResponseId') as integration_response_id, + json_extract_path_text(Properties, 'ResponseTemplates') as response_templates, + json_extract_path_text(Properties, 'TemplateSelectionExpression') as template_selection_expression, + json_extract_path_text(Properties, 'ResponseParameters') as response_parameters, + json_extract_path_text(Properties, 'ContentHandlingStrategy') as content_handling_strategy, + json_extract_path_text(Properties, 'IntegrationId') as integration_id, + json_extract_path_text(Properties, 'IntegrationResponseKey') as integration_response_key, + json_extract_path_text(Properties, 'ApiId') as api_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::IntegrationResponse' + AND data__Identifier = '' + AND region = 'us-east-1' + models: + name: models + id: awscc.apigatewayv2.models + x-cfn-schema-name: Model + x-type: list + x-identifiers: + - ApiId + - ModelId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.ModelId') as model_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Model' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'ModelId') as model_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Model' + AND region = 'us-east-1' + model: + name: model + id: awscc.apigatewayv2.model + x-cfn-schema-name: Model + x-type: get + x-identifiers: + - ApiId + - ModelId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ModelId') as model_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ContentType') as content_type, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Model' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ModelId') as model_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ContentType') as content_type, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Model' + AND data__Identifier = '' + AND region = 'us-east-1' + routes: + name: routes + id: awscc.apigatewayv2.routes + x-cfn-schema-name: Route + x-type: list + x-identifiers: + - ApiId + - RouteId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.RouteId') as route_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Route' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'RouteId') as route_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::Route' + AND region = 'us-east-1' + route: + name: route + id: awscc.apigatewayv2.route + x-cfn-schema-name: Route + x-type: get + x-identifiers: + - ApiId + - RouteId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RouteId') as route_id, + JSON_EXTRACT(Properties, '$.RouteResponseSelectionExpression') as route_response_selection_expression, + JSON_EXTRACT(Properties, '$.RequestModels') as request_models, + JSON_EXTRACT(Properties, '$.OperationName') as operation_name, + JSON_EXTRACT(Properties, '$.AuthorizationScopes') as authorization_scopes, + JSON_EXTRACT(Properties, '$.ApiKeyRequired') as api_key_required, + JSON_EXTRACT(Properties, '$.RouteKey') as route_key, + JSON_EXTRACT(Properties, '$.AuthorizationType') as authorization_type, + JSON_EXTRACT(Properties, '$.ModelSelectionExpression') as model_selection_expression, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.RequestParameters') as request_parameters, + JSON_EXTRACT(Properties, '$.Target') as target, + JSON_EXTRACT(Properties, '$.AuthorizerId') as authorizer_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Route' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RouteId') as route_id, + json_extract_path_text(Properties, 'RouteResponseSelectionExpression') as route_response_selection_expression, + json_extract_path_text(Properties, 'RequestModels') as request_models, + json_extract_path_text(Properties, 'OperationName') as operation_name, + json_extract_path_text(Properties, 'AuthorizationScopes') as authorization_scopes, + json_extract_path_text(Properties, 'ApiKeyRequired') as api_key_required, + json_extract_path_text(Properties, 'RouteKey') as route_key, + json_extract_path_text(Properties, 'AuthorizationType') as authorization_type, + json_extract_path_text(Properties, 'ModelSelectionExpression') as model_selection_expression, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'RequestParameters') as request_parameters, + json_extract_path_text(Properties, 'Target') as target, + json_extract_path_text(Properties, 'AuthorizerId') as authorizer_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::Route' + AND data__Identifier = '' + AND region = 'us-east-1' + route_responses: + name: route_responses + id: awscc.apigatewayv2.route_responses + x-cfn-schema-name: RouteResponse + x-type: list + x-identifiers: + - ApiId + - RouteId + - RouteResponseId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.RouteId') as route_id, + JSON_EXTRACT(Properties, '$.RouteResponseId') as route_response_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::RouteResponse' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'RouteId') as route_id, + json_extract_path_text(Properties, 'RouteResponseId') as route_response_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::RouteResponse' + AND region = 'us-east-1' + route_response: + name: route_response + id: awscc.apigatewayv2.route_response + x-cfn-schema-name: RouteResponse + x-type: get + x-identifiers: + - ApiId + - RouteId + - RouteResponseId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RouteResponseKey') as route_response_key, + JSON_EXTRACT(Properties, '$.ResponseParameters') as response_parameters, + JSON_EXTRACT(Properties, '$.RouteId') as route_id, + JSON_EXTRACT(Properties, '$.ModelSelectionExpression') as model_selection_expression, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.ResponseModels') as response_models, + JSON_EXTRACT(Properties, '$.RouteResponseId') as route_response_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::RouteResponse' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RouteResponseKey') as route_response_key, + json_extract_path_text(Properties, 'ResponseParameters') as response_parameters, + json_extract_path_text(Properties, 'RouteId') as route_id, + json_extract_path_text(Properties, 'ModelSelectionExpression') as model_selection_expression, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'ResponseModels') as response_models, + json_extract_path_text(Properties, 'RouteResponseId') as route_response_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::RouteResponse' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_links: + name: vpc_links + id: awscc.apigatewayv2.vpc_links + x-cfn-schema-name: VpcLink + x-type: list + x-identifiers: + - VpcLinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VpcLinkId') as vpc_link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::VpcLink' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VpcLinkId') as vpc_link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApiGatewayV2::VpcLink' + AND region = 'us-east-1' + vpc_link: + name: vpc_link + id: awscc.apigatewayv2.vpc_link + x-cfn-schema-name: VpcLink + x-type: get + x-identifiers: + - VpcLinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VpcLinkId') as vpc_link_id, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::VpcLink' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VpcLinkId') as vpc_link_id, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApiGatewayV2::VpcLink' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/appconfig.yaml b/providers/src/awscc/v00.00.00000/services/appconfig.yaml new file mode 100644 index 00000000..e814ac81 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/appconfig.yaml @@ -0,0 +1,929 @@ +openapi: 3.0.0 +info: + title: AppConfig + version: 1.0.0 +paths: {} +components: + schemas: + Tags: + description: Metadata to assign to the configuration profile. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. + type: object + properties: + Key: + type: string + description: The key-value string map. The tag key can be up to 128 characters and must not start with aws:. + minLength: 1 + maxLength: 128 + pattern: ^(?!aws:.)[a-zA-Z0-9 +=._:/-]*$ + Value: + type: string + description: The tag value can be up to 256 characters. + minLength: 0 + maxLength: 256 + additionalProperties: false + Application: + type: object + properties: + Description: + type: string + description: A description of the application. + ApplicationId: + type: string + description: The application Id + Tags: + type: array + description: Metadata to assign to the application. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. + uniqueItems: true + items: + $ref: '#/components/schemas/Tags' + x-insertionOrder: false + Name: + type: string + description: A name for the application. + required: + - Name + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationId + x-read-only-properties: + - ApplicationId + x-required-permissions: + create: + - appconfig:CreateApplication + - appconfig:GetApplication + - appconfig:ListTagsForResource + - appconfig:TagResource + read: + - appconfig:GetApplication + - appconfig:ListTagsForResource + update: + - appconfig:UpdateApplication + - appconfig:TagResource + - appconfig:UntagResource + delete: + - appconfig:GetApplication + - appconfig:DeleteApplication + list: + - appconfig:ListApplications + Validators: + description: A list of methods for validating the configuration. + type: object + additionalProperties: false + properties: + Type: + type: string + description: AWS AppConfig supports validators of type JSON_SCHEMA and LAMBDA. + Content: + type: string + description: Either the JSON Schema content or the Amazon Resource Name (ARN) of an Lambda function. + minLength: 0 + maxLength: 32768 + ConfigurationProfile: + type: object + properties: + LocationUri: + type: string + description: A URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object. + minLength: 1 + maxLength: 2048 + Type: + type: string + description: 'The type of configurations contained in the profile. When calling this API, enter one of the following values for Type: AWS.AppConfig.FeatureFlags, AWS.Freeform' + pattern: ^[a-zA-Z\.]+ + Description: + type: string + description: A description of the configuration profile. + minLength: 0 + maxLength: 1024 + Validators: + type: array + description: A list of methods for validating the configuration. + uniqueItems: false + items: + $ref: '#/components/schemas/Validators' + x-insertionOrder: false + maxItems: 2 + RetrievalRoleArn: + type: string + description: The ARN of an IAM role with permission to access the configuration at the specified LocationUri. + minLength: 20 + maxLength: 2048 + pattern: ^((arn):(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):(iam)::\d{12}:role[/].*)$ + ConfigurationProfileId: + type: string + description: The configuration profile ID + ApplicationId: + type: string + description: The application ID. + pattern: '[a-z0-9]{4,7}' + Tags: + type: array + description: Metadata to assign to the configuration profile. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. + uniqueItems: false + items: + $ref: '#/components/schemas/Tags' + x-insertionOrder: false + Name: + type: string + description: A name for the configuration profile. + minLength: 1 + maxLength: 128 + KmsKeyIdentifier: + type: string + description: The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated. + pattern: ^[\da-f]{8}-[\da-f]{4}-[\da-f]{4}-[\da-f]{4}-[\da-f]{12}|alias/[a-zA-Z0-9/_-]{1,250}|arn:aws[a-zA-Z-]*:kms:[a-z]{2}(-gov|-iso(b?))?-[a-z]+-\d{1}:\d{12}:(key/[0-9a-f-]{36}|alias/[a-zA-Z0-9/_-]{1,250})$ + KmsKeyArn: + type: string + description: The Amazon Resource Name of the AWS Key Management Service key to encrypt new configuration data versions in the AWS AppConfig hosted configuration store. This attribute is only used for hosted configuration types. To encrypt data managed in other configuration stores, see the documentation for how to specify an AWS KMS key for that particular service. + minLength: 20 + maxLength: 2048 + pattern: arn:(aws[a-zA-Z-]*)?:[a-z]+:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:[a-zA-Z0-9-_/:.]+ + required: + - LocationUri + - ApplicationId + - Name + x-stackql-resource-name: configuration_profile + x-stackql-primaryIdentifier: + - ApplicationId + - ConfigurationProfileId + x-create-only-properties: + - LocationUri + - Type + - ApplicationId + x-read-only-properties: + - ConfigurationProfileId + - KmsKeyArn + x-required-permissions: + create: + - appconfig:CreateConfigurationProfile + - appconfig:GetConfigurationProfile + - appconfig:TagResource + - appconfig:ListTagsForResource + - iam:PassRole + read: + - appconfig:GetConfigurationProfile + - appconfig:ListTagsForResource + update: + - appconfig:UpdateConfigurationProfile + - appconfig:TagResource + - appconfig:UntagResource + - iam:PassRole + delete: + - appconfig:DeleteConfigurationProfile + list: + - appconfig:ListConfigurationProfiles + Monitor: + type: object + description: Amazon CloudWatch alarm to monitor during the deployment process. + additionalProperties: false + properties: + AlarmArn: + type: string + description: Amazon Resource Name (ARN) of the Amazon CloudWatch alarm. + minLength: 1 + maxLength: 2048 + AlarmRoleArn: + type: string + description: ARN of an AWS Identity and Access Management (IAM) role for AWS AppConfig to monitor AlarmArn. + minLength: 20 + maxLength: 2048 + pattern: ^((arn):(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):(iam)::\d{12}:role[/].*)$ + required: + - AlarmArn + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Environment: + type: object + properties: + EnvironmentId: + type: string + description: The environment ID. + pattern: '[a-z0-9]{4,7}' + ApplicationId: + type: string + description: The application ID. + pattern: '[a-z0-9]{4,7}' + Name: + type: string + description: A name for the environment. + minLength: 1 + maxLength: 64 + Description: + type: string + description: A description of the environment. + minLength: 0 + maxLength: 1024 + Monitors: + type: array + description: Amazon CloudWatch alarms to monitor during the deployment process. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Monitor' + minItems: 0 + maxItems: 5 + Tags: + type: array + description: Metadata to assign to the environment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + required: + - Name + - ApplicationId + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - ApplicationId + - EnvironmentId + x-create-only-properties: + - ApplicationId + x-read-only-properties: + - EnvironmentId + x-required-permissions: + create: + - appconfig:CreateEnvironment + - appconfig:GetEnvironment + - appconfig:ListTagsForResource + - appconfig:TagResource + - iam:PassRole + read: + - appconfig:GetEnvironment + - appconfig:ListTagsForResource + update: + - appconfig:UpdateEnvironment + - appconfig:TagResource + - appconfig:UntagResource + - iam:PassRole + delete: + - appconfig:GetEnvironment + - appconfig:DeleteEnvironment + list: + - appconfig:ListEnvironments + Actions: + description: A list of actions for an extension to take at a specific action point. + uniqueItems: true + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Action' + Action: + description: An action for an extension to take at a specific action point. + type: object + properties: + Name: + type: string + description: The name of the extension action. + minLength: 1 + maxLength: 128 + Description: + type: string + description: The description of the extension Action. + minLength: 0 + maxLength: 1024 + Uri: + type: string + description: The URI of the extension action. + minLength: 1 + maxLength: 2048 + RoleArn: + type: string + description: The ARN of the role for invoking the extension action. + minLength: 20 + maxLength: 2048 + required: + - Name + - Uri + additionalProperties: false + Parameter: + description: A parameter for the extension to send to a specific action. + type: object + properties: + Description: + type: string + description: The description of the extension Parameter. + minLength: 0 + maxLength: 1024 + Required: + type: boolean + required: + - Required + additionalProperties: false + Extension: + type: object + properties: + Id: + type: string + Arn: + type: string + VersionNumber: + type: integer + Name: + description: Name of the extension. + type: string + Description: + description: Description of the extension. + type: string + Actions: + type: object + x-patternProperties: + ^.+$: + $ref: '#/components/schemas/Actions' + additionalProperties: false + Parameters: + type: object + x-patternProperties: + ^.+$: + $ref: '#/components/schemas/Parameter' + additionalProperties: false + LatestVersionNumber: + type: integer + Tags: + description: An array of key-value tags to apply to this resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Actions + x-stackql-resource-name: extension + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + - Tags + - Tags/*/Key + - Tags/*/Value + x-read-only-properties: + - Id + - Arn + - VersionNumber + x-required-permissions: + create: + - appconfig:CreateExtension + - appconfig:TagResource + - iam:PassRole + read: + - appconfig:GetExtension + update: + - appconfig:UpdateExtension + - appconfig:TagResource + - appconfig:UntagResource + delete: + - appconfig:DeleteExtension + - appconfig:UntagResource + list: + - appconfig:ListExtensions + ExtensionAssociation: + type: object + properties: + Id: + type: string + Arn: + type: string + ExtensionArn: + type: string + ResourceArn: + type: string + ExtensionIdentifier: + type: string + ResourceIdentifier: + type: string + ExtensionVersionNumber: + type: integer + Parameters: + type: object + x-patternProperties: + ^.+$: + type: string + additionalProperties: false + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: extension_association + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ExtensionIdentifier + - ResourceIdentifier + - ExtensionVersionNumber + - Tags + - Tags/*/Key + - Tags/*/Value + x-read-only-properties: + - Id + - Arn + - ResourceArn + - ExtensionArn + x-required-permissions: + create: + - appconfig:CreateExtensionAssociation + - appconfig:TagResource + read: + - appconfig:GetExtensionAssociation + update: + - appconfig:UpdateExtensionAssociation + - appconfig:TagResource + - appconfig:UntagResource + delete: + - appconfig:DeleteExtensionAssociation + - appconfig:UntagResource + list: + - appconfig:ListExtensionAssociations + HostedConfigurationVersion: + type: object + properties: + ApplicationId: + type: string + description: The application ID. + pattern: '[a-z0-9]{4,7}' + ConfigurationProfileId: + type: string + description: The configuration profile ID. + pattern: '[a-z0-9]{4,7}' + VersionNumber: + type: string + description: Current version number of hosted configuration version. + Description: + type: string + description: A description of the hosted configuration version. + minLength: 0 + maxLength: 1024 + Content: + type: string + description: The content of the configuration or the configuration data. + ContentType: + type: string + description: A standard MIME type describing the format of the configuration content. + minLength: 1 + maxLength: 255 + LatestVersionNumber: + type: integer + description: An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version. + VersionLabel: + type: string + description: A user-defined label for an AWS AppConfig hosted configuration version. + pattern: ^$|.*[^0-9].* + minLength: 0 + maxLength: 64 + required: + - ApplicationId + - ConfigurationProfileId + - Content + - ContentType + x-stackql-resource-name: hosted_configuration_version + x-stackql-primaryIdentifier: + - ApplicationId + - ConfigurationProfileId + - VersionNumber + x-create-only-properties: + - ApplicationId + - ConfigurationProfileId + - Description + - Content + - ContentType + - LatestVersionNumber + - VersionLabel + x-read-only-properties: + - VersionNumber + x-required-permissions: + create: + - appconfig:CreateHostedConfigurationVersion + read: + - appconfig:GetHostedConfigurationVersion + delete: + - appconfig:DeleteHostedConfigurationVersion + list: + - appconfig:ListHostedConfigurationVersions + x-stackQL-resources: + applications: + name: applications + id: awscc.appconfig.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.appconfig.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + configuration_profiles: + name: configuration_profiles + id: awscc.appconfig.configuration_profiles + x-cfn-schema-name: ConfigurationProfile + x-type: list + x-identifiers: + - ApplicationId + - ConfigurationProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.ConfigurationProfileId') as configuration_profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::ConfigurationProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'ConfigurationProfileId') as configuration_profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::ConfigurationProfile' + AND region = 'us-east-1' + configuration_profile: + name: configuration_profile + id: awscc.appconfig.configuration_profile + x-cfn-schema-name: ConfigurationProfile + x-type: get + x-identifiers: + - ApplicationId + - ConfigurationProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Validators') as validators, + JSON_EXTRACT(Properties, '$.RetrievalRoleArn') as retrieval_role_arn, + JSON_EXTRACT(Properties, '$.ConfigurationProfileId') as configuration_profile_id, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.KmsKeyIdentifier') as kms_key_identifier, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::ConfigurationProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationUri') as location_uri, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Validators') as validators, + json_extract_path_text(Properties, 'RetrievalRoleArn') as retrieval_role_arn, + json_extract_path_text(Properties, 'ConfigurationProfileId') as configuration_profile_id, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'KmsKeyIdentifier') as kms_key_identifier, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::ConfigurationProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + environments: + name: environments + id: awscc.appconfig.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - ApplicationId + - EnvironmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.appconfig.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - ApplicationId + - EnvironmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Monitors') as monitors, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Monitors') as monitors, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + extensions: + name: extensions + id: awscc.appconfig.extensions + x-cfn-schema-name: Extension + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::Extension' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::Extension' + AND region = 'us-east-1' + extension: + name: extension + id: awscc.appconfig.extension + x-cfn-schema-name: Extension + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.VersionNumber') as version_number, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.LatestVersionNumber') as latest_version_number, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::Extension' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'VersionNumber') as version_number, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'LatestVersionNumber') as latest_version_number, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::Extension' + AND data__Identifier = '' + AND region = 'us-east-1' + extension_associations: + name: extension_associations + id: awscc.appconfig.extension_associations + x-cfn-schema-name: ExtensionAssociation + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::ExtensionAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::ExtensionAssociation' + AND region = 'us-east-1' + extension_association: + name: extension_association + id: awscc.appconfig.extension_association + x-cfn-schema-name: ExtensionAssociation + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ExtensionArn') as extension_arn, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.ExtensionIdentifier') as extension_identifier, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier, + JSON_EXTRACT(Properties, '$.ExtensionVersionNumber') as extension_version_number, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::ExtensionAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ExtensionArn') as extension_arn, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'ExtensionIdentifier') as extension_identifier, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier, + json_extract_path_text(Properties, 'ExtensionVersionNumber') as extension_version_number, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::ExtensionAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + hosted_configuration_versions: + name: hosted_configuration_versions + id: awscc.appconfig.hosted_configuration_versions + x-cfn-schema-name: HostedConfigurationVersion + x-type: list + x-identifiers: + - ApplicationId + - ConfigurationProfileId + - VersionNumber + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.ConfigurationProfileId') as configuration_profile_id, + JSON_EXTRACT(Properties, '$.VersionNumber') as version_number + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::HostedConfigurationVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'ConfigurationProfileId') as configuration_profile_id, + json_extract_path_text(Properties, 'VersionNumber') as version_number + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppConfig::HostedConfigurationVersion' + AND region = 'us-east-1' + hosted_configuration_version: + name: hosted_configuration_version + id: awscc.appconfig.hosted_configuration_version + x-cfn-schema-name: HostedConfigurationVersion + x-type: get + x-identifiers: + - ApplicationId + - ConfigurationProfileId + - VersionNumber + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.ConfigurationProfileId') as configuration_profile_id, + JSON_EXTRACT(Properties, '$.VersionNumber') as version_number, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.ContentType') as content_type, + JSON_EXTRACT(Properties, '$.LatestVersionNumber') as latest_version_number, + JSON_EXTRACT(Properties, '$.VersionLabel') as version_label + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::HostedConfigurationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'ConfigurationProfileId') as configuration_profile_id, + json_extract_path_text(Properties, 'VersionNumber') as version_number, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'ContentType') as content_type, + json_extract_path_text(Properties, 'LatestVersionNumber') as latest_version_number, + json_extract_path_text(Properties, 'VersionLabel') as version_label + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppConfig::HostedConfigurationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/appflow.yaml b/providers/src/awscc/v00.00.00000/services/appflow.yaml new file mode 100644 index 00000000..b157812d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/appflow.yaml @@ -0,0 +1,2479 @@ +openapi: 3.0.0 +info: + title: AppFlow + version: 1.0.0 +paths: {} +components: + schemas: + ConnectorProvisioningConfig: + description: Contains information about the configuration of the connector being registered. + type: object + properties: + Lambda: + description: Contains information about the configuration of the lambda which is being registered as the connector. + $ref: '#/components/schemas/LambdaConnectorProvisioningConfig' + additionalProperties: false + LambdaConnectorProvisioningConfig: + description: Contains information about the configuration of the lambda which is being registered as the connector. + type: object + properties: + LambdaArn: + description: Lambda ARN of the connector being registered. + type: string + pattern: arn:*:.*:.*:[0-9]+:.* + maxLength: 512 + required: + - LambdaArn + additionalProperties: false + Connector: + type: object + properties: + ConnectorLabel: + description: ' The name of the connector. The name is unique for each ConnectorRegistration in your AWS account.' + type: string + pattern: '[a-zA-Z0-9][\w!@#.-]+' + maxLength: 512 + ConnectorArn: + description: ' The arn of the connector. The arn is unique for each ConnectorRegistration in your AWS account.' + type: string + pattern: arn:*:appflow:.*:[0-9]+:.* + maxLength: 512 + ConnectorProvisioningType: + description: 'The provisioning type of the connector. Currently the only supported value is LAMBDA. ' + type: string + pattern: '[a-zA-Z0-9][\w!@#.-]+' + maxLength: 256 + minLength: 1 + ConnectorProvisioningConfig: + description: Contains information about the configuration of the connector being registered. + $ref: '#/components/schemas/ConnectorProvisioningConfig' + Description: + description: A description about the connector that's being registered. + type: string + pattern: '[\s\w/!@#+=.-]*' + maxLength: 2048 + required: + - ConnectorProvisioningType + - ConnectorProvisioningConfig + x-stackql-resource-name: connector + x-stackql-primaryIdentifier: + - ConnectorLabel + x-create-only-properties: + - ConnectorLabel + x-read-only-properties: + - ConnectorArn + x-required-permissions: + create: + - appflow:RegisterConnector + - lambda:InvokeFunction + read: + - appflow:DescribeConnector + delete: + - appflow:UnRegisterConnector + list: + - appflow:ListConnectors + update: + - appflow:UpdateConnectorRegistration + - lambda:InvokeFunction + ConnectorType: + type: string + enum: + - SAPOData + - Salesforce + - Pardot + - Singular + - Slack + - Redshift + - S3 + - Marketo + - Googleanalytics + - Zendesk + - Servicenow + - Datadog + - Trendmicro + - Snowflake + - Dynatrace + - Infornexus + - Amplitude + - Veeva + - CustomConnector + - EventBridge + - Upsolver + - LookoutMetrics + ConnectorProfileConfig: + description: Connector specific configurations needed to create connector profile + type: object + properties: + ConnectorProfileProperties: + $ref: '#/components/schemas/ConnectorProfileProperties' + ConnectorProfileCredentials: + $ref: '#/components/schemas/ConnectorProfileCredentials' + ConnectorProfileProperties: + description: Connector specific properties needed to create connector profile - currently not needed for Amplitude, Trendmicro, Googleanalytics and Singular + type: object + properties: + Datadog: + $ref: '#/components/schemas/DatadogConnectorProfileProperties' + Dynatrace: + $ref: '#/components/schemas/DynatraceConnectorProfileProperties' + InforNexus: + $ref: '#/components/schemas/InforNexusConnectorProfileProperties' + Marketo: + $ref: '#/components/schemas/MarketoConnectorProfileProperties' + Redshift: + $ref: '#/components/schemas/RedshiftConnectorProfileProperties' + SAPOData: + $ref: '#/components/schemas/SAPODataConnectorProfileProperties' + Salesforce: + $ref: '#/components/schemas/SalesforceConnectorProfileProperties' + Pardot: + $ref: '#/components/schemas/PardotConnectorProfileProperties' + ServiceNow: + $ref: '#/components/schemas/ServiceNowConnectorProfileProperties' + Slack: + $ref: '#/components/schemas/SlackConnectorProfileProperties' + Snowflake: + $ref: '#/components/schemas/SnowflakeConnectorProfileProperties' + Veeva: + $ref: '#/components/schemas/VeevaConnectorProfileProperties' + Zendesk: + $ref: '#/components/schemas/ZendeskConnectorProfileProperties' + CustomConnector: + $ref: '#/components/schemas/CustomConnectorProfileProperties' + ConnectorProfileCredentials: + description: Connector specific configuration needed to create connector profile based on Authentication mechanism + type: object + properties: + Amplitude: + $ref: '#/components/schemas/AmplitudeConnectorProfileCredentials' + Datadog: + $ref: '#/components/schemas/DatadogConnectorProfileCredentials' + Dynatrace: + $ref: '#/components/schemas/DynatraceConnectorProfileCredentials' + GoogleAnalytics: + $ref: '#/components/schemas/GoogleAnalyticsConnectorProfileCredentials' + InforNexus: + $ref: '#/components/schemas/InforNexusConnectorProfileCredentials' + Marketo: + $ref: '#/components/schemas/MarketoConnectorProfileCredentials' + Redshift: + $ref: '#/components/schemas/RedshiftConnectorProfileCredentials' + SAPOData: + $ref: '#/components/schemas/SAPODataConnectorProfileCredentials' + Salesforce: + $ref: '#/components/schemas/SalesforceConnectorProfileCredentials' + Pardot: + $ref: '#/components/schemas/PardotConnectorProfileCredentials' + ServiceNow: + $ref: '#/components/schemas/ServiceNowConnectorProfileCredentials' + Singular: + $ref: '#/components/schemas/SingularConnectorProfileCredentials' + Slack: + $ref: '#/components/schemas/SlackConnectorProfileCredentials' + Snowflake: + $ref: '#/components/schemas/SnowflakeConnectorProfileCredentials' + Trendmicro: + $ref: '#/components/schemas/TrendmicroConnectorProfileCredentials' + Veeva: + $ref: '#/components/schemas/VeevaConnectorProfileCredentials' + Zendesk: + $ref: '#/components/schemas/ZendeskConnectorProfileCredentials' + CustomConnector: + $ref: '#/components/schemas/CustomConnectorProfileCredentials' + AmplitudeConnectorProfileCredentials: + type: object + required: + - ApiKey + - SecretKey + properties: + ApiKey: + description: A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. + $ref: '#/components/schemas/ApiKey' + SecretKey: + $ref: '#/components/schemas/SecretKey' + DatadogConnectorProfileCredentials: + type: object + required: + - ApiKey + - ApplicationKey + properties: + ApiKey: + description: A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. + $ref: '#/components/schemas/ApiKey' + ApplicationKey: + description: Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API. + $ref: '#/components/schemas/ApplicationKey' + DatadogConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the Datadog resource + $ref: '#/components/schemas/InstanceUrl' + DynatraceConnectorProfileCredentials: + type: object + required: + - ApiToken + properties: + ApiToken: + description: The API tokens used by Dynatrace API to authenticate various API calls. + $ref: '#/components/schemas/ApiToken' + DynatraceConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the Dynatrace resource + $ref: '#/components/schemas/InstanceUrl' + GoogleAnalyticsConnectorProfileCredentials: + type: object + required: + - ClientId + - ClientSecret + properties: + ClientId: + description: The identifier for the desired client. + $ref: '#/components/schemas/ClientId' + ClientSecret: + description: The client secret used by the oauth client to authenticate to the authorization server. + $ref: '#/components/schemas/ClientSecret' + AccessToken: + description: The credentials used to access protected resources. + $ref: '#/components/schemas/AccessToken' + RefreshToken: + description: The credentials used to acquire new access tokens. + $ref: '#/components/schemas/RefreshToken' + ConnectorOAuthRequest: + description: The oauth needed to request security tokens from the connector endpoint. + $ref: '#/components/schemas/ConnectorOAuthRequest' + InforNexusConnectorProfileCredentials: + type: object + required: + - AccessKeyId + - UserId + - SecretAccessKey + - Datakey + properties: + AccessKeyId: + description: The Access Key portion of the credentials. + $ref: '#/components/schemas/AccessKeyId' + UserId: + description: The identifier for the user. + $ref: '#/components/schemas/Username' + SecretAccessKey: + description: The secret key used to sign requests. + $ref: '#/components/schemas/Key' + Datakey: + description: The encryption keys used to encrypt data. + $ref: '#/components/schemas/Key' + InforNexusConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the InforNexus resource + $ref: '#/components/schemas/InstanceUrl' + MarketoConnectorProfileCredentials: + type: object + required: + - ClientId + - ClientSecret + properties: + ClientId: + description: The identifier for the desired client. + $ref: '#/components/schemas/ClientId' + ClientSecret: + description: The client secret used by the oauth client to authenticate to the authorization server. + $ref: '#/components/schemas/ClientSecret' + AccessToken: + description: The credentials used to access protected resources. + $ref: '#/components/schemas/AccessToken' + ConnectorOAuthRequest: + description: The oauth needed to request security tokens from the connector endpoint. + $ref: '#/components/schemas/ConnectorOAuthRequest' + MarketoConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the Marketo resource + $ref: '#/components/schemas/InstanceUrl' + RedshiftConnectorProfileCredentials: + type: object + properties: + Username: + description: The name of the user. + $ref: '#/components/schemas/Username' + Password: + description: The password that corresponds to the username. + $ref: '#/components/schemas/Password' + RedshiftConnectorProfileProperties: + type: object + required: + - BucketName + - RoleArn + properties: + DatabaseUrl: + description: The JDBC URL of the Amazon Redshift cluster. + $ref: '#/components/schemas/DatabaseUrl' + BucketName: + description: The name of the Amazon S3 bucket associated with Redshift. + $ref: '#/components/schemas/BucketName' + BucketPrefix: + description: The object key for the destination bucket in which Amazon AppFlow will place the files. + $ref: '#/components/schemas/BucketPrefix' + RoleArn: + description: The Amazon Resource Name (ARN) of the IAM role. + $ref: '#/components/schemas/RoleArn' + IsRedshiftServerless: + description: If Amazon AppFlow will connect to Amazon Redshift Serverless or Amazon Redshift cluster. + type: boolean + DataApiRoleArn: + description: The Amazon Resource Name (ARN) of the IAM role that grants Amazon AppFlow access to the data through the Amazon Redshift Data API. + $ref: '#/components/schemas/DataApiRoleArn' + ClusterIdentifier: + description: The unique identifier of the Amazon Redshift cluster. + $ref: '#/components/schemas/ClusterIdentifier' + WorkgroupName: + description: The name of the Amazon Redshift serverless workgroup + $ref: '#/components/schemas/WorkgroupName' + DatabaseName: + description: The name of the Amazon Redshift database that will store the transferred data. + $ref: '#/components/schemas/DatabaseName' + SAPODataConnectorProfileCredentials: + type: object + properties: + BasicAuthCredentials: + $ref: '#/components/schemas/BasicAuthCredentials' + OAuthCredentials: + type: object + properties: + AccessToken: + $ref: '#/components/schemas/AccessToken' + RefreshToken: + $ref: '#/components/schemas/RefreshToken' + ConnectorOAuthRequest: + $ref: '#/components/schemas/ConnectorOAuthRequest' + ClientId: + $ref: '#/components/schemas/ClientId' + ClientSecret: + $ref: '#/components/schemas/ClientSecret' + SAPODataConnectorProfileProperties: + type: object + properties: + ApplicationHostUrl: + $ref: '#/components/schemas/ApplicationHostUrl' + ApplicationServicePath: + $ref: '#/components/schemas/ApplicationServicePath' + PortNumber: + $ref: '#/components/schemas/PortNumber' + ClientNumber: + $ref: '#/components/schemas/ClientNumber' + LogonLanguage: + $ref: '#/components/schemas/LogonLanguage' + PrivateLinkServiceName: + $ref: '#/components/schemas/PrivateLinkServiceName' + OAuthProperties: + $ref: '#/components/schemas/OAuthProperties' + DisableSSO: + description: If you set this parameter to true, Amazon AppFlow bypasses the single sign-on (SSO) settings in your SAP account when it accesses your SAP OData instance. + type: boolean + SalesforceConnectorProfileCredentials: + type: object + properties: + AccessToken: + description: The credentials used to access protected resources. + $ref: '#/components/schemas/AccessToken' + RefreshToken: + description: The credentials used to acquire new access tokens. + $ref: '#/components/schemas/RefreshToken' + ConnectorOAuthRequest: + description: The oauth needed to request security tokens from the connector endpoint. + $ref: '#/components/schemas/ConnectorOAuthRequest' + ClientCredentialsArn: + description: The client credentials to fetch access token and refresh token. + $ref: '#/components/schemas/ClientCredentialsArn' + OAuth2GrantType: + description: The grant types to fetch an access token + $ref: '#/components/schemas/OAuth2GrantType' + JwtToken: + description: The credentials used to access your Salesforce records + $ref: '#/components/schemas/JwtToken' + SalesforceConnectorProfileProperties: + type: object + properties: + InstanceUrl: + description: The location of the Salesforce resource + $ref: '#/components/schemas/InstanceUrl' + isSandboxEnvironment: + description: Indicates whether the connector profile applies to a sandbox or production environment + type: boolean + usePrivateLinkForMetadataAndAuthorization: + description: Indicates whether to make Metadata And Authorization calls over Pivate Network + type: boolean + PardotConnectorProfileProperties: + type: object + required: + - BusinessUnitId + properties: + InstanceUrl: + description: The location of the Salesforce Pardot resource + $ref: '#/components/schemas/InstanceUrl' + IsSandboxEnvironment: + description: Indicates whether the connector profile applies to a demo or production environment + type: boolean + BusinessUnitId: + description: The Business unit id of Salesforce Pardot instance to be connected + $ref: '#/components/schemas/BusinessUnitId' + PardotConnectorProfileCredentials: + type: object + properties: + AccessToken: + description: The credentials used to access protected resources. + $ref: '#/components/schemas/AccessToken' + RefreshToken: + description: The credentials used to acquire new access tokens. + $ref: '#/components/schemas/RefreshToken' + ConnectorOAuthRequest: + description: The oauth needed to request security tokens from the connector endpoint. + $ref: '#/components/schemas/ConnectorOAuthRequest' + ClientCredentialsArn: + description: The client credentials to fetch access token and refresh token. + $ref: '#/components/schemas/ClientCredentialsArn' + ServiceNowConnectorProfileCredentials: + type: object + properties: + Username: + description: The name of the user. + $ref: '#/components/schemas/Username' + Password: + description: The password that corresponds to the username. + $ref: '#/components/schemas/Password' + OAuth2Credentials: + description: The OAuth 2.0 credentials required to authenticate the user. + $ref: '#/components/schemas/OAuth2Credentials' + ServiceNowConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the ServiceNow resource + $ref: '#/components/schemas/InstanceUrl' + SingularConnectorProfileCredentials: + type: object + required: + - ApiKey + properties: + ApiKey: + description: A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. + $ref: '#/components/schemas/ApiKey' + SlackConnectorProfileCredentials: + type: object + required: + - ClientId + - ClientSecret + properties: + ClientId: + description: The identifier for the desired client. + $ref: '#/components/schemas/ClientId' + ClientSecret: + description: The client secret used by the oauth client to authenticate to the authorization server. + $ref: '#/components/schemas/ClientSecret' + AccessToken: + description: The credentials used to access protected resources. + $ref: '#/components/schemas/AccessToken' + ConnectorOAuthRequest: + description: The oauth needed to request security tokens from the connector endpoint. + $ref: '#/components/schemas/ConnectorOAuthRequest' + SlackConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the Slack resource + $ref: '#/components/schemas/InstanceUrl' + SnowflakeConnectorProfileCredentials: + type: object + required: + - Username + - Password + properties: + Username: + description: The name of the user. + $ref: '#/components/schemas/Username' + Password: + description: The password that corresponds to the username. + $ref: '#/components/schemas/Password' + SnowflakeConnectorProfileProperties: + type: object + required: + - Warehouse + - Stage + - BucketName + properties: + Warehouse: + description: The name of the Snowflake warehouse. + $ref: '#/components/schemas/Warehouse' + Stage: + description: |- + The name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the + Snowflake account. This is written in the following format: < Database>< Schema>. + $ref: '#/components/schemas/Stage' + BucketName: + description: The name of the Amazon S3 bucket associated with Snowflake. + $ref: '#/components/schemas/BucketName' + BucketPrefix: + description: The bucket prefix that refers to the Amazon S3 bucket associated with Snowflake. + $ref: '#/components/schemas/BucketPrefix' + PrivateLinkServiceName: + description: The Snowflake Private Link service name to be used for private data transfers. + $ref: '#/components/schemas/PrivateLinkServiceName' + AccountName: + description: The name of the account. + $ref: '#/components/schemas/AccountName' + Region: + description: The region of the Snowflake account. + $ref: '#/components/schemas/Region' + TrendmicroConnectorProfileCredentials: + type: object + required: + - ApiSecretKey + properties: + ApiSecretKey: + description: The Secret Access Key portion of the credentials. + $ref: '#/components/schemas/ApiSecretKey' + VeevaConnectorProfileCredentials: + type: object + required: + - Username + - Password + properties: + Username: + description: The name of the user. + $ref: '#/components/schemas/Username' + Password: + description: The password that corresponds to the username. + $ref: '#/components/schemas/Password' + VeevaConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the Veeva resource + $ref: '#/components/schemas/InstanceUrl' + ZendeskConnectorProfileCredentials: + type: object + required: + - ClientId + - ClientSecret + properties: + ClientId: + description: The identifier for the desired client. + $ref: '#/components/schemas/ClientId' + ClientSecret: + description: The client secret used by the oauth client to authenticate to the authorization server. + $ref: '#/components/schemas/ClientSecret' + AccessToken: + description: The credentials used to access protected resources. + $ref: '#/components/schemas/AccessToken' + ConnectorOAuthRequest: + description: The oauth needed to request security tokens from the connector endpoint. + $ref: '#/components/schemas/ConnectorOAuthRequest' + ZendeskConnectorProfileProperties: + type: object + required: + - InstanceUrl + properties: + InstanceUrl: + description: The location of the Zendesk resource + $ref: '#/components/schemas/InstanceUrl' + CustomConnectorProfileCredentials: + type: object + required: + - AuthenticationType + properties: + AuthenticationType: + $ref: '#/components/schemas/AuthenticationType' + Basic: + $ref: '#/components/schemas/BasicAuthCredentials' + Oauth2: + $ref: '#/components/schemas/OAuth2Credentials' + ApiKey: + $ref: '#/components/schemas/ApiKeyCredentials' + Custom: + $ref: '#/components/schemas/CustomAuthCredentials' + additionalProperties: false + CustomConnectorProfileProperties: + type: object + properties: + ProfileProperties: + $ref: '#/components/schemas/ProfileProperties' + OAuth2Properties: + $ref: '#/components/schemas/OAuth2Properties' + additionalProperties: false + ApiKeyCredentials: + type: object + required: + - ApiKey + properties: + ApiKey: + $ref: '#/components/schemas/ApiKey' + ApiSecretKey: + $ref: '#/components/schemas/ApiSecretKey' + additionalProperties: false + CustomAuthCredentials: + type: object + required: + - CustomAuthenticationType + properties: + CustomAuthenticationType: + $ref: '#/components/schemas/CustomAuthenticationType' + CredentialsMap: + $ref: '#/components/schemas/CredentialsMap' + additionalProperties: false + CredentialsMap: + description: A map for properties for custom authentication. + type: object + x-patternProperties: + ^[\w]{1,128}$: + description: A string containing the value for the property + type: string + minLength: 1 + maxLength: 2048 + pattern: \S+ + required: [] + additionalProperties: false + OAuth2Credentials: + type: object + properties: + ClientId: + $ref: '#/components/schemas/ClientId' + ClientSecret: + $ref: '#/components/schemas/ClientSecret' + AccessToken: + $ref: '#/components/schemas/AccessToken' + RefreshToken: + $ref: '#/components/schemas/RefreshToken' + OAuthRequest: + $ref: '#/components/schemas/ConnectorOAuthRequest' + additionalProperties: false + BasicAuthCredentials: + type: object + required: + - Username + - Password + properties: + Username: + $ref: '#/components/schemas/Username' + Password: + $ref: '#/components/schemas/Password' + additionalProperties: false + AuthenticationType: + type: string + enum: + - OAUTH2 + - APIKEY + - BASIC + - CUSTOM + OAuth2Properties: + type: object + properties: + TokenUrl: + type: string + minLength: 0 + maxLength: 256 + pattern: ^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|] + OAuth2GrantType: + $ref: '#/components/schemas/OAuth2GrantType' + TokenUrlCustomProperties: + $ref: '#/components/schemas/TokenUrlCustomProperties' + additionalProperties: false + ProfileProperties: + description: A map for properties for custom connector. + type: object + x-patternProperties: + ^[\w]{1,256}$: + description: A string containing the value for the property + type: string + minLength: 1 + maxLength: 2048 + pattern: \S+ + required: [] + additionalProperties: false + OAuth2GrantType: + type: string + enum: + - CLIENT_CREDENTIALS + - AUTHORIZATION_CODE + - JWT_BEARER + TokenUrlCustomProperties: + description: A map for properties for custom connector Token Url. + type: object + x-patternProperties: + ^[\w]{1,128}$: + description: A string containing the value for the property + type: string + minLength: 1 + maxLength: 2048 + pattern: \S+ + required: [] + additionalProperties: false + CustomAuthenticationType: + type: string + pattern: \S+ + maxLength: 256 + ClientId: + type: string + pattern: \S+ + maxLength: 512 + ClientSecret: + type: string + pattern: \S+ + maxLength: 512 + InstanceUrl: + type: string + pattern: \S+ + maxLength: 256 + AccessToken: + type: string + pattern: \S+ + maxLength: 4096 + ApiKey: + type: string + pattern: \S+ + maxLength: 256 + ApiSecretKey: + type: string + pattern: \S+ + maxLength: 256 + ApiToken: + type: string + pattern: \S+ + maxLength: 256 + ApplicationKey: + type: string + pattern: \S+ + maxLength: 512 + AuthCode: + type: string + pattern: \S+ + maxLength: 4096 + BucketName: + type: string + minLength: 3 + maxLength: 63 + pattern: \S+ + BucketPrefix: + type: string + maxLength: 512 + Key: + type: string + pattern: \S+ + maxLength: 512 + DatabaseUrl: + type: string + pattern: \S+ + maxLength: 512 + RoleArn: + type: string + pattern: arn:aws:iam:.*:[0-9]+:.* + maxLength: 512 + DataApiRoleArn: + type: string + pattern: arn:aws:iam:.*:[0-9]+:.* + maxLength: 512 + ClusterIdentifier: + type: string + pattern: \S+ + maxLength: 512 + WorkgroupName: + type: string + pattern: \S+ + maxLength: 512 + DatabaseName: + type: string + pattern: \S+ + maxLength: 512 + Warehouse: + type: string + pattern: '[\s\w/!@#+=.-]*' + maxLength: 512 + Stage: + type: string + pattern: \S+ + maxLength: 512 + PrivateLinkServiceName: + type: string + pattern: \S+ + maxLength: 512 + AccountName: + type: string + pattern: \S+ + maxLength: 512 + JwtToken: + type: string + pattern: ^[A-Za-z0-9-_=]+\.[A-Za-z0-9-_=]+\.[A-Za-z0-9-_.+/=]*$ + maxLength: 8000 + RefreshToken: + type: string + pattern: \S+ + maxLength: 4096 + Region: + type: string + pattern: \S+ + maxLength: 64 + SecretKey: + type: string + pattern: \S+ + maxLength: 256 + AccessKeyId: + type: string + pattern: \S+ + maxLength: 256 + Username: + type: string + pattern: \S+ + maxLength: 512 + Password: + type: string + pattern: \S+ + maxLength: 512 + BusinessUnitId: + type: string + pattern: \S+ + maxLength: 18 + ConnectorOAuthRequest: + type: object + properties: + AuthCode: + description: The code provided by the connector when it has been authenticated via the connected app. + type: string + RedirectUri: + description: |- + The URL to which the authentication server redirects the browser after authorization has been + granted. + type: string + ClientCredentialsArn: + type: string + pattern: arn:aws:secretsmanager:.*:[0-9]+:.* + maxLength: 2048 + ApplicationHostUrl: + type: string + maxLength: 256 + pattern: ^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|] + ApplicationServicePath: + type: string + pattern: \S+ + maxLength: 512 + ClientNumber: + type: string + pattern: ^\d{3}$ + minLength: 3 + maxLength: 3 + LogonLanguage: + type: string + pattern: ^[a-zA-Z0-9_]*$ + maxLength: 2 + PortNumber: + type: integer + minimum: 1 + maximum: 65535 + OAuthProperties: + type: object + properties: + AuthCodeUrl: + type: string + maxLength: 256 + pattern: ^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|] + TokenUrl: + type: string + maxLength: 256 + pattern: ^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|] + OAuthScopes: + type: array + uniqueItems: true + items: + type: string + maxLength: 128 + pattern: '[/\w]*' + ConnectorProfile: + type: object + properties: + ConnectorProfileArn: + description: Unique identifier for connector profile resources + type: string + pattern: arn:aws:appflow:.*:[0-9]+:.* + maxLength: 512 + ConnectorLabel: + description: The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for CUSTOMCONNECTOR connector type/. + type: string + pattern: '[\w!@#.-]+' + maxLength: 256 + ConnectorProfileName: + description: The maximum number of items to retrieve in a single batch. + type: string + pattern: '[\w/!@#+=.-]+' + maxLength: 256 + KMSArn: + description: The ARN of the AWS Key Management Service (AWS KMS) key that's used to encrypt your function's environment variables. If it's not provided, AWS Lambda uses a default service key. + type: string + pattern: arn:aws:kms:.*:[0-9]+:.* + maxLength: 2048 + minLength: 20 + ConnectorType: + description: List of Saas providers that need connector profile to be created + $ref: '#/components/schemas/ConnectorType' + ConnectionMode: + description: Mode in which data transfer should be enabled. Private connection mode is currently enabled for Salesforce, Snowflake, Trendmicro and Singular + type: string + enum: + - Public + - Private + ConnectorProfileConfig: + description: Connector specific configurations needed to create connector profile + $ref: '#/components/schemas/ConnectorProfileConfig' + CredentialsArn: + description: A unique Arn for Connector-Profile resource + type: string + pattern: arn:aws:.*:.*:[0-9]+:.* + maxLength: 512 + required: + - ConnectorProfileName + - ConnectionMode + - ConnectorType + x-stackql-resource-name: connector_profile + x-stackql-primaryIdentifier: + - ConnectorProfileName + x-create-only-properties: + - ConnectorProfileName + - ConnectorType + - ConnectorLabel + x-read-only-properties: + - ConnectorProfileArn + - CredentialsArn + x-required-permissions: + create: + - appflow:CreateConnectorProfile + - kms:ListKeys + - kms:DescribeKey + - kms:ListAliases + - kms:CreateGrant + - kms:ListGrants + - iam:PassRole + - secretsmanager:CreateSecret + - secretsmanager:GetSecretValue + - secretsmanager:PutResourcePolicy + delete: + - appflow:DeleteConnectorProfile + list: + - appflow:DescribeConnectorProfiles + read: + - appflow:DescribeConnectorProfiles + update: + - appflow:UpdateConnectorProfile + - kms:ListKeys + - kms:DescribeKey + - kms:ListAliases + - kms:CreateGrant + - kms:ListGrants + - iam:PassRole + - secretsmanager:CreateSecret + - secretsmanager:GetSecretValue + - secretsmanager:PutResourcePolicy + TriggerConfig: + description: Trigger settings of the flow. + type: object + properties: + TriggerType: + description: Trigger type of the flow + $ref: '#/components/schemas/TriggerType' + TriggerProperties: + description: Details required based on the type of trigger + $ref: '#/components/schemas/ScheduledTriggerProperties' + required: + - TriggerType + additionalProperties: false + SourceFlowConfig: + description: Configurations of Source connector of the flow. + type: object + properties: + ConnectorType: + description: Type of source connector + $ref: '#/components/schemas/ConnectorType' + ApiVersion: + description: The API version that the destination connector uses. + $ref: '#/components/schemas/ApiVersion' + ConnectorProfileName: + description: Name of source connector profile + $ref: '#/components/schemas/ConnectorProfileName' + SourceConnectorProperties: + description: Source connector details required to query a connector + $ref: '#/components/schemas/SourceConnectorProperties' + IncrementalPullConfig: + description: Configuration for scheduled incremental data pull + $ref: '#/components/schemas/IncrementalPullConfig' + required: + - ConnectorType + - SourceConnectorProperties + additionalProperties: false + DestinationFlowConfig: + description: Configurations of destination connector. + type: object + properties: + ConnectorType: + description: Destination connector type + $ref: '#/components/schemas/ConnectorType' + ApiVersion: + description: The API version that the destination connector uses. + $ref: '#/components/schemas/ApiVersion' + ConnectorProfileName: + description: Name of destination connector profile + $ref: '#/components/schemas/ConnectorProfileName' + DestinationConnectorProperties: + description: Destination connector details + $ref: '#/components/schemas/DestinationConnectorProperties' + required: + - ConnectorType + - DestinationConnectorProperties + additionalProperties: false + Task: + type: object + properties: + SourceFields: + description: Source fields on which particular task will be applied + type: array + items: + type: string + ConnectorOperator: + description: Operation to be performed on provided source fields + $ref: '#/components/schemas/ConnectorOperator' + DestinationField: + description: A field value on which source field should be validated + type: string + maxLength: 256 + TaskType: + description: Type of task + $ref: '#/components/schemas/TaskType' + TaskProperties: + description: A Map used to store task related info + type: array + items: + $ref: '#/components/schemas/TaskPropertiesObject' + required: + - SourceFields + - TaskType + additionalProperties: false + Tag: + description: A label for tagging AppFlow resources + type: object + properties: + Key: + description: A string used to identify this tag + type: string + minLength: 1 + maxLength: 128 + Value: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + MetadataCatalogConfig: + description: Configurations of metadata catalog of the flow. + type: object + properties: + GlueDataCatalog: + description: Configurations of glue data catalog of the flow. + $ref: '#/components/schemas/GlueDataCatalog' + additionalProperties: false + GlueDataCatalog: + description: Trigger settings of the flow. + type: object + properties: + RoleArn: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 512 + pattern: arn:aws:iam:.*:[0-9]+:.* + DatabaseName: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 255 + pattern: '[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\t]*' + TablePrefix: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 128 + pattern: '[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\t]*' + required: + - RoleArn + - DatabaseName + - TablePrefix + additionalProperties: false + DestinationConnectorProperties: + description: Destination connector details + type: object + properties: + Redshift: + $ref: '#/components/schemas/RedshiftDestinationProperties' + S3: + $ref: '#/components/schemas/S3DestinationProperties' + Salesforce: + $ref: '#/components/schemas/SalesforceDestinationProperties' + Snowflake: + $ref: '#/components/schemas/SnowflakeDestinationProperties' + EventBridge: + $ref: '#/components/schemas/EventBridgeDestinationProperties' + Upsolver: + $ref: '#/components/schemas/UpsolverDestinationProperties' + LookoutMetrics: + $ref: '#/components/schemas/LookoutMetricsDestinationProperties' + Marketo: + $ref: '#/components/schemas/MarketoDestinationProperties' + Zendesk: + $ref: '#/components/schemas/ZendeskDestinationProperties' + CustomConnector: + $ref: '#/components/schemas/CustomConnectorDestinationProperties' + SAPOData: + $ref: '#/components/schemas/SAPODataDestinationProperties' + IncrementalPullConfig: + description: Configuration for scheduled incremental data pull + type: object + properties: + DatetimeTypeFieldName: + $ref: '#/components/schemas/DatetimeTypeFieldName' + SourceConnectorProperties: + description: Source connector details required to query a connector + type: object + properties: + Amplitude: + $ref: '#/components/schemas/AmplitudeSourceProperties' + Datadog: + $ref: '#/components/schemas/DatadogSourceProperties' + Dynatrace: + $ref: '#/components/schemas/DynatraceSourceProperties' + GoogleAnalytics: + $ref: '#/components/schemas/GoogleAnalyticsSourceProperties' + InforNexus: + $ref: '#/components/schemas/InforNexusSourceProperties' + Marketo: + $ref: '#/components/schemas/MarketoSourceProperties' + S3: + $ref: '#/components/schemas/S3SourceProperties' + SAPOData: + $ref: '#/components/schemas/SAPODataSourceProperties' + Salesforce: + $ref: '#/components/schemas/SalesforceSourceProperties' + Pardot: + $ref: '#/components/schemas/PardotSourceProperties' + ServiceNow: + $ref: '#/components/schemas/ServiceNowSourceProperties' + Singular: + $ref: '#/components/schemas/SingularSourceProperties' + Slack: + $ref: '#/components/schemas/SlackSourceProperties' + Trendmicro: + $ref: '#/components/schemas/TrendmicroSourceProperties' + Veeva: + $ref: '#/components/schemas/VeevaSourceProperties' + Zendesk: + $ref: '#/components/schemas/ZendeskSourceProperties' + CustomConnector: + $ref: '#/components/schemas/CustomConnectorSourceProperties' + ConnectorOperator: + description: Operation to be performed on provided source fields + type: object + properties: + Amplitude: + $ref: '#/components/schemas/AmplitudeConnectorOperator' + Datadog: + $ref: '#/components/schemas/DatadogConnectorOperator' + Dynatrace: + $ref: '#/components/schemas/DynatraceConnectorOperator' + GoogleAnalytics: + $ref: '#/components/schemas/GoogleAnalyticsConnectorOperator' + InforNexus: + $ref: '#/components/schemas/InforNexusConnectorOperator' + Marketo: + $ref: '#/components/schemas/MarketoConnectorOperator' + S3: + $ref: '#/components/schemas/S3ConnectorOperator' + SAPOData: + $ref: '#/components/schemas/SAPODataConnectorOperator' + Salesforce: + $ref: '#/components/schemas/SalesforceConnectorOperator' + Pardot: + $ref: '#/components/schemas/PardotConnectorOperator' + ServiceNow: + $ref: '#/components/schemas/ServiceNowConnectorOperator' + Singular: + $ref: '#/components/schemas/SingularConnectorOperator' + Slack: + $ref: '#/components/schemas/SlackConnectorOperator' + Trendmicro: + $ref: '#/components/schemas/TrendmicroConnectorOperator' + Veeva: + $ref: '#/components/schemas/VeevaConnectorOperator' + Zendesk: + $ref: '#/components/schemas/ZendeskConnectorOperator' + CustomConnector: + $ref: '#/components/schemas/Operator' + ScheduledTriggerProperties: + description: Details required for scheduled trigger type + type: object + properties: + ScheduleExpression: + type: string + minLength: 1 + maxLength: 256 + DataPullMode: + type: string + enum: + - Incremental + - Complete + ScheduleStartTime: + type: number + ScheduleEndTime: + type: number + FirstExecutionFrom: + type: number + TimeZone: + type: string + maxLength: 256 + ScheduleOffset: + type: number + minimum: 0 + maximum: 36000 + FlowErrorDeactivationThreshold: + type: integer + minimum: 1 + maximum: 100 + required: + - ScheduleExpression + additionalProperties: false + CustomProperties: + description: A map for properties for custom connector. + type: object + x-patternProperties: + ^[\w]{1,2048}$: + description: A string containing the value for the property + type: string + minLength: 1 + maxLength: 2048 + pattern: \S+ + required: [] + additionalProperties: false + TriggerType: + type: string + enum: + - Scheduled + - Event + - OnDemand + Object: + type: string + maxLength: 512 + pattern: \S+ + EntityName: + type: string + maxLength: 1024 + pattern: \S+ + EnableDynamicFieldUpdate: + type: boolean + IncludeDeletedRecords: + type: boolean + IncludeAllVersions: + type: boolean + IncludeRenditions: + type: boolean + IncludeSourceFiles: + type: boolean + DocumentType: + type: string + maxLength: 512 + pattern: '[\s\w_-]+' + UpsolverBucketName: + type: string + minLength: 16 + maxLength: 63 + pattern: ^(upsolver-appflow)\S* + S3InputFormatConfig: + type: object + properties: + S3InputFileType: + type: string + enum: + - CSV + - JSON + ErrorHandlingConfig: + type: object + properties: + FailOnFirstError: + type: boolean + BucketPrefix: + $ref: '#/components/schemas/BucketPrefix' + BucketName: + $ref: '#/components/schemas/BucketName' + additionalProperties: false + SuccessResponseHandlingConfig: + type: object + properties: + BucketPrefix: + $ref: '#/components/schemas/BucketPrefix' + BucketName: + $ref: '#/components/schemas/BucketName' + additionalProperties: false + Name: + type: string + maxLength: 128 + pattern: \S+ + WriteOperationType: + type: string + enum: + - INSERT + - UPSERT + - UPDATE + - DELETE + FileType: + type: string + enum: + - CSV + - JSON + - PARQUET + AggregationType: + type: string + enum: + - None + - SingleFile + TargetFileSize: + type: integer + PreserveSourceDataTyping: + type: boolean + PrefixType: + type: string + enum: + - FILENAME + - PATH + - PATH_AND_FILENAME + PrefixFormat: + type: string + enum: + - YEAR + - MONTH + - DAY + - HOUR + - MINUTE + PathPrefixHierarchy: + type: array + items: + $ref: '#/components/schemas/PathPrefix' + PathPrefix: + type: string + enum: + - EXECUTION_ID + - SCHEMA_VERSION + PrefixConfig: + type: object + properties: + PrefixType: + $ref: '#/components/schemas/PrefixType' + PrefixFormat: + $ref: '#/components/schemas/PrefixFormat' + PathPrefixHierarchy: + $ref: '#/components/schemas/PathPrefixHierarchy' + additionalProperties: false + AggregationConfig: + type: object + properties: + AggregationType: + $ref: '#/components/schemas/AggregationType' + TargetFileSize: + $ref: '#/components/schemas/TargetFileSize' + S3OutputFormatConfig: + type: object + properties: + FileType: + $ref: '#/components/schemas/FileType' + PrefixConfig: + $ref: '#/components/schemas/PrefixConfig' + AggregationConfig: + $ref: '#/components/schemas/AggregationConfig' + PreserveSourceDataTyping: + $ref: '#/components/schemas/PreserveSourceDataTyping' + additionalProperties: false + UpsolverS3OutputFormatConfig: + type: object + properties: + FileType: + $ref: '#/components/schemas/FileType' + PrefixConfig: + $ref: '#/components/schemas/PrefixConfig' + AggregationConfig: + $ref: '#/components/schemas/AggregationConfig' + required: + - PrefixConfig + additionalProperties: false + ApiVersion: + description: The API version that the connector will use. + type: string + pattern: \S+ + maxLength: 256 + ConnectorProfileName: + description: Name of connector profile + type: string + pattern: '[\w/!@#+=.-]+' + maxLength: 256 + AmplitudeSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + DatadogSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + DynatraceSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + GoogleAnalyticsSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + InforNexusSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + MarketoSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + S3SourceProperties: + type: object + properties: + BucketName: + $ref: '#/components/schemas/BucketName' + BucketPrefix: + $ref: '#/components/schemas/BucketPrefix' + S3InputFormatConfig: + $ref: '#/components/schemas/S3InputFormatConfig' + required: + - BucketName + - BucketPrefix + additionalProperties: false + SAPODataSourceProperties: + type: object + properties: + ObjectPath: + $ref: '#/components/schemas/Object' + parallelismConfig: + $ref: '#/components/schemas/SAPODataParallelismConfig' + paginationConfig: + $ref: '#/components/schemas/SAPODataPaginationConfig' + required: + - ObjectPath + additionalProperties: false + SalesforceSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + EnableDynamicFieldUpdate: + $ref: '#/components/schemas/EnableDynamicFieldUpdate' + IncludeDeletedRecords: + $ref: '#/components/schemas/IncludeDeletedRecords' + DataTransferApi: + $ref: '#/components/schemas/DataTransferApi' + required: + - Object + additionalProperties: false + PardotSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + ServiceNowSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + SingularSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + SlackSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + TrendmicroSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + VeevaSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + DocumentType: + $ref: '#/components/schemas/DocumentType' + IncludeSourceFiles: + $ref: '#/components/schemas/IncludeSourceFiles' + IncludeRenditions: + $ref: '#/components/schemas/IncludeRenditions' + IncludeAllVersions: + $ref: '#/components/schemas/IncludeAllVersions' + required: + - Object + additionalProperties: false + ZendeskSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + CustomConnectorSourceProperties: + type: object + properties: + EntityName: + $ref: '#/components/schemas/EntityName' + CustomProperties: + $ref: '#/components/schemas/CustomProperties' + DataTransferApi: + type: object + properties: + Name: + type: string + maxLength: 64 + pattern: '[\w/-]+' + Type: + type: string + enum: + - SYNC + - ASYNC + - AUTOMATIC + required: + - Name + - Type + additionalProperties: false + required: + - EntityName + additionalProperties: false + CustomConnectorDestinationProperties: + type: object + properties: + EntityName: + $ref: '#/components/schemas/EntityName' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + WriteOperationType: + $ref: '#/components/schemas/WriteOperationType' + IdFieldNames: + description: List of fields used as ID when performing a write operation. + type: array + items: + type: string + CustomProperties: + $ref: '#/components/schemas/CustomProperties' + required: + - EntityName + additionalProperties: false + ZendeskDestinationProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + IdFieldNames: + description: List of fields used as ID when performing a write operation. + type: array + items: + type: string + WriteOperationType: + $ref: '#/components/schemas/WriteOperationType' + required: + - Object + additionalProperties: false + RedshiftDestinationProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + IntermediateBucketName: + $ref: '#/components/schemas/BucketName' + BucketPrefix: + $ref: '#/components/schemas/BucketPrefix' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + required: + - Object + - IntermediateBucketName + additionalProperties: false + S3DestinationProperties: + type: object + properties: + BucketName: + $ref: '#/components/schemas/BucketName' + BucketPrefix: + $ref: '#/components/schemas/BucketPrefix' + S3OutputFormatConfig: + $ref: '#/components/schemas/S3OutputFormatConfig' + required: + - BucketName + additionalProperties: false + SAPODataDestinationProperties: + type: object + properties: + ObjectPath: + $ref: '#/components/schemas/Object' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + SuccessResponseHandlingConfig: + $ref: '#/components/schemas/SuccessResponseHandlingConfig' + IdFieldNames: + description: List of fields used as ID when performing a write operation. + type: array + items: + type: string + WriteOperationType: + $ref: '#/components/schemas/WriteOperationType' + required: + - ObjectPath + additionalProperties: false + SalesforceDestinationProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + IdFieldNames: + description: List of fields used as ID when performing a write operation. + type: array + items: + type: string + WriteOperationType: + $ref: '#/components/schemas/WriteOperationType' + DataTransferApi: + $ref: '#/components/schemas/DataTransferApi' + required: + - Object + additionalProperties: false + SnowflakeDestinationProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + IntermediateBucketName: + $ref: '#/components/schemas/BucketName' + BucketPrefix: + $ref: '#/components/schemas/BucketPrefix' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + required: + - Object + - IntermediateBucketName + additionalProperties: false + EventBridgeDestinationProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + required: + - Object + additionalProperties: false + UpsolverDestinationProperties: + type: object + properties: + BucketName: + $ref: '#/components/schemas/UpsolverBucketName' + BucketPrefix: + $ref: '#/components/schemas/BucketPrefix' + S3OutputFormatConfig: + $ref: '#/components/schemas/UpsolverS3OutputFormatConfig' + required: + - BucketName + - S3OutputFormatConfig + additionalProperties: false + LookoutMetricsDestinationProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + additionalProperties: false + MarketoDestinationProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + ErrorHandlingConfig: + $ref: '#/components/schemas/ErrorHandlingConfig' + required: + - Object + additionalProperties: false + DatetimeTypeFieldName: + description: Name of the datetime/timestamp data type field to be used for importing incremental records from the source + type: string + maxLength: 256 + TaskType: + type: string + enum: + - Arithmetic + - Filter + - Map + - Map_all + - Mask + - Merge + - Passthrough + - Truncate + - Validate + - Partition + OperatorPropertiesKeys: + type: string + enum: + - VALUE + - VALUES + - DATA_TYPE + - UPPER_BOUND + - LOWER_BOUND + - SOURCE_DATA_TYPE + - DESTINATION_DATA_TYPE + - VALIDATION_ACTION + - MASK_VALUE + - MASK_LENGTH + - TRUNCATE_LENGTH + - MATH_OPERATION_FIELDS_ORDER + - CONCAT_FORMAT + - SUBFIELD_CATEGORY_MAP + - EXCLUDE_SOURCE_FIELDS_LIST + - INCLUDE_NEW_FIELDS + - ORDERED_PARTITION_KEYS_LIST + TaskPropertiesObject: + description: An object used to store task related info + type: object + properties: + Key: + $ref: '#/components/schemas/OperatorPropertiesKeys' + Value: + type: string + maxLength: 2048 + pattern: .+ + required: + - Key + - Value + additionalProperties: false + AmplitudeConnectorOperator: + type: string + enum: + - BETWEEN + DatadogConnectorOperator: + type: string + enum: + - PROJECTION + - BETWEEN + - EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + DynatraceConnectorOperator: + type: string + enum: + - PROJECTION + - BETWEEN + - EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + GoogleAnalyticsConnectorOperator: + type: string + enum: + - PROJECTION + - BETWEEN + InforNexusConnectorOperator: + type: string + enum: + - PROJECTION + - BETWEEN + - EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + MarketoConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - BETWEEN + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + S3ConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + SAPODataConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - CONTAINS + - GREATER_THAN + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + SalesforceConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - CONTAINS + - GREATER_THAN + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + PardotConnectorOperator: + type: string + enum: + - PROJECTION + - EQUAL_TO + - NO_OP + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + ServiceNowConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - CONTAINS + - GREATER_THAN + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + SingularConnectorOperator: + type: string + enum: + - PROJECTION + - EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + SlackConnectorOperator: + type: string + enum: + - PROJECTION + - BETWEEN + - EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + TrendmicroConnectorOperator: + type: string + enum: + - PROJECTION + - EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + VeevaConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + ZendeskConnectorOperator: + type: string + enum: + - PROJECTION + - GREATER_THAN + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + Operator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - CONTAINS + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + Status: + type: string + enum: + - Active + - Draft + - Errored + - Suspended + DataTransferApi: + type: string + enum: + - AUTOMATIC + - BULKV2 + - REST_SYNC + SAPODataParallelismConfig: + description: SAP Source connector parallelism factor + type: object + properties: + maxParallelism: + $ref: '#/components/schemas/SAPODataMaxParallelism' + required: + - maxParallelism + additionalProperties: false + SAPODataPaginationConfig: + description: SAP Source connector page size + type: object + properties: + maxPageSize: + $ref: '#/components/schemas/SAPODataMaxPageSize' + required: + - maxPageSize + additionalProperties: false + SAPODataMaxParallelism: + type: integer + minimum: 1 + maximum: 10 + SAPODataMaxPageSize: + type: integer + minimum: 1 + maximum: 10000 + Flow: + type: object + properties: + FlowArn: + description: ARN identifier of the flow. + type: string + pattern: arn:aws:appflow:.*:[0-9]+:.* + maxLength: 512 + FlowName: + description: Name of the flow. + type: string + pattern: '[a-zA-Z0-9][\w!@#.-]+' + maxLength: 256 + minLength: 1 + Description: + description: Description of the flow. + type: string + pattern: '[\w!@#\-.?,\s]*' + maxLength: 2048 + KMSArn: + description: The ARN of the AWS Key Management Service (AWS KMS) key that's used to encrypt your function's environment variables. If it's not provided, AWS Lambda uses a default service key. + type: string + pattern: arn:aws:kms:.*:[0-9]+:.* + maxLength: 2048 + minLength: 20 + TriggerConfig: + description: Trigger settings of the flow. + $ref: '#/components/schemas/TriggerConfig' + FlowStatus: + description: Flow activation status for Scheduled- and Event-triggered flows + type: string + enum: + - Active + - Suspended + - Draft + SourceFlowConfig: + description: Configurations of Source connector of the flow. + $ref: '#/components/schemas/SourceFlowConfig' + DestinationFlowConfigList: + description: List of Destination connectors of the flow. + type: array + items: + $ref: '#/components/schemas/DestinationFlowConfig' + Tasks: + description: List of tasks for the flow. + type: array + items: + $ref: '#/components/schemas/Task' + Tags: + description: List of Tags. + type: array + items: + $ref: '#/components/schemas/Tag' + MetadataCatalogConfig: + description: Configurations of metadata catalog of the flow. + $ref: '#/components/schemas/MetadataCatalogConfig' + required: + - FlowName + - Tasks + - SourceFlowConfig + - DestinationFlowConfigList + - TriggerConfig + x-stackql-resource-name: flow + x-stackql-primaryIdentifier: + - FlowName + x-create-only-properties: + - FlowName + - KMSArn + x-read-only-properties: + - FlowArn + x-required-permissions: + create: + - appflow:CreateFlow + - appflow:StartFlow + - appflow:TagResource + - appflow:ListTagsForResource + - appflow:UseConnectorProfile + - iam:PassRole + - s3:ListAllMyBuckets + - s3:GetBucketLocation + - s3:GetBucketPolicy + - kms:ListGrants + - kms:ListKeys + - kms:DescribeKey + - kms:ListAliases + - kms:CreateGrant + - secretsmanager:CreateSecret + - secretsmanager:PutResourcePolicy + read: + - appflow:DescribeFlow + - appflow:ListTagsForResource + update: + - appflow:UpdateFlow + - appflow:StartFlow + - appflow:StopFlow + - appflow:TagResource + - appflow:UntagResource + - appflow:ListTagsForResource + - appflow:UseConnectorProfile + - iam:PassRole + - s3:ListAllMyBuckets + - s3:GetBucketLocation + - s3:GetBucketPolicy + - kms:ListGrants + - secretsmanager:CreateSecret + - secretsmanager:PutResourcePolicy + delete: + - appflow:DeleteFlow + list: + - appflow:ListFlows + x-stackQL-resources: + connectors: + name: connectors + id: awscc.appflow.connectors + x-cfn-schema-name: Connector + x-type: list + x-identifiers: + - ConnectorLabel + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorLabel') as connector_label + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppFlow::Connector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorLabel') as connector_label + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppFlow::Connector' + AND region = 'us-east-1' + connector: + name: connector + id: awscc.appflow.connector + x-cfn-schema-name: Connector + x-type: get + x-identifiers: + - ConnectorLabel + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorLabel') as connector_label, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn, + JSON_EXTRACT(Properties, '$.ConnectorProvisioningType') as connector_provisioning_type, + JSON_EXTRACT(Properties, '$.ConnectorProvisioningConfig') as connector_provisioning_config, + JSON_EXTRACT(Properties, '$.Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppFlow::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorLabel') as connector_label, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn, + json_extract_path_text(Properties, 'ConnectorProvisioningType') as connector_provisioning_type, + json_extract_path_text(Properties, 'ConnectorProvisioningConfig') as connector_provisioning_config, + json_extract_path_text(Properties, 'Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppFlow::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' + connector_profiles: + name: connector_profiles + id: awscc.appflow.connector_profiles + x-cfn-schema-name: ConnectorProfile + x-type: list + x-identifiers: + - ConnectorProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorProfileName') as connector_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppFlow::ConnectorProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorProfileName') as connector_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppFlow::ConnectorProfile' + AND region = 'us-east-1' + connector_profile: + name: connector_profile + id: awscc.appflow.connector_profile + x-cfn-schema-name: ConnectorProfile + x-type: get + x-identifiers: + - ConnectorProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorProfileArn') as connector_profile_arn, + JSON_EXTRACT(Properties, '$.ConnectorLabel') as connector_label, + JSON_EXTRACT(Properties, '$.ConnectorProfileName') as connector_profile_name, + JSON_EXTRACT(Properties, '$.KMSArn') as k_ms_arn, + JSON_EXTRACT(Properties, '$.ConnectorType') as connector_type, + JSON_EXTRACT(Properties, '$.ConnectionMode') as connection_mode, + JSON_EXTRACT(Properties, '$.ConnectorProfileConfig') as connector_profile_config, + JSON_EXTRACT(Properties, '$.CredentialsArn') as credentials_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppFlow::ConnectorProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorProfileArn') as connector_profile_arn, + json_extract_path_text(Properties, 'ConnectorLabel') as connector_label, + json_extract_path_text(Properties, 'ConnectorProfileName') as connector_profile_name, + json_extract_path_text(Properties, 'KMSArn') as k_ms_arn, + json_extract_path_text(Properties, 'ConnectorType') as connector_type, + json_extract_path_text(Properties, 'ConnectionMode') as connection_mode, + json_extract_path_text(Properties, 'ConnectorProfileConfig') as connector_profile_config, + json_extract_path_text(Properties, 'CredentialsArn') as credentials_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppFlow::ConnectorProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + flows: + name: flows + id: awscc.appflow.flows + x-cfn-schema-name: Flow + x-type: list + x-identifiers: + - FlowName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowName') as flow_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppFlow::Flow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowName') as flow_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppFlow::Flow' + AND region = 'us-east-1' + flow: + name: flow + id: awscc.appflow.flow + x-cfn-schema-name: Flow + x-type: get + x-identifiers: + - FlowName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn, + JSON_EXTRACT(Properties, '$.FlowName') as flow_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.KMSArn') as k_ms_arn, + JSON_EXTRACT(Properties, '$.TriggerConfig') as trigger_config, + JSON_EXTRACT(Properties, '$.FlowStatus') as flow_status, + JSON_EXTRACT(Properties, '$.SourceFlowConfig') as source_flow_config, + JSON_EXTRACT(Properties, '$.DestinationFlowConfigList') as destination_flow_config_list, + JSON_EXTRACT(Properties, '$.Tasks') as tasks, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.MetadataCatalogConfig') as metadata_catalog_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppFlow::Flow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn, + json_extract_path_text(Properties, 'FlowName') as flow_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'KMSArn') as k_ms_arn, + json_extract_path_text(Properties, 'TriggerConfig') as trigger_config, + json_extract_path_text(Properties, 'FlowStatus') as flow_status, + json_extract_path_text(Properties, 'SourceFlowConfig') as source_flow_config, + json_extract_path_text(Properties, 'DestinationFlowConfigList') as destination_flow_config_list, + json_extract_path_text(Properties, 'Tasks') as tasks, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'MetadataCatalogConfig') as metadata_catalog_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppFlow::Flow' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/appintegrations.yaml b/providers/src/awscc/v00.00.00000/services/appintegrations.yaml new file mode 100644 index 00000000..374668da --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/appintegrations.yaml @@ -0,0 +1,447 @@ +openapi: 3.0.0 +info: + title: AppIntegrations + version: 1.0.0 +paths: {} +components: + schemas: + ScheduleConfig: + type: object + properties: + FirstExecutionFrom: + description: The start date for objects to import in the first flow run. Epoch or ISO timestamp format is supported. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 255 + Object: + description: The name of the object to pull from the data source. + type: string + pattern: ^[a-zA-Z0-9/\._\-]+$ + minLength: 1 + maxLength: 255 + ScheduleExpression: + description: How often the data should be pulled from data source. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 255 + additionalProperties: false + required: + - ScheduleExpression + Tag: + type: object + properties: + Key: + description: A key to identify the tag. + type: string + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + minLength: 1 + maxLength: 128 + Value: + description: Corresponding tag value for the key. + type: string + minLength: 0 + maxLength: 256 + additionalProperties: false + required: + - Key + - Value + FileConfiguration: + description: The configuration for what files should be pulled from the source. + type: object + properties: + Folders: + description: Identifiers for the source folders to pull all files from recursively. + type: array + minItems: 1 + maxItems: 10 + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 200 + Filters: + description: Restrictions for what files should be pulled from the source. + type: object + x-patternProperties: + ^[A-Za-z]: + type: array + minItems: 1 + maxItems: 2048 + items: + type: string + maxLength: 255 + minLength: 1 + additionalProperties: false + additionalProperties: false + required: + - Folders + ObjectConfiguration: + description: The configuration for what data should be pulled from the source. + type: object + x-patternProperties: + ^.+$: + type: object + patternProperties: + ^[A-Za-z]: + type: array + minItems: 1 + maxItems: 2048 + items: + type: string + maxLength: 255 + minLength: 1 + additionalProperties: false + additionalProperties: false + DataIntegration: + type: object + properties: + Description: + description: The data integration description. + type: string + minLength: 1 + maxLength: 1000 + Id: + description: The unique identifer of the data integration. + type: string + pattern: '[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}' + minLength: 1 + maxLength: 255 + DataIntegrationArn: + description: The Amazon Resource Name (ARN) of the data integration. + type: string + pattern: ^arn:aws[-a-z]*:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + minLength: 1 + maxLength: 2048 + Name: + description: The name of the data integration. + type: string + pattern: ^[a-zA-Z0-9/\._\-]+$ + minLength: 1 + maxLength: 255 + KmsKey: + description: The KMS key of the data integration. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 255 + ScheduleConfig: + description: The name of the data and how often it should be pulled from the source. + $ref: '#/components/schemas/ScheduleConfig' + SourceURI: + description: The URI of the data source. + type: string + pattern: ^(\w+\:\/\/[\w.-]+[\w/!@#+=.-]+$)|(\w+\:\/\/[\w.-]+[\w/!@#+=.-]+[\w/!@#+=.-]+[\w/!@#+=.,-]+$) + minLength: 1 + maxLength: 1000 + Tags: + description: The tags (keys and values) associated with the data integration. + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 200 + FileConfiguration: + description: The configuration for what files should be pulled from the source. + $ref: '#/components/schemas/FileConfiguration' + ObjectConfiguration: + description: The configuration for what data should be pulled from the source. + $ref: '#/components/schemas/ObjectConfiguration' + required: + - Name + - KmsKey + - SourceURI + x-stackql-resource-name: data_integration + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - KmsKey + - ScheduleConfig + - SourceURI + x-read-only-properties: + - Id + - DataIntegrationArn + x-required-permissions: + create: + - app-integrations:CreateDataIntegration + - app-integrations:TagResource + - appflow:DescribeConnectorProfiles + - appflow:CreateFlow + - appflow:DeleteFlow + - appflow:DescribeConnectorEntity + - appflow:UseConnectorProfile + - appflow:TagResource + - appflow:UntagResource + - kms:CreateGrant + - kms:DescribeKey + - kms:ListAliases + - kms:ListGrants + - kms:ListKeys + - s3:GetBucketNotification + - s3:PutBucketNotification + - s3:GetEncryptionConfiguration + read: + - app-integrations:GetDataIntegration + - app-integrations:ListTagsForResource + list: + - app-integrations:ListDataIntegrations + update: + - app-integrations:GetDataIntegration + - app-integrations:UpdateDataIntegration + - app-integrations:TagResource + - app-integrations:UntagResource + - appflow:DescribeConnectorProfiles + - appflow:DeleteFlow + - appflow:DescribeConnectorEntity + - appflow:UseConnectorProfile + - appflow:TagResource + - appflow:UntagResource + - kms:CreateGrant + - kms:DescribeKey + - kms:ListAliases + - kms:ListGrants + - kms:ListKeys + delete: + - app-integrations:DeleteDataIntegration + - app-integrations:UntagResource + - appflow:CreateFlow + - appflow:DeleteFlow + - appflow:DescribeConnectorEntity + - appflow:UseConnectorProfile + - appflow:TagResource + - appflow:UntagResource + - kms:CreateGrant + - kms:DescribeKey + - kms:ListAliases + - kms:ListGrants + - kms:ListKeys + EventFilter: + type: object + properties: + Source: + description: The source of the events. + type: string + pattern: ^aws\.partner\/.*$ + minLength: 1 + maxLength: 256 + additionalProperties: false + required: + - Source + Metadata: + type: object + properties: + Key: + description: A key to identify the metadata. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 255 + Value: + description: Corresponding metadata value for the key. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 255 + additionalProperties: false + required: + - Key + - Value + EventIntegration: + type: object + properties: + Description: + description: The event integration description. + type: string + minLength: 1 + maxLength: 1000 + EventIntegrationArn: + description: The Amazon Resource Name (ARN) of the event integration. + type: string + pattern: ^arn:aws[-a-z]*:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + minLength: 1 + maxLength: 2048 + Name: + description: The name of the event integration. + type: string + pattern: ^[a-zA-Z0-9/\._\-]+$ + minLength: 1 + maxLength: 255 + EventBridgeBus: + description: The Amazon Eventbridge bus for the event integration. + type: string + pattern: ^[a-zA-Z0-9/\._\-]+$ + minLength: 1 + maxLength: 255 + EventFilter: + description: The EventFilter (source) associated with the event integration. + $ref: '#/components/schemas/EventFilter' + Tags: + description: The tags (keys and values) associated with the event integration. + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 200 + required: + - Name + - EventBridgeBus + - EventFilter + x-stackql-resource-name: event_integration + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - EventBridgeBus + - EventFilter + x-read-only-properties: + - EventIntegrationArn + x-required-permissions: + create: + - app-integrations:CreateEventIntegration + - app-integrations:TagResource + read: + - app-integrations:GetEventIntegration + - app-integrations:ListTagsForResource + list: + - app-integrations:ListEventIntegrations + update: + - app-integrations:GetEventIntegration + - app-integrations:UpdateEventIntegration + - app-integrations:TagResource + - app-integrations:UntagResource + delete: + - app-integrations:DeleteEventIntegration + x-stackQL-resources: + data_integrations: + name: data_integrations + id: awscc.appintegrations.data_integrations + x-cfn-schema-name: DataIntegration + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppIntegrations::DataIntegration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppIntegrations::DataIntegration' + AND region = 'us-east-1' + data_integration: + name: data_integration + id: awscc.appintegrations.data_integration + x-cfn-schema-name: DataIntegration + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.DataIntegrationArn') as data_integration_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.KmsKey') as kms_key, + JSON_EXTRACT(Properties, '$.ScheduleConfig') as schedule_config, + JSON_EXTRACT(Properties, '$.SourceURI') as source_ur_i, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.FileConfiguration') as file_configuration, + JSON_EXTRACT(Properties, '$.ObjectConfiguration') as object_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppIntegrations::DataIntegration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'DataIntegrationArn') as data_integration_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'KmsKey') as kms_key, + json_extract_path_text(Properties, 'ScheduleConfig') as schedule_config, + json_extract_path_text(Properties, 'SourceURI') as source_ur_i, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'FileConfiguration') as file_configuration, + json_extract_path_text(Properties, 'ObjectConfiguration') as object_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppIntegrations::DataIntegration' + AND data__Identifier = '' + AND region = 'us-east-1' + event_integrations: + name: event_integrations + id: awscc.appintegrations.event_integrations + x-cfn-schema-name: EventIntegration + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppIntegrations::EventIntegration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppIntegrations::EventIntegration' + AND region = 'us-east-1' + event_integration: + name: event_integration + id: awscc.appintegrations.event_integration + x-cfn-schema-name: EventIntegration + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EventIntegrationArn') as event_integration_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.EventBridgeBus') as event_bridge_bus, + JSON_EXTRACT(Properties, '$.EventFilter') as event_filter, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppIntegrations::EventIntegration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EventIntegrationArn') as event_integration_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'EventBridgeBus') as event_bridge_bus, + json_extract_path_text(Properties, 'EventFilter') as event_filter, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppIntegrations::EventIntegration' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/applicationautoscaling.yaml b/providers/src/awscc/v00.00.00000/services/applicationautoscaling.yaml new file mode 100644 index 00000000..8246cd31 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/applicationautoscaling.yaml @@ -0,0 +1,535 @@ +openapi: 3.0.0 +info: + title: ApplicationAutoScaling + version: 1.0.0 +paths: {} +components: + schemas: + SuspendedState: + type: object + additionalProperties: false + description: specifies whether the scaling activities for a scalable target are in a suspended state + properties: + ScheduledScalingSuspended: + type: boolean + DynamicScalingOutSuspended: + type: boolean + DynamicScalingInSuspended: + type: boolean + ScheduledAction: + type: object + additionalProperties: false + description: specifies a scheduled action for a scalable target + properties: + Timezone: + type: string + ScheduledActionName: + type: string + EndTime: + type: string + Schedule: + type: string + StartTime: + type: string + ScalableTargetAction: + $ref: '#/components/schemas/ScalableTargetAction' + required: + - ScheduledActionName + - Schedule + ScalableTargetAction: + type: object + additionalProperties: false + description: specifies the minimum and maximum capacity + properties: + MinCapacity: + type: integer + MaxCapacity: + type: integer + ScalableTarget: + type: object + properties: + Id: + description: This value can be returned by using the Ref function. Ref returns the Cloudformation generated ID of the resource in format - ResourceId|ScalableDimension|ServiceNamespace + type: string + MaxCapacity: + description: The maximum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand + type: integer + MinCapacity: + description: The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand + type: integer + ResourceId: + description: The identifier of the resource associated with the scalable target + type: string + RoleARN: + description: 'Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. ' + type: string + ScalableDimension: + description: The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property + type: string + ScheduledActions: + description: The scheduled actions for the scalable target. Duplicates aren't allowed. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/ScheduledAction' + ServiceNamespace: + description: The namespace of the AWS service that provides the resource, or a custom-resource + type: string + SuspendedState: + description: An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to true suspends the specified scaling activities. Setting it to false (default) resumes the specified scaling activities. + $ref: '#/components/schemas/SuspendedState' + required: + - ResourceId + - ServiceNamespace + - ScalableDimension + - MinCapacity + - MaxCapacity + x-stackql-resource-name: scalable_target + x-stackql-primaryIdentifier: + - ResourceId + - ScalableDimension + - ServiceNamespace + x-create-only-properties: + - ResourceId + - ScalableDimension + - ServiceNamespace + x-read-only-properties: + - Id + x-required-permissions: + create: + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:RegisterScalableTarget + - application-autoscaling:DescribeScheduledActions + - application-autoscaling:PutScheduledAction + - iam:PassRole + - iam:CreateServiceLinkedRole + - cloudwatch:PutMetricAlarm + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + - lambda:GetProvisionedConcurrencyConfig + - lambda:PutProvisionedConcurrencyConfig + - lambda:DeleteProvisionedConcurrencyConfig + read: + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:DescribeScheduledActions + list: + - application-autoscaling:DescribeScalableTargets + update: + - application-autoscaling:RegisterScalableTarget + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:DescribeScheduledActions + - application-autoscaling:DeleteScheduledAction + - application-autoscaling:PutScheduledAction + - cloudwatch:PutMetricAlarm + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + - lambda:GetProvisionedConcurrencyConfig + - lambda:PutProvisionedConcurrencyConfig + - lambda:DeleteProvisionedConcurrencyConfig + delete: + - application-autoscaling:DeregisterScalableTarget + StepScalingPolicyConfiguration: + description: A step scaling policy. + type: object + additionalProperties: false + properties: + AdjustmentType: + description: Specifies how the ScalingAdjustment value in a StepAdjustment is interpreted. + type: string + Cooldown: + description: The amount of time, in seconds, to wait for a previous scaling activity to take effect. + type: integer + MetricAggregationType: + description: The aggregation type for the CloudWatch metrics. Valid values are Minimum, Maximum, and Average. If the aggregation type is null, the value is treated as Average + type: string + MinAdjustmentMagnitude: + description: The minimum value to scale by when the adjustment type is PercentChangeInCapacity. + type: integer + StepAdjustments: + description: A set of adjustments that enable you to scale based on the size of the alarm breach. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/StepAdjustment' + TargetTrackingScalingPolicyConfiguration: + description: A target tracking scaling policy. + type: object + additionalProperties: false + properties: + CustomizedMetricSpecification: + description: A customized metric. You can specify either a predefined metric or a customized metric. + $ref: '#/components/schemas/CustomizedMetricSpecification' + DisableScaleIn: + description: Indicates whether scale in by the target tracking scaling policy is disabled. If the value is true, scale in is disabled and the target tracking scaling policy won't remove capacity from the scalable target. Otherwise, scale in is enabled and the target tracking scaling policy can remove capacity from the scalable target. The default value is false. + type: boolean + PredefinedMetricSpecification: + description: A predefined metric. You can specify either a predefined metric or a customized metric. + $ref: '#/components/schemas/PredefinedMetricSpecification' + ScaleInCooldown: + description: The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start. + type: integer + ScaleOutCooldown: + description: The amount of time, in seconds, to wait for a previous scale-out activity to take effect. + type: integer + TargetValue: + description: The target value for the metric. Although this property accepts numbers of type Double, it won't accept values that are either too small or too large. Values must be in the range of -2^360 to 2^360. The value must be a valid number based on the choice of metric. For example, if the metric is CPU utilization, then the target value is a percent value that represents how much of the CPU can be used before scaling out. + type: number + required: + - TargetValue + PredefinedMetricSpecification: + description: Represents a predefined metric for a target tracking scaling policy to use with Application Auto Scaling. + type: object + additionalProperties: false + properties: + PredefinedMetricType: + description: The metric type. The ALBRequestCountPerTarget metric type applies only to Spot Fleets and ECS services. + type: string + ResourceLabel: + description: Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is ALBRequestCountPerTarget and there is a target group attached to the Spot Fleet or ECS service. + type: string + required: + - PredefinedMetricType + CustomizedMetricSpecification: + description: Represents a CloudWatch metric of your choosing for a target tracking scaling policy to use with Application Auto Scaling. + type: object + additionalProperties: false + properties: + Dimensions: + description: The dimensions of the metric. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricDimension' + MetricName: + description: The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the Metric object that is returned by a call to ListMetrics. + type: string + Namespace: + description: The namespace of the metric. + type: string + Statistic: + description: The statistic of the metric. + type: string + Unit: + description: The unit of the metric. For a complete list of the units that CloudWatch supports, see the MetricDatum data type in the Amazon CloudWatch API Reference. + type: string + Metrics: + description: The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/TargetTrackingMetricDataQuery' + TargetTrackingMetricDataQuery: + description: The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp. + type: object + additionalProperties: false + properties: + Expression: + description: The math expression to perform on the returned data, if this object is performing a math expression. + type: string + Id: + description: A short name that identifies the object's results in the response. + type: string + Label: + description: A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents. + type: string + ReturnData: + description: Indicates whether to return the timestamps and raw data values of this metric. + type: boolean + MetricStat: + description: Information about the metric data to return. + $ref: '#/components/schemas/TargetTrackingMetricStat' + TargetTrackingMetricStat: + description: This structure defines the CloudWatch metric to return, along with the statistic, period, and unit. + type: object + additionalProperties: false + properties: + Metric: + description: 'The CloudWatch metric to return, including the metric name, namespace, and dimensions. ' + $ref: '#/components/schemas/TargetTrackingMetric' + Stat: + description: The statistic to return. It can include any CloudWatch statistic or extended statistic. + type: string + Unit: + description: The unit to use for the returned data points. + type: string + TargetTrackingMetric: + description: Represents a specific metric. + type: object + additionalProperties: false + properties: + Dimensions: + description: The dimensions for the metric. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/TargetTrackingMetricDimension' + MetricName: + description: The name of the metric. + type: string + Namespace: + description: The namespace of the metric. + type: string + TargetTrackingMetricDimension: + description: Describes the dimension of a metric. + type: object + additionalProperties: false + properties: + Name: + description: The name of the dimension. + type: string + Value: + description: The value of the dimension. + type: string + StepAdjustment: + description: Represents a step adjustment for a StepScalingPolicyConfiguration. Describes an adjustment based on the difference between the value of the aggregated CloudWatch metric and the breach threshold that you've defined for the alarm. + type: object + additionalProperties: false + properties: + MetricIntervalLowerBound: + description: The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity. + type: number + MetricIntervalUpperBound: + description: The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity. + type: number + ScalingAdjustment: + description: The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a positive value. + type: integer + required: + - ScalingAdjustment + MetricDimension: + description: Describes the dimension names and values associated with a metric. + type: object + additionalProperties: false + properties: + Name: + description: The name of the dimension. + type: string + Value: + description: The value of the dimension. + type: string + required: + - Value + - Name + ScalingPolicy: + type: object + properties: + PolicyName: + description: |- + The name of the scaling policy. + + Updates to the name of a target tracking scaling policy are not supported, unless you also update the metric used for scaling. To change only a target tracking scaling policy's name, first delete the policy by removing the existing AWS::ApplicationAutoScaling::ScalingPolicy resource from the template and updating the stack. Then, recreate the resource with the same settings and a different name. + type: string + PolicyType: + description: |- + The scaling policy type. + + The following policy types are supported: + + TargetTrackingScaling Not supported for Amazon EMR + + StepScaling Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune. + type: string + ResourceId: + description: The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier. + type: string + ScalableDimension: + description: The scalable dimension. This string consists of the service namespace, resource type, and scaling property. + type: string + ScalingTargetId: + description: The CloudFormation-generated ID of an Application Auto Scaling scalable target. For more information about the ID, see the Return Value section of the AWS::ApplicationAutoScaling::ScalableTarget resource. + type: string + ServiceNamespace: + description: The namespace of the AWS service that provides the resource, or a custom-resource. + type: string + StepScalingPolicyConfiguration: + description: A step scaling policy. + $ref: '#/components/schemas/StepScalingPolicyConfiguration' + TargetTrackingScalingPolicyConfiguration: + description: A target tracking scaling policy. + $ref: '#/components/schemas/TargetTrackingScalingPolicyConfiguration' + Arn: + description: ARN is a read only property for the resource. + type: string + required: + - PolicyName + - PolicyType + x-stackql-resource-name: scaling_policy + x-stackql-primaryIdentifier: + - Arn + - ScalableDimension + x-create-only-properties: + - PolicyName + - ServiceNamespace + - ResourceId + - ScalableDimension + - ScalingTargetId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:PutScalingPolicy + read: + - application-autoscaling:DescribeScalingPolicies + update: + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:PutScalingPolicy + delete: + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:DeleteScalingPolicy + list: + - application-autoscaling:DescribeScalingPolicies + x-stackQL-resources: + scalable_targets: + name: scalable_targets + id: awscc.applicationautoscaling.scalable_targets + x-cfn-schema-name: ScalableTarget + x-type: list + x-identifiers: + - ResourceId + - ScalableDimension + - ServiceNamespace + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.ScalableDimension') as scalable_dimension, + JSON_EXTRACT(Properties, '$.ServiceNamespace') as service_namespace + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalableTarget' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'ScalableDimension') as scalable_dimension, + json_extract_path_text(Properties, 'ServiceNamespace') as service_namespace + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalableTarget' + AND region = 'us-east-1' + scalable_target: + name: scalable_target + id: awscc.applicationautoscaling.scalable_target + x-cfn-schema-name: ScalableTarget + x-type: get + x-identifiers: + - ResourceId + - ScalableDimension + - ServiceNamespace + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.MaxCapacity') as max_capacity, + JSON_EXTRACT(Properties, '$.MinCapacity') as min_capacity, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.RoleARN') as role_arn, + JSON_EXTRACT(Properties, '$.ScalableDimension') as scalable_dimension, + JSON_EXTRACT(Properties, '$.ScheduledActions') as scheduled_actions, + JSON_EXTRACT(Properties, '$.ServiceNamespace') as service_namespace, + JSON_EXTRACT(Properties, '$.SuspendedState') as suspended_state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalableTarget' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'MaxCapacity') as max_capacity, + json_extract_path_text(Properties, 'MinCapacity') as min_capacity, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'RoleARN') as role_arn, + json_extract_path_text(Properties, 'ScalableDimension') as scalable_dimension, + json_extract_path_text(Properties, 'ScheduledActions') as scheduled_actions, + json_extract_path_text(Properties, 'ServiceNamespace') as service_namespace, + json_extract_path_text(Properties, 'SuspendedState') as suspended_state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalableTarget' + AND data__Identifier = '' + AND region = 'us-east-1' + scaling_policies: + name: scaling_policies + id: awscc.applicationautoscaling.scaling_policies + x-cfn-schema-name: ScalingPolicy + x-type: list + x-identifiers: + - Arn + - ScalableDimension + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ScalableDimension') as scalable_dimension + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalingPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ScalableDimension') as scalable_dimension + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalingPolicy' + AND region = 'us-east-1' + scaling_policy: + name: scaling_policy + id: awscc.applicationautoscaling.scaling_policy + x-cfn-schema-name: ScalingPolicy + x-type: get + x-identifiers: + - Arn + - ScalableDimension + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.PolicyType') as policy_type, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.ScalableDimension') as scalable_dimension, + JSON_EXTRACT(Properties, '$.ScalingTargetId') as scaling_target_id, + JSON_EXTRACT(Properties, '$.ServiceNamespace') as service_namespace, + JSON_EXTRACT(Properties, '$.StepScalingPolicyConfiguration') as step_scaling_policy_configuration, + JSON_EXTRACT(Properties, '$.TargetTrackingScalingPolicyConfiguration') as target_tracking_scaling_policy_configuration, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalingPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'PolicyType') as policy_type, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'ScalableDimension') as scalable_dimension, + json_extract_path_text(Properties, 'ScalingTargetId') as scaling_target_id, + json_extract_path_text(Properties, 'ServiceNamespace') as service_namespace, + json_extract_path_text(Properties, 'StepScalingPolicyConfiguration') as step_scaling_policy_configuration, + json_extract_path_text(Properties, 'TargetTrackingScalingPolicyConfiguration') as target_tracking_scaling_policy_configuration, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApplicationAutoScaling::ScalingPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/applicationinsights.yaml b/providers/src/awscc/v00.00.00000/services/applicationinsights.yaml new file mode 100644 index 00000000..54b00bb0 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/applicationinsights.yaml @@ -0,0 +1,541 @@ +openapi: 3.0.0 +info: + title: ApplicationInsights + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + type: string + minLength: 1 + maxLength: 128 + Value: + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + CustomComponent: + description: The custom grouped component. + type: object + properties: + ComponentName: + description: The name of the component. + type: string + minLength: 1 + maxLength: 128 + pattern: ^[\d\w\-_.+]*$ + ResourceList: + description: The list of resource ARNs that belong to the component. + type: array + items: + type: string + minLength: 20 + maxLength: 300 + pattern: ^arn:aws(-[\w]+)*:[\w\d-]+:([\w\d-]*)?:[\w\d_-]*([:/].+)*$ + minItems: 1 + x-insertionOrder: true + required: + - ComponentName + - ResourceList + additionalProperties: false + LogPatternSet: + description: The log pattern set. + type: object + properties: + PatternSetName: + description: The name of the log pattern set. + type: string + minLength: 1 + maxLength: 30 + pattern: '[a-zA-Z0-9.-_]*' + LogPatterns: + description: The log patterns of a set. + type: array + items: + $ref: '#/components/schemas/LogPattern' + minItems: 1 + x-insertionOrder: true + required: + - PatternSetName + - LogPatterns + additionalProperties: false + LogPattern: + description: The log pattern. + type: object + properties: + PatternName: + description: The name of the log pattern. + type: string + minLength: 1 + maxLength: 50 + pattern: '[a-zA-Z0-9.-_]*' + Pattern: + description: The log pattern. + type: string + minLength: 1 + maxLength: 50 + Rank: + description: Rank of the log pattern. + type: integer + required: + - PatternName + - Pattern + - Rank + additionalProperties: false + ComponentMonitoringSetting: + description: The monitoring setting of the component. + type: object + properties: + ComponentName: + description: The name of the component. + type: string + minLength: 1 + maxLength: 128 + pattern: ^[\d\w\-_.+]*$ + ComponentARN: + description: The ARN of the compnonent. + type: string + minLength: 20 + maxLength: 300 + pattern: ^arn:aws(-[\w]+)*:[\w\d-]+:([\w\d-]*)?:[\w\d_-]*([:/].+)*$ + Tier: + description: The tier of the application component. + type: string + pattern: ^[A-Z][[A-Z]_]*$ + ComponentConfigurationMode: + description: The component monitoring configuration mode. + type: string + enum: + - DEFAULT + - DEFAULT_WITH_OVERWRITE + - CUSTOM + DefaultOverwriteComponentConfiguration: + description: The overwritten settings on default component monitoring configuration. + $ref: '#/components/schemas/ComponentConfiguration' + CustomComponentConfiguration: + description: The monitoring configuration of the component. + $ref: '#/components/schemas/ComponentConfiguration' + required: + - Tier + - ComponentConfigurationMode + oneOf: + - required: + - ComponentName + - required: + - ComponentARN + additionalProperties: false + ComponentConfiguration: + description: The configuration settings of the component. + type: object + properties: + ConfigurationDetails: + description: The configuration settings + $ref: '#/components/schemas/ConfigurationDetails' + SubComponentTypeConfigurations: + description: Sub component configurations of the component. + type: array + items: + $ref: '#/components/schemas/SubComponentTypeConfiguration' + minItems: 1 + x-insertionOrder: true + additionalProperties: false + ConfigurationDetails: + description: The configuration settings. + type: object + properties: + AlarmMetrics: + description: A list of metrics to monitor for the component. + type: array + items: + $ref: '#/components/schemas/AlarmMetric' + x-insertionOrder: true + Logs: + description: A list of logs to monitor for the component. + type: array + items: + $ref: '#/components/schemas/Log' + x-insertionOrder: true + WindowsEvents: + description: A list of Windows Events to log. + type: array + items: + $ref: '#/components/schemas/WindowsEvent' + x-insertionOrder: true + Alarms: + description: A list of alarms to monitor for the component. + type: array + items: + $ref: '#/components/schemas/Alarm' + x-insertionOrder: true + JMXPrometheusExporter: + description: The JMX Prometheus Exporter settings. + $ref: '#/components/schemas/JMXPrometheusExporter' + HANAPrometheusExporter: + description: The HANA DB Prometheus Exporter settings. + $ref: '#/components/schemas/HANAPrometheusExporter' + HAClusterPrometheusExporter: + description: The HA cluster Prometheus Exporter settings. + $ref: '#/components/schemas/HAClusterPrometheusExporter' + additionalProperties: false + SubComponentConfigurationDetails: + description: The configuration settings of sub components. + type: object + properties: + AlarmMetrics: + description: A list of metrics to monitor for the component. + type: array + items: + $ref: '#/components/schemas/AlarmMetric' + x-insertionOrder: true + Logs: + description: A list of logs to monitor for the component. + type: array + items: + $ref: '#/components/schemas/Log' + x-insertionOrder: true + WindowsEvents: + description: A list of Windows Events to log. + type: array + items: + $ref: '#/components/schemas/WindowsEvent' + x-insertionOrder: true + additionalProperties: false + JMXPrometheusExporter: + description: The JMX Prometheus Exporter settings. + type: object + properties: + JMXURL: + description: JMX service URL. + type: string + HostPort: + description: Java agent host port + type: string + PrometheusPort: + description: Prometheus exporter port. + type: string + additionalProperties: false + HANAPrometheusExporter: + description: The HANA DB Prometheus Exporter settings. + type: object + properties: + HANASID: + description: HANA DB SID. + type: string + HANAPort: + description: The HANA DB port. + type: string + HANASecretName: + description: |- + The secret name which manages the HANA DB credentials e.g. { + "username": "<>", + "password": "<>" + }. + type: string + AgreeToInstallHANADBClient: + description: A flag which indicates agreeing to install SAP HANA DB client. + type: boolean + PrometheusPort: + description: Prometheus exporter port. + type: string + required: + - HANASID + - HANAPort + - HANASecretName + - AgreeToInstallHANADBClient + additionalProperties: false + HAClusterPrometheusExporter: + description: The HA cluster Prometheus Exporter settings. + type: object + properties: + PrometheusPort: + description: Prometheus exporter port. + type: string + additionalProperties: false + AlarmMetric: + description: A metric to be monitored for the component. + type: object + properties: + AlarmMetricName: + description: The name of the metric to be monitored for the component. + type: string + required: + - AlarmMetricName + additionalProperties: false + Log: + description: A log to be monitored for the component. + type: object + properties: + LogGroupName: + description: The CloudWatch log group name to be associated to the monitored log. + type: string + minLength: 1 + maxLength: 512 + pattern: '[\.\-_/#A-Za-z0-9]+' + LogPath: + description: The path of the logs to be monitored. + type: string + minLength: 1 + maxLength: 260 + pattern: ^([a-zA-Z]:\\[\\\S|*\S]?.*|/[^"']*)$ + LogType: + description: The log type decides the log patterns against which Application Insights analyzes the log. + type: string + pattern: ^[A-Z][[A-Z]_]*$ + Encoding: + description: The type of encoding of the logs to be monitored. + type: string + enum: + - utf-8 + - utf-16 + - ascii + PatternSet: + description: The name of the log pattern set. + type: string + minLength: 1 + maxLength: 30 + pattern: '[a-zA-Z0-9.-_]*' + required: + - LogType + additionalProperties: false + WindowsEvent: + description: A Windows Event to be monitored for the component. + type: object + properties: + LogGroupName: + description: The CloudWatch log group name to be associated to the monitored log. + type: string + minLength: 1 + maxLength: 512 + pattern: '[\.\-_/#A-Za-z0-9]+' + EventName: + description: The type of Windows Events to log. + type: string + minLength: 1 + maxLength: 260 + pattern: ^[a-zA-Z0-9_ \\/-]+$ + EventLevels: + description: 'The levels of event to log. ' + type: array + items: + $ref: '#/components/schemas/EventLevel' + minItems: 1 + x-insertionOrder: true + PatternSet: + description: The name of the log pattern set. + type: string + minLength: 1 + maxLength: 30 + pattern: '[a-zA-Z0-9.-_]*' + required: + - LogGroupName + - EventName + - EventLevels + additionalProperties: false + EventLevel: + description: The level of event to log. + type: string + enum: + - INFORMATION + - WARNING + - ERROR + - CRITICAL + - VERBOSE + Alarm: + description: A CloudWatch alarm to be monitored for the component. + type: object + properties: + AlarmName: + description: The name of the CloudWatch alarm to be monitored for the component. + type: string + minLength: 1 + maxLength: 255 + Severity: + description: Indicates the degree of outage when the alarm goes off. + type: string + enum: + - HIGH + - MEDIUM + - LOW + required: + - AlarmName + additionalProperties: false + SubComponentTypeConfiguration: + description: One type sub component configurations for the component. + type: object + properties: + SubComponentType: + description: The sub component type. + type: string + enum: + - AWS::EC2::Instance + - AWS::EC2::Volume + SubComponentConfigurationDetails: + description: The configuration settings of sub components. + $ref: '#/components/schemas/SubComponentConfigurationDetails' + required: + - SubComponentType + - SubComponentConfigurationDetails + additionalProperties: false + Application: + type: object + properties: + ResourceGroupName: + description: The name of the resource group. + type: string + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z0-9.-_]*' + ApplicationARN: + description: The ARN of the ApplicationInsights application. + type: string + CWEMonitorEnabled: + description: Indicates whether Application Insights can listen to CloudWatch events for the application resources. + type: boolean + OpsCenterEnabled: + description: When set to true, creates opsItems for any problems detected on an application. + type: boolean + OpsItemSNSTopicArn: + description: The SNS topic provided to Application Insights that is associated to the created opsItem. + type: string + minLength: 20 + maxLength: 300 + pattern: ^arn:aws(-[\w]+)*:[\w\d-]+:([\w\d-]*)?:[\w\d_-]*([:/].+)*$ + Tags: + description: The tags of Application Insights application. + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + x-insertionOrder: true + CustomComponents: + description: The custom grouped components. + type: array + items: + $ref: '#/components/schemas/CustomComponent' + minItems: 1 + x-insertionOrder: true + LogPatternSets: + description: The log pattern sets. + type: array + items: + $ref: '#/components/schemas/LogPatternSet' + minItems: 1 + x-insertionOrder: true + AutoConfigurationEnabled: + description: If set to true, application will be configured with recommended monitoring configuration. + type: boolean + ComponentMonitoringSettings: + description: The monitoring settings of the components. + type: array + items: + $ref: '#/components/schemas/ComponentMonitoringSetting' + minItems: 1 + x-insertionOrder: true + GroupingType: + description: The grouping type of the application + type: string + enum: + - ACCOUNT_BASED + required: + - ResourceGroupName + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationARN + x-create-only-properties: + - ResourceGroupName + - GroupingType + x-read-only-properties: + - ApplicationARN + x-required-permissions: + create: + - '*' + read: + - '*' + update: + - '*' + delete: + - '*' + list: + - '*' + x-stackQL-resources: + applications: + name: applications + id: awscc.applicationinsights.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationARN') as application_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApplicationInsights::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationARN') as application_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ApplicationInsights::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.applicationinsights.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceGroupName') as resource_group_name, + JSON_EXTRACT(Properties, '$.ApplicationARN') as application_arn, + JSON_EXTRACT(Properties, '$.CWEMonitorEnabled') as c_we_monitor_enabled, + JSON_EXTRACT(Properties, '$.OpsCenterEnabled') as ops_center_enabled, + JSON_EXTRACT(Properties, '$.OpsItemSNSTopicArn') as ops_item_sn_stopic_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CustomComponents') as custom_components, + JSON_EXTRACT(Properties, '$.LogPatternSets') as log_pattern_sets, + JSON_EXTRACT(Properties, '$.AutoConfigurationEnabled') as auto_configuration_enabled, + JSON_EXTRACT(Properties, '$.ComponentMonitoringSettings') as component_monitoring_settings, + JSON_EXTRACT(Properties, '$.GroupingType') as grouping_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApplicationInsights::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceGroupName') as resource_group_name, + json_extract_path_text(Properties, 'ApplicationARN') as application_arn, + json_extract_path_text(Properties, 'CWEMonitorEnabled') as c_we_monitor_enabled, + json_extract_path_text(Properties, 'OpsCenterEnabled') as ops_center_enabled, + json_extract_path_text(Properties, 'OpsItemSNSTopicArn') as ops_item_sn_stopic_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CustomComponents') as custom_components, + json_extract_path_text(Properties, 'LogPatternSets') as log_pattern_sets, + json_extract_path_text(Properties, 'AutoConfigurationEnabled') as auto_configuration_enabled, + json_extract_path_text(Properties, 'ComponentMonitoringSettings') as component_monitoring_settings, + json_extract_path_text(Properties, 'GroupingType') as grouping_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ApplicationInsights::Application' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/apprunner.yaml b/providers/src/awscc/v00.00.00000/services/apprunner.yaml new file mode 100644 index 00000000..1f22839e --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/apprunner.yaml @@ -0,0 +1,1010 @@ +openapi: 3.0.0 +info: + title: AppRunner + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + properties: + Key: + type: string + Value: + type: string + additionalProperties: false + AutoScalingConfiguration: + type: object + properties: + AutoScalingConfigurationArn: + description: The Amazon Resource Name (ARN) of this auto scaling configuration. + type: string + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[0-9]{12}:(\w|/|-){1,1011} + AutoScalingConfigurationName: + description: The customer-provided auto scaling configuration name. When you use it for the first time in an AWS Region, App Runner creates revision number 1 of this name. When you use the same name in subsequent calls, App Runner creates incremental revisions of the configuration. The auto scaling configuration name can be used in multiple revisions of a configuration. + type: string + minLength: 4 + maxLength: 32 + pattern: '[A-Za-z0-9][A-Za-z0-9\-_]{3,31}' + AutoScalingConfigurationRevision: + description: 'The revision of this auto scaling configuration. It''s unique among all the active configurations ("Status": "ACTIVE") that share the same AutoScalingConfigurationName.' + type: integer + MaxConcurrency: + description: The maximum number of concurrent requests that an instance processes. If the number of concurrent requests exceeds this limit, App Runner scales the service up to use more instances to process the requests. + type: integer + MaxSize: + description: The maximum number of instances that an App Runner service scales up to. At most MaxSize instances actively serve traffic for your service. + type: integer + MinSize: + description: The minimum number of instances that App Runner provisions for a service. The service always has at least MinSize provisioned instances. Some of them actively serve traffic. The rest of them (provisioned and inactive instances) are a cost-effective compute capacity reserve and are ready to be quickly activated. You pay for memory usage of all the provisioned instances. You pay for CPU usage of only the active subset. + type: integer + Latest: + description: It's set to true for the configuration with the highest Revision among all configurations that share the same AutoScalingConfigurationName. It's set to false otherwise. App Runner temporarily doubles the number of provisioned instances during deployments, to maintain the same capacity for both old and new code. + type: boolean + Tags: + description: A list of metadata items that you can associate with your auto scaling configuration resource. A tag is a key-value pair. + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + x-stackql-resource-name: auto_scaling_configuration + x-stackql-primaryIdentifier: + - AutoScalingConfigurationArn + x-create-only-properties: + - AutoScalingConfigurationName + - MaxConcurrency + - MaxSize + - MinSize + - Tags + x-read-only-properties: + - AutoScalingConfigurationArn + - AutoScalingConfigurationRevision + - Latest + x-required-permissions: + create: + - apprunner:CreateAutoScalingConfiguration + - apprunner:DescribeAutoScalingConfiguration + - apprunner:TagResource + read: + - apprunner:DescribeAutoScalingConfiguration + delete: + - apprunner:DeleteAutoScalingConfiguration + list: + - apprunner:ListAutoScalingConfiguration + TraceConfiguration: + description: Describes the configuration of the tracing feature within an AWS App Runner observability configuration. + type: object + properties: + Vendor: + description: The implementation provider chosen for tracing App Runner services. + type: string + enum: + - AWSXRAY + required: + - Vendor + additionalProperties: false + ObservabilityConfiguration: + type: object + properties: + ObservabilityConfigurationArn: + description: The Amazon Resource Name (ARN) of this ObservabilityConfiguration + type: string + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[0-9]{12}:(\w|/|-){1,1011} + ObservabilityConfigurationName: + description: A name for the observability configuration. When you use it for the first time in an AWS Region, App Runner creates revision number 1 of this name. When you use the same name in subsequent calls, App Runner creates incremental revisions of the configuration. + type: string + minLength: 4 + maxLength: 32 + pattern: '[A-Za-z0-9][A-Za-z0-9\-_]{3,31}' + ObservabilityConfigurationRevision: + description: 'The revision of this observability configuration. It''s unique among all the active configurations (''Status'': ''ACTIVE'') that share the same ObservabilityConfigurationName.' + type: integer + Latest: + description: It's set to true for the configuration with the highest Revision among all configurations that share the same Name. It's set to false otherwise. + type: boolean + TraceConfiguration: + description: The configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing. + $ref: '#/components/schemas/TraceConfiguration' + Tags: + description: A list of metadata items that you can associate with your observability configuration resource. A tag is a key-value pair. + type: array + items: + $ref: '#/components/schemas/Tag' + required: [] + x-stackql-resource-name: observability_configuration + x-stackql-primaryIdentifier: + - ObservabilityConfigurationArn + x-create-only-properties: + - ObservabilityConfigurationName + - TraceConfiguration + - Tags + x-read-only-properties: + - ObservabilityConfigurationArn + - ObservabilityConfigurationRevision + - Latest + x-required-permissions: + create: + - apprunner:CreateObservabilityConfiguration + - apprunner:DescribeObservabilityConfiguration + - apprunner:TagResource + read: + - apprunner:DescribeObservabilityConfiguration + delete: + - apprunner:DeleteObservabilityConfiguration + list: + - apprunner:ListObservabilityConfigurations + SourceConfiguration: + description: Source Code configuration + type: object + properties: + CodeRepository: + $ref: '#/components/schemas/CodeRepository' + ImageRepository: + $ref: '#/components/schemas/ImageRepository' + AutoDeploymentsEnabled: + description: Auto Deployment enabled + type: boolean + AuthenticationConfiguration: + $ref: '#/components/schemas/AuthenticationConfiguration' + additionalProperties: false + CodeRepository: + description: Source Code Repository + type: object + properties: + RepositoryUrl: + type: string + description: Repository Url + SourceCodeVersion: + $ref: '#/components/schemas/SourceCodeVersion' + CodeConfiguration: + $ref: '#/components/schemas/CodeConfiguration' + SourceDirectory: + type: string + description: Source Directory + minLength: 1 + maxLength: 4096 + pattern: '[^\x00]+' + required: + - RepositoryUrl + - SourceCodeVersion + additionalProperties: false + SourceCodeVersion: + description: Source Code Version + type: object + properties: + Type: + type: string + description: Source Code Version Type + enum: + - BRANCH + Value: + type: string + description: Source Code Version Value + required: + - Type + - Value + additionalProperties: false + CodeConfiguration: + description: Code Configuration + type: object + properties: + ConfigurationSource: + type: string + description: Configuration Source + enum: + - REPOSITORY + - API + CodeConfigurationValues: + $ref: '#/components/schemas/CodeConfigurationValues' + required: + - ConfigurationSource + additionalProperties: false + CodeConfigurationValues: + description: Code Configuration Values + type: object + properties: + Runtime: + type: string + description: Runtime + enum: + - PYTHON_3 + - NODEJS_12 + - NODEJS_14 + - CORRETTO_8 + - CORRETTO_11 + - NODEJS_16 + - GO_1 + - DOTNET_6 + - PHP_81 + - RUBY_31 + - PYTHON_311 + - NODEJS_18 + BuildCommand: + type: string + description: Build Command + StartCommand: + type: string + description: Start Command + Port: + type: string + description: Port + RuntimeEnvironmentVariables: + type: array + items: + $ref: '#/components/schemas/KeyValuePair' + RuntimeEnvironmentSecrets: + type: array + items: + $ref: '#/components/schemas/KeyValuePair' + description: The secrets and parameters that get referenced by your service as environment variables + required: + - Runtime + additionalProperties: false + ImageRepository: + description: Image Repository + type: object + properties: + ImageIdentifier: + type: string + description: Image Identifier + minLength: 1 + maxLength: 1024 + pattern: ([0-9]{12}.dkr.ecr.[a-z\-]+-[0-9]{1}.amazonaws.com\/.*)|(^public\.ecr\.aws\/.+\/.+) + ImageConfiguration: + $ref: '#/components/schemas/ImageConfiguration' + ImageRepositoryType: + type: string + description: Image Repository Type + enum: + - ECR + - ECR_PUBLIC + required: + - ImageIdentifier + - ImageRepositoryType + additionalProperties: false + ImageConfiguration: + description: Image Configuration + type: object + properties: + StartCommand: + type: string + description: Start Command + Port: + type: string + description: Port + RuntimeEnvironmentVariables: + type: array + items: + $ref: '#/components/schemas/KeyValuePair' + RuntimeEnvironmentSecrets: + type: array + items: + $ref: '#/components/schemas/KeyValuePair' + description: The secrets and parameters that get referenced by your service as environment variables + additionalProperties: false + AuthenticationConfiguration: + description: Authentication Configuration + type: object + properties: + ConnectionArn: + type: string + description: Connection Arn + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[0-9]{12}:(\w|\/|-){1,1011} + AccessRoleArn: + description: Access Role Arn + $ref: '#/components/schemas/RoleArn' + additionalProperties: false + InstanceConfiguration: + description: Instance Configuration + type: object + properties: + Cpu: + type: string + description: CPU + minLength: 3 + maxLength: 9 + pattern: 256|512|1024|2048|4096|(0.25|0.5|1|2|4) vCPU + Memory: + type: string + description: Memory + minLength: 3 + maxLength: 6 + pattern: 512|1024|2048|3072|4096|6144|8192|10240|12288|(0.5|1|2|3|4|6|8|10|12) GB + InstanceRoleArn: + description: Instance Role Arn + $ref: '#/components/schemas/RoleArn' + additionalProperties: false + RoleArn: + type: string + minLength: 29 + maxLength: 1024 + pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):iam::[0-9]{12}:role/[\w+=,.@-]{1,64} + EncryptionConfiguration: + description: Encryption configuration (KMS key) + type: object + properties: + KmsKey: + type: string + description: The KMS Key + minLength: 0 + maxLength: 256 + pattern: arn:aws(-[\w]+)*:kms:[a-z\-]+-[0-9]{1}:[0-9]{12}:key\/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} + required: + - KmsKey + additionalProperties: false + HealthCheckConfiguration: + description: Health check configuration + type: object + properties: + Protocol: + type: string + description: Health Check Protocol + enum: + - TCP + - HTTP + Path: + type: string + description: Health check Path + Interval: + type: integer + description: Health check Interval + Timeout: + type: integer + description: Health check Timeout + minimum: 1 + maximum: 20 + HealthyThreshold: + type: integer + description: Health check Healthy Threshold + minimum: 1 + maximum: 20 + UnhealthyThreshold: + type: integer + description: Health check Unhealthy Threshold + minimum: 1 + maximum: 20 + additionalProperties: false + EgressConfiguration: + description: Network egress configuration + type: object + properties: + EgressType: + description: Network egress type. + type: string + enum: + - DEFAULT + - VPC + VpcConnectorArn: + description: The Amazon Resource Name (ARN) of the App Runner VpcConnector. + type: string + minLength: 44 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[0-9]{12}:(\w|\/|-){1,1011} + required: + - EgressType + additionalProperties: false + IngressConfiguration: + description: Network ingress configuration + type: object + properties: + IsPubliclyAccessible: + description: It's set to true if the Apprunner service is publicly accessible. It's set to false otherwise. + type: boolean + required: + - IsPubliclyAccessible + additionalProperties: false + NetworkConfiguration: + description: Network configuration + type: object + properties: + EgressConfiguration: + $ref: '#/components/schemas/EgressConfiguration' + IngressConfiguration: + $ref: '#/components/schemas/IngressConfiguration' + IpAddressType: + description: App Runner service endpoint IP address type + type: string + enum: + - IPV4 + - DUAL_STACK + additionalProperties: false + ServiceObservabilityConfiguration: + description: Service observability configuration + type: object + properties: + ObservabilityEnabled: + description: Observability enabled + type: boolean + ObservabilityConfigurationArn: + description: The Amazon Resource Name (ARN) of the App Runner ObservabilityConfiguration. + type: string + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[0-9]{12}:(\w|/|-){1,1011} + required: + - ObservabilityEnabled + additionalProperties: false + KeyValuePair: + type: object + properties: + Name: + type: string + Value: + type: string + additionalProperties: false + Service: + type: object + properties: + ServiceName: + description: The AppRunner Service Name. + type: string + minLength: 4 + maxLength: 40 + pattern: '[A-Za-z0-9][A-Za-z0-9-_]{3,39}' + ServiceId: + description: The AppRunner Service Id + type: string + minLength: 32 + maxLength: 32 + ServiceArn: + description: The Amazon Resource Name (ARN) of the AppRunner Service. + type: string + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[0-9]{12}:(\w|\/|-){1,1011} + ServiceUrl: + description: The Service Url of the AppRunner Service. + type: string + Status: + description: AppRunner Service status. + type: string + SourceConfiguration: + $ref: '#/components/schemas/SourceConfiguration' + InstanceConfiguration: + $ref: '#/components/schemas/InstanceConfiguration' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + EncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + HealthCheckConfiguration: + $ref: '#/components/schemas/HealthCheckConfiguration' + ObservabilityConfiguration: + $ref: '#/components/schemas/ServiceObservabilityConfiguration' + AutoScalingConfigurationArn: + description: Autoscaling configuration ARN + type: string + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[0-9]{12}:(\w|\/|-){1,1011} + NetworkConfiguration: + $ref: '#/components/schemas/NetworkConfiguration' + required: + - SourceConfiguration + x-stackql-resource-name: service + x-stackql-primaryIdentifier: + - ServiceArn + x-create-only-properties: + - ServiceName + - EncryptionConfiguration + - Tags + x-read-only-properties: + - ServiceArn + - ServiceId + - ServiceUrl + - Status + x-required-permissions: + create: + - apprunner:CreateService + - apprunner:TagResource + - iam:PassRole + - iam:CreateServiceLinkedRole + - logs:CreateLogGroup + - logs:PutRetentionPolicy + - logs:CreateLogStream + - logs:PutLogEvents + - logs:DescribeLogStreams + - events:PutRule + - events:PutTargets + read: + - apprunner:DescribeService + update: + - apprunner:UpdateService + - iam:PassRole + delete: + - apprunner:DeleteService + list: + - apprunner:ListServices + - iam:PassRole + VpcConnector: + type: object + properties: + VpcConnectorName: + description: A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector. + type: string + minLength: 4 + maxLength: 40 + pattern: ^[A-Za-z0-9][A-Za-z0-9-\\_]{3,39}$ + VpcConnectorArn: + description: The Amazon Resource Name (ARN) of this VPC connector. + type: string + minLength: 44 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[0-9]{12}:(\w|\/|-){1,1011} + VpcConnectorRevision: + description: 'The revision of this VPC connector. It''s unique among all the active connectors ("Status": "ACTIVE") that share the same Name.' + type: integer + Subnets: + description: A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + SecurityGroups: + description: A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Tags: + description: A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair. + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - Subnets + x-stackql-resource-name: vpc_connector + x-stackql-primaryIdentifier: + - VpcConnectorArn + x-create-only-properties: + - VpcConnectorName + - Subnets + - SecurityGroups + - Tags + x-read-only-properties: + - VpcConnectorArn + - VpcConnectorRevision + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - apprunner:CreateVpcConnector + - apprunner:DescribeVpcConnector + - apprunner:TagResource + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + read: + - apprunner:DescribeVpcConnector + delete: + - apprunner:DeleteVpcConnector + list: + - apprunner:ListVpcConnectors + IngressVpcConfiguration: + description: The configuration of customer’s VPC and related VPC endpoint + type: object + properties: + VpcId: + description: The ID of the VPC that the VPC endpoint is used in. + type: string + VpcEndpointId: + description: The ID of the VPC endpoint that your App Runner service connects to. + type: string + required: + - VpcId + - VpcEndpointId + additionalProperties: false + VpcIngressConnection: + type: object + properties: + VpcIngressConnectionArn: + description: The Amazon Resource Name (ARN) of the VpcIngressConnection. + type: string + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[0-9]{12}:(\w|/|-){1,1011} + VpcIngressConnectionName: + description: The customer-provided Vpc Ingress Connection name. + type: string + minLength: 4 + maxLength: 40 + pattern: '[A-Za-z0-9][A-Za-z0-9\-_]{3,39}' + ServiceArn: + description: The Amazon Resource Name (ARN) of the service. + type: string + minLength: 1 + maxLength: 1011 + pattern: arn:aws(-[\w]+)*:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[0-9]{12}:(\w|/|-){1,1011} + Status: + description: The current status of the VpcIngressConnection. + type: string + enum: + - AVAILABLE + - PENDING_CREATION + - PENDING_UPDATE + - PENDING_DELETION + - FAILED_CREATION + - FAILED_UPDATE + - FAILED_DELETION + - DELETED + DomainName: + description: The Domain name associated with the VPC Ingress Connection. + type: string + minLength: 1 + maxLength: 255 + pattern: '[A-Za-z0-9*.-]{1,255}' + IngressVpcConfiguration: + $ref: '#/components/schemas/IngressVpcConfiguration' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - ServiceArn + - IngressVpcConfiguration + x-stackql-resource-name: vpc_ingress_connection + x-stackql-primaryIdentifier: + - VpcIngressConnectionArn + x-create-only-properties: + - VpcIngressConnectionName + - ServiceArn + - Tags + x-read-only-properties: + - VpcIngressConnectionArn + - DomainName + - Status + x-required-permissions: + create: + - apprunner:CreateVpcIngressConnection + - apprunner:DescribeVpcIngressConnection + - ec2:DescribeVpcs + - ec2:DescribeVpcEndpoints + - ec2:DescribeSubnets + - apprunner:TagResource + read: + - apprunner:DescribeVpcIngressConnection + update: + - apprunner:UpdateVpcIngressConnection + delete: + - apprunner:DeleteVpcIngressConnection + list: + - apprunner:ListVpcIngressConnections + x-stackQL-resources: + auto_scaling_configurations: + name: auto_scaling_configurations + id: awscc.apprunner.auto_scaling_configurations + x-cfn-schema-name: AutoScalingConfiguration + x-type: list + x-identifiers: + - AutoScalingConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingConfigurationArn') as auto_scaling_configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::AutoScalingConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingConfigurationArn') as auto_scaling_configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::AutoScalingConfiguration' + AND region = 'us-east-1' + auto_scaling_configuration: + name: auto_scaling_configuration + id: awscc.apprunner.auto_scaling_configuration + x-cfn-schema-name: AutoScalingConfiguration + x-type: get + x-identifiers: + - AutoScalingConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingConfigurationArn') as auto_scaling_configuration_arn, + JSON_EXTRACT(Properties, '$.AutoScalingConfigurationName') as auto_scaling_configuration_name, + JSON_EXTRACT(Properties, '$.AutoScalingConfigurationRevision') as auto_scaling_configuration_revision, + JSON_EXTRACT(Properties, '$.MaxConcurrency') as max_concurrency, + JSON_EXTRACT(Properties, '$.MaxSize') as max_size, + JSON_EXTRACT(Properties, '$.MinSize') as min_size, + JSON_EXTRACT(Properties, '$.Latest') as latest, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::AutoScalingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingConfigurationArn') as auto_scaling_configuration_arn, + json_extract_path_text(Properties, 'AutoScalingConfigurationName') as auto_scaling_configuration_name, + json_extract_path_text(Properties, 'AutoScalingConfigurationRevision') as auto_scaling_configuration_revision, + json_extract_path_text(Properties, 'MaxConcurrency') as max_concurrency, + json_extract_path_text(Properties, 'MaxSize') as max_size, + json_extract_path_text(Properties, 'MinSize') as min_size, + json_extract_path_text(Properties, 'Latest') as latest, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::AutoScalingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + observability_configurations: + name: observability_configurations + id: awscc.apprunner.observability_configurations + x-cfn-schema-name: ObservabilityConfiguration + x-type: list + x-identifiers: + - ObservabilityConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ObservabilityConfigurationArn') as observability_configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::ObservabilityConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ObservabilityConfigurationArn') as observability_configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::ObservabilityConfiguration' + AND region = 'us-east-1' + observability_configuration: + name: observability_configuration + id: awscc.apprunner.observability_configuration + x-cfn-schema-name: ObservabilityConfiguration + x-type: get + x-identifiers: + - ObservabilityConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ObservabilityConfigurationArn') as observability_configuration_arn, + JSON_EXTRACT(Properties, '$.ObservabilityConfigurationName') as observability_configuration_name, + JSON_EXTRACT(Properties, '$.ObservabilityConfigurationRevision') as observability_configuration_revision, + JSON_EXTRACT(Properties, '$.Latest') as latest, + JSON_EXTRACT(Properties, '$.TraceConfiguration') as trace_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::ObservabilityConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ObservabilityConfigurationArn') as observability_configuration_arn, + json_extract_path_text(Properties, 'ObservabilityConfigurationName') as observability_configuration_name, + json_extract_path_text(Properties, 'ObservabilityConfigurationRevision') as observability_configuration_revision, + json_extract_path_text(Properties, 'Latest') as latest, + json_extract_path_text(Properties, 'TraceConfiguration') as trace_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::ObservabilityConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + services: + name: services + id: awscc.apprunner.services + x-cfn-schema-name: Service + x-type: list + x-identifiers: + - ServiceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServiceArn') as service_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::Service' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServiceArn') as service_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::Service' + AND region = 'us-east-1' + service: + name: service + id: awscc.apprunner.service + x-cfn-schema-name: Service + x-type: get + x-identifiers: + - ServiceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServiceName') as service_name, + JSON_EXTRACT(Properties, '$.ServiceId') as service_id, + JSON_EXTRACT(Properties, '$.ServiceArn') as service_arn, + JSON_EXTRACT(Properties, '$.ServiceUrl') as service_url, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.SourceConfiguration') as source_configuration, + JSON_EXTRACT(Properties, '$.InstanceConfiguration') as instance_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.EncryptionConfiguration') as encryption_configuration, + JSON_EXTRACT(Properties, '$.HealthCheckConfiguration') as health_check_configuration, + JSON_EXTRACT(Properties, '$.ObservabilityConfiguration') as observability_configuration, + JSON_EXTRACT(Properties, '$.AutoScalingConfigurationArn') as auto_scaling_configuration_arn, + JSON_EXTRACT(Properties, '$.NetworkConfiguration') as network_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::Service' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServiceName') as service_name, + json_extract_path_text(Properties, 'ServiceId') as service_id, + json_extract_path_text(Properties, 'ServiceArn') as service_arn, + json_extract_path_text(Properties, 'ServiceUrl') as service_url, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'SourceConfiguration') as source_configuration, + json_extract_path_text(Properties, 'InstanceConfiguration') as instance_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'EncryptionConfiguration') as encryption_configuration, + json_extract_path_text(Properties, 'HealthCheckConfiguration') as health_check_configuration, + json_extract_path_text(Properties, 'ObservabilityConfiguration') as observability_configuration, + json_extract_path_text(Properties, 'AutoScalingConfigurationArn') as auto_scaling_configuration_arn, + json_extract_path_text(Properties, 'NetworkConfiguration') as network_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::Service' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_connectors: + name: vpc_connectors + id: awscc.apprunner.vpc_connectors + x-cfn-schema-name: VpcConnector + x-type: list + x-identifiers: + - VpcConnectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VpcConnectorArn') as vpc_connector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::VpcConnector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VpcConnectorArn') as vpc_connector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::VpcConnector' + AND region = 'us-east-1' + vpc_connector: + name: vpc_connector + id: awscc.apprunner.vpc_connector + x-cfn-schema-name: VpcConnector + x-type: get + x-identifiers: + - VpcConnectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VpcConnectorName') as vpc_connector_name, + JSON_EXTRACT(Properties, '$.VpcConnectorArn') as vpc_connector_arn, + JSON_EXTRACT(Properties, '$.VpcConnectorRevision') as vpc_connector_revision, + JSON_EXTRACT(Properties, '$.Subnets') as subnets, + JSON_EXTRACT(Properties, '$.SecurityGroups') as security_groups, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::VpcConnector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VpcConnectorName') as vpc_connector_name, + json_extract_path_text(Properties, 'VpcConnectorArn') as vpc_connector_arn, + json_extract_path_text(Properties, 'VpcConnectorRevision') as vpc_connector_revision, + json_extract_path_text(Properties, 'Subnets') as subnets, + json_extract_path_text(Properties, 'SecurityGroups') as security_groups, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::VpcConnector' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_ingress_connections: + name: vpc_ingress_connections + id: awscc.apprunner.vpc_ingress_connections + x-cfn-schema-name: VpcIngressConnection + x-type: list + x-identifiers: + - VpcIngressConnectionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VpcIngressConnectionArn') as vpc_ingress_connection_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::VpcIngressConnection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VpcIngressConnectionArn') as vpc_ingress_connection_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppRunner::VpcIngressConnection' + AND region = 'us-east-1' + vpc_ingress_connection: + name: vpc_ingress_connection + id: awscc.apprunner.vpc_ingress_connection + x-cfn-schema-name: VpcIngressConnection + x-type: get + x-identifiers: + - VpcIngressConnectionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VpcIngressConnectionArn') as vpc_ingress_connection_arn, + JSON_EXTRACT(Properties, '$.VpcIngressConnectionName') as vpc_ingress_connection_name, + JSON_EXTRACT(Properties, '$.ServiceArn') as service_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.IngressVpcConfiguration') as ingress_vpc_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::VpcIngressConnection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VpcIngressConnectionArn') as vpc_ingress_connection_arn, + json_extract_path_text(Properties, 'VpcIngressConnectionName') as vpc_ingress_connection_name, + json_extract_path_text(Properties, 'ServiceArn') as service_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'IngressVpcConfiguration') as ingress_vpc_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppRunner::VpcIngressConnection' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/appstream.yaml b/providers/src/awscc/v00.00.00000/services/appstream.yaml new file mode 100644 index 00000000..f532617f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/appstream.yaml @@ -0,0 +1,1138 @@ +openapi: 3.0.0 +info: + title: AppStream + version: 1.0.0 +paths: {} +components: + schemas: + S3Location: + type: object + properties: + S3Bucket: + type: string + S3Key: + type: string + additionalProperties: false + required: + - S3Bucket + - S3Key + ScriptDetails: + type: object + properties: + ScriptS3Location: + $ref: '#/components/schemas/S3Location' + ExecutablePath: + type: string + ExecutableParameters: + type: string + TimeoutInSeconds: + type: integer + additionalProperties: false + required: + - ScriptS3Location + - ExecutablePath + - TimeoutInSeconds + Arn: + type: string + Tag: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + PackagingType: + type: string + AppBlock: + type: object + properties: + Name: + type: string + Arn: + $ref: '#/components/schemas/Arn' + Description: + type: string + DisplayName: + type: string + SourceS3Location: + $ref: '#/components/schemas/S3Location' + SetupScriptDetails: + $ref: '#/components/schemas/ScriptDetails' + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + CreatedTime: + type: string + PackagingType: + $ref: '#/components/schemas/PackagingType' + PostSetupScriptDetails: + $ref: '#/components/schemas/ScriptDetails' + required: + - Name + - SourceS3Location + x-stackql-resource-name: app_block + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - DisplayName + - Description + - SourceS3Location + - SetupScriptDetails + - PackagingType + - PostSetupScriptDetails + x-read-only-properties: + - Arn + - CreatedTime + x-required-permissions: + create: + - appstream:CreateAppBlock + - appstream:TagResource + - s3:GetObject + - s3:ListBucket + - s3:GetBucketOwnershipControls + read: + - appstream:DescribeAppBlocks + delete: + - appstream:DeleteAppBlock + PlatformType: + type: string + AccessEndpoint: + type: object + additionalProperties: false + properties: + EndpointType: + type: string + VpceId: + type: string + required: + - EndpointType + - VpceId + VpcConfig: + type: object + additionalProperties: false + properties: + SecurityGroupIds: + type: array + uniqueItems: false + items: + type: string + SubnetIds: + type: array + uniqueItems: false + items: + type: string + AppBlockBuilder: + type: object + properties: + Name: + type: string + Arn: + $ref: '#/components/schemas/Arn' + Description: + type: string + DisplayName: + type: string + Platform: + $ref: '#/components/schemas/PlatformType' + AccessEndpoints: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/AccessEndpoint' + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + VpcConfig: + $ref: '#/components/schemas/VpcConfig' + EnableDefaultInternetAccess: + type: boolean + IamRoleArn: + type: string + CreatedTime: + type: string + InstanceType: + type: string + AppBlockArns: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Arn' + required: + - Name + - Platform + - InstanceType + - VpcConfig + x-stackql-resource-name: app_block_builder + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreatedTime + x-required-permissions: + create: + - appstream:CreateAppBlockBuilder + - appstream:DescribeAppBlockBuilders + - appstream:StartAppBlockBuilder + - appstream:AssociateAppBlockBuilderAppBlock + - appstream:DescribeAppBlockBuilderAppBlockAssociations + - appstream:TagResource + - iam:PassRole + read: + - appstream:DescribeAppBlockBuilders + update: + - appstream:UpdateAppBlockBuilder + - appstream:DescribeAppBlockBuilders + - appstream:StartAppBlockBuilder + - appstream:StopAppBlockBuilder + - appstream:AssociateAppBlockBuilderAppBlock + - appstream:DisassociateAppBlockBuilderAppBlock + - appstream:DescribeAppBlockBuilderAppBlockAssociations + - appstream:ListTagsForResource + - appstream:TagResource + - appstream:UntagResource + - iam:PassRole + delete: + - appstream:DescribeAppBlockBuilders + - appstream:DeleteAppBlockBuilder + - appstream:DisassociateAppBlockBuilderAppBlock + - appstream:DescribeAppBlockBuilderAppBlockAssociations + list: + - appstream:DescribeAppBlockBuilders + ApplicationAttribute: + type: string + Application: + type: object + properties: + Name: + type: string + DisplayName: + type: string + Description: + type: string + LaunchPath: + type: string + LaunchParameters: + type: string + WorkingDirectory: + type: string + InstanceFamilies: + type: array + uniqueItems: true + items: + type: string + x-insertionOrder: false + IconS3Location: + $ref: '#/components/schemas/S3Location' + Arn: + $ref: '#/components/schemas/Arn' + AppBlockArn: + $ref: '#/components/schemas/Arn' + Platforms: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/PlatformType' + x-insertionOrder: false + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + AttributesToDelete: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/ApplicationAttribute' + x-insertionOrder: false + CreatedTime: + type: string + required: + - Name + - IconS3Location + - LaunchPath + - Platforms + - InstanceFamilies + - AppBlockArn + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - InstanceFamilies + - Platforms + x-read-only-properties: + - Arn + - CreatedTime + x-required-permissions: + create: + - s3:GetObject + - appstream:CreateApplication + - appstream:TagResource + read: + - appstream:DescribeApplications + update: + - appstream:UpdateApplication + - s3:GetObject + delete: + - appstream:DeleteApplication + ApplicationEntitlementAssociation: + type: object + properties: + StackName: + type: string + EntitlementName: + type: string + ApplicationIdentifier: + type: string + required: + - StackName + - EntitlementName + - ApplicationIdentifier + x-stackql-resource-name: application_entitlement_association + x-stackql-primaryIdentifier: + - StackName + - EntitlementName + - ApplicationIdentifier + x-create-only-properties: + - StackName + - EntitlementName + - ApplicationIdentifier + x-required-permissions: + create: + - appstream:AssociateApplicationToEntitlement + - appstream:ListEntitledApplications + read: + - appstream:ListEntitledApplications + delete: + - appstream:DisassociateApplicationFromEntitlement + - appstream:ListEntitledApplications + ApplicationFleetAssociation: + type: object + properties: + FleetName: + type: string + ApplicationArn: + $ref: '#/components/schemas/Arn' + required: + - FleetName + - ApplicationArn + x-stackql-resource-name: application_fleet_association + x-stackql-primaryIdentifier: + - FleetName + - ApplicationArn + x-create-only-properties: + - FleetName + - ApplicationArn + x-required-permissions: + create: + - appstream:AssociateApplicationFleet + - appstream:DescribeApplicationFleetAssociations + read: + - appstream:DescribeApplicationFleetAssociations + delete: + - appstream:DisassociateApplicationFleet + - appstream:DescribeApplicationFleetAssociations + ServiceAccountCredentials: + type: object + additionalProperties: false + properties: + AccountName: + type: string + AccountPassword: + type: string + required: + - AccountName + - AccountPassword + CertificateBasedAuthProperties: + type: object + additionalProperties: false + properties: + Status: + type: string + CertificateAuthorityArn: + type: string + DirectoryConfig: + type: object + properties: + OrganizationalUnitDistinguishedNames: + type: array + uniqueItems: false + items: + type: string + ServiceAccountCredentials: + $ref: '#/components/schemas/ServiceAccountCredentials' + DirectoryName: + type: string + CertificateBasedAuthProperties: + $ref: '#/components/schemas/CertificateBasedAuthProperties' + required: + - DirectoryName + - OrganizationalUnitDistinguishedNames + - ServiceAccountCredentials + x-stackql-resource-name: directory_config + x-stackql-primaryIdentifier: + - DirectoryName + x-create-only-properties: + - DirectoryName + x-required-permissions: + create: + - appstream:CreateDirectoryConfig + - appstream:DeleteDirectoryConfig + - appstream:DescribeDirectoryConfig + - appstream:UpdateDirectoryConfig + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + update: + - appstream:CreateDirectoryConfig + - appstream:DeleteDirectoryConfig + - appstream:DescribeDirectoryConfig + - appstream:UpdateDirectoryConfig + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + read: + - appstream:CreateDirectoryConfig + - appstream:DeleteDirectoryConfig + - appstream:DescribeDirectoryConfig + - appstream:UpdateDirectoryConfig + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + delete: + - appstream:CreateDirectoryConfig + - appstream:DeleteDirectoryConfig + - appstream:DescribeDirectoryConfig + - appstream:UpdateDirectoryConfig + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + list: + - appstream:CreateDirectoryConfig + - appstream:DeleteDirectoryConfig + - appstream:DescribeDirectoryConfig + - appstream:UpdateDirectoryConfig + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + Attribute: + type: object + properties: + Name: + type: string + Value: + type: string + required: + - Name + - Value + additionalProperties: false + Entitlement: + type: object + properties: + Name: + type: string + StackName: + type: string + Description: + type: string + AppVisibility: + type: string + Attributes: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Attribute' + CreatedTime: + type: string + LastModifiedTime: + type: string + required: + - Name + - StackName + - AppVisibility + - Attributes + x-stackql-resource-name: entitlement + x-stackql-primaryIdentifier: + - StackName + - Name + x-create-only-properties: + - Name + - StackName + x-read-only-properties: + - CreatedTime + - LastModifiedTime + x-required-permissions: + create: + - appstream:CreateEntitlement + read: + - appstream:DescribeEntitlements + update: + - appstream:UpdateEntitlement + delete: + - appstream:DeleteEntitlement + DomainJoinInfo: + type: object + additionalProperties: false + properties: + OrganizationalUnitDistinguishedName: + type: string + DirectoryName: + type: string + ImageBuilder: + type: object + properties: + Description: + type: string + VpcConfig: + $ref: '#/components/schemas/VpcConfig' + EnableDefaultInternetAccess: + type: boolean + DomainJoinInfo: + $ref: '#/components/schemas/DomainJoinInfo' + AppstreamAgentVersion: + type: string + Name: + type: string + ImageName: + type: string + DisplayName: + type: string + IamRoleArn: + type: string + InstanceType: + type: string + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + StreamingUrl: + type: string + ImageArn: + type: string + AccessEndpoints: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/AccessEndpoint' + required: + - InstanceType + - Name + x-stackql-resource-name: image_builder + x-stackql-primaryIdentifier: + - Name + x-read-only-properties: + - StreamingUrl + x-required-permissions: + create: + - appstream:CreateImageBuilder + - appstream:CreateImageBuilderStreamingURL + - appstream:CreateStreamingURL + - appstream:DeleteImageBuilder + - appstream:DescribeImageBuilders + - appstream:StartImageBuilder + - appstream:StopImageBuilder + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + read: + - appstream:CreateImageBuilder + - appstream:CreateImageBuilderStreamingURL + - appstream:CreateStreamingURL + - appstream:DeleteImageBuilder + - appstream:DescribeImageBuilders + - appstream:StartImageBuilder + - appstream:StopImageBuilder + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + delete: + - appstream:CreateImageBuilder + - appstream:CreateImageBuilderStreamingURL + - appstream:CreateStreamingURL + - appstream:DeleteImageBuilder + - appstream:DescribeImageBuilders + - appstream:StartImageBuilder + - appstream:StopImageBuilder + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + list: + - appstream:CreateImageBuilder + - appstream:CreateImageBuilderStreamingURL + - appstream:CreateStreamingURL + - appstream:DeleteImageBuilder + - appstream:DescribeImageBuilders + - appstream:StartImageBuilder + - appstream:StopImageBuilder + - iam:CreateServiceLinkedRole + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + x-stackQL-resources: + app_blocks: + name: app_blocks + id: awscc.appstream.app_blocks + x-cfn-schema-name: AppBlock + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::AppBlock' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::AppBlock' + AND region = 'us-east-1' + app_block: + name: app_block + id: awscc.appstream.app_block + x-cfn-schema-name: AppBlock + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.SourceS3Location') as source_s3_location, + JSON_EXTRACT(Properties, '$.SetupScriptDetails') as setup_script_details, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.PackagingType') as packaging_type, + JSON_EXTRACT(Properties, '$.PostSetupScriptDetails') as post_setup_script_details + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::AppBlock' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'SourceS3Location') as source_s3_location, + json_extract_path_text(Properties, 'SetupScriptDetails') as setup_script_details, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'PackagingType') as packaging_type, + json_extract_path_text(Properties, 'PostSetupScriptDetails') as post_setup_script_details + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::AppBlock' + AND data__Identifier = '' + AND region = 'us-east-1' + app_block_builders: + name: app_block_builders + id: awscc.appstream.app_block_builders + x-cfn-schema-name: AppBlockBuilder + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::AppBlockBuilder' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::AppBlockBuilder' + AND region = 'us-east-1' + app_block_builder: + name: app_block_builder + id: awscc.appstream.app_block_builder + x-cfn-schema-name: AppBlockBuilder + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.Platform') as platform, + JSON_EXTRACT(Properties, '$.AccessEndpoints') as access_endpoints, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcConfig') as vpc_config, + JSON_EXTRACT(Properties, '$.EnableDefaultInternetAccess') as enable_default_internet_access, + JSON_EXTRACT(Properties, '$.IamRoleArn') as iam_role_arn, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.InstanceType') as instance_type, + JSON_EXTRACT(Properties, '$.AppBlockArns') as app_block_arns + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::AppBlockBuilder' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'Platform') as platform, + json_extract_path_text(Properties, 'AccessEndpoints') as access_endpoints, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcConfig') as vpc_config, + json_extract_path_text(Properties, 'EnableDefaultInternetAccess') as enable_default_internet_access, + json_extract_path_text(Properties, 'IamRoleArn') as iam_role_arn, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'InstanceType') as instance_type, + json_extract_path_text(Properties, 'AppBlockArns') as app_block_arns + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::AppBlockBuilder' + AND data__Identifier = '' + AND region = 'us-east-1' + applications: + name: applications + id: awscc.appstream.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.appstream.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.LaunchPath') as launch_path, + JSON_EXTRACT(Properties, '$.LaunchParameters') as launch_parameters, + JSON_EXTRACT(Properties, '$.WorkingDirectory') as working_directory, + JSON_EXTRACT(Properties, '$.InstanceFamilies') as instance_families, + JSON_EXTRACT(Properties, '$.IconS3Location') as icon_s3_location, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AppBlockArn') as app_block_arn, + JSON_EXTRACT(Properties, '$.Platforms') as platforms, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AttributesToDelete') as attributes_to_delete, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'LaunchPath') as launch_path, + json_extract_path_text(Properties, 'LaunchParameters') as launch_parameters, + json_extract_path_text(Properties, 'WorkingDirectory') as working_directory, + json_extract_path_text(Properties, 'InstanceFamilies') as instance_families, + json_extract_path_text(Properties, 'IconS3Location') as icon_s3_location, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AppBlockArn') as app_block_arn, + json_extract_path_text(Properties, 'Platforms') as platforms, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AttributesToDelete') as attributes_to_delete, + json_extract_path_text(Properties, 'CreatedTime') as created_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + application_entitlement_associations: + name: application_entitlement_associations + id: awscc.appstream.application_entitlement_associations + x-cfn-schema-name: ApplicationEntitlementAssociation + x-type: list + x-identifiers: + - StackName + - EntitlementName + - ApplicationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StackName') as stack_name, + JSON_EXTRACT(Properties, '$.EntitlementName') as entitlement_name, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::ApplicationEntitlementAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StackName') as stack_name, + json_extract_path_text(Properties, 'EntitlementName') as entitlement_name, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::ApplicationEntitlementAssociation' + AND region = 'us-east-1' + application_entitlement_association: + name: application_entitlement_association + id: awscc.appstream.application_entitlement_association + x-cfn-schema-name: ApplicationEntitlementAssociation + x-type: get + x-identifiers: + - StackName + - EntitlementName + - ApplicationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StackName') as stack_name, + JSON_EXTRACT(Properties, '$.EntitlementName') as entitlement_name, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::ApplicationEntitlementAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StackName') as stack_name, + json_extract_path_text(Properties, 'EntitlementName') as entitlement_name, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::ApplicationEntitlementAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + application_fleet_associations: + name: application_fleet_associations + id: awscc.appstream.application_fleet_associations + x-cfn-schema-name: ApplicationFleetAssociation + x-type: list + x-identifiers: + - FleetName + - ApplicationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FleetName') as fleet_name, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::ApplicationFleetAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FleetName') as fleet_name, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::ApplicationFleetAssociation' + AND region = 'us-east-1' + application_fleet_association: + name: application_fleet_association + id: awscc.appstream.application_fleet_association + x-cfn-schema-name: ApplicationFleetAssociation + x-type: get + x-identifiers: + - FleetName + - ApplicationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FleetName') as fleet_name, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::ApplicationFleetAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FleetName') as fleet_name, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::ApplicationFleetAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + directory_configs: + name: directory_configs + id: awscc.appstream.directory_configs + x-cfn-schema-name: DirectoryConfig + x-type: list + x-identifiers: + - DirectoryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DirectoryName') as directory_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::DirectoryConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DirectoryName') as directory_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::DirectoryConfig' + AND region = 'us-east-1' + directory_config: + name: directory_config + id: awscc.appstream.directory_config + x-cfn-schema-name: DirectoryConfig + x-type: get + x-identifiers: + - DirectoryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OrganizationalUnitDistinguishedNames') as organizational_unit_distinguished_names, + JSON_EXTRACT(Properties, '$.ServiceAccountCredentials') as service_account_credentials, + JSON_EXTRACT(Properties, '$.DirectoryName') as directory_name, + JSON_EXTRACT(Properties, '$.CertificateBasedAuthProperties') as certificate_based_auth_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::DirectoryConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OrganizationalUnitDistinguishedNames') as organizational_unit_distinguished_names, + json_extract_path_text(Properties, 'ServiceAccountCredentials') as service_account_credentials, + json_extract_path_text(Properties, 'DirectoryName') as directory_name, + json_extract_path_text(Properties, 'CertificateBasedAuthProperties') as certificate_based_auth_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::DirectoryConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + entitlements: + name: entitlements + id: awscc.appstream.entitlements + x-cfn-schema-name: Entitlement + x-type: list + x-identifiers: + - StackName + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StackName') as stack_name, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::Entitlement' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StackName') as stack_name, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::Entitlement' + AND region = 'us-east-1' + entitlement: + name: entitlement + id: awscc.appstream.entitlement + x-cfn-schema-name: Entitlement + x-type: get + x-identifiers: + - StackName + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.StackName') as stack_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.AppVisibility') as app_visibility, + JSON_EXTRACT(Properties, '$.Attributes') as attributes, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::Entitlement' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'StackName') as stack_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'AppVisibility') as app_visibility, + json_extract_path_text(Properties, 'Attributes') as attributes, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::Entitlement' + AND data__Identifier = '' + AND region = 'us-east-1' + image_builders: + name: image_builders + id: awscc.appstream.image_builders + x-cfn-schema-name: ImageBuilder + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::ImageBuilder' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppStream::ImageBuilder' + AND region = 'us-east-1' + image_builder: + name: image_builder + id: awscc.appstream.image_builder + x-cfn-schema-name: ImageBuilder + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.VpcConfig') as vpc_config, + JSON_EXTRACT(Properties, '$.EnableDefaultInternetAccess') as enable_default_internet_access, + JSON_EXTRACT(Properties, '$.DomainJoinInfo') as domain_join_info, + JSON_EXTRACT(Properties, '$.AppstreamAgentVersion') as appstream_agent_version, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ImageName') as image_name, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.IamRoleArn') as iam_role_arn, + JSON_EXTRACT(Properties, '$.InstanceType') as instance_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.StreamingUrl') as streaming_url, + JSON_EXTRACT(Properties, '$.ImageArn') as image_arn, + JSON_EXTRACT(Properties, '$.AccessEndpoints') as access_endpoints + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::ImageBuilder' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'VpcConfig') as vpc_config, + json_extract_path_text(Properties, 'EnableDefaultInternetAccess') as enable_default_internet_access, + json_extract_path_text(Properties, 'DomainJoinInfo') as domain_join_info, + json_extract_path_text(Properties, 'AppstreamAgentVersion') as appstream_agent_version, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ImageName') as image_name, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'IamRoleArn') as iam_role_arn, + json_extract_path_text(Properties, 'InstanceType') as instance_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'StreamingUrl') as streaming_url, + json_extract_path_text(Properties, 'ImageArn') as image_arn, + json_extract_path_text(Properties, 'AccessEndpoints') as access_endpoints + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppStream::ImageBuilder' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/appsync.yaml b/providers/src/awscc/v00.00.00000/services/appsync.yaml new file mode 100644 index 00000000..1cf50f04 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/appsync.yaml @@ -0,0 +1,798 @@ +openapi: 3.0.0 +info: + title: AppSync + version: 1.0.0 +paths: {} +components: + schemas: + DomainName: + type: object + properties: + DomainName: + type: string + minLength: 1 + maxLength: 253 + pattern: ^(\*[a-z\d-]*\.)?([a-z\d-]+\.)+[a-z\d-]+$ + Description: + type: string + minLength: 0 + maxLength: 255 + CertificateArn: + type: string + minLength: 3 + maxLength: 2048 + pattern: ^arn:[a-z-]*:acm:[a-z0-9-]*:\d{12}:certificate/[0-9A-Za-z_/-]*$ + AppSyncDomainName: + type: string + HostedZoneId: + type: string + required: + - DomainName + - CertificateArn + x-stackql-resource-name: domain_name + x-stackql-primaryIdentifier: + - DomainName + x-create-only-properties: + - DomainName + - CertificateArn + x-read-only-properties: + - AppSyncDomainName + - HostedZoneId + x-required-permissions: + create: + - appsync:CreateDomainName + - appsync:GetDomainName + - acm:DescribeCertificate + - cloudfront:UpdateDistribution + delete: + - appsync:GetDomainName + - appsync:DeleteDomainName + update: + - appsync:UpdateDomainName + read: + - appsync:GetDomainName + list: + - appsync:ListDomainNames + DomainNameApiAssociation: + type: object + properties: + DomainName: + type: string + minLength: 1 + maxLength: 253 + pattern: ^(\*[a-z\d-]*\.)?([a-z\d-]+\.)+[a-z\d-]+$ + ApiId: + type: string + ApiAssociationIdentifier: + type: string + required: + - DomainName + - ApiId + x-stackql-resource-name: domain_name_api_association + x-stackql-primaryIdentifier: + - ApiAssociationIdentifier + x-create-only-properties: + - DomainName + x-read-only-properties: + - ApiAssociationIdentifier + x-required-permissions: + create: + - appsync:AssociateApi + - appsync:GetApiAssociation + delete: + - appsync:DisassociateApi + - appsync:GetApiAssociation + update: + - appsync:AssociateApi + - appsync:GetApiAssociation + read: + - appsync:GetApiAssociation + AppSyncRuntime: + type: object + additionalProperties: false + properties: + RuntimeVersion: + type: string + description: The ``version`` of the runtime to use. Currently, the only allowed version is ``1.0.0``. + Name: + type: string + description: The ``name`` of the runtime to use. Currently, the only allowed value is ``APPSYNC_JS``. + required: + - RuntimeVersion + - Name + description: Describes a runtime used by an APSYlong resolver or APSYlong function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. + SyncConfig: + type: object + additionalProperties: false + properties: + ConflictHandler: + type: string + description: |- + The Conflict Resolution strategy to perform in the event of a conflict. + + *OPTIMISTIC_CONCURRENCY*: Resolve conflicts by rejecting mutations when versions don't match the latest version at the server. + + *AUTOMERGE*: Resolve conflicts with the Automerge conflict resolution strategy. + + *LAMBDA*: Resolve conflicts with an LAMlong function supplied in the ``LambdaConflictHandlerConfig``. + ConflictDetection: + type: string + description: |- + The Conflict Detection strategy to use. + + *VERSION*: Detect conflicts based on object versions for this resolver. + + *NONE*: Do not detect conflicts when invoking this resolver. + LambdaConflictHandlerConfig: + $ref: '#/components/schemas/LambdaConflictHandlerConfig' + description: The ``LambdaConflictHandlerConfig`` when configuring ``LAMBDA`` as the Conflict Handler. + required: + - ConflictDetection + description: |- + Describes a Sync configuration for a resolver. + Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked. + LambdaConflictHandlerConfig: + type: object + description: The ``LambdaConflictHandlerConfig`` when configuring LAMBDA as the Conflict Handler. + additionalProperties: false + properties: + LambdaConflictHandlerArn: + type: string + description: The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler. + FunctionConfiguration: + type: object + properties: + FunctionId: + description: The unique identifier for the function generated by the service + type: string + FunctionArn: + description: The ARN for the function generated by the service + type: string + ApiId: + description: The AWS AppSync GraphQL API that you want to attach using this function. + type: string + Code: + description: The resolver code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS. + type: string + CodeS3Location: + description: The Amazon S3 endpoint (where the code is located??). + type: string + DataSourceName: + description: The name of data source this function will attach. + type: string + Description: + description: The function description. + type: string + FunctionVersion: + description: The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported. + type: string + MaxBatchSize: + description: The maximum number of resolver request inputs that will be sent to a single AWS Lambda function in a BatchInvoke operation. + type: integer + Name: + description: The name of the function. + type: string + RequestMappingTemplate: + description: The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template. + type: string + RequestMappingTemplateS3Location: + description: Describes a Sync configuration for a resolver. Contains information on which Conflict Detection, as well as Resolution strategy, should be performed when the resolver is invoked. + type: string + ResponseMappingTemplate: + description: The Function response mapping template. + type: string + ResponseMappingTemplateS3Location: + description: The location of a response mapping template in an Amazon S3 bucket. Use this if you want to provision with a template file in Amazon S3 rather than embedding it in your CloudFormation template. + type: string + Runtime: + description: Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. + $ref: '#/components/schemas/AppSyncRuntime' + SyncConfig: + description: Describes a Sync configuration for a resolver. Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked. + $ref: '#/components/schemas/SyncConfig' + required: + - ApiId + - DataSourceName + - Name + x-stackql-resource-name: function_configuration + x-stackql-primaryIdentifier: + - FunctionArn + x-create-only-properties: + - ApiId + x-read-only-properties: + - FunctionArn + - FunctionId + x-required-permissions: + create: + - s3:GetObject + - appsync:CreateFunction + read: + - appsync:GetFunction + update: + - s3:GetObject + - appsync:UpdateFunction + delete: + - appsync:DeleteFunction + list: + - appsync:ListFunctions + PipelineConfig: + type: object + additionalProperties: false + properties: + Functions: + type: array + description: A list of ``Function`` objects. + uniqueItems: false + x-insertionOrder: false + items: + type: string + description: |- + Use the ``PipelineConfig`` property type to specify ``PipelineConfig`` for an APSYlong resolver. + ``PipelineConfig`` is a property of the [AWS::AppSync::Resolver](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appsync-resolver.html) resource. + CachingConfig: + type: object + additionalProperties: false + properties: + CachingKeys: + type: array + description: |- + The caching keys for a resolver that has caching activated. + Valid values are entries from the ``$context.arguments``, ``$context.source``, and ``$context.identity`` maps. + uniqueItems: false + x-insertionOrder: false + items: + type: string + Ttl: + type: number + description: |- + The TTL in seconds for a resolver that has caching activated. + Valid values are 1–3,600 seconds. + required: + - Ttl + description: The caching configuration for a resolver that has caching activated. + Resolver: + type: object + properties: + ApiId: + type: string + description: The APSYlong GraphQL API to which you want to attach this resolver. + CachingConfig: + $ref: '#/components/schemas/CachingConfig' + description: The caching configuration for the resolver. + Code: + type: string + description: The ``resolver`` code that contains the request and response functions. When code is used, the ``runtime`` is required. The runtime value must be ``APPSYNC_JS``. + CodeS3Location: + type: string + description: The Amazon S3 endpoint. + DataSourceName: + type: string + description: The resolver data source name. + FieldName: + type: string + description: The GraphQL field on a type that invokes the resolver. + Kind: + type: string + description: |- + The resolver type. + + *UNIT*: A UNIT resolver type. A UNIT resolver is the default resolver type. You can use a UNIT resolver to run a GraphQL query against a single data source. + + *PIPELINE*: A PIPELINE resolver type. You can use a PIPELINE resolver to invoke a series of ``Function`` objects in a serial manner. You can use a pipeline resolver to run a GraphQL query against multiple data sources. + MaxBatchSize: + type: integer + description: The maximum number of resolver request inputs that will be sent to a single LAMlong function in a ``BatchInvoke`` operation. + PipelineConfig: + $ref: '#/components/schemas/PipelineConfig' + description: Functions linked with the pipeline resolver. + RequestMappingTemplate: + type: string + description: |- + The request mapping template. + Request mapping templates are optional when using a Lambda data source. For all other data sources, a request mapping template is required. + RequestMappingTemplateS3Location: + type: string + description: The location of a request mapping template in an S3 bucket. Use this if you want to provision with a template file in S3 rather than embedding it in your CFNshort template. + ResolverArn: + type: string + description: '' + ResponseMappingTemplate: + type: string + description: The response mapping template. + ResponseMappingTemplateS3Location: + type: string + description: The location of a response mapping template in an S3 bucket. Use this if you want to provision with a template file in S3 rather than embedding it in your CFNshort template. + Runtime: + $ref: '#/components/schemas/AppSyncRuntime' + description: Describes a runtime used by an APSYlong resolver or APSYlong function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. + SyncConfig: + $ref: '#/components/schemas/SyncConfig' + description: The ``SyncConfig`` for a resolver attached to a versioned data source. + TypeName: + type: string + description: The GraphQL type that invokes this resolver. + MetricsConfig: + type: string + description: '' + enum: + - ENABLED + - DISABLED + required: + - TypeName + - ApiId + - FieldName + x-stackql-resource-name: resolver + x-stackql-primaryIdentifier: + - ResolverArn + x-create-only-properties: + - ApiId + - FieldName + - TypeName + x-read-only-properties: + - ResolverArn + x-required-permissions: + create: + - s3:GetObject + - appsync:CreateResolver + - appsync:GetResolver + read: + - appsync:GetResolver + update: + - s3:GetObject + - appsync:UpdateResolver + delete: + - appsync:DeleteResolver + list: + - appsync:ListResolvers + SourceApiAssociationConfig: + properties: + MergeType: + description: Configuration of the merged behavior for the association. For example when it could be auto or has to be manual. + type: string + enum: + - AUTO_MERGE + - MANUAL_MERGE + additionalProperties: false + SourceApiAssociation: + type: object + properties: + SourceApiIdentifier: + description: Identifier of the Source GraphQLApi to associate. It could be either GraphQLApi ApiId or ARN + type: string + MergedApiIdentifier: + description: Identifier of the Merged GraphQLApi to associate. It could be either GraphQLApi ApiId or ARN + type: string + Description: + description: Description of the SourceApiAssociation. + type: string + SourceApiAssociationConfig: + description: Customized configuration for SourceApiAssociation. + $ref: '#/components/schemas/SourceApiAssociationConfig' + AssociationId: + description: Id of the SourceApiAssociation. + type: string + AssociationArn: + description: ARN of the SourceApiAssociation. + type: string + SourceApiId: + description: GraphQLApiId of the source API in the association. + type: string + SourceApiArn: + description: ARN of the source API in the association. + type: string + pattern: ^arn:aws(-(cn|us-gov))?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + MergedApiId: + description: GraphQLApiId of the Merged API in the association. + type: string + MergedApiArn: + description: ARN of the Merged API in the association. + type: string + pattern: ^arn:aws(-(cn|us-gov))?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + SourceApiAssociationStatus: + description: Current status of SourceApiAssociation. + type: string + enum: + - MERGE_SCHEDULED + - MERGE_FAILED + - MERGE_SUCCESS + - MERGE_IN_PROGRESS + - AUTO_MERGE_SCHEDULE_FAILED + - DELETION_SCHEDULED + - DELETION_IN_PROGRESS + - DELETION_FAILED + SourceApiAssociationStatusDetail: + description: Current SourceApiAssociation status details. + type: string + LastSuccessfulMergeDate: + description: Date of last schema successful merge. + type: string + format: date-time + x-stackql-resource-name: source_api_association + x-stackql-primaryIdentifier: + - AssociationArn + x-create-only-properties: + - SourceApiIdentifier + - MergedApiIdentifier + x-read-only-properties: + - AssociationId + - AssociationArn + - SourceApiId + - SourceApiArn + - MergedApiId + - MergedApiArn + - SourceApiAssociationStatus + - SourceApiAssociationStatusDetail + - LastSuccessfulMergeDate + x-required-permissions: + create: + - appsync:AssociateSourceGraphqlApi + - appsync:AssociateMergedGraphqlApi + - appsync:GetSourceApiAssociation + read: + - appsync:GetSourceApiAssociation + - appsync:ListSourceApiAssociations + update: + - appsync:GetSourceApiAssociation + - appsync:UpdateSourceApiAssociation + - appsync:GetSourceApiAssociation + delete: + - appsync:GetSourceApiAssociation + - appsync:DisassociateSourceGraphqlApi + - appsync:DisassociateMergedGraphqlApi + - appsync:ListSourceApiAssociations + list: + - appsync:ListSourceApiAssociations + x-stackQL-resources: + domain_names: + name: domain_names + id: awscc.appsync.domain_names + x-cfn-schema-name: DomainName + x-type: list + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::DomainName' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::DomainName' + AND region = 'us-east-1' + domain_name: + name: domain_name + id: awscc.appsync.domain_name + x-cfn-schema-name: DomainName + x-type: get + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.CertificateArn') as certificate_arn, + JSON_EXTRACT(Properties, '$.AppSyncDomainName') as app_sync_domain_name, + JSON_EXTRACT(Properties, '$.HostedZoneId') as hosted_zone_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::DomainName' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'CertificateArn') as certificate_arn, + json_extract_path_text(Properties, 'AppSyncDomainName') as app_sync_domain_name, + json_extract_path_text(Properties, 'HostedZoneId') as hosted_zone_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::DomainName' + AND data__Identifier = '' + AND region = 'us-east-1' + domain_name_api_associations: + name: domain_name_api_associations + id: awscc.appsync.domain_name_api_associations + x-cfn-schema-name: DomainNameApiAssociation + x-type: list + x-identifiers: + - ApiAssociationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiAssociationIdentifier') as api_association_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::DomainNameApiAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiAssociationIdentifier') as api_association_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::DomainNameApiAssociation' + AND region = 'us-east-1' + domain_name_api_association: + name: domain_name_api_association + id: awscc.appsync.domain_name_api_association + x-cfn-schema-name: DomainNameApiAssociation + x-type: get + x-identifiers: + - ApiAssociationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.ApiAssociationIdentifier') as api_association_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::DomainNameApiAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'ApiAssociationIdentifier') as api_association_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::DomainNameApiAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + function_configurations: + name: function_configurations + id: awscc.appsync.function_configurations + x-cfn-schema-name: FunctionConfiguration + x-type: list + x-identifiers: + - FunctionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionArn') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::FunctionConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionArn') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::FunctionConfiguration' + AND region = 'us-east-1' + function_configuration: + name: function_configuration + id: awscc.appsync.function_configuration + x-cfn-schema-name: FunctionConfiguration + x-type: get + x-identifiers: + - FunctionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionId') as function_id, + JSON_EXTRACT(Properties, '$.FunctionArn') as function_arn, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.Code') as code, + JSON_EXTRACT(Properties, '$.CodeS3Location') as code_s3_location, + JSON_EXTRACT(Properties, '$.DataSourceName') as data_source_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.FunctionVersion') as function_version, + JSON_EXTRACT(Properties, '$.MaxBatchSize') as max_batch_size, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RequestMappingTemplate') as request_mapping_template, + JSON_EXTRACT(Properties, '$.RequestMappingTemplateS3Location') as request_mapping_template_s3_location, + JSON_EXTRACT(Properties, '$.ResponseMappingTemplate') as response_mapping_template, + JSON_EXTRACT(Properties, '$.ResponseMappingTemplateS3Location') as response_mapping_template_s3_location, + JSON_EXTRACT(Properties, '$.Runtime') as runtime, + JSON_EXTRACT(Properties, '$.SyncConfig') as sync_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::FunctionConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionId') as function_id, + json_extract_path_text(Properties, 'FunctionArn') as function_arn, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'Code') as code, + json_extract_path_text(Properties, 'CodeS3Location') as code_s3_location, + json_extract_path_text(Properties, 'DataSourceName') as data_source_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'FunctionVersion') as function_version, + json_extract_path_text(Properties, 'MaxBatchSize') as max_batch_size, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RequestMappingTemplate') as request_mapping_template, + json_extract_path_text(Properties, 'RequestMappingTemplateS3Location') as request_mapping_template_s3_location, + json_extract_path_text(Properties, 'ResponseMappingTemplate') as response_mapping_template, + json_extract_path_text(Properties, 'ResponseMappingTemplateS3Location') as response_mapping_template_s3_location, + json_extract_path_text(Properties, 'Runtime') as runtime, + json_extract_path_text(Properties, 'SyncConfig') as sync_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::FunctionConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + resolvers: + name: resolvers + id: awscc.appsync.resolvers + x-cfn-schema-name: Resolver + x-type: list + x-identifiers: + - ResolverArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResolverArn') as resolver_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::Resolver' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResolverArn') as resolver_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::Resolver' + AND region = 'us-east-1' + resolver: + name: resolver + id: awscc.appsync.resolver + x-cfn-schema-name: Resolver + x-type: get + x-identifiers: + - ResolverArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiId') as api_id, + JSON_EXTRACT(Properties, '$.CachingConfig') as caching_config, + JSON_EXTRACT(Properties, '$.Code') as code, + JSON_EXTRACT(Properties, '$.CodeS3Location') as code_s3_location, + JSON_EXTRACT(Properties, '$.DataSourceName') as data_source_name, + JSON_EXTRACT(Properties, '$.FieldName') as field_name, + JSON_EXTRACT(Properties, '$.Kind') as kind, + JSON_EXTRACT(Properties, '$.MaxBatchSize') as max_batch_size, + JSON_EXTRACT(Properties, '$.PipelineConfig') as pipeline_config, + JSON_EXTRACT(Properties, '$.RequestMappingTemplate') as request_mapping_template, + JSON_EXTRACT(Properties, '$.RequestMappingTemplateS3Location') as request_mapping_template_s3_location, + JSON_EXTRACT(Properties, '$.ResolverArn') as resolver_arn, + JSON_EXTRACT(Properties, '$.ResponseMappingTemplate') as response_mapping_template, + JSON_EXTRACT(Properties, '$.ResponseMappingTemplateS3Location') as response_mapping_template_s3_location, + JSON_EXTRACT(Properties, '$.Runtime') as runtime, + JSON_EXTRACT(Properties, '$.SyncConfig') as sync_config, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.MetricsConfig') as metrics_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::Resolver' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiId') as api_id, + json_extract_path_text(Properties, 'CachingConfig') as caching_config, + json_extract_path_text(Properties, 'Code') as code, + json_extract_path_text(Properties, 'CodeS3Location') as code_s3_location, + json_extract_path_text(Properties, 'DataSourceName') as data_source_name, + json_extract_path_text(Properties, 'FieldName') as field_name, + json_extract_path_text(Properties, 'Kind') as kind, + json_extract_path_text(Properties, 'MaxBatchSize') as max_batch_size, + json_extract_path_text(Properties, 'PipelineConfig') as pipeline_config, + json_extract_path_text(Properties, 'RequestMappingTemplate') as request_mapping_template, + json_extract_path_text(Properties, 'RequestMappingTemplateS3Location') as request_mapping_template_s3_location, + json_extract_path_text(Properties, 'ResolverArn') as resolver_arn, + json_extract_path_text(Properties, 'ResponseMappingTemplate') as response_mapping_template, + json_extract_path_text(Properties, 'ResponseMappingTemplateS3Location') as response_mapping_template_s3_location, + json_extract_path_text(Properties, 'Runtime') as runtime, + json_extract_path_text(Properties, 'SyncConfig') as sync_config, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'MetricsConfig') as metrics_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::Resolver' + AND data__Identifier = '' + AND region = 'us-east-1' + source_api_associations: + name: source_api_associations + id: awscc.appsync.source_api_associations + x-cfn-schema-name: SourceApiAssociation + x-type: list + x-identifiers: + - AssociationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociationArn') as association_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::SourceApiAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociationArn') as association_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AppSync::SourceApiAssociation' + AND region = 'us-east-1' + source_api_association: + name: source_api_association + id: awscc.appsync.source_api_association + x-cfn-schema-name: SourceApiAssociation + x-type: get + x-identifiers: + - AssociationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SourceApiIdentifier') as source_api_identifier, + JSON_EXTRACT(Properties, '$.MergedApiIdentifier') as merged_api_identifier, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SourceApiAssociationConfig') as source_api_association_config, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id, + JSON_EXTRACT(Properties, '$.AssociationArn') as association_arn, + JSON_EXTRACT(Properties, '$.SourceApiId') as source_api_id, + JSON_EXTRACT(Properties, '$.SourceApiArn') as source_api_arn, + JSON_EXTRACT(Properties, '$.MergedApiId') as merged_api_id, + JSON_EXTRACT(Properties, '$.MergedApiArn') as merged_api_arn, + JSON_EXTRACT(Properties, '$.SourceApiAssociationStatus') as source_api_association_status, + JSON_EXTRACT(Properties, '$.SourceApiAssociationStatusDetail') as source_api_association_status_detail, + JSON_EXTRACT(Properties, '$.LastSuccessfulMergeDate') as last_successful_merge_date + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::SourceApiAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SourceApiIdentifier') as source_api_identifier, + json_extract_path_text(Properties, 'MergedApiIdentifier') as merged_api_identifier, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SourceApiAssociationConfig') as source_api_association_config, + json_extract_path_text(Properties, 'AssociationId') as association_id, + json_extract_path_text(Properties, 'AssociationArn') as association_arn, + json_extract_path_text(Properties, 'SourceApiId') as source_api_id, + json_extract_path_text(Properties, 'SourceApiArn') as source_api_arn, + json_extract_path_text(Properties, 'MergedApiId') as merged_api_id, + json_extract_path_text(Properties, 'MergedApiArn') as merged_api_arn, + json_extract_path_text(Properties, 'SourceApiAssociationStatus') as source_api_association_status, + json_extract_path_text(Properties, 'SourceApiAssociationStatusDetail') as source_api_association_status_detail, + json_extract_path_text(Properties, 'LastSuccessfulMergeDate') as last_successful_merge_date + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AppSync::SourceApiAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/aps.yaml b/providers/src/awscc/v00.00.00000/services/aps.yaml new file mode 100644 index 00000000..c917dd67 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/aps.yaml @@ -0,0 +1,319 @@ +openapi: 3.0.0 +info: + title: APS + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + RuleGroupsNamespace: + type: object + properties: + Workspace: + description: Required to identify a specific APS Workspace associated with this RuleGroupsNamespace. + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$ + Name: + description: The RuleGroupsNamespace name. + type: string + minLength: 1 + maxLength: 64 + Data: + description: The RuleGroupsNamespace data. + type: string + Arn: + description: The RuleGroupsNamespace ARN. + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:rulegroupsnamespace/[a-zA-Z0-9-]+/[0-9A-Za-z][-.0-9A-Z_a-z]*$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Workspace + - Data + - Name + x-stackql-resource-name: rule_groups_namespace + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Workspace + x-read-only-properties: + - Arn + x-required-permissions: + create: + - aps:CreateRuleGroupsNamespace + - aps:DescribeRuleGroupsNamespace + - aps:TagResource + read: + - aps:DescribeRuleGroupsNamespace + - aps:ListTagsForResource + update: + - aps:PutRuleGroupsNamespace + - aps:DescribeRuleGroupsNamespace + - aps:TagResource + - aps:UntagResource + - aps:ListTagsForResource + delete: + - aps:DeleteRuleGroupsNamespace + - aps:DescribeRuleGroupsNamespace + list: + - aps:ListRuleGroupsNamespaces + - aps:ListTagsForResource + LoggingConfiguration: + description: Logging configuration + type: object + properties: + LogGroupArn: + description: CloudWatch log group ARN + type: string + minLength: 0 + maxLength: 512 + additionalProperties: false + Workspace: + type: object + properties: + WorkspaceId: + description: Required to identify a specific APS Workspace. + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_-]{1,99}$ + minLength: 1 + maxLength: 100 + Alias: + description: AMP Workspace alias. + type: string + minLength: 0 + maxLength: 100 + Arn: + description: Workspace arn. + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$ + minLength: 1 + maxLength: 128 + AlertManagerDefinition: + description: The AMP Workspace alert manager definition data + type: string + PrometheusEndpoint: + description: AMP Workspace prometheus endpoint + type: string + LoggingConfiguration: + $ref: '#/components/schemas/LoggingConfiguration' + KmsKeyArn: + description: KMS Key ARN used to encrypt and decrypt AMP workspace data. + type: string + pattern: ^arn:aws[-a-z]*:kms:[-a-z0-9]+:[0-9]{12}:key/.+$ + minLength: 20 + maxLength: 2048 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: [] + x-stackql-resource-name: workspace + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - KmsKeyArn + x-read-only-properties: + - WorkspaceId + - Arn + - PrometheusEndpoint + x-required-permissions: + create: + - aps:CreateWorkspace + - aps:DescribeWorkspace + - aps:TagResource + - aps:CreateAlertManagerDefinition + - aps:DescribeAlertManagerDefinition + - aps:CreateLoggingConfiguration + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - kms:CreateGrant + - kms:Decrypt + - kms:GenerateDataKey + read: + - aps:DescribeWorkspace + - aps:ListTagsForResource + - aps:DescribeAlertManagerDefinition + - aps:DescribeLoggingConfiguration + update: + - aps:UpdateWorkspaceAlias + - aps:DescribeWorkspace + - aps:TagResource + - aps:UntagResource + - aps:ListTagsForResource + - aps:CreateAlertManagerDefinition + - aps:PutAlertManagerDefinition + - aps:DeleteAlertManagerDefinition + - aps:CreateLoggingConfiguration + - aps:DescribeLoggingConfiguration + - aps:UpdateLoggingConfiguration + - aps:DeleteLoggingConfiguration + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:ListLogDeliveries + - logs:DeleteLogDelivery + - logs:PutResourcePolicy + delete: + - aps:DeleteWorkspace + - aps:DescribeWorkspace + - aps:DeleteAlertManagerDefinition + - aps:DeleteLoggingConfiguration + - logs:DeleteLogDelivery + list: + - aps:ListWorkspaces + - aps:ListTagsForResource + x-stackQL-resources: + rule_groups_namespaces: + name: rule_groups_namespaces + id: awscc.aps.rule_groups_namespaces + x-cfn-schema-name: RuleGroupsNamespace + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::APS::RuleGroupsNamespace' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::APS::RuleGroupsNamespace' + AND region = 'us-east-1' + rule_groups_namespace: + name: rule_groups_namespace + id: awscc.aps.rule_groups_namespace + x-cfn-schema-name: RuleGroupsNamespace + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Workspace') as workspace, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Data') as data, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::APS::RuleGroupsNamespace' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Workspace') as workspace, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Data') as data, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::APS::RuleGroupsNamespace' + AND data__Identifier = '' + AND region = 'us-east-1' + workspaces: + name: workspaces + id: awscc.aps.workspaces + x-cfn-schema-name: Workspace + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::APS::Workspace' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::APS::Workspace' + AND region = 'us-east-1' + workspace: + name: workspace + id: awscc.aps.workspace + x-cfn-schema-name: Workspace + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.Alias') as alias, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AlertManagerDefinition') as alert_manager_definition, + JSON_EXTRACT(Properties, '$.PrometheusEndpoint') as prometheus_endpoint, + JSON_EXTRACT(Properties, '$.LoggingConfiguration') as logging_configuration, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::APS::Workspace' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'Alias') as alias, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AlertManagerDefinition') as alert_manager_definition, + json_extract_path_text(Properties, 'PrometheusEndpoint') as prometheus_endpoint, + json_extract_path_text(Properties, 'LoggingConfiguration') as logging_configuration, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::APS::Workspace' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/arczonalshift.yaml b/providers/src/awscc/v00.00.00000/services/arczonalshift.yaml new file mode 100644 index 00000000..f5c467f4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/arczonalshift.yaml @@ -0,0 +1,166 @@ +openapi: 3.0.0 +info: + title: ARCZonalShift + version: 1.0.0 +paths: {} +components: + schemas: + ZonalAutoshiftStatus: + type: string + enum: + - ENABLED + - DISABLED + ControlCondition: + type: object + properties: + Type: + $ref: '#/components/schemas/ControlConditionType' + AlarmIdentifier: + type: string + maxLength: 1024 + minLength: 8 + pattern: ^arn:.*$ + required: + - AlarmIdentifier + - Type + additionalProperties: false + ControlConditionType: + type: string + enum: + - CLOUDWATCH + PracticeRunConfiguration: + type: object + properties: + BlockingAlarms: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ControlCondition' + maxItems: 1 + minItems: 1 + OutcomeAlarms: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ControlCondition' + maxItems: 1 + minItems: 1 + BlockedDates: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 10 + minLength: 10 + pattern: ^[0-9]{4}-[0-9]{2}-[0-9]{2}$ + maxItems: 15 + minItems: 0 + BlockedWindows: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 19 + minLength: 19 + pattern: ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun):[0-9]{2}:[0-9]{2}-(Mon|Tue|Wed|Thu|Fri|Sat|Sun):[0-9]{2}:[0-9]{2}$ + maxItems: 15 + minItems: 0 + required: + - OutcomeAlarms + additionalProperties: false + ZonalAutoshiftConfiguration: + type: object + properties: + ZonalAutoshiftStatus: + $ref: '#/components/schemas/ZonalAutoshiftStatus' + x-dependencies: + ZonalAutoshiftStatus: + - PracticeRunConfiguration + PracticeRunConfiguration: + $ref: '#/components/schemas/PracticeRunConfiguration' + ResourceIdentifier: + type: string + maxLength: 1024 + minLength: 8 + x-stackql-resource-name: zonal_autoshift_configuration + x-stackql-primaryIdentifier: + - ResourceIdentifier + x-create-only-properties: + - ResourceIdentifier + x-required-permissions: + create: + - arc-zonal-shift:CreatePracticeRunConfiguration + - arc-zonal-shift:GetManagedResource + - arc-zonal-shift:UpdateZonalAutoshiftConfiguration + - cloudwatch:DescribeAlarms + - iam:CreateServiceLinkedRole + read: + - arc-zonal-shift:GetManagedResource + update: + - arc-zonal-shift:GetManagedResource + - arc-zonal-shift:UpdatePracticeRunConfiguration + - arc-zonal-shift:UpdateZonalAutoshiftConfiguration + - cloudwatch:DescribeAlarms + delete: + - arc-zonal-shift:DeletePracticeRunConfiguration + - arc-zonal-shift:GetManagedResource + - arc-zonal-shift:UpdateZonalAutoshiftConfiguration + list: + - arc-zonal-shift:ListManagedResources + x-stackQL-resources: + zonal_autoshift_configurations: + name: zonal_autoshift_configurations + id: awscc.arczonalshift.zonal_autoshift_configurations + x-cfn-schema-name: ZonalAutoshiftConfiguration + x-type: list + x-identifiers: + - ResourceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ARCZonalShift::ZonalAutoshiftConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ARCZonalShift::ZonalAutoshiftConfiguration' + AND region = 'us-east-1' + zonal_autoshift_configuration: + name: zonal_autoshift_configuration + id: awscc.arczonalshift.zonal_autoshift_configuration + x-cfn-schema-name: ZonalAutoshiftConfiguration + x-type: get + x-identifiers: + - ResourceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ZonalAutoshiftStatus') as zonal_autoshift_status, + JSON_EXTRACT(Properties, '$.PracticeRunConfiguration') as practice_run_configuration, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ARCZonalShift::ZonalAutoshiftConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ZonalAutoshiftStatus') as zonal_autoshift_status, + json_extract_path_text(Properties, 'PracticeRunConfiguration') as practice_run_configuration, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ARCZonalShift::ZonalAutoshiftConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/athena.yaml b/providers/src/awscc/v00.00.00000/services/athena.yaml new file mode 100644 index 00000000..637768e9 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/athena.yaml @@ -0,0 +1,883 @@ +openapi: 3.0.0 +info: + title: Athena + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + description: The Amazon Resource Name (ARN) of the specified capacity reservation + type: string + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + WorkgroupName: + pattern: '[a-zA-Z0-9._-]{1,128}' + type: string + WorkgroupNames: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/WorkgroupName' + CapacityAssignment: + type: object + properties: + WorkgroupNames: + $ref: '#/components/schemas/WorkgroupNames' + required: + - WorkgroupNames + additionalProperties: false + CapacityAssignments: + description: List of capacity assignments + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/CapacityAssignment' + CapacityAssignmentConfiguration: + description: Assignment configuration to assign workgroups to a reservation + type: object + properties: + CapacityAssignments: + $ref: '#/components/schemas/CapacityAssignments' + required: + - CapacityAssignments + additionalProperties: false + CapacityReservationStatus: + type: string + enum: + - PENDING + - ACTIVE + - CANCELLING + - CANCELLED + - FAILED + - UPDATE_PENDING + CapacityReservation: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + Name: + description: The reservation name. + pattern: '[a-zA-Z0-9._-]{1,128}' + type: string + Status: + description: The status of the reservation. + $ref: '#/components/schemas/CapacityReservationStatus' + TargetDpus: + description: The number of DPUs to request to be allocated to the reservation. + type: integer + format: int64 + minimum: 1 + AllocatedDpus: + description: The number of DPUs Athena has provisioned and allocated for the reservation + type: integer + format: int64 + minimum: 0 + CapacityAssignmentConfiguration: + $ref: '#/components/schemas/CapacityAssignmentConfiguration' + CreationTime: + description: The date and time the reservation was created. + type: string + LastSuccessfulAllocationTime: + description: The timestamp when the last successful allocated was made + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - TargetDpus + x-stackql-resource-name: capacity_reservation + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - Status + - AllocatedDpus + - CreationTime + - LastSuccessfulAllocationTime + x-required-permissions: + create: + - athena:CreateCapacityReservation + - athena:PutCapacityAssignmentConfiguration + - athena:GetCapacityReservation + - athena:TagResource + read: + - athena:GetCapacityReservation + - athena:GetCapacityAssignmentConfiguration + - athena:ListTagsForResource + update: + - athena:UpdateCapacityReservation + - athena:PutCapacityAssignmentConfiguration + - athena:GetCapacityReservation + - athena:TagResource + - athena:UntagResource + delete: + - athena:CancelCapacityReservation + - athena:GetCapacityReservation + - athena:DeleteCapacityReservation + list: + - athena:ListCapacityReservations + - athena:GetCapacityReservation + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + DataCatalog: + type: object + properties: + Name: + description: 'The name of the data catalog to create. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters. ' + type: string + minLength: 1 + maxLength: 256 + Description: + description: 'A description of the data catalog to be created. ' + type: string + minLength: 1 + maxLength: 1024 + Parameters: + description: 'Specifies the Lambda function or functions to use for creating the data catalog. This is a mapping whose values depend on the catalog type. ' + type: object + x-patternProperties: + .*: + type: string + maxLength: 51200 + additionalProperties: false + Tags: + description: 'A list of comma separated tags to add to the data catalog that is created. ' + $ref: '#/components/schemas/Tags' + Type: + description: 'The type of data catalog to create: LAMBDA for a federated catalog, GLUE for AWS Glue Catalog, or HIVE for an external hive metastore. ' + type: string + enum: + - LAMBDA + - GLUE + - HIVE + required: + - Name + - Type + x-stackql-resource-name: data_catalog + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-required-permissions: + create: + - athena:CreateDataCatalog + - athena:TagResource + read: + - athena:GetDataCatalog + - athena:ListTagsForResource + update: + - athena:UpdateDataCatalog + - athena:TagResource + - athena:GetDataCatalog + - athena:UntagResource + - athena:ListTagsForResource + delete: + - athena:DeleteDataCatalog + list: + - athena:ListDataCatalog + NamedQuery: + type: object + properties: + Name: + description: The query name. + type: string + minLength: 1 + maxLength: 128 + Database: + description: The database to which the query belongs. + type: string + minLength: 1 + maxLength: 255 + Description: + description: The query description. + type: string + minLength: 1 + maxLength: 1024 + QueryString: + description: The contents of the query with all query statements. + type: string + minLength: 1 + maxLength: 262144 + WorkGroup: + description: The name of the workgroup that contains the named query. + type: string + minLength: 1 + maxLength: 128 + NamedQueryId: + description: The unique ID of the query. + type: string + required: + - Database + - QueryString + x-stackql-resource-name: named_query + x-stackql-primaryIdentifier: + - NamedQueryId + x-create-only-properties: + - Name + - Database + - Description + - QueryString + - WorkGroup + x-read-only-properties: + - NamedQueryId + x-required-permissions: + create: + - athena:CreateNamedQuery + read: + - athena:GetNamedQuery + list: + - athena:ListNamedQueries + delete: + - athena:DeleteNamedQuery + PreparedStatement: + type: object + properties: + StatementName: + description: The name of the prepared statement. + type: string + minLength: 1 + maxLength: 256 + WorkGroup: + description: The name of the workgroup to which the prepared statement belongs. + type: string + minLength: 1 + maxLength: 128 + Description: + description: The description of the prepared statement. + type: string + minLength: 1 + maxLength: 1024 + QueryStatement: + description: The query string for the prepared statement. + type: string + minLength: 1 + maxLength: 262144 + required: + - StatementName + - WorkGroup + - QueryStatement + x-stackql-resource-name: prepared_statement + x-stackql-primaryIdentifier: + - StatementName + - WorkGroup + x-create-only-properties: + - StatementName + - WorkGroup + x-required-permissions: + create: + - athena:CreatePreparedStatement + - athena:GetPreparedStatement + read: + - athena:GetPreparedStatement + update: + - athena:UpdatePreparedStatement + delete: + - athena:DeletePreparedStatement + - athena:GetPreparedStatement + list: + - athena:ListPreparedStatements + SelectedEngineVersion: + description: The engine version requested by the user. Possible values are determined by the output of ListEngineVersions, including Auto. The default is Auto. + type: string + EffectiveEngineVersion: + description: Read only. The engine version on which the query runs. If the user requests a valid engine version other than Auto, the effective engine version is the same as the engine version that the user requested. If the user requests Auto, the effective engine version is chosen by Athena. When a request to update the engine version is made by a CreateWorkGroup or UpdateWorkGroup operation, the EffectiveEngineVersion field is ignored. + type: string + EngineVersion: + description: The Athena engine version for running queries. + type: object + properties: + SelectedEngineVersion: + $ref: '#/components/schemas/SelectedEngineVersion' + EffectiveEngineVersion: + $ref: '#/components/schemas/EffectiveEngineVersion' + additionalProperties: false + BytesScannedCutoffPerQuery: + description: The upper data usage limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. + type: integer + format: int64 + minimum: 10000000 + EnforceWorkGroupConfiguration: + description: If set to "true", the settings for the workgroup override client-side settings. If set to "false", client-side settings are used + type: boolean + PublishCloudWatchMetricsEnabled: + description: Indicates that the Amazon CloudWatch metrics are enabled for the workgroup. + type: boolean + RequesterPaysEnabled: + description: 'If set to true, allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to false, workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. ' + type: boolean + OutputLocation: + description: 'The location in Amazon S3 where your query results are stored, such as s3://path/to/query/bucket/. To run the query, you must specify the query results location using one of the ways: either for individual queries using either this setting (client-side), or in the workgroup, using WorkGroupConfiguration' + type: string + KmsKey: + description: 'For SSE-KMS and CSE-KMS, this is the KMS key ARN or ID. ' + type: string + EncryptionOption: + description: Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (SSE-S3), server-side encryption with KMS-managed keys (SSE-KMS), or client-side encryption with KMS-managed keys (CSE-KMS) is used. + type: string + enum: + - SSE_S3 + - SSE_KMS + - CSE_KMS + RemoveBytesScannedCutoffPerQuery: + description: Indicates that the data usage control limit per query is removed. + type: boolean + EncryptionConfiguration: + description: If query results are encrypted in Amazon S3, indicates the encryption option used (for example, SSE-KMS or CSE-KMS) and key information. + type: object + properties: + EncryptionOption: + $ref: '#/components/schemas/EncryptionOption' + KmsKey: + $ref: '#/components/schemas/KmsKey' + required: + - EncryptionOption + additionalProperties: false + RemoveEncryptionConfiguration: + type: boolean + AdditionalConfiguration: + description: Additional Configuration that are passed to Athena Spark Calculations running in this workgroup + type: string + ExecutionRole: + description: Execution Role ARN required to run Athena Spark Calculations + type: string + RemoveOutputLocation: + type: boolean + ExpectedBucketOwner: + description: The AWS account ID of the owner of S3 bucket where query results are stored + type: string + RemoveExpectedBucketOwner: + type: boolean + S3AclOption: + description: The Amazon S3 canned ACL that Athena should specify when storing query results. Currently the only supported canned ACL is BUCKET_OWNER_FULL_CONTROL + type: string + enum: + - BUCKET_OWNER_FULL_CONTROL + AclConfiguration: + description: Indicates that an Amazon S3 canned ACL should be set to control ownership of stored query results + type: object + properties: + S3AclOption: + $ref: '#/components/schemas/S3AclOption' + required: + - S3AclOption + additionalProperties: false + RemoveAclConfiguration: + type: boolean + CustomerContentEncryptionConfiguration: + description: Indicates the KMS key for encrypting notebook content. + type: object + properties: + KmsKey: + $ref: '#/components/schemas/KmsKey' + required: + - KmsKey + additionalProperties: false + RemoveCustomerContentEncryptionConfiguration: + type: boolean + ResultConfiguration: + description: | + The location in Amazon S3 where query results are stored and the encryption option, if any, used for query results. These are known as "client-side settings". If workgroup settings override client-side settings, then the query uses the workgroup settings. + type: object + properties: + EncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + OutputLocation: + $ref: '#/components/schemas/OutputLocation' + ExpectedBucketOwner: + $ref: '#/components/schemas/ExpectedBucketOwner' + AclConfiguration: + $ref: '#/components/schemas/AclConfiguration' + additionalProperties: false + ResultConfigurationUpdates: + description: 'The result configuration information about the queries in this workgroup that will be updated. Includes the updated results location and an updated option for encrypting query results. ' + type: object + properties: + EncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + OutputLocation: + $ref: '#/components/schemas/OutputLocation' + ExpectedBucketOwner: + $ref: '#/components/schemas/ExpectedBucketOwner' + AclConfiguration: + $ref: '#/components/schemas/AclConfiguration' + RemoveEncryptionConfiguration: + $ref: '#/components/schemas/RemoveEncryptionConfiguration' + RemoveOutputLocation: + $ref: '#/components/schemas/RemoveOutputLocation' + RemoveExpectedBucketOwner: + $ref: '#/components/schemas/RemoveExpectedBucketOwner' + RemoveAclConfiguration: + $ref: '#/components/schemas/RemoveAclConfiguration' + additionalProperties: false + WorkGroupConfiguration: + type: object + properties: + BytesScannedCutoffPerQuery: + $ref: '#/components/schemas/BytesScannedCutoffPerQuery' + EnforceWorkGroupConfiguration: + $ref: '#/components/schemas/EnforceWorkGroupConfiguration' + PublishCloudWatchMetricsEnabled: + $ref: '#/components/schemas/PublishCloudWatchMetricsEnabled' + RequesterPaysEnabled: + $ref: '#/components/schemas/RequesterPaysEnabled' + ResultConfiguration: + $ref: '#/components/schemas/ResultConfiguration' + EngineVersion: + $ref: '#/components/schemas/EngineVersion' + AdditionalConfiguration: + $ref: '#/components/schemas/AdditionalConfiguration' + ExecutionRole: + $ref: '#/components/schemas/ExecutionRole' + CustomerContentEncryptionConfiguration: + $ref: '#/components/schemas/CustomerContentEncryptionConfiguration' + additionalProperties: false + WorkGroupConfigurationUpdates: + type: object + description: 'The configuration information that will be updated for this workgroup, which includes the location in Amazon S3 where query results are stored, the encryption option, if any, used for query results, whether the Amazon CloudWatch Metrics are enabled for the workgroup, whether the workgroup settings override the client-side settings, and the data usage limit for the amount of bytes scanned per query, if it is specified. ' + properties: + BytesScannedCutoffPerQuery: + $ref: '#/components/schemas/BytesScannedCutoffPerQuery' + EnforceWorkGroupConfiguration: + $ref: '#/components/schemas/EnforceWorkGroupConfiguration' + PublishCloudWatchMetricsEnabled: + $ref: '#/components/schemas/PublishCloudWatchMetricsEnabled' + RequesterPaysEnabled: + $ref: '#/components/schemas/RequesterPaysEnabled' + ResultConfigurationUpdates: + $ref: '#/components/schemas/ResultConfigurationUpdates' + RemoveBytesScannedCutoffPerQuery: + $ref: '#/components/schemas/RemoveBytesScannedCutoffPerQuery' + EngineVersion: + $ref: '#/components/schemas/EngineVersion' + AdditionalConfiguration: + $ref: '#/components/schemas/AdditionalConfiguration' + ExecutionRole: + $ref: '#/components/schemas/ExecutionRole' + CustomerContentEncryptionConfiguration: + $ref: '#/components/schemas/CustomerContentEncryptionConfiguration' + RemoveCustomerContentEncryptionConfiguration: + $ref: '#/components/schemas/RemoveCustomerContentEncryptionConfiguration' + additionalProperties: false + WorkGroup: + type: object + properties: + Name: + description: The workGroup name. + pattern: '[a-zA-Z0-9._-]{1,128}' + type: string + Description: + description: The workgroup description. + type: string + minLength: 0 + maxLength: 1024 + Tags: + description: One or more tags, separated by commas, that you want to attach to the workgroup as you create it + $ref: '#/components/schemas/Tags' + WorkGroupConfiguration: + description: The workgroup configuration + $ref: '#/components/schemas/WorkGroupConfiguration' + WorkGroupConfigurationUpdates: + description: The workgroup configuration update object + $ref: '#/components/schemas/WorkGroupConfigurationUpdates' + CreationTime: + description: The date and time the workgroup was created. + type: string + State: + description: 'The state of the workgroup: ENABLED or DISABLED.' + type: string + enum: + - ENABLED + - DISABLED + RecursiveDeleteOption: + description: The option to delete the workgroup and its contents even if the workgroup contains any named queries. + type: boolean + required: + - Name + x-stackql-resource-name: work_group + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - CreationTime + - WorkGroupConfiguration/EngineVersion/EffectiveEngineVersion + - WorkGroupConfigurationUpdates/EngineVersion/EffectiveEngineVersion + x-required-permissions: + create: + - athena:CreateWorkGroup + - athena:TagResource + - iam:PassRole + - s3:GetBucketLocation + - s3:GetObject + - s3:ListBucket + - s3:ListBucketMultipartUploads + - s3:AbortMultipartUpload + - s3:PutObject + - s3:ListMultipartUploadParts + - kms:Decrypt + - kms:GenerateDataKey + read: + - athena:GetWorkGroup + - athena:ListTagsForResource + list: + - athena:ListWorkGroups + delete: + - athena:DeleteWorkGroup + - athena:GetWorkGroup + - athena:UntagResource + update: + - athena:UpdateWorkGroup + - athena:TagResource + - athena:UntagResource + - iam:PassRole + - s3:GetBucketLocation + - s3:GetObject + - s3:ListBucket + - s3:ListBucketMultipartUploads + - s3:AbortMultipartUpload + - s3:PutObject + - s3:ListMultipartUploadParts + - kms:Decrypt + - kms:GenerateDataKey + x-stackQL-resources: + capacity_reservations: + name: capacity_reservations + id: awscc.athena.capacity_reservations + x-cfn-schema-name: CapacityReservation + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::CapacityReservation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::CapacityReservation' + AND region = 'us-east-1' + capacity_reservation: + name: capacity_reservation + id: awscc.athena.capacity_reservation + x-cfn-schema-name: CapacityReservation + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.TargetDpus') as target_dpus, + JSON_EXTRACT(Properties, '$.AllocatedDpus') as allocated_dpus, + JSON_EXTRACT(Properties, '$.CapacityAssignmentConfiguration') as capacity_assignment_configuration, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastSuccessfulAllocationTime') as last_successful_allocation_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::CapacityReservation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'TargetDpus') as target_dpus, + json_extract_path_text(Properties, 'AllocatedDpus') as allocated_dpus, + json_extract_path_text(Properties, 'CapacityAssignmentConfiguration') as capacity_assignment_configuration, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastSuccessfulAllocationTime') as last_successful_allocation_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::CapacityReservation' + AND data__Identifier = '' + AND region = 'us-east-1' + data_catalogs: + name: data_catalogs + id: awscc.athena.data_catalogs + x-cfn-schema-name: DataCatalog + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::DataCatalog' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::DataCatalog' + AND region = 'us-east-1' + data_catalog: + name: data_catalog + id: awscc.athena.data_catalog + x-cfn-schema-name: DataCatalog + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::DataCatalog' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::DataCatalog' + AND data__Identifier = '' + AND region = 'us-east-1' + named_queries: + name: named_queries + id: awscc.athena.named_queries + x-cfn-schema-name: NamedQuery + x-type: list + x-identifiers: + - NamedQueryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.NamedQueryId') as named_query_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::NamedQuery' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'NamedQueryId') as named_query_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::NamedQuery' + AND region = 'us-east-1' + named_query: + name: named_query + id: awscc.athena.named_query + x-cfn-schema-name: NamedQuery + x-type: get + x-identifiers: + - NamedQueryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Database') as _database, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.QueryString') as query_string, + JSON_EXTRACT(Properties, '$.WorkGroup') as work_group, + JSON_EXTRACT(Properties, '$.NamedQueryId') as named_query_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::NamedQuery' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Database') as _database, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'QueryString') as query_string, + json_extract_path_text(Properties, 'WorkGroup') as work_group, + json_extract_path_text(Properties, 'NamedQueryId') as named_query_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::NamedQuery' + AND data__Identifier = '' + AND region = 'us-east-1' + prepared_statements: + name: prepared_statements + id: awscc.athena.prepared_statements + x-cfn-schema-name: PreparedStatement + x-type: list + x-identifiers: + - StatementName + - WorkGroup + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StatementName') as statement_name, + JSON_EXTRACT(Properties, '$.WorkGroup') as work_group + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::PreparedStatement' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StatementName') as statement_name, + json_extract_path_text(Properties, 'WorkGroup') as work_group + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::PreparedStatement' + AND region = 'us-east-1' + prepared_statement: + name: prepared_statement + id: awscc.athena.prepared_statement + x-cfn-schema-name: PreparedStatement + x-type: get + x-identifiers: + - StatementName + - WorkGroup + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StatementName') as statement_name, + JSON_EXTRACT(Properties, '$.WorkGroup') as work_group, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.QueryStatement') as query_statement + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::PreparedStatement' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StatementName') as statement_name, + json_extract_path_text(Properties, 'WorkGroup') as work_group, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'QueryStatement') as query_statement + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::PreparedStatement' + AND data__Identifier = '' + AND region = 'us-east-1' + work_groups: + name: work_groups + id: awscc.athena.work_groups + x-cfn-schema-name: WorkGroup + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::WorkGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Athena::WorkGroup' + AND region = 'us-east-1' + work_group: + name: work_group + id: awscc.athena.work_group + x-cfn-schema-name: WorkGroup + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.WorkGroupConfiguration') as work_group_configuration, + JSON_EXTRACT(Properties, '$.WorkGroupConfigurationUpdates') as work_group_configuration_updates, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.RecursiveDeleteOption') as recursive_delete_option + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::WorkGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'WorkGroupConfiguration') as work_group_configuration, + json_extract_path_text(Properties, 'WorkGroupConfigurationUpdates') as work_group_configuration_updates, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'RecursiveDeleteOption') as recursive_delete_option + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Athena::WorkGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/auditmanager.yaml b/providers/src/awscc/v00.00.00000/services/auditmanager.yaml new file mode 100644 index 00000000..b6b3caf2 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/auditmanager.yaml @@ -0,0 +1,347 @@ +openapi: 3.0.0 +info: + title: AuditManager + version: 1.0.0 +paths: {} +components: + schemas: + FrameworkId: + description: The identifier for the specified framework. + type: string + maxLength: 36 + minLength: 32 + pattern: ^([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}|.*\S.*)$ + UUID: + type: string + maxLength: 36 + minLength: 36 + pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + AccountId: + description: The identifier for the specified AWS account. + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + EmailAddress: + description: The unique identifier for the email account. + type: string + maxLength: 320 + minLength: 1 + pattern: ^.*@.*$ + AccountName: + description: The name of the specified AWS account. + type: string + maxLength: 50 + minLength: 1 + pattern: ^[\u0020-\u007E]+$ + AWSAccount: + description: The AWS account associated with the assessment. + type: object + additionalProperties: false + properties: + Id: + $ref: '#/components/schemas/AccountId' + EmailAddress: + $ref: '#/components/schemas/EmailAddress' + Name: + $ref: '#/components/schemas/AccountName' + AssessmentArn: + description: The Amazon Resource Name (ARN) of the assessment. + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:.*:auditmanager:.* + Timestamp: + description: The sequence of characters that identifies when the event occurred. + type: number + ControlSetId: + description: The identifier for the specified control set. + type: string + maxLength: 300 + minLength: 1 + pattern: ^[\w\W\s\S]*$ + CreatedBy: + description: The IAM user or role that performed the action. + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:.*:*:.* + IamArn: + description: The Amazon Resource Name (ARN) of the IAM user or role. + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:.*:iam:.* + AssessmentName: + description: The name of the related assessment. + type: string + maxLength: 127 + minLength: 1 + pattern: ^[a-zA-Z0-9-_\.]+$ + DelegationComment: + description: The comment related to the delegation. + type: string + maxLength: 350 + pattern: ^[\w\W\s\S]*$ + RoleType: + description: ' The IAM role type.' + type: string + enum: + - PROCESS_OWNER + - RESOURCE_OWNER + DelegationStatus: + description: The status of the delegation. + type: string + enum: + - IN_PROGRESS + - UNDER_REVIEW + - COMPLETE + Delegation: + description: The assignment of a control set to a delegate for review. + type: object + additionalProperties: false + properties: + LastUpdated: + $ref: '#/components/schemas/Timestamp' + ControlSetId: + $ref: '#/components/schemas/ControlSetId' + CreationTime: + $ref: '#/components/schemas/Timestamp' + CreatedBy: + $ref: '#/components/schemas/CreatedBy' + RoleArn: + $ref: '#/components/schemas/IamArn' + AssessmentName: + $ref: '#/components/schemas/AssessmentName' + Comment: + $ref: '#/components/schemas/DelegationComment' + Id: + $ref: '#/components/schemas/UUID' + RoleType: + $ref: '#/components/schemas/RoleType' + AssessmentId: + $ref: '#/components/schemas/UUID' + Status: + $ref: '#/components/schemas/DelegationStatus' + Role: + description: The wrapper that contains AWS Audit Manager role information, such as the role type and IAM ARN. + type: object + additionalProperties: false + properties: + RoleArn: + $ref: '#/components/schemas/IamArn' + RoleType: + $ref: '#/components/schemas/RoleType' + AWSServiceName: + description: The name of the AWS service. + type: string + AWSService: + description: An AWS service such as Amazon S3, AWS CloudTrail, and so on. + type: object + additionalProperties: false + properties: + ServiceName: + $ref: '#/components/schemas/AWSServiceName' + Scope: + description: The wrapper that contains the AWS accounts and AWS services in scope for the assessment. + type: object + additionalProperties: false + properties: + AwsAccounts: + description: The AWS accounts included in scope. + type: array + items: + $ref: '#/components/schemas/AWSAccount' + AwsServices: + description: The AWS services included in scope. + type: array + items: + $ref: '#/components/schemas/AWSService' + S3Url: + description: The URL of the specified Amazon S3 bucket. + type: string + AssessmentReportDestinationType: + description: The destination type, such as Amazon S3. + type: string + enum: + - S3 + AssessmentReportsDestination: + description: The destination in which evidence reports are stored for the specified assessment. + type: object + additionalProperties: false + properties: + Destination: + $ref: '#/components/schemas/S3Url' + DestinationType: + $ref: '#/components/schemas/AssessmentReportDestinationType' + AssessmentStatus: + description: 'The status of the specified assessment. ' + type: string + enum: + - ACTIVE + - INACTIVE + AssessmentDescription: + description: The description of the specified assessment. + type: string + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + Assessment: + type: object + properties: + FrameworkId: + $ref: '#/components/schemas/FrameworkId' + AssessmentId: + $ref: '#/components/schemas/UUID' + AwsAccount: + $ref: '#/components/schemas/AWSAccount' + Arn: + $ref: '#/components/schemas/AssessmentArn' + Tags: + description: The tags associated with the assessment. + type: array + items: + $ref: '#/components/schemas/Tag' + Delegations: + description: The list of delegations. + type: array + items: + $ref: '#/components/schemas/Delegation' + Roles: + description: The list of roles for the specified assessment. + type: array + items: + $ref: '#/components/schemas/Role' + Scope: + $ref: '#/components/schemas/Scope' + AssessmentReportsDestination: + $ref: '#/components/schemas/AssessmentReportsDestination' + Status: + $ref: '#/components/schemas/AssessmentStatus' + CreationTime: + $ref: '#/components/schemas/Timestamp' + Name: + $ref: '#/components/schemas/AssessmentName' + Description: + $ref: '#/components/schemas/AssessmentDescription' + required: [] + x-stackql-resource-name: assessment + x-stackql-primaryIdentifier: + - AssessmentId + x-create-only-properties: + - FrameworkId + - AwsAccount + x-read-only-properties: + - AssessmentId + - Arn + - CreationTime + x-required-permissions: + create: + - auditmanager:CreateAssessment + - auditmanager:TagResource + - auditmanager:ListTagsForResource + - auditmanager:BatchCreateDelegationByAssessment + - iam:PassRole + read: + - auditmanager:GetAssessment + update: + - auditmanager:UpdateAssessment + - auditmanager:UpdateAssessmentStatus + - auditmanager:BatchCreateDelegationByAssessment + - auditmanager:BatchDeleteDelegationByAssessment + delete: + - auditmanager:DeleteAssessment + list: + - auditmanager:ListAssessments + x-stackQL-resources: + assessments: + name: assessments + id: awscc.auditmanager.assessments + x-cfn-schema-name: Assessment + x-type: list + x-identifiers: + - AssessmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssessmentId') as assessment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AuditManager::Assessment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssessmentId') as assessment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AuditManager::Assessment' + AND region = 'us-east-1' + assessment: + name: assessment + id: awscc.auditmanager.assessment + x-cfn-schema-name: Assessment + x-type: get + x-identifiers: + - AssessmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FrameworkId') as framework_id, + JSON_EXTRACT(Properties, '$.AssessmentId') as assessment_id, + JSON_EXTRACT(Properties, '$.AwsAccount') as aws_account, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Delegations') as delegations, + JSON_EXTRACT(Properties, '$.Roles') as roles, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.AssessmentReportsDestination') as assessment_reports_destination, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AuditManager::Assessment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FrameworkId') as framework_id, + json_extract_path_text(Properties, 'AssessmentId') as assessment_id, + json_extract_path_text(Properties, 'AwsAccount') as aws_account, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Delegations') as delegations, + json_extract_path_text(Properties, 'Roles') as roles, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'AssessmentReportsDestination') as assessment_reports_destination, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AuditManager::Assessment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/autoscaling.yaml b/providers/src/awscc/v00.00.00000/services/autoscaling.yaml new file mode 100644 index 00000000..91e43670 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/autoscaling.yaml @@ -0,0 +1,1546 @@ +openapi: 3.0.0 +info: + title: AutoScaling + version: 1.0.0 +paths: {} +components: + schemas: + TagProperty: + additionalProperties: false + type: object + properties: + Value: + type: string + Key: + type: string + PropagateAtLaunch: + type: boolean + required: + - Value + - Key + - PropagateAtLaunch + LaunchTemplateSpecification: + additionalProperties: false + type: object + properties: + LaunchTemplateName: + type: string + Version: + type: string + LaunchTemplateId: + type: string + required: + - Version + InstancesDistribution: + additionalProperties: false + type: object + properties: + OnDemandAllocationStrategy: + type: string + OnDemandBaseCapacity: + type: integer + OnDemandPercentageAboveBaseCapacity: + type: integer + SpotInstancePools: + type: integer + SpotAllocationStrategy: + type: string + SpotMaxPrice: + type: string + AcceleratorCountRequest: + additionalProperties: false + type: object + properties: + Min: + type: integer + Max: + type: integer + LifecycleHookSpecification: + additionalProperties: false + type: object + properties: + LifecycleHookName: + type: string + LifecycleTransition: + type: string + HeartbeatTimeout: + type: integer + NotificationMetadata: + type: string + DefaultResult: + type: string + NotificationTargetARN: + type: string + RoleARN: + type: string + required: + - LifecycleHookName + - LifecycleTransition + MemoryGiBPerVCpuRequest: + additionalProperties: false + type: object + properties: + Min: + type: number + Max: + type: number + NotificationConfiguration: + additionalProperties: false + type: object + properties: + TopicARN: + type: array + items: + type: string + NotificationTypes: + uniqueItems: false + x-insertionOrder: false + type: array + items: + type: string + required: + - TopicARN + MetricsCollection: + additionalProperties: false + type: object + properties: + Metrics: + uniqueItems: false + x-insertionOrder: false + type: array + items: + type: string + Granularity: + type: string + required: + - Granularity + TotalLocalStorageGBRequest: + additionalProperties: false + type: object + properties: + Min: + type: number + Max: + type: number + MemoryMiBRequest: + additionalProperties: false + type: object + properties: + Min: + type: integer + Max: + type: integer + InstanceMaintenancePolicy: + additionalProperties: false + type: object + properties: + MaxHealthyPercentage: + type: integer + MinHealthyPercentage: + type: integer + x-dependencies: + MaxHealthyPercentage: + - MinHealthyPercentage + MinHealthyPercentage: + - MaxHealthyPercentage + NetworkBandwidthGbpsRequest: + additionalProperties: false + type: object + properties: + Min: + type: number + Max: + type: number + BaselineEbsBandwidthMbpsRequest: + additionalProperties: false + type: object + properties: + Min: + type: integer + Max: + type: integer + NetworkInterfaceCountRequest: + additionalProperties: false + type: object + properties: + Min: + type: integer + Max: + type: integer + VCpuCountRequest: + additionalProperties: false + type: object + properties: + Min: + type: integer + Max: + type: integer + LaunchTemplate: + additionalProperties: false + type: object + properties: + LaunchTemplateSpecification: + $ref: '#/components/schemas/LaunchTemplateSpecification' + Overrides: + uniqueItems: false + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/LaunchTemplateOverrides' + required: + - LaunchTemplateSpecification + LaunchTemplateOverrides: + additionalProperties: false + type: object + properties: + LaunchTemplateSpecification: + $ref: '#/components/schemas/LaunchTemplateSpecification' + WeightedCapacity: + type: string + InstanceRequirements: + $ref: '#/components/schemas/InstanceRequirements' + InstanceType: + type: string + AcceleratorTotalMemoryMiBRequest: + additionalProperties: false + type: object + properties: + Min: + type: integer + Max: + type: integer + MixedInstancesPolicy: + additionalProperties: false + type: object + properties: + InstancesDistribution: + $ref: '#/components/schemas/InstancesDistribution' + LaunchTemplate: + $ref: '#/components/schemas/LaunchTemplate' + required: + - LaunchTemplate + InstanceRequirements: + additionalProperties: false + type: object + properties: + LocalStorageTypes: + uniqueItems: true + x-insertionOrder: false + type: array + items: + type: string + InstanceGenerations: + uniqueItems: true + x-insertionOrder: false + type: array + items: + type: string + NetworkInterfaceCount: + $ref: '#/components/schemas/NetworkInterfaceCountRequest' + AcceleratorTypes: + uniqueItems: true + x-insertionOrder: false + type: array + items: + type: string + MemoryGiBPerVCpu: + $ref: '#/components/schemas/MemoryGiBPerVCpuRequest' + AcceleratorManufacturers: + uniqueItems: true + x-insertionOrder: false + type: array + items: + type: string + ExcludedInstanceTypes: + uniqueItems: true + x-insertionOrder: true + type: array + items: + type: string + VCpuCount: + $ref: '#/components/schemas/VCpuCountRequest' + AllowedInstanceTypes: + uniqueItems: true + x-insertionOrder: true + type: array + items: + type: string + LocalStorage: + type: string + CpuManufacturers: + uniqueItems: true + x-insertionOrder: false + type: array + items: + type: string + AcceleratorCount: + $ref: '#/components/schemas/AcceleratorCountRequest' + NetworkBandwidthGbps: + $ref: '#/components/schemas/NetworkBandwidthGbpsRequest' + BareMetal: + type: string + RequireHibernateSupport: + type: boolean + MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: + type: integer + BaselineEbsBandwidthMbps: + $ref: '#/components/schemas/BaselineEbsBandwidthMbpsRequest' + SpotMaxPricePercentageOverLowestPrice: + type: integer + AcceleratorNames: + uniqueItems: true + x-insertionOrder: false + type: array + items: + type: string + AcceleratorTotalMemoryMiB: + $ref: '#/components/schemas/AcceleratorTotalMemoryMiBRequest' + OnDemandMaxPricePercentageOverLowestPrice: + type: integer + BurstablePerformance: + type: string + MemoryMiB: + $ref: '#/components/schemas/MemoryMiBRequest' + TotalLocalStorageGB: + $ref: '#/components/schemas/TotalLocalStorageGBRequest' + required: + - MemoryMiB + - VCpuCount + AutoScalingGroup: + type: object + properties: + LifecycleHookSpecificationList: + uniqueItems: false + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/LifecycleHookSpecification' + LoadBalancerNames: + uniqueItems: false + x-insertionOrder: true + type: array + items: + type: string + LaunchConfigurationName: + type: string + ServiceLinkedRoleARN: + type: string + TargetGroupARNs: + uniqueItems: false + x-insertionOrder: false + type: array + items: + type: string + Cooldown: + type: string + NotificationConfigurations: + uniqueItems: false + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/NotificationConfiguration' + DesiredCapacity: + pattern: ^[0-9]+$ + type: string + HealthCheckGracePeriod: + type: integer + DefaultInstanceWarmup: + type: integer + NewInstancesProtectedFromScaleIn: + type: boolean + LaunchTemplate: + $ref: '#/components/schemas/LaunchTemplateSpecification' + MixedInstancesPolicy: + $ref: '#/components/schemas/MixedInstancesPolicy' + VPCZoneIdentifier: + uniqueItems: false + x-insertionOrder: false + type: array + items: + type: string + Tags: + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/TagProperty' + Context: + type: string + CapacityRebalance: + type: boolean + InstanceId: + type: string + AvailabilityZones: + uniqueItems: false + x-insertionOrder: false + type: array + items: + type: string + NotificationConfiguration: + $ref: '#/components/schemas/NotificationConfiguration' + MetricsCollection: + uniqueItems: false + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/MetricsCollection' + InstanceMaintenancePolicy: + $ref: '#/components/schemas/InstanceMaintenancePolicy' + MaxSize: + pattern: ^[0-9]+$ + type: string + MinSize: + pattern: ^[0-9]+$ + type: string + TerminationPolicies: + uniqueItems: false + x-insertionOrder: true + type: array + items: + type: string + AutoScalingGroupName: + type: string + DesiredCapacityType: + type: string + PlacementGroup: + type: string + HealthCheckType: + type: string + MaxInstanceLifetime: + type: integer + required: + - MinSize + - MaxSize + x-stackql-resource-name: auto_scaling_group + x-stackql-primaryIdentifier: + - AutoScalingGroupName + x-create-only-properties: + - InstanceId + - AutoScalingGroupName + x-required-permissions: + read: + - autoscaling:* + - managed-fleets:GetAutoScalingGroup + create: + - autoscaling:* + - cloudwatch:PutMetricAlarm + - ec2:Describe* + - ec2:GetInstanceTypesFromInstanceRequirements + - ec2:RunInstances + - elasticloadbalancing:DescribeLoadBalancers + - elasticloadbalancing:DescribeTargetGroups + - iam:CreateServiceLinkedRole + - iam:PassRole + - managed-fleets:GetAutoScalingGroup + - managed-fleets:CreateAutoScalingGroup + - ssm:GetParameters + update: + - autoscaling:* + - cloudwatch:PutMetricAlarm + - ec2:Describe* + - ec2:GetInstanceTypesFromInstanceRequirements + - ec2:RunInstances + - elasticloadbalancing:DescribeLoadBalancers + - elasticloadbalancing:DescribeTargetGroups + - iam:CreateServiceLinkedRole + - iam:PassRole + - managed-fleets:GetAutoScalingGroup + - managed-fleets:RegisterAutoScalingGroup + - managed-fleets:DeregisterAutoScalingGroup + - managed-fleets:UpdateAutoScalingGroup + - ssm:GetParameters + list: + - autoscaling:* + delete: + - autoscaling:* + - managed-fleets:GetAutoScalingGroup + - managed-fleets:DeleteAutoScalingGroup + MetadataOptions: + description: MetadataOptions is a property of AWS::AutoScaling::LaunchConfiguration that describes metadata options for the instances. + type: object + additionalProperties: false + properties: + HttpPutResponseHopLimit: + description: The desired HTTP PUT response hop limit for instance metadata requests. + type: integer + HttpTokens: + description: The state of token usage for your instance metadata requests. + type: string + HttpEndpoint: + description: This parameter enables or disables the HTTP metadata endpoint on your instances. + type: string + BlockDeviceMapping: + description: BlockDeviceMapping is a property of AWS::AutoScaling::LaunchConfiguration that describes a block device mapping for an Auto Scaling group. + type: object + additionalProperties: false + properties: + NoDevice: + description: Setting this value to true suppresses the specified device included in the block device mapping of the AMI. + type: boolean + VirtualName: + description: The name of the virtual device. + type: string + Ebs: + description: Parameters used to automatically set up EBS volumes when an instance is launched. + $ref: '#/components/schemas/BlockDevice' + DeviceName: + description: 'The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh). ' + type: string + required: + - DeviceName + BlockDevice: + description: BlockDevice is a subproperty of BlockDeviceMapping that describes an Amazon EBS volume. + type: object + additionalProperties: false + properties: + SnapshotId: + description: The snapshot ID of the volume to use. + type: string + VolumeType: + description: The volume type. + type: string + Encrypted: + description: 'Specifies whether the volume should be encrypted. ' + type: boolean + Iops: + description: 'The number of input/output (I/O) operations per second (IOPS) to provision for the volume. ' + type: integer + VolumeSize: + description: The volume size, in GiBs. + type: integer + DeleteOnTermination: + description: 'Indicates whether the volume is deleted on instance termination. ' + type: boolean + Throughput: + description: The throughput (MiBps) to provision for a gp3 volume. + type: integer + LaunchConfiguration: + type: object + properties: + AssociatePublicIpAddress: + description: For Auto Scaling groups that are running in a virtual private cloud (VPC), specifies whether to assign a public IP address to the group's instances. + type: boolean + BlockDeviceMappings: + description: Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/BlockDeviceMapping' + ClassicLinkVPCId: + description: The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to. + type: string + ClassicLinkVPCSecurityGroups: + description: The IDs of one or more security groups for the VPC that you specified in the ClassicLinkVPCId property. + type: array + x-insertionOrder: false + items: + type: string + EbsOptimized: + description: Specifies whether the launch configuration is optimized for EBS I/O (true) or not (false). + type: boolean + IamInstanceProfile: + description: Provides the name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role. + type: string + ImageId: + description: Provides the unique ID of the Amazon Machine Image (AMI) that was assigned during registration. + type: string + InstanceId: + description: The ID of the Amazon EC2 instance you want to use to create the launch configuration. + type: string + InstanceMonitoring: + description: Controls whether instances in this group are launched with detailed (true) or basic (false) monitoring. + type: boolean + InstanceType: + description: Specifies the instance type of the EC2 instance. + type: string + KernelId: + description: Provides the ID of the kernel associated with the EC2 AMI. + type: string + KeyName: + description: Provides the name of the EC2 key pair. + type: string + LaunchConfigurationName: + description: The name of the launch configuration. This name must be unique per Region per account. + type: string + minLength: 1 + maxLength: 255 + MetadataOptions: + description: The metadata options for the instances. + $ref: '#/components/schemas/MetadataOptions' + PlacementTenancy: + description: The tenancy of the instance, either default or dedicated. + type: string + RamDiskId: + description: The ID of the RAM disk to select. + type: string + SecurityGroups: + description: A list that contains the security groups to assign to the instances in the Auto Scaling group. + type: array + x-insertionOrder: false + items: + type: string + SpotPrice: + description: The maximum hourly price you are willing to pay for any Spot Instances launched to fulfill the request. + type: string + UserData: + description: The Base64-encoded user data to make available to the launched EC2 instances. + type: string + maxLength: 21847 + required: + - ImageId + - InstanceType + x-stackql-resource-name: launch_configuration + x-stackql-primaryIdentifier: + - LaunchConfigurationName + x-create-only-properties: + - AssociatePublicIpAddress + - BlockDeviceMappings + - ClassicLinkVPCId + - ClassicLinkVPCSecurityGroups + - EbsOptimized + - IamInstanceProfile + - ImageId + - InstanceId + - InstanceMonitoring + - InstanceType + - KernelId + - KeyName + - LaunchConfigurationName + - MetadataOptions + - PlacementTenancy + - RamDiskId + - SecurityGroups + - SpotPrice + - UserData + x-required-permissions: + create: + - autoscaling:CreateLaunchConfiguration + - autoscaling:DescribeLaunchConfigurations + - iam:PassRole + read: + - autoscaling:DescribeLaunchConfigurations + delete: + - autoscaling:DeleteLaunchConfiguration + - autoscaling:DescribeLaunchConfigurations + list: + - autoscaling:DescribeLaunchConfigurations + LifecycleHook: + type: object + properties: + AutoScalingGroupName: + description: The name of the Auto Scaling group for the lifecycle hook. + type: string + DefaultResult: + description: The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs. The valid values are CONTINUE and ABANDON (default). + type: string + HeartbeatTimeout: + description: The maximum time, in seconds, that can elapse before the lifecycle hook times out. The range is from 30 to 7200 seconds. The default value is 3600 seconds (1 hour). If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the action that you specified in the DefaultResult property. + type: integer + LifecycleHookName: + description: The name of the lifecycle hook. + type: string + minLength: 1 + maxLength: 255 + LifecycleTransition: + description: The instance state to which you want to attach the lifecycle hook. + type: string + NotificationMetadata: + description: Additional information that is included any time Amazon EC2 Auto Scaling sends a message to the notification target. + type: string + minLength: 1 + maxLength: 1023 + NotificationTargetARN: + description: 'The Amazon Resource Name (ARN) of the notification target that Amazon EC2 Auto Scaling uses to notify you when an instance is in the transition state for the lifecycle hook. You can specify an Amazon SQS queue or an Amazon SNS topic. The notification message includes the following information: lifecycle action token, user account ID, Auto Scaling group name, lifecycle hook name, instance ID, lifecycle transition, and notification metadata.' + type: string + RoleARN: + description: The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target, for example, an Amazon SNS topic or an Amazon SQS queue. + type: string + required: + - LifecycleTransition + - AutoScalingGroupName + x-stackql-resource-name: lifecycle_hook + x-stackql-primaryIdentifier: + - AutoScalingGroupName + - LifecycleHookName + x-create-only-properties: + - AutoScalingGroupName + - LifecycleHookName + x-required-permissions: + create: + - autoscaling:PutLifecycleHook + - autoscaling:DescribeLifecycleHooks + - iam:PassRole + read: + - autoscaling:DescribeLifecycleHooks + update: + - autoscaling:PutLifecycleHook + - autoscaling:DescribeLifecycleHooks + - iam:PassRole + delete: + - autoscaling:DeleteLifecycleHook + - autoscaling:DescribeLifecycleHooks + list: + - autoscaling:DescribeLifecycleHooks + PredictiveScalingMetricSpecification: + type: object + additionalProperties: false + properties: + CustomizedCapacityMetricSpecification: + $ref: '#/components/schemas/PredictiveScalingCustomizedCapacityMetric' + CustomizedLoadMetricSpecification: + $ref: '#/components/schemas/PredictiveScalingCustomizedLoadMetric' + CustomizedScalingMetricSpecification: + $ref: '#/components/schemas/PredictiveScalingCustomizedScalingMetric' + PredefinedLoadMetricSpecification: + $ref: '#/components/schemas/PredictiveScalingPredefinedLoadMetric' + TargetValue: + type: number + PredefinedScalingMetricSpecification: + $ref: '#/components/schemas/PredictiveScalingPredefinedScalingMetric' + PredefinedMetricPairSpecification: + $ref: '#/components/schemas/PredictiveScalingPredefinedMetricPair' + required: + - TargetValue + PredictiveScalingConfiguration: + type: object + additionalProperties: false + properties: + MetricSpecifications: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/PredictiveScalingMetricSpecification' + MaxCapacityBreachBehavior: + type: string + MaxCapacityBuffer: + type: integer + SchedulingBufferTime: + type: integer + Mode: + type: string + required: + - MetricSpecifications + CustomizedMetricSpecification: + type: object + additionalProperties: false + properties: + MetricName: + type: string + Dimensions: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/MetricDimension' + Statistic: + type: string + Unit: + type: string + Namespace: + type: string + required: + - MetricName + - Statistic + - Namespace + TargetTrackingConfiguration: + type: object + additionalProperties: false + properties: + CustomizedMetricSpecification: + $ref: '#/components/schemas/CustomizedMetricSpecification' + TargetValue: + type: number + DisableScaleIn: + type: boolean + PredefinedMetricSpecification: + $ref: '#/components/schemas/PredefinedMetricSpecification' + required: + - TargetValue + PredictiveScalingPredefinedLoadMetric: + type: object + additionalProperties: false + properties: + ResourceLabel: + type: string + PredefinedMetricType: + type: string + required: + - PredefinedMetricType + StepAdjustment: + type: object + additionalProperties: false + x-insertionOrder: false + properties: + MetricIntervalUpperBound: + type: number + MetricIntervalLowerBound: + type: number + ScalingAdjustment: + type: integer + required: + - ScalingAdjustment + PredictiveScalingPredefinedMetricPair: + type: object + additionalProperties: false + properties: + ResourceLabel: + type: string + PredefinedMetricType: + type: string + required: + - PredefinedMetricType + PredefinedMetricSpecification: + type: object + additionalProperties: false + properties: + ResourceLabel: + type: string + PredefinedMetricType: + type: string + required: + - PredefinedMetricType + MetricDimension: + type: object + additionalProperties: false + properties: + Value: + type: string + Name: + type: string + required: + - Value + - Name + PredictiveScalingPredefinedScalingMetric: + type: object + additionalProperties: false + properties: + ResourceLabel: + type: string + PredefinedMetricType: + type: string + required: + - PredefinedMetricType + PredictiveScalingCustomizedLoadMetric: + type: object + additionalProperties: false + properties: + MetricDataQueries: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricDataQuery' + required: + - MetricDataQueries + PredictiveScalingCustomizedCapacityMetric: + type: object + additionalProperties: false + properties: + MetricDataQueries: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricDataQuery' + required: + - MetricDataQueries + PredictiveScalingCustomizedScalingMetric: + type: object + additionalProperties: false + properties: + MetricDataQueries: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricDataQuery' + required: + - MetricDataQueries + Metric: + type: object + additionalProperties: false + properties: + MetricName: + type: string + Dimensions: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricDimension' + Namespace: + type: string + required: + - MetricName + - Namespace + MetricStat: + type: object + additionalProperties: false + properties: + Metric: + $ref: '#/components/schemas/Metric' + Stat: + type: string + Unit: + type: string + required: + - Stat + - Metric + MetricDataQuery: + type: object + additionalProperties: false + properties: + Label: + type: string + MetricStat: + $ref: '#/components/schemas/MetricStat' + Id: + type: string + ReturnData: + type: boolean + Expression: + type: string + required: + - Id + ScalingPolicy: + type: object + properties: + MetricAggregationType: + description: The aggregation type for the CloudWatch metrics. The valid values are Minimum, Maximum, and Average. If the aggregation type is null, the value is treated as Average. Valid only if the policy type is StepScaling. + type: string + PolicyName: + type: string + PolicyType: + description: 'One of the following policy types: TargetTrackingScaling, StepScaling, SimpleScaling (default), PredictiveScaling' + type: string + PredictiveScalingConfiguration: + description: A predictive scaling policy. Includes support for predefined metrics only. + $ref: '#/components/schemas/PredictiveScalingConfiguration' + ScalingAdjustment: + description: The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a positive value. Required if the policy type is SimpleScaling. (Not used with any other policy type.) + type: integer + Cooldown: + description: The duration of the policy's cooldown period, in seconds. When a cooldown period is specified here, it overrides the default cooldown period defined for the Auto Scaling group. + type: string + StepAdjustments: + description: A set of adjustments that enable you to scale based on the size of the alarm breach. Required if the policy type is StepScaling. (Not used with any other policy type.) + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/StepAdjustment' + AutoScalingGroupName: + description: The name of the Auto Scaling group. + type: string + MinAdjustmentMagnitude: + description: The minimum value to scale by when the adjustment type is PercentChangeInCapacity. For example, suppose that you create a step scaling policy to scale out an Auto Scaling group by 25 percent and you specify a MinAdjustmentMagnitude of 2. If the group has 4 instances and the scaling policy is performed, 25 percent of 4 is 1. However, because you specified a MinAdjustmentMagnitude of 2, Amazon EC2 Auto Scaling scales out the group by 2 instances. + type: integer + TargetTrackingConfiguration: + description: A target tracking scaling policy. Includes support for predefined or customized metrics. + $ref: '#/components/schemas/TargetTrackingConfiguration' + EstimatedInstanceWarmup: + description: The estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. If not provided, the default is to use the value from the default cooldown period for the Auto Scaling group. Valid only if the policy type is TargetTrackingScaling or StepScaling. + type: integer + AdjustmentType: + description: Specifies how the scaling adjustment is interpreted. The valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity. + type: string + Arn: + description: The ARN of the AutoScaling scaling policy + type: string + required: + - AutoScalingGroupName + x-stackql-resource-name: scaling_policy + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - AutoScalingGroupName + x-read-only-properties: + - PolicyName + - Arn + x-required-permissions: + create: + - autoscaling:DescribePolicies + - autoscaling:PutScalingPolicy + - cloudwatch:GetMetricData + read: + - autoscaling:DescribePolicies + update: + - autoscaling:DescribePolicies + - autoscaling:PutScalingPolicy + - cloudwatch:GetMetricData + delete: + - autoscaling:DeletePolicy + - autoscaling:DescribePolicies + list: + - autoscaling:DescribePolicies + ScheduledAction: + type: object + properties: + ScheduledActionName: + description: Auto-generated unique identifier + type: string + MinSize: + description: The minimum size of the Auto Scaling group. + type: integer + Recurrence: + description: The recurring schedule for the action, in Unix cron syntax format. When StartTime and EndTime are specified with Recurrence , they form the boundaries of when the recurring action starts and stops. + type: string + TimeZone: + description: The time zone for the cron expression. + type: string + EndTime: + description: The latest scheduled start time to return. If scheduled action names are provided, this parameter is ignored. + type: string + AutoScalingGroupName: + description: The name of the Auto Scaling group. + type: string + StartTime: + description: The earliest scheduled start time to return. If scheduled action names are provided, this parameter is ignored. + type: string + DesiredCapacity: + description: The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. + type: integer + MaxSize: + description: The minimum size of the Auto Scaling group. + type: integer + required: + - AutoScalingGroupName + x-stackql-resource-name: scheduled_action + x-stackql-primaryIdentifier: + - ScheduledActionName + - AutoScalingGroupName + x-create-only-properties: + - AutoScalingGroupName + x-read-only-properties: + - ScheduledActionName + x-required-permissions: + create: + - autoscaling:PutScheduledUpdateGroupAction + - autoscaling:DescribeScheduledActions + read: + - autoscaling:DescribeScheduledActions + update: + - autoscaling:PutScheduledUpdateGroupAction + delete: + - autoscaling:DeleteScheduledAction + - autoscaling:DescribeScheduledActions + list: + - autoscaling:DescribeScheduledActions + InstanceReusePolicy: + type: object + additionalProperties: false + properties: + ReuseOnScaleIn: + type: boolean + WarmPool: + type: object + properties: + AutoScalingGroupName: + type: string + MaxGroupPreparedCapacity: + type: integer + MinSize: + type: integer + PoolState: + type: string + InstanceReusePolicy: + $ref: '#/components/schemas/InstanceReusePolicy' + required: + - AutoScalingGroupName + x-stackql-resource-name: warm_pool + x-stackql-primaryIdentifier: + - AutoScalingGroupName + x-create-only-properties: + - AutoScalingGroupName + x-required-permissions: + create: + - autoscaling:PutWarmPool + - autoscaling:DescribeWarmPool + - autoscaling:DescribeAutoScalingGroups + delete: + - autoscaling:DeleteWarmPool + - autoscaling:DescribeWarmPool + read: + - autoscaling:DescribeWarmPool + update: + - autoscaling:PutWarmPool + - autoscaling:DescribeWarmPool + - autoscaling:DescribeAutoScalingGroups + x-stackQL-resources: + auto_scaling_groups: + name: auto_scaling_groups + id: awscc.autoscaling.auto_scaling_groups + x-cfn-schema-name: AutoScalingGroup + x-type: list + x-identifiers: + - AutoScalingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::AutoScalingGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::AutoScalingGroup' + AND region = 'us-east-1' + auto_scaling_group: + name: auto_scaling_group + id: awscc.autoscaling.auto_scaling_group + x-cfn-schema-name: AutoScalingGroup + x-type: get + x-identifiers: + - AutoScalingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LifecycleHookSpecificationList') as lifecycle_hook_specification_list, + JSON_EXTRACT(Properties, '$.LoadBalancerNames') as load_balancer_names, + JSON_EXTRACT(Properties, '$.LaunchConfigurationName') as launch_configuration_name, + JSON_EXTRACT(Properties, '$.ServiceLinkedRoleARN') as service_linked_role_arn, + JSON_EXTRACT(Properties, '$.TargetGroupARNs') as target_group_arns, + JSON_EXTRACT(Properties, '$.Cooldown') as cooldown, + JSON_EXTRACT(Properties, '$.NotificationConfigurations') as notification_configurations, + JSON_EXTRACT(Properties, '$.DesiredCapacity') as desired_capacity, + JSON_EXTRACT(Properties, '$.HealthCheckGracePeriod') as health_check_grace_period, + JSON_EXTRACT(Properties, '$.DefaultInstanceWarmup') as default_instance_warmup, + JSON_EXTRACT(Properties, '$.NewInstancesProtectedFromScaleIn') as new_instances_protected_from_scale_in, + JSON_EXTRACT(Properties, '$.LaunchTemplate') as launch_template, + JSON_EXTRACT(Properties, '$.MixedInstancesPolicy') as mixed_instances_policy, + JSON_EXTRACT(Properties, '$.VPCZoneIdentifier') as v_pc_zone_identifier, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Context') as context, + JSON_EXTRACT(Properties, '$.CapacityRebalance') as capacity_rebalance, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.AvailabilityZones') as availability_zones, + JSON_EXTRACT(Properties, '$.NotificationConfiguration') as notification_configuration, + JSON_EXTRACT(Properties, '$.MetricsCollection') as metrics_collection, + JSON_EXTRACT(Properties, '$.InstanceMaintenancePolicy') as instance_maintenance_policy, + JSON_EXTRACT(Properties, '$.MaxSize') as max_size, + JSON_EXTRACT(Properties, '$.MinSize') as min_size, + JSON_EXTRACT(Properties, '$.TerminationPolicies') as termination_policies, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name, + JSON_EXTRACT(Properties, '$.DesiredCapacityType') as desired_capacity_type, + JSON_EXTRACT(Properties, '$.PlacementGroup') as placement_group, + JSON_EXTRACT(Properties, '$.HealthCheckType') as health_check_type, + JSON_EXTRACT(Properties, '$.MaxInstanceLifetime') as max_instance_lifetime + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::AutoScalingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LifecycleHookSpecificationList') as lifecycle_hook_specification_list, + json_extract_path_text(Properties, 'LoadBalancerNames') as load_balancer_names, + json_extract_path_text(Properties, 'LaunchConfigurationName') as launch_configuration_name, + json_extract_path_text(Properties, 'ServiceLinkedRoleARN') as service_linked_role_arn, + json_extract_path_text(Properties, 'TargetGroupARNs') as target_group_arns, + json_extract_path_text(Properties, 'Cooldown') as cooldown, + json_extract_path_text(Properties, 'NotificationConfigurations') as notification_configurations, + json_extract_path_text(Properties, 'DesiredCapacity') as desired_capacity, + json_extract_path_text(Properties, 'HealthCheckGracePeriod') as health_check_grace_period, + json_extract_path_text(Properties, 'DefaultInstanceWarmup') as default_instance_warmup, + json_extract_path_text(Properties, 'NewInstancesProtectedFromScaleIn') as new_instances_protected_from_scale_in, + json_extract_path_text(Properties, 'LaunchTemplate') as launch_template, + json_extract_path_text(Properties, 'MixedInstancesPolicy') as mixed_instances_policy, + json_extract_path_text(Properties, 'VPCZoneIdentifier') as v_pc_zone_identifier, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Context') as context, + json_extract_path_text(Properties, 'CapacityRebalance') as capacity_rebalance, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'AvailabilityZones') as availability_zones, + json_extract_path_text(Properties, 'NotificationConfiguration') as notification_configuration, + json_extract_path_text(Properties, 'MetricsCollection') as metrics_collection, + json_extract_path_text(Properties, 'InstanceMaintenancePolicy') as instance_maintenance_policy, + json_extract_path_text(Properties, 'MaxSize') as max_size, + json_extract_path_text(Properties, 'MinSize') as min_size, + json_extract_path_text(Properties, 'TerminationPolicies') as termination_policies, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name, + json_extract_path_text(Properties, 'DesiredCapacityType') as desired_capacity_type, + json_extract_path_text(Properties, 'PlacementGroup') as placement_group, + json_extract_path_text(Properties, 'HealthCheckType') as health_check_type, + json_extract_path_text(Properties, 'MaxInstanceLifetime') as max_instance_lifetime + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::AutoScalingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + launch_configurations: + name: launch_configurations + id: awscc.autoscaling.launch_configurations + x-cfn-schema-name: LaunchConfiguration + x-type: list + x-identifiers: + - LaunchConfigurationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LaunchConfigurationName') as launch_configuration_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::LaunchConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LaunchConfigurationName') as launch_configuration_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::LaunchConfiguration' + AND region = 'us-east-1' + launch_configuration: + name: launch_configuration + id: awscc.autoscaling.launch_configuration + x-cfn-schema-name: LaunchConfiguration + x-type: get + x-identifiers: + - LaunchConfigurationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociatePublicIpAddress') as associate_public_ip_address, + JSON_EXTRACT(Properties, '$.BlockDeviceMappings') as block_device_mappings, + JSON_EXTRACT(Properties, '$.ClassicLinkVPCId') as classic_link_vp_cid, + JSON_EXTRACT(Properties, '$.ClassicLinkVPCSecurityGroups') as classic_link_vp_csecurity_groups, + JSON_EXTRACT(Properties, '$.EbsOptimized') as ebs_optimized, + JSON_EXTRACT(Properties, '$.IamInstanceProfile') as iam_instance_profile, + JSON_EXTRACT(Properties, '$.ImageId') as image_id, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.InstanceMonitoring') as instance_monitoring, + JSON_EXTRACT(Properties, '$.InstanceType') as instance_type, + JSON_EXTRACT(Properties, '$.KernelId') as kernel_id, + JSON_EXTRACT(Properties, '$.KeyName') as key_name, + JSON_EXTRACT(Properties, '$.LaunchConfigurationName') as launch_configuration_name, + JSON_EXTRACT(Properties, '$.MetadataOptions') as metadata_options, + JSON_EXTRACT(Properties, '$.PlacementTenancy') as placement_tenancy, + JSON_EXTRACT(Properties, '$.RamDiskId') as ram_disk_id, + JSON_EXTRACT(Properties, '$.SecurityGroups') as security_groups, + JSON_EXTRACT(Properties, '$.SpotPrice') as spot_price, + JSON_EXTRACT(Properties, '$.UserData') as user_data + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::LaunchConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociatePublicIpAddress') as associate_public_ip_address, + json_extract_path_text(Properties, 'BlockDeviceMappings') as block_device_mappings, + json_extract_path_text(Properties, 'ClassicLinkVPCId') as classic_link_vp_cid, + json_extract_path_text(Properties, 'ClassicLinkVPCSecurityGroups') as classic_link_vp_csecurity_groups, + json_extract_path_text(Properties, 'EbsOptimized') as ebs_optimized, + json_extract_path_text(Properties, 'IamInstanceProfile') as iam_instance_profile, + json_extract_path_text(Properties, 'ImageId') as image_id, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'InstanceMonitoring') as instance_monitoring, + json_extract_path_text(Properties, 'InstanceType') as instance_type, + json_extract_path_text(Properties, 'KernelId') as kernel_id, + json_extract_path_text(Properties, 'KeyName') as key_name, + json_extract_path_text(Properties, 'LaunchConfigurationName') as launch_configuration_name, + json_extract_path_text(Properties, 'MetadataOptions') as metadata_options, + json_extract_path_text(Properties, 'PlacementTenancy') as placement_tenancy, + json_extract_path_text(Properties, 'RamDiskId') as ram_disk_id, + json_extract_path_text(Properties, 'SecurityGroups') as security_groups, + json_extract_path_text(Properties, 'SpotPrice') as spot_price, + json_extract_path_text(Properties, 'UserData') as user_data + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::LaunchConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + lifecycle_hooks: + name: lifecycle_hooks + id: awscc.autoscaling.lifecycle_hooks + x-cfn-schema-name: LifecycleHook + x-type: list + x-identifiers: + - AutoScalingGroupName + - LifecycleHookName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name, + JSON_EXTRACT(Properties, '$.LifecycleHookName') as lifecycle_hook_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::LifecycleHook' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name, + json_extract_path_text(Properties, 'LifecycleHookName') as lifecycle_hook_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::LifecycleHook' + AND region = 'us-east-1' + lifecycle_hook: + name: lifecycle_hook + id: awscc.autoscaling.lifecycle_hook + x-cfn-schema-name: LifecycleHook + x-type: get + x-identifiers: + - AutoScalingGroupName + - LifecycleHookName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name, + JSON_EXTRACT(Properties, '$.DefaultResult') as default_result, + JSON_EXTRACT(Properties, '$.HeartbeatTimeout') as heartbeat_timeout, + JSON_EXTRACT(Properties, '$.LifecycleHookName') as lifecycle_hook_name, + JSON_EXTRACT(Properties, '$.LifecycleTransition') as lifecycle_transition, + JSON_EXTRACT(Properties, '$.NotificationMetadata') as notification_metadata, + JSON_EXTRACT(Properties, '$.NotificationTargetARN') as notification_target_arn, + JSON_EXTRACT(Properties, '$.RoleARN') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::LifecycleHook' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name, + json_extract_path_text(Properties, 'DefaultResult') as default_result, + json_extract_path_text(Properties, 'HeartbeatTimeout') as heartbeat_timeout, + json_extract_path_text(Properties, 'LifecycleHookName') as lifecycle_hook_name, + json_extract_path_text(Properties, 'LifecycleTransition') as lifecycle_transition, + json_extract_path_text(Properties, 'NotificationMetadata') as notification_metadata, + json_extract_path_text(Properties, 'NotificationTargetARN') as notification_target_arn, + json_extract_path_text(Properties, 'RoleARN') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::LifecycleHook' + AND data__Identifier = '' + AND region = 'us-east-1' + scaling_policies: + name: scaling_policies + id: awscc.autoscaling.scaling_policies + x-cfn-schema-name: ScalingPolicy + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::ScalingPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::ScalingPolicy' + AND region = 'us-east-1' + scaling_policy: + name: scaling_policy + id: awscc.autoscaling.scaling_policy + x-cfn-schema-name: ScalingPolicy + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MetricAggregationType') as metric_aggregation_type, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.PolicyType') as policy_type, + JSON_EXTRACT(Properties, '$.PredictiveScalingConfiguration') as predictive_scaling_configuration, + JSON_EXTRACT(Properties, '$.ScalingAdjustment') as scaling_adjustment, + JSON_EXTRACT(Properties, '$.Cooldown') as cooldown, + JSON_EXTRACT(Properties, '$.StepAdjustments') as step_adjustments, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name, + JSON_EXTRACT(Properties, '$.MinAdjustmentMagnitude') as min_adjustment_magnitude, + JSON_EXTRACT(Properties, '$.TargetTrackingConfiguration') as target_tracking_configuration, + JSON_EXTRACT(Properties, '$.EstimatedInstanceWarmup') as estimated_instance_warmup, + JSON_EXTRACT(Properties, '$.AdjustmentType') as adjustment_type, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::ScalingPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MetricAggregationType') as metric_aggregation_type, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'PolicyType') as policy_type, + json_extract_path_text(Properties, 'PredictiveScalingConfiguration') as predictive_scaling_configuration, + json_extract_path_text(Properties, 'ScalingAdjustment') as scaling_adjustment, + json_extract_path_text(Properties, 'Cooldown') as cooldown, + json_extract_path_text(Properties, 'StepAdjustments') as step_adjustments, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name, + json_extract_path_text(Properties, 'MinAdjustmentMagnitude') as min_adjustment_magnitude, + json_extract_path_text(Properties, 'TargetTrackingConfiguration') as target_tracking_configuration, + json_extract_path_text(Properties, 'EstimatedInstanceWarmup') as estimated_instance_warmup, + json_extract_path_text(Properties, 'AdjustmentType') as adjustment_type, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::ScalingPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + scheduled_actions: + name: scheduled_actions + id: awscc.autoscaling.scheduled_actions + x-cfn-schema-name: ScheduledAction + x-type: list + x-identifiers: + - ScheduledActionName + - AutoScalingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScheduledActionName') as scheduled_action_name, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::ScheduledAction' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScheduledActionName') as scheduled_action_name, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::ScheduledAction' + AND region = 'us-east-1' + scheduled_action: + name: scheduled_action + id: awscc.autoscaling.scheduled_action + x-cfn-schema-name: ScheduledAction + x-type: get + x-identifiers: + - ScheduledActionName + - AutoScalingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScheduledActionName') as scheduled_action_name, + JSON_EXTRACT(Properties, '$.MinSize') as min_size, + JSON_EXTRACT(Properties, '$.Recurrence') as recurrence, + JSON_EXTRACT(Properties, '$.TimeZone') as time_zone, + JSON_EXTRACT(Properties, '$.EndTime') as end_time, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name, + JSON_EXTRACT(Properties, '$.StartTime') as start_time, + JSON_EXTRACT(Properties, '$.DesiredCapacity') as desired_capacity, + JSON_EXTRACT(Properties, '$.MaxSize') as max_size + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::ScheduledAction' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScheduledActionName') as scheduled_action_name, + json_extract_path_text(Properties, 'MinSize') as min_size, + json_extract_path_text(Properties, 'Recurrence') as recurrence, + json_extract_path_text(Properties, 'TimeZone') as time_zone, + json_extract_path_text(Properties, 'EndTime') as end_time, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name, + json_extract_path_text(Properties, 'StartTime') as start_time, + json_extract_path_text(Properties, 'DesiredCapacity') as desired_capacity, + json_extract_path_text(Properties, 'MaxSize') as max_size + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::ScheduledAction' + AND data__Identifier = '' + AND region = 'us-east-1' + warm_pools: + name: warm_pools + id: awscc.autoscaling.warm_pools + x-cfn-schema-name: WarmPool + x-type: list + x-identifiers: + - AutoScalingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::WarmPool' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::AutoScaling::WarmPool' + AND region = 'us-east-1' + warm_pool: + name: warm_pool + id: awscc.autoscaling.warm_pool + x-cfn-schema-name: WarmPool + x-type: get + x-identifiers: + - AutoScalingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingGroupName') as auto_scaling_group_name, + JSON_EXTRACT(Properties, '$.MaxGroupPreparedCapacity') as max_group_prepared_capacity, + JSON_EXTRACT(Properties, '$.MinSize') as min_size, + JSON_EXTRACT(Properties, '$.PoolState') as pool_state, + JSON_EXTRACT(Properties, '$.InstanceReusePolicy') as instance_reuse_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::WarmPool' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingGroupName') as auto_scaling_group_name, + json_extract_path_text(Properties, 'MaxGroupPreparedCapacity') as max_group_prepared_capacity, + json_extract_path_text(Properties, 'MinSize') as min_size, + json_extract_path_text(Properties, 'PoolState') as pool_state, + json_extract_path_text(Properties, 'InstanceReusePolicy') as instance_reuse_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::AutoScaling::WarmPool' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/b2bi.yaml b/providers/src/awscc/v00.00.00000/services/b2bi.yaml new file mode 100644 index 00000000..b3bd04d9 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/b2bi.yaml @@ -0,0 +1,762 @@ +openapi: 3.0.0 +info: + title: B2BI + version: 1.0.0 +paths: {} +components: + schemas: + CapabilityConfiguration: + oneOf: + - type: object + title: Edi + properties: + Edi: + $ref: '#/components/schemas/EdiConfiguration' + required: + - Edi + additionalProperties: false + CapabilityType: + type: string + enum: + - edi + EdiConfiguration: + type: object + properties: + Type: + $ref: '#/components/schemas/EdiType' + InputLocation: + $ref: '#/components/schemas/S3Location' + OutputLocation: + $ref: '#/components/schemas/S3Location' + TransformerId: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + required: + - InputLocation + - OutputLocation + - TransformerId + - Type + additionalProperties: false + EdiType: + oneOf: + - type: object + title: X12Details + properties: + X12Details: + $ref: '#/components/schemas/X12Details' + required: + - X12Details + additionalProperties: false + S3Location: + type: object + properties: + BucketName: + type: string + maxLength: 63 + minLength: 3 + Key: + type: string + maxLength: 1024 + minLength: 0 + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + Value: + type: string + maxLength: 256 + minLength: 0 + required: + - Key + - Value + additionalProperties: false + X12Details: + type: object + properties: + TransactionSet: + $ref: '#/components/schemas/X12TransactionSet' + Version: + $ref: '#/components/schemas/X12Version' + additionalProperties: false + X12TransactionSet: + type: string + enum: + - X12_110 + - X12_180 + - X12_204 + - X12_210 + - X12_214 + - X12_215 + - X12_310 + - X12_315 + - X12_322 + - X12_404 + - X12_410 + - X12_820 + - X12_824 + - X12_830 + - X12_846 + - X12_850 + - X12_852 + - X12_855 + - X12_856 + - X12_860 + - X12_861 + - X12_864 + - X12_940 + - X12_990 + - X12_997 + X12Version: + type: string + enum: + - VERSION_4010 + - VERSION_4030 + - VERSION_5010 + Capability: + type: object + properties: + CapabilityArn: + type: string + maxLength: 255 + minLength: 1 + CapabilityId: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + Configuration: + $ref: '#/components/schemas/CapabilityConfiguration' + CreatedAt: + type: string + format: date-time + InstructionsDocuments: + type: array + items: + $ref: '#/components/schemas/S3Location' + maxItems: 5 + minItems: 0 + ModifiedAt: + type: string + format: date-time + Name: + type: string + maxLength: 254 + minLength: 1 + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + Type: + $ref: '#/components/schemas/CapabilityType' + required: + - Configuration + - Name + - Type + x-stackql-resource-name: capability + x-stackql-primaryIdentifier: + - CapabilityId + x-create-only-properties: + - Type + x-read-only-properties: + - CapabilityArn + - CapabilityId + - CreatedAt + - ModifiedAt + x-required-permissions: + create: + - b2bi:CreateCapability + - b2bi:TagResource + - events:ListRules + - events:PutRule + - events:PutTargets + - logs:CreateLogDelivery + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:DescribeLogGroups + - logs:DescribeLogStreams + - logs:DescribeResourcePolicies + - logs:ListLogDeliveries + - logs:PutLogEvents + - logs:PutResourcePolicy + - s3:GetObject + - s3:ListBucket + read: + - b2bi:GetCapability + - b2bi:ListTagsForResource + update: + - b2bi:TagResource + - b2bi:UntagResource + - b2bi:UpdateCapability + delete: + - b2bi:DeleteCapability + list: + - b2bi:ListCapabilities + Partnership: + type: object + properties: + Capabilities: + type: array + items: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + CreatedAt: + type: string + format: date-time + Email: + type: string + maxLength: 254 + minLength: 5 + pattern: ^[\w\.\-]+@[\w\.\-]+$ + ModifiedAt: + type: string + format: date-time + Name: + type: string + maxLength: 254 + minLength: 1 + PartnershipArn: + type: string + maxLength: 255 + minLength: 1 + PartnershipId: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + Phone: + type: string + maxLength: 22 + minLength: 7 + pattern: ^\+?([0-9 \t\-()\/]{7,})(?:\s*(?:#|x\.?|ext\.?|extension) \t*(\d+))?$ + ProfileId: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + TradingPartnerId: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + required: + - Email + - Name + - ProfileId + x-stackql-resource-name: partnership + x-stackql-primaryIdentifier: + - PartnershipId + x-create-only-properties: + - Email + - Phone + - ProfileId + x-read-only-properties: + - CreatedAt + - ModifiedAt + - PartnershipArn + - PartnershipId + - TradingPartnerId + x-required-permissions: + create: + - b2bi:CreatePartnership + - b2bi:TagResource + - s3:PutObject + read: + - b2bi:GetPartnership + - b2bi:ListTagsForResource + update: + - b2bi:TagResource + - b2bi:UntagResource + - b2bi:UpdatePartnership + delete: + - b2bi:DeletePartnership + list: + - b2bi:ListPartnerships + Logging: + type: string + enum: + - ENABLED + - DISABLED + Profile: + type: object + properties: + BusinessName: + type: string + maxLength: 254 + minLength: 1 + CreatedAt: + type: string + format: date-time + Email: + type: string + maxLength: 254 + minLength: 5 + pattern: ^[\w\.\-]+@[\w\.\-]+$ + LogGroupName: + type: string + maxLength: 512 + minLength: 1 + Logging: + $ref: '#/components/schemas/Logging' + ModifiedAt: + type: string + format: date-time + Name: + type: string + maxLength: 254 + minLength: 1 + Phone: + type: string + maxLength: 22 + minLength: 7 + pattern: ^\+?([0-9 \t\-()\/]{7,})(?:\s*(?:#|x\.?|ext\.?|extension) \t*(\d+))?$ + ProfileArn: + type: string + maxLength: 255 + minLength: 1 + ProfileId: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + required: + - BusinessName + - Logging + - Name + - Phone + x-stackql-resource-name: profile + x-stackql-primaryIdentifier: + - ProfileId + x-create-only-properties: + - Logging + x-read-only-properties: + - CreatedAt + - LogGroupName + - ModifiedAt + - ProfileArn + - ProfileId + x-required-permissions: + create: + - b2bi:CreateProfile + - b2bi:TagResource + - logs:CreateLogDelivery + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:DescribeLogGroups + - logs:DescribeLogStreams + - logs:DescribeResourcePolicies + - logs:ListLogDeliveries + - logs:PutLogEvents + - logs:PutResourcePolicy + read: + - b2bi:GetProfile + - b2bi:ListTagsForResource + update: + - b2bi:TagResource + - b2bi:UntagResource + - b2bi:UpdateProfile + delete: + - b2bi:DeleteProfile + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + list: + - b2bi:ListProfiles + FileFormat: + type: string + enum: + - XML + - JSON + TransformerStatus: + type: string + enum: + - active + - inactive + Transformer: + type: object + properties: + CreatedAt: + type: string + format: date-time + EdiType: + $ref: '#/components/schemas/EdiType' + FileFormat: + $ref: '#/components/schemas/FileFormat' + MappingTemplate: + type: string + maxLength: 350000 + minLength: 0 + ModifiedAt: + type: string + format: date-time + Name: + type: string + maxLength: 254 + minLength: 1 + SampleDocument: + type: string + maxLength: 1024 + minLength: 0 + Status: + $ref: '#/components/schemas/TransformerStatus' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + TransformerArn: + type: string + maxLength: 255 + minLength: 1 + TransformerId: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + required: + - EdiType + - FileFormat + - MappingTemplate + - Name + - Status + x-stackql-resource-name: transformer + x-stackql-primaryIdentifier: + - TransformerId + x-read-only-properties: + - CreatedAt + - ModifiedAt + - TransformerArn + - TransformerId + x-required-permissions: + create: + - b2bi:CreateTransformer + - b2bi:TagResource + - b2bi:UpdateTransformer + - logs:CreateLogDelivery + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:DescribeLogGroups + - logs:DescribeLogStreams + - logs:DescribeResourcePolicies + - logs:ListLogDeliveries + - logs:PutLogEvents + - logs:PutResourcePolicy + read: + - b2bi:GetTransformer + - b2bi:ListTagsForResource + update: + - b2bi:TagResource + - b2bi:UntagResource + - b2bi:UpdateTransformer + delete: + - b2bi:DeleteTransformer + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + list: + - b2bi:ListTransformers + x-stackQL-resources: + capabilities: + name: capabilities + id: awscc.b2bi.capabilities + x-cfn-schema-name: Capability + x-type: list + x-identifiers: + - CapabilityId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CapabilityId') as capability_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Capability' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CapabilityId') as capability_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Capability' + AND region = 'us-east-1' + capability: + name: capability + id: awscc.b2bi.capability + x-cfn-schema-name: Capability + x-type: get + x-identifiers: + - CapabilityId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CapabilityArn') as capability_arn, + JSON_EXTRACT(Properties, '$.CapabilityId') as capability_id, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.InstructionsDocuments') as instructions_documents, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Capability' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CapabilityArn') as capability_arn, + json_extract_path_text(Properties, 'CapabilityId') as capability_id, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'InstructionsDocuments') as instructions_documents, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Capability' + AND data__Identifier = '' + AND region = 'us-east-1' + partnerships: + name: partnerships + id: awscc.b2bi.partnerships + x-cfn-schema-name: Partnership + x-type: list + x-identifiers: + - PartnershipId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PartnershipId') as partnership_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Partnership' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PartnershipId') as partnership_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Partnership' + AND region = 'us-east-1' + partnership: + name: partnership + id: awscc.b2bi.partnership + x-cfn-schema-name: Partnership + x-type: get + x-identifiers: + - PartnershipId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Capabilities') as capabilities, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Email') as email, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PartnershipArn') as partnership_arn, + JSON_EXTRACT(Properties, '$.PartnershipId') as partnership_id, + JSON_EXTRACT(Properties, '$.Phone') as phone, + JSON_EXTRACT(Properties, '$.ProfileId') as profile_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TradingPartnerId') as trading_partner_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Partnership' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Capabilities') as capabilities, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Email') as email, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PartnershipArn') as partnership_arn, + json_extract_path_text(Properties, 'PartnershipId') as partnership_id, + json_extract_path_text(Properties, 'Phone') as phone, + json_extract_path_text(Properties, 'ProfileId') as profile_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TradingPartnerId') as trading_partner_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Partnership' + AND data__Identifier = '' + AND region = 'us-east-1' + profiles: + name: profiles + id: awscc.b2bi.profiles + x-cfn-schema-name: Profile + x-type: list + x-identifiers: + - ProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProfileId') as profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Profile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProfileId') as profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Profile' + AND region = 'us-east-1' + profile: + name: profile + id: awscc.b2bi.profile + x-cfn-schema-name: Profile + x-type: get + x-identifiers: + - ProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BusinessName') as business_name, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Email') as email, + JSON_EXTRACT(Properties, '$.LogGroupName') as log_group_name, + JSON_EXTRACT(Properties, '$.Logging') as logging, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Phone') as phone, + JSON_EXTRACT(Properties, '$.ProfileArn') as profile_arn, + JSON_EXTRACT(Properties, '$.ProfileId') as profile_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Profile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BusinessName') as business_name, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Email') as email, + json_extract_path_text(Properties, 'LogGroupName') as log_group_name, + json_extract_path_text(Properties, 'Logging') as logging, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Phone') as phone, + json_extract_path_text(Properties, 'ProfileArn') as profile_arn, + json_extract_path_text(Properties, 'ProfileId') as profile_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Profile' + AND data__Identifier = '' + AND region = 'us-east-1' + transformers: + name: transformers + id: awscc.b2bi.transformers + x-cfn-schema-name: Transformer + x-type: list + x-identifiers: + - TransformerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TransformerId') as transformer_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Transformer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TransformerId') as transformer_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::B2BI::Transformer' + AND region = 'us-east-1' + transformer: + name: transformer + id: awscc.b2bi.transformer + x-cfn-schema-name: Transformer + x-type: get + x-identifiers: + - TransformerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.EdiType') as edi_type, + JSON_EXTRACT(Properties, '$.FileFormat') as file_format, + JSON_EXTRACT(Properties, '$.MappingTemplate') as mapping_template, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SampleDocument') as sample_document, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TransformerArn') as transformer_arn, + JSON_EXTRACT(Properties, '$.TransformerId') as transformer_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Transformer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'EdiType') as edi_type, + json_extract_path_text(Properties, 'FileFormat') as file_format, + json_extract_path_text(Properties, 'MappingTemplate') as mapping_template, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SampleDocument') as sample_document, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TransformerArn') as transformer_arn, + json_extract_path_text(Properties, 'TransformerId') as transformer_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::B2BI::Transformer' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/backup.yaml b/providers/src/awscc/v00.00.00000/services/backup.yaml new file mode 100644 index 00000000..6f545960 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/backup.yaml @@ -0,0 +1,1225 @@ +openapi: 3.0.0 +info: + title: Backup + version: 1.0.0 +paths: {} +components: + schemas: + BackupPlanResourceType: + type: object + additionalProperties: false + properties: + BackupPlanName: + type: string + AdvancedBackupSettings: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/AdvancedBackupSettingResourceType' + BackupPlanRule: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/BackupRuleResourceType' + required: + - BackupPlanName + - BackupPlanRule + BackupRuleResourceType: + type: object + additionalProperties: false + properties: + RuleName: + type: string + TargetBackupVault: + type: string + StartWindowMinutes: + type: number + CompletionWindowMinutes: + type: number + ScheduleExpression: + type: string + ScheduleExpressionTimezone: + type: string + RecoveryPointTags: + type: object + additionalProperties: false + x-patternProperties: + ^.{1,128}$: + type: string + CopyActions: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/CopyActionResourceType' + Lifecycle: + $ref: '#/components/schemas/LifecycleResourceType' + EnableContinuousBackup: + type: boolean + required: + - TargetBackupVault + - RuleName + AdvancedBackupSettingResourceType: + type: object + additionalProperties: false + properties: + BackupOptions: + type: object + ResourceType: + type: string + required: + - BackupOptions + - ResourceType + CopyActionResourceType: + type: object + additionalProperties: false + properties: + Lifecycle: + $ref: '#/components/schemas/LifecycleResourceType' + DestinationBackupVaultArn: + type: string + required: + - DestinationBackupVaultArn + LifecycleResourceType: + type: object + additionalProperties: false + properties: + MoveToColdStorageAfterDays: + type: number + DeleteAfterDays: + type: number + OptInToArchiveForSupportedResources: + type: boolean + BackupPlan: + type: object + properties: + BackupPlan: + $ref: '#/components/schemas/BackupPlanResourceType' + BackupPlanTags: + type: object + additionalProperties: false + x-patternProperties: + ^.{1,128}$: + type: string + BackupPlanArn: + type: string + BackupPlanId: + type: string + VersionId: + type: string + required: + - BackupPlan + x-stackql-resource-name: backup_plan + x-stackql-primaryIdentifier: + - BackupPlanId + x-read-only-properties: + - BackupPlanId + - VersionId + - BackupPlanArn + x-required-permissions: + read: + - backup:GetBackupPlan + - backup:ListTags + create: + - backup:GetBackupPlan + - backup:TagResource + - backup:CreateBackupPlan + delete: + - backup:GetBackupPlan + - backup:DeleteBackupPlan + update: + - backup:UpdateBackupPlan + - backup:ListTags + - backup:TagResource + - backup:UntagResource + list: + - backup:ListBackupPlans + BackupSelectionResourceType: + type: object + additionalProperties: false + properties: + IamRoleArn: + type: string + ListOfTags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConditionResourceType' + Resources: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + SelectionName: + type: string + NotResources: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + Conditions: + type: object + additionalProperties: false + properties: + StringEquals: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConditionParameter' + StringNotEquals: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConditionParameter' + StringLike: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConditionParameter' + StringNotLike: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConditionParameter' + required: + - SelectionName + - IamRoleArn + ConditionParameter: + type: object + additionalProperties: false + properties: + ConditionKey: + type: string + ConditionValue: + type: string + ConditionResourceType: + type: object + additionalProperties: false + properties: + ConditionKey: + type: string + ConditionValue: + type: string + ConditionType: + type: string + required: + - ConditionValue + - ConditionKey + - ConditionType + BackupSelection: + type: object + properties: + Id: + type: string + BackupPlanId: + type: string + BackupSelection: + $ref: '#/components/schemas/BackupSelectionResourceType' + SelectionId: + type: string + required: + - BackupSelection + - BackupPlanId + x-stackql-resource-name: backup_selection + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - BackupSelection + - BackupPlanId + x-read-only-properties: + - SelectionId + - Id + x-required-permissions: + delete: + - backup:GetBackupSelection + - backup:DeleteBackupSelection + read: + - backup:GetBackupSelection + create: + - backup:CreateBackupSelection + - iam:GetRole + - iam:PassRole + - iam:CreateServiceLinkedRole + list: + - backup:ListBackupSelections + NotificationObjectType: + type: object + additionalProperties: false + properties: + BackupVaultEvents: + type: array + x-insertionOrder: false + uniqueItems: false + items: + type: string + SNSTopicArn: + type: string + required: + - SNSTopicArn + - BackupVaultEvents + LockConfigurationType: + type: object + additionalProperties: false + properties: + MinRetentionDays: + type: integer + MaxRetentionDays: + type: integer + ChangeableForDays: + type: integer + required: + - MinRetentionDays + BackupVaultNamePattern: + type: string + pattern: ^[a-zA-Z0-9\-\_]{2,50}$ + BackupVault: + type: object + properties: + AccessPolicy: + type: object + BackupVaultName: + $ref: '#/components/schemas/BackupVaultNamePattern' + BackupVaultTags: + type: object + additionalProperties: false + x-patternProperties: + ^.{1,128}$: + type: string + EncryptionKeyArn: + type: string + Notifications: + $ref: '#/components/schemas/NotificationObjectType' + LockConfiguration: + $ref: '#/components/schemas/LockConfigurationType' + BackupVaultArn: + type: string + required: + - BackupVaultName + x-stackql-resource-name: backup_vault + x-stackql-primaryIdentifier: + - BackupVaultName + x-create-only-properties: + - BackupVaultName + - EncryptionKeyArn + x-read-only-properties: + - BackupVaultArn + x-required-permissions: + create: + - backup:TagResource + - backup:CreateBackupVault + - backup:PutBackupVaultAccessPolicy + - backup:PutBackupVaultNotifications + - backup:PutBackupVaultLockConfiguration + - backup-storage:Mount + - backup-storage:MountCapsule + - kms:CreateGrant + - kms:GenerateDataKey + - kms:Decrypt + - kms:RetireGrant + - kms:DescribeKey + read: + - backup:DescribeBackupVault + - backup:GetBackupVaultNotifications + - backup:GetBackupVaultAccessPolicy + - backup:ListTags + update: + - backup:DescribeBackupVault + - backup:DeleteBackupVaultAccessPolicy + - backup:DeleteBackupVaultNotifications + - backup:DeleteBackupVaultLockConfiguration + - backup:ListTags + - backup:TagResource + - backup:UntagResource + - backup:PutBackupVaultAccessPolicy + - backup:PutBackupVaultNotifications + - backup:PutBackupVaultLockConfiguration + delete: + - backup:DeleteBackupVault + list: + - backup:ListBackupVaults + FrameworkControl: + type: object + additionalProperties: false + properties: + ControlName: + description: The name of a control. This name is between 1 and 256 characters. + type: string + ControlInputParameters: + type: array + description: A list of ParameterName and ParameterValue pairs. + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/ControlInputParameter' + ControlScope: + type: object + description: 'The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans.' + additionalProperties: false + properties: + ComplianceResourceIds: + description: The ID of the only AWS resource that you want your control scope to contain. + type: array + x-insertionOrder: false + items: + type: string + ComplianceResourceTypes: + type: array + description: Describes whether the control scope includes one or more types of resources, such as `EFS` or `RDS`. + x-insertionOrder: false + items: + type: string + Tags: + type: array + description: Describes whether the control scope includes resources with one or more tags. Each tag is a key-value pair. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ControlName + ControlInputParameter: + type: object + additionalProperties: false + properties: + ParameterName: + type: string + ParameterValue: + type: string + required: + - ParameterName + - ParameterValue + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + Framework: + type: object + properties: + FrameworkName: + description: The unique name of a framework. This name is between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_). + type: string + pattern: '[a-zA-Z][_a-zA-Z0-9]*' + minLength: 1 + maxLength: 256 + FrameworkDescription: + description: An optional description of the framework with a maximum 1,024 characters. + type: string + minLength: 0 + maxLength: 1024 + FrameworkArn: + description: An Amazon Resource Name (ARN) that uniquely identifies Framework as a resource + type: string + DeploymentStatus: + description: 'The deployment status of a framework. The statuses are: `CREATE_IN_PROGRESS | UPDATE_IN_PROGRESS | DELETE_IN_PROGRESS | COMPLETED | FAILED`' + type: string + CreationTime: + description: The date and time that a framework is created, in ISO 8601 representation. The value of CreationTime is accurate to milliseconds. For example, 2020-07-10T15:00:00.000-08:00 represents the 10th of July 2020 at 3:00 PM 8 hours behind UTC. + type: string + FrameworkControls: + description: Contains detailed information about all of the controls of a framework. Each framework must contain at least one control. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/FrameworkControl' + FrameworkStatus: + type: string + description: |- + A framework consists of one or more controls. Each control governs a resource, such as backup plans, backup selections, backup vaults, or recovery points. You can also turn AWS Config recording on or off for each resource. The statuses are: + + `ACTIVE` when recording is turned on for all resources governed by the framework. + + `PARTIALLY_ACTIVE` when recording is turned off for at least one resource governed by the framework. + + `INACTIVE` when recording is turned off for all resources governed by the framework. + + `UNAVAILABLE` when AWS Backup is unable to validate recording status at this time. + FrameworkTags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + description: Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair. + required: + - FrameworkControls + x-stackql-resource-name: framework + x-stackql-primaryIdentifier: + - FrameworkArn + x-create-only-properties: + - FrameworkName + x-read-only-properties: + - FrameworkArn + - CreationTime + - FrameworkStatus + - DeploymentStatus + x-required-permissions: + create: + - backup:CreateFramework + - backup:DescribeFramework + - backup:ListTags + - backup:TagResource + - iam:CreateServiceLinkedRole + read: + - backup:DescribeFramework + - backup:ListTags + update: + - backup:DescribeFramework + - backup:UpdateFramework + - backup:ListTags + - backup:TagResource + - backup:UntagResource + delete: + - backup:DeleteFramework + - backup:DescribeFramework + list: + - backup:ListFrameworks + ReportPlan: + type: object + properties: + ReportPlanName: + type: string + description: The unique name of the report plan. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_). + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z][_a-zA-Z0-9]*' + ReportPlanArn: + type: string + description: An Amazon Resource Name (ARN) that uniquely identifies a resource. The format of the ARN depends on the resource type. + ReportPlanDescription: + type: string + description: An optional description of the report plan with a maximum of 1,024 characters. + minLength: 0 + maxLength: 1024 + pattern: .*\S.* + ReportPlanTags: + description: Metadata that you can assign to help organize the report plans that you create. Each tag is a key-value pair. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + ReportDeliveryChannel: + type: object + description: A structure that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports. + properties: + Formats: + type: array + description: 'A list of the format of your reports: CSV, JSON, or both. If not specified, the default format is CSV.' + uniqueItems: true + x-insertionOrder: false + items: + type: string + S3BucketName: + type: string + description: The unique name of the S3 bucket that receives your reports. + S3KeyPrefix: + type: string + description: 'The prefix for where AWS Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/prefix/Backup/us-west-2/year/month/day/report-name. If not specified, there is no prefix.' + additionalProperties: false + required: + - S3BucketName + ReportSetting: + type: object + description: Identifies the report template for the report. Reports are built using a report template. + properties: + ReportTemplate: + type: string + description: 'Identifies the report template for the report. Reports are built using a report template. The report templates are: `BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT`' + FrameworkArns: + type: array + description: The Amazon Resource Names (ARNs) of the frameworks a report covers. + x-insertionOrder: false + uniqueItems: true + items: + type: string + Accounts: + type: array + description: The list of AWS accounts that a report covers. + x-insertionOrder: false + uniqueItems: true + items: + type: string + OrganizationUnits: + type: array + description: The list of AWS organization units that a report covers. + x-insertionOrder: false + uniqueItems: true + items: + type: string + Regions: + type: array + description: The list of AWS regions that a report covers. + x-insertionOrder: false + uniqueItems: true + items: + type: string + additionalProperties: false + required: + - ReportTemplate + required: + - ReportDeliveryChannel + - ReportSetting + x-stackql-resource-name: report_plan + x-stackql-primaryIdentifier: + - ReportPlanArn + x-create-only-properties: + - ReportPlanName + x-read-only-properties: + - ReportPlanArn + x-required-permissions: + create: + - backup:CreateReportPlan + - backup:DescribeReportPlan + - backup:ListTags + - backup:TagResource + - iam:CreateServiceLinkedRole + read: + - backup:DescribeReportPlan + - backup:ListTags + update: + - backup:DescribeReportPlan + - backup:UpdateReportPlan + - backup:ListTags + - backup:UntagResource + - backup:TagResource + delete: + - backup:DeleteReportPlan + - backup:DescribeReportPlan + list: + - backup:ListReportPlans + RestoreTestingRecoveryPointSelection: + type: object + additionalProperties: false + properties: + Algorithm: + $ref: '#/components/schemas/RestoreTestingRecoveryPointSelectionAlgorithm' + SelectionWindowDays: + type: integer + RecoveryPointTypes: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/RestoreTestingRecoveryPointType' + IncludeVaults: + type: array + x-insertionOrder: false + items: + type: string + ExcludeVaults: + type: array + x-insertionOrder: false + items: + type: string + required: + - Algorithm + - RecoveryPointTypes + - IncludeVaults + RestoreTestingRecoveryPointSelectionAlgorithm: + type: string + enum: + - LATEST_WITHIN_WINDOW + - RANDOM_WITHIN_WINDOW + RestoreTestingRecoveryPointType: + type: string + enum: + - SNAPSHOT + - CONTINUOUS + RestoreTestingPlan: + type: object + properties: + RecoveryPointSelection: + $ref: '#/components/schemas/RestoreTestingRecoveryPointSelection' + RestoreTestingPlanArn: + type: string + RestoreTestingPlanName: + type: string + ScheduleExpression: + type: string + ScheduleExpressionTimezone: + type: string + StartWindowHours: + type: integer + Tags: + items: + $ref: '#/components/schemas/Tag' + type: array + x-insertionOrder: false + uniqueItems: true + required: + - RecoveryPointSelection + - ScheduleExpression + - RestoreTestingPlanName + x-stackql-resource-name: restore_testing_plan + x-stackql-primaryIdentifier: + - RestoreTestingPlanName + x-create-only-properties: + - RestoreTestingPlanName + x-read-only-properties: + - RestoreTestingPlanArn + x-required-permissions: + create: + - backup:CreateRestoreTestingPlan + - backup:TagResource + - backup:GetRestoreTestingPlan + - backup:ListTags + read: + - backup:GetRestoreTestingPlan + - backup:ListTags + update: + - backup:UpdateRestoreTestingPlan + - backup:TagResource + - backup:UntagResource + - backup:GetRestoreTestingPlan + - backup:ListTags + delete: + - backup:DeleteRestoreTestingPlan + - backup:GetRestoreTestingPlan + list: + - backup:ListRestoreTestingPlans + KeyValue: + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + required: + - Key + - Value + type: object + ProtectedResourceConditions: + additionalProperties: false + properties: + StringEquals: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/KeyValue' + StringNotEquals: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/KeyValue' + type: object + SensitiveStringMap: + additionalProperties: false + x-patternProperties: + .+: + type: string + type: object + RestoreTestingSelection: + type: object + properties: + IamRoleArn: + type: string + ProtectedResourceArns: + type: array + x-insertionOrder: false + items: + type: string + ProtectedResourceConditions: + $ref: '#/components/schemas/ProtectedResourceConditions' + ProtectedResourceType: + type: string + RestoreMetadataOverrides: + $ref: '#/components/schemas/SensitiveStringMap' + RestoreTestingPlanName: + type: string + RestoreTestingSelectionName: + type: string + ValidationWindowHours: + type: integer + required: + - IamRoleArn + - ProtectedResourceType + - RestoreTestingPlanName + - RestoreTestingSelectionName + x-stackql-resource-name: restore_testing_selection + x-stackql-primaryIdentifier: + - RestoreTestingPlanName + - RestoreTestingSelectionName + x-create-only-properties: + - ProtectedResourceType + - RestoreTestingPlanName + - RestoreTestingSelectionName + x-required-permissions: + create: + - backup:CreateRestoreTestingSelection + - backup:GetRestoreTestingSelection + - iam:PassRole + read: + - backup:GetRestoreTestingSelection + update: + - backup:UpdateRestoreTestingSelection + - backup:GetRestoreTestingSelection + - iam:PassRole + delete: + - backup:DeleteRestoreTestingSelection + - backup:GetRestoreTestingSelection + list: + - backup:ListRestoreTestingSelections + x-stackQL-resources: + backup_plans: + name: backup_plans + id: awscc.backup.backup_plans + x-cfn-schema-name: BackupPlan + x-type: list + x-identifiers: + - BackupPlanId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BackupPlanId') as backup_plan_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::BackupPlan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BackupPlanId') as backup_plan_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::BackupPlan' + AND region = 'us-east-1' + backup_plan: + name: backup_plan + id: awscc.backup.backup_plan + x-cfn-schema-name: BackupPlan + x-type: get + x-identifiers: + - BackupPlanId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BackupPlan') as backup_plan, + JSON_EXTRACT(Properties, '$.BackupPlanTags') as backup_plan_tags, + JSON_EXTRACT(Properties, '$.BackupPlanArn') as backup_plan_arn, + JSON_EXTRACT(Properties, '$.BackupPlanId') as backup_plan_id, + JSON_EXTRACT(Properties, '$.VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::BackupPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BackupPlan') as backup_plan, + json_extract_path_text(Properties, 'BackupPlanTags') as backup_plan_tags, + json_extract_path_text(Properties, 'BackupPlanArn') as backup_plan_arn, + json_extract_path_text(Properties, 'BackupPlanId') as backup_plan_id, + json_extract_path_text(Properties, 'VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::BackupPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + backup_selections: + name: backup_selections + id: awscc.backup.backup_selections + x-cfn-schema-name: BackupSelection + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::BackupSelection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::BackupSelection' + AND region = 'us-east-1' + backup_selection: + name: backup_selection + id: awscc.backup.backup_selection + x-cfn-schema-name: BackupSelection + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.BackupPlanId') as backup_plan_id, + JSON_EXTRACT(Properties, '$.BackupSelection') as backup_selection, + JSON_EXTRACT(Properties, '$.SelectionId') as selection_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::BackupSelection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'BackupPlanId') as backup_plan_id, + json_extract_path_text(Properties, 'BackupSelection') as backup_selection, + json_extract_path_text(Properties, 'SelectionId') as selection_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::BackupSelection' + AND data__Identifier = '' + AND region = 'us-east-1' + backup_vaults: + name: backup_vaults + id: awscc.backup.backup_vaults + x-cfn-schema-name: BackupVault + x-type: list + x-identifiers: + - BackupVaultName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BackupVaultName') as backup_vault_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::BackupVault' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BackupVaultName') as backup_vault_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::BackupVault' + AND region = 'us-east-1' + backup_vault: + name: backup_vault + id: awscc.backup.backup_vault + x-cfn-schema-name: BackupVault + x-type: get + x-identifiers: + - BackupVaultName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessPolicy') as access_policy, + JSON_EXTRACT(Properties, '$.BackupVaultName') as backup_vault_name, + JSON_EXTRACT(Properties, '$.BackupVaultTags') as backup_vault_tags, + JSON_EXTRACT(Properties, '$.EncryptionKeyArn') as encryption_key_arn, + JSON_EXTRACT(Properties, '$.Notifications') as notifications, + JSON_EXTRACT(Properties, '$.LockConfiguration') as lock_configuration, + JSON_EXTRACT(Properties, '$.BackupVaultArn') as backup_vault_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::BackupVault' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessPolicy') as access_policy, + json_extract_path_text(Properties, 'BackupVaultName') as backup_vault_name, + json_extract_path_text(Properties, 'BackupVaultTags') as backup_vault_tags, + json_extract_path_text(Properties, 'EncryptionKeyArn') as encryption_key_arn, + json_extract_path_text(Properties, 'Notifications') as notifications, + json_extract_path_text(Properties, 'LockConfiguration') as lock_configuration, + json_extract_path_text(Properties, 'BackupVaultArn') as backup_vault_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::BackupVault' + AND data__Identifier = '' + AND region = 'us-east-1' + frameworks: + name: frameworks + id: awscc.backup.frameworks + x-cfn-schema-name: Framework + x-type: list + x-identifiers: + - FrameworkArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FrameworkArn') as framework_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::Framework' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FrameworkArn') as framework_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::Framework' + AND region = 'us-east-1' + framework: + name: framework + id: awscc.backup.framework + x-cfn-schema-name: Framework + x-type: get + x-identifiers: + - FrameworkArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FrameworkName') as framework_name, + JSON_EXTRACT(Properties, '$.FrameworkDescription') as framework_description, + JSON_EXTRACT(Properties, '$.FrameworkArn') as framework_arn, + JSON_EXTRACT(Properties, '$.DeploymentStatus') as deployment_status, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.FrameworkControls') as framework_controls, + JSON_EXTRACT(Properties, '$.FrameworkStatus') as framework_status, + JSON_EXTRACT(Properties, '$.FrameworkTags') as framework_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::Framework' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FrameworkName') as framework_name, + json_extract_path_text(Properties, 'FrameworkDescription') as framework_description, + json_extract_path_text(Properties, 'FrameworkArn') as framework_arn, + json_extract_path_text(Properties, 'DeploymentStatus') as deployment_status, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'FrameworkControls') as framework_controls, + json_extract_path_text(Properties, 'FrameworkStatus') as framework_status, + json_extract_path_text(Properties, 'FrameworkTags') as framework_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::Framework' + AND data__Identifier = '' + AND region = 'us-east-1' + report_plans: + name: report_plans + id: awscc.backup.report_plans + x-cfn-schema-name: ReportPlan + x-type: list + x-identifiers: + - ReportPlanArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReportPlanArn') as report_plan_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::ReportPlan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReportPlanArn') as report_plan_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::ReportPlan' + AND region = 'us-east-1' + report_plan: + name: report_plan + id: awscc.backup.report_plan + x-cfn-schema-name: ReportPlan + x-type: get + x-identifiers: + - ReportPlanArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReportPlanName') as report_plan_name, + JSON_EXTRACT(Properties, '$.ReportPlanArn') as report_plan_arn, + JSON_EXTRACT(Properties, '$.ReportPlanDescription') as report_plan_description, + JSON_EXTRACT(Properties, '$.ReportPlanTags') as report_plan_tags, + JSON_EXTRACT(Properties, '$.ReportDeliveryChannel') as report_delivery_channel, + JSON_EXTRACT(Properties, '$.ReportSetting') as report_setting + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::ReportPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReportPlanName') as report_plan_name, + json_extract_path_text(Properties, 'ReportPlanArn') as report_plan_arn, + json_extract_path_text(Properties, 'ReportPlanDescription') as report_plan_description, + json_extract_path_text(Properties, 'ReportPlanTags') as report_plan_tags, + json_extract_path_text(Properties, 'ReportDeliveryChannel') as report_delivery_channel, + json_extract_path_text(Properties, 'ReportSetting') as report_setting + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::ReportPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + restore_testing_plans: + name: restore_testing_plans + id: awscc.backup.restore_testing_plans + x-cfn-schema-name: RestoreTestingPlan + x-type: list + x-identifiers: + - RestoreTestingPlanName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestoreTestingPlanName') as restore_testing_plan_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::RestoreTestingPlan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestoreTestingPlanName') as restore_testing_plan_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::RestoreTestingPlan' + AND region = 'us-east-1' + restore_testing_plan: + name: restore_testing_plan + id: awscc.backup.restore_testing_plan + x-cfn-schema-name: RestoreTestingPlan + x-type: get + x-identifiers: + - RestoreTestingPlanName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RecoveryPointSelection') as recovery_point_selection, + JSON_EXTRACT(Properties, '$.RestoreTestingPlanArn') as restore_testing_plan_arn, + JSON_EXTRACT(Properties, '$.RestoreTestingPlanName') as restore_testing_plan_name, + JSON_EXTRACT(Properties, '$.ScheduleExpression') as schedule_expression, + JSON_EXTRACT(Properties, '$.ScheduleExpressionTimezone') as schedule_expression_timezone, + JSON_EXTRACT(Properties, '$.StartWindowHours') as start_window_hours, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::RestoreTestingPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RecoveryPointSelection') as recovery_point_selection, + json_extract_path_text(Properties, 'RestoreTestingPlanArn') as restore_testing_plan_arn, + json_extract_path_text(Properties, 'RestoreTestingPlanName') as restore_testing_plan_name, + json_extract_path_text(Properties, 'ScheduleExpression') as schedule_expression, + json_extract_path_text(Properties, 'ScheduleExpressionTimezone') as schedule_expression_timezone, + json_extract_path_text(Properties, 'StartWindowHours') as start_window_hours, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::RestoreTestingPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + restore_testing_selections: + name: restore_testing_selections + id: awscc.backup.restore_testing_selections + x-cfn-schema-name: RestoreTestingSelection + x-type: list + x-identifiers: + - RestoreTestingPlanName + - RestoreTestingSelectionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RestoreTestingPlanName') as restore_testing_plan_name, + JSON_EXTRACT(Properties, '$.RestoreTestingSelectionName') as restore_testing_selection_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::RestoreTestingSelection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RestoreTestingPlanName') as restore_testing_plan_name, + json_extract_path_text(Properties, 'RestoreTestingSelectionName') as restore_testing_selection_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Backup::RestoreTestingSelection' + AND region = 'us-east-1' + restore_testing_selection: + name: restore_testing_selection + id: awscc.backup.restore_testing_selection + x-cfn-schema-name: RestoreTestingSelection + x-type: get + x-identifiers: + - RestoreTestingPlanName + - RestoreTestingSelectionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IamRoleArn') as iam_role_arn, + JSON_EXTRACT(Properties, '$.ProtectedResourceArns') as protected_resource_arns, + JSON_EXTRACT(Properties, '$.ProtectedResourceConditions') as protected_resource_conditions, + JSON_EXTRACT(Properties, '$.ProtectedResourceType') as protected_resource_type, + JSON_EXTRACT(Properties, '$.RestoreMetadataOverrides') as restore_metadata_overrides, + JSON_EXTRACT(Properties, '$.RestoreTestingPlanName') as restore_testing_plan_name, + JSON_EXTRACT(Properties, '$.RestoreTestingSelectionName') as restore_testing_selection_name, + JSON_EXTRACT(Properties, '$.ValidationWindowHours') as validation_window_hours + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::RestoreTestingSelection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IamRoleArn') as iam_role_arn, + json_extract_path_text(Properties, 'ProtectedResourceArns') as protected_resource_arns, + json_extract_path_text(Properties, 'ProtectedResourceConditions') as protected_resource_conditions, + json_extract_path_text(Properties, 'ProtectedResourceType') as protected_resource_type, + json_extract_path_text(Properties, 'RestoreMetadataOverrides') as restore_metadata_overrides, + json_extract_path_text(Properties, 'RestoreTestingPlanName') as restore_testing_plan_name, + json_extract_path_text(Properties, 'RestoreTestingSelectionName') as restore_testing_selection_name, + json_extract_path_text(Properties, 'ValidationWindowHours') as validation_window_hours + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Backup::RestoreTestingSelection' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/backupgateway.yaml b/providers/src/awscc/v00.00.00000/services/backupgateway.yaml new file mode 100644 index 00000000..c435a5b8 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/backupgateway.yaml @@ -0,0 +1,179 @@ +openapi: 3.0.0 +info: + title: BackupGateway + version: 1.0.0 +paths: {} +components: + schemas: + HypervisorState: + type: string + enum: + - PENDING + - ONLINE + - OFFLINE + - ERROR + SyncMetadataStatus: + type: string + enum: + - PENDING + - IN_PROGRESS + - FAILED + - SUCCEEDED + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + Value: + type: string + maxLength: 256 + minLength: 0 + pattern: ^[^\x00]*$ + required: + - Key + - Value + additionalProperties: false + Hypervisor: + type: object + properties: + Host: + type: string + maxLength: 128 + minLength: 3 + pattern: ^.+$ + HypervisorArn: + type: string + maxLength: 500 + minLength: 50 + pattern: ^arn:(aws|aws-cn|aws-us-gov):backup-gateway(:[a-zA-Z-0-9]+){3}\/[a-zA-Z-0-9]+$ + KmsKeyArn: + type: string + maxLength: 500 + minLength: 50 + pattern: ^(^arn:(aws|aws-cn|aws-us-gov):kms:([a-zA-Z0-9-]+):([0-9]+):(key|alias)/(\S+)$)|(^alias/(\S+)$)$ + LogGroupArn: + type: string + maxLength: 2048 + minLength: 0 + pattern: ^$|^arn:(aws|aws-cn|aws-us-gov):logs:([a-zA-Z0-9-]+):([0-9]+):log-group:[a-zA-Z0-9_\-\/\.]+:\*$ + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + Password: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[ -~]+$ + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + Username: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[ -\.0-\[\]-~]*[!-\.0-\[\]-~][ -\.0-\[\]-~]*$ + x-stackql-resource-name: hypervisor + x-stackql-primaryIdentifier: + - HypervisorArn + x-create-only-properties: + - KmsKeyArn + - Tags + x-read-only-properties: + - HypervisorArn + x-required-permissions: + create: + - backup-gateway:ImportHypervisorConfiguration + - backup-gateway:GetHypervisor + - backup-gateway:ListHypervisors + - backup-gateway:TagResource + - kms:CreateGrant + - kms:Encrypt + - kms:Decrypt + read: + - backup-gateway:GetHypervisor + - backup-gateway:ListHypervisors + update: + - backup-gateway:UpdateHypervisor + - backup-gateway:GetHypervisor + - backup-gateway:ListHypervisors + - backup-gateway:ImportHypervisorConfiguration + - backup-gateway:DeleteHypervisor + delete: + - backup-gateway:DeleteHypervisor + - backup-gateway:GetHypervisor + - backup-gateway:ListHypervisors + list: + - backup-gateway:ListHypervisors + x-stackQL-resources: + hypervisors: + name: hypervisors + id: awscc.backupgateway.hypervisors + x-cfn-schema-name: Hypervisor + x-type: list + x-identifiers: + - HypervisorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HypervisorArn') as hypervisor_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BackupGateway::Hypervisor' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HypervisorArn') as hypervisor_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BackupGateway::Hypervisor' + AND region = 'us-east-1' + hypervisor: + name: hypervisor + id: awscc.backupgateway.hypervisor + x-cfn-schema-name: Hypervisor + x-type: get + x-identifiers: + - HypervisorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Host') as host, + JSON_EXTRACT(Properties, '$.HypervisorArn') as hypervisor_arn, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.LogGroupArn') as log_group_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Password') as password, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Username') as username + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BackupGateway::Hypervisor' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Host') as host, + json_extract_path_text(Properties, 'HypervisorArn') as hypervisor_arn, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'LogGroupArn') as log_group_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Password') as password, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Username') as username + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BackupGateway::Hypervisor' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/batch.yaml b/providers/src/awscc/v00.00.00000/services/batch.yaml new file mode 100644 index 00000000..3da76a46 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/batch.yaml @@ -0,0 +1,531 @@ +openapi: 3.0.0 +info: + title: Batch + version: 1.0.0 +paths: {} +components: + schemas: + ComputeResources: + type: object + additionalProperties: false + properties: + AllocationStrategy: + type: string + BidPercentage: + type: integer + DesiredvCpus: + type: integer + Ec2Configuration: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Ec2ConfigurationObject' + Ec2KeyPair: + type: string + ImageId: + type: string + InstanceRole: + type: string + InstanceTypes: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + LaunchTemplate: + $ref: '#/components/schemas/LaunchTemplateSpecification' + MaxvCpus: + type: integer + MinvCpus: + type: integer + PlacementGroup: + type: string + SecurityGroupIds: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + SpotIamFleetRole: + type: string + Subnets: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + .*: + type: string + additionalProperties: false + Type: + type: string + UpdateToLatestImageVersion: + type: boolean + default: false + required: + - Subnets + - Type + - MaxvCpus + Ec2ConfigurationObject: + type: object + additionalProperties: false + properties: + ImageIdOverride: + type: string + ImageType: + type: string + ImageKubernetesVersion: + type: string + required: + - ImageType + LaunchTemplateSpecification: + type: object + additionalProperties: false + properties: + LaunchTemplateId: + type: string + LaunchTemplateName: + type: string + Version: + type: string + UpdatePolicy: + type: object + additionalProperties: false + properties: + TerminateJobsOnUpdate: + type: boolean + default: false + JobExecutionTimeoutMinutes: + type: integer + default: 30 + EksConfiguration: + type: object + additionalProperties: false + properties: + EksClusterArn: + type: string + default: false + KubernetesNamespace: + type: string + default: false + required: + - EksClusterArn + - KubernetesNamespace + ComputeEnvironment: + type: object + properties: + ComputeEnvironmentArn: + type: string + ComputeEnvironmentName: + type: string + ComputeResources: + $ref: '#/components/schemas/ComputeResources' + ReplaceComputeEnvironment: + type: boolean + default: true + ServiceRole: + type: string + State: + type: string + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + .*: + type: string + additionalProperties: false + Type: + type: string + UpdatePolicy: + $ref: '#/components/schemas/UpdatePolicy' + UnmanagedvCpus: + type: integer + EksConfiguration: + $ref: '#/components/schemas/EksConfiguration' + required: + - Type + x-stackql-resource-name: compute_environment + x-stackql-primaryIdentifier: + - ComputeEnvironmentArn + x-create-only-properties: + - ComputeResources/SpotIamFleetRole + - ComputeEnvironmentName + - Tags + - Type + - EksConfiguration + x-read-only-properties: + - ComputeEnvironmentArn + x-required-permissions: + create: + - Batch:CreateComputeEnvironment + - Batch:TagResource + - Batch:DescribeComputeEnvironments + - iam:CreateServiceLinkedRole + - Iam:PassRole + - Eks:DescribeCluster + read: + - Batch:DescribeComputeEnvironments + update: + - Batch:UpdateComputeEnvironment + - Batch:DescribeComputeEnvironments + - Batch:TagResource + - Batch:UnTagResource + - Iam:PassRole + - Eks:DescribeCluster + delete: + - Batch:DeleteComputeEnvironment + - Batch:DescribeComputeEnvironments + - Batch:UpdateComputeEnvironment + - Iam:PassRole + - Eks:DescribeCluster + list: + - Batch:DescribeComputeEnvironments + ResourceArn: + description: ARN of the Scheduling Policy. + type: string + ComputeEnvironmentOrder: + type: object + additionalProperties: false + properties: + ComputeEnvironment: + type: string + Order: + type: integer + required: + - ComputeEnvironment + - Order + JobQueue: + type: object + properties: + JobQueueName: + type: string + minLength: 1 + maxLength: 128 + JobQueueArn: + $ref: '#/components/schemas/ResourceArn' + ComputeEnvironmentOrder: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/ComputeEnvironmentOrder' + Priority: + type: integer + minimum: 0 + maximum: 1000 + State: + type: string + enum: + - DISABLED + - ENABLED + SchedulingPolicyArn: + $ref: '#/components/schemas/ResourceArn' + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + .*: + type: string + additionalProperties: false + required: + - ComputeEnvironmentOrder + - Priority + x-stackql-resource-name: job_queue + x-stackql-primaryIdentifier: + - JobQueueArn + x-create-only-properties: + - Tags + - JobQueueName + x-read-only-properties: + - JobQueueArn + x-required-permissions: + create: + - Batch:CreateJobQueue + - Batch:TagResource + - Batch:DescribeJobQueues + read: + - Batch:DescribeJobQueues + update: + - Batch:DescribeJobQueues + - Batch:UpdateJobQueue + - Batch:TagResource + - Batch:UnTagResource + delete: + - Batch:UpdateJobQueue + - Batch:DescribeJobQueues + - Batch:DeleteJobQueue + list: + - Batch:DescribeJobQueues + FairsharePolicy: + description: Fair Share Policy for the Job Queue. + type: object + properties: + ShareDecaySeconds: + type: number + minimum: 0 + maximum: 604800 + ComputeReservation: + type: number + minimum: 0 + maximum: 99 + ShareDistribution: + description: List of Share Attributes + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ShareAttributes' + required: [] + additionalProperties: false + ShareAttributes: + type: object + properties: + ShareIdentifier: + type: string + WeightFactor: + type: number + minimum: 0 + maximum: 1000 + required: [] + additionalProperties: false + SchedulingPolicy: + type: object + properties: + Name: + description: Name of Scheduling Policy. + type: string + pattern: '' + Arn: + $ref: '#/components/schemas/ResourceArn' + FairsharePolicy: + $ref: '#/components/schemas/FairsharePolicy' + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + .*: + type: string + additionalProperties: false + x-stackql-resource-name: scheduling_policy + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Tags + x-read-only-properties: + - Arn + x-required-permissions: + create: + - Batch:CreateSchedulingPolicy + - Batch:TagResource + read: + - Batch:DescribeSchedulingPolicies + update: + - Batch:UpdateSchedulingPolicy + - Batch:TagResource + - Batch:UnTagResource + delete: + - Batch:DescribeSchedulingPolicies + - Batch:DeleteSchedulingPolicy + list: + - Batch:ListSchedulingPolicies + - Batch:DescribeSchedulingPolicies + x-stackQL-resources: + compute_environments: + name: compute_environments + id: awscc.batch.compute_environments + x-cfn-schema-name: ComputeEnvironment + x-type: list + x-identifiers: + - ComputeEnvironmentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ComputeEnvironmentArn') as compute_environment_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Batch::ComputeEnvironment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ComputeEnvironmentArn') as compute_environment_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Batch::ComputeEnvironment' + AND region = 'us-east-1' + compute_environment: + name: compute_environment + id: awscc.batch.compute_environment + x-cfn-schema-name: ComputeEnvironment + x-type: get + x-identifiers: + - ComputeEnvironmentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ComputeEnvironmentArn') as compute_environment_arn, + JSON_EXTRACT(Properties, '$.ComputeEnvironmentName') as compute_environment_name, + JSON_EXTRACT(Properties, '$.ComputeResources') as compute_resources, + JSON_EXTRACT(Properties, '$.ReplaceComputeEnvironment') as replace_compute_environment, + JSON_EXTRACT(Properties, '$.ServiceRole') as service_role, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.UpdatePolicy') as update_policy, + JSON_EXTRACT(Properties, '$.UnmanagedvCpus') as unmanagedv_cpus, + JSON_EXTRACT(Properties, '$.EksConfiguration') as eks_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Batch::ComputeEnvironment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ComputeEnvironmentArn') as compute_environment_arn, + json_extract_path_text(Properties, 'ComputeEnvironmentName') as compute_environment_name, + json_extract_path_text(Properties, 'ComputeResources') as compute_resources, + json_extract_path_text(Properties, 'ReplaceComputeEnvironment') as replace_compute_environment, + json_extract_path_text(Properties, 'ServiceRole') as service_role, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'UpdatePolicy') as update_policy, + json_extract_path_text(Properties, 'UnmanagedvCpus') as unmanagedv_cpus, + json_extract_path_text(Properties, 'EksConfiguration') as eks_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Batch::ComputeEnvironment' + AND data__Identifier = '' + AND region = 'us-east-1' + job_queues: + name: job_queues + id: awscc.batch.job_queues + x-cfn-schema-name: JobQueue + x-type: list + x-identifiers: + - JobQueueArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobQueueArn') as job_queue_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Batch::JobQueue' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobQueueArn') as job_queue_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Batch::JobQueue' + AND region = 'us-east-1' + job_queue: + name: job_queue + id: awscc.batch.job_queue + x-cfn-schema-name: JobQueue + x-type: get + x-identifiers: + - JobQueueArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobQueueName') as job_queue_name, + JSON_EXTRACT(Properties, '$.JobQueueArn') as job_queue_arn, + JSON_EXTRACT(Properties, '$.ComputeEnvironmentOrder') as compute_environment_order, + JSON_EXTRACT(Properties, '$.Priority') as priority, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.SchedulingPolicyArn') as scheduling_policy_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Batch::JobQueue' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobQueueName') as job_queue_name, + json_extract_path_text(Properties, 'JobQueueArn') as job_queue_arn, + json_extract_path_text(Properties, 'ComputeEnvironmentOrder') as compute_environment_order, + json_extract_path_text(Properties, 'Priority') as priority, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'SchedulingPolicyArn') as scheduling_policy_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Batch::JobQueue' + AND data__Identifier = '' + AND region = 'us-east-1' + scheduling_policies: + name: scheduling_policies + id: awscc.batch.scheduling_policies + x-cfn-schema-name: SchedulingPolicy + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Batch::SchedulingPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Batch::SchedulingPolicy' + AND region = 'us-east-1' + scheduling_policy: + name: scheduling_policy + id: awscc.batch.scheduling_policy + x-cfn-schema-name: SchedulingPolicy + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.FairsharePolicy') as fairshare_policy, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Batch::SchedulingPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'FairsharePolicy') as fairshare_policy, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Batch::SchedulingPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/billingconductor.yaml b/providers/src/awscc/v00.00.00000/services/billingconductor.yaml new file mode 100644 index 00000000..338323a5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/billingconductor.yaml @@ -0,0 +1,840 @@ +openapi: 3.0.0 +info: + title: BillingConductor + version: 1.0.0 +paths: {} +components: + schemas: + BillingGroupStatus: + type: string + enum: + - ACTIVE + - PRIMARY_ACCOUNT_MISSING + ComputationPreference: + type: object + additionalProperties: false + properties: + PricingPlanArn: + description: ARN of the attached pricing plan + type: string + pattern: arn:aws(-cn)?:billingconductor::[0-9]{12}:pricingplan/[a-zA-Z0-9]{10} + required: + - PricingPlanArn + AccountGrouping: + type: object + additionalProperties: false + properties: + LinkedAccountIds: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + pattern: '[0-9]{12}' + minItems: 1 + AutoAssociate: + type: boolean + required: + - LinkedAccountIds + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + additionalProperties: false + required: + - Key + - Value + BillingGroup: + type: object + properties: + Arn: + description: Billing Group ARN + type: string + pattern: arn:aws(-cn)?:billingconductor::[0-9]{12}:billinggroup/?[0-9]{12} + Name: + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9_\+=\.\-@]+' + Description: + type: string + maxLength: 1024 + PrimaryAccountId: + description: This account will act as a virtual payer account of the billing group + type: string + pattern: '[0-9]{12}' + ComputationPreference: + $ref: '#/components/schemas/ComputationPreference' + AccountGrouping: + $ref: '#/components/schemas/AccountGrouping' + Size: + description: Number of accounts in the billing group + type: integer + Status: + $ref: '#/components/schemas/BillingGroupStatus' + StatusReason: + type: string + CreationTime: + description: Creation timestamp in UNIX epoch time format + type: integer + LastModifiedTime: + description: Latest modified timestamp in UNIX epoch time format + type: integer + Tags: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - AccountGrouping + - PrimaryAccountId + - ComputationPreference + x-stackql-resource-name: billing_group + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - PrimaryAccountId + x-read-only-properties: + - Arn + - Size + - Status + - StatusReason + - CreationTime + - LastModifiedTime + x-required-permissions: + create: + - billingconductor:CreateBillingGroup + - billingconductor:AssociateAccounts + - billingconductor:ListBillingGroups + - billingconductor:TagResource + - billingconductor:ListTagsForResource + read: + - billingconductor:ListBillingGroups + - billingconductor:ListAccountAssociations + - organizations:ListAccounts + - billingconductor:ListTagsForResource + list: + - billingconductor:ListBillingGroups + - billingconductor:ListAccountAssociations + - organizations:ListAccounts + - billingconductor:ListTagsForResource + update: + - billingconductor:UpdateBillingGroup + - billingconductor:ListAccountAssociations + - organizations:ListAccounts + - billingconductor:AssociateAccounts + - billingconductor:DisassociateAccounts + - billingconductor:ListBillingGroups + - billingconductor:TagResource + - billingconductor:UntagResource + delete: + - billingconductor:DeleteBillingGroup + - billingconductor:ListBillingGroups + - billingconductor:UntagResource + - billingconductor:UpdateBillingGroup + Type: + type: string + enum: + - FEE + - CREDIT + CustomLineItemPercentageChargeDetails: + type: object + additionalProperties: false + properties: + ChildAssociatedResources: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + pattern: (arn:aws(-cn)?:billingconductor::[0-9]{12}:(customlineitem|billinggroup)/)?[a-zA-Z0-9]{10,12} + PercentageValue: + type: number + minimum: 0 + maximum: 10000 + required: + - PercentageValue + CustomLineItemFlatChargeDetails: + type: object + additionalProperties: false + properties: + ChargeValue: + type: number + minimum: 0 + maximum: 1000000 + required: + - ChargeValue + LineItemFilters: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/LineItemFilter' + LineItemFilter: + type: object + additionalProperties: false + properties: + Attribute: + type: string + enum: + - LINE_ITEM_TYPE + MatchOption: + type: string + enum: + - NOT_EQUAL + Values: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/LineItemFilterValue' + required: + - Attribute + - MatchOption + - Values + LineItemFilterValue: + type: string + enum: + - SAVINGS_PLAN_NEGATION + CustomLineItemChargeDetails: + type: object + additionalProperties: false + properties: + Flat: + $ref: '#/components/schemas/CustomLineItemFlatChargeDetails' + Percentage: + $ref: '#/components/schemas/CustomLineItemPercentageChargeDetails' + Type: + $ref: '#/components/schemas/Type' + LineItemFilters: + $ref: '#/components/schemas/LineItemFilters' + required: + - Type + InclusiveStartBillingPeriod: + type: string + pattern: \d{4}-(0?[1-9]|1[012]) + ExclusiveEndBillingPeriod: + type: string + pattern: \d{4}-(0?[1-9]|1[012]) + BillingPeriodRange: + type: object + additionalProperties: false + properties: + InclusiveStartBillingPeriod: + $ref: '#/components/schemas/InclusiveStartBillingPeriod' + ExclusiveEndBillingPeriod: + $ref: '#/components/schemas/ExclusiveEndBillingPeriod' + CustomLineItem: + type: object + properties: + Name: + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9_\+=\.\-@]+' + Description: + type: string + maxLength: 255 + CustomLineItemChargeDetails: + $ref: '#/components/schemas/CustomLineItemChargeDetails' + BillingGroupArn: + description: Billing Group ARN + type: string + pattern: arn:aws(-cn)?:billingconductor::[0-9]{12}:billinggroup/?[0-9]{12} + BillingPeriodRange: + $ref: '#/components/schemas/BillingPeriodRange' + Arn: + description: ARN + type: string + pattern: (arn:aws(-cn)?:billingconductor::[0-9]{12}:customlineitem/)?[a-zA-Z0-9]{10} + CreationTime: + description: Creation timestamp in UNIX epoch time format + type: integer + LastModifiedTime: + description: Latest modified timestamp in UNIX epoch time format + type: integer + AssociationSize: + description: Number of source values associated to this custom line item + type: integer + ProductCode: + type: string + minLength: 1 + maxLength: 29 + CurrencyCode: + type: string + enum: + - USD + - CNY + AccountId: + type: string + description: The account which this custom line item will be charged to + pattern: '[0-9]{12}' + Tags: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - BillingGroupArn + x-stackql-resource-name: custom_line_item + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - BillingGroupArn + - AccountId + - BillingPeriodRange/InclusiveStartBillingPeriod + - BillingPeriodRange/ExclusiveEndBillingPeriod + - CustomLineItemChargeDetails/Type + x-read-only-properties: + - Arn + - CreationTime + - LastModifiedTime + - AssociationSize + - CurrencyCode + - ProductCode + x-required-permissions: + create: + - billingconductor:CreateCustomLineItem + - billingconductor:BatchAssociateResourcesToCustomLineItem + - billingconductor:ListCustomLineItems + - billingconductor:TagResource + - billingconductor:ListTagsForResource + read: + - billingconductor:ListCustomLineItems + - billingconductor:ListCustomLineItemVersions + - billingconductor:ListResourcesAssociatedToCustomLineItem + - billingconductor:ListTagsForResource + list: + - billingconductor:ListCustomLineItems + - billingconductor:ListResourcesAssociatedToCustomLineItem + - billingconductor:ListTagsForResource + update: + - billingconductor:UpdateCustomLineItem + - billingconductor:ListCustomLineItems + - billingconductor:ListResourcesAssociatedToCustomLineItem + - billingconductor:BatchAssociateResourcesToCustomLineItem + - billingconductor:BatchDisassociateResourcesFromCustomLineItem + - billingconductor:TagResource + - billingconductor:UntagResource + delete: + - billingconductor:DeleteCustomLineItem + - billingconductor:ListCustomLineItems + - billingconductor:BatchDisassociateResourcesFromCustomLineItem + - billingconductor:ListResourcesAssociatedToCustomLineItem + - billingconductor:UntagResource + PricingRuleArn: + description: Pricing Rule ARN + type: string + pattern: arn:aws(-cn)?:billingconductor::[0-9]{12}:pricingrule/[a-zA-Z0-9]{10} + PricingPlan: + type: object + properties: + Arn: + description: Pricing Plan ARN + type: string + pattern: arn:aws(-cn)?:billingconductor::[0-9]{12}:pricingplan/[a-zA-Z0-9]{10} + Name: + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9_\+=\.\-@]+' + PricingRuleArns: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/PricingRuleArn' + Size: + type: integer + description: Number of associated pricing rules + Description: + type: string + maxLength: 1024 + CreationTime: + description: Creation timestamp in UNIX epoch time format + type: integer + LastModifiedTime: + description: Latest modified timestamp in UNIX epoch time format + type: integer + Tags: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: pricing_plan + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - Size + - CreationTime + - LastModifiedTime + x-required-permissions: + create: + - billingconductor:CreatePricingPlan + - billingconductor:AssociatePricingRules + - billingconductor:ListPricingPlans + - billingconductor:TagResource + - billingconductor:ListTagsForResource + read: + - billingconductor:ListPricingPlans + - billingconductor:ListPricingRulesAssociatedToPricingPlan + - billingconductor:ListTagsForResource + list: + - billingconductor:ListPricingPlans + - billingconductor:ListPricingRulesAssociatedToPricingPlan + - billingconductor:ListTagsForResource + update: + - billingconductor:ListPricingPlans + - billingconductor:UpdatePricingPlan + - billingconductor:ListPricingRulesAssociatedToPricingPlan + - billingconductor:AssociatePricingRules + - billingconductor:DisassociatePricingRules + - billingconductor:TagResource + - billingconductor:UntagResource + delete: + - billingconductor:ListPricingPlans + - billingconductor:DeletePricingPlan + - billingconductor:UntagResource + FreeTier: + description: The possible customizable free tier configurations. + type: object + additionalProperties: false + properties: + Activated: + type: boolean + required: + - Activated + PricingRule: + type: object + properties: + Arn: + description: Pricing rule ARN + type: string + pattern: arn:aws(-cn)?:billingconductor::[0-9]{12}:pricingrule/[a-zA-Z0-9]{10} + Name: + description: Pricing rule name + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9_\+=\.\-@]+' + Description: + description: Pricing rule description + type: string + maxLength: 1024 + Scope: + description: A term used to categorize the granularity of a Pricing Rule. + type: string + enum: + - GLOBAL + - SERVICE + - BILLING_ENTITY + - SKU + Type: + description: One of MARKUP, DISCOUNT or TIERING that describes the behaviour of the pricing rule. + type: string + enum: + - MARKUP + - DISCOUNT + - TIERING + ModifierPercentage: + description: Pricing rule modifier percentage + type: number + minimum: 0 + Service: + description: The service which a pricing rule is applied on + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9\.\-]+' + BillingEntity: + description: The seller of services provided by AWS, their affiliates, or third-party providers selling services via AWS Marketplaces. Supported billing entities are AWS, AWS Marketplace, and AISPL. + type: string + enum: + - AWS + - AWS Marketplace + - AISPL + Tiering: + description: The set of tiering configurations for the pricing rule. + type: object + additionalProperties: false + properties: + FreeTier: + $ref: '#/components/schemas/FreeTier' + UsageType: + description: The UsageType which a SKU pricing rule is modifying + type: string + minLength: 1 + maxLength: 256 + pattern: ^\S+$ + Operation: + description: The Operation which a SKU pricing rule is modifying + type: string + minLength: 1 + maxLength: 256 + pattern: ^\S+$ + AssociatedPricingPlanCount: + description: The number of pricing plans associated with pricing rule + type: integer + minimum: 0 + CreationTime: + description: Creation timestamp in UNIX epoch time format + type: integer + LastModifiedTime: + description: Latest modified timestamp in UNIX epoch time format + type: integer + Tags: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Scope + - Type + x-stackql-resource-name: pricing_rule + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Scope + - Service + - BillingEntity + - UsageType + - Operation + x-read-only-properties: + - Arn + - AssociatedPricingPlanCount + - CreationTime + - LastModifiedTime + x-required-permissions: + create: + - billingconductor:CreatePricingRule + - billingconductor:ListPricingRules + - billingconductor:TagResource + - billingconductor:ListTagsForResource + read: + - billingconductor:ListPricingRules + - billingconductor:ListTagsForResource + update: + - billingconductor:UpdatePricingRule + - billingconductor:ListPricingRules + - billingconductor:TagResource + - billingconductor:UntagResource + delete: + - billingconductor:DeletePricingRule + - billingconductor:ListPricingRules + - billingconductor:UntagResource + list: + - billingconductor:ListPricingRules + - billingconductor:ListTagsForResource + x-stackQL-resources: + billing_groups: + name: billing_groups + id: awscc.billingconductor.billing_groups + x-cfn-schema-name: BillingGroup + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::BillingGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::BillingGroup' + AND region = 'us-east-1' + billing_group: + name: billing_group + id: awscc.billingconductor.billing_group + x-cfn-schema-name: BillingGroup + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.PrimaryAccountId') as primary_account_id, + JSON_EXTRACT(Properties, '$.ComputationPreference') as computation_preference, + JSON_EXTRACT(Properties, '$.AccountGrouping') as account_grouping, + JSON_EXTRACT(Properties, '$.Size') as size, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusReason') as status_reason, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::BillingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'PrimaryAccountId') as primary_account_id, + json_extract_path_text(Properties, 'ComputationPreference') as computation_preference, + json_extract_path_text(Properties, 'AccountGrouping') as account_grouping, + json_extract_path_text(Properties, 'Size') as size, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusReason') as status_reason, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::BillingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + custom_line_items: + name: custom_line_items + id: awscc.billingconductor.custom_line_items + x-cfn-schema-name: CustomLineItem + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::CustomLineItem' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::CustomLineItem' + AND region = 'us-east-1' + custom_line_item: + name: custom_line_item + id: awscc.billingconductor.custom_line_item + x-cfn-schema-name: CustomLineItem + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.CustomLineItemChargeDetails') as custom_line_item_charge_details, + JSON_EXTRACT(Properties, '$.BillingGroupArn') as billing_group_arn, + JSON_EXTRACT(Properties, '$.BillingPeriodRange') as billing_period_range, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.AssociationSize') as association_size, + JSON_EXTRACT(Properties, '$.ProductCode') as product_code, + JSON_EXTRACT(Properties, '$.CurrencyCode') as currency_code, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::CustomLineItem' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'CustomLineItemChargeDetails') as custom_line_item_charge_details, + json_extract_path_text(Properties, 'BillingGroupArn') as billing_group_arn, + json_extract_path_text(Properties, 'BillingPeriodRange') as billing_period_range, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'AssociationSize') as association_size, + json_extract_path_text(Properties, 'ProductCode') as product_code, + json_extract_path_text(Properties, 'CurrencyCode') as currency_code, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::CustomLineItem' + AND data__Identifier = '' + AND region = 'us-east-1' + pricing_plans: + name: pricing_plans + id: awscc.billingconductor.pricing_plans + x-cfn-schema-name: PricingPlan + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::PricingPlan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::PricingPlan' + AND region = 'us-east-1' + pricing_plan: + name: pricing_plan + id: awscc.billingconductor.pricing_plan + x-cfn-schema-name: PricingPlan + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PricingRuleArns') as pricing_rule_arns, + JSON_EXTRACT(Properties, '$.Size') as size, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::PricingPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PricingRuleArns') as pricing_rule_arns, + json_extract_path_text(Properties, 'Size') as size, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::PricingPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + pricing_rules: + name: pricing_rules + id: awscc.billingconductor.pricing_rules + x-cfn-schema-name: PricingRule + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::PricingRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::BillingConductor::PricingRule' + AND region = 'us-east-1' + pricing_rule: + name: pricing_rule + id: awscc.billingconductor.pricing_rule + x-cfn-schema-name: PricingRule + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.ModifierPercentage') as modifier_percentage, + JSON_EXTRACT(Properties, '$.Service') as service, + JSON_EXTRACT(Properties, '$.BillingEntity') as billing_entity, + JSON_EXTRACT(Properties, '$.Tiering') as tiering, + JSON_EXTRACT(Properties, '$.UsageType') as usage_type, + JSON_EXTRACT(Properties, '$.Operation') as operation, + JSON_EXTRACT(Properties, '$.AssociatedPricingPlanCount') as associated_pricing_plan_count, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::PricingRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'ModifierPercentage') as modifier_percentage, + json_extract_path_text(Properties, 'Service') as service, + json_extract_path_text(Properties, 'BillingEntity') as billing_entity, + json_extract_path_text(Properties, 'Tiering') as tiering, + json_extract_path_text(Properties, 'UsageType') as usage_type, + json_extract_path_text(Properties, 'Operation') as operation, + json_extract_path_text(Properties, 'AssociatedPricingPlanCount') as associated_pricing_plan_count, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::BillingConductor::PricingRule' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/budgets.yaml b/providers/src/awscc/v00.00.00000/services/budgets.yaml new file mode 100644 index 00000000..03b6ae42 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/budgets.yaml @@ -0,0 +1,246 @@ +openapi: 3.0.0 +info: + title: Budgets + version: 1.0.0 +paths: {} +components: + schemas: + Subscriber: + type: object + properties: + Type: + type: string + enum: + - SNS + - EMAIL + Address: + type: string + required: + - Type + - Address + additionalProperties: false + ActionThreshold: + type: object + properties: + Value: + type: number + Type: + type: string + enum: + - PERCENTAGE + - ABSOLUTE_VALUE + required: + - Value + - Type + additionalProperties: false + IamActionDefinition: + type: object + properties: + PolicyArn: + type: string + Roles: + type: array + items: + type: string + minItems: 1 + maxItems: 100 + Groups: + type: array + items: + type: string + minItems: 1 + maxItems: 100 + Users: + type: array + items: + type: string + minItems: 1 + maxItems: 100 + required: + - PolicyArn + additionalProperties: false + ScpActionDefinition: + type: object + properties: + PolicyId: + type: string + TargetIds: + type: array + items: + type: string + minItems: 1 + maxItems: 100 + required: + - PolicyId + - TargetIds + additionalProperties: false + SsmActionDefinition: + type: object + properties: + Subtype: + type: string + enum: + - STOP_EC2_INSTANCES + - STOP_RDS_INSTANCES + Region: + type: string + InstanceIds: + type: array + items: + type: string + minItems: 1 + maxItems: 100 + required: + - Subtype + - Region + - InstanceIds + additionalProperties: false + Definition: + type: object + properties: + IamActionDefinition: + $ref: '#/components/schemas/IamActionDefinition' + ScpActionDefinition: + $ref: '#/components/schemas/ScpActionDefinition' + SsmActionDefinition: + $ref: '#/components/schemas/SsmActionDefinition' + additionalProperties: false + BudgetsAction: + type: object + properties: + ActionId: + type: string + BudgetName: + type: string + NotificationType: + type: string + enum: + - ACTUAL + - FORECASTED + ActionType: + type: string + enum: + - APPLY_IAM_POLICY + - APPLY_SCP_POLICY + - RUN_SSM_DOCUMENTS + ActionThreshold: + $ref: '#/components/schemas/ActionThreshold' + ExecutionRoleArn: + type: string + ApprovalModel: + type: string + enum: + - AUTOMATIC + - MANUAL + Subscribers: + type: array + items: + $ref: '#/components/schemas/Subscriber' + maxItems: 11 + minItems: 1 + Definition: + $ref: '#/components/schemas/Definition' + required: + - BudgetName + - NotificationType + - ActionType + - ActionThreshold + - ExecutionRoleArn + - Definition + - Subscribers + x-stackql-resource-name: budgets_action + x-stackql-primaryIdentifier: + - ActionId + - BudgetName + x-create-only-properties: + - ActionType + - BudgetName + x-read-only-properties: + - ActionId + x-required-permissions: + create: + - budgets:CreateBudgetAction + - iam:PassRole + read: + - budgets:DescribeBudgetAction + update: + - budgets:UpdateBudgetAction + - iam:PassRole + delete: + - budgets:DeleteBudgetAction + list: + - budgets:DescribeBudgetActionsForAccount + - budgets:DescribeBudgetActionsForBudget + x-stackQL-resources: + budgets_actions: + name: budgets_actions + id: awscc.budgets.budgets_actions + x-cfn-schema-name: BudgetsAction + x-type: list + x-identifiers: + - ActionId + - BudgetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ActionId') as action_id, + JSON_EXTRACT(Properties, '$.BudgetName') as budget_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Budgets::BudgetsAction' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ActionId') as action_id, + json_extract_path_text(Properties, 'BudgetName') as budget_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Budgets::BudgetsAction' + AND region = 'us-east-1' + budgets_action: + name: budgets_action + id: awscc.budgets.budgets_action + x-cfn-schema-name: BudgetsAction + x-type: get + x-identifiers: + - ActionId + - BudgetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ActionId') as action_id, + JSON_EXTRACT(Properties, '$.BudgetName') as budget_name, + JSON_EXTRACT(Properties, '$.NotificationType') as notification_type, + JSON_EXTRACT(Properties, '$.ActionType') as action_type, + JSON_EXTRACT(Properties, '$.ActionThreshold') as action_threshold, + JSON_EXTRACT(Properties, '$.ExecutionRoleArn') as execution_role_arn, + JSON_EXTRACT(Properties, '$.ApprovalModel') as approval_model, + JSON_EXTRACT(Properties, '$.Subscribers') as subscribers, + JSON_EXTRACT(Properties, '$.Definition') as definition + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Budgets::BudgetsAction' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ActionId') as action_id, + json_extract_path_text(Properties, 'BudgetName') as budget_name, + json_extract_path_text(Properties, 'NotificationType') as notification_type, + json_extract_path_text(Properties, 'ActionType') as action_type, + json_extract_path_text(Properties, 'ActionThreshold') as action_threshold, + json_extract_path_text(Properties, 'ExecutionRoleArn') as execution_role_arn, + json_extract_path_text(Properties, 'ApprovalModel') as approval_model, + json_extract_path_text(Properties, 'Subscribers') as subscribers, + json_extract_path_text(Properties, 'Definition') as definition + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Budgets::BudgetsAction' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cassandra.yaml b/providers/src/awscc/v00.00.00000/services/cassandra.yaml new file mode 100644 index 00000000..7a887a7b --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cassandra.yaml @@ -0,0 +1,557 @@ +openapi: 3.0.0 +info: + title: Cassandra + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to apply to the resource + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + required: + - Value + - Key + ReplicationSpecification: + type: object + additionalProperties: false + properties: + ReplicationStrategy: + type: string + enum: + - SINGLE_REGION + - MULTI_REGION + RegionList: + $ref: '#/components/schemas/RegionList' + default: + properties: + ReplicationStrategy: + type: string + x-const: SINGLE_REGION + x-dependencies: + RegionList: + - ReplicationStrategy + RegionList: + type: array + items: + type: string + enum: + - ap-northeast-1 + - ap-northeast-2 + - ap-south-1 + - ap-southeast-1 + - ap-southeast-2 + - ca-central-1 + - eu-central-1 + - eu-north-1 + - eu-west-1 + - eu-west-2 + - eu-west-3 + - sa-east-1 + - us-east-1 + - us-east-2 + - us-west-1 + - us-west-2 + uniqueItems: true + x-insertionOrder: false + minItems: 2 + maxItems: 6 + Keyspace: + type: object + properties: + KeyspaceName: + description: Name for Cassandra keyspace + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$ + Tags: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + ReplicationSpecification: + $ref: '#/components/schemas/ReplicationSpecification' + required: [] + x-stackql-resource-name: keyspace + x-stackql-primaryIdentifier: + - KeyspaceName + x-create-only-properties: + - ReplicationSpecification + - KeyspaceName + x-required-permissions: + create: + - cassandra:Create + - cassandra:CreateMultiRegionResource + - cassandra:Select + - cassandra:SelectMultiRegionResource + - cassandra:TagResource + - cassandra:TagMultiRegionResource + - iam:CreateServiceLinkedRole + read: + - cassandra:Select + - cassandra:SelectMultiRegionResource + update: + - cassandra:Alter + - cassandra:AlterMultiRegionResource + - cassandra:Select + - cassandra:SelectMultiRegionResource + - cassandra:TagResource + - cassandra:TagMultiRegionResource + - cassandra:UntagResource + - cassandra:UntagMultiRegionResource + delete: + - cassandra:Drop + - cassandra:DropMultiRegionResource + - cassandra:Select + - cassandra:SelectMultiRegionResource + list: + - cassandra:Select + - cassandra:SelectMultiRegionResource + Column: + type: object + properties: + ColumnName: + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$ + ColumnType: + type: string + required: + - ColumnName + - ColumnType + additionalProperties: false + ClusteringKeyColumn: + type: object + properties: + Column: + $ref: '#/components/schemas/Column' + OrderBy: + type: string + enum: + - ASC + - DESC + default: ASC + additionalProperties: false + required: + - Column + ProvisionedThroughput: + description: Throughput for the specified table, which consists of values for ReadCapacityUnits and WriteCapacityUnits + type: object + properties: + ReadCapacityUnits: + type: integer + minimum: 1 + WriteCapacityUnits: + type: integer + minimum: 1 + additionalProperties: false + required: + - ReadCapacityUnits + - WriteCapacityUnits + Mode: + description: Capacity mode for the specified table + type: string + enum: + - PROVISIONED + - ON_DEMAND + default: ON_DEMAND + BillingMode: + type: object + properties: + Mode: + $ref: '#/components/schemas/Mode' + ProvisionedThroughput: + $ref: '#/components/schemas/ProvisionedThroughput' + required: + - Mode + additionalProperties: false + EncryptionSpecification: + description: Represents the settings used to enable server-side encryption + type: object + properties: + EncryptionType: + $ref: '#/components/schemas/EncryptionType' + KmsKeyIdentifier: + $ref: '#/components/schemas/KmsKeyIdentifier' + required: + - EncryptionType + additionalProperties: false + EncryptionType: + description: Server-side encryption type + type: string + enum: + - AWS_OWNED_KMS_KEY + - CUSTOMER_MANAGED_KMS_KEY + default: AWS_OWNED_KMS_KEY + KmsKeyIdentifier: + description: 'The AWS KMS customer master key (CMK) that should be used for the AWS KMS encryption. To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. ' + type: string + AutoScalingSpecification: + description: Represents the read and write settings used for AutoScaling. + type: object + properties: + WriteCapacityAutoScaling: + $ref: '#/components/schemas/AutoScalingSetting' + ReadCapacityAutoScaling: + $ref: '#/components/schemas/AutoScalingSetting' + additionalProperties: false + AutoScalingSetting: + description: Represents configuration for auto scaling. + type: object + properties: + AutoScalingDisabled: + type: boolean + default: false + MinimumUnits: + type: integer + minimum: 1 + MaximumUnits: + type: integer + minimum: 1 + ScalingPolicy: + $ref: '#/components/schemas/ScalingPolicy' + additionalProperties: false + ScalingPolicy: + description: Represents scaling policy. + type: object + properties: + TargetTrackingScalingPolicyConfiguration: + $ref: '#/components/schemas/TargetTrackingScalingPolicyConfiguration' + additionalProperties: false + TargetTrackingScalingPolicyConfiguration: + description: Represents configuration for target tracking scaling policy. + type: object + properties: + DisableScaleIn: + type: boolean + default: 'false' + ScaleInCooldown: + type: integer + default: 0 + ScaleOutCooldown: + type: integer + default: 0 + TargetValue: + type: integer + required: + - TargetValue + additionalProperties: false + ReplicaSpecification: + description: Represents replica specifications. + type: object + properties: + Region: + type: string + minLength: 2 + maxLength: 25 + ReadCapacityUnits: + type: integer + ReadCapacityAutoScaling: + $ref: '#/components/schemas/AutoScalingSetting' + required: + - Region + additionalProperties: false + Table: + type: object + properties: + KeyspaceName: + description: Name for Cassandra keyspace + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$ + TableName: + description: Name for Cassandra table + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$ + RegularColumns: + description: Non-key columns of the table + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Column' + PartitionKeyColumns: + description: Partition key columns of the table + type: array + minItems: 1 + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/Column' + ClusteringKeyColumns: + description: Clustering key columns of the table + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/ClusteringKeyColumn' + BillingMode: + $ref: '#/components/schemas/BillingMode' + PointInTimeRecoveryEnabled: + description: Indicates whether point in time recovery is enabled (true) or disabled (false) on the table + type: boolean + ClientSideTimestampsEnabled: + description: Indicates whether client side timestamps are enabled (true) or disabled (false) on the table. False by default, once it is enabled it cannot be disabled again. + type: boolean + Tags: + description: An array of key-value pairs to apply to this resource + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + DefaultTimeToLive: + description: Default TTL (Time To Live) in seconds, where zero is disabled. If the value is greater than zero, TTL is enabled for the entire table and an expiration timestamp is added to each column. + type: integer + minimum: 0 + EncryptionSpecification: + $ref: '#/components/schemas/EncryptionSpecification' + AutoScalingSpecifications: + $ref: '#/components/schemas/AutoScalingSpecification' + ReplicaSpecifications: + type: array + minItems: 1 + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/ReplicaSpecification' + required: + - KeyspaceName + - PartitionKeyColumns + x-stackql-resource-name: table + x-stackql-primaryIdentifier: + - KeyspaceName + - TableName + x-create-only-properties: + - KeyspaceName + - TableName + - PartitionKeyColumns + - ClusteringKeyColumns + - ClientSideTimestampsEnabled + x-required-permissions: + create: + - cassandra:Create + - cassandra:CreateMultiRegionResource + - cassandra:Select + - cassandra:SelectMultiRegionResource + - cassandra:TagResource + - cassandra:TagMultiRegionResource + - kms:CreateGrant + - kms:DescribeKey + - kms:Encrypt + - kms:Decrypt + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:RegisterScalableTarget + - application-autoscaling:PutScalingPolicy + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + - cloudwatch:GetMetricData + - cloudwatch:PutMetricAlarm + read: + - cassandra:Select + - cassandra:SelectMultiRegionResource + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:RegisterScalableTarget + - application-autoscaling:PutScalingPolicy + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + - cloudwatch:GetMetricData + - cloudwatch:PutMetricAlarm + update: + - cassandra:Alter + - cassandra:AlterMultiRegionResource + - cassandra:Select + - cassandra:SelectMultiRegionResource + - cassandra:TagResource + - cassandra:TagMultiRegionResource + - cassandra:UntagResource + - cassandra:UntagMultiRegionResource + - kms:CreateGrant + - kms:DescribeKey + - kms:Encrypt + - kms:Decrypt + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:RegisterScalableTarget + - application-autoscaling:PutScalingPolicy + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + - cloudwatch:GetMetricData + - cloudwatch:PutMetricAlarm + delete: + - cassandra:Drop + - cassandra:DropMultiRegionResource + - cassandra:Select + - cassandra:SelectMultiRegionResource + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:RegisterScalableTarget + - application-autoscaling:PutScalingPolicy + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + - cloudwatch:GetMetricData + - cloudwatch:PutMetricAlarm + list: + - cassandra:Select + - cassandra:SelectMultiRegionResource + - application-autoscaling:DescribeScalableTargets + - application-autoscaling:DescribeScalingPolicies + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:RegisterScalableTarget + - application-autoscaling:PutScalingPolicy + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + - cloudwatch:GetMetricData + - cloudwatch:PutMetricAlarm + x-stackQL-resources: + keyspaces: + name: keyspaces + id: awscc.cassandra.keyspaces + x-cfn-schema-name: Keyspace + x-type: list + x-identifiers: + - KeyspaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyspaceName') as keyspace_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cassandra::Keyspace' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyspaceName') as keyspace_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cassandra::Keyspace' + AND region = 'us-east-1' + keyspace: + name: keyspace + id: awscc.cassandra.keyspace + x-cfn-schema-name: Keyspace + x-type: get + x-identifiers: + - KeyspaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyspaceName') as keyspace_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ReplicationSpecification') as replication_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cassandra::Keyspace' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyspaceName') as keyspace_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ReplicationSpecification') as replication_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cassandra::Keyspace' + AND data__Identifier = '' + AND region = 'us-east-1' + tables: + name: tables + id: awscc.cassandra.tables + x-cfn-schema-name: Table + x-type: list + x-identifiers: + - KeyspaceName + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyspaceName') as keyspace_name, + JSON_EXTRACT(Properties, '$.TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cassandra::Table' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyspaceName') as keyspace_name, + json_extract_path_text(Properties, 'TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cassandra::Table' + AND region = 'us-east-1' + table: + name: table + id: awscc.cassandra.table + x-cfn-schema-name: Table + x-type: get + x-identifiers: + - KeyspaceName + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyspaceName') as keyspace_name, + JSON_EXTRACT(Properties, '$.TableName') as table_name, + JSON_EXTRACT(Properties, '$.RegularColumns') as regular_columns, + JSON_EXTRACT(Properties, '$.PartitionKeyColumns') as partition_key_columns, + JSON_EXTRACT(Properties, '$.ClusteringKeyColumns') as clustering_key_columns, + JSON_EXTRACT(Properties, '$.BillingMode') as billing_mode, + JSON_EXTRACT(Properties, '$.PointInTimeRecoveryEnabled') as point_in_time_recovery_enabled, + JSON_EXTRACT(Properties, '$.ClientSideTimestampsEnabled') as client_side_timestamps_enabled, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.DefaultTimeToLive') as default_time_to_live, + JSON_EXTRACT(Properties, '$.EncryptionSpecification') as encryption_specification, + JSON_EXTRACT(Properties, '$.AutoScalingSpecifications') as auto_scaling_specifications, + JSON_EXTRACT(Properties, '$.ReplicaSpecifications') as replica_specifications + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cassandra::Table' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyspaceName') as keyspace_name, + json_extract_path_text(Properties, 'TableName') as table_name, + json_extract_path_text(Properties, 'RegularColumns') as regular_columns, + json_extract_path_text(Properties, 'PartitionKeyColumns') as partition_key_columns, + json_extract_path_text(Properties, 'ClusteringKeyColumns') as clustering_key_columns, + json_extract_path_text(Properties, 'BillingMode') as billing_mode, + json_extract_path_text(Properties, 'PointInTimeRecoveryEnabled') as point_in_time_recovery_enabled, + json_extract_path_text(Properties, 'ClientSideTimestampsEnabled') as client_side_timestamps_enabled, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'DefaultTimeToLive') as default_time_to_live, + json_extract_path_text(Properties, 'EncryptionSpecification') as encryption_specification, + json_extract_path_text(Properties, 'AutoScalingSpecifications') as auto_scaling_specifications, + json_extract_path_text(Properties, 'ReplicaSpecifications') as replica_specifications + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cassandra::Table' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ce.yaml b/providers/src/awscc/v00.00.00000/services/ce.yaml new file mode 100644 index 00000000..52191268 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ce.yaml @@ -0,0 +1,468 @@ +openapi: 3.0.0 +info: + title: CE + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + description: Subscription ARN + type: string + pattern: ^arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:[-a-zA-Z0-9/:_]+$ + ResourceTag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: The key name for the tag. + pattern: ^(?!aws:).*$ + minLength: 1 + maxLength: 128 + Value: + type: string + description: The value for the tag. + minLength: 0 + maxLength: 256 + required: + - Key + - Value + AnomalyMonitor: + type: object + properties: + MonitorArn: + $ref: '#/components/schemas/Arn' + MonitorType: + type: string + enum: + - DIMENSIONAL + - CUSTOM + MonitorName: + description: The name of the monitor. + type: string + pattern: '[\S\s]*' + minLength: 0 + maxLength: 1024 + CreationDate: + description: 'The date when the monitor was created. ' + type: string + minLength: 0 + maxLength: 40 + pattern: (\d{4}-\d{2}-\d{2})(T\d{2}:\d{2}:\d{2}Z)? + LastEvaluatedDate: + description: The date when the monitor last evaluated for anomalies. + type: string + minLength: 0 + maxLength: 40 + pattern: (\d{4}-\d{2}-\d{2})(T\d{2}:\d{2}:\d{2}Z)?|(NOT_EVALUATED_YET) + LastUpdatedDate: + description: The date when the monitor was last updated. + type: string + minLength: 0 + maxLength: 40 + pattern: (\d{4}-\d{2}-\d{2})(T\d{2}:\d{2}:\d{2}Z)? + MonitorDimension: + description: The dimensions to evaluate + type: string + enum: + - SERVICE + MonitorSpecification: + type: string + DimensionalValueCount: + description: The value for evaluated dimensions. + type: integer + minimum: 0 + ResourceTags: + type: array + description: Tags to assign to monitor. + items: + $ref: '#/components/schemas/ResourceTag' + minItems: 0 + maxItems: 200 + x-insertionOrder: false + required: + - MonitorName + - MonitorType + x-stackql-resource-name: anomaly_monitor + x-stackql-primaryIdentifier: + - MonitorArn + x-create-only-properties: + - MonitorType + - MonitorDimension + - MonitorSpecification + - ResourceTags + x-read-only-properties: + - MonitorArn + - CreationDate + - LastEvaluatedDate + - LastUpdatedDate + - DimensionalValueCount + x-required-permissions: + create: + - ce:CreateAnomalyMonitor + - ce:TagResource + read: + - ce:GetAnomalyMonitors + update: + - ce:UpdateAnomalyMonitor + delete: + - ce:DeleteAnomalyMonitor + list: + - ce:GetAnomalyMonitors + Subscriber: + type: object + properties: + Address: + type: string + pattern: (^[a-zA-Z0-9.!#$%&'*+=?^_‘{|}~-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$)|(^arn:(aws[a-zA-Z-]*):sns:[a-zA-Z0-9-]+:[0-9]{12}:[a-zA-Z0-9_-]+(\.fifo)?$) + Status: + type: string + enum: + - CONFIRMED + - DECLINED + Type: + type: string + enum: + - EMAIL + - SNS + required: + - Address + - Type + additionalProperties: false + AnomalySubscription: + type: object + properties: + SubscriptionArn: + $ref: '#/components/schemas/Arn' + SubscriptionName: + description: The name of the subscription. + type: string + pattern: '[\S\s]*' + minLength: 0 + maxLength: 1024 + AccountId: + description: The accountId + type: string + minLength: 0 + maxLength: 1024 + MonitorArnList: + description: A list of cost anomaly monitors. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Arn' + Subscribers: + description: A list of subscriber + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Subscriber' + Threshold: + description: 'The dollar value that triggers a notification if the threshold is exceeded. ' + type: number + minimum: 0 + ThresholdExpression: + description: An Expression object in JSON String format used to specify the anomalies that you want to generate alerts for. + type: string + Frequency: + description: 'The frequency at which anomaly reports are sent over email. ' + type: string + enum: + - DAILY + - IMMEDIATE + - WEEKLY + ResourceTags: + type: array + description: Tags to assign to subscription. + items: + $ref: '#/components/schemas/ResourceTag' + minItems: 0 + maxItems: 200 + x-insertionOrder: false + required: + - MonitorArnList + - Subscribers + - Frequency + - SubscriptionName + x-stackql-resource-name: anomaly_subscription + x-stackql-primaryIdentifier: + - SubscriptionArn + x-create-only-properties: + - ResourceTags + x-read-only-properties: + - SubscriptionArn + - AccountId + - Subscribers/*/Status + x-required-permissions: + create: + - ce:CreateAnomalySubscription + - ce:TagResource + read: + - ce:GetAnomalySubscriptions + update: + - ce:UpdateAnomalySubscription + delete: + - ce:DeleteAnomalySubscription + list: + - ce:GetAnomalySubscriptions + ZonedDateTime: + description: ISO 8601 date time with offset format + type: string + pattern: ^\d{4}-\d\d-\d\dT\d\d:\d\d:\d\d(([+-]\d\d:\d\d)|Z)$ + minLength: 20 + maxLength: 25 + CostCategory: + type: object + properties: + Arn: + description: Cost category ARN + type: string + pattern: ^arn:aws[-a-z0-9]*:[a-z0-9]+:[-a-z0-9]*:[0-9]{12}:[-a-zA-Z0-9/:_]+$ + EffectiveStart: + $ref: '#/components/schemas/ZonedDateTime' + Name: + type: string + minLength: 1 + maxLength: 50 + RuleVersion: + type: string + enum: + - CostCategoryExpression.v1 + Rules: + type: string + description: JSON array format of Expression in Billing and Cost Management API + SplitChargeRules: + type: string + description: Json array format of CostCategorySplitChargeRule in Billing and Cost Management API + DefaultValue: + type: string + description: The default value for the cost category + minLength: 1 + maxLength: 50 + required: + - Name + - RuleVersion + - Rules + x-stackql-resource-name: cost_category + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - EffectiveStart + x-required-permissions: + create: + - ce:CreateCostCategoryDefinition + read: + - ce:DescribeCostCategoryDefinition + update: + - ce:UpdateCostCategoryDefinition + delete: + - ce:DeleteCostCategoryDefinition + list: + - ce:ListCostCategoryDefinitions + x-stackQL-resources: + anomaly_monitors: + name: anomaly_monitors + id: awscc.ce.anomaly_monitors + x-cfn-schema-name: AnomalyMonitor + x-type: list + x-identifiers: + - MonitorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MonitorArn') as monitor_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CE::AnomalyMonitor' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MonitorArn') as monitor_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CE::AnomalyMonitor' + AND region = 'us-east-1' + anomaly_monitor: + name: anomaly_monitor + id: awscc.ce.anomaly_monitor + x-cfn-schema-name: AnomalyMonitor + x-type: get + x-identifiers: + - MonitorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MonitorArn') as monitor_arn, + JSON_EXTRACT(Properties, '$.MonitorType') as monitor_type, + JSON_EXTRACT(Properties, '$.MonitorName') as monitor_name, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.LastEvaluatedDate') as last_evaluated_date, + JSON_EXTRACT(Properties, '$.LastUpdatedDate') as last_updated_date, + JSON_EXTRACT(Properties, '$.MonitorDimension') as monitor_dimension, + JSON_EXTRACT(Properties, '$.MonitorSpecification') as monitor_specification, + JSON_EXTRACT(Properties, '$.DimensionalValueCount') as dimensional_value_count, + JSON_EXTRACT(Properties, '$.ResourceTags') as resource_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CE::AnomalyMonitor' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MonitorArn') as monitor_arn, + json_extract_path_text(Properties, 'MonitorType') as monitor_type, + json_extract_path_text(Properties, 'MonitorName') as monitor_name, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'LastEvaluatedDate') as last_evaluated_date, + json_extract_path_text(Properties, 'LastUpdatedDate') as last_updated_date, + json_extract_path_text(Properties, 'MonitorDimension') as monitor_dimension, + json_extract_path_text(Properties, 'MonitorSpecification') as monitor_specification, + json_extract_path_text(Properties, 'DimensionalValueCount') as dimensional_value_count, + json_extract_path_text(Properties, 'ResourceTags') as resource_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CE::AnomalyMonitor' + AND data__Identifier = '' + AND region = 'us-east-1' + anomaly_subscriptions: + name: anomaly_subscriptions + id: awscc.ce.anomaly_subscriptions + x-cfn-schema-name: AnomalySubscription + x-type: list + x-identifiers: + - SubscriptionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SubscriptionArn') as subscription_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CE::AnomalySubscription' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SubscriptionArn') as subscription_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CE::AnomalySubscription' + AND region = 'us-east-1' + anomaly_subscription: + name: anomaly_subscription + id: awscc.ce.anomaly_subscription + x-cfn-schema-name: AnomalySubscription + x-type: get + x-identifiers: + - SubscriptionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SubscriptionArn') as subscription_arn, + JSON_EXTRACT(Properties, '$.SubscriptionName') as subscription_name, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.MonitorArnList') as monitor_arn_list, + JSON_EXTRACT(Properties, '$.Subscribers') as subscribers, + JSON_EXTRACT(Properties, '$.Threshold') as threshold, + JSON_EXTRACT(Properties, '$.ThresholdExpression') as threshold_expression, + JSON_EXTRACT(Properties, '$.Frequency') as frequency, + JSON_EXTRACT(Properties, '$.ResourceTags') as resource_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CE::AnomalySubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SubscriptionArn') as subscription_arn, + json_extract_path_text(Properties, 'SubscriptionName') as subscription_name, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'MonitorArnList') as monitor_arn_list, + json_extract_path_text(Properties, 'Subscribers') as subscribers, + json_extract_path_text(Properties, 'Threshold') as threshold, + json_extract_path_text(Properties, 'ThresholdExpression') as threshold_expression, + json_extract_path_text(Properties, 'Frequency') as frequency, + json_extract_path_text(Properties, 'ResourceTags') as resource_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CE::AnomalySubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + cost_categories: + name: cost_categories + id: awscc.ce.cost_categories + x-cfn-schema-name: CostCategory + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CE::CostCategory' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CE::CostCategory' + AND region = 'us-east-1' + cost_category: + name: cost_category + id: awscc.ce.cost_category + x-cfn-schema-name: CostCategory + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.EffectiveStart') as effective_start, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RuleVersion') as rule_version, + JSON_EXTRACT(Properties, '$.Rules') as rules, + JSON_EXTRACT(Properties, '$.SplitChargeRules') as split_charge_rules, + JSON_EXTRACT(Properties, '$.DefaultValue') as default_value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CE::CostCategory' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'EffectiveStart') as effective_start, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RuleVersion') as rule_version, + json_extract_path_text(Properties, 'Rules') as rules, + json_extract_path_text(Properties, 'SplitChargeRules') as split_charge_rules, + json_extract_path_text(Properties, 'DefaultValue') as default_value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CE::CostCategory' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/certificatemanager.yaml b/providers/src/awscc/v00.00.00000/services/certificatemanager.yaml new file mode 100644 index 00000000..45e21741 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/certificatemanager.yaml @@ -0,0 +1,98 @@ +openapi: 3.0.0 +info: + title: CertificateManager + version: 1.0.0 +paths: {} +components: + schemas: + ExpiryEventsConfiguration: + type: object + additionalProperties: false + properties: + DaysBeforeExpiry: + type: integer + minimum: 1 + maximum: 45 + AccountId: + type: string + Account: + type: object + properties: + ExpiryEventsConfiguration: + $ref: '#/components/schemas/ExpiryEventsConfiguration' + AccountId: + $ref: '#/components/schemas/AccountId' + required: + - ExpiryEventsConfiguration + x-stackql-resource-name: account + x-stackql-primaryIdentifier: + - AccountId + x-read-only-properties: + - AccountId + x-required-permissions: + create: + - acm:GetAccountConfiguration + - acm:PutAccountConfiguration + read: + - acm:GetAccountConfiguration + update: + - acm:GetAccountConfiguration + - acm:PutAccountConfiguration + delete: + - acm:GetAccountConfiguration + - acm:PutAccountConfiguration + x-stackQL-resources: + accounts: + name: accounts + id: awscc.certificatemanager.accounts + x-cfn-schema-name: Account + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CertificateManager::Account' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CertificateManager::Account' + AND region = 'us-east-1' + account: + name: account + id: awscc.certificatemanager.account + x-cfn-schema-name: Account + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ExpiryEventsConfiguration') as expiry_events_configuration, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CertificateManager::Account' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ExpiryEventsConfiguration') as expiry_events_configuration, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CertificateManager::Account' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/chatbot.yaml b/providers/src/awscc/v00.00.00000/services/chatbot.yaml new file mode 100644 index 00000000..83a813e0 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/chatbot.yaml @@ -0,0 +1,313 @@ +openapi: 3.0.0 +info: + title: Chatbot + version: 1.0.0 +paths: {} +components: + schemas: + MicrosoftTeamsChannelConfiguration: + type: object + properties: + TeamId: + description: The id of the Microsoft Teams team + type: string + pattern: ^[0-9A-Fa-f]{8}(?:-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}$ + minLength: 36 + maxLength: 36 + TeamsChannelId: + description: The id of the Microsoft Teams channel + type: string + pattern: ^([a-zA-Z0-9-_=+/.,])*%3[aA]([a-zA-Z0-9-_=+/.,])*%40([a-zA-Z0-9-_=+/.,])*$ + minLength: 1 + maxLength: 256 + TeamsTenantId: + description: The id of the Microsoft Teams tenant + type: string + pattern: ^[0-9A-Fa-f]{8}(?:-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}$ + minLength: 36 + maxLength: 36 + ConfigurationName: + description: The name of the configuration + type: string + pattern: ^[A-Za-z0-9-_]+$ + minLength: 1 + maxLength: 128 + IamRoleArn: + description: The ARN of the IAM role that defines the permissions for AWS Chatbot + type: string + pattern: ^arn:(aws[a-zA-Z-]*)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + SnsTopicArns: + description: ARNs of SNS topics which delivers notifications to AWS Chatbot, for example CloudWatch alarm notifications. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^arn:(aws[a-zA-Z-]*)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + LoggingLevel: + description: Specifies the logging level for this configuration:ERROR,INFO or NONE. This property affects the log entries pushed to Amazon CloudWatch logs + type: string + pattern: ^(ERROR|INFO|NONE)$ + default: NONE + Arn: + description: Amazon Resource Name (ARN) of the configuration + type: string + pattern: ^arn:(aws[a-zA-Z-]*)?:chatbot:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + GuardrailPolicies: + description: The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^(^$|arn:aws:iam:[A-Za-z0-9_\/.-]{0,63}:[A-Za-z0-9_\/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_\/+=,@.-]{0,1023})$ + UserRoleRequired: + description: Enables use of a user role requirement in your chat configuration + type: boolean + default: false + required: + - TeamId + - TeamsChannelId + - TeamsTenantId + - ConfigurationName + - IamRoleArn + x-stackql-resource-name: microsoft_teams_channel_configuration + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - TeamId + - TeamsTenantId + - ConfigurationName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - chatbot:CreateMicrosoftTeamsChannelConfiguration + - iam:PassRole + - iam:CreateServiceLinkedRole + read: + - chatbot:GetMicrosoftTeamsChannelConfiguration + update: + - chatbot:UpdateMicrosoftTeamsChannelConfiguration + - iam:PassRole + delete: + - chatbot:GetMicrosoftTeamsChannelConfiguration + - chatbot:DeleteMicrosoftTeamsChannelConfiguration + list: + - chatbot:ListMicrosoftTeamsChannelConfigurations + SlackChannelConfiguration: + type: object + properties: + SlackWorkspaceId: + description: The id of the Slack workspace + type: string + pattern: ^[0-9A-Z]{1,255}$ + minLength: 1 + maxLength: 256 + SlackChannelId: + description: The id of the Slack channel + type: string + pattern: ^[A-Za-z0-9]+$ + minLength: 1 + maxLength: 256 + ConfigurationName: + description: The name of the configuration + type: string + pattern: ^[A-Za-z0-9-_]+$ + minLength: 1 + maxLength: 128 + IamRoleArn: + description: The ARN of the IAM role that defines the permissions for AWS Chatbot + type: string + pattern: ^arn:(aws[a-zA-Z-]*)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + SnsTopicArns: + description: ARNs of SNS topics which delivers notifications to AWS Chatbot, for example CloudWatch alarm notifications. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^arn:(aws[a-zA-Z-]*)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + LoggingLevel: + description: Specifies the logging level for this configuration:ERROR,INFO or NONE. This property affects the log entries pushed to Amazon CloudWatch logs + type: string + pattern: ^(ERROR|INFO|NONE)$ + default: NONE + Arn: + description: Amazon Resource Name (ARN) of the configuration + type: string + pattern: ^arn:(aws[a-zA-Z-]*)?:chatbot:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + GuardrailPolicies: + description: The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^(^$|arn:aws:iam:[A-Za-z0-9_\/.-]{0,63}:[A-Za-z0-9_\/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_\/+=,@.-]{0,1023})$ + UserRoleRequired: + description: Enables use of a user role requirement in your chat configuration + type: boolean + default: false + required: + - SlackWorkspaceId + - SlackChannelId + - ConfigurationName + - IamRoleArn + x-stackql-resource-name: slack_channel_configuration + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - SlackWorkspaceId + - ConfigurationName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - chatbot:CreateSlackChannelConfiguration + - iam:PassRole + - iam:CreateServiceLinkedRole + read: + - chatbot:DescribeSlackChannelConfigurations + update: + - chatbot:UpdateSlackChannelConfiguration + - iam:PassRole + delete: + - chatbot:DeleteSlackChannelConfiguration + list: + - chatbot:DescribeSlackChannelConfigurations + x-stackQL-resources: + microsoft_teams_channel_configurations: + name: microsoft_teams_channel_configurations + id: awscc.chatbot.microsoft_teams_channel_configurations + x-cfn-schema-name: MicrosoftTeamsChannelConfiguration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Chatbot::MicrosoftTeamsChannelConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Chatbot::MicrosoftTeamsChannelConfiguration' + AND region = 'us-east-1' + microsoft_teams_channel_configuration: + name: microsoft_teams_channel_configuration + id: awscc.chatbot.microsoft_teams_channel_configuration + x-cfn-schema-name: MicrosoftTeamsChannelConfiguration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TeamId') as team_id, + JSON_EXTRACT(Properties, '$.TeamsChannelId') as teams_channel_id, + JSON_EXTRACT(Properties, '$.TeamsTenantId') as teams_tenant_id, + JSON_EXTRACT(Properties, '$.ConfigurationName') as configuration_name, + JSON_EXTRACT(Properties, '$.IamRoleArn') as iam_role_arn, + JSON_EXTRACT(Properties, '$.SnsTopicArns') as sns_topic_arns, + JSON_EXTRACT(Properties, '$.LoggingLevel') as logging_level, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.GuardrailPolicies') as guardrail_policies, + JSON_EXTRACT(Properties, '$.UserRoleRequired') as user_role_required + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Chatbot::MicrosoftTeamsChannelConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TeamId') as team_id, + json_extract_path_text(Properties, 'TeamsChannelId') as teams_channel_id, + json_extract_path_text(Properties, 'TeamsTenantId') as teams_tenant_id, + json_extract_path_text(Properties, 'ConfigurationName') as configuration_name, + json_extract_path_text(Properties, 'IamRoleArn') as iam_role_arn, + json_extract_path_text(Properties, 'SnsTopicArns') as sns_topic_arns, + json_extract_path_text(Properties, 'LoggingLevel') as logging_level, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'GuardrailPolicies') as guardrail_policies, + json_extract_path_text(Properties, 'UserRoleRequired') as user_role_required + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Chatbot::MicrosoftTeamsChannelConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + slack_channel_configurations: + name: slack_channel_configurations + id: awscc.chatbot.slack_channel_configurations + x-cfn-schema-name: SlackChannelConfiguration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Chatbot::SlackChannelConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Chatbot::SlackChannelConfiguration' + AND region = 'us-east-1' + slack_channel_configuration: + name: slack_channel_configuration + id: awscc.chatbot.slack_channel_configuration + x-cfn-schema-name: SlackChannelConfiguration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SlackWorkspaceId') as slack_workspace_id, + JSON_EXTRACT(Properties, '$.SlackChannelId') as slack_channel_id, + JSON_EXTRACT(Properties, '$.ConfigurationName') as configuration_name, + JSON_EXTRACT(Properties, '$.IamRoleArn') as iam_role_arn, + JSON_EXTRACT(Properties, '$.SnsTopicArns') as sns_topic_arns, + JSON_EXTRACT(Properties, '$.LoggingLevel') as logging_level, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.GuardrailPolicies') as guardrail_policies, + JSON_EXTRACT(Properties, '$.UserRoleRequired') as user_role_required + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Chatbot::SlackChannelConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SlackWorkspaceId') as slack_workspace_id, + json_extract_path_text(Properties, 'SlackChannelId') as slack_channel_id, + json_extract_path_text(Properties, 'ConfigurationName') as configuration_name, + json_extract_path_text(Properties, 'IamRoleArn') as iam_role_arn, + json_extract_path_text(Properties, 'SnsTopicArns') as sns_topic_arns, + json_extract_path_text(Properties, 'LoggingLevel') as logging_level, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'GuardrailPolicies') as guardrail_policies, + json_extract_path_text(Properties, 'UserRoleRequired') as user_role_required + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Chatbot::SlackChannelConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cleanrooms.yaml b/providers/src/awscc/v00.00.00000/services/cleanrooms.yaml new file mode 100644 index 00000000..402b6c96 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cleanrooms.yaml @@ -0,0 +1,1348 @@ +openapi: 3.0.0 +info: + title: CleanRooms + version: 1.0.0 +paths: {} +components: + schemas: + AnalysisParameter: + type: object + additionalProperties: false + properties: + DefaultValue: + type: string + minLength: 0 + maxLength: 250 + Name: + type: string + minLength: 1 + maxLength: 100 + pattern: '[0-9a-zA-Z_]+' + Type: + type: string + enum: + - SMALLINT + - INTEGER + - BIGINT + - DECIMAL + - REAL + - DOUBLE_PRECISION + - BOOLEAN + - CHAR + - VARCHAR + - DATE + - TIMESTAMP + - TIMESTAMPTZ + - TIME + - TIMETZ + - VARBYTE + required: + - Name + - Type + TableName: + type: string + maxLength: 128 + pattern: ^[a-zA-Z0-9_](([a-zA-Z0-9_ ]+-)*([a-zA-Z0-9_ ]+))?$ + ReferencedTables: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/TableName' + minItems: 0 + AnalysisSchema: + type: object + additionalProperties: false + properties: + ReferencedTables: + $ref: '#/components/schemas/ReferencedTables' + required: + - ReferencedTables + AnalysisSource: + type: object + additionalProperties: false + properties: + Text: + type: string + minLength: 0 + maxLength: 15000 + required: + - Text + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + required: + - Value + - Key + AnalysisTemplate: + type: object + properties: + Arn: + type: string + maxLength: 200 + CollaborationArn: + type: string + maxLength: 100 + CollaborationIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + Tags: + description: An arbitrary set of tags (key-value pairs) for this cleanrooms analysis template. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + type: array + AnalysisParameters: + description: The member who can query can provide this placeholder for a literal data value in an analysis template + x-insertionOrder: false + items: + $ref: '#/components/schemas/AnalysisParameter' + type: array + minItems: 0 + maxItems: 10 + AnalysisTemplateIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + Description: + type: string + maxLength: 255 + pattern: ^[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\t\r\n]*$ + MembershipArn: + type: string + maxLength: 100 + MembershipIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + Name: + type: string + maxLength: 128 + pattern: ^[a-zA-Z0-9_](([a-zA-Z0-9_ ]+-)*([a-zA-Z0-9_ ]+))?$ + Schema: + $ref: '#/components/schemas/AnalysisSchema' + Source: + $ref: '#/components/schemas/AnalysisSource' + Format: + type: string + enum: + - SQL + required: + - Source + - Format + - Name + - MembershipIdentifier + x-stackql-resource-name: analysis_template + x-stackql-primaryIdentifier: + - AnalysisTemplateIdentifier + - MembershipIdentifier + x-create-only-properties: + - Name + - MembershipIdentifier + - Source + - Source/Text + - Format + - AnalysisParameters + - AnalysisParameters/Name + - AnalysisParameters/Type + - AnalysisParameters/DefaultValue + x-read-only-properties: + - CollaborationArn + - CollaborationIdentifier + - AnalysisTemplateIdentifier + - Schema + - Arn + - MembershipArn + x-required-permissions: + create: + - cleanrooms:CreateAnalysisTemplate + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:GetAnalysisTemplate + - cleanrooms:ListAnalysisTemplates + read: + - cleanrooms:GetAnalysisTemplate + - cleanrooms:ListTagsForResource + update: + - cleanrooms:UpdateAnalysisTemplate + - cleanrooms:GetAnalysisTemplate + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:UntagResource + delete: + - cleanrooms:DeleteAnalysisTemplate + - cleanrooms:GetAnalysisTemplate + - cleanrooms:ListAnalysisTemplates + - cleanrooms:ListTagsForResource + - cleanrooms:UntagResource + list: + - cleanrooms:ListAnalysisTemplates + CollaborationQueryLogStatus: + type: string + enum: + - ENABLED + - DISABLED + DataEncryptionMetadata: + type: object + properties: + AllowCleartext: + type: boolean + AllowDuplicates: + type: boolean + AllowJoinsOnColumnsWithDifferentNames: + type: boolean + PreserveNulls: + type: boolean + required: + - AllowCleartext + - AllowDuplicates + - AllowJoinsOnColumnsWithDifferentNames + - PreserveNulls + additionalProperties: false + MemberAbility: + type: string + enum: + - CAN_QUERY + - CAN_RECEIVE_RESULTS + MemberAbilities: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/MemberAbility' + uniqueItems: true + MemberSpecification: + type: object + properties: + AccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^\d+$ + MemberAbilities: + $ref: '#/components/schemas/MemberAbilities' + DisplayName: + $ref: '#/components/schemas/Name' + PaymentConfiguration: + $ref: '#/components/schemas/PaymentConfiguration' + required: + - AccountId + - DisplayName + - MemberAbilities + additionalProperties: false + MemberStatus: + type: string + enum: + - INVITED + - ACTIVE + - LEFT + - REMOVED + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^(?!\s*$)[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\t]*$ + PaymentConfiguration: + type: object + additionalProperties: false + properties: + QueryCompute: + $ref: '#/components/schemas/QueryComputePaymentConfig' + required: + - QueryCompute + QueryComputePaymentConfig: + type: object + additionalProperties: false + properties: + IsResponsible: + type: boolean + required: + - IsResponsible + Collaboration: + type: object + properties: + Arn: + type: string + maxLength: 100 + Tags: + description: An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + uniqueItems: true + type: array + CollaborationIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + CreatorDisplayName: + $ref: '#/components/schemas/Name' + CreatorMemberAbilities: + $ref: '#/components/schemas/MemberAbilities' + DataEncryptionMetadata: + $ref: '#/components/schemas/DataEncryptionMetadata' + Description: + type: string + maxLength: 255 + minLength: 1 + pattern: ^(?!\s*$)[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\t\r\n]*$ + Members: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/MemberSpecification' + maxItems: 9 + minItems: 0 + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^(?!\s*$)[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\t]*$ + QueryLogStatus: + $ref: '#/components/schemas/CollaborationQueryLogStatus' + CreatorPaymentConfiguration: + $ref: '#/components/schemas/PaymentConfiguration' + required: + - CreatorDisplayName + - CreatorMemberAbilities + - Members + - Name + - Description + - QueryLogStatus + x-stackql-resource-name: collaboration + x-stackql-primaryIdentifier: + - CollaborationIdentifier + x-create-only-properties: + - CreatorDisplayName + - CreatorMemberAbilities + - DataEncryptionMetadata + - QueryLogStatus + - Members + - CreatorPaymentConfiguration + x-read-only-properties: + - Arn + - CollaborationIdentifier + x-required-permissions: + create: + - cleanrooms:CreateCollaboration + - cleanrooms:GetCollaboration + - cleanrooms:ListMembers + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:GetCollaboration + - cleanrooms:ListCollaborations + read: + - cleanrooms:GetCollaboration + - cleanrooms:ListMembers + - cleanrooms:ListTagsForResource + update: + - cleanrooms:UpdateCollaboration + - cleanrooms:GetCollaboration + - cleanrooms:ListMembers + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:UntagResource + delete: + - cleanrooms:DeleteCollaboration + - cleanrooms:GetCollaboration + - cleanrooms:ListTagsForResource + - cleanrooms:UntagResource + - cleanrooms:ListMembers + - cleanrooms:ListCollaborations + list: + - cleanrooms:ListCollaborations + AnalysisRuleColumnName: + type: string + maxLength: 127 + minLength: 1 + pattern: ^[a-z0-9_](([a-z0-9_ ]+-)*([a-z0-9_ ]+))?$ + AggregateColumn: + type: object + properties: + ColumnNames: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AnalysisRuleColumnName' + minItems: 1 + Function: + $ref: '#/components/schemas/AggregateFunctionName' + required: + - ColumnNames + - Function + additionalProperties: false + AggregateFunctionName: + type: string + enum: + - SUM + - SUM_DISTINCT + - COUNT + - COUNT_DISTINCT + - AVG + AggregationConstraint: + type: object + properties: + ColumnName: + $ref: '#/components/schemas/AnalysisRuleColumnName' + Minimum: + type: number + minimum: 2 + maximum: 100000 + Type: + $ref: '#/components/schemas/AggregationType' + required: + - ColumnName + - Minimum + - Type + additionalProperties: false + AggregationType: + type: string + enum: + - COUNT_DISTINCT + JoinOperator: + type: string + enum: + - OR + - AND + AnalysisMethod: + type: string + enum: + - DIRECT_QUERY + JoinRequiredOption: + type: string + enum: + - QUERY_RUNNER + ScalarFunctions: + type: string + enum: + - TRUNC + - ABS + - CEILING + - FLOOR + - LN + - LOG + - ROUND + - SQRT + - CAST + - LOWER + - RTRIM + - UPPER + - COALESCE + AnalysisRuleAggregation: + type: object + properties: + AggregateColumns: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AggregateColumn' + minItems: 1 + JoinColumns: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AnalysisRuleColumnName' + AllowedJoinOperators: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/JoinOperator' + maxItems: 2 + JoinRequired: + $ref: '#/components/schemas/JoinRequiredOption' + DimensionColumns: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AnalysisRuleColumnName' + ScalarFunctions: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ScalarFunctions' + OutputConstraints: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AggregationConstraint' + minItems: 1 + required: + - AggregateColumns + - JoinColumns + - DimensionColumns + - ScalarFunctions + - OutputConstraints + additionalProperties: false + AnalysisRuleList: + type: object + properties: + JoinColumns: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AnalysisRuleColumnName' + minItems: 1 + AllowedJoinOperators: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/JoinOperator' + maxItems: 2 + ListColumns: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AnalysisRuleColumnName' + required: + - JoinColumns + - ListColumns + additionalProperties: false + AllowedAnalysis: + type: string + minLength: 0 + maxLength: 200 + pattern: (ANY_QUERY|arn:[\w]{3}:cleanrooms:[\w]{2}-[\w]{4,9}-[\d]:[\d]{12}:membership/[\d\w-]+/analysistemplate/[\d\w-]+) + AllowedAnalyses: + type: array + x-insertionOrder: false + minItems: 0 + items: + $ref: '#/components/schemas/AllowedAnalysis' + AllowedAnalysisProvider: + type: string + minLength: 12 + maxLength: 12 + pattern: \d+ + AllowedAnalysisProviders: + type: array + x-insertionOrder: false + minItems: 0 + items: + $ref: '#/components/schemas/AllowedAnalysisProvider' + AnalysisRuleCustom: + type: object + properties: + AllowedAnalyses: + $ref: '#/components/schemas/AllowedAnalyses' + AllowedAnalysisProviders: + $ref: '#/components/schemas/AllowedAnalysisProviders' + required: + - AllowedAnalyses + additionalProperties: false + ConfiguredTableAnalysisRulePolicy: + type: object + x-title: V1 + properties: + V1: + $ref: '#/components/schemas/ConfiguredTableAnalysisRulePolicyV1' + required: + - V1 + additionalProperties: false + ConfiguredTableAnalysisRulePolicyV1: + oneOf: + - type: object + title: List + properties: + List: + $ref: '#/components/schemas/AnalysisRuleList' + required: + - List + additionalProperties: false + - type: object + title: Aggregation + properties: + Aggregation: + $ref: '#/components/schemas/AnalysisRuleAggregation' + required: + - Aggregation + additionalProperties: false + - type: object + title: Custom + properties: + Custom: + $ref: '#/components/schemas/AnalysisRuleCustom' + required: + - Custom + additionalProperties: false + ConfiguredTableAnalysisRuleType: + type: string + enum: + - AGGREGATION + - LIST + - CUSTOM + GlueTableReference: + type: object + properties: + TableName: + type: string + maxLength: 128 + pattern: ^[a-zA-Z0-9_](([a-zA-Z0-9_ ]+-)*([a-zA-Z0-9_ ]+))?$ + DatabaseName: + type: string + maxLength: 128 + pattern: ^[a-zA-Z0-9_](([a-zA-Z0-9_ ]+-)*([a-zA-Z0-9_ ]+))?$ + required: + - DatabaseName + - TableName + additionalProperties: false + AnalysisRule: + type: object + properties: + Type: + $ref: '#/components/schemas/ConfiguredTableAnalysisRuleType' + Policy: + $ref: '#/components/schemas/ConfiguredTableAnalysisRulePolicy' + required: + - Type + - Policy + additionalProperties: false + TableReference: + type: object + x-title: Glue + properties: + Glue: + $ref: '#/components/schemas/GlueTableReference' + required: + - Glue + additionalProperties: false + ConfiguredTable: + type: object + properties: + Arn: + type: string + maxLength: 100 + Tags: + description: An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + uniqueItems: true + type: array + AllowedColumns: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 128 + pattern: ^[a-z0-9_](([a-z0-9_ ]+-)*([a-z0-9_ ]+))?$ + maxItems: 100 + minItems: 1 + AnalysisMethod: + $ref: '#/components/schemas/AnalysisMethod' + ConfiguredTableIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + Description: + type: string + maxLength: 255 + pattern: ^[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\t\r\n]*$ + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^(?!\s*$)[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\t]*$ + AnalysisRules: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AnalysisRule' + maxItems: 1 + minItems: 1 + TableReference: + $ref: '#/components/schemas/TableReference' + required: + - AllowedColumns + - AnalysisMethod + - Name + - TableReference + x-stackql-resource-name: configured_table + x-stackql-primaryIdentifier: + - ConfiguredTableIdentifier + x-create-only-properties: + - AllowedColumns + - AnalysisMethod + - TableReference + x-read-only-properties: + - Arn + - ConfiguredTableIdentifier + x-required-permissions: + create: + - cleanrooms:CreateConfiguredTable + - cleanrooms:DeleteConfiguredTable + - cleanrooms:DeleteConfiguredTableAnalysisRule + - cleanrooms:CreateConfiguredTableAnalysisRule + - cleanrooms:GetConfiguredTable + - cleanrooms:GetConfiguredTableAnalysisRule + - glue:GetDatabase + - glue:GetDatabases + - glue:GetTable + - glue:GetTables + - glue:GetPartition + - glue:GetPartitions + - glue:BatchGetPartition + - glue:GetSchemaVersion + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:ListConfiguredTables + read: + - cleanrooms:GetConfiguredTable + - cleanrooms:GetConfiguredTableAnalysisRule + - cleanrooms:ListTagsForResource + update: + - cleanrooms:UpdateConfiguredTable + - cleanrooms:GetConfiguredTable + - cleanrooms:CreateConfiguredTableAnalysisRule + - cleanrooms:UpdateConfiguredTableAnalysisRule + - cleanrooms:GetConfiguredTableAnalysisRule + - cleanrooms:DeleteConfiguredTableAnalysisRule + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:UntagResource + - glue:GetDatabase + - glue:GetDatabases + - glue:GetTable + - glue:GetTables + - glue:GetPartition + - glue:GetPartitions + - glue:BatchGetPartition + - glue:GetSchemaVersion + delete: + - cleanrooms:DeleteConfiguredTable + - cleanrooms:GetConfiguredTable + - cleanrooms:ListConfiguredTables + - cleanrooms:GetConfiguredTableAnalysisRule + - cleanrooms:DeleteConfiguredTableAnalysisRule + - cleanrooms:ListTagsForResource + - cleanrooms:UntagResource + - glue:GetDatabase + - glue:GetDatabases + - glue:GetTable + - glue:GetTables + - glue:GetPartition + - glue:GetPartitions + - glue:BatchGetPartition + - glue:GetSchemaVersion + list: + - cleanrooms:ListConfiguredTables + ConfiguredTableAssociation: + type: object + properties: + Arn: + type: string + maxLength: 100 + Tags: + description: An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + type: array + ConfiguredTableAssociationIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + ConfiguredTableIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + Description: + type: string + maxLength: 255 + pattern: ^[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\t\r\n]*$ + MembershipIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + Name: + type: string + maxLength: 128 + pattern: ^[a-zA-Z0-9_](([a-zA-Z0-9_ ]+-)*([a-zA-Z0-9_ ]+))?$ + RoleArn: + type: string + maxLength: 512 + minLength: 32 + required: + - ConfiguredTableIdentifier + - Name + - RoleArn + - MembershipIdentifier + x-stackql-resource-name: configured_table_association + x-stackql-primaryIdentifier: + - ConfiguredTableAssociationIdentifier + - MembershipIdentifier + x-create-only-properties: + - ConfiguredTableIdentifier + - Name + - MembershipIdentifier + x-read-only-properties: + - ConfiguredTableAssociationIdentifier + - Arn + x-required-permissions: + create: + - cleanrooms:CreateConfiguredTableAssociation + - iam:PassRole + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:GetConfiguredTableAssociation + - cleanrooms:ListConfiguredTableAssociations + read: + - cleanrooms:GetConfiguredTableAssociation + - cleanrooms:ListTagsForResource + update: + - cleanrooms:UpdateConfiguredTableAssociation + - cleanrooms:GetConfiguredTableAssociation + - iam:PassRole + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:UntagResource + delete: + - cleanrooms:DeleteConfiguredTableAssociation + - cleanrooms:GetConfiguredTableAssociation + - cleanrooms:ListConfiguredTableAssociations + - cleanrooms:ListTagsForResource + - cleanrooms:UntagResource + list: + - cleanrooms:ListConfiguredTableAssociations + MembershipQueryLogStatus: + type: string + enum: + - ENABLED + - DISABLED + MembershipStatus: + type: string + enum: + - ACTIVE + - REMOVED + - COLLABORATION_DELETED + ResultFormat: + type: string + enum: + - CSV + - PARQUET + ProtectedQueryS3OutputConfiguration: + type: object + additionalProperties: false + properties: + ResultFormat: + $ref: '#/components/schemas/ResultFormat' + Bucket: + type: string + minLength: 3 + maxLength: 63 + KeyPrefix: + type: string + required: + - ResultFormat + - Bucket + MembershipProtectedQueryOutputConfiguration: + type: object + additionalProperties: false + properties: + S3: + $ref: '#/components/schemas/ProtectedQueryS3OutputConfiguration' + required: + - S3 + MembershipProtectedQueryResultConfiguration: + type: object + additionalProperties: false + properties: + OutputConfiguration: + $ref: '#/components/schemas/MembershipProtectedQueryOutputConfiguration' + RoleArn: + type: string + minLength: 32 + maxLength: 512 + required: + - OutputConfiguration + MembershipPaymentConfiguration: + type: object + additionalProperties: false + properties: + QueryCompute: + $ref: '#/components/schemas/MembershipQueryComputePaymentConfig' + required: + - QueryCompute + MembershipQueryComputePaymentConfig: + type: object + additionalProperties: false + properties: + IsResponsible: + type: boolean + required: + - IsResponsible + Membership: + type: object + properties: + Arn: + type: string + maxLength: 100 + Tags: + description: An arbitrary set of tags (key-value pairs) for this cleanrooms membership. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + uniqueItems: true + type: array + CollaborationArn: + type: string + maxLength: 100 + CollaborationCreatorAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^\d+$ + CollaborationIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + MembershipIdentifier: + type: string + maxLength: 36 + minLength: 36 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' + QueryLogStatus: + $ref: '#/components/schemas/MembershipQueryLogStatus' + DefaultResultConfiguration: + $ref: '#/components/schemas/MembershipProtectedQueryResultConfiguration' + PaymentConfiguration: + $ref: '#/components/schemas/MembershipPaymentConfiguration' + required: + - CollaborationIdentifier + - QueryLogStatus + x-stackql-resource-name: membership + x-stackql-primaryIdentifier: + - MembershipIdentifier + x-create-only-properties: + - CollaborationIdentifier + x-read-only-properties: + - Arn + - CollaborationArn + - CollaborationCreatorAccountId + - MembershipIdentifier + x-required-permissions: + create: + - cleanrooms:CreateMembership + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:DescribeLogGroups + - logs:DescribeResourcePolicies + - logs:PutResourcePolicy + - logs:CreateLogGroup + - cleanrooms:GetMembership + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:ListMemberships + - iam:PassRole + read: + - cleanrooms:GetMembership + - cleanrooms:ListTagsForResource + - logs:ListLogDeliveries + - logs:DescribeLogGroups + - logs:DescribeResourcePolicies + - logs:GetLogDelivery + update: + - cleanrooms:UpdateMembership + - cleanrooms:GetMembership + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:DescribeLogGroups + - logs:DescribeResourcePolicies + - logs:PutResourcePolicy + - logs:CreateLogGroup + - cleanrooms:ListTagsForResource + - cleanrooms:TagResource + - cleanrooms:UntagResource + - iam:PassRole + delete: + - cleanrooms:DeleteMembership + - cleanrooms:GetMembership + - cleanrooms:ListMemberships + - cleanrooms:ListTagsForResource + - logs:ListLogDeliveries + - logs:DescribeLogGroups + - logs:DescribeResourcePolicies + - logs:GetLogDelivery + list: + - cleanrooms:ListMemberships + x-stackQL-resources: + analysis_templates: + name: analysis_templates + id: awscc.cleanrooms.analysis_templates + x-cfn-schema-name: AnalysisTemplate + x-type: list + x-identifiers: + - AnalysisTemplateIdentifier + - MembershipIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AnalysisTemplateIdentifier') as analysis_template_identifier, + JSON_EXTRACT(Properties, '$.MembershipIdentifier') as membership_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::AnalysisTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AnalysisTemplateIdentifier') as analysis_template_identifier, + json_extract_path_text(Properties, 'MembershipIdentifier') as membership_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::AnalysisTemplate' + AND region = 'us-east-1' + analysis_template: + name: analysis_template + id: awscc.cleanrooms.analysis_template + x-cfn-schema-name: AnalysisTemplate + x-type: get + x-identifiers: + - AnalysisTemplateIdentifier + - MembershipIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CollaborationArn') as collaboration_arn, + JSON_EXTRACT(Properties, '$.CollaborationIdentifier') as collaboration_identifier, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AnalysisParameters') as analysis_parameters, + JSON_EXTRACT(Properties, '$.AnalysisTemplateIdentifier') as analysis_template_identifier, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.MembershipArn') as membership_arn, + JSON_EXTRACT(Properties, '$.MembershipIdentifier') as membership_identifier, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.Source') as source, + JSON_EXTRACT(Properties, '$.Format') as _format + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::AnalysisTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CollaborationArn') as collaboration_arn, + json_extract_path_text(Properties, 'CollaborationIdentifier') as collaboration_identifier, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AnalysisParameters') as analysis_parameters, + json_extract_path_text(Properties, 'AnalysisTemplateIdentifier') as analysis_template_identifier, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'MembershipArn') as membership_arn, + json_extract_path_text(Properties, 'MembershipIdentifier') as membership_identifier, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'Source') as source, + json_extract_path_text(Properties, 'Format') as _format + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::AnalysisTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + collaborations: + name: collaborations + id: awscc.cleanrooms.collaborations + x-cfn-schema-name: Collaboration + x-type: list + x-identifiers: + - CollaborationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CollaborationIdentifier') as collaboration_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::Collaboration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CollaborationIdentifier') as collaboration_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::Collaboration' + AND region = 'us-east-1' + collaboration: + name: collaboration + id: awscc.cleanrooms.collaboration + x-cfn-schema-name: Collaboration + x-type: get + x-identifiers: + - CollaborationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CollaborationIdentifier') as collaboration_identifier, + JSON_EXTRACT(Properties, '$.CreatorDisplayName') as creator_display_name, + JSON_EXTRACT(Properties, '$.CreatorMemberAbilities') as creator_member_abilities, + JSON_EXTRACT(Properties, '$.DataEncryptionMetadata') as data_encryption_metadata, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Members') as members, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.QueryLogStatus') as query_log_status, + JSON_EXTRACT(Properties, '$.CreatorPaymentConfiguration') as creator_payment_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::Collaboration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CollaborationIdentifier') as collaboration_identifier, + json_extract_path_text(Properties, 'CreatorDisplayName') as creator_display_name, + json_extract_path_text(Properties, 'CreatorMemberAbilities') as creator_member_abilities, + json_extract_path_text(Properties, 'DataEncryptionMetadata') as data_encryption_metadata, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Members') as members, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'QueryLogStatus') as query_log_status, + json_extract_path_text(Properties, 'CreatorPaymentConfiguration') as creator_payment_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::Collaboration' + AND data__Identifier = '' + AND region = 'us-east-1' + configured_tables: + name: configured_tables + id: awscc.cleanrooms.configured_tables + x-cfn-schema-name: ConfiguredTable + x-type: list + x-identifiers: + - ConfiguredTableIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConfiguredTableIdentifier') as configured_table_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTable' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConfiguredTableIdentifier') as configured_table_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTable' + AND region = 'us-east-1' + configured_table: + name: configured_table + id: awscc.cleanrooms.configured_table + x-cfn-schema-name: ConfiguredTable + x-type: get + x-identifiers: + - ConfiguredTableIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AllowedColumns') as allowed_columns, + JSON_EXTRACT(Properties, '$.AnalysisMethod') as analysis_method, + JSON_EXTRACT(Properties, '$.ConfiguredTableIdentifier') as configured_table_identifier, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.AnalysisRules') as analysis_rules, + JSON_EXTRACT(Properties, '$.TableReference') as table_reference + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTable' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AllowedColumns') as allowed_columns, + json_extract_path_text(Properties, 'AnalysisMethod') as analysis_method, + json_extract_path_text(Properties, 'ConfiguredTableIdentifier') as configured_table_identifier, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'AnalysisRules') as analysis_rules, + json_extract_path_text(Properties, 'TableReference') as table_reference + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTable' + AND data__Identifier = '' + AND region = 'us-east-1' + configured_table_associations: + name: configured_table_associations + id: awscc.cleanrooms.configured_table_associations + x-cfn-schema-name: ConfiguredTableAssociation + x-type: list + x-identifiers: + - ConfiguredTableAssociationIdentifier + - MembershipIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConfiguredTableAssociationIdentifier') as configured_table_association_identifier, + JSON_EXTRACT(Properties, '$.MembershipIdentifier') as membership_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTableAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConfiguredTableAssociationIdentifier') as configured_table_association_identifier, + json_extract_path_text(Properties, 'MembershipIdentifier') as membership_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTableAssociation' + AND region = 'us-east-1' + configured_table_association: + name: configured_table_association + id: awscc.cleanrooms.configured_table_association + x-cfn-schema-name: ConfiguredTableAssociation + x-type: get + x-identifiers: + - ConfiguredTableAssociationIdentifier + - MembershipIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ConfiguredTableAssociationIdentifier') as configured_table_association_identifier, + JSON_EXTRACT(Properties, '$.ConfiguredTableIdentifier') as configured_table_identifier, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.MembershipIdentifier') as membership_identifier, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTableAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ConfiguredTableAssociationIdentifier') as configured_table_association_identifier, + json_extract_path_text(Properties, 'ConfiguredTableIdentifier') as configured_table_identifier, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'MembershipIdentifier') as membership_identifier, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoleArn') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::ConfiguredTableAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + memberships: + name: memberships + id: awscc.cleanrooms.memberships + x-cfn-schema-name: Membership + x-type: list + x-identifiers: + - MembershipIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MembershipIdentifier') as membership_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::Membership' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MembershipIdentifier') as membership_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CleanRooms::Membership' + AND region = 'us-east-1' + membership: + name: membership + id: awscc.cleanrooms.membership + x-cfn-schema-name: Membership + x-type: get + x-identifiers: + - MembershipIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CollaborationArn') as collaboration_arn, + JSON_EXTRACT(Properties, '$.CollaborationCreatorAccountId') as collaboration_creator_account_id, + JSON_EXTRACT(Properties, '$.CollaborationIdentifier') as collaboration_identifier, + JSON_EXTRACT(Properties, '$.MembershipIdentifier') as membership_identifier, + JSON_EXTRACT(Properties, '$.QueryLogStatus') as query_log_status, + JSON_EXTRACT(Properties, '$.DefaultResultConfiguration') as default_result_configuration, + JSON_EXTRACT(Properties, '$.PaymentConfiguration') as payment_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::Membership' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CollaborationArn') as collaboration_arn, + json_extract_path_text(Properties, 'CollaborationCreatorAccountId') as collaboration_creator_account_id, + json_extract_path_text(Properties, 'CollaborationIdentifier') as collaboration_identifier, + json_extract_path_text(Properties, 'MembershipIdentifier') as membership_identifier, + json_extract_path_text(Properties, 'QueryLogStatus') as query_log_status, + json_extract_path_text(Properties, 'DefaultResultConfiguration') as default_result_configuration, + json_extract_path_text(Properties, 'PaymentConfiguration') as payment_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CleanRooms::Membership' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cloud_control.yaml b/providers/src/awscc/v00.00.00000/services/cloud_control.yaml new file mode 100644 index 00000000..443ebb5d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cloud_control.yaml @@ -0,0 +1,1017 @@ +openapi: 3.0.0 +info: + version: '2021-09-30' + x-release: v4 + title: AWS Cloud Control api + description: 'For more information about Amazon Web Services Cloud Control API, see the Amazon Web Services Cloud Control API User Guide.' + x-logo: + url: 'https://twitter.com/awscloud/profile_image?size=original' + backgroundColor: '#FFFFFF' + termsOfService: 'https://aws.amazon.com/service-terms/' + contact: + name: Mike Ralphson + email: mike.ralphson@gmail.com + url: 'https://github.com/mermade/aws2openapi' + x-twitter: PermittedSoc + license: + name: Apache 2.0 License + url: 'http://www.apache.org/licenses/' + x-providerName: amazonaws.com + x-serviceName: cloudcontrolapi + x-aws-signingName: cloudcontrolapi + x-origin: + - contentType: application/json + url: 'https://raw.githubusercontent.com/aws/aws-sdk-js/master/apis/cloudcontrol-2021-09-30.normal.json' + converter: + url: 'https://github.com/mermade/aws2openapi' + version: 1.0.0 + x-apisguru-driver: external + x-apiClientRegistration: + url: 'https://portal.aws.amazon.com/gp/aws/developer/registration/index.html?nc2=h_ct' + x-apisguru-categories: + - cloud + x-preferred: true +externalDocs: + description: Amazon Web Services documentation + url: 'https://docs.aws.amazon.com/cloudcontrolapi/' +servers: + - url: 'https://cloudcontrolapi.{region}.amazonaws.com' + variables: + region: + description: The AWS region + enum: + - us-east-1 + - us-east-2 + - us-west-1 + - us-west-2 + - us-gov-west-1 + - us-gov-east-1 + - ca-central-1 + - eu-north-1 + - eu-west-1 + - eu-west-2 + - eu-west-3 + - eu-central-1 + - eu-south-1 + - af-south-1 + - ap-northeast-1 + - ap-northeast-2 + - ap-northeast-3 + - ap-southeast-1 + - ap-southeast-2 + - ap-east-1 + - ap-south-1 + - sa-east-1 + - me-south-1 + default: us-east-1 + description: The CloudControlApi multi-region endpoint + - url: 'https://cloudcontrolapi.{region}.amazonaws.com.cn' + variables: + region: + description: The AWS region + enum: + - cn-north-1 + - cn-northwest-1 + default: cn-north-1 + description: The CloudControlApi endpoint for China (Beijing) and China (Ningxia) +paths: + /?Action=CancelResourceRequest&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: CancelResourceRequest + parameters: + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.CancelResourceRequest + enum: + - CloudApiService.CancelResourceRequest + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + $ref: '#/components/schemas/CancelResourceRequestInput' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CancelResourceRequestOutput' + description: Success + /?Action=CreateResource&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: CreateResource + parameters: + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.CreateResource + enum: + - CloudApiService.CreateResource + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + $ref: '#/components/schemas/CreateResourceInput' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProgressEvent' + description: Success + /?Action=DeleteResource&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: DeleteResource + parameters: + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.DeleteResource + enum: + - CloudApiService.DeleteResource + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + $ref: '#/components/schemas/DeleteResourceInput' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DeleteResourceOutput' + description: Success + /?Action=GetResource&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: GetResource + parameters: + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.GetResource + enum: + - CloudApiService.GetResource + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + $ref: '#/components/schemas/GetResourceInput' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/GetResourceOutput' + description: Success + /?Action=GetResourceRequestStatus&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: GetResourceRequestStatus + parameters: + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.GetResourceRequestStatus + enum: + - CloudApiService.GetResourceRequestStatus + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + $ref: '#/components/schemas/GetResourceRequestStatusInput' + required: true + responses: + '200': + content: + application/x-amz-json-1.0: + schema: + $ref: '#/components/schemas/GetResourceRequestStatusOutput' + description: Success + /?Action=ListResourceRequests&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: ListResourceRequests + parameters: + - description: Pagination limit + in: query + name: MaxResults + required: false + schema: + type: string + - description: Pagination token + in: query + name: NextToken + required: false + schema: + type: string + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.ListResourceRequests + enum: + - CloudApiService.ListResourceRequests + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + - in: header + name: Accept + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + properties: + ResourceRequestStatusFilter: + properties: + OperationStatuses: + enum: + - PENDING + - IN_PROGRESS + - SUCCESS + - FAILED + - CANCEL_IN_PROGRESS + - CANCEL_COMPLETE + type: string + Operations: + enum: + - CREATE + - DELETE + - UPDATE + type: string + type: object + type: object + required: + - ResourceRequestStatusFilter + required: true + responses: + '200': + content: + application/x-amz-json-1.0: + schema: + properties: + NextToken: + type: string + ResourceRequestStatusSummaries: + items: + $ref: '#/components/schemas/ProgressEvent' + type: array + type: object + description: Success + /?Action=ListResources&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: ListResources + parameters: + - description: Pagination limit + in: query + name: MaxResults + required: false + schema: + type: string + - description: Pagination token + in: query + name: NextToken + required: false + schema: + type: string + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.ListResources + enum: + - CloudApiService.ListResources + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + - in: header + name: Accept + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + properties: + MaxResults: + # $ref: '#/components/schemas/MaxResults' + type: integer + maximum: 100 + minimum: 1 + NextToken: + $ref: '#/components/schemas/NextToken' + ResourceModel: + type: string + RoleArn: + $ref: '#/components/schemas/RoleArn' + TypeName: + $ref: '#/components/schemas/TypeName' + TypeVersionId: + $ref: '#/components/schemas/TypeVersionId' + required: + - TypeName + type: object + required: true + responses: + '200': + content: + application/x-amz-json-1.0: + schema: + properties: + RequestToken: + type: string + ResourceDescriptions: + items: + $ref: '#/components/schemas/ResourceDescription' + type: array + type: object + description: Success + /?Action=UpdateResource&Version=2021-09-30: + parameters: + - $ref: '#/components/parameters/X-Amz-Content-Sha256' + - $ref: '#/components/parameters/X-Amz-Date' + - $ref: '#/components/parameters/X-Amz-Algorithm' + - $ref: '#/components/parameters/X-Amz-Credential' + - $ref: '#/components/parameters/X-Amz-Security-Token' + - $ref: '#/components/parameters/X-Amz-Signature' + - $ref: '#/components/parameters/X-Amz-SignedHeaders' + post: + operationId: UpdateResource + parameters: + - description: Action Header + in: header + name: X-Amz-Target + required: false + schema: + default: CloudApiService.UpdateResource + enum: + - CloudApiService.UpdateResource + type: string + - in: header + name: Content-Type + required: false + schema: + default: application/x-amz-json-1.0 + enum: + - application/x-amz-json-1.0 + type: string + requestBody: + content: + application/x-amz-json-1.0: + schema: + properties: + ClientName: + type: string + Identifier: + $ref: '#/components/schemas/Identifier' + PatchDocument: + type: string + RoleArn: + $ref: '#/components/schemas/RoleArn' + TypeName: + $ref: '#/components/schemas/TypeName' + TypeVersionId: + $ref: '#/components/schemas/TypeVersionId' + required: + - Identifier + - PatchDocument + - TypeName + type: object + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UpdateResourceOutput' + description: Success +components: + x-stackQL-resources: + resource: + name: resource + methods: + get_resource: + operation: + $ref: '#/paths/~1?Action=GetResource&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/json + objectKey: '$.ResourceDescription' + openAPIDocKey: '200' + id: aws.cloud_control.resources + sqlVerbs: + delete: [] + insert: [] + select: + - $ref: '#/components/x-stackQL-resources/resource/methods/get_resource' + update: [] + title: resource + resources: + name: resources + methods: + list_resources: + operation: + $ref: '#/paths/~1?Action=ListResources&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/x-amz-json-1.0 + objectKey: '$.ResourceDescriptions' + openAPIDocKey: '200' + create_resource: + operation: + $ref: '#/paths/~1?Action=CreateResource&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/json + openAPIDocKey: '200' + delete_resource: + operation: + $ref: '#/paths/~1?Action=DeleteResource&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/json + openAPIDocKey: '200' + update_resource: + operation: + $ref: '#/paths/~1?Action=UpdateResource&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/json + openAPIDocKey: '200' + id: aws.cloud_control.resources + sqlVerbs: + delete: + - $ref: '#/components/x-stackQL-resources/resources/methods/delete_resource' + insert: + - $ref: '#/components/x-stackQL-resources/resources/methods/create_resource' + select: + - $ref: '#/components/x-stackQL-resources/resources/methods/list_resources' + update: + - $ref: '#/components/x-stackQL-resources/resources/methods/update_resource' + title: resources + resource_request: + name: resource_request + methods: + get_resource_request: + operation: + $ref: '#/paths/~1?Action=GetResourceRequestStatus&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/x-amz-json-1.0 + objectKey: '$.ProgressEvent' + openAPIDocKey: '200' + id: aws.cloud_control.resource_request + sqlVerbs: + delete: [] + insert: [] + select: + - $ref: '#/components/x-stackQL-resources/resource_request/methods/get_resource_request' + update: [] + title: resource_request + resource_requests: + name: resource_requests + methods: + list_resource_requests: + operation: + $ref: '#/paths/~1?Action=ListResourceRequests&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/x-amz-json-1.0 + objectKey: '$.ResourceRequestStatusSummaries' + openAPIDocKey: '200' + cancel_resource_request: + operation: + $ref: '#/paths/~1?Action=CancelResourceRequest&Version=2021-09-30/post' + request: + mediaType: application/x-amz-json-1.0 + response: + mediaType: application/x-amz-json-1.0 + openAPIDocKey: '200' + id: aws.cloud_control.resource_requests + sqlVerbs: + delete: + - $ref: '#/components/x-stackQL-resources/resource_requests/methods/cancel_resource_request' + insert: [] + select: + - $ref: '#/components/x-stackQL-resources/resource_requests/methods/list_resource_requests' + update: [] + title: resource_requests + parameters: + X-Amz-Content-Sha256: + name: X-Amz-Content-Sha256 + in: header + schema: + type: string + required: false + X-Amz-Date: + name: X-Amz-Date + in: header + schema: + type: string + required: false + X-Amz-Algorithm: + name: X-Amz-Algorithm + in: header + schema: + type: string + required: false + X-Amz-Credential: + name: X-Amz-Credential + in: header + schema: + type: string + required: false + X-Amz-Security-Token: + name: X-Amz-Security-Token + in: header + schema: + type: string + required: false + X-Amz-Signature: + name: X-Amz-Signature + in: header + schema: + type: string + required: false + X-Amz-SignedHeaders: + name: X-Amz-SignedHeaders + in: header + schema: + type: string + required: false + securitySchemes: + hmac: + type: apiKey + name: Authorization + in: header + description: Amazon Signature authorization v4 + x-amazon-apigateway-authtype: awsSigv4 + schemas: + AlreadyExistsException: {} + CancelResourceRequestInput: + properties: + RequestToken: + $ref: '#/components/schemas/RequestToken' + required: + - RequestToken + title: CancelResourceRequestInput + type: object + CancelResourceRequestOutput: + properties: + ProgressEvent: + $ref: '#/components/schemas/ProgressEvent' + type: object + ClientToken: + maxLength: 128 + minLength: 1 + pattern: '[-A-Za-z0-9+/=]+' + type: string + ClientTokenConflictException: {} + ConcurrentModificationException: {} + ConcurrentOperationException: {} + CreateResourceInput: + properties: + ClientToken: + type: string + DesiredState: + allOf: + - $ref: '#/components/schemas/Properties' + - description:

Structured data format representing the desired state + of the resource, consisting of that resource's properties and their + desired values.

Cloud Control API currently supports JSON + as a structured data format.

 
 <p>Specify
+              the desired state as one of the following:</p> <ul> <li>
+              <p>A JSON blob</p> </li> <li> <p>A local
+              path containing the desired state in JSON data format</p> </li>
+              </ul> <p>For more information, see <a href="https://docs.aws.amazon.com/cloudcontrolapi/latest/userguide/resource-operations-create.html#resource-operations-create-desiredstate">Composing
+              the desired state of the resource</a> in the <i>Amazon Web
+              Services Cloud Control API User Guide</i>.</p> <p>For
+              more information about the properties of a specific resource, refer
+              to the related topic for the resource in the <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">Resource
+              and property types reference</a> in the <i>CloudFormation
+              Users Guide</i>.</p>
+ RoleArn: + type: string + TypeName: + type: string + TypeVersionId: + type: string + required: + - TypeName + - DesiredState + title: CreateResourceInput + type: object + CreateResourceOutput: + properties: + ProgressEvent: + $ref: '#/components/schemas/ProgressEvent' + type: object + DeleteResourceInput: + properties: + ClientToken: + type: string + Identifier: + $ref: '#/components/schemas/Identifier' + RoleArn: + type: string + TypeName: + type: string + TypeVersionId: + type: string + required: + - TypeName + - Identifier + title: DeleteResourceInput + type: object + DeleteResourceOutput: + properties: + ProgressEvent: + $ref: '#/components/schemas/ProgressEvent' + type: object + GeneralServiceException: {} + GetResourceInput: + properties: + TypeName: + $ref: '#/components/schemas/TypeName' + Identifier: + $ref: '#/components/schemas/Identifier' + TypeVersionId: + $ref: '#/components/schemas/TypeVersionId' + RoleArn: + $ref: '#/components/schemas/RoleArn' + required: + - TypeName + - Identifier + title: GetResourceInput + type: object + GetResourceOutput: + properties: + ResourceDescription: + $ref: '#/components/schemas/ResourceDescription' + TypeName: + type: string + type: object + GetResourceRequestStatusInput: + properties: + RequestToken: + $ref: '#/components/schemas/RequestToken' + required: + - RequestToken + title: GetResourceRequestStatusInput + type: object + GetResourceRequestStatusOutput: + properties: + ProgressEvent: + $ref: '#/components/schemas/ProgressEvent' + type: object + HandlerErrorCode: + enum: + - NotUpdatable + - InvalidRequest + - AccessDenied + - InvalidCredentials + - AlreadyExists + - NotFound + - ResourceConflict + - Throttling + - ServiceLimitExceeded + - NotStabilized + - GeneralServiceException + - ServiceInternalError + - ServiceTimeout + - NetworkFailure + - InternalFailure + type: string + HandlerFailureException: {} + HandlerInternalFailureException: {} + HandlerNextToken: + maxLength: 2048 + minLength: 1 + pattern: .+ + type: string + Identifier: + maxLength: 1024 + minLength: 1 + pattern: .+ + type: string + InvalidCredentialsException: {} + InvalidRequestException: {} + MaxResults: + maximum: 100 + minimum: 1 + type: integer + NetworkFailureException: {} + NextToken: + maxLength: 2048 + minLength: 1 + pattern: '[-A-Za-z0-9+/=]+' + type: string + NotStabilizedException: {} + NotUpdatableException: {} + Operation: + enum: + - CREATE + - DELETE + - UPDATE + type: string + OperationStatus: + enum: + - PENDING + - IN_PROGRESS + - SUCCESS + - FAILED + - CANCEL_IN_PROGRESS + - CANCEL_COMPLETE + type: string + OperationStatuses: + items: + $ref: '#/components/schemas/OperationStatus' + type: array + Operations: + items: + $ref: '#/components/schemas/Operation' + type: array + PatchDocument: + format: password + maxLength: 65536 + minLength: 1 + pattern: '[\s\S]*' + type: string + PrivateTypeException: {} + ProgressEvent: + example: + ErrorCode: string + EventTime: number + Identifier: string + Operation: string + OperationStatus: string + RequestToken: string + ResourceModel: string + RetryAfter: number + StatusMessage: string + TypeName: string + properties: + ErrorCode: + type: string + EventTime: + type: number + Identifier: + type: string + Operation: + type: string + OperationStatus: + type: string + RequestToken: + type: string + ResourceModel: + type: string + RetryAfter: + type: number + StatusMessage: + type: string + TypeName: + type: string + type: object + Properties: + format: password + maxLength: 65536 + minLength: 1 + pattern: '[\s\S]*' + type: string + RequestToken: + maxLength: 128 + minLength: 1 + pattern: '[-A-Za-z0-9+/=]+' + type: string + RequestTokenNotFoundException: {} + ResourceConflictException: {} + ResourceDescription: + description: Represents information about a provisioned resource. + properties: + Identifier: + type: string + Properties: + type: string + type: object + ResourceDescriptions: + items: + $ref: '#/components/schemas/ResourceDescription' + type: array + ResourceNotFoundException: {} + ResourceRequestStatusFilter: + description: The filter criteria to use in determining the requests returned. + properties: + undefined: + allOf: + - $ref: '#/components/schemas/OperationStatuses' + - description: '

The operation statuses to include in the filter.

+

  • PENDING: The operation has been requested, + but not yet initiated.

  • IN_PROGRESS: + The operation is in progress.

  • SUCCESS: + The operation completed.

  • FAILED: The + operation failed.

  • CANCEL_IN_PROGRESS: + The operation is in the process of being canceled.

  • + CANCEL_COMPLETE: The operation has been canceled.

    • +
' + type: object + ResourceRequestStatusSummaries: + items: + $ref: '#/components/schemas/ProgressEvent' + type: array + RoleArn: + maxLength: 2048 + minLength: 20 + pattern: arn:.+:iam::[0-9]{12}:role/.+ + type: string + ServiceInternalErrorException: {} + ServiceLimitExceededException: {} + StatusMessage: + maxLength: 1024 + minLength: 0 + pattern: '[\s\S]*' + type: string + ThrottlingException: {} + Timestamp: + format: date-time + type: string + TypeName: + maxLength: 196 + minLength: 10 + pattern: '[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}' + type: string + TypeNotFoundException: {} + TypeVersionId: + maxLength: 128 + minLength: 1 + pattern: '[A-Za-z0-9-]+' + type: string + UnsupportedActionException: {} + UpdateResourceInput: + properties: + undefined: + allOf: + - $ref: '#/components/schemas/PatchDocument' + required: + - TypeName + - Identifier + - PatchDocument + title: UpdateResourceInput + type: object + UpdateResourceOutput: + properties: + ProgressEvent: + $ref: '#/components/schemas/ProgressEvent' + type: object +security: + - hmac: [] +x-stackQL-config: + pagination: + requestToken: + key: NextToken + location: body + responseToken: + key: NextToken + location: body diff --git a/providers/src/awscc/v00.00.00000/services/cloudformation.yaml b/providers/src/awscc/v00.00.00000/services/cloudformation.yaml new file mode 100644 index 00000000..741e6f82 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cloudformation.yaml @@ -0,0 +1,1905 @@ +openapi: 3.0.0 +info: + title: CloudFormation + version: 1.0.0 +paths: {} +components: + schemas: + HookDefaultVersion: + type: object + properties: + TypeVersionArn: + description: The Amazon Resource Name (ARN) of the type version. + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/hook/.+$ + type: string + TypeName: + description: |- + The name of the type being registered. + + We recommend that type names adhere to the following pattern: company_or_organization::service::type. + pattern: ^[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}$ + type: string + Arn: + description: The Amazon Resource Name (ARN) of the type. This is used to uniquely identify a HookDefaultVersion + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/hook/.+$ + type: string + VersionId: + description: The ID of an existing version of the hook to set as the default. + pattern: ^[A-Za-z0-9-]{1,128}$ + type: string + x-stackql-resource-name: hook_default_version + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - cloudformation:SetTypeDefaultVersion + read: + - cloudformation:DescribeType + update: + - cloudformation:SetTypeDefaultVersion + delete: [] + list: + - cloudformation:ListTypes + HookTypeConfig: + type: object + properties: + TypeArn: + description: The Amazon Resource Name (ARN) of the type without version number. + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/hook/.+$ + type: string + TypeName: + description: |- + The name of the type being registered. + + We recommend that type names adhere to the following pattern: company_or_organization::service::type. + pattern: ^[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}$ + type: string + ConfigurationArn: + description: The Amazon Resource Name (ARN) for the configuration data, in this account and region. + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type(-configuration)?/hook/.+$ + type: string + Configuration: + description: The configuration data for the extension, in this account and region. + pattern: '[\s\S]+' + type: string + ConfigurationAlias: + description: An alias by which to refer to this extension configuration data. + pattern: ^[a-zA-Z0-9]{1,256}$ + default: default + enum: + - default + type: string + x-stackql-resource-name: hook_type_config + x-stackql-primaryIdentifier: + - ConfigurationArn + x-create-only-properties: + - ConfigurationAlias + x-read-only-properties: + - ConfigurationArn + x-required-permissions: + create: + - cloudformation:SetTypeConfiguration + read: + - cloudformation:BatchDescribeTypeConfigurations + update: + - cloudformation:SetTypeConfiguration + delete: + - cloudformation:SetTypeConfiguration + list: + - cloudformation:ListTypes + - cloudformation:BatchDescribeTypeConfigurations + LoggingConfig: + type: object + properties: + LogGroupName: + description: The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers. + type: string + pattern: ^[\.\-_/#A-Za-z0-9]+$ + minLength: 1 + maxLength: 512 + LogRoleArn: + description: The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs. + type: string + minLength: 1 + maxLength: 256 + additionalProperties: false + HookVersion: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the type, here the HookVersion. This is used to uniquely identify a HookVersion resource + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/hook/.+$ + type: string + TypeArn: + description: The Amazon Resource Name (ARN) of the type without the versionID. + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/hook/.+$ + type: string + ExecutionRoleArn: + description: The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials. + pattern: arn:.+:iam::[0-9]{12}:role/.+ + maxLength: 256 + type: string + IsDefaultVersion: + description: Indicates if this type version is the current default version + type: boolean + LoggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Specifies logging configuration information for a type. + SchemaHandlerPackage: + description: |- + A url to the S3 bucket containing the schema handler package that contains the schema, event handlers, and associated files for the type you want to register. + + For information on generating a schema handler package for the type you want to register, see submit in the CloudFormation CLI User Guide. + maxLength: 4096 + type: string + TypeName: + description: |- + The name of the type being registered. + + We recommend that type names adhere to the following pattern: company_or_organization::service::type. + pattern: ^[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}$ + type: string + VersionId: + description: The ID of the version of the type represented by this hook instance. + pattern: ^[A-Za-z0-9-]{1,128}$ + type: string + Visibility: + description: |- + The scope at which the type is visible and usable in CloudFormation operations. + + Valid values include: + + PRIVATE: The type is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE. + + PUBLIC: The type is publically visible and usable within any Amazon account. + enum: + - PUBLIC + - PRIVATE + type: string + required: + - SchemaHandlerPackage + - TypeName + x-stackql-resource-name: hook_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ExecutionRoleArn + - LoggingConfig + - SchemaHandlerPackage + - TypeName + x-read-only-properties: + - Arn + - IsDefaultVersion + - Visibility + - VersionId + - TypeArn + x-required-permissions: + create: + - cloudformation:DescribeType + - cloudformation:DescribeTypeRegistration + - cloudformation:RegisterType + - iam:PassRole + - s3:GetObject + - s3:ListBucket + - kms:Decrypt + read: + - cloudformation:DescribeType + delete: + - cloudformation:DeregisterType + - cloudformation:DescribeType + list: + - cloudformation:ListTypes + - cloudformation:ListTypeVersions + ModuleDefaultVersion: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the module version to set as the default version. + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/module/.+/[0-9]{8}$ + type: string + ModuleName: + description: The name of a module existing in the registry. + pattern: ^[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::MODULE + type: string + VersionId: + description: The ID of an existing version of the named module to set as the default. + pattern: ^[0-9]{8}$ + type: string + x-stackql-resource-name: module_default_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Arn + - ModuleName + - VersionId + x-required-permissions: + create: + - cloudformation:DescribeType + - cloudformation:SetTypeDefaultVersion + delete: [] + read: + - cloudformation:DescribeType + list: + - cloudformation:ListTypes + ModuleVersion: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the module. + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/module/.+$ + type: string + Description: + description: The description of the registered module. + maxLength: 1024 + minLength: 1 + type: string + DocumentationUrl: + description: The URL of a page providing detailed documentation for this module. + maxLength: 4096 + type: string + ModuleName: + description: |- + The name of the module being registered. + + Recommended module naming pattern: company_or_organization::service::type::MODULE. + pattern: ^[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::MODULE + type: string + ModulePackage: + description: The url to the S3 bucket containing the schema and template fragment for the module you want to register. + type: string + IsDefaultVersion: + description: Indicator of whether this module version is the current default version + type: boolean + Schema: + description: The schema defining input parameters to and resources generated by the module. + maxLength: 16777216 + minLength: 1 + type: string + TimeCreated: + description: The time that the specified module version was registered. + type: string + VersionId: + description: The version ID of the module represented by this module instance. + pattern: ^[0-9]{8}$ + type: string + Visibility: + description: |- + The scope at which the type is visible and usable in CloudFormation operations. + + The only allowed value at present is: + + PRIVATE: The type is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE. + enum: + - PRIVATE + type: string + required: + - ModuleName + - ModulePackage + x-stackql-resource-name: module_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ModuleName + - ModulePackage + x-read-only-properties: + - Arn + - Description + - DocumentationUrl + - IsDefaultVersion + - Schema + - TimeCreated + - VersionId + - Visibility + x-required-permissions: + create: + - cloudformation:DescribeType + - cloudformation:DescribeTypeRegistration + - cloudformation:ListTypeVersions + - cloudformation:RegisterType + - s3:GetObject + - s3:ListBucket + read: + - cloudformation:DescribeType + delete: + - cloudformation:DeregisterType + - cloudformation:DescribeType + PublicTypeVersion: + type: object + properties: + Arn: + description: The Amazon Resource Number (ARN) of the extension. + pattern: arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:[0-9]{12}:type/.+ + type: string + TypeVersionArn: + description: The Amazon Resource Number (ARN) of the extension with the versionId. + pattern: arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:[0-9]{12}:type/.+ + type: string + PublicVersionNumber: + description: The version number of a public third-party extension + type: string + minLength: 5 + maxLength: 64 + PublisherId: + description: The publisher id assigned by CloudFormation for publishing in this region. + pattern: '[0-9a-zA-Z]{40}' + type: string + minLength: 1 + maxLength: 40 + PublicTypeArn: + description: The Amazon Resource Number (ARN) assigned to the public extension upon publication + pattern: arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/.+ + type: string + maxLength: 1024 + TypeName: + description: |- + The name of the type being registered. + + We recommend that type names adhere to the following pattern: company_or_organization::service::type. + pattern: '[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}(::MODULE){0,1}' + type: string + LogDeliveryBucket: + description: A url to the S3 bucket where logs for the testType run will be available + type: string + Type: + description: The kind of extension + enum: + - RESOURCE + - MODULE + - HOOK + type: string + x-stackql-resource-name: public_type_version + x-stackql-primaryIdentifier: + - PublicTypeArn + x-create-only-properties: + - LogDeliveryBucket + - PublicVersionNumber + - TypeName + - Type + - Arn + x-read-only-properties: + - PublicTypeArn + - TypeVersionArn + - PublisherId + x-required-permissions: + create: + - cloudformation:TestType + - cloudformation:DescribeType + - cloudformation:PublishType + - cloudformation:DescribePublisher + - s3:GetObject + - s3:PutObject + delete: [] + read: + - cloudformation:DescribeType + - cloudformation:DescribePublisher + list: + - cloudformation:ListTypes + Publisher: + type: object + properties: + AcceptTermsAndConditions: + description: Whether you accept the terms and conditions for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to publish public extensions to the CloudFormation registry. The terms and conditions can be found at https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf + type: boolean + PublisherId: + description: The publisher id assigned by CloudFormation for publishing in this region. + pattern: '[0-9a-zA-Z]{40}' + type: string + minLength: 1 + maxLength: 40 + ConnectionArn: + description: If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account. + type: string + pattern: arn:aws(-[w]+)*:.+:.+:[0-9]{12}:.+ + PublisherStatus: + description: Whether the publisher is verified. + type: string + enum: + - VERIFIED + - UNVERIFIED + PublisherProfile: + description: The URL to the publisher's profile with the identity provider. + pattern: (http:|https:)+[^s]+[w] + type: string + maxLength: 1024 + IdentityProvider: + description: The type of account used as the identity provider when registering this publisher with CloudFormation. + type: string + enum: + - AWS_Marketplace + - GitHub + - Bitbucket + required: + - AcceptTermsAndConditions + x-stackql-resource-name: publisher + x-stackql-primaryIdentifier: + - PublisherId + x-create-only-properties: + - AcceptTermsAndConditions + - ConnectionArn + x-read-only-properties: + - PublisherId + - PublisherStatus + - PublisherProfile + - IdentityProvider + x-required-permissions: + create: + - cloudformation:RegisterPublisher + - cloudformation:DescribePublisher + - codestar-connections:GetConnection + - codestar-connections:UseConnection + read: + - cloudformation:DescribePublisher + delete: [] + list: + - cloudformation:DescribePublisher + ResourceDefaultVersion: + type: object + properties: + VersionId: + pattern: ^[A-Za-z0-9-]{1,128}$ + description: The ID of an existing version of the resource to set as the default. + type: string + TypeName: + pattern: ^[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}$ + description: |- + The name of the type being registered. + + We recommend that type names adhere to the following pattern: company_or_organization::service::type. + type: string + Arn: + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/resource/.+$ + description: The Amazon Resource Name (ARN) of the type. This is used to uniquely identify a ResourceDefaultVersion + type: string + TypeVersionArn: + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/resource/.+$ + description: The Amazon Resource Name (ARN) of the type version. + type: string + x-stackql-resource-name: resource_default_version + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + read: + - cloudformation:DescribeType + create: + - cloudformation:SetTypeDefaultVersion + update: + - cloudformation:SetTypeDefaultVersion + list: + - cloudformation:ListTypeVersions + delete: + - '' + ResourceVersion: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the type, here the ResourceVersion. This is used to uniquely identify a ResourceVersion resource + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/resource/.+$ + type: string + TypeArn: + description: The Amazon Resource Name (ARN) of the type without the versionID. + pattern: ^arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/resource/.+$ + type: string + ExecutionRoleArn: + description: The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials. + type: string + IsDefaultVersion: + description: Indicates if this type version is the current default version + type: boolean + LoggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Specifies logging configuration information for a type. + ProvisioningType: + description: The provisioning behavior of the type. AWS CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted. + enum: + - NON_PROVISIONABLE + - IMMUTABLE + - FULLY_MUTABLE + type: string + SchemaHandlerPackage: + description: |- + A url to the S3 bucket containing the schema handler package that contains the schema, event handlers, and associated files for the type you want to register. + + For information on generating a schema handler package for the type you want to register, see submit in the CloudFormation CLI User Guide. + type: string + TypeName: + description: |- + The name of the type being registered. + + We recommend that type names adhere to the following pattern: company_or_organization::service::type. + pattern: ^[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}$ + type: string + VersionId: + description: The ID of the version of the type represented by this resource instance. + pattern: ^[A-Za-z0-9-]{1,128}$ + type: string + Visibility: + description: |- + The scope at which the type is visible and usable in CloudFormation operations. + + Valid values include: + + PRIVATE: The type is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE. + + PUBLIC: The type is publically visible and usable within any Amazon account. + enum: + - PUBLIC + - PRIVATE + type: string + required: + - SchemaHandlerPackage + - TypeName + x-stackql-resource-name: resource_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ExecutionRoleArn + - LoggingConfig + - SchemaHandlerPackage + - TypeName + x-read-only-properties: + - Arn + - IsDefaultVersion + - ProvisioningType + - Visibility + - VersionId + - TypeArn + x-required-permissions: + create: + - cloudformation:DescribeTypeRegistration + - cloudformation:RegisterType + - iam:PassRole + - s3:GetObject + - s3:ListBucket + - kms:Decrypt + - cloudformation:ListTypeVersions + - cloudformation:DeregisterType + - cloudformation:DescribeType + read: + - cloudformation:DescribeType + delete: + - cloudformation:DeregisterType + - cloudformation:DescribeType + list: + - cloudformation:ListTypes + Tag: + description: Tag type enables you to specify a key-value pair that can be used to store information about an AWS CloudFormation StackSet. + type: object + properties: + Key: + description: A string used to identify this tag. You can specify a maximum of 127 characters for a tag key. + type: string + minLength: 1 + maxLength: 128 + pattern: ^(?!aws:.*)[a-zA-Z0-9\s\:\_\.\/\=\+\-]+$ + Value: + description: A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value. + type: string + minLength: 1 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Output: + type: object + additionalProperties: false + properties: + Description: + type: string + ExportName: + type: string + OutputKey: + type: string + OutputValue: + type: string + Stack: + type: object + properties: + Capabilities: + type: array + uniqueItems: false + items: + type: string + enum: + - CAPABILITY_IAM + - CAPABILITY_NAMED_IAM + - CAPABILITY_AUTO_EXPAND + RoleARN: + type: string + Outputs: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Output' + Description: + type: string + minLength: 1 + maxLength: 1024 + DisableRollback: + type: boolean + EnableTerminationProtection: + type: boolean + NotificationARNs: + type: array + uniqueItems: false + items: + type: string + maxItems: 5 + Parameters: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + ParentId: + type: string + RootId: + type: string + ChangeSetId: + type: string + StackName: + type: string + StackId: + type: string + StackPolicyBody: + type: object + StackPolicyURL: + type: string + StackStatus: + type: string + enum: + - CREATE_IN_PROGRESS + - CREATE_FAILED + - CREATE_COMPLETE + - ROLLBACK_IN_PROGRESS + - ROLLBACK_FAILED + - ROLLBACK_COMPLETE + - DELETE_IN_PROGRESS + - DELETE_FAILED + - DELETE_COMPLETE + - UPDATE_IN_PROGRESS + - UPDATE_COMPLETE_CLEANUP_IN_PROGRESS + - UPDATE_COMPLETE + - UPDATE_FAILED + - UPDATE_ROLLBACK_IN_PROGRESS + - UPDATE_ROLLBACK_FAILED + - UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS + - UPDATE_ROLLBACK_COMPLETE + - REVIEW_IN_PROGRESS + - IMPORT_IN_PROGRESS + - IMPORT_COMPLETE + - IMPORT_ROLLBACK_IN_PROGRESS + - IMPORT_ROLLBACK_FAILED + - IMPORT_ROLLBACK_COMPLETE + StackStatusReason: + type: string + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + TemplateBody: + type: object + TemplateURL: + type: string + minLength: 1 + maxLength: 1024 + TimeoutInMinutes: + type: integer + minimum: 1 + LastUpdateTime: + type: string + CreationTime: + type: string + required: + - StackName + x-stackql-resource-name: stack + x-stackql-primaryIdentifier: + - StackId + x-create-only-properties: + - StackName + x-read-only-properties: + - StackId + - StackStatus + - CreationTime + - RootId + - ParentId + - ChangeSetId + - Outputs + - LastUpdateTime + x-required-permissions: + create: + - cloudformation:DescribeStacks + - cloudformation:CreateStack + - iam:PassRole + update: + - cloudformation:DescribeStacks + - cloudformation:UpdateStack + - cloudformation:UpdateTerminationProtection + - cloudformation:SetStackPolicy + - iam:PassRole + delete: + - cloudformation:DescribeStacks + - cloudformation:DeleteStack + read: + - cloudformation:DescribeStacks + - cloudformation:GetStackPolicy + - cloudformation:GetTemplate + list: + - cloudformation:ListStacks + AutoDeployment: + type: object + properties: + Enabled: + description: If set to true, StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions. + type: boolean + RetainStacksOnAccountRemoval: + description: If set to true, stack resources are retained when an account is removed from a target organization or OU. If set to false, stack resources are deleted. Specify only if Enabled is set to True. + type: boolean + additionalProperties: false + Account: + description: AWS account that you want to create stack instances in the specified Region(s) for. + type: string + pattern: ^[0-9]{12}$ + Region: + type: string + pattern: ^[a-zA-Z0-9-]{1,128}$ + OrganizationalUnitId: + type: string + pattern: ^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$ + Capability: + type: string + enum: + - CAPABILITY_IAM + - CAPABILITY_NAMED_IAM + - CAPABILITY_AUTO_EXPAND + RegionConcurrencyType: + description: The concurrency type of deploying StackSets operations in regions, could be in parallel or one region at a time + type: string + enum: + - SEQUENTIAL + - PARALLEL + Active: + description: When true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. + type: boolean + OperationPreferences: + description: The user-specified preferences for how AWS CloudFormation performs a stack set operation. + type: object + properties: + FailureToleranceCount: + type: integer + minimum: 0 + FailureTolerancePercentage: + type: integer + minimum: 0 + maximum: 100 + MaxConcurrentCount: + type: integer + minimum: 1 + MaxConcurrentPercentage: + type: integer + minimum: 0 + maximum: 100 + RegionOrder: + type: array + items: + $ref: '#/components/schemas/Region' + RegionConcurrencyType: + $ref: '#/components/schemas/RegionConcurrencyType' + additionalProperties: false + Parameter: + type: object + properties: + ParameterKey: + description: The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template. + type: string + ParameterValue: + description: The input value associated with the parameter. + type: string + required: + - ParameterKey + - ParameterValue + additionalProperties: false + DeploymentTargets: + description: ' The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions.' + type: object + properties: + Accounts: + description: AWS accounts that you want to create stack instances in the specified Region(s) for. + type: array + minItems: 1 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Account' + AccountsUrl: + description: Returns the value of the AccountsUrl property. + type: string + minLength: 1 + maxLength: 5120 + pattern: (s3://|http(s?)://).+ + OrganizationalUnitIds: + description: The organization root ID or organizational unit (OU) IDs to which StackSets deploys. + type: array + minItems: 1 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/OrganizationalUnitId' + AccountFilterType: + description: The filter type you want to apply on organizational units and accounts. + type: string + enum: + - NONE + - UNION + - INTERSECTION + - DIFFERENCE + additionalProperties: false + StackInstances: + description: Stack instances in some specific accounts and Regions. + type: object + properties: + DeploymentTargets: + $ref: '#/components/schemas/DeploymentTargets' + Regions: + description: The names of one or more Regions where you want to create stack instances using the specified AWS account(s). + type: array + minItems: 1 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Region' + ParameterOverrides: + description: A list of stack set parameters whose values you want to override in the selected stack instances. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Parameter' + required: + - DeploymentTargets + - Regions + additionalProperties: false + StackSet: + type: object + properties: + StackSetName: + description: The name to associate with the stack set. The name must be unique in the Region where you create your stack set. + type: string + pattern: ^[a-zA-Z][a-zA-Z0-9\-]{0,127}$ + maxLength: 128 + StackSetId: + description: The ID of the stack set that you're creating. + type: string + AdministrationRoleARN: + description: The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. + type: string + minLength: 20 + maxLength: 2048 + AutoDeployment: + description: Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to the target organization or organizational unit (OU). Specify only if PermissionModel is SERVICE_MANAGED. + $ref: '#/components/schemas/AutoDeployment' + Capabilities: + description: In some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for AWS CloudFormation to create the stack set and related stack instances. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Capability' + Description: + description: A description of the stack set. You can use the description to identify the stack set's purpose or other important information. + type: string + minLength: 1 + maxLength: 1024 + ExecutionRoleName: + description: The name of the IAM execution role to use to create the stack set. If you do not specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation. + type: string + minLength: 1 + maxLength: 64 + OperationPreferences: + $ref: '#/components/schemas/OperationPreferences' + StackInstancesGroup: + description: A group of stack instances with parameters in some specific accounts and regions. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/StackInstances' + Parameters: + description: The input parameters for the stack set template. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Parameter' + PermissionModel: + description: Describes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED is specified. + type: string + enum: + - SERVICE_MANAGED + - SELF_MANAGED + Tags: + description: The key-value pairs to associate with this stack set and the stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + TemplateBody: + description: The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes. + type: string + minLength: 1 + maxLength: 51200 + TemplateURL: + description: 'Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket.' + type: string + minLength: 1 + maxLength: 5120 + CallAs: + description: Specifies the AWS account that you are acting from. By default, SELF is specified. For self-managed permissions, specify SELF; for service-managed permissions, if you are signed in to the organization's management account, specify SELF. If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN. + type: string + enum: + - SELF + - DELEGATED_ADMIN + ManagedExecution: + description: Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations. + type: object + properties: + Active: + $ref: '#/components/schemas/Active' + additionalProperties: false + required: + - StackSetName + - PermissionModel + x-stackql-resource-name: stack_set + x-stackql-primaryIdentifier: + - StackSetId + x-create-only-properties: + - PermissionModel + - StackSetName + x-read-only-properties: + - StackSetId + x-required-permissions: + create: + - cloudformation:GetTemplateSummary + - cloudformation:CreateStackSet + - cloudformation:CreateStackInstances + - cloudformation:DescribeStackSetOperation + - cloudformation:ListStackSetOperationResults + - cloudformation:TagResource + - iam:PassRole + read: + - cloudformation:DescribeStackSet + - cloudformation:ListStackInstances + - cloudformation:DescribeStackInstance + update: + - cloudformation:GetTemplateSummary + - cloudformation:UpdateStackSet + - cloudformation:CreateStackInstances + - cloudformation:DeleteStackInstances + - cloudformation:UpdateStackInstances + - cloudformation:DescribeStackSet + - cloudformation:DescribeStackSetOperation + - cloudformation:ListStackSetOperationResults + - cloudformation:TagResource + - cloudformation:UntagResource + - iam:PassRole + delete: + - cloudformation:DeleteStackSet + - cloudformation:DeleteStackInstances + - cloudformation:DescribeStackSet + - cloudformation:DescribeStackSetOperation + - cloudformation:ListStackSetOperationResults + - cloudformation:UntagResource + list: + - cloudformation:ListStackSets + - cloudformation:DescribeStackSet + - cloudformation:ListStackInstances + - cloudformation:DescribeStackInstance + TypeActivation: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the extension. + pattern: arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/.+ + type: string + ExecutionRoleArn: + description: The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials. + type: string + PublisherId: + description: The publisher id assigned by CloudFormation for publishing in this region. + pattern: '[0-9a-zA-Z]{40}' + type: string + minLength: 1 + maxLength: 40 + LoggingConfig: + $ref: '#/components/schemas/LoggingConfig' + description: Specifies logging configuration information for a type. + PublicTypeArn: + description: The Amazon Resource Number (ARN) assigned to the public extension upon publication + pattern: arn:aws[A-Za-z0-9-]{0,64}:cloudformation:[A-Za-z0-9-]{1,64}:([0-9]{12})?:type/.+ + type: string + maxLength: 1024 + AutoUpdate: + description: Whether to automatically update the extension in this account and region when a new minor version is published by the extension publisher. Major versions released by the publisher must be manually updated. + type: boolean + TypeNameAlias: + description: An alias to assign to the public extension in this account and region. If you specify an alias for the extension, you must then use the alias to refer to the extension in your templates. + pattern: '[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}(::MODULE){0,1}' + type: string + minLength: 10 + maxLength: 204 + VersionBump: + description: Manually updates a previously-enabled type to a new major or minor version, if available. You can also use this parameter to update the value of AutoUpdateEnabled + type: string + enum: + - MAJOR + - MINOR + MajorVersion: + description: The Major Version of the type you want to enable + type: string + minLength: 1 + maxLength: 100000 + TypeName: + description: |- + The name of the type being registered. + + We recommend that type names adhere to the following pattern: company_or_organization::service::type. + pattern: '[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}(::MODULE){0,1}' + type: string + Type: + description: The kind of extension + enum: + - RESOURCE + - MODULE + - HOOK + type: string + x-stackql-resource-name: type_activation + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - LoggingConfig + x-read-only-properties: + - Arn + x-required-permissions: + create: + - cloudformation:ActivateType + - cloudformation:DescribeType + - iam:PassRole + update: + - cloudformation:ActivateType + - cloudformation:DescribeType + - iam:PassRole + read: + - cloudformation:DescribeType + delete: + - cloudformation:DeactivateType + - cloudformation:DescribeType + list: + - cloudformation:ListTypes + x-stackQL-resources: + hook_default_versions: + name: hook_default_versions + id: awscc.cloudformation.hook_default_versions + x-cfn-schema-name: HookDefaultVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::HookDefaultVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::HookDefaultVersion' + AND region = 'us-east-1' + hook_default_version: + name: hook_default_version + id: awscc.cloudformation.hook_default_version + x-cfn-schema-name: HookDefaultVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TypeVersionArn') as type_version_arn, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::HookDefaultVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TypeVersionArn') as type_version_arn, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::HookDefaultVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + hook_type_configs: + name: hook_type_configs + id: awscc.cloudformation.hook_type_configs + x-cfn-schema-name: HookTypeConfig + x-type: list + x-identifiers: + - ConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConfigurationArn') as configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::HookTypeConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConfigurationArn') as configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::HookTypeConfig' + AND region = 'us-east-1' + hook_type_config: + name: hook_type_config + id: awscc.cloudformation.hook_type_config + x-cfn-schema-name: HookTypeConfig + x-type: get + x-identifiers: + - ConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TypeArn') as type_arn, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.ConfigurationArn') as configuration_arn, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.ConfigurationAlias') as configuration_alias + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::HookTypeConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TypeArn') as type_arn, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'ConfigurationArn') as configuration_arn, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'ConfigurationAlias') as configuration_alias + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::HookTypeConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + hook_versions: + name: hook_versions + id: awscc.cloudformation.hook_versions + x-cfn-schema-name: HookVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::HookVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::HookVersion' + AND region = 'us-east-1' + hook_version: + name: hook_version + id: awscc.cloudformation.hook_version + x-cfn-schema-name: HookVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.TypeArn') as type_arn, + JSON_EXTRACT(Properties, '$.ExecutionRoleArn') as execution_role_arn, + JSON_EXTRACT(Properties, '$.IsDefaultVersion') as is_default_version, + JSON_EXTRACT(Properties, '$.LoggingConfig') as logging_config, + JSON_EXTRACT(Properties, '$.SchemaHandlerPackage') as schema_handler_package, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.VersionId') as version_id, + JSON_EXTRACT(Properties, '$.Visibility') as visibility + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::HookVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'TypeArn') as type_arn, + json_extract_path_text(Properties, 'ExecutionRoleArn') as execution_role_arn, + json_extract_path_text(Properties, 'IsDefaultVersion') as is_default_version, + json_extract_path_text(Properties, 'LoggingConfig') as logging_config, + json_extract_path_text(Properties, 'SchemaHandlerPackage') as schema_handler_package, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'VersionId') as version_id, + json_extract_path_text(Properties, 'Visibility') as visibility + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::HookVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + module_default_versions: + name: module_default_versions + id: awscc.cloudformation.module_default_versions + x-cfn-schema-name: ModuleDefaultVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ModuleDefaultVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ModuleDefaultVersion' + AND region = 'us-east-1' + module_default_version: + name: module_default_version + id: awscc.cloudformation.module_default_version + x-cfn-schema-name: ModuleDefaultVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ModuleName') as module_name, + JSON_EXTRACT(Properties, '$.VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ModuleDefaultVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ModuleName') as module_name, + json_extract_path_text(Properties, 'VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ModuleDefaultVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + module_versions: + name: module_versions + id: awscc.cloudformation.module_versions + x-cfn-schema-name: ModuleVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ModuleVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ModuleVersion' + AND region = 'us-east-1' + module_version: + name: module_version + id: awscc.cloudformation.module_version + x-cfn-schema-name: ModuleVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DocumentationUrl') as documentation_url, + JSON_EXTRACT(Properties, '$.ModuleName') as module_name, + JSON_EXTRACT(Properties, '$.ModulePackage') as module_package, + JSON_EXTRACT(Properties, '$.IsDefaultVersion') as is_default_version, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.TimeCreated') as time_created, + JSON_EXTRACT(Properties, '$.VersionId') as version_id, + JSON_EXTRACT(Properties, '$.Visibility') as visibility + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ModuleVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DocumentationUrl') as documentation_url, + json_extract_path_text(Properties, 'ModuleName') as module_name, + json_extract_path_text(Properties, 'ModulePackage') as module_package, + json_extract_path_text(Properties, 'IsDefaultVersion') as is_default_version, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'TimeCreated') as time_created, + json_extract_path_text(Properties, 'VersionId') as version_id, + json_extract_path_text(Properties, 'Visibility') as visibility + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ModuleVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + public_type_versions: + name: public_type_versions + id: awscc.cloudformation.public_type_versions + x-cfn-schema-name: PublicTypeVersion + x-type: list + x-identifiers: + - PublicTypeArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PublicTypeArn') as public_type_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::PublicTypeVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PublicTypeArn') as public_type_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::PublicTypeVersion' + AND region = 'us-east-1' + public_type_version: + name: public_type_version + id: awscc.cloudformation.public_type_version + x-cfn-schema-name: PublicTypeVersion + x-type: get + x-identifiers: + - PublicTypeArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.TypeVersionArn') as type_version_arn, + JSON_EXTRACT(Properties, '$.PublicVersionNumber') as public_version_number, + JSON_EXTRACT(Properties, '$.PublisherId') as publisher_id, + JSON_EXTRACT(Properties, '$.PublicTypeArn') as public_type_arn, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.LogDeliveryBucket') as log_delivery_bucket, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::PublicTypeVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'TypeVersionArn') as type_version_arn, + json_extract_path_text(Properties, 'PublicVersionNumber') as public_version_number, + json_extract_path_text(Properties, 'PublisherId') as publisher_id, + json_extract_path_text(Properties, 'PublicTypeArn') as public_type_arn, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'LogDeliveryBucket') as log_delivery_bucket, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::PublicTypeVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + publishers: + name: publishers + id: awscc.cloudformation.publishers + x-cfn-schema-name: Publisher + x-type: list + x-identifiers: + - PublisherId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PublisherId') as publisher_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::Publisher' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PublisherId') as publisher_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::Publisher' + AND region = 'us-east-1' + publisher: + name: publisher + id: awscc.cloudformation.publisher + x-cfn-schema-name: Publisher + x-type: get + x-identifiers: + - PublisherId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AcceptTermsAndConditions') as accept_terms_and_conditions, + JSON_EXTRACT(Properties, '$.PublisherId') as publisher_id, + JSON_EXTRACT(Properties, '$.ConnectionArn') as connection_arn, + JSON_EXTRACT(Properties, '$.PublisherStatus') as publisher_status, + JSON_EXTRACT(Properties, '$.PublisherProfile') as publisher_profile, + JSON_EXTRACT(Properties, '$.IdentityProvider') as identity_provider + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::Publisher' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AcceptTermsAndConditions') as accept_terms_and_conditions, + json_extract_path_text(Properties, 'PublisherId') as publisher_id, + json_extract_path_text(Properties, 'ConnectionArn') as connection_arn, + json_extract_path_text(Properties, 'PublisherStatus') as publisher_status, + json_extract_path_text(Properties, 'PublisherProfile') as publisher_profile, + json_extract_path_text(Properties, 'IdentityProvider') as identity_provider + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::Publisher' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_default_versions: + name: resource_default_versions + id: awscc.cloudformation.resource_default_versions + x-cfn-schema-name: ResourceDefaultVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ResourceDefaultVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ResourceDefaultVersion' + AND region = 'us-east-1' + resource_default_version: + name: resource_default_version + id: awscc.cloudformation.resource_default_version + x-cfn-schema-name: ResourceDefaultVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VersionId') as version_id, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.TypeVersionArn') as type_version_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ResourceDefaultVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VersionId') as version_id, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'TypeVersionArn') as type_version_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ResourceDefaultVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_versions: + name: resource_versions + id: awscc.cloudformation.resource_versions + x-cfn-schema-name: ResourceVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ResourceVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::ResourceVersion' + AND region = 'us-east-1' + resource_version: + name: resource_version + id: awscc.cloudformation.resource_version + x-cfn-schema-name: ResourceVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.TypeArn') as type_arn, + JSON_EXTRACT(Properties, '$.ExecutionRoleArn') as execution_role_arn, + JSON_EXTRACT(Properties, '$.IsDefaultVersion') as is_default_version, + JSON_EXTRACT(Properties, '$.LoggingConfig') as logging_config, + JSON_EXTRACT(Properties, '$.ProvisioningType') as provisioning_type, + JSON_EXTRACT(Properties, '$.SchemaHandlerPackage') as schema_handler_package, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.VersionId') as version_id, + JSON_EXTRACT(Properties, '$.Visibility') as visibility + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ResourceVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'TypeArn') as type_arn, + json_extract_path_text(Properties, 'ExecutionRoleArn') as execution_role_arn, + json_extract_path_text(Properties, 'IsDefaultVersion') as is_default_version, + json_extract_path_text(Properties, 'LoggingConfig') as logging_config, + json_extract_path_text(Properties, 'ProvisioningType') as provisioning_type, + json_extract_path_text(Properties, 'SchemaHandlerPackage') as schema_handler_package, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'VersionId') as version_id, + json_extract_path_text(Properties, 'Visibility') as visibility + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::ResourceVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + stacks: + name: stacks + id: awscc.cloudformation.stacks + x-cfn-schema-name: Stack + x-type: list + x-identifiers: + - StackId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StackId') as stack_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::Stack' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StackId') as stack_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::Stack' + AND region = 'us-east-1' + stack: + name: stack + id: awscc.cloudformation.stack + x-cfn-schema-name: Stack + x-type: get + x-identifiers: + - StackId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Capabilities') as capabilities, + JSON_EXTRACT(Properties, '$.RoleARN') as role_arn, + JSON_EXTRACT(Properties, '$.Outputs') as outputs, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisableRollback') as disable_rollback, + JSON_EXTRACT(Properties, '$.EnableTerminationProtection') as enable_termination_protection, + JSON_EXTRACT(Properties, '$.NotificationARNs') as notification_arns, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.ParentId') as parent_id, + JSON_EXTRACT(Properties, '$.RootId') as root_id, + JSON_EXTRACT(Properties, '$.ChangeSetId') as change_set_id, + JSON_EXTRACT(Properties, '$.StackName') as stack_name, + JSON_EXTRACT(Properties, '$.StackId') as stack_id, + JSON_EXTRACT(Properties, '$.StackPolicyBody') as stack_policy_body, + JSON_EXTRACT(Properties, '$.StackPolicyURL') as stack_policy_ur_l, + JSON_EXTRACT(Properties, '$.StackStatus') as stack_status, + JSON_EXTRACT(Properties, '$.StackStatusReason') as stack_status_reason, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TemplateBody') as template_body, + JSON_EXTRACT(Properties, '$.TemplateURL') as template_ur_l, + JSON_EXTRACT(Properties, '$.TimeoutInMinutes') as timeout_in_minutes, + JSON_EXTRACT(Properties, '$.LastUpdateTime') as last_update_time, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::Stack' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Capabilities') as capabilities, + json_extract_path_text(Properties, 'RoleARN') as role_arn, + json_extract_path_text(Properties, 'Outputs') as outputs, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisableRollback') as disable_rollback, + json_extract_path_text(Properties, 'EnableTerminationProtection') as enable_termination_protection, + json_extract_path_text(Properties, 'NotificationARNs') as notification_arns, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'ParentId') as parent_id, + json_extract_path_text(Properties, 'RootId') as root_id, + json_extract_path_text(Properties, 'ChangeSetId') as change_set_id, + json_extract_path_text(Properties, 'StackName') as stack_name, + json_extract_path_text(Properties, 'StackId') as stack_id, + json_extract_path_text(Properties, 'StackPolicyBody') as stack_policy_body, + json_extract_path_text(Properties, 'StackPolicyURL') as stack_policy_ur_l, + json_extract_path_text(Properties, 'StackStatus') as stack_status, + json_extract_path_text(Properties, 'StackStatusReason') as stack_status_reason, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TemplateBody') as template_body, + json_extract_path_text(Properties, 'TemplateURL') as template_ur_l, + json_extract_path_text(Properties, 'TimeoutInMinutes') as timeout_in_minutes, + json_extract_path_text(Properties, 'LastUpdateTime') as last_update_time, + json_extract_path_text(Properties, 'CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::Stack' + AND data__Identifier = '' + AND region = 'us-east-1' + stack_sets: + name: stack_sets + id: awscc.cloudformation.stack_sets + x-cfn-schema-name: StackSet + x-type: list + x-identifiers: + - StackSetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StackSetId') as stack_set_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::StackSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StackSetId') as stack_set_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::StackSet' + AND region = 'us-east-1' + stack_set: + name: stack_set + id: awscc.cloudformation.stack_set + x-cfn-schema-name: StackSet + x-type: get + x-identifiers: + - StackSetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StackSetName') as stack_set_name, + JSON_EXTRACT(Properties, '$.StackSetId') as stack_set_id, + JSON_EXTRACT(Properties, '$.AdministrationRoleARN') as administration_role_arn, + JSON_EXTRACT(Properties, '$.AutoDeployment') as auto_deployment, + JSON_EXTRACT(Properties, '$.Capabilities') as capabilities, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ExecutionRoleName') as execution_role_name, + JSON_EXTRACT(Properties, '$.OperationPreferences') as operation_preferences, + JSON_EXTRACT(Properties, '$.StackInstancesGroup') as stack_instances_group, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.PermissionModel') as permission_model, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TemplateBody') as template_body, + JSON_EXTRACT(Properties, '$.TemplateURL') as template_ur_l, + JSON_EXTRACT(Properties, '$.CallAs') as call_as, + JSON_EXTRACT(Properties, '$.ManagedExecution') as managed_execution + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::StackSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StackSetName') as stack_set_name, + json_extract_path_text(Properties, 'StackSetId') as stack_set_id, + json_extract_path_text(Properties, 'AdministrationRoleARN') as administration_role_arn, + json_extract_path_text(Properties, 'AutoDeployment') as auto_deployment, + json_extract_path_text(Properties, 'Capabilities') as capabilities, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ExecutionRoleName') as execution_role_name, + json_extract_path_text(Properties, 'OperationPreferences') as operation_preferences, + json_extract_path_text(Properties, 'StackInstancesGroup') as stack_instances_group, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'PermissionModel') as permission_model, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TemplateBody') as template_body, + json_extract_path_text(Properties, 'TemplateURL') as template_ur_l, + json_extract_path_text(Properties, 'CallAs') as call_as, + json_extract_path_text(Properties, 'ManagedExecution') as managed_execution + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::StackSet' + AND data__Identifier = '' + AND region = 'us-east-1' + type_activations: + name: type_activations + id: awscc.cloudformation.type_activations + x-cfn-schema-name: TypeActivation + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::TypeActivation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFormation::TypeActivation' + AND region = 'us-east-1' + type_activation: + name: type_activation + id: awscc.cloudformation.type_activation + x-cfn-schema-name: TypeActivation + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ExecutionRoleArn') as execution_role_arn, + JSON_EXTRACT(Properties, '$.PublisherId') as publisher_id, + JSON_EXTRACT(Properties, '$.LoggingConfig') as logging_config, + JSON_EXTRACT(Properties, '$.PublicTypeArn') as public_type_arn, + JSON_EXTRACT(Properties, '$.AutoUpdate') as auto_update, + JSON_EXTRACT(Properties, '$.TypeNameAlias') as type_name_alias, + JSON_EXTRACT(Properties, '$.VersionBump') as version_bump, + JSON_EXTRACT(Properties, '$.MajorVersion') as major_version, + JSON_EXTRACT(Properties, '$.TypeName') as type_name, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::TypeActivation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ExecutionRoleArn') as execution_role_arn, + json_extract_path_text(Properties, 'PublisherId') as publisher_id, + json_extract_path_text(Properties, 'LoggingConfig') as logging_config, + json_extract_path_text(Properties, 'PublicTypeArn') as public_type_arn, + json_extract_path_text(Properties, 'AutoUpdate') as auto_update, + json_extract_path_text(Properties, 'TypeNameAlias') as type_name_alias, + json_extract_path_text(Properties, 'VersionBump') as version_bump, + json_extract_path_text(Properties, 'MajorVersion') as major_version, + json_extract_path_text(Properties, 'TypeName') as type_name, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFormation::TypeActivation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cloudfront.yaml b/providers/src/awscc/v00.00.00000/services/cloudfront.yaml new file mode 100644 index 00000000..14034d79 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cloudfront.yaml @@ -0,0 +1,2751 @@ +openapi: 3.0.0 +info: + title: CloudFront + version: 1.0.0 +paths: {} +components: + schemas: + CachePolicyConfig: + additionalProperties: false + properties: + Comment: + type: string + DefaultTTL: + minimum: 0 + multipleOf: 1 + type: number + MaxTTL: + minimum: 0 + multipleOf: 1 + type: number + MinTTL: + minimum: 0 + multipleOf: 1 + type: number + Name: + type: string + ParametersInCacheKeyAndForwardedToOrigin: + $ref: '#/components/schemas/ParametersInCacheKeyAndForwardedToOrigin' + required: + - Name + - MinTTL + - MaxTTL + - DefaultTTL + - ParametersInCacheKeyAndForwardedToOrigin + type: object + CookiesConfig: + additionalProperties: false + properties: + CookieBehavior: + pattern: ^(none|whitelist|all|allExcept)$ + type: string + Cookies: + items: + type: string + type: array + uniqueItems: false + required: + - CookieBehavior + type: object + HeadersConfig: + additionalProperties: false + properties: + HeaderBehavior: + pattern: ^(none|whitelist|allViewer|allViewerAndWhitelistCloudFront|allExcept)$ + type: string + Headers: + items: + type: string + type: array + uniqueItems: false + required: + - HeaderBehavior + type: object + ParametersInCacheKeyAndForwardedToOrigin: + additionalProperties: false + properties: + CookiesConfig: + $ref: '#/components/schemas/CookiesConfig' + EnableAcceptEncodingBrotli: + type: boolean + EnableAcceptEncodingGzip: + type: boolean + HeadersConfig: + $ref: '#/components/schemas/HeadersConfig' + QueryStringsConfig: + $ref: '#/components/schemas/QueryStringsConfig' + required: + - EnableAcceptEncodingGzip + - HeadersConfig + - CookiesConfig + - QueryStringsConfig + type: object + QueryStringsConfig: + additionalProperties: false + properties: + QueryStringBehavior: + pattern: ^(none|whitelist|all|allExcept)$ + type: string + QueryStrings: + items: + type: string + type: array + uniqueItems: false + required: + - QueryStringBehavior + type: object + CachePolicy: + type: object + properties: + CachePolicyConfig: + $ref: '#/components/schemas/CachePolicyConfig' + Id: + type: string + LastModifiedTime: + type: string + required: + - CachePolicyConfig + x-stackql-resource-name: cache_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - LastModifiedTime + x-required-permissions: + create: + - cloudfront:CreateCachePolicy + delete: + - cloudfront:DeleteCachePolicy + - cloudfront:GetCachePolicy + list: + - cloudfront:ListCachePolicies + read: + - cloudfront:GetCachePolicy + update: + - cloudfront:UpdateCachePolicy + - cloudfront:GetCachePolicy + CloudFrontOriginAccessIdentityConfig: + additionalProperties: false + properties: + Comment: + type: string + required: + - Comment + type: object + CloudFrontOriginAccessIdentity: + type: object + properties: + CloudFrontOriginAccessIdentityConfig: + $ref: '#/components/schemas/CloudFrontOriginAccessIdentityConfig' + Id: + type: string + S3CanonicalUserId: + type: string + required: + - CloudFrontOriginAccessIdentityConfig + x-stackql-resource-name: cloud_front_origin_access_identity + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - S3CanonicalUserId + x-required-permissions: + create: + - cloudfront:CreateCloudFrontOriginAccessIdentity + delete: + - cloudfront:DeleteCloudFrontOriginAccessIdentity + - cloudfront:GetCloudFrontOriginAccessIdentity + list: + - cloudfront:ListCloudFrontOriginAccessIdentities + read: + - cloudfront:GetCloudFrontOriginAccessIdentity + update: + - cloudfront:UpdateCloudFrontOriginAccessIdentity + - cloudfront:GetCloudFrontOriginAccessIdentity + ContinuousDeploymentPolicyConfig: + additionalProperties: false + properties: + Enabled: + type: boolean + SingleHeaderPolicyConfig: + additionalProperties: false + properties: + Header: + maxLength: 256 + minLength: 1 + type: string + Value: + maxLength: 1783 + minLength: 1 + type: string + required: + - Header + - Value + type: object + SingleWeightPolicyConfig: + additionalProperties: false + properties: + SessionStickinessConfig: + $ref: '#/components/schemas/SessionStickinessConfig' + Weight: + maximum: 1 + minimum: 0 + multipleOf: 0.01 + type: number + required: + - Weight + type: object + StagingDistributionDnsNames: + x-insertionOrder: true + items: + type: string + minItems: 1 + type: array + uniqueItems: true + TrafficConfig: + $ref: '#/components/schemas/TrafficConfig' + Type: + enum: + - SingleWeight + - SingleHeader + type: string + required: + - Enabled + - StagingDistributionDnsNames + type: object + SessionStickinessConfig: + additionalProperties: false + properties: + IdleTTL: + maximum: 3600 + minimum: 300 + multipleOf: 1 + type: integer + MaximumTTL: + maximum: 3600 + minimum: 300 + multipleOf: 1 + type: integer + required: + - IdleTTL + - MaximumTTL + type: object + SingleHeaderConfig: + additionalProperties: false + properties: + Header: + maxLength: 256 + minLength: 1 + type: string + Value: + maxLength: 1783 + minLength: 1 + type: string + required: + - Header + - Value + type: object + SingleWeightConfig: + additionalProperties: false + properties: + SessionStickinessConfig: + $ref: '#/components/schemas/SessionStickinessConfig' + Weight: + maximum: 1 + minimum: 0 + multipleOf: 0.01 + type: number + required: + - Weight + type: object + TrafficConfig: + additionalProperties: false + properties: + SingleHeaderConfig: + $ref: '#/components/schemas/SingleHeaderConfig' + SingleWeightConfig: + $ref: '#/components/schemas/SingleWeightConfig' + Type: + enum: + - SingleWeight + - SingleHeader + type: string + required: + - Type + type: object + ContinuousDeploymentPolicy: + type: object + properties: + ContinuousDeploymentPolicyConfig: + $ref: '#/components/schemas/ContinuousDeploymentPolicyConfig' + Id: + type: string + LastModifiedTime: + type: string + required: + - ContinuousDeploymentPolicyConfig + x-stackql-resource-name: continuous_deployment_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - LastModifiedTime + x-required-permissions: + create: + - cloudfront:CreateContinuousDeploymentPolicy + delete: + - cloudfront:DeleteContinuousDeploymentPolicy + - cloudfront:GetContinuousDeploymentPolicy + list: + - cloudfront:ListContinuousDeploymentPolicies + read: + - cloudfront:GetContinuousDeploymentPolicy + update: + - cloudfront:UpdateContinuousDeploymentPolicy + - cloudfront:GetContinuousDeploymentPolicy + CacheBehavior: + additionalProperties: false + properties: + AllowedMethods: + default: + - GET + - HEAD + items: + type: string + type: array + uniqueItems: false + description: |- + A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices: + + CloudFront forwards only ``GET`` and ``HEAD`` requests. + + CloudFront forwards only ``GET``, ``HEAD``, and ``OPTIONS`` requests. + + CloudFront forwards ``GET, HEAD, OPTIONS, PUT, PATCH, POST``, and ``DELETE`` requests. + + If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin. + CachePolicyId: + type: string + description: |- + The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + A ``CacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``. + CachedMethods: + default: + - GET + - HEAD + items: + type: string + type: array + uniqueItems: false + description: |- + A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices: + + CloudFront caches responses to ``GET`` and ``HEAD`` requests. + + CloudFront caches responses to ``GET``, ``HEAD``, and ``OPTIONS`` requests. + + If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly. + Compress: + default: false + type: boolean + description: Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide*. + DefaultTTL: + default: 86400 + type: number + description: |- + This field is deprecated. We recommend that you use the ``DefaultTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide + FieldLevelEncryptionId: + default: '' + type: string + description: The value of ``ID`` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior. + ForwardedValues: + $ref: '#/components/schemas/ForwardedValues' + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide*. + If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-r + FunctionAssociations: + items: + $ref: '#/components/schemas/FunctionAssociation' + type: array + uniqueItems: false + description: A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the ``LIVE`` stage to associate them with a cache behavior. + LambdaFunctionAssociations: + items: + $ref: '#/components/schemas/LambdaFunctionAssociation' + type: array + uniqueItems: false + description: A complex type that contains zero or more Lambda@Edge function associations for a cache behavior. + MaxTTL: + default: 31536000 + type: number + description: |- + This field is deprecated. We recommend that you use the ``MaxTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration. + MinTTL: + default: 0 + type: number + description: |- + This field is deprecated. We recommend that you use the ``MinTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. + You must specify ``0`` for ``MinTTL`` if you configure CloudFront to forward all headers to your origin (under ``He + OriginRequestPolicyId: + type: string + description: >- + The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront + Developer Guide*. + PathPattern: + type: string + description: |- + The pattern (for example, ``images/*.jpg``) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution. + You can optionally include a slash (``/``) at the beginning of the path pattern. For example, ``/images/*.jpg``. CloudFront behavior is the same with or without the leading ``/``. + The path pattern for the default cache behavior is ``*`` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior. + For more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide*. + RealtimeLogConfigArn: + type: string + description: The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide*. + ResponseHeadersPolicyId: + type: string + description: The identifier for a response headers policy. + SmoothStreaming: + default: false + type: boolean + description: Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify ``true``; if not, specify ``false``. If you specify ``true`` for ``SmoothStreaming``, you can still distribute other content using this cache behavior if the content matches the value of ``PathPattern``. + TargetOriginId: + type: string + description: The value of ``ID`` for the origin that you want CloudFront to route requests to when they match this cache behavior. + TrustedKeyGroups: + items: + type: string + type: array + uniqueItems: false + description: |- + A list of key groups that CloudFront can use to validate signed URLs or signed cookies. + When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. + TrustedSigners: + items: + type: string + type: array + uniqueItems: false + description: |- + We recommend using ``TrustedKeyGroups`` instead of ``TrustedSigners``. + A list of AWS-account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies. + When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS-account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. + ViewerProtocolPolicy: + type: string + description: |- + The protocol that viewers can use to access the files in the origin specified by ``TargetOriginId`` when a request matches the path pattern in ``PathPattern``. You can specify the following options: + + ``allow-all``: Viewers can use HTTP or HTTPS. + + ``redirect-to-https``: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL. + + ``https-only``: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden). + + For more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide*. + The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol + required: + - PathPattern + - TargetOriginId + - ViewerProtocolPolicy + type: object + description: |- + A complex type that describes how CloudFront processes requests. + You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used. + For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see [Quotas](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) in the *Amazon CloudFront Developer Guide*. + If you don't want to specify any cache behaviors, include only an empty ``CacheBehaviors`` element. Don't include an empty ``CacheBehavior`` element because this is invalid. + To delete all cache behaviors in an exist + Cookies: + additionalProperties: false + properties: + Forward: + type: string + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the ``WhitelistedNames`` complex type. + Amazon S3 doesn't process cookies. When the cache behavior is forw + WhitelistedNames: + items: + type: string + type: array + uniqueItems: false + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + Required if you specify ``whitelist`` for the value of ``Forward``. A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward se + required: + - Forward + type: object + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs C + CustomErrorResponse: + additionalProperties: false + properties: + ErrorCachingMinTTL: + default: 300 + type: number + description: |- + The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ``ErrorCode``. When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available. + For more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*. + ErrorCode: + type: integer + description: The HTTP status code for which you want to specify a custom error page and/or a caching duration. + ResponseCode: + type: integer + description: |- + The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example: + + Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute ``200``, the response typically won't be intercepted. + + If you don't care about distinguishing among different client errors or server errors, you can specify ``400`` or ``500`` as the ``ResponseCode`` for all 4xx or 5xx errors. + + You might want to return a ``200`` status code (OK) and static website so your customers don't know that your website is down. + + If you specify a value for ``ResponseCode``, you must also specify a value for ``ResponsePagePath``. + ResponsePagePath: + type: string + description: |- + The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by ``ErrorCode``, for example, ``/4xx-errors/403-forbidden.html``. If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true: + + The value of ``PathPattern`` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named ``/4xx-errors``. Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, ``/4xx-errors/*``. + + The value of ``TargetOriginId`` specifies the value of the ``ID`` element for the origin that contains your custom error pages. + + If you specify a value for ``ResponsePagePath``, you must also specify a value for ``ResponseCode``. + We recommend + required: + - ErrorCode + type: object + description: |- + A complex type that controls: + + Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer. + + How long CloudFront caches HTTP status codes in the 4xx and 5xx range. + + For more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*. + CustomOriginConfig: + additionalProperties: false + properties: + HTTPPort: + default: 80 + type: integer + description: The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on. + HTTPSPort: + default: 443 + type: integer + description: The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on. + OriginKeepaliveTimeout: + default: 5 + type: integer + description: |- + Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds. + For more information, see [Origin Keep-alive Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide*. + OriginProtocolPolicy: + type: string + description: |- + Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are: + + ``http-only`` – CloudFront always uses HTTP to connect to the origin. + + ``match-viewer`` – CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront. + + ``https-only`` – CloudFront always uses HTTPS to connect to the origin. + OriginReadTimeout: + default: 30 + type: integer + description: |- + Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout*. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds. + For more information, see [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide*. + OriginSSLProtocols: + default: + - TLSv1 + - SSLv3 + items: + type: string + type: array + uniqueItems: false + description: |- + Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include ``SSLv3``, ``TLSv1``, ``TLSv1.1``, and ``TLSv1.2``. + For more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide*. + required: + - OriginProtocolPolicy + type: object + description: A custom origin. A custom origin is any origin that is *not* an Amazon S3 bucket, with one exception. An Amazon S3 bucket that is [configured with static website hosting](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) *is* a custom origin. + DefaultCacheBehavior: + additionalProperties: false + properties: + AllowedMethods: + default: + - GET + - HEAD + items: + type: string + type: array + uniqueItems: false + description: |- + A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices: + + CloudFront forwards only ``GET`` and ``HEAD`` requests. + + CloudFront forwards only ``GET``, ``HEAD``, and ``OPTIONS`` requests. + + CloudFront forwards ``GET, HEAD, OPTIONS, PUT, PATCH, POST``, and ``DELETE`` requests. + + If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin. + CachePolicyId: + default: '' + type: string + description: |- + The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + A ``DefaultCacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``. + CachedMethods: + default: + - GET + - HEAD + items: + type: string + type: array + uniqueItems: false + description: |- + A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices: + + CloudFront caches responses to ``GET`` and ``HEAD`` requests. + + CloudFront caches responses to ``GET``, ``HEAD``, and ``OPTIONS`` requests. + + If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly. + Compress: + default: false + type: boolean + description: Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify ``true``; if not, specify ``false``. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide*. + DefaultTTL: + default: 86400 + type: number + description: |- + This field is deprecated. We recommend that you use the ``DefaultTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide + FieldLevelEncryptionId: + default: '' + type: string + description: The value of ``ID`` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior. + ForwardedValues: + $ref: '#/components/schemas/ForwardedValues' + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide*. + If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-r + FunctionAssociations: + items: + $ref: '#/components/schemas/FunctionAssociation' + type: array + uniqueItems: false + description: A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the ``LIVE`` stage to associate them with a cache behavior. + LambdaFunctionAssociations: + items: + $ref: '#/components/schemas/LambdaFunctionAssociation' + type: array + uniqueItems: false + description: A complex type that contains zero or more Lambda@Edge function associations for a cache behavior. + MaxTTL: + default: 31536000 + type: number + description: |- + This field is deprecated. We recommend that you use the ``MaxTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration. + MinTTL: + default: 0 + type: number + description: |- + This field is deprecated. We recommend that you use the ``MinTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. + The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. + You must specify ``0`` for ``MinTTL`` if you configure CloudFront to forward all headers to your origin (under ``He + OriginRequestPolicyId: + default: '' + type: string + description: >- + The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront + Developer Guide*. + RealtimeLogConfigArn: + default: '' + type: string + description: The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide*. + ResponseHeadersPolicyId: + default: '' + type: string + description: The identifier for a response headers policy. + SmoothStreaming: + default: false + type: boolean + description: Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify ``true``; if not, specify ``false``. If you specify ``true`` for ``SmoothStreaming``, you can still distribute other content using this cache behavior if the content matches the value of ``PathPattern``. + TargetOriginId: + type: string + description: The value of ``ID`` for the origin that you want CloudFront to route requests to when they use the default cache behavior. + TrustedKeyGroups: + items: + type: string + type: array + uniqueItems: false + description: |- + A list of key groups that CloudFront can use to validate signed URLs or signed cookies. + When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. + TrustedSigners: + items: + type: string + type: array + uniqueItems: false + description: |- + We recommend using ``TrustedKeyGroups`` instead of ``TrustedSigners``. + A list of AWS-account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies. + When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS-account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. + ViewerProtocolPolicy: + type: string + description: |- + The protocol that viewers can use to access the files in the origin specified by ``TargetOriginId`` when a request matches the path pattern in ``PathPattern``. You can specify the following options: + + ``allow-all``: Viewers can use HTTP or HTTPS. + + ``redirect-to-https``: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL. + + ``https-only``: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden). + + For more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide*. + The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol + required: + - TargetOriginId + - ViewerProtocolPolicy + type: object + description: A complex type that describes the default cache behavior if you don't specify a ``CacheBehavior`` element or if request URLs don't match any of the values of ``PathPattern`` in ``CacheBehavior`` elements. You must create exactly one default cache behavior. + DistributionConfig: + additionalProperties: false + properties: + Aliases: + items: + type: string + type: array + uniqueItems: false + description: A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution. + CNAMEs: + items: + type: string + type: array + uniqueItems: false + description: '' + CacheBehaviors: + items: + $ref: '#/components/schemas/CacheBehavior' + type: array + uniqueItems: false + description: A complex type that contains zero or more ``CacheBehavior`` elements. + Comment: + default: '' + type: string + description: A comment to describe the distribution. The comment cannot be longer than 128 characters. + ContinuousDeploymentPolicyId: + type: string + description: The identifier of a continuous deployment policy. For more information, see ``CreateContinuousDeploymentPolicy``. + CustomErrorResponses: + items: + $ref: '#/components/schemas/CustomErrorResponse' + type: array + uniqueItems: false + description: |- + A complex type that controls the following: + + Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer. + + How long CloudFront caches HTTP status codes in the 4xx and 5xx range. + + For more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*. + CustomOrigin: + $ref: '#/components/schemas/LegacyCustomOrigin' + description: '' + DefaultCacheBehavior: + $ref: '#/components/schemas/DefaultCacheBehavior' + description: A complex type that describes the default cache behavior if you don't specify a ``CacheBehavior`` element or if files don't match any of the values of ``PathPattern`` in ``CacheBehavior`` elements. You must create exactly one default cache behavior. + DefaultRootObject: + default: '' + type: string + description: |- + The object that you want CloudFront to request from your origin (for example, ``index.html``) when a viewer requests the root URL for your distribution (``https://www.example.com``) instead of an object in your distribution (``https://www.example.com/product-description.html``). Specifying a default root object avoids exposing the contents of your distribution. + Specify only the object name, for example, ``index.html``. Don't add a ``/`` before the object name. + If you don't want to specify a default root object when you create a distribution, include an empty ``DefaultRootObject`` element. + To delete the default root object from an existing distribution, update the distribution configuration and include an empty ``DefaultRootObject`` element. + To replace the default root object, update the distribution configuration and specify the new object. + For more information about the default root object, see [Creating a Default Root Object](https://docs.aws.amazon.com/AmazonCloudFront/latest/D + Enabled: + type: boolean + description: From this field, you can enable or disable the selected distribution. + HttpVersion: + default: http1.1 + type: string + description: |- + (Optional) Specify the maximum HTTP version(s) that you want viewers to use to communicate with CF. The default value for new distributions is ``http1.1``. + For viewers and CF to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI). + For viewers and CF to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CF supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html). + IPV6Enabled: + type: boolean + description: |- + If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify ``true``. If you specify ``false``, CloudFront responds to IPv6 DNS requests with the DNS response code ``NOERROR`` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution. + In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the ``IpAddress`` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/Devel + Logging: + $ref: '#/components/schemas/Logging' + description: |- + A complex type that controls whether access logs are written for the distribution. + For more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide*. + OriginGroups: + $ref: '#/components/schemas/OriginGroups' + description: A complex type that contains information about origin groups for this distribution. + Origins: + items: + $ref: '#/components/schemas/Origin' + type: array + x-insertionOrder: false + uniqueItems: false + description: A complex type that contains information about origins for this distribution. + PriceClass: + default: PriceClass_All + type: string + description: |- + The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify ``PriceClass_All``, CloudFront responds to requests for your objects from all CloudFront edge locations. + If you specify a price class other than ``PriceClass_All``, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance. + For more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide*. For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/). + Restrictions: + $ref: '#/components/schemas/Restrictions' + default: + GeoRestriction: + RestrictionType: none + description: A complex type that identifies ways in which you want to restrict distribution of your content. + S3Origin: + $ref: '#/components/schemas/LegacyS3Origin' + description: '' + Staging: + type: boolean + description: A Boolean that indicates whether this is a staging distribution. When this value is ``true``, this is a staging distribution. When this value is ``false``, this is not a staging distribution. + ViewerCertificate: + $ref: '#/components/schemas/ViewerCertificate' + default: + CloudFrontDefaultCertificate: true + description: A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. + WebACLId: + default: '' + type: string + description: |- + A unique identifier that specifies the WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of WAF, use the ACL ARN, for example ``arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a``. To specify a web ACL created using WAF Classic, use the ACL ID, for example ``473e64fd-f30b-4765-81a0-62ad96dd167a``. + WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about WAF, see the [Developer Guide](https://docs.aws.amazon.com/waf/latest + required: + - Enabled + - DefaultCacheBehavior + type: object + description: A distribution configuration. + ForwardedValues: + additionalProperties: false + properties: + Cookies: + $ref: '#/components/schemas/Cookies' + default: + Forward: none + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs C + Headers: + items: + type: string + type: array + uniqueItems: false + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + A complex type that specifies the ``Headers``, if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versio + QueryString: + type: boolean + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of + QueryStringCacheKeys: + items: + type: string + type: array + uniqueItems: false + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + A complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior. + required: + - QueryString + type: object + description: |- + This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. + If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. + If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. + A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers. + FunctionAssociation: + additionalProperties: false + properties: + EventType: + type: string + description: The event type of the function, either ``viewer-request`` or ``viewer-response``. You cannot use origin-facing event types (``origin-request`` and ``origin-response``) with a CloudFront function. + FunctionARN: + type: string + description: The Amazon Resource Name (ARN) of the function. + type: object + description: A CloudFront function that is associated with a cache behavior in a CloudFront distribution. + GeoRestriction: + additionalProperties: false + properties: + Locations: + items: + type: string + type: array + uniqueItems: false + description: |- + A complex type that contains a ``Location`` element for each country in which you want CloudFront either to distribute your content (``whitelist``) or not distribute your content (``blacklist``). + The ``Location`` element is a two-letter, uppercase country code for a country that you want to include in your ``blacklist`` or ``whitelist``. Include one ``Location`` element for each country. + CloudFront and ``MaxMind`` both use ``ISO 3166`` country codes. For the current list of countries and the corresponding codes, see ``ISO 3166-1-alpha-2`` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes. + RestrictionType: + type: string + description: |- + The method that you want to use to restrict distribution of your content by country: + + ``none``: No geo restriction is enabled, meaning access to content is not restricted by client geo location. + + ``blacklist``: The ``Location`` elements specify the countries in which you don't want CloudFront to distribute your content. + + ``whitelist``: The ``Location`` elements specify the countries in which you want CloudFront to distribute your content. + required: + - RestrictionType + type: object + description: A complex type that controls the countries in which your content is distributed. CF determines the location of your users using ``MaxMind`` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template. + LambdaFunctionAssociation: + additionalProperties: false + properties: + EventType: + type: string + description: |- + Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values: + + ``viewer-request``: The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache. + + ``origin-request``: The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute. + + ``origin-response``: The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute. + + ``viewer-response``: The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache. + If the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute. + IncludeBody: + type: boolean + description: A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide. + LambdaFunctionARN: + type: string + description: The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST. + type: object + description: A complex type that contains a Lambda@Edge function association. + LegacyCustomOrigin: + additionalProperties: false + properties: + DNSName: + type: string + description: '' + HTTPPort: + default: 80 + type: integer + description: '' + HTTPSPort: + default: 443 + type: integer + description: '' + OriginProtocolPolicy: + type: string + description: '' + OriginSSLProtocols: + items: + type: string + type: array + uniqueItems: false + description: '' + required: + - DNSName + - OriginProtocolPolicy + - OriginSSLProtocols + type: object + description: '' + LegacyS3Origin: + additionalProperties: false + properties: + DNSName: + type: string + description: '' + OriginAccessIdentity: + default: '' + type: string + description: '' + required: + - DNSName + type: object + description: '' + Logging: + additionalProperties: false + properties: + Bucket: + type: string + description: The Amazon S3 bucket to store the access logs in, for example, ``myawslogbucket.s3.amazonaws.com``. + IncludeCookies: + default: false + type: boolean + description: Specifies whether you want CloudFront to include cookies in access logs, specify ``true`` for ``IncludeCookies``. If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify ``false`` for ``IncludeCookies``. + Prefix: + default: '' + type: string + description: An optional string that you want CloudFront to prefix to the access log ``filenames`` for this distribution, for example, ``myprefix/``. If you want to enable logging, but you don't want to specify a prefix, you still must include an empty ``Prefix`` element in the ``Logging`` element. + required: + - Bucket + type: object + description: A complex type that controls whether access logs are written for the distribution. + Origin: + additionalProperties: false + properties: + ConnectionAttempts: + type: integer + description: |- + The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3. + For a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout). + For more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide*. + ConnectionTimeout: + type: integer + description: |- + The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds. + For more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide*. + CustomOriginConfig: + $ref: '#/components/schemas/CustomOriginConfig' + description: Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the ``S3OriginConfig`` type instead. + DomainName: + type: string + description: |- + The domain name for the origin. + For more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide*. + Id: + type: string + description: |- + A unique identifier for the origin. This value must be unique within the distribution. + Use this value to specify the ``TargetOriginId`` in a ``CacheBehavior`` or ``DefaultCacheBehavior``. + OriginAccessControlId: + type: string + description: |- + The unique identifier of an origin access control for this origin. + For more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide*. + OriginCustomHeaders: + items: + $ref: '#/components/schemas/OriginCustomHeader' + type: array + uniqueItems: false + description: |- + A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin. + For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide*. + OriginPath: + default: '' + type: string + description: |- + An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. + For more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide*. + OriginShield: + $ref: '#/components/schemas/OriginShield' + description: |- + CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin. + For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide*. + S3OriginConfig: + $ref: '#/components/schemas/S3OriginConfig' + description: Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the ``CustomOriginConfig`` type instead. + required: + - DomainName + - Id + type: object + description: |- + An origin. + An origin is the location where content is stored, and from which CloudFront gets content to serve to viewers. To specify an origin: + + Use ``S3OriginConfig`` to specify an Amazon S3 bucket that is not configured with static website hosting. + + Use ``CustomOriginConfig`` to specify all other kinds of origins, including: + + An Amazon S3 bucket that is configured with static website hosting + + An Elastic Load Balancing load balancer + + An EMPlong endpoint + + An EMSlong container + + Any other HTTP server, running on an Amazon EC2 instance or any other kind of host + + + For the current maximum number of origins that you can specify per distribution, see [General Quotas on Web Distributions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html#limits-web-distributions) in the *Amazon CloudFront Developer Guide* (quotas were formerly referred to as limits). + OriginCustomHeader: + additionalProperties: false + properties: + HeaderName: + type: string + description: The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide*. + HeaderValue: + type: string + description: The value for the header that you specified in the ``HeaderName`` field. + required: + - HeaderValue + - HeaderName + type: object + description: A complex type that contains ``HeaderName`` and ``HeaderValue`` elements, if any, for this distribution. + OriginGroup: + additionalProperties: false + properties: + FailoverCriteria: + $ref: '#/components/schemas/OriginGroupFailoverCriteria' + description: A complex type that contains information about the failover criteria for an origin group. + Id: + type: string + description: The origin group's ID. + Members: + $ref: '#/components/schemas/OriginGroupMembers' + description: A complex type that contains information about the origins in an origin group. + required: + - Id + - FailoverCriteria + - Members + type: object + description: An origin group includes two origins (a primary origin and a second origin to failover to) and a failover criteria that you specify. You create an origin group to support origin failover in CloudFront. When you create or update a distribution, you can specify the origin group instead of a single origin, and CloudFront will failover from the primary origin to the second origin under the failover conditions that you've chosen. + OriginGroupFailoverCriteria: + additionalProperties: false + properties: + StatusCodes: + $ref: '#/components/schemas/StatusCodes' + description: The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin. + required: + - StatusCodes + type: object + description: A complex data type that includes information about the failover criteria for an origin group, including the status codes for which CloudFront will failover from the primary origin to the second origin. + OriginGroupMember: + additionalProperties: false + properties: + OriginId: + type: string + description: The ID for an origin in an origin group. + required: + - OriginId + type: object + description: An origin in an origin group. + OriginGroupMembers: + additionalProperties: false + properties: + Items: + items: + $ref: '#/components/schemas/OriginGroupMember' + type: array + uniqueItems: false + description: Items (origins) in an origin group. + Quantity: + type: integer + description: The number of origins in an origin group. + required: + - Quantity + - Items + type: object + description: A complex data type for the origins included in an origin group. + OriginGroups: + additionalProperties: false + properties: + Items: + items: + $ref: '#/components/schemas/OriginGroup' + type: array + uniqueItems: false + description: The items (origin groups) in a distribution. + Quantity: + type: integer + description: The number of origin groups. + required: + - Quantity + type: object + description: A complex data type for the origin groups specified for a distribution. + OriginShield: + additionalProperties: false + properties: + Enabled: + type: boolean + description: |- + A flag that specifies whether Origin Shield is enabled. + When it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches. + OriginShieldRegion: + type: string + description: |- + The AWS-Region for Origin Shield. + Specify the AWS-Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as ``us-east-2``. + When you enable CloudFront Origin Shield, you must specify the AWS-Region for Origin Shield. For the list of AWS-Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide*. + type: object + description: |- + CloudFront Origin Shield. + Using Origin Shield can help reduce the load on your origin. For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide*. + Restrictions: + additionalProperties: false + properties: + GeoRestriction: + $ref: '#/components/schemas/GeoRestriction' + description: A complex type that controls the countries in which your content is distributed. CF determines the location of your users using ``MaxMind`` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template. + required: + - GeoRestriction + type: object + description: A complex type that identifies ways in which you want to restrict distribution of your content. + S3OriginConfig: + additionalProperties: false + properties: + OriginAccessIdentity: + default: '' + type: string + description: |- + The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is: + origin-access-identity/cloudfront/*ID-of-origin-access-identity* + where ``ID-of-origin-access-identity`` is the value that CloudFront returned in the ``ID`` element when you created the origin access identity. + If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty ``OriginAccessIdentity`` element. + To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty ``OriginAccessIdentity`` element. + To replace the origin access identity, update the distribution configuration and specify the new origin access identity. + For more information about the origin access identity, see [Serving Private Content through CloudFront](https://d + type: object + description: A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin or an S3 bucket that is configured as a website endpoint, use the ``CustomOriginConfig`` element instead. + StatusCodes: + additionalProperties: false + properties: + Items: + items: + type: integer + type: array + uniqueItems: false + description: The items (status codes) for an origin group. + Quantity: + type: integer + description: The number of status codes. + required: + - Quantity + - Items + type: object + description: A complex data type for the status codes that you specify that, when returned by a primary origin, trigger CloudFront to failover to a second origin. + Tag: + additionalProperties: false + properties: + Key: + type: string + description: |- + A string that contains ``Tag`` key. + The string length should be between 1 and 128 characters. Valid characters include ``a-z``, ``A-Z``, ``0-9``, space, and the special characters ``_ - . : / = + @``. + Value: + type: string + description: |- + A string that contains an optional ``Tag`` value. + The string length should be between 0 and 256 characters. Valid characters include ``a-z``, ``A-Z``, ``0-9``, space, and the special characters ``_ - . : / = + @``. + required: + - Value + - Key + type: object + description: A complex type that contains ``Tag`` key and ``Tag`` value. + ViewerCertificate: + additionalProperties: false + properties: + AcmCertificateArn: + type: string + description: |- + In CloudFormation, this field name is ``AcmCertificateArn``. Note the different capitalization. + If the distribution uses ``Aliases`` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [(ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html), provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region (``us-east-1``). + If you specify an ACM certificate ARN, you must also specify values for ``MinimumProtocolVersion`` and ``SSLSupportMethod``. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.) + CloudFrontDefaultCertificate: + type: boolean + description: |- + If the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net``, set this field to ``true``. + If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), omit this field and specify values for the following fields: + + ``AcmCertificateArn`` or ``IamCertificateId`` (specify a value for one, not both) + + ``MinimumProtocolVersion`` + + ``SslSupportMethod`` + IamCertificateId: + type: string + description: |- + In CloudFormation, this field name is ``IamCertificateId``. Note the different capitalization. + If the distribution uses ``Aliases`` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [(IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html), provide the ID of the IAM certificate. + If you specify an IAM certificate ID, you must also specify values for ``MinimumProtocolVersion`` and ``SSLSupportMethod``. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.) + MinimumProtocolVersion: + type: string + description: |- + If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings: + + The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers. + + The ciphers that CloudFront can use to encrypt the content that it returns to viewers. + + For more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide*. + On the CloudFront console, this setting is called *Security Policy*. + When you're using SNI only (you set ``SSLSupportMethod`` to ``sni-onl + SslSupportMethod: + type: string + description: |- + In CloudFormation, this field name is ``SslSupportMethod``. Note the different capitalization. + If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from. + + ``sni-only`` – The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication). This is recommended. Most browsers and clients support SNI. + + ``vip`` – The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront. + + ``static-ip`` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Center](https://docs.aws.amazon.com/support/home). + type: object + description: |- + A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. + If the distribution doesn't use ``Aliases`` (also known as alternate domain names or CNAMEs)—that is, if the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net``—set ``CloudFrontDefaultCertificate`` to ``true`` and leave all other fields empty. + If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), use the fields in this type to specify the following settings: + + Which viewers the distribution accepts HTTPS connections from: only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) (recommended), or all viewers including those that don't support SNI. + + To accept HTTPS connections from only viewers that support SNI, set ``SSLSupportMethod`` to ``sni-only``. This is recommended. Most browsers and clients support SNI. (In CloudFormation, the field n + Distribution: + type: object + properties: + DistributionConfig: + $ref: '#/components/schemas/DistributionConfig' + description: The distribution's configuration. + DomainName: + type: string + description: '' + Id: + type: string + description: '' + Tags: + items: + $ref: '#/components/schemas/Tag' + type: array + uniqueItems: false + description: A complex type that contains zero or more ``Tag`` elements. + required: + - DistributionConfig + x-stackql-resource-name: distribution + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - DomainName + x-required-permissions: + create: + - cloudfront:CreateDistribution + - cloudfront:CreateDistributionWithTags + - cloudfront:GetDistribution + - cloudfront:GetDistributionConfig + - cloudfront:TagResource + delete: + - cloudfront:DeleteDistribution + - cloudfront:GetDistribution + - cloudfront:GetDistributionConfig + list: + - cloudfront:ListDistributions + read: + - cloudfront:GetDistribution + - cloudfront:GetDistributionConfig + update: + - cloudfront:GetDistribution + - cloudfront:GetDistributionConfig + - cloudfront:UpdateDistribution + - cloudfront:UpdateDistributionWithStagingConfig + - cloudfront:ListTagsForResource + - cloudfront:TagResource + - cloudfront:UntagResource + FunctionConfig: + additionalProperties: false + properties: + Comment: + type: string + Runtime: + type: string + KeyValueStoreAssociations: + items: + $ref: '#/components/schemas/KeyValueStoreAssociation' + type: array + uniqueItems: true + required: + - Comment + - Runtime + type: object + FunctionMetadata: + additionalProperties: false + properties: + FunctionARN: + type: string + type: object + KeyValueStoreAssociation: + additionalProperties: false + properties: + KeyValueStoreARN: + type: string + required: + - KeyValueStoreARN + type: object + Function: + type: object + properties: + AutoPublish: + type: boolean + FunctionARN: + type: string + FunctionCode: + type: string + FunctionConfig: + $ref: '#/components/schemas/FunctionConfig' + FunctionMetadata: + $ref: '#/components/schemas/FunctionMetadata' + Name: + type: string + Stage: + type: string + required: + - Name + - FunctionConfig + - FunctionCode + x-stackql-resource-name: function + x-stackql-primaryIdentifier: + - FunctionARN + x-read-only-properties: + - FunctionARN + - FunctionMetadata/FunctionARN + - Stage + x-required-permissions: + create: + - cloudfront:CreateFunction + - cloudfront:PublishFunction + - cloudfront:DescribeFunction + delete: + - cloudfront:DeleteFunction + - cloudfront:DescribeFunction + list: + - cloudfront:ListFunctions + read: + - cloudfront:DescribeFunction + - cloudfront:GetFunction + update: + - cloudfront:UpdateFunction + - cloudfront:PublishFunction + - cloudfront:DescribeFunction + KeyGroupConfig: + additionalProperties: false + properties: + Comment: + type: string + Items: + items: + type: string + type: array + uniqueItems: false + Name: + type: string + required: + - Name + - Items + type: object + KeyGroup: + type: object + properties: + Id: + type: string + KeyGroupConfig: + $ref: '#/components/schemas/KeyGroupConfig' + LastModifiedTime: + type: string + required: + - KeyGroupConfig + x-stackql-resource-name: key_group + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - LastModifiedTime + x-required-permissions: + create: + - cloudfront:CreateKeyGroup + delete: + - cloudfront:DeleteKeyGroup + - cloudfront:GetKeyGroup + list: + - cloudfront:ListKeyGroups + read: + - cloudfront:GetKeyGroup + update: + - cloudfront:UpdateKeyGroup + - cloudfront:GetKeyGroup + ImportSource: + additionalProperties: false + properties: + SourceType: + type: string + SourceArn: + type: string + required: + - SourceType + - SourceArn + type: object + KeyValueStore: + type: object + properties: + Arn: + type: string + Id: + type: string + Status: + type: string + Name: + type: string + Comment: + type: string + ImportSource: + $ref: '#/components/schemas/ImportSource' + required: + - Name + x-stackql-resource-name: key_value_store + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - Id + - Status + x-required-permissions: + create: + - cloudfront:CreateKeyValueStore + - cloudfront:DescribeKeyValueStore + - s3:GetObject + - s3:HeadObject + - s3:GetBucketLocation + delete: + - cloudfront:DeleteKeyValueStore + - cloudfront:DescribeKeyValueStore + list: + - cloudfront:ListKeyValueStores + read: + - cloudfront:DescribeKeyValueStore + update: + - cloudfront:UpdateKeyValueStore + - cloudfront:DescribeKeyValueStore + MonitoringSubscription: + type: object + properties: + DistributionId: + type: string + MonitoringSubscription: + $ref: '#/components/schemas/MonitoringSubscription' + required: + - DistributionId + - MonitoringSubscription + x-stackql-resource-name: monitoring_subscription + x-stackql-primaryIdentifier: + - DistributionId + x-create-only-properties: + - DistributionId + x-required-permissions: + create: + - cloudfront:CreateMonitoringSubscription + delete: + - cloudfront:DeleteMonitoringSubscription + read: + - cloudfront:GetMonitoringSubscription + RealtimeMetricsSubscriptionConfig: + additionalProperties: false + properties: + RealtimeMetricsSubscriptionStatus: + enum: + - Enabled + - Disabled + type: string + required: + - RealtimeMetricsSubscriptionStatus + type: object + OriginAccessControlConfig: + additionalProperties: false + properties: + Description: + type: string + Name: + type: string + OriginAccessControlOriginType: + pattern: ^(s3|mediastore)$ + type: string + SigningBehavior: + pattern: ^(never|no-override|always)$ + type: string + SigningProtocol: + pattern: ^(sigv4)$ + type: string + required: + - Name + - SigningProtocol + - SigningBehavior + - OriginAccessControlOriginType + type: object + OriginAccessControl: + type: object + properties: + Id: + type: string + OriginAccessControlConfig: + $ref: '#/components/schemas/OriginAccessControlConfig' + required: + - OriginAccessControlConfig + x-stackql-resource-name: origin_access_control + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - cloudfront:CreateOriginAccessControl + delete: + - cloudfront:DeleteOriginAccessControl + - cloudfront:GetOriginAccessControl + list: + - cloudfront:ListOriginAccessControls + read: + - cloudfront:GetOriginAccessControl + update: + - cloudfront:UpdateOriginAccessControl + - cloudfront:GetOriginAccessControl + OriginRequestPolicyConfig: + additionalProperties: false + properties: + Comment: + type: string + CookiesConfig: + $ref: '#/components/schemas/CookiesConfig' + HeadersConfig: + $ref: '#/components/schemas/HeadersConfig' + Name: + type: string + QueryStringsConfig: + $ref: '#/components/schemas/QueryStringsConfig' + required: + - Name + - HeadersConfig + - CookiesConfig + - QueryStringsConfig + type: object + OriginRequestPolicy: + type: object + properties: + Id: + type: string + LastModifiedTime: + type: string + OriginRequestPolicyConfig: + $ref: '#/components/schemas/OriginRequestPolicyConfig' + required: + - OriginRequestPolicyConfig + x-stackql-resource-name: origin_request_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - LastModifiedTime + x-required-permissions: + create: + - cloudfront:CreateOriginRequestPolicy + delete: + - cloudfront:DeleteOriginRequestPolicy + - cloudfront:GetOriginRequestPolicy + list: + - cloudfront:ListOriginRequestPolicies + read: + - cloudfront:GetOriginRequestPolicy + update: + - cloudfront:UpdateOriginRequestPolicy + - cloudfront:GetOriginRequestPolicy + PublicKeyConfig: + additionalProperties: false + properties: + CallerReference: + type: string + Comment: + type: string + EncodedKey: + type: string + Name: + type: string + required: + - CallerReference + - Name + - EncodedKey + type: object + PublicKey: + type: object + properties: + CreatedTime: + type: string + Id: + type: string + PublicKeyConfig: + $ref: '#/components/schemas/PublicKeyConfig' + required: + - PublicKeyConfig + x-stackql-resource-name: public_key + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - CreatedTime + x-required-permissions: + create: + - cloudfront:CreatePublicKey + delete: + - cloudfront:DeletePublicKey + - cloudfront:GetPublicKey + list: + - cloudfront:ListPublicKeys + read: + - cloudfront:GetPublicKey + update: + - cloudfront:UpdatePublicKey + - cloudfront:GetPublicKey + EndPoint: + additionalProperties: false + properties: + KinesisStreamConfig: + $ref: '#/components/schemas/KinesisStreamConfig' + StreamType: + type: string + required: + - KinesisStreamConfig + - StreamType + type: object + KinesisStreamConfig: + additionalProperties: false + properties: + RoleArn: + type: string + StreamArn: + type: string + required: + - RoleArn + - StreamArn + type: object + RealtimeLogConfig: + type: object + properties: + Arn: + type: string + EndPoints: + items: + $ref: '#/components/schemas/EndPoint' + minItems: 1 + type: array + uniqueItems: false + Fields: + items: + type: string + minItems: 1 + type: array + uniqueItems: false + Name: + type: string + SamplingRate: + maximum: 100 + minimum: 1 + multipleOf: 1 + type: number + required: + - Name + - EndPoints + - Fields + - SamplingRate + x-stackql-resource-name: realtime_log_config + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - cloudfront:CreateRealtimeLogConfig + - iam:PassRole + delete: + - cloudfront:DeleteRealtimeLogConfig + - cloudfront:GetRealtimeLogConfig + list: + - cloudfront:ListRealtimeLogConfigs + read: + - cloudfront:GetRealtimeLogConfig + update: + - cloudfront:UpdateRealtimeLogConfig + - cloudfront:GetRealtimeLogConfig + - iam:PassRole + AccessControlAllowHeaders: + additionalProperties: false + properties: + Items: + x-insertionOrder: false + items: + type: string + type: array + required: + - Items + type: object + AccessControlAllowMethods: + additionalProperties: false + properties: + Items: + x-insertionOrder: false + items: + type: string + type: array + required: + - Items + type: object + AccessControlAllowOrigins: + additionalProperties: false + properties: + Items: + x-insertionOrder: false + items: + type: string + type: array + required: + - Items + type: object + AccessControlExposeHeaders: + additionalProperties: false + properties: + Items: + x-insertionOrder: false + items: + type: string + type: array + required: + - Items + type: object + ContentSecurityPolicy: + additionalProperties: false + properties: + ContentSecurityPolicy: + type: string + Override: + type: boolean + required: + - Override + - ContentSecurityPolicy + type: object + ContentTypeOptions: + additionalProperties: false + properties: + Override: + type: boolean + required: + - Override + type: object + CorsConfig: + additionalProperties: false + properties: + AccessControlAllowCredentials: + type: boolean + AccessControlAllowHeaders: + $ref: '#/components/schemas/AccessControlAllowHeaders' + AccessControlAllowMethods: + $ref: '#/components/schemas/AccessControlAllowMethods' + AccessControlAllowOrigins: + $ref: '#/components/schemas/AccessControlAllowOrigins' + AccessControlExposeHeaders: + $ref: '#/components/schemas/AccessControlExposeHeaders' + AccessControlMaxAgeSec: + type: integer + OriginOverride: + type: boolean + required: + - AccessControlAllowOrigins + - AccessControlAllowHeaders + - AccessControlAllowMethods + - AccessControlAllowCredentials + - OriginOverride + type: object + CustomHeader: + additionalProperties: false + properties: + Header: + type: string + Override: + type: boolean + Value: + type: string + required: + - Header + - Value + - Override + type: object + CustomHeadersConfig: + additionalProperties: false + properties: + Items: + x-insertionOrder: false + items: + $ref: '#/components/schemas/CustomHeader' + type: array + uniqueItems: false + required: + - Items + type: object + FrameOptions: + additionalProperties: false + properties: + FrameOption: + pattern: ^(DENY|SAMEORIGIN)$ + type: string + Override: + type: boolean + required: + - Override + - FrameOption + type: object + ReferrerPolicy: + additionalProperties: false + properties: + Override: + type: boolean + ReferrerPolicy: + pattern: ^(no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin|strict-origin-when-cross-origin|unsafe-url)$ + type: string + required: + - Override + - ReferrerPolicy + type: object + RemoveHeader: + additionalProperties: false + properties: + Header: + type: string + required: + - Header + type: object + RemoveHeadersConfig: + additionalProperties: false + properties: + Items: + x-insertionOrder: false + items: + $ref: '#/components/schemas/RemoveHeader' + type: array + uniqueItems: true + required: + - Items + type: object + ResponseHeadersPolicyConfig: + additionalProperties: false + properties: + Comment: + type: string + CorsConfig: + $ref: '#/components/schemas/CorsConfig' + CustomHeadersConfig: + $ref: '#/components/schemas/CustomHeadersConfig' + Name: + type: string + RemoveHeadersConfig: + $ref: '#/components/schemas/RemoveHeadersConfig' + SecurityHeadersConfig: + $ref: '#/components/schemas/SecurityHeadersConfig' + ServerTimingHeadersConfig: + $ref: '#/components/schemas/ServerTimingHeadersConfig' + required: + - Name + type: object + SecurityHeadersConfig: + additionalProperties: false + properties: + ContentSecurityPolicy: + $ref: '#/components/schemas/ContentSecurityPolicy' + ContentTypeOptions: + $ref: '#/components/schemas/ContentTypeOptions' + FrameOptions: + $ref: '#/components/schemas/FrameOptions' + ReferrerPolicy: + $ref: '#/components/schemas/ReferrerPolicy' + StrictTransportSecurity: + $ref: '#/components/schemas/StrictTransportSecurity' + XSSProtection: + $ref: '#/components/schemas/XSSProtection' + required: [] + type: object + ServerTimingHeadersConfig: + additionalProperties: false + properties: + Enabled: + type: boolean + SamplingRate: + maximum: 100 + minimum: 0 + multipleOf: 0.0001 + type: number + required: + - Enabled + type: object + StrictTransportSecurity: + additionalProperties: false + properties: + AccessControlMaxAgeSec: + type: integer + IncludeSubdomains: + type: boolean + Override: + type: boolean + Preload: + type: boolean + required: + - Override + - AccessControlMaxAgeSec + type: object + XSSProtection: + additionalProperties: false + properties: + ModeBlock: + type: boolean + Override: + type: boolean + Protection: + type: boolean + ReportUri: + type: string + required: + - Override + - Protection + type: object + ResponseHeadersPolicy: + type: object + properties: + Id: + type: string + LastModifiedTime: + type: string + ResponseHeadersPolicyConfig: + $ref: '#/components/schemas/ResponseHeadersPolicyConfig' + required: + - ResponseHeadersPolicyConfig + x-stackql-resource-name: response_headers_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - LastModifiedTime + x-required-permissions: + create: + - cloudfront:CreateResponseHeadersPolicy + delete: + - cloudfront:DeleteResponseHeadersPolicy + - cloudfront:GetResponseHeadersPolicy + list: + - cloudfront:ListResponseHeadersPolicies + read: + - cloudfront:GetResponseHeadersPolicy + update: + - cloudfront:UpdateResponseHeadersPolicy + - cloudfront:GetResponseHeadersPolicy + x-stackQL-resources: + cache_policies: + name: cache_policies + id: awscc.cloudfront.cache_policies + x-cfn-schema-name: CachePolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::CachePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::CachePolicy' + AND region = 'us-east-1' + cache_policy: + name: cache_policy + id: awscc.cloudfront.cache_policy + x-cfn-schema-name: CachePolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CachePolicyConfig') as cache_policy_config, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::CachePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CachePolicyConfig') as cache_policy_config, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::CachePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + cloud_front_origin_access_identities: + name: cloud_front_origin_access_identities + id: awscc.cloudfront.cloud_front_origin_access_identities + x-cfn-schema-name: CloudFrontOriginAccessIdentity + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::CloudFrontOriginAccessIdentity' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::CloudFrontOriginAccessIdentity' + AND region = 'us-east-1' + cloud_front_origin_access_identity: + name: cloud_front_origin_access_identity + id: awscc.cloudfront.cloud_front_origin_access_identity + x-cfn-schema-name: CloudFrontOriginAccessIdentity + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CloudFrontOriginAccessIdentityConfig') as cloud_front_origin_access_identity_config, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.S3CanonicalUserId') as s3_canonical_user_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::CloudFrontOriginAccessIdentity' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CloudFrontOriginAccessIdentityConfig') as cloud_front_origin_access_identity_config, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'S3CanonicalUserId') as s3_canonical_user_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::CloudFrontOriginAccessIdentity' + AND data__Identifier = '' + AND region = 'us-east-1' + continuous_deployment_policies: + name: continuous_deployment_policies + id: awscc.cloudfront.continuous_deployment_policies + x-cfn-schema-name: ContinuousDeploymentPolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::ContinuousDeploymentPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::ContinuousDeploymentPolicy' + AND region = 'us-east-1' + continuous_deployment_policy: + name: continuous_deployment_policy + id: awscc.cloudfront.continuous_deployment_policy + x-cfn-schema-name: ContinuousDeploymentPolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContinuousDeploymentPolicyConfig') as continuous_deployment_policy_config, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::ContinuousDeploymentPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContinuousDeploymentPolicyConfig') as continuous_deployment_policy_config, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::ContinuousDeploymentPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + distributions: + name: distributions + id: awscc.cloudfront.distributions + x-cfn-schema-name: Distribution + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::Distribution' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::Distribution' + AND region = 'us-east-1' + distribution: + name: distribution + id: awscc.cloudfront.distribution + x-cfn-schema-name: Distribution + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DistributionConfig') as distribution_config, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::Distribution' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DistributionConfig') as distribution_config, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::Distribution' + AND data__Identifier = '' + AND region = 'us-east-1' + functions: + name: functions + id: awscc.cloudfront.functions + x-cfn-schema-name: Function + x-type: list + x-identifiers: + - FunctionARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionARN') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::Function' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionARN') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::Function' + AND region = 'us-east-1' + function: + name: function + id: awscc.cloudfront.function + x-cfn-schema-name: Function + x-type: get + x-identifiers: + - FunctionARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoPublish') as auto_publish, + JSON_EXTRACT(Properties, '$.FunctionARN') as function_arn, + JSON_EXTRACT(Properties, '$.FunctionCode') as function_code, + JSON_EXTRACT(Properties, '$.FunctionConfig') as function_config, + JSON_EXTRACT(Properties, '$.FunctionMetadata') as function_metadata, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Stage') as stage + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::Function' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoPublish') as auto_publish, + json_extract_path_text(Properties, 'FunctionARN') as function_arn, + json_extract_path_text(Properties, 'FunctionCode') as function_code, + json_extract_path_text(Properties, 'FunctionConfig') as function_config, + json_extract_path_text(Properties, 'FunctionMetadata') as function_metadata, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Stage') as stage + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::Function' + AND data__Identifier = '' + AND region = 'us-east-1' + key_groups: + name: key_groups + id: awscc.cloudfront.key_groups + x-cfn-schema-name: KeyGroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::KeyGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::KeyGroup' + AND region = 'us-east-1' + key_group: + name: key_group + id: awscc.cloudfront.key_group + x-cfn-schema-name: KeyGroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.KeyGroupConfig') as key_group_config, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::KeyGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'KeyGroupConfig') as key_group_config, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::KeyGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + key_value_stores: + name: key_value_stores + id: awscc.cloudfront.key_value_stores + x-cfn-schema-name: KeyValueStore + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::KeyValueStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::KeyValueStore' + AND region = 'us-east-1' + key_value_store: + name: key_value_store + id: awscc.cloudfront.key_value_store + x-cfn-schema-name: KeyValueStore + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Comment') as comment, + JSON_EXTRACT(Properties, '$.ImportSource') as import_source + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::KeyValueStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Comment') as comment, + json_extract_path_text(Properties, 'ImportSource') as import_source + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::KeyValueStore' + AND data__Identifier = '' + AND region = 'us-east-1' + monitoring_subscriptions: + name: monitoring_subscriptions + id: awscc.cloudfront.monitoring_subscriptions + x-cfn-schema-name: MonitoringSubscription + x-type: list + x-identifiers: + - DistributionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DistributionId') as distribution_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::MonitoringSubscription' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DistributionId') as distribution_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::MonitoringSubscription' + AND region = 'us-east-1' + monitoring_subscription: + name: monitoring_subscription + id: awscc.cloudfront.monitoring_subscription + x-cfn-schema-name: MonitoringSubscription + x-type: get + x-identifiers: + - DistributionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DistributionId') as distribution_id, + JSON_EXTRACT(Properties, '$.MonitoringSubscription') as monitoring_subscription + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::MonitoringSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DistributionId') as distribution_id, + json_extract_path_text(Properties, 'MonitoringSubscription') as monitoring_subscription + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::MonitoringSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + origin_access_controls: + name: origin_access_controls + id: awscc.cloudfront.origin_access_controls + x-cfn-schema-name: OriginAccessControl + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::OriginAccessControl' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::OriginAccessControl' + AND region = 'us-east-1' + origin_access_control: + name: origin_access_control + id: awscc.cloudfront.origin_access_control + x-cfn-schema-name: OriginAccessControl + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.OriginAccessControlConfig') as origin_access_control_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::OriginAccessControl' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'OriginAccessControlConfig') as origin_access_control_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::OriginAccessControl' + AND data__Identifier = '' + AND region = 'us-east-1' + origin_request_policies: + name: origin_request_policies + id: awscc.cloudfront.origin_request_policies + x-cfn-schema-name: OriginRequestPolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::OriginRequestPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::OriginRequestPolicy' + AND region = 'us-east-1' + origin_request_policy: + name: origin_request_policy + id: awscc.cloudfront.origin_request_policy + x-cfn-schema-name: OriginRequestPolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.OriginRequestPolicyConfig') as origin_request_policy_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::OriginRequestPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'OriginRequestPolicyConfig') as origin_request_policy_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::OriginRequestPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + public_keys: + name: public_keys + id: awscc.cloudfront.public_keys + x-cfn-schema-name: PublicKey + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::PublicKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::PublicKey' + AND region = 'us-east-1' + public_key: + name: public_key + id: awscc.cloudfront.public_key + x-cfn-schema-name: PublicKey + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.PublicKeyConfig') as public_key_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::PublicKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'PublicKeyConfig') as public_key_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::PublicKey' + AND data__Identifier = '' + AND region = 'us-east-1' + realtime_log_configs: + name: realtime_log_configs + id: awscc.cloudfront.realtime_log_configs + x-cfn-schema-name: RealtimeLogConfig + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::RealtimeLogConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::RealtimeLogConfig' + AND region = 'us-east-1' + realtime_log_config: + name: realtime_log_config + id: awscc.cloudfront.realtime_log_config + x-cfn-schema-name: RealtimeLogConfig + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.EndPoints') as end_points, + JSON_EXTRACT(Properties, '$.Fields') as fields, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SamplingRate') as sampling_rate + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::RealtimeLogConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'EndPoints') as end_points, + json_extract_path_text(Properties, 'Fields') as fields, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SamplingRate') as sampling_rate + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::RealtimeLogConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + response_headers_policies: + name: response_headers_policies + id: awscc.cloudfront.response_headers_policies + x-cfn-schema-name: ResponseHeadersPolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::ResponseHeadersPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudFront::ResponseHeadersPolicy' + AND region = 'us-east-1' + response_headers_policy: + name: response_headers_policy + id: awscc.cloudfront.response_headers_policy + x-cfn-schema-name: ResponseHeadersPolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.ResponseHeadersPolicyConfig') as response_headers_policy_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::ResponseHeadersPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'ResponseHeadersPolicyConfig') as response_headers_policy_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudFront::ResponseHeadersPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cloudtrail.yaml b/providers/src/awscc/v00.00.00000/services/cloudtrail.yaml new file mode 100644 index 00000000..fb3018ed --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cloudtrail.yaml @@ -0,0 +1,848 @@ +openapi: 3.0.0 +info: + title: CloudTrail + version: 1.0.0 +paths: {} +components: + schemas: + Destination: + description: The resource that receives events arriving from a channel. + type: object + properties: + Type: + description: The type of destination for events arriving from a channel. + type: string + enum: + - EVENT_DATA_STORE + Location: + description: The ARN of a resource that receives events from a channel. + type: string + minLength: 3 + maxLength: 1024 + pattern: (^[a-zA-Z0-9._/\-:]+$) + required: + - Type + - Location + additionalProperties: false + UUID: + type: string + minLength: 36 + maxLength: 36 + pattern: (^[a-f0-9\-]+$) + Timestamp: + type: string + ChannelArn: + description: The Amazon Resource Name (ARN) of a channel. + type: string + minLength: 3 + maxLength: 256 + pattern: (^[a-zA-Z0-9._/\-:]+$) + ChannelName: + description: The name of the channel. + type: string + minLength: 3 + maxLength: 128 + pattern: (^[a-zA-Z0-9._\-]+$) + Tag: + description: An arbitrary set of tags (key-value pairs) for this trail. + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + Value: + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + required: + - Value + - Key + Channel: + type: object + properties: + Name: + $ref: '#/components/schemas/ChannelName' + Source: + description: The ARN of an on-premises storage solution or application, or a partner event source. + type: string + minLength: 1 + maxLength: 256 + pattern: (.*) + Destinations: + description: One or more resources to which events arriving through a channel are logged and stored. + type: array + items: + $ref: '#/components/schemas/Destination' + maxItems: 10 + uniqueItems: true + x-insertionOrder: false + ChannelArn: + $ref: '#/components/schemas/ChannelArn' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: [] + x-stackql-resource-name: channel + x-stackql-primaryIdentifier: + - ChannelArn + x-create-only-properties: + - Source + x-read-only-properties: + - ChannelArn + x-required-permissions: + create: + - CloudTrail:CreateChannel + - CloudTrail:AddTags + read: + - CloudTrail:GetChannel + - CloudTrail:ListChannels + update: + - CloudTrail:UpdateChannel + - CloudTrail:GetChannel + - CloudTrail:AddTags + - CloudTrail:RemoveTags + delete: + - CloudTrail:DeleteChannel + list: + - CloudTrail:ListChannels + AdvancedFieldSelector: + description: A single selector statement in an advanced event selector. + type: object + additionalProperties: false + properties: + Field: + description: A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN. + type: string + pattern: ([\w|\d|\.|_]+) + minLength: 1 + maxLength: 1000 + Equals: + description: An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + pattern: (.+) + minLength: 1 + maxLength: 2048 + StartsWith: + description: An operator that includes events that match the first few characters of the event record field specified as the value of Field. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + pattern: (.+) + minLength: 1 + maxLength: 2048 + EndsWith: + description: An operator that includes events that match the last few characters of the event record field specified as the value of Field. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + pattern: (.+) + minLength: 1 + maxLength: 2048 + NotEquals: + description: An operator that excludes events that match the exact value of the event record field specified as the value of Field. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + pattern: (.+) + minLength: 1 + maxLength: 2048 + NotStartsWith: + description: An operator that excludes events that match the first few characters of the event record field specified as the value of Field. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + pattern: (.+) + minLength: 1 + maxLength: 2048 + NotEndsWith: + description: An operator that excludes events that match the last few characters of the event record field specified as the value of Field. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + pattern: (.+) + minLength: 1 + maxLength: 2048 + required: + - Field + AdvancedEventSelector: + description: Advanced event selectors let you create fine-grained selectors for the following AWS CloudTrail event record fields. They help you control costs by logging only those events that are important to you. + type: object + additionalProperties: false + properties: + Name: + description: An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets". + type: string + minLength: 1 + maxLength: 1000 + FieldSelectors: + description: Contains all selector statements in an advanced event selector. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/AdvancedFieldSelector' + required: + - FieldSelectors + InsightSelector: + description: A string that contains insight types that are logged on a trail. + type: object + additionalProperties: false + properties: + InsightType: + description: The type of insight to log on a trail. + type: string + EventDataStore: + type: object + properties: + AdvancedEventSelectors: + description: The advanced event selectors that were used to select events for the data store. + type: array + items: + $ref: '#/components/schemas/AdvancedEventSelector' + uniqueItems: true + x-insertionOrder: false + CreatedTimestamp: + description: The timestamp of the event data store's creation. + $ref: '#/components/schemas/Timestamp' + EventDataStoreArn: + description: The ARN of the event data store. + type: string + FederationEnabled: + description: Indicates whether federation is enabled on an event data store. + type: boolean + FederationRoleArn: + description: The ARN of the role used for event data store federation. + type: string + MultiRegionEnabled: + description: Indicates whether the event data store includes events from all regions, or only from the region in which it was created. + type: boolean + Name: + description: The name of the event data store. + type: string + OrganizationEnabled: + description: Indicates that an event data store is collecting logged events for an organization. + type: boolean + BillingMode: + description: The mode that the event data store will use to charge for event storage. + type: string + RetentionPeriod: + description: The retention period, in days. + type: integer + Status: + description: The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION. + type: string + TerminationProtectionEnabled: + description: Indicates whether the event data store is protected from termination. + type: boolean + UpdatedTimestamp: + description: The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp. + $ref: '#/components/schemas/Timestamp' + KmsKeyId: + description: Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier. + type: string + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + InsightSelectors: + description: Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store. + type: array + items: + $ref: '#/components/schemas/InsightSelector' + uniqueItems: true + x-insertionOrder: false + InsightsDestination: + description: Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store + type: string + IngestionEnabled: + description: Indicates whether the event data store is ingesting events. + type: boolean + required: [] + x-stackql-resource-name: event_data_store + x-stackql-primaryIdentifier: + - EventDataStoreArn + x-read-only-properties: + - EventDataStoreArn + - CreatedTimestamp + - UpdatedTimestamp + - Status + - FederationStatus + x-required-permissions: + create: + - CloudTrail:CreateEventDataStore + - CloudTrail:AddTags + - CloudTrail:PutInsightSelectors + - CloudTrail:EnableFederation + - CloudTrail:GetEventDataStore + - iam:PassRole + - iam:GetRole + - iam:CreateServiceLinkedRole + - organizations:DescribeOrganization + - organizations:ListAWSServiceAccessForOrganization + - kms:GenerateDataKey + - kms:Decrypt + - glue:CreateDatabase + - glue:CreateTable + - glue:PassConnection + - lakeformation:RegisterResource + read: + - CloudTrail:GetEventDataStore + - CloudTrail:ListEventDataStores + - CloudTrail:GetInsightSelectors + - CloudTrail:ListTags + update: + - CloudTrail:UpdateEventDataStore + - CloudTrail:RestoreEventDataStore + - CloudTrail:AddTags + - CloudTrail:RemoveTags + - CloudTrail:StartEventDataStoreIngestion + - CloudTrail:StopEventDataStoreIngestion + - CloudTrail:GetEventDataStore + - CloudTrail:PutInsightSelectors + - CloudTrail:GetInsightSelectors + - CloudTrail:EnableFederation + - CloudTrail:DisableFederation + - iam:PassRole + - iam:GetRole + - iam:CreateServiceLinkedRole + - organizations:DescribeOrganization + - organizations:ListAWSServiceAccessForOrganization + - glue:CreateDatabase + - glue:CreateTable + - glue:PassConnection + - lakeformation:RegisterResource + - glue:DeleteTable + - lakeformation:DeregisterResource + - kms:DescribeKey + delete: + - CloudTrail:DeleteEventDataStore + - CloudTrail:GetEventDataStore + - CloudTrail:DisableFederation + - glue:DeleteTable + - lakeformation:DeregisterResource + list: + - CloudTrail:ListEventDataStores + - CloudTrail:GetEventDataStore + - CloudTrail:GetInsightSelectors + - CloudTrail:ListTags + ResourcePolicy: + type: object + properties: + ResourceArn: + description: The ARN of the AWS CloudTrail resource to which the policy applies. + type: string + ResourcePolicy: + description: A policy document containing permissions to add to the specified resource. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. + type: object + required: + - ResourceArn + - ResourcePolicy + x-stackql-resource-name: resource_policy + x-stackql-primaryIdentifier: + - ResourceArn + x-create-only-properties: + - ResourceArn + x-required-permissions: + create: + - CloudTrail:PutResourcePolicy + - CloudTrail:GetResourcePolicy + read: + - CloudTrail:GetResourcePolicy + update: + - CloudTrail:PutResourcePolicy + - CloudTrail:GetResourcePolicy + delete: + - CloudTrail:DeleteResourcePolicy + DataResource: + description: CloudTrail supports data event logging for Amazon S3 objects and AWS Lambda functions. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events. + type: object + additionalProperties: false + properties: + Type: + description: The resource type in which you want to log data events. You can specify AWS::S3::Object or AWS::Lambda::Function resources. + type: string + Values: + description: An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + required: + - Type + EventSelector: + description: The type of email sending events to publish to the event destination. + type: object + additionalProperties: false + properties: + DataResources: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/DataResource' + IncludeManagementEvents: + description: Specify if you want your event selector to include management events for your trail. + type: boolean + ReadWriteType: + description: Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 GetConsoleOutput is a read-only API operation and RunInstances is a write-only API operation. + type: string + enum: + - All + - ReadOnly + - WriteOnly + ExcludeManagementEventSources: + description: An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service events by containing "kms.amazonaws.com". By default, ExcludeManagementEventSources is empty, and AWS KMS events are included in events that are logged to your trail. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Trail: + type: object + properties: + CloudWatchLogsLogGroupArn: + description: Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. Not required unless you specify CloudWatchLogsRoleArn. + type: string + CloudWatchLogsRoleArn: + description: Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. + type: string + EnableLogFileValidation: + description: Specifies whether log file validation is enabled. The default is false. + type: boolean + AdvancedEventSelectors: + description: The advanced event selectors that were used to select events for the data store. + type: array + items: + $ref: '#/components/schemas/AdvancedEventSelector' + uniqueItems: true + x-insertionOrder: false + EventSelectors: + description: >- + Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail + doesn't log the event. You can configure up to five event selectors for a trail. + type: array + items: + $ref: '#/components/schemas/EventSelector' + maxItems: 5 + uniqueItems: true + x-insertionOrder: false + IncludeGlobalServiceEvents: + description: Specifies whether the trail is publishing events from global services such as IAM to the log files. + type: boolean + IsLogging: + description: Whether the CloudTrail is currently logging AWS API calls. + type: boolean + IsMultiRegionTrail: + description: >- + Specifies whether the trail applies only to the current region or to all regions. The default is false. If the trail exists only in the current region and this value is set to true, shadow trails (replications of the trail) will be created in the other regions. If the trail exists in all regions and this value is set to false, the trail will remain in the region where it was created, and its shadow trails in other regions will be deleted. As a best practice, consider using trails + that log events in all regions. + type: boolean + IsOrganizationTrail: + description: Specifies whether the trail is created for all accounts in an organization in AWS Organizations, or only for the current AWS account. The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the master account for an organization in AWS Organizations. + type: boolean + KMSKeyId: + description: Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier. + type: string + S3BucketName: + description: Specifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements. + type: string + S3KeyPrefix: + description: Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters. + type: string + maxLength: 200 + SnsTopicName: + description: Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters. + type: string + maxLength: 256 + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TrailName: + type: string + pattern: (^[a-zA-Z0-9]$)|(^[a-zA-Z0-9]([a-zA-Z0-9\._-])*[a-zA-Z0-9]$) + minLength: 3 + maxLength: 128 + Arn: + type: string + SnsTopicArn: + type: string + InsightSelectors: + description: Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail. + type: array + items: + $ref: '#/components/schemas/InsightSelector' + uniqueItems: true + x-insertionOrder: false + required: + - S3BucketName + - IsLogging + x-stackql-resource-name: trail + x-stackql-primaryIdentifier: + - TrailName + x-create-only-properties: + - TrailName + x-read-only-properties: + - Arn + - SnsTopicArn + x-required-permissions: + create: + - CloudTrail:CreateTrail + - CloudTrail:StartLogging + - CloudTrail:AddTags + - CloudTrail:PutEventSelectors + - CloudTrail:PutInsightSelectors + - iam:GetRole + - iam:PassRole + - iam:CreateServiceLinkedRole + - organizations:DescribeOrganization + - organizations:ListAWSServiceAccessForOrganization + read: + - CloudTrail:GetTrail + - CloudTrail:GetTrailStatus + - CloudTrail:ListTags + - CloudTrail:GetEventSelectors + - CloudTrail:GetInsightSelectors + - CloudTrail:DescribeTrails + update: + - CloudTrail:UpdateTrail + - CloudTrail:StartLogging + - CloudTrail:StopLogging + - CloudTrail:AddTags + - CloudTrail:RemoveTags + - CloudTrail:PutEventSelectors + - CloudTrail:PutInsightSelectors + - iam:GetRole + - iam:PassRole + - iam:CreateServiceLinkedRole + - organizations:DescribeOrganization + - organizations:ListAWSServiceAccessForOrganization + - CloudTrail:GetTrail + - CloudTrail:DescribeTrails + delete: + - CloudTrail:DeleteTrail + list: + - CloudTrail:ListTrails + - CloudTrail:GetTrail + - CloudTrail:GetTrailStatus + - CloudTrail:ListTags + - CloudTrail:GetEventSelectors + - CloudTrail:GetInsightSelectors + - CloudTrail:DescribeTrails + x-stackQL-resources: + channels: + name: channels + id: awscc.cloudtrail.channels + x-cfn-schema-name: Channel + x-type: list + x-identifiers: + - ChannelArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelArn') as channel_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::Channel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelArn') as channel_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::Channel' + AND region = 'us-east-1' + channel: + name: channel + id: awscc.cloudtrail.channel + x-cfn-schema-name: Channel + x-type: get + x-identifiers: + - ChannelArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Source') as source, + JSON_EXTRACT(Properties, '$.Destinations') as destinations, + JSON_EXTRACT(Properties, '$.ChannelArn') as channel_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Source') as source, + json_extract_path_text(Properties, 'Destinations') as destinations, + json_extract_path_text(Properties, 'ChannelArn') as channel_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + event_data_stores: + name: event_data_stores + id: awscc.cloudtrail.event_data_stores + x-cfn-schema-name: EventDataStore + x-type: list + x-identifiers: + - EventDataStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EventDataStoreArn') as event_data_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::EventDataStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EventDataStoreArn') as event_data_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::EventDataStore' + AND region = 'us-east-1' + event_data_store: + name: event_data_store + id: awscc.cloudtrail.event_data_store + x-cfn-schema-name: EventDataStore + x-type: get + x-identifiers: + - EventDataStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdvancedEventSelectors') as advanced_event_selectors, + JSON_EXTRACT(Properties, '$.CreatedTimestamp') as created_timestamp, + JSON_EXTRACT(Properties, '$.EventDataStoreArn') as event_data_store_arn, + JSON_EXTRACT(Properties, '$.FederationEnabled') as federation_enabled, + JSON_EXTRACT(Properties, '$.FederationRoleArn') as federation_role_arn, + JSON_EXTRACT(Properties, '$.MultiRegionEnabled') as multi_region_enabled, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.OrganizationEnabled') as organization_enabled, + JSON_EXTRACT(Properties, '$.BillingMode') as billing_mode, + JSON_EXTRACT(Properties, '$.RetentionPeriod') as retention_period, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.TerminationProtectionEnabled') as termination_protection_enabled, + JSON_EXTRACT(Properties, '$.UpdatedTimestamp') as updated_timestamp, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.InsightSelectors') as insight_selectors, + JSON_EXTRACT(Properties, '$.InsightsDestination') as insights_destination, + JSON_EXTRACT(Properties, '$.IngestionEnabled') as ingestion_enabled + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::EventDataStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdvancedEventSelectors') as advanced_event_selectors, + json_extract_path_text(Properties, 'CreatedTimestamp') as created_timestamp, + json_extract_path_text(Properties, 'EventDataStoreArn') as event_data_store_arn, + json_extract_path_text(Properties, 'FederationEnabled') as federation_enabled, + json_extract_path_text(Properties, 'FederationRoleArn') as federation_role_arn, + json_extract_path_text(Properties, 'MultiRegionEnabled') as multi_region_enabled, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'OrganizationEnabled') as organization_enabled, + json_extract_path_text(Properties, 'BillingMode') as billing_mode, + json_extract_path_text(Properties, 'RetentionPeriod') as retention_period, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'TerminationProtectionEnabled') as termination_protection_enabled, + json_extract_path_text(Properties, 'UpdatedTimestamp') as updated_timestamp, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'InsightSelectors') as insight_selectors, + json_extract_path_text(Properties, 'InsightsDestination') as insights_destination, + json_extract_path_text(Properties, 'IngestionEnabled') as ingestion_enabled + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::EventDataStore' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_policies: + name: resource_policies + id: awscc.cloudtrail.resource_policies + x-cfn-schema-name: ResourcePolicy + x-type: list + x-identifiers: + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::ResourcePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::ResourcePolicy' + AND region = 'us-east-1' + resource_policy: + name: resource_policy + id: awscc.cloudtrail.resource_policy + x-cfn-schema-name: ResourcePolicy + x-type: get + x-identifiers: + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.ResourcePolicy') as resource_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'ResourcePolicy') as resource_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + trails: + name: trails + id: awscc.cloudtrail.trails + x-cfn-schema-name: Trail + x-type: list + x-identifiers: + - TrailName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TrailName') as trail_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::Trail' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TrailName') as trail_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudTrail::Trail' + AND region = 'us-east-1' + trail: + name: trail + id: awscc.cloudtrail.trail + x-cfn-schema-name: Trail + x-type: get + x-identifiers: + - TrailName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CloudWatchLogsLogGroupArn') as cloud_watch_logs_log_group_arn, + JSON_EXTRACT(Properties, '$.CloudWatchLogsRoleArn') as cloud_watch_logs_role_arn, + JSON_EXTRACT(Properties, '$.EnableLogFileValidation') as enable_log_file_validation, + JSON_EXTRACT(Properties, '$.AdvancedEventSelectors') as advanced_event_selectors, + JSON_EXTRACT(Properties, '$.EventSelectors') as event_selectors, + JSON_EXTRACT(Properties, '$.IncludeGlobalServiceEvents') as include_global_service_events, + JSON_EXTRACT(Properties, '$.IsLogging') as is_logging, + JSON_EXTRACT(Properties, '$.IsMultiRegionTrail') as is_multi_region_trail, + JSON_EXTRACT(Properties, '$.IsOrganizationTrail') as is_organization_trail, + JSON_EXTRACT(Properties, '$.KMSKeyId') as k_ms_key_id, + JSON_EXTRACT(Properties, '$.S3BucketName') as s3_bucket_name, + JSON_EXTRACT(Properties, '$.S3KeyPrefix') as s3_key_prefix, + JSON_EXTRACT(Properties, '$.SnsTopicName') as sns_topic_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TrailName') as trail_name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.SnsTopicArn') as sns_topic_arn, + JSON_EXTRACT(Properties, '$.InsightSelectors') as insight_selectors + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::Trail' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CloudWatchLogsLogGroupArn') as cloud_watch_logs_log_group_arn, + json_extract_path_text(Properties, 'CloudWatchLogsRoleArn') as cloud_watch_logs_role_arn, + json_extract_path_text(Properties, 'EnableLogFileValidation') as enable_log_file_validation, + json_extract_path_text(Properties, 'AdvancedEventSelectors') as advanced_event_selectors, + json_extract_path_text(Properties, 'EventSelectors') as event_selectors, + json_extract_path_text(Properties, 'IncludeGlobalServiceEvents') as include_global_service_events, + json_extract_path_text(Properties, 'IsLogging') as is_logging, + json_extract_path_text(Properties, 'IsMultiRegionTrail') as is_multi_region_trail, + json_extract_path_text(Properties, 'IsOrganizationTrail') as is_organization_trail, + json_extract_path_text(Properties, 'KMSKeyId') as k_ms_key_id, + json_extract_path_text(Properties, 'S3BucketName') as s3_bucket_name, + json_extract_path_text(Properties, 'S3KeyPrefix') as s3_key_prefix, + json_extract_path_text(Properties, 'SnsTopicName') as sns_topic_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TrailName') as trail_name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'SnsTopicArn') as sns_topic_arn, + json_extract_path_text(Properties, 'InsightSelectors') as insight_selectors + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudTrail::Trail' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cloudwatch.yaml b/providers/src/awscc/v00.00.00000/services/cloudwatch.yaml new file mode 100644 index 00000000..b2ea66d6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cloudwatch.yaml @@ -0,0 +1,717 @@ +openapi: 3.0.0 +info: + title: CloudWatch + version: 1.0.0 +paths: {} +components: + schemas: + MetricStat: + description: This structure defines the metric to be returned, along with the statistics, period, and units. + type: object + additionalProperties: false + properties: + Period: + description: The granularity, in seconds, of the returned data points. + type: integer + Metric: + description: The metric to return, including the metric name, namespace, and dimensions. + $ref: '#/components/schemas/Metric' + Stat: + description: The statistic to return. + type: string + Unit: + description: The unit to use for the returned data points. + type: string + required: + - Stat + - Period + - Metric + Metric: + description: The Metric property type represents a specific metric. + type: object + additionalProperties: false + properties: + MetricName: + description: The name of the metric. + type: string + Dimensions: + description: The dimensions for the metric. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Dimension' + Namespace: + description: The namespace of the metric. + type: string + Dimension: + description: Dimensions are arbitrary name/value pairs that can be associated with a CloudWatch metric. + type: object + additionalProperties: false + properties: + Value: + description: The value for the dimension. + type: string + Name: + description: The name of the dimension. + type: string + required: + - Value + - Name + MetricDataQuery: + description: This property type specifies the metric data to return, and whether this call is just retrieving a batch set of data for one metric, or is performing a math expression on metric data. + type: object + additionalProperties: false + properties: + Label: + description: A human-readable label for this metric or expression. + type: string + MetricStat: + description: The metric to be returned, along with statistics, period, and units. + $ref: '#/components/schemas/MetricStat' + Id: + description: A short name used to tie this object to the results in the response. + type: string + ReturnData: + description: This option indicates whether to return the timestamps and raw data values of this metric. + type: boolean + Expression: + description: The math expression to be performed on the returned data. + type: string + Period: + description: The period in seconds, over which the statistic is applied. + type: integer + AccountId: + description: The ID of the account where the metrics are located, if this is a cross-account alarm. + type: string + required: + - Id + Alarm: + type: object + properties: + ThresholdMetricId: + description: In an alarm based on an anomaly detection model, this is the ID of the ANOMALY_DETECTION_BAND function used as the threshold for the alarm. + type: string + EvaluateLowSampleCountPercentile: + description: Used only for alarms based on percentiles. + type: string + ExtendedStatistic: + description: The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. + type: string + ComparisonOperator: + description: The arithmetic operation to use when comparing the specified statistic and threshold. + type: string + TreatMissingData: + description: Sets how this alarm is to handle missing data points. Valid values are breaching, notBreaching, ignore, and missing. + type: string + Dimensions: + description: The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify Dimensions. Instead, you use Metrics. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Dimension' + Period: + description: The period in seconds, over which the statistic is applied. + type: integer + EvaluationPeriods: + description: The number of periods over which data is compared to the specified threshold. + type: integer + Unit: + description: The unit of the metric associated with the alarm. + type: string + Namespace: + description: The namespace of the metric associated with the alarm. + type: string + OKActions: + description: The actions to execute when this alarm transitions to the OK state from any other state. + type: array + uniqueItems: false + items: + type: string + AlarmActions: + description: The list of actions to execute when this alarm transitions into an ALARM state from any other state. + type: array + uniqueItems: false + items: + type: string + MetricName: + description: The name of the metric associated with the alarm. + type: string + ActionsEnabled: + description: Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE. + type: boolean + default: true + Metrics: + description: An array that enables you to create an alarm based on the result of a metric math expression. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/MetricDataQuery' + AlarmDescription: + description: The description of the alarm. + type: string + AlarmName: + description: The name of the alarm. + type: string + Statistic: + description: The statistic for the metric associated with the alarm, other than percentile. + type: string + InsufficientDataActions: + description: The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. + type: array + uniqueItems: false + items: + type: string + Arn: + description: Amazon Resource Name is a unique name for each resource. + type: string + DatapointsToAlarm: + description: The number of datapoints that must be breaching to trigger the alarm. + type: integer + Threshold: + description: In an alarm based on an anomaly detection model, this is the ID of the ANOMALY_DETECTION_BAND function used as the threshold for the alarm. + type: number + required: + - ComparisonOperator + - EvaluationPeriods + x-stackql-resource-name: alarm + x-stackql-primaryIdentifier: + - AlarmName + x-create-only-properties: + - AlarmName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - cloudwatch:PutMetricAlarm + - cloudwatch:DescribeAlarms + update: + - cloudwatch:PutMetricAlarm + - cloudwatch:DescribeAlarms + delete: + - cloudwatch:DeleteAlarms + - cloudwatch:DescribeAlarms + list: + - cloudwatch:DescribeAlarms + read: + - cloudwatch:DescribeAlarms + CompositeAlarm: + type: object + properties: + Arn: + type: string + description: Amazon Resource Name (ARN) of the alarm + minLength: 1 + maxLength: 1600 + AlarmName: + description: The name of the Composite Alarm + type: string + minLength: 1 + maxLength: 255 + AlarmRule: + type: string + description: Expression which aggregates the state of other Alarms (Metric or Composite Alarms) + minLength: 1 + maxLength: 10240 + AlarmDescription: + type: string + description: The description of the alarm + minLength: 0 + maxLength: 1024 + ActionsEnabled: + description: Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE. + type: boolean + OKActions: + type: array + items: + type: string + description: Amazon Resource Name (ARN) of the action + minLength: 1 + maxLength: 1024 + description: The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). + maxItems: 5 + AlarmActions: + type: array + items: + type: string + description: Amazon Resource Name (ARN) of the action + minLength: 1 + maxLength: 1024 + description: The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). + maxItems: 5 + InsufficientDataActions: + type: array + items: + type: string + description: Amazon Resource Name (ARN) of the action + minLength: 1 + maxLength: 1024 + description: The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). + maxItems: 5 + ActionsSuppressor: + description: 'Actions will be suppressed if the suppressor alarm is in the ALARM state. ActionsSuppressor can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm. ' + type: string + minLength: 1 + maxLength: 1600 + ActionsSuppressorWaitPeriod: + description: Actions will be suppressed if ExtensionPeriod is active. The length of time that actions are suppressed is in seconds. + type: integer + minimum: 0 + ActionsSuppressorExtensionPeriod: + description: Actions will be suppressed if WaitPeriod is active. The length of time that actions are suppressed is in seconds. + type: integer + minimum: 0 + required: + - AlarmRule + x-stackql-resource-name: composite_alarm + x-stackql-primaryIdentifier: + - AlarmName + x-create-only-properties: + - AlarmName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - cloudwatch:DescribeAlarms + - cloudwatch:PutCompositeAlarm + read: + - cloudwatch:DescribeAlarms + update: + - cloudwatch:DescribeAlarms + - cloudwatch:PutCompositeAlarm + delete: + - cloudwatch:DescribeAlarms + - cloudwatch:DeleteAlarms + list: + - cloudwatch:DescribeAlarms + MetricStreamFilter: + description: This structure defines the metrics that will be streamed. + type: object + additionalProperties: false + properties: + Namespace: + description: Only metrics with Namespace matching this value will be streamed. + type: string + minLength: 1 + maxLength: 255 + MetricNames: + description: Only metrics with MetricNames matching these values will be streamed. Must be set together with Namespace. + type: array + maxItems: 999 + items: + type: string + minLength: 1 + maxLength: 255 + required: + - Namespace + MetricStreamStatisticsConfiguration: + description: This structure specifies a list of additional statistics to stream, and the metrics to stream those additional statistics for. All metrics that match the combination of metric name and namespace will be streamed with the extended statistics, no matter their dimensions. + type: object + additionalProperties: false + properties: + AdditionalStatistics: + description: The additional statistics to stream for the metrics listed in IncludeMetrics. + type: array + maxItems: 20 + uniqueItems: true + items: + type: string + IncludeMetrics: + description: An array that defines the metrics that are to have additional statistics streamed. + type: array + maxItems: 100 + uniqueItems: true + items: + $ref: '#/components/schemas/MetricStreamStatisticsMetric' + required: + - AdditionalStatistics + - IncludeMetrics + MetricStreamStatisticsMetric: + description: A structure that specifies the metric name and namespace for one metric that is going to have additional statistics included in the stream. + type: object + additionalProperties: false + properties: + MetricName: + description: The name of the metric. + type: string + minLength: 1 + maxLength: 255 + Namespace: + description: The namespace of the metric. + type: string + minLength: 1 + maxLength: 255 + required: + - MetricName + - Namespace + Tag: + description: Metadata that you can assign to a Metric Stream, consisting of a key-value pair. + type: object + additionalProperties: false + properties: + Key: + description: A unique identifier for the tag. + type: string + minLength: 1 + maxLength: 128 + Value: + description: String which you can use to describe or define the tag. + type: string + minLength: 1 + maxLength: 256 + required: + - Key + - Value + MetricStream: + type: object + properties: + Arn: + description: Amazon Resource Name of the metric stream. + type: string + minLength: 20 + maxLength: 2048 + CreationDate: + description: The date of creation of the metric stream. + type: string + anyOf: + - format: date-time + - format: timestamp + ExcludeFilters: + description: Define which metrics will be not streamed. Metrics matched by multiple instances of MetricStreamFilter are joined with an OR operation by default. If both IncludeFilters and ExcludeFilters are omitted, all metrics in the account will be streamed. IncludeFilters and ExcludeFilters are mutually exclusive. Default to null. + type: array + maxItems: 1000 + uniqueItems: true + items: + $ref: '#/components/schemas/MetricStreamFilter' + FirehoseArn: + description: The ARN of the Kinesis Firehose where to stream the data. + type: string + minLength: 20 + maxLength: 2048 + IncludeFilters: + description: Define which metrics will be streamed. Metrics matched by multiple instances of MetricStreamFilter are joined with an OR operation by default. If both IncludeFilters and ExcludeFilters are omitted, all metrics in the account will be streamed. IncludeFilters and ExcludeFilters are mutually exclusive. Default to null. + type: array + maxItems: 1000 + uniqueItems: true + items: + $ref: '#/components/schemas/MetricStreamFilter' + LastUpdateDate: + description: The date of the last update of the metric stream. + type: string + anyOf: + - format: date-time + - format: timestamp + Name: + description: Name of the metric stream. + type: string + minLength: 1 + maxLength: 255 + RoleArn: + description: The ARN of the role that provides access to the Kinesis Firehose. + type: string + minLength: 20 + maxLength: 2048 + State: + description: Displays the state of the Metric Stream. + type: string + minLength: 1 + maxLength: 255 + OutputFormat: + description: The output format of the data streamed to the Kinesis Firehose. + type: string + minLength: 1 + maxLength: 255 + StatisticsConfigurations: + description: By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members. + type: array + maxItems: 100 + uniqueItems: true + items: + $ref: '#/components/schemas/MetricStreamStatisticsConfiguration' + Tags: + description: A set of tags to assign to the delivery stream. + type: array + maxItems: 50 + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + IncludeLinkedAccountsMetrics: + description: If you are creating a metric stream in a monitoring account, specify true to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is false. + type: boolean + required: + - FirehoseArn + - RoleArn + - OutputFormat + x-stackql-resource-name: metric_stream + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreationDate + - LastUpdateDate + - State + x-required-permissions: + create: + - cloudwatch:PutMetricStream + - cloudwatch:GetMetricStream + - cloudwatch:TagResource + - iam:PassRole + update: + - cloudwatch:PutMetricStream + - cloudwatch:GetMetricStream + - cloudwatch:TagResource + - cloudwatch:UntagResource + - iam:PassRole + delete: + - cloudwatch:DeleteMetricStream + - cloudwatch:GetMetricStream + list: + - cloudwatch:ListMetricStreams + read: + - cloudwatch:GetMetricStream + x-stackQL-resources: + alarms: + name: alarms + id: awscc.cloudwatch.alarms + x-cfn-schema-name: Alarm + x-type: list + x-identifiers: + - AlarmName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlarmName') as alarm_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudWatch::Alarm' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlarmName') as alarm_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudWatch::Alarm' + AND region = 'us-east-1' + alarm: + name: alarm + id: awscc.cloudwatch.alarm + x-cfn-schema-name: Alarm + x-type: get + x-identifiers: + - AlarmName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ThresholdMetricId') as threshold_metric_id, + JSON_EXTRACT(Properties, '$.EvaluateLowSampleCountPercentile') as evaluate_low_sample_count_percentile, + JSON_EXTRACT(Properties, '$.ExtendedStatistic') as extended_statistic, + JSON_EXTRACT(Properties, '$.ComparisonOperator') as comparison_operator, + JSON_EXTRACT(Properties, '$.TreatMissingData') as treat_missing_data, + JSON_EXTRACT(Properties, '$.Dimensions') as dimensions, + JSON_EXTRACT(Properties, '$.Period') as period, + JSON_EXTRACT(Properties, '$.EvaluationPeriods') as evaluation_periods, + JSON_EXTRACT(Properties, '$.Unit') as unit, + JSON_EXTRACT(Properties, '$.Namespace') as namespace, + JSON_EXTRACT(Properties, '$.OKActions') as o_kactions, + JSON_EXTRACT(Properties, '$.AlarmActions') as alarm_actions, + JSON_EXTRACT(Properties, '$.MetricName') as metric_name, + JSON_EXTRACT(Properties, '$.ActionsEnabled') as actions_enabled, + JSON_EXTRACT(Properties, '$.Metrics') as metrics, + JSON_EXTRACT(Properties, '$.AlarmDescription') as alarm_description, + JSON_EXTRACT(Properties, '$.AlarmName') as alarm_name, + JSON_EXTRACT(Properties, '$.Statistic') as statistic, + JSON_EXTRACT(Properties, '$.InsufficientDataActions') as insufficient_data_actions, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DatapointsToAlarm') as datapoints_to_alarm, + JSON_EXTRACT(Properties, '$.Threshold') as threshold + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudWatch::Alarm' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ThresholdMetricId') as threshold_metric_id, + json_extract_path_text(Properties, 'EvaluateLowSampleCountPercentile') as evaluate_low_sample_count_percentile, + json_extract_path_text(Properties, 'ExtendedStatistic') as extended_statistic, + json_extract_path_text(Properties, 'ComparisonOperator') as comparison_operator, + json_extract_path_text(Properties, 'TreatMissingData') as treat_missing_data, + json_extract_path_text(Properties, 'Dimensions') as dimensions, + json_extract_path_text(Properties, 'Period') as period, + json_extract_path_text(Properties, 'EvaluationPeriods') as evaluation_periods, + json_extract_path_text(Properties, 'Unit') as unit, + json_extract_path_text(Properties, 'Namespace') as namespace, + json_extract_path_text(Properties, 'OKActions') as o_kactions, + json_extract_path_text(Properties, 'AlarmActions') as alarm_actions, + json_extract_path_text(Properties, 'MetricName') as metric_name, + json_extract_path_text(Properties, 'ActionsEnabled') as actions_enabled, + json_extract_path_text(Properties, 'Metrics') as metrics, + json_extract_path_text(Properties, 'AlarmDescription') as alarm_description, + json_extract_path_text(Properties, 'AlarmName') as alarm_name, + json_extract_path_text(Properties, 'Statistic') as statistic, + json_extract_path_text(Properties, 'InsufficientDataActions') as insufficient_data_actions, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DatapointsToAlarm') as datapoints_to_alarm, + json_extract_path_text(Properties, 'Threshold') as threshold + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudWatch::Alarm' + AND data__Identifier = '' + AND region = 'us-east-1' + composite_alarms: + name: composite_alarms + id: awscc.cloudwatch.composite_alarms + x-cfn-schema-name: CompositeAlarm + x-type: list + x-identifiers: + - AlarmName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlarmName') as alarm_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudWatch::CompositeAlarm' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlarmName') as alarm_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudWatch::CompositeAlarm' + AND region = 'us-east-1' + composite_alarm: + name: composite_alarm + id: awscc.cloudwatch.composite_alarm + x-cfn-schema-name: CompositeAlarm + x-type: get + x-identifiers: + - AlarmName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AlarmName') as alarm_name, + JSON_EXTRACT(Properties, '$.AlarmRule') as alarm_rule, + JSON_EXTRACT(Properties, '$.AlarmDescription') as alarm_description, + JSON_EXTRACT(Properties, '$.ActionsEnabled') as actions_enabled, + JSON_EXTRACT(Properties, '$.OKActions') as o_kactions, + JSON_EXTRACT(Properties, '$.AlarmActions') as alarm_actions, + JSON_EXTRACT(Properties, '$.InsufficientDataActions') as insufficient_data_actions, + JSON_EXTRACT(Properties, '$.ActionsSuppressor') as actions_suppressor, + JSON_EXTRACT(Properties, '$.ActionsSuppressorWaitPeriod') as actions_suppressor_wait_period, + JSON_EXTRACT(Properties, '$.ActionsSuppressorExtensionPeriod') as actions_suppressor_extension_period + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudWatch::CompositeAlarm' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AlarmName') as alarm_name, + json_extract_path_text(Properties, 'AlarmRule') as alarm_rule, + json_extract_path_text(Properties, 'AlarmDescription') as alarm_description, + json_extract_path_text(Properties, 'ActionsEnabled') as actions_enabled, + json_extract_path_text(Properties, 'OKActions') as o_kactions, + json_extract_path_text(Properties, 'AlarmActions') as alarm_actions, + json_extract_path_text(Properties, 'InsufficientDataActions') as insufficient_data_actions, + json_extract_path_text(Properties, 'ActionsSuppressor') as actions_suppressor, + json_extract_path_text(Properties, 'ActionsSuppressorWaitPeriod') as actions_suppressor_wait_period, + json_extract_path_text(Properties, 'ActionsSuppressorExtensionPeriod') as actions_suppressor_extension_period + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudWatch::CompositeAlarm' + AND data__Identifier = '' + AND region = 'us-east-1' + metric_streams: + name: metric_streams + id: awscc.cloudwatch.metric_streams + x-cfn-schema-name: MetricStream + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudWatch::MetricStream' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CloudWatch::MetricStream' + AND region = 'us-east-1' + metric_stream: + name: metric_stream + id: awscc.cloudwatch.metric_stream + x-cfn-schema-name: MetricStream + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.ExcludeFilters') as exclude_filters, + JSON_EXTRACT(Properties, '$.FirehoseArn') as firehose_arn, + JSON_EXTRACT(Properties, '$.IncludeFilters') as include_filters, + JSON_EXTRACT(Properties, '$.LastUpdateDate') as last_update_date, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.OutputFormat') as output_format, + JSON_EXTRACT(Properties, '$.StatisticsConfigurations') as statistics_configurations, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.IncludeLinkedAccountsMetrics') as include_linked_accounts_metrics + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudWatch::MetricStream' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'ExcludeFilters') as exclude_filters, + json_extract_path_text(Properties, 'FirehoseArn') as firehose_arn, + json_extract_path_text(Properties, 'IncludeFilters') as include_filters, + json_extract_path_text(Properties, 'LastUpdateDate') as last_update_date, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'OutputFormat') as output_format, + json_extract_path_text(Properties, 'StatisticsConfigurations') as statistics_configurations, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'IncludeLinkedAccountsMetrics') as include_linked_accounts_metrics + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CloudWatch::MetricStream' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codeartifact.yaml b/providers/src/awscc/v00.00.00000/services/codeartifact.yaml new file mode 100644 index 00000000..20bdbe12 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codeartifact.yaml @@ -0,0 +1,327 @@ +openapi: 3.0.0 +info: + title: CodeArtifact + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + required: + - Value + - Key + additionalProperties: false + Domain: + type: object + properties: + DomainName: + description: The name of the domain. + type: string + pattern: ^([a-z][a-z0-9\-]{0,48}[a-z0-9])$ + minLength: 2 + maxLength: 50 + Name: + description: The name of the domain. This field is used for GetAtt + type: string + pattern: ^([a-z][a-z0-9\-]{0,48}[a-z0-9])$ + minLength: 2 + maxLength: 50 + Owner: + description: The 12-digit account ID of the AWS account that owns the domain. This field is used for GetAtt + pattern: '[0-9]{12}' + type: string + EncryptionKey: + description: The ARN of an AWS Key Management Service (AWS KMS) key associated with a domain. + type: string + PermissionsPolicyDocument: + description: The access control resource policy on the provided domain. + type: object + minLength: 2 + maxLength: 5120 + Tags: + type: array + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + Arn: + description: The ARN of the domain. + type: string + minLength: 1 + maxLength: 2048 + required: + - DomainName + x-stackql-resource-name: domain + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - DomainName + - EncryptionKey + x-read-only-properties: + - Owner + - Name + - EncryptionKey + - Arn + x-required-permissions: + create: + - codeartifact:CreateDomain + - codeartifact:DescribeDomain + - codeartifact:PutDomainPermissionsPolicy + - codeartifact:GetDomainPermissionsPolicy + - codeartifact:TagResource + read: + - codeartifact:DescribeDomain + - codeartifact:GetDomainPermissionsPolicy + - codeartifact:ListTagsForResource + update: + - codeartifact:PutDomainPermissionsPolicy + - codeartifact:DeleteDomainPermissionsPolicy + - codeartifact:GetDomainPermissionsPolicy + - codeartifact:TagResource + - codeartifact:UntagResource + delete: + - codeartifact:DeleteDomain + - codeartifact:DescribeDomain + list: + - codeartifact:ListDomains + Repository: + type: object + properties: + RepositoryName: + description: The name of the repository. + type: string + pattern: ^([A-Za-z0-9][A-Za-z0-9._\-]{1,99})$ + minLength: 2 + maxLength: 100 + Name: + description: The name of the repository. This is used for GetAtt + type: string + pattern: ^([A-Za-z0-9][A-Za-z0-9._\-]{1,99})$ + minLength: 2 + maxLength: 100 + DomainName: + description: The name of the domain that contains the repository. + type: string + pattern: ^([a-z][a-z0-9\-]{0,48}[a-z0-9])$ + minLength: 2 + maxLength: 50 + DomainOwner: + description: The 12-digit account ID of the AWS account that owns the domain. + pattern: '[0-9]{12}' + type: string + Description: + description: A text description of the repository. + type: string + maxLength: 1000 + Arn: + description: The ARN of the repository. + type: string + minLength: 1 + maxLength: 2048 + ExternalConnections: + description: A list of external connections associated with the repository. + type: array + items: + type: string + Upstreams: + description: A list of upstream repositories associated with the repository. + type: array + items: + type: string + PermissionsPolicyDocument: + description: The access control resource policy on the provided repository. + type: object + minLength: 2 + maxLength: 5120 + Tags: + type: array + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - RepositoryName + - DomainName + x-stackql-resource-name: repository + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - RepositoryName + - DomainName + - DomainOwner + x-read-only-properties: + - Name + - DomainOwner + - Arn + x-required-permissions: + create: + - codeartifact:CreateRepository + - codeartifact:DescribeRepository + - codeartifact:PutRepositoryPermissionsPolicy + - codeartifact:AssociateExternalConnection + - codeartifact:AssociateWithDownstreamRepository + - codeartifact:TagResource + read: + - codeartifact:DescribeRepository + - codeartifact:GetRepositoryPermissionsPolicy + - codeartifact:ListTagsForResource + update: + - codeartifact:PutRepositoryPermissionsPolicy + - codeartifact:DeleteRepositoryPermissionsPolicy + - codeartifact:AssociateExternalConnection + - codeartifact:DisassociateExternalConnection + - codeartifact:UpdateRepository + - codeartifact:DescribeRepository + - codeartifact:AssociateWithDownstreamRepository + - codeartifact:TagResource + - codeartifact:UntagResource + delete: + - codeartifact:DeleteRepository + - codeartifact:DescribeRepository + list: + - codeartifact:ListRepositories + x-stackQL-resources: + domains: + name: domains + id: awscc.codeartifact.domains + x-cfn-schema-name: Domain + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeArtifact::Domain' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeArtifact::Domain' + AND region = 'us-east-1' + domain: + name: domain + id: awscc.codeartifact.domain + x-cfn-schema-name: Domain + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Owner') as owner, + JSON_EXTRACT(Properties, '$.EncryptionKey') as encryption_key, + JSON_EXTRACT(Properties, '$.PermissionsPolicyDocument') as permissions_policy_document, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeArtifact::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Owner') as owner, + json_extract_path_text(Properties, 'EncryptionKey') as encryption_key, + json_extract_path_text(Properties, 'PermissionsPolicyDocument') as permissions_policy_document, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeArtifact::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + repositories: + name: repositories + id: awscc.codeartifact.repositories + x-cfn-schema-name: Repository + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeArtifact::Repository' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeArtifact::Repository' + AND region = 'us-east-1' + repository: + name: repository + id: awscc.codeartifact.repository + x-cfn-schema-name: Repository + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RepositoryName') as repository_name, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.DomainOwner') as domain_owner, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ExternalConnections') as external_connections, + JSON_EXTRACT(Properties, '$.Upstreams') as upstreams, + JSON_EXTRACT(Properties, '$.PermissionsPolicyDocument') as permissions_policy_document, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeArtifact::Repository' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RepositoryName') as repository_name, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'DomainOwner') as domain_owner, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ExternalConnections') as external_connections, + json_extract_path_text(Properties, 'Upstreams') as upstreams, + json_extract_path_text(Properties, 'PermissionsPolicyDocument') as permissions_policy_document, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeArtifact::Repository' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codebuild.yaml b/providers/src/awscc/v00.00.00000/services/codebuild.yaml new file mode 100644 index 00000000..44dad5ec --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codebuild.yaml @@ -0,0 +1,141 @@ +openapi: 3.0.0 +info: + title: CodeBuild + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + pattern: '[a-zA-Z+-=._:/]+$' + required: + - Value + - Key + Fleet: + type: object + properties: + Name: + type: string + minLength: 2 + maxLength: 128 + BaseCapacity: + type: integer + minimum: 1 + EnvironmentType: + type: string + enum: + - WINDOWS_SERVER_2019_CONTAINER + - WINDOWS_SERVER_2022_CONTAINER + - LINUX_CONTAINER + - LINUX_GPU_CONTAINER + - ARM_CONTAINER + ComputeType: + type: string + enum: + - BUILD_GENERAL1_SMALL + - BUILD_GENERAL1_MEDIUM + - BUILD_GENERAL1_LARGE + - BUILD_GENERAL1_2XLARGE + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + type: string + minLength: 1 + x-stackql-resource-name: fleet + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - codebuild:BatchGetFleets + - codebuild:CreateFleet + delete: + - codebuild:BatchGetFleets + - codebuild:DeleteFleet + read: + - codebuild:BatchGetFleets + list: + - codebuild:ListFleets + update: + - codebuild:BatchGetFleets + - codebuild:UpdateFleet + x-stackQL-resources: + fleets: + name: fleets + id: awscc.codebuild.fleets + x-cfn-schema-name: Fleet + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeBuild::Fleet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeBuild::Fleet' + AND region = 'us-east-1' + fleet: + name: fleet + id: awscc.codebuild.fleet + x-cfn-schema-name: Fleet + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.BaseCapacity') as base_capacity, + JSON_EXTRACT(Properties, '$.EnvironmentType') as environment_type, + JSON_EXTRACT(Properties, '$.ComputeType') as compute_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeBuild::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'BaseCapacity') as base_capacity, + json_extract_path_text(Properties, 'EnvironmentType') as environment_type, + json_extract_path_text(Properties, 'ComputeType') as compute_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeBuild::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codedeploy.yaml b/providers/src/awscc/v00.00.00000/services/codedeploy.yaml new file mode 100644 index 00000000..8c8662d0 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codedeploy.yaml @@ -0,0 +1,278 @@ +openapi: 3.0.0 +info: + title: CodeDeploy + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + Application: + type: object + properties: + ApplicationName: + description: A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. + type: string + ComputePlatform: + description: The compute platform that CodeDeploy deploys the application to. + type: string + Tags: + description: 'The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define. ' + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: false + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationName + x-create-only-properties: + - ApplicationName + - ComputePlatform + x-required-permissions: + create: + - codedeploy:CreateApplication + - codedeploy:TagResource + read: + - codedeploy:GetApplication + - codedeploy:ListTagsForResource + delete: + - codedeploy:GetApplication + - codedeploy:DeleteApplication + update: + - codedeploy:TagResource + - codedeploy:UntagResource + list: + - codedeploy:ListApplications + TimeBasedLinear: + type: object + additionalProperties: false + properties: + LinearInterval: + type: integer + LinearPercentage: + type: integer + required: + - LinearInterval + - LinearPercentage + TimeBasedCanary: + type: object + additionalProperties: false + properties: + CanaryPercentage: + type: integer + CanaryInterval: + type: integer + required: + - CanaryPercentage + - CanaryInterval + TrafficRoutingConfig: + type: object + additionalProperties: false + properties: + Type: + type: string + TimeBasedLinear: + $ref: '#/components/schemas/TimeBasedLinear' + TimeBasedCanary: + $ref: '#/components/schemas/TimeBasedCanary' + required: + - Type + MinimumHealthyHostsPerZone: + type: object + additionalProperties: false + properties: + Value: + type: integer + Type: + type: string + required: + - Type + - Value + ZonalConfig: + type: object + additionalProperties: false + properties: + FirstZoneMonitorDurationInSeconds: + type: integer + format: int64 + MonitorDurationInSeconds: + type: integer + format: int64 + MinimumHealthyHostsPerZone: + $ref: '#/components/schemas/MinimumHealthyHostsPerZone' + required: [] + MinimumHealthyHosts: + type: object + additionalProperties: false + properties: + Value: + type: integer + Type: + type: string + required: + - Type + - Value + DeploymentConfig: + type: object + properties: + ComputePlatform: + description: The destination platform type for the deployment (Lambda, Server, or ECS). + type: string + DeploymentConfigName: + description: A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see Name Type. + type: string + MinimumHealthyHosts: + description: 'The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.' + $ref: '#/components/schemas/MinimumHealthyHosts' + ZonalConfig: + description: The zonal deployment config that specifies how the zonal deployment behaves + $ref: '#/components/schemas/ZonalConfig' + TrafficRoutingConfig: + description: The configuration that specifies how the deployment traffic is routed. + $ref: '#/components/schemas/TrafficRoutingConfig' + x-stackql-resource-name: deployment_config + x-stackql-primaryIdentifier: + - DeploymentConfigName + x-create-only-properties: + - DeploymentConfigName + - MinimumHealthyHosts + - ComputePlatform + - ZonalConfig + - TrafficRoutingConfig + x-required-permissions: + create: + - codedeploy:CreateDeploymentConfig + read: + - codedeploy:GetDeploymentConfig + delete: + - codedeploy:GetDeploymentConfig + - codedeploy:DeleteDeploymentConfig + list: + - codedeploy:ListDeploymentConfigs + x-stackQL-resources: + applications: + name: applications + id: awscc.codedeploy.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeDeploy::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeDeploy::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.codedeploy.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.ComputePlatform') as compute_platform, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeDeploy::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'ComputePlatform') as compute_platform, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeDeploy::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + deployment_configs: + name: deployment_configs + id: awscc.codedeploy.deployment_configs + x-cfn-schema-name: DeploymentConfig + x-type: list + x-identifiers: + - DeploymentConfigName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeploymentConfigName') as deployment_config_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeDeploy::DeploymentConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeploymentConfigName') as deployment_config_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeDeploy::DeploymentConfig' + AND region = 'us-east-1' + deployment_config: + name: deployment_config + id: awscc.codedeploy.deployment_config + x-cfn-schema-name: DeploymentConfig + x-type: get + x-identifiers: + - DeploymentConfigName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ComputePlatform') as compute_platform, + JSON_EXTRACT(Properties, '$.DeploymentConfigName') as deployment_config_name, + JSON_EXTRACT(Properties, '$.MinimumHealthyHosts') as minimum_healthy_hosts, + JSON_EXTRACT(Properties, '$.ZonalConfig') as zonal_config, + JSON_EXTRACT(Properties, '$.TrafficRoutingConfig') as traffic_routing_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeDeploy::DeploymentConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ComputePlatform') as compute_platform, + json_extract_path_text(Properties, 'DeploymentConfigName') as deployment_config_name, + json_extract_path_text(Properties, 'MinimumHealthyHosts') as minimum_healthy_hosts, + json_extract_path_text(Properties, 'ZonalConfig') as zonal_config, + json_extract_path_text(Properties, 'TrafficRoutingConfig') as traffic_routing_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeDeploy::DeploymentConfig' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codeguruprofiler.yaml b/providers/src/awscc/v00.00.00000/services/codeguruprofiler.yaml new file mode 100644 index 00000000..4d7f8251 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codeguruprofiler.yaml @@ -0,0 +1,192 @@ +openapi: 3.0.0 +info: + title: CodeGuruProfiler + version: 1.0.0 +paths: {} +components: + schemas: + ProfilingGroupArn: + type: string + pattern: ^arn:aws([-\w]*):codeguru-profiler:(([a-z]+-)+[0-9]+):([0-9]{12}):profilingGroup/[^.]+$ + IamArn: + type: string + pattern: ^arn:aws([-\w]*):iam::([0-9]{12}):[\S]+$ + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.' + type: string + minLength: 1 + maxLength: 128 + Value: + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.' + type: string + minLength: 0 + maxLength: 256 + required: + - Value + - Key + ChannelId: + description: Unique identifier for each Channel in the notification configuration of a Profiling Group + type: string + pattern: '[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}' + ChannelUri: + description: Unique arn of the resource to be used for notifications. We support a valid SNS topic arn as a channel uri. + type: string + pattern: ^arn:aws([-\w]*):[a-z-]+:(([a-z]+-)+[0-9]+)?:([0-9]{12}):[^.]+$ + Channel: + description: Notification medium for users to get alerted for events that occur in application profile. We support SNS topic as a notification channel. + type: object + required: + - channelUri + properties: + channelId: + $ref: '#/components/schemas/ChannelId' + channelUri: + $ref: '#/components/schemas/ChannelUri' + ProfilingGroup: + type: object + properties: + ProfilingGroupName: + description: The name of the profiling group. + type: string + minLength: 1 + maxLength: 255 + pattern: ^[\w-]+$ + ComputePlatform: + description: The compute platform of the profiling group. + type: string + enum: + - Default + - AWSLambda + AgentPermissions: + description: The agent permissions attached to this profiling group. + type: object + additionalProperties: false + required: + - Principals + properties: + Principals: + description: The principals for the agent permissions. + type: array + items: + $ref: '#/components/schemas/IamArn' + AnomalyDetectionNotificationConfiguration: + description: Configuration for Notification Channels for Anomaly Detection feature in CodeGuru Profiler which enables customers to detect anomalies in the application profile for those methods that represent the highest proportion of CPU time or latency + type: array + items: + $ref: '#/components/schemas/Channel' + Arn: + description: The Amazon Resource Name (ARN) of the specified profiling group. + $ref: '#/components/schemas/ProfilingGroupArn' + x-examples: + - arn:aws:codeguru-profiler:us-east-1:000000000000:profilingGroup/My-example-profiling-group + Tags: + description: The tags associated with a profiling group. + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + uniqueItems: true + required: + - ProfilingGroupName + x-stackql-resource-name: profiling_group + x-stackql-primaryIdentifier: + - ProfilingGroupName + x-create-only-properties: + - ProfilingGroupName + - ComputePlatform + x-read-only-properties: + - Arn + x-required-permissions: + create: + - sns:Publish + - codeguru-profiler:AddNotificationChannels + - codeguru-profiler:CreateProfilingGroup + - codeguru-profiler:PutPermission + - codeguru-profiler:TagResource + read: + - codeguru-profiler:DescribeProfilingGroup + - codeguru-profiler:ListTagsForResource + update: + - sns:Publish + - codeguru-profiler:AddNotificationChannels + - codeguru-profiler:GetNotificationConfiguration + - codeguru-profiler:RemoveNotificationChannel + - codeguru-profiler:PutPermission + - codeguru-profiler:RemovePermission + - codeguru-profiler:GetPolicy + - codeguru-profiler:TagResource + - codeguru-profiler:UntagResource + - codeguru-profiler:ListTagsForResource + delete: + - codeguru-profiler:DeleteProfilingGroup + list: + - codeguru-profiler:ListProfilingGroups + - codeguru-profiler:ListTagsForResource + x-stackQL-resources: + profiling_groups: + name: profiling_groups + id: awscc.codeguruprofiler.profiling_groups + x-cfn-schema-name: ProfilingGroup + x-type: list + x-identifiers: + - ProfilingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProfilingGroupName') as profiling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeGuruProfiler::ProfilingGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProfilingGroupName') as profiling_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeGuruProfiler::ProfilingGroup' + AND region = 'us-east-1' + profiling_group: + name: profiling_group + id: awscc.codeguruprofiler.profiling_group + x-cfn-schema-name: ProfilingGroup + x-type: get + x-identifiers: + - ProfilingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProfilingGroupName') as profiling_group_name, + JSON_EXTRACT(Properties, '$.ComputePlatform') as compute_platform, + JSON_EXTRACT(Properties, '$.AgentPermissions') as agent_permissions, + JSON_EXTRACT(Properties, '$.AnomalyDetectionNotificationConfiguration') as anomaly_detection_notification_configuration, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeGuruProfiler::ProfilingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProfilingGroupName') as profiling_group_name, + json_extract_path_text(Properties, 'ComputePlatform') as compute_platform, + json_extract_path_text(Properties, 'AgentPermissions') as agent_permissions, + json_extract_path_text(Properties, 'AnomalyDetectionNotificationConfiguration') as anomaly_detection_notification_configuration, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeGuruProfiler::ProfilingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codegurureviewer.yaml b/providers/src/awscc/v00.00.00000/services/codegurureviewer.yaml new file mode 100644 index 00000000..ebda81cd --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codegurureviewer.yaml @@ -0,0 +1,184 @@ +openapi: 3.0.0 +info: + title: CodeGuruReviewer + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.' + type: string + minLength: 1 + maxLength: 128 + Value: + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.' + type: string + minLength: 0 + maxLength: 256 + required: + - Value + - Key + RepositoryAssociation: + type: object + properties: + Name: + description: Name of the repository to be associated. + type: string + minLength: 1 + maxLength: 100 + pattern: ^\S[\w.-]*$ + Type: + description: The type of repository to be associated. + type: string + enum: + - CodeCommit + - Bitbucket + - GitHubEnterpriseServer + - S3Bucket + Owner: + description: The owner of the repository. For a Bitbucket repository, this is the username for the account that owns the repository. + type: string + minLength: 1 + maxLength: 100 + pattern: ^\S(.*\S)?$ + BucketName: + description: The name of the S3 bucket associated with an associated S3 repository. It must start with `codeguru-reviewer-`. + type: string + minLength: 3 + maxLength: 63 + pattern: ^\S(.*\S)?$ + ConnectionArn: + description: The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. + type: string + minLength: 0 + maxLength: 256 + pattern: arn:aws(-[\w]+)*:.+:.+:[0-9]{12}:.+ + AssociationArn: + description: The Amazon Resource Name (ARN) of the repository association. + type: string + minLength: 0 + maxLength: 256 + pattern: arn:aws(-[\w]+)*:.+:.+:[0-9]{12}:.+ + Tags: + description: The tags associated with a repository association. + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + uniqueItems: false + required: + - Name + - Type + x-stackql-resource-name: repository_association + x-stackql-primaryIdentifier: + - AssociationArn + x-create-only-properties: + - Name + - Type + - Tags + - BucketName + - Owner + - ConnectionArn + x-read-only-properties: + - AssociationArn + x-required-permissions: + create: + - codeguru-reviewer:DescribeRepositoryAssociation + - codeguru-reviewer:AssociateRepository + - codeguru-reviewer:TagResource + - iam:CreateServiceLinkedRole + - codecommit:TagResource + - codecommit:GitPull + - codecommit:TagResource + - events:PutRule + - events:PutTargets + - codestar-connections:ListBranches + - codestar-connections:ListRepositories + - codestar-connections:ListTagsForResource + - codestar-connections:PassConnection + - codestar-connections:TagResource + - codestar-connections:UseConnection + - s3:ListBucket + read: + - codeguru-reviewer:DescribeRepositoryAssociation + - codeguru-reviewer:ListTagsForResource + delete: + - codeguru-reviewer:DescribeRepositoryAssociation + - codeguru-reviewer:DisassociateRepository + - codecommit:UntagResource + - events:DeleteRule + - events:RemoveTargets + - codestar-connections:UntagResource + - codestar-connections:ListTagsForResource + list: + - codeguru-reviewer:ListRepositoryAssociations + x-stackQL-resources: + repository_associations: + name: repository_associations + id: awscc.codegurureviewer.repository_associations + x-cfn-schema-name: RepositoryAssociation + x-type: list + x-identifiers: + - AssociationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociationArn') as association_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeGuruReviewer::RepositoryAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociationArn') as association_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeGuruReviewer::RepositoryAssociation' + AND region = 'us-east-1' + repository_association: + name: repository_association + id: awscc.codegurureviewer.repository_association + x-cfn-schema-name: RepositoryAssociation + x-type: get + x-identifiers: + - AssociationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Owner') as owner, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name, + JSON_EXTRACT(Properties, '$.ConnectionArn') as connection_arn, + JSON_EXTRACT(Properties, '$.AssociationArn') as association_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeGuruReviewer::RepositoryAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Owner') as owner, + json_extract_path_text(Properties, 'BucketName') as bucket_name, + json_extract_path_text(Properties, 'ConnectionArn') as connection_arn, + json_extract_path_text(Properties, 'AssociationArn') as association_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeGuruReviewer::RepositoryAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codepipeline.yaml b/providers/src/awscc/v00.00.00000/services/codepipeline.yaml new file mode 100644 index 00000000..90f91c0b --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codepipeline.yaml @@ -0,0 +1,234 @@ +openapi: 3.0.0 +info: + title: CodePipeline + version: 1.0.0 +paths: {} +components: + schemas: + ConfigurationProperties: + additionalProperties: false + description: The configuration properties for the custom action. + type: object + properties: + Description: + description: 'The description of the action configuration property that is displayed to users. ' + type: string + Key: + description: Whether the configuration property is a key. + type: boolean + Name: + description: The name of the action configuration property. + type: string + Queryable: + description: >- + Indicates that the property is used with PollForJobs. When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.If you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric + characters, underscores, and hyphens. + type: boolean + Required: + description: Whether the configuration property is a required value. + type: boolean + Secret: + description: Whether the configuration property is secret. Secrets are hidden from all calls except for GetJobDetails, GetThirdPartyJobDetails, PollForJobs, and PollForThirdPartyJobs. + type: boolean + Type: + description: The type of the configuration property. + type: string + required: + - Key + - Name + - Required + - Secret + ArtifactDetails: + additionalProperties: false + description: Returns information about the details of an artifact. + type: object + properties: + MaximumCount: + description: The maximum number of artifacts allowed for the action type. + type: integer + MinimumCount: + description: The minimum number of artifacts allowed for the action type. + type: integer + required: + - MaximumCount + - MinimumCount + Settings: + additionalProperties: false + description: 'Settings is a property of the AWS::CodePipeline::CustomActionType resource that provides URLs that users can access to view information about the CodePipeline custom action. ' + type: object + properties: + EntityUrlTemplate: + description: 'The URL returned to the AWS CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for an AWS CodeDeploy deployment group. This link is provided as part of the action display in the pipeline. ' + type: string + ExecutionUrlTemplate: + description: 'The URL returned to the AWS CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for AWS CodeDeploy. This link is shown on the pipeline view page in the AWS CodePipeline console and provides a link to the execution entity of the external action. ' + type: string + RevisionUrlTemplate: + description: 'The URL returned to the AWS CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action. ' + type: string + ThirdPartyConfigurationUrl: + description: The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service. + type: string + Tag: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + CustomActionType: + type: object + properties: + Category: + description: The category of the custom action, such as a build action or a test action. + type: string + ConfigurationProperties: + description: The configuration properties for the custom action. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConfigurationProperties' + InputArtifactDetails: + description: The details of the input artifact for the action, such as its commit ID. + $ref: '#/components/schemas/ArtifactDetails' + OutputArtifactDetails: + description: The details of the output artifact of the action, such as its commit ID. + $ref: '#/components/schemas/ArtifactDetails' + Provider: + description: The provider of the service used in the custom action, such as AWS CodeDeploy. + type: string + Settings: + description: URLs that provide users information about this custom action. + $ref: '#/components/schemas/Settings' + Tags: + description: Any tags assigned to the custom action. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Version: + description: The version identifier of the custom action. + type: string + Id: + type: string + required: + - Category + - InputArtifactDetails + - OutputArtifactDetails + - Provider + - Version + x-stackql-resource-name: custom_action_type + x-stackql-primaryIdentifier: + - Category + - Provider + - Version + x-create-only-properties: + - Category + - ConfigurationProperties + - InputArtifactDetails + - OutputArtifactDetails + - Provider + - Settings + - Version + x-read-only-properties: + - Id + x-required-permissions: + create: + - codepipeline:CreateCustomActionType + - codepipeline:TagResource + - codepipeline:ListActionTypes + read: + - codepipeline:ListActionTypes + - codepipeline:ListTagsForResource + update: + - codepipeline:ListActionTypes + - codepipeline:TagResource + - codepipeline:UntagResource + delete: + - codepipeline:DeleteCustomActionType + - codepipeline:ListActionTypes + list: + - codepipeline:ListActionTypes + x-stackQL-resources: + custom_action_types: + name: custom_action_types + id: awscc.codepipeline.custom_action_types + x-cfn-schema-name: CustomActionType + x-type: list + x-identifiers: + - Category + - Provider + - Version + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Category') as category, + JSON_EXTRACT(Properties, '$.Provider') as provider, + JSON_EXTRACT(Properties, '$.Version') as version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodePipeline::CustomActionType' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Category') as category, + json_extract_path_text(Properties, 'Provider') as provider, + json_extract_path_text(Properties, 'Version') as version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodePipeline::CustomActionType' + AND region = 'us-east-1' + custom_action_type: + name: custom_action_type + id: awscc.codepipeline.custom_action_type + x-cfn-schema-name: CustomActionType + x-type: get + x-identifiers: + - Category + - Provider + - Version + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Category') as category, + JSON_EXTRACT(Properties, '$.ConfigurationProperties') as configuration_properties, + JSON_EXTRACT(Properties, '$.InputArtifactDetails') as input_artifact_details, + JSON_EXTRACT(Properties, '$.OutputArtifactDetails') as output_artifact_details, + JSON_EXTRACT(Properties, '$.Provider') as provider, + JSON_EXTRACT(Properties, '$.Settings') as settings, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodePipeline::CustomActionType' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Category') as category, + json_extract_path_text(Properties, 'ConfigurationProperties') as configuration_properties, + json_extract_path_text(Properties, 'InputArtifactDetails') as input_artifact_details, + json_extract_path_text(Properties, 'OutputArtifactDetails') as output_artifact_details, + json_extract_path_text(Properties, 'Provider') as provider, + json_extract_path_text(Properties, 'Settings') as settings, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodePipeline::CustomActionType' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codestarconnections.yaml b/providers/src/awscc/v00.00.00000/services/codestarconnections.yaml new file mode 100644 index 00000000..81cb9396 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codestarconnections.yaml @@ -0,0 +1,443 @@ +openapi: 3.0.0 +info: + title: CodeStarConnections + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, , ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, , ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + required: + - Value + - Key + additionalProperties: false + Connection: + type: object + properties: + ConnectionArn: + description: The Amazon Resource Name (ARN) of the connection. The ARN is used as the connection reference when the connection is shared between AWS services. + type: string + minLength: 0 + maxLength: 256 + pattern: arn:aws(-[\w]+)*:.+:.+:[0-9]{12}:.+ + ConnectionName: + description: The name of the connection. Connection names must be unique in an AWS user account. + type: string + minLength: 1 + maxLength: 32 + ConnectionStatus: + description: The current status of the connection. + type: string + OwnerAccountId: + description: The name of the external provider where your third-party code repository is configured. For Bitbucket, this is the account ID of the owner of the Bitbucket repository. + type: string + minLength: 12 + maxLength: 12 + pattern: '[0-9]{12}' + ProviderType: + description: The name of the external provider where your third-party code repository is configured. You must specify either a ProviderType or a HostArn. + type: string + HostArn: + description: The host arn configured to represent the infrastructure where your third-party provider is installed. You must specify either a ProviderType or a HostArn. + type: string + minLength: 0 + maxLength: 256 + pattern: arn:aws(-[\w]+)*:.+:.+:[0-9]{12}:.+ + Tags: + description: Specifies the tags applied to a connection. + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + required: + - ConnectionName + x-stackql-resource-name: connection + x-stackql-primaryIdentifier: + - ConnectionArn + x-create-only-properties: + - ConnectionName + - ProviderType + - HostArn + x-read-only-properties: + - ConnectionArn + - ConnectionStatus + - OwnerAccountId + x-required-permissions: + create: + - codestar-connections:CreateConnection + - codestar-connections:TagResource + read: + - codestar-connections:GetConnection + - codestar-connections:ListTagsForResource + update: + - codestar-connections:ListTagsForResource + - codestar-connections:TagResource + - codestar-connections:UntagResource + delete: + - codestar-connections:DeleteConnection + list: + - codestar-connections:ListConnections + - codestar-connections:ListTagsForResource + RepositoryLink: + type: object + properties: + ConnectionArn: + description: The Amazon Resource Name (ARN) of the CodeStarConnection. The ARN is used as the connection reference when the connection is shared between AWS services. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):.+:.+:[0-9]{12}:.+ + ProviderType: + description: The name of the external provider where your third-party code repository is configured. + type: string + pattern: ^(GitHub|Bitbucket|GitHubEnterprise|GitLab)$ + OwnerId: + description: the ID of the entity that owns the repository. + type: string + pattern: '[a-za-z0-9_\.-]+' + RepositoryName: + description: The repository for which the link is being created. + type: string + pattern: '[a-za-z0-9_\.-]+' + EncryptionKeyArn: + description: The ARN of the KMS key that the customer can optionally specify to use to encrypt RepositoryLink properties. If not specified, a default key will be used. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):.+:.+:[0-9]{12}:.+ + RepositoryLinkId: + description: A UUID that uniquely identifies the RepositoryLink. + type: string + pattern: '[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}' + RepositoryLinkArn: + description: A unique Amazon Resource Name (ARN) to designate the repository link. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):.+:.+:[0-9]{12}:.+ + Tags: + description: Specifies the tags applied to a RepositoryLink. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - RepositoryName + - ConnectionArn + - OwnerId + x-stackql-resource-name: repository_link + x-stackql-primaryIdentifier: + - RepositoryLinkArn + x-create-only-properties: + - RepositoryName + - OwnerId + x-read-only-properties: + - RepositoryLinkArn + - RepositoryLinkId + - ProviderType + x-required-permissions: + update: + - codestar-connections:GetConnection + - codestar-connections:ListTagsForResource + - codestar-connections:PassConnection + - codestar-connections:UseConnection + - codestar-connections:TagResource + - codestar-connections:UntagResource + - codestar-connections:UpdateRepositoryLink + create: + - codestar-connections:CreateRepositoryLink + - codestar-connections:TagResource + - codestar-connections:UseConnection + - codestar-connections:PassConnection + - codestar-connections:GetConnection + - iam:CreateServiceLinkedRole + read: + - codestar-connections:GetRepositoryLink + - codestar-connections:ListTagsForResource + - codestar-connections:GetConnection + delete: + - codestar-connections:GetRepositoryLink + - codestar-connections:DeleteRepositoryLink + - codestar-connections:GetConnection + list: + - codestar-connections:ListRepositoryLinks + - codestar-connections:ListTagsForResource + SyncConfiguration: + type: object + properties: + OwnerId: + description: the ID of the entity that owns the repository. + type: string + pattern: '[a-za-z0-9_\.-]+' + ResourceName: + description: The name of the resource that is being synchronized to the repository. + type: string + pattern: '[a-za-z0-9_\.-]+' + RepositoryName: + description: The name of the repository that is being synced to. + type: string + pattern: '[a-za-z0-9_\.-]+' + ProviderType: + description: The name of the external provider where your third-party code repository is configured. + type: string + pattern: ^(GitHub|Bitbucket|GitHubEnterprise|GitLab)$ + Branch: + description: The name of the branch of the repository from which resources are to be synchronized, + type: string + ConfigFile: + description: The source provider repository path of the sync configuration file of the respective SyncType. + type: string + SyncType: + description: The type of resource synchronization service that is to be configured, for example, CFN_STACK_SYNC. + type: string + RoleArn: + description: The IAM Role that allows AWS to update CloudFormation stacks based on content in the specified repository. + type: string + RepositoryLinkId: + description: A UUID that uniquely identifies the RepositoryLink that the SyncConfig is associated with. + type: string + pattern: '[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}' + required: + - Branch + - ConfigFile + - RepositoryLinkId + - ResourceName + - SyncType + - RoleArn + x-stackql-resource-name: sync_configuration + x-stackql-primaryIdentifier: + - ResourceName + - SyncType + x-create-only-properties: + - SyncType + - ResourceName + x-read-only-properties: + - ProviderType + - OwnerId + - RepositoryName + x-required-permissions: + create: + - codestar-connections:CreateSyncConfiguration + - codestar-connections:PassRepository + - iam:PassRole + read: + - codestar-connections:GetSyncConfiguration + update: + - codestar-connections:UpdateSyncConfiguration + - codestar-connections:PassRepository + - iam:PassRole + delete: + - codestar-connections:DeleteSyncConfiguration + - codestar-connections:GetSyncConfiguration + list: + - codestar-connections:ListSyncConfigurations + - codestar-connections:ListRepositoryLinks + x-stackQL-resources: + connections: + name: connections + id: awscc.codestarconnections.connections + x-cfn-schema-name: Connection + x-type: list + x-identifiers: + - ConnectionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectionArn') as connection_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarConnections::Connection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectionArn') as connection_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarConnections::Connection' + AND region = 'us-east-1' + connection: + name: connection + id: awscc.codestarconnections.connection + x-cfn-schema-name: Connection + x-type: get + x-identifiers: + - ConnectionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectionArn') as connection_arn, + JSON_EXTRACT(Properties, '$.ConnectionName') as connection_name, + JSON_EXTRACT(Properties, '$.ConnectionStatus') as connection_status, + JSON_EXTRACT(Properties, '$.OwnerAccountId') as owner_account_id, + JSON_EXTRACT(Properties, '$.ProviderType') as provider_type, + JSON_EXTRACT(Properties, '$.HostArn') as host_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarConnections::Connection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectionArn') as connection_arn, + json_extract_path_text(Properties, 'ConnectionName') as connection_name, + json_extract_path_text(Properties, 'ConnectionStatus') as connection_status, + json_extract_path_text(Properties, 'OwnerAccountId') as owner_account_id, + json_extract_path_text(Properties, 'ProviderType') as provider_type, + json_extract_path_text(Properties, 'HostArn') as host_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarConnections::Connection' + AND data__Identifier = '' + AND region = 'us-east-1' + repository_links: + name: repository_links + id: awscc.codestarconnections.repository_links + x-cfn-schema-name: RepositoryLink + x-type: list + x-identifiers: + - RepositoryLinkArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RepositoryLinkArn') as repository_link_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarConnections::RepositoryLink' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RepositoryLinkArn') as repository_link_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarConnections::RepositoryLink' + AND region = 'us-east-1' + repository_link: + name: repository_link + id: awscc.codestarconnections.repository_link + x-cfn-schema-name: RepositoryLink + x-type: get + x-identifiers: + - RepositoryLinkArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectionArn') as connection_arn, + JSON_EXTRACT(Properties, '$.ProviderType') as provider_type, + JSON_EXTRACT(Properties, '$.OwnerId') as owner_id, + JSON_EXTRACT(Properties, '$.RepositoryName') as repository_name, + JSON_EXTRACT(Properties, '$.EncryptionKeyArn') as encryption_key_arn, + JSON_EXTRACT(Properties, '$.RepositoryLinkId') as repository_link_id, + JSON_EXTRACT(Properties, '$.RepositoryLinkArn') as repository_link_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarConnections::RepositoryLink' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectionArn') as connection_arn, + json_extract_path_text(Properties, 'ProviderType') as provider_type, + json_extract_path_text(Properties, 'OwnerId') as owner_id, + json_extract_path_text(Properties, 'RepositoryName') as repository_name, + json_extract_path_text(Properties, 'EncryptionKeyArn') as encryption_key_arn, + json_extract_path_text(Properties, 'RepositoryLinkId') as repository_link_id, + json_extract_path_text(Properties, 'RepositoryLinkArn') as repository_link_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarConnections::RepositoryLink' + AND data__Identifier = '' + AND region = 'us-east-1' + sync_configurations: + name: sync_configurations + id: awscc.codestarconnections.sync_configurations + x-cfn-schema-name: SyncConfiguration + x-type: list + x-identifiers: + - ResourceName + - SyncType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceName') as resource_name, + JSON_EXTRACT(Properties, '$.SyncType') as sync_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarConnections::SyncConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceName') as resource_name, + json_extract_path_text(Properties, 'SyncType') as sync_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarConnections::SyncConfiguration' + AND region = 'us-east-1' + sync_configuration: + name: sync_configuration + id: awscc.codestarconnections.sync_configuration + x-cfn-schema-name: SyncConfiguration + x-type: get + x-identifiers: + - ResourceName + - SyncType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OwnerId') as owner_id, + JSON_EXTRACT(Properties, '$.ResourceName') as resource_name, + JSON_EXTRACT(Properties, '$.RepositoryName') as repository_name, + JSON_EXTRACT(Properties, '$.ProviderType') as provider_type, + JSON_EXTRACT(Properties, '$.Branch') as branch, + JSON_EXTRACT(Properties, '$.ConfigFile') as config_file, + JSON_EXTRACT(Properties, '$.SyncType') as sync_type, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.RepositoryLinkId') as repository_link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarConnections::SyncConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OwnerId') as owner_id, + json_extract_path_text(Properties, 'ResourceName') as resource_name, + json_extract_path_text(Properties, 'RepositoryName') as repository_name, + json_extract_path_text(Properties, 'ProviderType') as provider_type, + json_extract_path_text(Properties, 'Branch') as branch, + json_extract_path_text(Properties, 'ConfigFile') as config_file, + json_extract_path_text(Properties, 'SyncType') as sync_type, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'RepositoryLinkId') as repository_link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarConnections::SyncConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/codestarnotifications.yaml b/providers/src/awscc/v00.00.00000/services/codestarnotifications.yaml new file mode 100644 index 00000000..d747b88a --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/codestarnotifications.yaml @@ -0,0 +1,173 @@ +openapi: 3.0.0 +info: + title: CodeStarNotifications + version: 1.0.0 +paths: {} +components: + schemas: + Target: + type: object + additionalProperties: false + properties: + TargetType: + type: string + TargetAddress: + type: string + required: + - TargetType + - TargetAddress + NotificationRule: + type: object + properties: + EventTypeId: + type: string + minLength: 1 + maxLength: 2048 + CreatedBy: + type: string + minLength: 1 + maxLength: 2048 + TargetAddress: + type: string + minLength: 1 + maxLength: 2048 + EventTypeIds: + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 200 + Status: + type: string + enum: + - ENABLED + - DISABLED + DetailType: + type: string + enum: + - BASIC + - FULL + Resource: + type: string + pattern: ^arn:aws[^:\s]*:[^:\s]*:[^:\s]*:[0-9]{12}:[^\s]+$ + Targets: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Target' + maxItems: 10 + Tags: + type: object + additionalProperties: false + x-patternProperties: + .*: + type: string + Name: + type: string + pattern: '[A-Za-z0-9\-_ ]+$' + minLength: 1 + maxLength: 64 + Arn: + type: string + pattern: ^arn:aws[^:\s]*:codestar-notifications:[^:\s]+:\d{12}:notificationrule\/(.*\S)?$ + required: + - EventTypeIds + - Resource + - DetailType + - Targets + - Name + x-stackql-resource-name: notification_rule + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Resource + x-read-only-properties: + - Arn + x-required-permissions: + create: + - codestar-notifications:createNotificationRule + list: + - codestar-notifications:listNotificationRules + read: + - codestar-notifications:describeNotificationRule + delete: + - codestar-notifications:deleteNotificationRule + - codestar-notifications:describeNotificationRule + update: + - codestar-notifications:updateNotificationRule + - codestar-notifications:TagResource + - codestar-notifications:UntagResource + x-stackQL-resources: + notification_rules: + name: notification_rules + id: awscc.codestarnotifications.notification_rules + x-cfn-schema-name: NotificationRule + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarNotifications::NotificationRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CodeStarNotifications::NotificationRule' + AND region = 'us-east-1' + notification_rule: + name: notification_rule + id: awscc.codestarnotifications.notification_rule + x-cfn-schema-name: NotificationRule + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EventTypeId') as event_type_id, + JSON_EXTRACT(Properties, '$.CreatedBy') as created_by, + JSON_EXTRACT(Properties, '$.TargetAddress') as target_address, + JSON_EXTRACT(Properties, '$.EventTypeIds') as event_type_ids, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.DetailType') as detail_type, + JSON_EXTRACT(Properties, '$.Resource') as resource, + JSON_EXTRACT(Properties, '$.Targets') as targets, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarNotifications::NotificationRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EventTypeId') as event_type_id, + json_extract_path_text(Properties, 'CreatedBy') as created_by, + json_extract_path_text(Properties, 'TargetAddress') as target_address, + json_extract_path_text(Properties, 'EventTypeIds') as event_type_ids, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'DetailType') as detail_type, + json_extract_path_text(Properties, 'Resource') as resource, + json_extract_path_text(Properties, 'Targets') as targets, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CodeStarNotifications::NotificationRule' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cognito.yaml b/providers/src/awscc/v00.00.00000/services/cognito.yaml new file mode 100644 index 00000000..bda7c091 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cognito.yaml @@ -0,0 +1,1763 @@ +openapi: 3.0.0 +info: + title: Cognito + version: 1.0.0 +paths: {} +components: + schemas: + PushSync: + type: object + additionalProperties: false + properties: + ApplicationArns: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + RoleArn: + type: string + CognitoIdentityProvider: + type: object + additionalProperties: false + properties: + ServerSideTokenCheck: + type: boolean + ProviderName: + type: string + ClientId: + type: string + required: + - ProviderName + - ClientId + CognitoStreams: + type: object + additionalProperties: false + properties: + StreamingStatus: + type: string + StreamName: + type: string + RoleArn: + type: string + IdentityPool: + type: object + properties: + PushSync: + $ref: '#/components/schemas/PushSync' + CognitoIdentityProviders: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/CognitoIdentityProvider' + DeveloperProviderName: + type: string + CognitoStreams: + $ref: '#/components/schemas/CognitoStreams' + SupportedLoginProviders: + type: object + Name: + type: string + CognitoEvents: + type: object + Id: + type: string + IdentityPoolName: + type: string + AllowUnauthenticatedIdentities: + type: boolean + SamlProviderARNs: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + OpenIdConnectProviderARNs: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + AllowClassicFlow: + type: boolean + required: + - AllowUnauthenticatedIdentities + x-stackql-resource-name: identity_pool + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Name + x-required-permissions: + create: + - cognito-identity:CreateIdentityPool + - cognito-sync:SetIdentityPoolConfiguration + - cognito-sync:SetCognitoEvents + - iam:PassRole + read: + - cognito-identity:DescribeIdentityPool + update: + - cognito-identity:UpdateIdentityPool + - cognito-identity:DescribeIdentityPool + - cognito-sync:SetIdentityPoolConfiguration + - cognito-sync:SetCognitoEvents + - iam:PassRole + delete: + - cognito-identity:DeleteIdentityPool + list: + - cognito-identity:ListIdentityPools + IdentityPoolPrincipalTag: + type: object + properties: + IdentityPoolId: + type: string + IdentityProviderName: + type: string + UseDefaults: + type: boolean + PrincipalTags: + type: object + required: + - IdentityPoolId + - IdentityProviderName + x-stackql-resource-name: identity_pool_principal_tag + x-stackql-primaryIdentifier: + - IdentityPoolId + - IdentityProviderName + x-create-only-properties: + - IdentityPoolId + - IdentityProviderName + x-required-permissions: + create: + - cognito-identity:GetPrincipalTagAttributeMap + - cognito-identity:SetPrincipalTagAttributeMap + read: + - cognito-identity:GetPrincipalTagAttributeMap + update: + - cognito-identity:GetPrincipalTagAttributeMap + - cognito-identity:SetPrincipalTagAttributeMap + delete: + - cognito-identity:GetPrincipalTagAttributeMap + - cognito-identity:SetPrincipalTagAttributeMap + list: + - cognito-identity:GetPrincipalTagAttributeMap + MappingRule: + type: object + additionalProperties: false + properties: + Claim: + type: string + MatchType: + type: string + RoleARN: + type: string + Value: + type: string + required: + - Claim + - MatchType + - RoleARN + - Value + RulesConfigurationType: + type: object + additionalProperties: false + properties: + Rules: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/MappingRule' + required: + - Rules + RoleMapping: + type: object + additionalProperties: false + properties: + Type: + type: string + AmbiguousRoleResolution: + type: string + RulesConfiguration: + $ref: '#/components/schemas/RulesConfigurationType' + IdentityProvider: + type: string + required: + - Type + IdentityPoolRoleAttachment: + type: object + properties: + IdentityPoolId: + type: string + Roles: + x-patternProperties: + ^.+$: + type: string + additionalProperties: false + Id: + type: string + RoleMappings: + x-patternProperties: + ^.+$: + $ref: '#/components/schemas/RoleMapping' + additionalProperties: false + required: + - IdentityPoolId + x-stackql-resource-name: identity_pool_role_attachment + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - IdentityPoolId + x-read-only-properties: + - Id + x-required-permissions: + create: + - cognito-identity:GetIdentityPoolRoles + - cognito-identity:SetIdentityPoolRoles + - iam:PassRole + read: + - cognito-identity:GetIdentityPoolRoles + update: + - cognito-identity:GetIdentityPoolRoles + - cognito-identity:SetIdentityPoolRoles + - iam:PassRole + delete: + - cognito-identity:GetIdentityPoolRoles + - cognito-identity:SetIdentityPoolRoles + list: + - cognito-identity:GetIdentityPoolRoles + CloudWatchLogsConfiguration: + type: object + properties: + LogGroupArn: + type: string + additionalProperties: false + LogConfiguration: + type: object + properties: + LogLevel: + type: string + EventSource: + type: string + CloudWatchLogsConfiguration: + $ref: '#/components/schemas/CloudWatchLogsConfiguration' + additionalProperties: false + LogConfigurations: + type: array + items: + $ref: '#/components/schemas/LogConfiguration' + LogDeliveryConfiguration: + type: object + properties: + Id: + type: string + UserPoolId: + type: string + LogConfigurations: + $ref: '#/components/schemas/LogConfigurations' + required: + - UserPoolId + x-stackql-resource-name: log_delivery_configuration + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - UserPoolId + x-read-only-properties: + - Id + x-required-permissions: + create: + - cognito-idp:GetLogDeliveryConfiguration + - cognito-idp:SetLogDeliveryConfiguration + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + read: + - cognito-idp:GetLogDeliveryConfiguration + update: + - cognito-idp:GetLogDeliveryConfiguration + - cognito-idp:SetLogDeliveryConfiguration + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + delete: + - cognito-idp:GetLogDeliveryConfiguration + - cognito-idp:SetLogDeliveryConfiguration + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + PasswordPolicy: + type: object + properties: + MinimumLength: + type: integer + RequireLowercase: + type: boolean + RequireNumbers: + type: boolean + RequireSymbols: + type: boolean + RequireUppercase: + type: boolean + TemporaryPasswordValidityDays: + type: integer + additionalProperties: false + Policies: + type: object + properties: + PasswordPolicy: + $ref: '#/components/schemas/PasswordPolicy' + additionalProperties: false + InviteMessageTemplate: + type: object + properties: + EmailMessage: + type: string + EmailSubject: + type: string + SMSMessage: + type: string + additionalProperties: false + RecoveryOption: + type: object + properties: + Name: + type: string + Priority: + type: integer + additionalProperties: false + AccountRecoverySetting: + type: object + properties: + RecoveryMechanisms: + type: array + items: + $ref: '#/components/schemas/RecoveryOption' + additionalProperties: false + AdminCreateUserConfig: + type: object + properties: + AllowAdminCreateUserOnly: + type: boolean + InviteMessageTemplate: + $ref: '#/components/schemas/InviteMessageTemplate' + UnusedAccountValidityDays: + type: integer + additionalProperties: false + DeviceConfiguration: + type: object + properties: + ChallengeRequiredOnNewDevice: + type: boolean + DeviceOnlyRememberedOnUserPrompt: + type: boolean + additionalProperties: false + EmailConfiguration: + type: object + properties: + ReplyToEmailAddress: + type: string + SourceArn: + type: string + From: + type: string + ConfigurationSet: + type: string + EmailSendingAccount: + type: string + additionalProperties: false + CustomEmailSender: + type: object + properties: + LambdaVersion: + type: string + LambdaArn: + type: string + additionalProperties: false + CustomSMSSender: + type: object + properties: + LambdaVersion: + type: string + LambdaArn: + type: string + additionalProperties: false + PreTokenGenerationConfig: + type: object + properties: + LambdaVersion: + type: string + LambdaArn: + type: string + additionalProperties: false + LambdaConfig: + type: object + properties: + CreateAuthChallenge: + type: string + CustomMessage: + type: string + DefineAuthChallenge: + type: string + PostAuthentication: + type: string + PostConfirmation: + type: string + PreAuthentication: + type: string + PreSignUp: + type: string + VerifyAuthChallengeResponse: + type: string + UserMigration: + type: string + PreTokenGeneration: + type: string + CustomEmailSender: + $ref: '#/components/schemas/CustomEmailSender' + CustomSMSSender: + $ref: '#/components/schemas/CustomSMSSender' + KMSKeyID: + type: string + PreTokenGenerationConfig: + $ref: '#/components/schemas/PreTokenGenerationConfig' + additionalProperties: false + SmsConfiguration: + type: object + properties: + ExternalId: + type: string + SnsCallerArn: + type: string + SnsRegion: + type: string + additionalProperties: false + StringAttributeConstraints: + type: object + properties: + MaxLength: + type: string + MinLength: + type: string + additionalProperties: false + NumberAttributeConstraints: + type: object + properties: + MaxValue: + type: string + MinValue: + type: string + additionalProperties: false + SchemaAttribute: + type: object + properties: + AttributeDataType: + type: string + DeveloperOnlyAttribute: + type: boolean + Mutable: + type: boolean + Name: + type: string + NumberAttributeConstraints: + $ref: '#/components/schemas/NumberAttributeConstraints' + StringAttributeConstraints: + $ref: '#/components/schemas/StringAttributeConstraints' + Required: + type: boolean + additionalProperties: false + UsernameConfiguration: + type: object + properties: + CaseSensitive: + type: boolean + additionalProperties: false + UserAttributeUpdateSettings: + type: object + properties: + AttributesRequireVerificationBeforeUpdate: + type: array + items: + type: string + required: + - AttributesRequireVerificationBeforeUpdate + additionalProperties: false + VerificationMessageTemplate: + type: object + properties: + DefaultEmailOption: + type: string + EmailMessage: + type: string + EmailMessageByLink: + type: string + EmailSubject: + type: string + EmailSubjectByLink: + type: string + SmsMessage: + type: string + additionalProperties: false + UserPoolAddOns: + type: object + properties: + AdvancedSecurityMode: + type: string + additionalProperties: false + UserPool: + type: object + properties: + UserPoolName: + type: string + minLength: 1 + maxLength: 128 + Policies: + $ref: '#/components/schemas/Policies' + AccountRecoverySetting: + $ref: '#/components/schemas/AccountRecoverySetting' + AdminCreateUserConfig: + $ref: '#/components/schemas/AdminCreateUserConfig' + AliasAttributes: + type: array + items: + type: string + UsernameAttributes: + type: array + items: + type: string + AutoVerifiedAttributes: + type: array + items: + type: string + DeviceConfiguration: + $ref: '#/components/schemas/DeviceConfiguration' + EmailConfiguration: + $ref: '#/components/schemas/EmailConfiguration' + EmailVerificationMessage: + type: string + minLength: 6 + maxLength: 20000 + EmailVerificationSubject: + type: string + minLength: 1 + maxLength: 140 + DeletionProtection: + type: string + LambdaConfig: + $ref: '#/components/schemas/LambdaConfig' + MfaConfiguration: + type: string + EnabledMfas: + type: array + items: + type: string + SmsAuthenticationMessage: + type: string + minLength: 6 + maxLength: 140 + SmsConfiguration: + $ref: '#/components/schemas/SmsConfiguration' + SmsVerificationMessage: + type: string + minLength: 6 + maxLength: 140 + Schema: + type: array + items: + $ref: '#/components/schemas/SchemaAttribute' + UsernameConfiguration: + $ref: '#/components/schemas/UsernameConfiguration' + UserAttributeUpdateSettings: + $ref: '#/components/schemas/UserAttributeUpdateSettings' + UserPoolTags: + type: object + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + additionalProperties: false + VerificationMessageTemplate: + $ref: '#/components/schemas/VerificationMessageTemplate' + UserPoolAddOns: + $ref: '#/components/schemas/UserPoolAddOns' + ProviderName: + type: string + ProviderURL: + type: string + Arn: + type: string + UserPoolId: + type: string + x-stackql-resource-name: user_pool + x-stackql-primaryIdentifier: + - UserPoolId + x-read-only-properties: + - ProviderName + - UserPoolId + - ProviderURL + - Arn + x-required-permissions: + create: + - cognito-idp:CreateUserPool + - iam:PassRole + - cognito-idp:SetUserPoolMfaConfig + - cognito-idp:DescribeUserPool + - kms:CreateGrant + - iam:CreateServiceLinkedRole + read: + - cognito-idp:DescribeUserPool + update: + - cognito-idp:UpdateUserPool + - cognito-idp:ListTagsForResource + - cognito-idp:UntagResource + - cognito-idp:TagResource + - cognito-idp:SetUserPoolMfaConfig + - cognito-idp:AddCustomAttributes + - cognito-idp:DescribeUserPool + - iam:PassRole + delete: + - cognito-idp:DeleteUserPool + list: + - cognito-idp:ListUserPools + AnalyticsConfiguration: + type: object + properties: + ApplicationArn: + type: string + ApplicationId: + type: string + ExternalId: + type: string + RoleArn: + type: string + UserDataShared: + type: boolean + additionalProperties: false + TokenValidityUnits: + type: object + properties: + AccessToken: + type: string + IdToken: + type: string + RefreshToken: + type: string + additionalProperties: false + UserPoolClient: + type: object + properties: + ClientName: + type: string + minLength: 1 + maxLength: 128 + ExplicitAuthFlows: + type: array + items: + type: string + GenerateSecret: + type: boolean + ReadAttributes: + type: array + items: + type: string + AuthSessionValidity: + type: integer + minimum: 3 + maximum: 15 + RefreshTokenValidity: + type: integer + minimum: 1 + maximum: 315360000 + AccessTokenValidity: + type: integer + minimum: 1 + maximum: 86400 + IdTokenValidity: + type: integer + minimum: 1 + maximum: 86400 + TokenValidityUnits: + $ref: '#/components/schemas/TokenValidityUnits' + UserPoolId: + type: string + WriteAttributes: + type: array + items: + type: string + AllowedOAuthFlows: + type: array + items: + type: string + AllowedOAuthFlowsUserPoolClient: + type: boolean + AllowedOAuthScopes: + type: array + items: + type: string + CallbackURLs: + type: array + items: + type: string + DefaultRedirectURI: + type: string + LogoutURLs: + type: array + items: + type: string + SupportedIdentityProviders: + type: array + items: + type: string + AnalyticsConfiguration: + $ref: '#/components/schemas/AnalyticsConfiguration' + PreventUserExistenceErrors: + type: string + EnableTokenRevocation: + type: boolean + EnablePropagateAdditionalUserContextData: + type: boolean + Name: + type: string + ClientSecret: + type: string + ClientId: + type: string + required: + - UserPoolId + x-stackql-resource-name: user_pool_client + x-stackql-primaryIdentifier: + - UserPoolId + - ClientId + x-create-only-properties: + - GenerateSecret + - UserPoolId + x-read-only-properties: + - ClientSecret + - Name + - ClientId + x-required-permissions: + create: + - cognito-idp:CreateUserPoolClient + - iam:PassRole + - iam:PutRolePolicy + - iam:CreateServiceLinkedRole + read: + - cognito-idp:DescribeUserPoolClient + update: + - cognito-idp:UpdateUserPoolClient + - iam:PassRole + - iam:PutRolePolicy + delete: + - cognito-idp:DeleteUserPoolClient + - iam:PutRolePolicy + - iam:DeleteRolePolicy + list: + - cognito-idp:ListUserPoolClients + UserPoolGroup: + type: object + properties: + Description: + type: string + maxLength: 2048 + GroupName: + type: string + Precedence: + type: integer + minimum: 0 + RoleArn: + type: string + UserPoolId: + type: string + required: + - UserPoolId + x-stackql-resource-name: user_pool_group + x-stackql-primaryIdentifier: + - UserPoolId + - GroupName + x-create-only-properties: + - UserPoolId + - GroupName + x-required-permissions: + create: + - cognito-idp:CreateGroup + - iam:PassRole + - iam:PutRolePolicy + - cognito-idp:GetGroup + read: + - cognito-idp:GetGroup + update: + - cognito-idp:UpdateGroup + - iam:PassRole + - iam:PutRolePolicy + delete: + - cognito-idp:DeleteGroup + - cognito-idp:GetGroup + - iam:PutRolePolicy + list: + - cognito-idp:ListGroups + RiskExceptionConfigurationType: + type: object + properties: + BlockedIPRangeList: + type: array + uniqueItems: true + items: + type: string + SkippedIPRangeList: + type: array + uniqueItems: true + items: + type: string + additionalProperties: false + CompromisedCredentialsActionsType: + type: object + properties: + EventAction: + type: string + required: + - EventAction + additionalProperties: false + CompromisedCredentialsRiskConfigurationType: + type: object + properties: + Actions: + $ref: '#/components/schemas/CompromisedCredentialsActionsType' + EventFilter: + type: array + uniqueItems: true + items: + type: string + required: + - Actions + additionalProperties: false + AccountTakeoverActionType: + type: object + properties: + EventAction: + type: string + Notify: + type: boolean + required: + - EventAction + - Notify + additionalProperties: false + AccountTakeoverActionsType: + type: object + properties: + HighAction: + $ref: '#/components/schemas/AccountTakeoverActionType' + LowAction: + $ref: '#/components/schemas/AccountTakeoverActionType' + MediumAction: + $ref: '#/components/schemas/AccountTakeoverActionType' + additionalProperties: false + NotifyEmailType: + type: object + properties: + HtmlBody: + type: string + Subject: + type: string + TextBody: + type: string + required: + - Subject + additionalProperties: false + NotifyConfigurationType: + type: object + properties: + BlockEmail: + $ref: '#/components/schemas/NotifyEmailType' + MfaEmail: + $ref: '#/components/schemas/NotifyEmailType' + NoActionEmail: + $ref: '#/components/schemas/NotifyEmailType' + From: + type: string + ReplyTo: + type: string + SourceArn: + type: string + required: + - SourceArn + additionalProperties: false + AccountTakeoverRiskConfigurationType: + type: object + properties: + Actions: + $ref: '#/components/schemas/AccountTakeoverActionsType' + NotifyConfiguration: + $ref: '#/components/schemas/NotifyConfigurationType' + required: + - Actions + additionalProperties: false + UserPoolRiskConfigurationAttachment: + type: object + properties: + UserPoolId: + type: string + ClientId: + type: string + RiskExceptionConfiguration: + $ref: '#/components/schemas/RiskExceptionConfigurationType' + CompromisedCredentialsRiskConfiguration: + $ref: '#/components/schemas/CompromisedCredentialsRiskConfigurationType' + AccountTakeoverRiskConfiguration: + $ref: '#/components/schemas/AccountTakeoverRiskConfigurationType' + required: + - UserPoolId + - ClientId + x-stackql-resource-name: user_pool_risk_configuration_attachment + x-stackql-primaryIdentifier: + - UserPoolId + - ClientId + x-create-only-properties: + - UserPoolId + - ClientId + x-required-permissions: + create: + - cognito-idp:SetRiskConfiguration + - cognito-idp:DescribeRiskConfiguration + - iam:PassRole + read: + - cognito-idp:DescribeRiskConfiguration + update: + - cognito-idp:SetRiskConfiguration + - cognito-idp:DescribeRiskConfiguration + - iam:PassRole + delete: + - cognito-idp:SetRiskConfiguration + - cognito-idp:DescribeRiskConfiguration + AttributeType: + type: object + properties: + Name: + type: string + Value: + type: string + additionalProperties: false + UserPoolUser: + type: object + properties: + DesiredDeliveryMediums: + type: array + items: + type: string + ForceAliasCreation: + type: boolean + UserAttributes: + type: array + items: + $ref: '#/components/schemas/AttributeType' + MessageAction: + type: string + Username: + type: string + UserPoolId: + type: string + ValidationData: + type: array + items: + $ref: '#/components/schemas/AttributeType' + ClientMetadata: + type: object + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + additionalProperties: false + required: + - UserPoolId + x-stackql-resource-name: user_pool_user + x-stackql-primaryIdentifier: + - UserPoolId + - Username + x-create-only-properties: + - DesiredDeliveryMediums + - ForceAliasCreation + - UserAttributes + - Username + - UserPoolId + - ValidationData + - ClientMetadata + - MessageAction + x-required-permissions: + create: + - cognito-idp:AdminCreateUser + - cognito-idp:AdminGetUser + - iam:PassRole + read: + - cognito-idp:AdminGetUser + delete: + - cognito-idp:AdminDeleteUser + list: + - cognito-idp:ListUsers + UserPoolUserToGroupAttachment: + type: object + properties: + UserPoolId: + type: string + Username: + type: string + GroupName: + type: string + required: + - UserPoolId + - Username + - GroupName + x-stackql-resource-name: user_pool_user_to_group_attachment + x-stackql-primaryIdentifier: + - UserPoolId + - GroupName + - Username + x-create-only-properties: + - UserPoolId + - GroupName + - Username + x-required-permissions: + create: + - cognito-idp:AdminAddUserToGroup + - cognito-idp:AdminListGroupsForUser + delete: + - cognito-idp:AdminRemoveUserFromGroup + - cognito-idp:AdminListGroupsForUser + read: + - cognito-idp:AdminListGroupsForUser + x-stackQL-resources: + identity_pools: + name: identity_pools + id: awscc.cognito.identity_pools + x-cfn-schema-name: IdentityPool + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::IdentityPool' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::IdentityPool' + AND region = 'us-east-1' + identity_pool: + name: identity_pool + id: awscc.cognito.identity_pool + x-cfn-schema-name: IdentityPool + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PushSync') as push_sync, + JSON_EXTRACT(Properties, '$.CognitoIdentityProviders') as cognito_identity_providers, + JSON_EXTRACT(Properties, '$.DeveloperProviderName') as developer_provider_name, + JSON_EXTRACT(Properties, '$.CognitoStreams') as cognito_streams, + JSON_EXTRACT(Properties, '$.SupportedLoginProviders') as supported_login_providers, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.CognitoEvents') as cognito_events, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.IdentityPoolName') as identity_pool_name, + JSON_EXTRACT(Properties, '$.AllowUnauthenticatedIdentities') as allow_unauthenticated_identities, + JSON_EXTRACT(Properties, '$.SamlProviderARNs') as saml_provider_arns, + JSON_EXTRACT(Properties, '$.OpenIdConnectProviderARNs') as open_id_connect_provider_arns, + JSON_EXTRACT(Properties, '$.AllowClassicFlow') as allow_classic_flow + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::IdentityPool' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PushSync') as push_sync, + json_extract_path_text(Properties, 'CognitoIdentityProviders') as cognito_identity_providers, + json_extract_path_text(Properties, 'DeveloperProviderName') as developer_provider_name, + json_extract_path_text(Properties, 'CognitoStreams') as cognito_streams, + json_extract_path_text(Properties, 'SupportedLoginProviders') as supported_login_providers, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'CognitoEvents') as cognito_events, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'IdentityPoolName') as identity_pool_name, + json_extract_path_text(Properties, 'AllowUnauthenticatedIdentities') as allow_unauthenticated_identities, + json_extract_path_text(Properties, 'SamlProviderARNs') as saml_provider_arns, + json_extract_path_text(Properties, 'OpenIdConnectProviderARNs') as open_id_connect_provider_arns, + json_extract_path_text(Properties, 'AllowClassicFlow') as allow_classic_flow + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::IdentityPool' + AND data__Identifier = '' + AND region = 'us-east-1' + identity_pool_principal_tags: + name: identity_pool_principal_tags + id: awscc.cognito.identity_pool_principal_tags + x-cfn-schema-name: IdentityPoolPrincipalTag + x-type: list + x-identifiers: + - IdentityPoolId + - IdentityProviderName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityPoolId') as identity_pool_id, + JSON_EXTRACT(Properties, '$.IdentityProviderName') as identity_provider_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::IdentityPoolPrincipalTag' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityPoolId') as identity_pool_id, + json_extract_path_text(Properties, 'IdentityProviderName') as identity_provider_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::IdentityPoolPrincipalTag' + AND region = 'us-east-1' + identity_pool_principal_tag: + name: identity_pool_principal_tag + id: awscc.cognito.identity_pool_principal_tag + x-cfn-schema-name: IdentityPoolPrincipalTag + x-type: get + x-identifiers: + - IdentityPoolId + - IdentityProviderName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityPoolId') as identity_pool_id, + JSON_EXTRACT(Properties, '$.IdentityProviderName') as identity_provider_name, + JSON_EXTRACT(Properties, '$.UseDefaults') as use_defaults, + JSON_EXTRACT(Properties, '$.PrincipalTags') as principal_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::IdentityPoolPrincipalTag' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityPoolId') as identity_pool_id, + json_extract_path_text(Properties, 'IdentityProviderName') as identity_provider_name, + json_extract_path_text(Properties, 'UseDefaults') as use_defaults, + json_extract_path_text(Properties, 'PrincipalTags') as principal_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::IdentityPoolPrincipalTag' + AND data__Identifier = '' + AND region = 'us-east-1' + identity_pool_role_attachments: + name: identity_pool_role_attachments + id: awscc.cognito.identity_pool_role_attachments + x-cfn-schema-name: IdentityPoolRoleAttachment + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::IdentityPoolRoleAttachment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::IdentityPoolRoleAttachment' + AND region = 'us-east-1' + identity_pool_role_attachment: + name: identity_pool_role_attachment + id: awscc.cognito.identity_pool_role_attachment + x-cfn-schema-name: IdentityPoolRoleAttachment + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityPoolId') as identity_pool_id, + JSON_EXTRACT(Properties, '$.Roles') as roles, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.RoleMappings') as role_mappings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::IdentityPoolRoleAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityPoolId') as identity_pool_id, + json_extract_path_text(Properties, 'Roles') as roles, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'RoleMappings') as role_mappings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::IdentityPoolRoleAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + log_delivery_configurations: + name: log_delivery_configurations + id: awscc.cognito.log_delivery_configurations + x-cfn-schema-name: LogDeliveryConfiguration + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::LogDeliveryConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::LogDeliveryConfiguration' + AND region = 'us-east-1' + log_delivery_configuration: + name: log_delivery_configuration + id: awscc.cognito.log_delivery_configuration + x-cfn-schema-name: LogDeliveryConfiguration + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.LogConfigurations') as log_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::LogDeliveryConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'LogConfigurations') as log_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::LogDeliveryConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + user_pools: + name: user_pools + id: awscc.cognito.user_pools + x-cfn-schema-name: UserPool + x-type: list + x-identifiers: + - UserPoolId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPool' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPool' + AND region = 'us-east-1' + user_pool: + name: user_pool + id: awscc.cognito.user_pool + x-cfn-schema-name: UserPool + x-type: get + x-identifiers: + - UserPoolId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolName') as user_pool_name, + JSON_EXTRACT(Properties, '$.Policies') as policies, + JSON_EXTRACT(Properties, '$.AccountRecoverySetting') as account_recovery_setting, + JSON_EXTRACT(Properties, '$.AdminCreateUserConfig') as admin_create_user_config, + JSON_EXTRACT(Properties, '$.AliasAttributes') as alias_attributes, + JSON_EXTRACT(Properties, '$.UsernameAttributes') as username_attributes, + JSON_EXTRACT(Properties, '$.AutoVerifiedAttributes') as auto_verified_attributes, + JSON_EXTRACT(Properties, '$.DeviceConfiguration') as device_configuration, + JSON_EXTRACT(Properties, '$.EmailConfiguration') as email_configuration, + JSON_EXTRACT(Properties, '$.EmailVerificationMessage') as email_verification_message, + JSON_EXTRACT(Properties, '$.EmailVerificationSubject') as email_verification_subject, + JSON_EXTRACT(Properties, '$.DeletionProtection') as deletion_protection, + JSON_EXTRACT(Properties, '$.LambdaConfig') as lambda_config, + JSON_EXTRACT(Properties, '$.MfaConfiguration') as mfa_configuration, + JSON_EXTRACT(Properties, '$.EnabledMfas') as enabled_mfas, + JSON_EXTRACT(Properties, '$.SmsAuthenticationMessage') as sms_authentication_message, + JSON_EXTRACT(Properties, '$.SmsConfiguration') as sms_configuration, + JSON_EXTRACT(Properties, '$.SmsVerificationMessage') as sms_verification_message, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.UsernameConfiguration') as username_configuration, + JSON_EXTRACT(Properties, '$.UserAttributeUpdateSettings') as user_attribute_update_settings, + JSON_EXTRACT(Properties, '$.UserPoolTags') as user_pool_tags, + JSON_EXTRACT(Properties, '$.VerificationMessageTemplate') as verification_message_template, + JSON_EXTRACT(Properties, '$.UserPoolAddOns') as user_pool_add_ons, + JSON_EXTRACT(Properties, '$.ProviderName') as provider_name, + JSON_EXTRACT(Properties, '$.ProviderURL') as provider_ur_l, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPool' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolName') as user_pool_name, + json_extract_path_text(Properties, 'Policies') as policies, + json_extract_path_text(Properties, 'AccountRecoverySetting') as account_recovery_setting, + json_extract_path_text(Properties, 'AdminCreateUserConfig') as admin_create_user_config, + json_extract_path_text(Properties, 'AliasAttributes') as alias_attributes, + json_extract_path_text(Properties, 'UsernameAttributes') as username_attributes, + json_extract_path_text(Properties, 'AutoVerifiedAttributes') as auto_verified_attributes, + json_extract_path_text(Properties, 'DeviceConfiguration') as device_configuration, + json_extract_path_text(Properties, 'EmailConfiguration') as email_configuration, + json_extract_path_text(Properties, 'EmailVerificationMessage') as email_verification_message, + json_extract_path_text(Properties, 'EmailVerificationSubject') as email_verification_subject, + json_extract_path_text(Properties, 'DeletionProtection') as deletion_protection, + json_extract_path_text(Properties, 'LambdaConfig') as lambda_config, + json_extract_path_text(Properties, 'MfaConfiguration') as mfa_configuration, + json_extract_path_text(Properties, 'EnabledMfas') as enabled_mfas, + json_extract_path_text(Properties, 'SmsAuthenticationMessage') as sms_authentication_message, + json_extract_path_text(Properties, 'SmsConfiguration') as sms_configuration, + json_extract_path_text(Properties, 'SmsVerificationMessage') as sms_verification_message, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'UsernameConfiguration') as username_configuration, + json_extract_path_text(Properties, 'UserAttributeUpdateSettings') as user_attribute_update_settings, + json_extract_path_text(Properties, 'UserPoolTags') as user_pool_tags, + json_extract_path_text(Properties, 'VerificationMessageTemplate') as verification_message_template, + json_extract_path_text(Properties, 'UserPoolAddOns') as user_pool_add_ons, + json_extract_path_text(Properties, 'ProviderName') as provider_name, + json_extract_path_text(Properties, 'ProviderURL') as provider_ur_l, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPool' + AND data__Identifier = '' + AND region = 'us-east-1' + user_pool_clients: + name: user_pool_clients + id: awscc.cognito.user_pool_clients + x-cfn-schema-name: UserPoolClient + x-type: list + x-identifiers: + - UserPoolId + - ClientId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.ClientId') as client_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolClient' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'ClientId') as client_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolClient' + AND region = 'us-east-1' + user_pool_client: + name: user_pool_client + id: awscc.cognito.user_pool_client + x-cfn-schema-name: UserPoolClient + x-type: get + x-identifiers: + - UserPoolId + - ClientId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClientName') as client_name, + JSON_EXTRACT(Properties, '$.ExplicitAuthFlows') as explicit_auth_flows, + JSON_EXTRACT(Properties, '$.GenerateSecret') as generate_secret, + JSON_EXTRACT(Properties, '$.ReadAttributes') as read_attributes, + JSON_EXTRACT(Properties, '$.AuthSessionValidity') as auth_session_validity, + JSON_EXTRACT(Properties, '$.RefreshTokenValidity') as refresh_token_validity, + JSON_EXTRACT(Properties, '$.AccessTokenValidity') as access_token_validity, + JSON_EXTRACT(Properties, '$.IdTokenValidity') as id_token_validity, + JSON_EXTRACT(Properties, '$.TokenValidityUnits') as token_validity_units, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.WriteAttributes') as write_attributes, + JSON_EXTRACT(Properties, '$.AllowedOAuthFlows') as allowed_oauth_flows, + JSON_EXTRACT(Properties, '$.AllowedOAuthFlowsUserPoolClient') as allowed_oauth_flows_user_pool_client, + JSON_EXTRACT(Properties, '$.AllowedOAuthScopes') as allowed_oauth_scopes, + JSON_EXTRACT(Properties, '$.CallbackURLs') as callback_ur_ls, + JSON_EXTRACT(Properties, '$.DefaultRedirectURI') as default_redirect_ur_i, + JSON_EXTRACT(Properties, '$.LogoutURLs') as logout_ur_ls, + JSON_EXTRACT(Properties, '$.SupportedIdentityProviders') as supported_identity_providers, + JSON_EXTRACT(Properties, '$.AnalyticsConfiguration') as analytics_configuration, + JSON_EXTRACT(Properties, '$.PreventUserExistenceErrors') as prevent_user_existence_errors, + JSON_EXTRACT(Properties, '$.EnableTokenRevocation') as enable_token_revocation, + JSON_EXTRACT(Properties, '$.EnablePropagateAdditionalUserContextData') as enable_propagate_additional_user_context_data, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ClientSecret') as client_secret, + JSON_EXTRACT(Properties, '$.ClientId') as client_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolClient' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClientName') as client_name, + json_extract_path_text(Properties, 'ExplicitAuthFlows') as explicit_auth_flows, + json_extract_path_text(Properties, 'GenerateSecret') as generate_secret, + json_extract_path_text(Properties, 'ReadAttributes') as read_attributes, + json_extract_path_text(Properties, 'AuthSessionValidity') as auth_session_validity, + json_extract_path_text(Properties, 'RefreshTokenValidity') as refresh_token_validity, + json_extract_path_text(Properties, 'AccessTokenValidity') as access_token_validity, + json_extract_path_text(Properties, 'IdTokenValidity') as id_token_validity, + json_extract_path_text(Properties, 'TokenValidityUnits') as token_validity_units, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'WriteAttributes') as write_attributes, + json_extract_path_text(Properties, 'AllowedOAuthFlows') as allowed_oauth_flows, + json_extract_path_text(Properties, 'AllowedOAuthFlowsUserPoolClient') as allowed_oauth_flows_user_pool_client, + json_extract_path_text(Properties, 'AllowedOAuthScopes') as allowed_oauth_scopes, + json_extract_path_text(Properties, 'CallbackURLs') as callback_ur_ls, + json_extract_path_text(Properties, 'DefaultRedirectURI') as default_redirect_ur_i, + json_extract_path_text(Properties, 'LogoutURLs') as logout_ur_ls, + json_extract_path_text(Properties, 'SupportedIdentityProviders') as supported_identity_providers, + json_extract_path_text(Properties, 'AnalyticsConfiguration') as analytics_configuration, + json_extract_path_text(Properties, 'PreventUserExistenceErrors') as prevent_user_existence_errors, + json_extract_path_text(Properties, 'EnableTokenRevocation') as enable_token_revocation, + json_extract_path_text(Properties, 'EnablePropagateAdditionalUserContextData') as enable_propagate_additional_user_context_data, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ClientSecret') as client_secret, + json_extract_path_text(Properties, 'ClientId') as client_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolClient' + AND data__Identifier = '' + AND region = 'us-east-1' + user_pool_groups: + name: user_pool_groups + id: awscc.cognito.user_pool_groups + x-cfn-schema-name: UserPoolGroup + x-type: list + x-identifiers: + - UserPoolId + - GroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.GroupName') as group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'GroupName') as group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolGroup' + AND region = 'us-east-1' + user_pool_group: + name: user_pool_group + id: awscc.cognito.user_pool_group + x-cfn-schema-name: UserPoolGroup + x-type: get + x-identifiers: + - UserPoolId + - GroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.GroupName') as group_name, + JSON_EXTRACT(Properties, '$.Precedence') as precedence, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'GroupName') as group_name, + json_extract_path_text(Properties, 'Precedence') as precedence, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + user_pool_risk_configuration_attachments: + name: user_pool_risk_configuration_attachments + id: awscc.cognito.user_pool_risk_configuration_attachments + x-cfn-schema-name: UserPoolRiskConfigurationAttachment + x-type: list + x-identifiers: + - UserPoolId + - ClientId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.ClientId') as client_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolRiskConfigurationAttachment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'ClientId') as client_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolRiskConfigurationAttachment' + AND region = 'us-east-1' + user_pool_risk_configuration_attachment: + name: user_pool_risk_configuration_attachment + id: awscc.cognito.user_pool_risk_configuration_attachment + x-cfn-schema-name: UserPoolRiskConfigurationAttachment + x-type: get + x-identifiers: + - UserPoolId + - ClientId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.ClientId') as client_id, + JSON_EXTRACT(Properties, '$.RiskExceptionConfiguration') as risk_exception_configuration, + JSON_EXTRACT(Properties, '$.CompromisedCredentialsRiskConfiguration') as compromised_credentials_risk_configuration, + JSON_EXTRACT(Properties, '$.AccountTakeoverRiskConfiguration') as account_takeover_risk_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolRiskConfigurationAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'ClientId') as client_id, + json_extract_path_text(Properties, 'RiskExceptionConfiguration') as risk_exception_configuration, + json_extract_path_text(Properties, 'CompromisedCredentialsRiskConfiguration') as compromised_credentials_risk_configuration, + json_extract_path_text(Properties, 'AccountTakeoverRiskConfiguration') as account_takeover_risk_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolRiskConfigurationAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + user_pool_users: + name: user_pool_users + id: awscc.cognito.user_pool_users + x-cfn-schema-name: UserPoolUser + x-type: list + x-identifiers: + - UserPoolId + - Username + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.Username') as username + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolUser' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'Username') as username + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolUser' + AND region = 'us-east-1' + user_pool_user: + name: user_pool_user + id: awscc.cognito.user_pool_user + x-cfn-schema-name: UserPoolUser + x-type: get + x-identifiers: + - UserPoolId + - Username + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DesiredDeliveryMediums') as desired_delivery_mediums, + JSON_EXTRACT(Properties, '$.ForceAliasCreation') as force_alias_creation, + JSON_EXTRACT(Properties, '$.UserAttributes') as user_attributes, + JSON_EXTRACT(Properties, '$.MessageAction') as message_action, + JSON_EXTRACT(Properties, '$.Username') as username, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.ValidationData') as validation_data, + JSON_EXTRACT(Properties, '$.ClientMetadata') as client_metadata + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolUser' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DesiredDeliveryMediums') as desired_delivery_mediums, + json_extract_path_text(Properties, 'ForceAliasCreation') as force_alias_creation, + json_extract_path_text(Properties, 'UserAttributes') as user_attributes, + json_extract_path_text(Properties, 'MessageAction') as message_action, + json_extract_path_text(Properties, 'Username') as username, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'ValidationData') as validation_data, + json_extract_path_text(Properties, 'ClientMetadata') as client_metadata + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolUser' + AND data__Identifier = '' + AND region = 'us-east-1' + user_pool_user_to_group_attachments: + name: user_pool_user_to_group_attachments + id: awscc.cognito.user_pool_user_to_group_attachments + x-cfn-schema-name: UserPoolUserToGroupAttachment + x-type: list + x-identifiers: + - UserPoolId + - GroupName + - Username + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.GroupName') as group_name, + JSON_EXTRACT(Properties, '$.Username') as username + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolUserToGroupAttachment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'GroupName') as group_name, + json_extract_path_text(Properties, 'Username') as username + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Cognito::UserPoolUserToGroupAttachment' + AND region = 'us-east-1' + user_pool_user_to_group_attachment: + name: user_pool_user_to_group_attachment + id: awscc.cognito.user_pool_user_to_group_attachment + x-cfn-schema-name: UserPoolUserToGroupAttachment + x-type: get + x-identifiers: + - UserPoolId + - GroupName + - Username + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserPoolId') as user_pool_id, + JSON_EXTRACT(Properties, '$.Username') as username, + JSON_EXTRACT(Properties, '$.GroupName') as group_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolUserToGroupAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserPoolId') as user_pool_id, + json_extract_path_text(Properties, 'Username') as username, + json_extract_path_text(Properties, 'GroupName') as group_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Cognito::UserPoolUserToGroupAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/comprehend.yaml b/providers/src/awscc/v00.00.00000/services/comprehend.yaml new file mode 100644 index 00000000..96ab8d8f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/comprehend.yaml @@ -0,0 +1,562 @@ +openapi: 3.0.0 +info: + title: Comprehend + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + additionalProperties: false + required: + - Key + - Value + DocumentClassifierInputDataConfig: + type: object + properties: + AugmentedManifests: + type: array + items: + $ref: '#/components/schemas/AugmentedManifestsListItem' + x-insertionOrder: false + uniqueItems: true + DataFormat: + type: string + enum: + - COMPREHEND_CSV + - AUGMENTED_MANIFEST + LabelDelimiter: + type: string + pattern: ^[ ~!@#$%^*\-_+=|\\:;\t>?/]$ + minLength: 1 + maxLength: 1 + DocumentType: + type: string + enum: + - PLAIN_TEXT_DOCUMENT + - SEMI_STRUCTURED_DOCUMENT + Documents: + $ref: '#/components/schemas/DocumentClassifierDocuments' + DocumentReaderConfig: + $ref: '#/components/schemas/DocumentReaderConfig' + S3Uri: + $ref: '#/components/schemas/S3Uri' + TestS3Uri: + $ref: '#/components/schemas/S3Uri' + required: [] + additionalProperties: false + AugmentedManifestsListItem: + type: object + properties: + AttributeNames: + type: array + items: + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])* + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 63 + S3Uri: + $ref: '#/components/schemas/S3Uri' + Split: + type: string + enum: + - TRAIN + - TEST + required: + - AttributeNames + - S3Uri + additionalProperties: false + DocumentClassifierDocuments: + type: object + properties: + S3Uri: + $ref: '#/components/schemas/S3Uri' + TestS3Uri: + $ref: '#/components/schemas/S3Uri' + required: + - S3Uri + additionalProperties: false + DocumentReaderConfig: + type: object + properties: + DocumentReadAction: + type: string + enum: + - TEXTRACT_DETECT_DOCUMENT_TEXT + - TEXTRACT_ANALYZE_DOCUMENT + DocumentReadMode: + type: string + enum: + - SERVICE_DEFAULT + - FORCE_DOCUMENT_READ_ACTION + FeatureTypes: + type: array + items: + type: string + enum: + - TABLES + - FORMS + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 2 + required: + - DocumentReadAction + additionalProperties: false + DocumentClassifierOutputDataConfig: + type: object + properties: + KmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + S3Uri: + $ref: '#/components/schemas/S3Uri' + required: [] + additionalProperties: false + VpcConfig: + type: object + properties: + SecurityGroupIds: + type: array + items: + type: string + pattern: '[-0-9a-zA-Z]+' + minLength: 1 + maxLength: 32 + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 5 + Subnets: + type: array + items: + type: string + pattern: '[-0-9a-zA-Z]+' + minLength: 1 + maxLength: 32 + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 16 + required: + - SecurityGroupIds + - Subnets + additionalProperties: false + S3Uri: + type: string + pattern: s3://[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9](/.*)? + maxLength: 1024 + KmsKeyId: + type: string + minLength: 1 + maxLength: 2048 + DocumentClassifier: + type: object + properties: + DataAccessRoleArn: + type: string + pattern: arn:aws(-[^:]+)?:iam::[0-9]{12}:role/.+ + minLength: 20 + maxLength: 2048 + InputDataConfig: + $ref: '#/components/schemas/DocumentClassifierInputDataConfig' + OutputDataConfig: + $ref: '#/components/schemas/DocumentClassifierOutputDataConfig' + LanguageCode: + type: string + enum: + - en + - es + - fr + - it + - de + - pt + ModelKmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + ModelPolicy: + type: string + pattern: '[\u0009\u000A\u000D\u0020-\u00FF]+' + minLength: 1 + maxLength: 20000 + DocumentClassifierName: + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + minLength: 1 + maxLength: 63 + Mode: + type: string + enum: + - MULTI_CLASS + - MULTI_LABEL + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + VersionName: + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + minLength: 1 + maxLength: 63 + VolumeKmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + VpcConfig: + $ref: '#/components/schemas/VpcConfig' + Arn: + type: string + pattern: arn:aws(-[^:]+)?:comprehend:[a-zA-Z0-9-]*:[0-9]{12}:document-classifier/[a-zA-Z0-9](-*[a-zA-Z0-9])*(/version/[a-zA-Z0-9](-*[a-zA-Z0-9])*)? + minLength: 1 + maxLength: 256 + required: + - DocumentClassifierName + - DataAccessRoleArn + - InputDataConfig + - LanguageCode + x-stackql-resource-name: document_classifier + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - DataAccessRoleArn + - InputDataConfig + - OutputDataConfig + - LanguageCode + - ModelKmsKeyId + - DocumentClassifierName + - VersionName + - Mode + - VolumeKmsKeyId + - VpcConfig + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:PassRole + - comprehend:CreateDocumentClassifier + - comprehend:DescribeDocumentClassifier + - comprehend:DescribeResourcePolicy + - comprehend:ListTagsForResource + - textract:DetectDocumentText + read: + - comprehend:DescribeDocumentClassifier + - comprehend:DescribeResourcePolicy + - comprehend:ListTagsForResource + update: + - iam:PassRole + - comprehend:PutResourcePolicy + - comprehend:DeleteResourcePolicy + - comprehend:DescribeResourcePolicy + - comprehend:DescribeDocumentClassifier + - comprehend:ListTagsForResource + - comprehend:TagResource + - comprehend:UntagResource + delete: + - comprehend:DescribeDocumentClassifier + - comprehend:DeleteDocumentClassifier + list: + - comprehend:ListDocumentClassifiers + TaskConfig: + type: object + properties: + LanguageCode: + type: string + enum: + - en + - es + - fr + - it + - de + - pt + DocumentClassificationConfig: + $ref: '#/components/schemas/DocumentClassificationConfig' + EntityRecognitionConfig: + $ref: '#/components/schemas/EntityRecognitionConfig' + required: + - LanguageCode + additionalProperties: false + DataSecurityConfig: + type: object + properties: + ModelKmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + VolumeKmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + DataLakeKmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + VpcConfig: + $ref: '#/components/schemas/VpcConfig' + required: [] + additionalProperties: false + EntityTypesListItem: + type: object + properties: + Type: + type: string + pattern: ^(?![^\n\r\t,]*\\n|\\r|\\t)[^\n\r\t,]+$ + minLength: 1 + maxLength: 64 + additionalProperties: false + required: + - Type + EntityRecognitionConfig: + type: object + properties: + EntityTypes: + type: array + items: + $ref: '#/components/schemas/EntityTypesListItem' + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 25 + additionalProperties: false + DocumentClassificationConfig: + type: object + properties: + Mode: + type: string + enum: + - MULTI_CLASS + - MULTI_LABEL + Labels: + type: array + items: + type: string + maxLength: 5000 + x-insertionOrder: false + uniqueItems: true + maxItems: 1000 + additionalProperties: false + required: + - Mode + Flywheel: + type: object + properties: + ActiveModelArn: + type: string + pattern: arn:aws(-[^:]+)?:comprehend:[a-zA-Z0-9-]*:[0-9]{12}:(document-classifier|entity-recognizer)/[a-zA-Z0-9](-*[a-zA-Z0-9])*(/version/[a-zA-Z0-9](-*[a-zA-Z0-9])*)? + maxLength: 256 + DataAccessRoleArn: + type: string + pattern: arn:aws(-[^:]+)?:iam::[0-9]{12}:role/.+ + minLength: 20 + maxLength: 2048 + DataLakeS3Uri: + type: string + pattern: s3://[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9](/.*)? + maxLength: 512 + DataSecurityConfig: + $ref: '#/components/schemas/DataSecurityConfig' + FlywheelName: + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + minLength: 1 + maxLength: 63 + ModelType: + type: string + enum: + - DOCUMENT_CLASSIFIER + - ENTITY_RECOGNIZER + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + TaskConfig: + $ref: '#/components/schemas/TaskConfig' + Arn: + type: string + pattern: arn:aws(-[^:]+)?:comprehend:[a-zA-Z0-9-]*:[0-9]{12}:flywheel/[a-zA-Z0-9](-*[a-zA-Z0-9])* + minLength: 1 + maxLength: 256 + required: + - FlywheelName + - DataAccessRoleArn + - DataLakeS3Uri + x-stackql-resource-name: flywheel + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - FlywheelName + - ModelType + - DataLakeS3Uri + - TaskConfig + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:PassRole + - comprehend:CreateFlywheel + - comprehend:DescribeFlywheel + - comprehend:ListTagsForResource + read: + - comprehend:DescribeFlywheel + - comprehend:ListTagsForResource + update: + - iam:PassRole + - comprehend:DescribeFlywheel + - comprehend:UpdateFlywheel + - comprehend:ListTagsForResource + - comprehend:TagResource + - comprehend:UntagResource + delete: + - comprehend:DeleteFlywheel + - comprehend:DescribeFlywheel + list: + - comprehend:ListFlywheels + x-stackQL-resources: + document_classifiers: + name: document_classifiers + id: awscc.comprehend.document_classifiers + x-cfn-schema-name: DocumentClassifier + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Comprehend::DocumentClassifier' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Comprehend::DocumentClassifier' + AND region = 'us-east-1' + document_classifier: + name: document_classifier + id: awscc.comprehend.document_classifier + x-cfn-schema-name: DocumentClassifier + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DataAccessRoleArn') as data_access_role_arn, + JSON_EXTRACT(Properties, '$.InputDataConfig') as input_data_config, + JSON_EXTRACT(Properties, '$.OutputDataConfig') as output_data_config, + JSON_EXTRACT(Properties, '$.LanguageCode') as language_code, + JSON_EXTRACT(Properties, '$.ModelKmsKeyId') as model_kms_key_id, + JSON_EXTRACT(Properties, '$.ModelPolicy') as model_policy, + JSON_EXTRACT(Properties, '$.DocumentClassifierName') as document_classifier_name, + JSON_EXTRACT(Properties, '$.Mode') as mode, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VersionName') as version_name, + JSON_EXTRACT(Properties, '$.VolumeKmsKeyId') as volume_kms_key_id, + JSON_EXTRACT(Properties, '$.VpcConfig') as vpc_config, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Comprehend::DocumentClassifier' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DataAccessRoleArn') as data_access_role_arn, + json_extract_path_text(Properties, 'InputDataConfig') as input_data_config, + json_extract_path_text(Properties, 'OutputDataConfig') as output_data_config, + json_extract_path_text(Properties, 'LanguageCode') as language_code, + json_extract_path_text(Properties, 'ModelKmsKeyId') as model_kms_key_id, + json_extract_path_text(Properties, 'ModelPolicy') as model_policy, + json_extract_path_text(Properties, 'DocumentClassifierName') as document_classifier_name, + json_extract_path_text(Properties, 'Mode') as mode, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VersionName') as version_name, + json_extract_path_text(Properties, 'VolumeKmsKeyId') as volume_kms_key_id, + json_extract_path_text(Properties, 'VpcConfig') as vpc_config, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Comprehend::DocumentClassifier' + AND data__Identifier = '' + AND region = 'us-east-1' + flywheels: + name: flywheels + id: awscc.comprehend.flywheels + x-cfn-schema-name: Flywheel + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Comprehend::Flywheel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Comprehend::Flywheel' + AND region = 'us-east-1' + flywheel: + name: flywheel + id: awscc.comprehend.flywheel + x-cfn-schema-name: Flywheel + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ActiveModelArn') as active_model_arn, + JSON_EXTRACT(Properties, '$.DataAccessRoleArn') as data_access_role_arn, + JSON_EXTRACT(Properties, '$.DataLakeS3Uri') as data_lake_s3_uri, + JSON_EXTRACT(Properties, '$.DataSecurityConfig') as data_security_config, + JSON_EXTRACT(Properties, '$.FlywheelName') as flywheel_name, + JSON_EXTRACT(Properties, '$.ModelType') as model_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TaskConfig') as task_config, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Comprehend::Flywheel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ActiveModelArn') as active_model_arn, + json_extract_path_text(Properties, 'DataAccessRoleArn') as data_access_role_arn, + json_extract_path_text(Properties, 'DataLakeS3Uri') as data_lake_s3_uri, + json_extract_path_text(Properties, 'DataSecurityConfig') as data_security_config, + json_extract_path_text(Properties, 'FlywheelName') as flywheel_name, + json_extract_path_text(Properties, 'ModelType') as model_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TaskConfig') as task_config, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Comprehend::Flywheel' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/config.yaml b/providers/src/awscc/v00.00.00000/services/config.yaml new file mode 100644 index 00000000..e7d26fc3 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/config.yaml @@ -0,0 +1,974 @@ +openapi: 3.0.0 +info: + title: Config + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + additionalProperties: false + required: + - Value + - Key + AggregationAuthorization: + type: object + properties: + AuthorizedAccountId: + description: The 12-digit account ID of the account authorized to aggregate data. + type: string + pattern: ^\d{12}$ + AuthorizedAwsRegion: + description: The region authorized to collect aggregated data. + type: string + minLength: 1 + maxLength: 64 + AggregationAuthorizationArn: + description: The ARN of the AggregationAuthorization. + type: string + Tags: + description: The tags for the AggregationAuthorization. + type: array + maxItems: 50 + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - AuthorizedAccountId + - AuthorizedAwsRegion + x-stackql-resource-name: aggregation_authorization + x-stackql-primaryIdentifier: + - AuthorizedAccountId + - AuthorizedAwsRegion + x-create-only-properties: + - AuthorizedAccountId + - AuthorizedAwsRegion + x-read-only-properties: + - AggregationAuthorizationArn + x-required-permissions: + create: + - config:DescribeAggregationAuthorizations + - config:PutAggregationAuthorization + - config:TagResource + update: + - config:DescribeAggregationAuthorizations + - config:TagResource + - config:UntagResource + - config:ListTagsForResource + read: + - config:DescribeAggregationAuthorizations + - config:ListTagsForResource + delete: + - config:DescribeAggregationAuthorizations + - config:DeleteAggregationAuthorization + - config:UntagResource + list: + - config:DescribeAggregationAuthorizations + Scope: + type: object + description: Defines which resources trigger an evaluation for an CC rule. The scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. Specify a scope to constrain which resources trigger an evaluation for a rule. Otherwise, evaluations for the rule are triggered when any resource in your recording group changes in configuration. + additionalProperties: false + properties: + TagKey: + type: string + description: The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule. + ComplianceResourceTypes: + type: array + description: The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for ``ComplianceResourceId``. + uniqueItems: true + items: + type: string + TagValue: + type: string + description: The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for ``TagValue``, you must also specify a value for ``TagKey``. + ComplianceResourceId: + type: string + description: The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for ``ComplianceResourceTypes``. + CustomPolicyDetails: + type: object + description: Provides the CustomPolicyDetails, the rule owner (```` for managed rules, ``CUSTOM_POLICY`` for Custom Policy rules, and ``CUSTOM_LAMBDA`` for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your AWS resources. + additionalProperties: false + properties: + EnableDebugLogDelivery: + type: boolean + description: The boolean expression for enabling debug logging for your CC Custom Policy rule. The default value is ``false``. + PolicyText: + type: string + description: The policy definition containing the logic for your CC Custom Policy rule. + PolicyRuntime: + type: string + description: The runtime system for your CC Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by CC Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard). + SourceDetail: + type: object + description: Provides the source and the message types that trigger CC to evaluate your AWS resources against a rule. It also provides the frequency with which you want CC to run evaluations for the rule if the trigger type is periodic. You can specify the parameter values for ``SourceDetail`` only for custom rules. + additionalProperties: false + properties: + EventSource: + type: string + description: The source of the event, such as an AWS service, that triggers CC to evaluate your AWS resources. + MaximumExecutionFrequency: + type: string + description: |- + The frequency at which you want CC to run evaluations for a custom rule with a periodic trigger. If you specify a value for ``MaximumExecutionFrequency``, then ``MessageType`` must use the ``ScheduledNotification`` value. + By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the ``MaximumExecutionFrequency`` parameter. + Based on the valid value you choose, CC runs evaluations once for each valid value. For example, if you choose ``Three_Hours``, CC runs evaluations once every three hours. In this case, ``Three_Hours`` is the frequency of this rule. + MessageType: + type: string + description: |- + The type of notification that triggers CC to run an evaluation for a rule. You can specify the following notification types: + + ``ConfigurationItemChangeNotification`` - Triggers an evaluation when CC delivers a configuration item as a result of a resource change. + + ``OversizedConfigurationItemChangeNotification`` - Triggers an evaluation when CC delivers an oversized configuration item. CC may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS. + + ``ScheduledNotification`` - Triggers a periodic evaluation at the frequency specified for ``MaximumExecutionFrequency``. + + ``ConfigurationSnapshotDeliveryCompleted`` - Triggers a periodic evaluation when CC delivers a configuration snapshot. + + If you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for ``ConfigurationItemChangeNotification`` and one for ``OversizedConfigurationItemChangeNotification``. + required: + - EventSource + - MessageType + Source: + type: object + description: Provides the CustomPolicyDetails, the rule owner (```` for managed rules, ``CUSTOM_POLICY`` for Custom Policy rules, and ``CUSTOM_LAMBDA`` for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your AWS resources. + additionalProperties: false + properties: + CustomPolicyDetails: + description: Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to ``CUSTOM_POLICY``. + $ref: '#/components/schemas/CustomPolicyDetails' + SourceIdentifier: + type: string + description: |- + For CC Managed rules, a predefined identifier from a list. For example, ``IAM_PASSWORD_POLICY`` is a managed rule. To reference a managed rule, see [List of Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html). + For CC Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's LAMlong function, such as ``arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name``. + For CC Custom Policy rules, this field will be ignored. + Owner: + type: string + description: |- + Indicates whether AWS or the customer owns and manages the CC rule. + CC Managed Rules are predefined rules owned by AWS. For more information, see [Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *developer guide*. + CC Custom Rules are rules that you can develop either with Guard (``CUSTOM_POLICY``) or LAMlong (``CUSTOM_LAMBDA``). For more information, see [Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *developer guide*. + SourceDetails: + type: array + description: |- + Provides the source and the message types that cause CC to evaluate your AWS resources against a rule. It also provides the frequency with which you want CC to run evaluations for the rule if the trigger type is periodic. + If the owner is set to ``CUSTOM_POLICY``, the only acceptable values for the CC rule trigger message type are ``ConfigurationItemChangeNotification`` and ``OversizedConfigurationItemChangeNotification``. + uniqueItems: true + items: + description: Source and message type that can trigger the rule + $ref: '#/components/schemas/SourceDetail' + required: + - Owner + EvaluationModeConfiguration: + type: object + description: The configuration object for CC rule evaluation mode. The supported valid values are Detective or Proactive. + additionalProperties: false + properties: + Mode: + type: string + description: The mode of an evaluation. The valid values are Detective or Proactive. + ConfigRule: + type: object + properties: + ConfigRuleId: + type: string + description: '' + Description: + type: string + description: The description that you provide for the CC rule. + Scope: + description: |- + Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes. + The scope can be empty. + $ref: '#/components/schemas/Scope' + ConfigRuleName: + type: string + description: A name for the CC rule. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html). + Arn: + type: string + description: '' + Compliance: + type: object + description: Indicates whether an AWS resource or CC rule is compliant and provides the number of contributors that affect the compliance. + additionalProperties: false + properties: + Type: + type: string + description: Compliance type determined by the Config rule + MaximumExecutionFrequency: + type: string + description: |- + The maximum frequency with which CC runs evaluations for a rule. You can specify a value for ``MaximumExecutionFrequency`` when: + + You are using an AWS managed rule that is triggered at a periodic frequency. + + Your custom rule is triggered when CC delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html). + + By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the ``MaximumExecutionFrequency`` parameter. + Source: + description: Provides the rule owner (```` for managed rules, ``CUSTOM_POLICY`` for Custom Policy rules, and ``CUSTOM_LAMBDA`` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources. + $ref: '#/components/schemas/Source' + InputParameters: + type: object + description: A string, in JSON format, that is passed to the CC rule Lambda function. + EvaluationModes: + type: array + description: The modes the CC rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only. + uniqueItems: false + items: + description: Mode of evaluation of AWS Config rule + $ref: '#/components/schemas/EvaluationModeConfiguration' + required: + - Source + x-stackql-resource-name: config_rule + x-stackql-primaryIdentifier: + - ConfigRuleName + x-create-only-properties: + - ConfigRuleName + x-read-only-properties: + - ConfigRuleId + - Compliance/Type + - Arn + x-required-permissions: + create: + - config:PutConfigRule + - config:DescribeConfigRules + read: + - config:DescribeConfigRules + - config:DescribeComplianceByConfigRule + delete: + - config:DeleteConfigRule + - config:DescribeConfigRules + list: + - config:DescribeConfigRules + update: + - config:PutConfigRule + - config:DescribeConfigRules + AccountAggregationSource: + type: object + additionalProperties: false + properties: + AllAwsRegions: + type: boolean + AwsRegions: + type: array + uniqueItems: false + items: + type: string + AccountIds: + type: array + uniqueItems: false + items: + type: string + required: + - AccountIds + OrganizationAggregationSource: + type: object + additionalProperties: false + properties: + AllAwsRegions: + type: boolean + AwsRegions: + type: array + uniqueItems: false + items: + type: string + RoleArn: + type: string + required: + - RoleArn + ConfigurationAggregator: + type: object + properties: + AccountAggregationSources: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/AccountAggregationSource' + ConfigurationAggregatorName: + description: The name of the aggregator. + type: string + pattern: '[\w\-]+' + minLength: 1 + maxLength: 256 + ConfigurationAggregatorArn: + description: The Amazon Resource Name (ARN) of the aggregator. + type: string + OrganizationAggregationSource: + $ref: '#/components/schemas/OrganizationAggregationSource' + Tags: + description: The tags for the configuration aggregator. + type: array + maxItems: 50 + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: configuration_aggregator + x-stackql-primaryIdentifier: + - ConfigurationAggregatorName + x-create-only-properties: + - ConfigurationAggregatorName + x-read-only-properties: + - ConfigurationAggregatorArn + x-required-permissions: + create: + - config:PutConfigurationAggregator + - config:DescribeConfigurationAggregators + - config:TagResource + - iam:PassRole + - organizations:EnableAWSServiceAccess + - organizations:ListDelegatedAdministrators + read: + - config:DescribeConfigurationAggregators + - config:ListTagsForResource + update: + - config:PutConfigurationAggregator + - config:DescribeConfigurationAggregators + - config:TagResource + - config:UntagResource + - config:ListTagsForResource + - iam:PassRole + - organizations:EnableAWSServiceAccess + - organizations:ListDelegatedAdministrators + delete: + - config:DeleteConfigurationAggregator + - config:UntagResource + list: + - config:DescribeConfigurationAggregators + ParameterName: + type: string + minLength: 0 + maxLength: 255 + ParameterValue: + type: string + minLength: 0 + maxLength: 4096 + ConformancePackInputParameter: + description: Input parameters in the form of key-value pairs for the conformance pack. + type: object + properties: + ParameterName: + $ref: '#/components/schemas/ParameterName' + ParameterValue: + $ref: '#/components/schemas/ParameterValue' + required: + - ParameterName + - ParameterValue + ConformancePack: + type: object + properties: + ConformancePackName: + description: Name of the conformance pack which will be assigned as the unique identifier. + type: string + pattern: '[a-zA-Z][-a-zA-Z0-9]*' + minLength: 1 + maxLength: 256 + DeliveryS3Bucket: + description: AWS Config stores intermediate files while processing conformance pack template. + type: string + minLength: 0 + maxLength: 63 + DeliveryS3KeyPrefix: + description: The prefix for delivery S3 bucket. + type: string + minLength: 0 + maxLength: 1024 + TemplateBody: + description: A string containing full conformance pack template body. You can only specify one of the template body or template S3Uri fields. + type: string + minLength: 1 + maxLength: 51200 + TemplateS3Uri: + description: Location of file containing the template body which points to the conformance pack template that is located in an Amazon S3 bucket. You can only specify one of the template body or template S3Uri fields. + type: string + pattern: s3://.* + minLength: 1 + maxLength: 1024 + TemplateSSMDocumentDetails: + description: The TemplateSSMDocumentDetails object contains the name of the SSM document and the version of the SSM document. + type: object + additionalProperties: false + properties: + DocumentName: + type: string + minLength: 3 + maxLength: 128 + DocumentVersion: + type: string + minLength: 1 + maxLength: 128 + ConformancePackInputParameters: + description: A list of ConformancePackInputParameter objects. + type: array + items: + $ref: '#/components/schemas/ConformancePackInputParameter' + minItems: 0 + maxItems: 60 + required: + - ConformancePackName + x-stackql-resource-name: conformance_pack + x-stackql-primaryIdentifier: + - ConformancePackName + x-create-only-properties: + - ConformancePackName + x-required-permissions: + create: + - config:PutConformancePack + - config:DescribeConformancePackStatus + - config:DescribeConformancePacks + - s3:GetObject + - s3:GetBucketAcl + - iam:CreateServiceLinkedRole + - iam:PassRole + read: + - config:DescribeConformancePacks + update: + - config:PutConformancePack + - config:DescribeConformancePackStatus + - s3:GetObject + - s3:GetBucketAcl + - iam:CreateServiceLinkedRole + - iam:PassRole + delete: + - config:DeleteConformancePack + - config:DescribeConformancePackStatus + list: + - config:DescribeConformancePacks + AccountId: + type: string + OrganizationConformancePack: + type: object + properties: + OrganizationConformancePackName: + description: The name of the organization conformance pack. + type: string + pattern: '[a-zA-Z][-a-zA-Z0-9]*' + minLength: 1 + maxLength: 128 + TemplateS3Uri: + description: Location of file containing the template body. + type: string + pattern: s3://.* + minLength: 1 + maxLength: 1024 + TemplateBody: + description: A string containing full conformance pack template body. + type: string + minLength: 1 + maxLength: 51200 + DeliveryS3Bucket: + description: AWS Config stores intermediate files while processing conformance pack template. + type: string + minLength: 0 + maxLength: 63 + DeliveryS3KeyPrefix: + description: The prefix for the delivery S3 bucket. + type: string + minLength: 0 + maxLength: 1024 + ConformancePackInputParameters: + description: A list of ConformancePackInputParameter objects. + type: array + items: + $ref: '#/components/schemas/ConformancePackInputParameter' + minItems: 0 + maxItems: 60 + ExcludedAccounts: + description: A list of AWS accounts to be excluded from an organization conformance pack while deploying a conformance pack. + type: array + items: + $ref: '#/components/schemas/AccountId' + minItems: 0 + maxItems: 1000 + required: + - OrganizationConformancePackName + x-stackql-resource-name: organization_conformance_pack + x-stackql-primaryIdentifier: + - OrganizationConformancePackName + x-create-only-properties: + - OrganizationConformancePackName + x-required-permissions: + create: + - config:PutOrganizationConformancePack + - config:DescribeOrganizationConformancePackStatuses + - config:GetOrganizationConformancePackDetailedStatus + - config:DescribeOrganizationConformancePacks + - s3:GetObject + - s3:GetBucketAcl + - iam:CreateServiceLinkedRole + - iam:PassRole + - organizations:ListDelegatedAdministrators + - organizations:EnableAWSServiceAccess + read: + - config:DescribeOrganizationConformancePacks + delete: + - config:DeleteOrganizationConformancePack + - config:DescribeOrganizationConformancePackStatuses + - config:GetOrganizationConformancePackDetailedStatus + - organizations:ListDelegatedAdministrators + update: + - config:PutOrganizationConformancePack + - config:DescribeOrganizationConformancePackStatuses + - config:GetOrganizationConformancePackDetailedStatus + - s3:GetObject + - s3:GetBucketAcl + - iam:CreateServiceLinkedRole + - iam:PassRole + - organizations:ListDelegatedAdministrators + - organizations:EnableAWSServiceAccess + list: + - config:DescribeOrganizationConformancePacks + StoredQuery: + type: object + properties: + QueryArn: + type: string + minLength: 1 + maxLength: 500 + QueryId: + type: string + minLength: 1 + maxLength: 36 + pattern: ^\S+$ + QueryName: + type: string + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9-_]+$ + QueryDescription: + type: string + minLength: 0 + maxLength: 256 + pattern: '[\s\S]*' + QueryExpression: + type: string + minLength: 1 + maxLength: 4096 + pattern: '[\s\S]*' + Tags: + description: The tags for the stored query. + type: array + maxItems: 50 + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - QueryName + - QueryExpression + x-stackql-resource-name: stored_query + x-stackql-primaryIdentifier: + - QueryName + x-create-only-properties: + - QueryName + x-read-only-properties: + - QueryId + - QueryArn + x-required-permissions: + create: + - config:PutStoredQuery + - config:GetStoredQuery + - config:TagResource + read: + - config:GetStoredQuery + - config:ListTagsForResource + update: + - config:PutStoredQuery + - config:GetStoredQuery + - config:TagResource + - config:UntagResource + - config:ListTagsForResource + delete: + - config:DeleteStoredQuery + - config:UntagResource + list: + - config:ListStoredQueries + x-stackQL-resources: + aggregation_authorizations: + name: aggregation_authorizations + id: awscc.config.aggregation_authorizations + x-cfn-schema-name: AggregationAuthorization + x-type: list + x-identifiers: + - AuthorizedAccountId + - AuthorizedAwsRegion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AuthorizedAccountId') as authorized_account_id, + JSON_EXTRACT(Properties, '$.AuthorizedAwsRegion') as authorized_aws_region + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::AggregationAuthorization' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AuthorizedAccountId') as authorized_account_id, + json_extract_path_text(Properties, 'AuthorizedAwsRegion') as authorized_aws_region + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::AggregationAuthorization' + AND region = 'us-east-1' + aggregation_authorization: + name: aggregation_authorization + id: awscc.config.aggregation_authorization + x-cfn-schema-name: AggregationAuthorization + x-type: get + x-identifiers: + - AuthorizedAccountId + - AuthorizedAwsRegion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AuthorizedAccountId') as authorized_account_id, + JSON_EXTRACT(Properties, '$.AuthorizedAwsRegion') as authorized_aws_region, + JSON_EXTRACT(Properties, '$.AggregationAuthorizationArn') as aggregation_authorization_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::AggregationAuthorization' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AuthorizedAccountId') as authorized_account_id, + json_extract_path_text(Properties, 'AuthorizedAwsRegion') as authorized_aws_region, + json_extract_path_text(Properties, 'AggregationAuthorizationArn') as aggregation_authorization_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::AggregationAuthorization' + AND data__Identifier = '' + AND region = 'us-east-1' + config_rules: + name: config_rules + id: awscc.config.config_rules + x-cfn-schema-name: ConfigRule + x-type: list + x-identifiers: + - ConfigRuleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConfigRuleName') as config_rule_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::ConfigRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConfigRuleName') as config_rule_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::ConfigRule' + AND region = 'us-east-1' + config_rule: + name: config_rule + id: awscc.config.config_rule + x-cfn-schema-name: ConfigRule + x-type: get + x-identifiers: + - ConfigRuleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConfigRuleId') as config_rule_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.ConfigRuleName') as config_rule_name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Compliance') as compliance, + JSON_EXTRACT(Properties, '$.MaximumExecutionFrequency') as maximum_execution_frequency, + JSON_EXTRACT(Properties, '$.Source') as source, + JSON_EXTRACT(Properties, '$.InputParameters') as input_parameters, + JSON_EXTRACT(Properties, '$.EvaluationModes') as evaluation_modes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::ConfigRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConfigRuleId') as config_rule_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'ConfigRuleName') as config_rule_name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Compliance') as compliance, + json_extract_path_text(Properties, 'MaximumExecutionFrequency') as maximum_execution_frequency, + json_extract_path_text(Properties, 'Source') as source, + json_extract_path_text(Properties, 'InputParameters') as input_parameters, + json_extract_path_text(Properties, 'EvaluationModes') as evaluation_modes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::ConfigRule' + AND data__Identifier = '' + AND region = 'us-east-1' + configuration_aggregators: + name: configuration_aggregators + id: awscc.config.configuration_aggregators + x-cfn-schema-name: ConfigurationAggregator + x-type: list + x-identifiers: + - ConfigurationAggregatorName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConfigurationAggregatorName') as configuration_aggregator_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::ConfigurationAggregator' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConfigurationAggregatorName') as configuration_aggregator_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::ConfigurationAggregator' + AND region = 'us-east-1' + configuration_aggregator: + name: configuration_aggregator + id: awscc.config.configuration_aggregator + x-cfn-schema-name: ConfigurationAggregator + x-type: get + x-identifiers: + - ConfigurationAggregatorName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountAggregationSources') as account_aggregation_sources, + JSON_EXTRACT(Properties, '$.ConfigurationAggregatorName') as configuration_aggregator_name, + JSON_EXTRACT(Properties, '$.ConfigurationAggregatorArn') as configuration_aggregator_arn, + JSON_EXTRACT(Properties, '$.OrganizationAggregationSource') as organization_aggregation_source, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::ConfigurationAggregator' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountAggregationSources') as account_aggregation_sources, + json_extract_path_text(Properties, 'ConfigurationAggregatorName') as configuration_aggregator_name, + json_extract_path_text(Properties, 'ConfigurationAggregatorArn') as configuration_aggregator_arn, + json_extract_path_text(Properties, 'OrganizationAggregationSource') as organization_aggregation_source, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::ConfigurationAggregator' + AND data__Identifier = '' + AND region = 'us-east-1' + conformance_packs: + name: conformance_packs + id: awscc.config.conformance_packs + x-cfn-schema-name: ConformancePack + x-type: list + x-identifiers: + - ConformancePackName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConformancePackName') as conformance_pack_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::ConformancePack' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConformancePackName') as conformance_pack_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::ConformancePack' + AND region = 'us-east-1' + conformance_pack: + name: conformance_pack + id: awscc.config.conformance_pack + x-cfn-schema-name: ConformancePack + x-type: get + x-identifiers: + - ConformancePackName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConformancePackName') as conformance_pack_name, + JSON_EXTRACT(Properties, '$.DeliveryS3Bucket') as delivery_s3_bucket, + JSON_EXTRACT(Properties, '$.DeliveryS3KeyPrefix') as delivery_s3_key_prefix, + JSON_EXTRACT(Properties, '$.TemplateBody') as template_body, + JSON_EXTRACT(Properties, '$.TemplateS3Uri') as template_s3_uri, + JSON_EXTRACT(Properties, '$.TemplateSSMDocumentDetails') as template_ss_mdocument_details, + JSON_EXTRACT(Properties, '$.ConformancePackInputParameters') as conformance_pack_input_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::ConformancePack' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConformancePackName') as conformance_pack_name, + json_extract_path_text(Properties, 'DeliveryS3Bucket') as delivery_s3_bucket, + json_extract_path_text(Properties, 'DeliveryS3KeyPrefix') as delivery_s3_key_prefix, + json_extract_path_text(Properties, 'TemplateBody') as template_body, + json_extract_path_text(Properties, 'TemplateS3Uri') as template_s3_uri, + json_extract_path_text(Properties, 'TemplateSSMDocumentDetails') as template_ss_mdocument_details, + json_extract_path_text(Properties, 'ConformancePackInputParameters') as conformance_pack_input_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::ConformancePack' + AND data__Identifier = '' + AND region = 'us-east-1' + organization_conformance_packs: + name: organization_conformance_packs + id: awscc.config.organization_conformance_packs + x-cfn-schema-name: OrganizationConformancePack + x-type: list + x-identifiers: + - OrganizationConformancePackName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OrganizationConformancePackName') as organization_conformance_pack_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::OrganizationConformancePack' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OrganizationConformancePackName') as organization_conformance_pack_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::OrganizationConformancePack' + AND region = 'us-east-1' + organization_conformance_pack: + name: organization_conformance_pack + id: awscc.config.organization_conformance_pack + x-cfn-schema-name: OrganizationConformancePack + x-type: get + x-identifiers: + - OrganizationConformancePackName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OrganizationConformancePackName') as organization_conformance_pack_name, + JSON_EXTRACT(Properties, '$.TemplateS3Uri') as template_s3_uri, + JSON_EXTRACT(Properties, '$.TemplateBody') as template_body, + JSON_EXTRACT(Properties, '$.DeliveryS3Bucket') as delivery_s3_bucket, + JSON_EXTRACT(Properties, '$.DeliveryS3KeyPrefix') as delivery_s3_key_prefix, + JSON_EXTRACT(Properties, '$.ConformancePackInputParameters') as conformance_pack_input_parameters, + JSON_EXTRACT(Properties, '$.ExcludedAccounts') as excluded_accounts + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::OrganizationConformancePack' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OrganizationConformancePackName') as organization_conformance_pack_name, + json_extract_path_text(Properties, 'TemplateS3Uri') as template_s3_uri, + json_extract_path_text(Properties, 'TemplateBody') as template_body, + json_extract_path_text(Properties, 'DeliveryS3Bucket') as delivery_s3_bucket, + json_extract_path_text(Properties, 'DeliveryS3KeyPrefix') as delivery_s3_key_prefix, + json_extract_path_text(Properties, 'ConformancePackInputParameters') as conformance_pack_input_parameters, + json_extract_path_text(Properties, 'ExcludedAccounts') as excluded_accounts + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::OrganizationConformancePack' + AND data__Identifier = '' + AND region = 'us-east-1' + stored_queries: + name: stored_queries + id: awscc.config.stored_queries + x-cfn-schema-name: StoredQuery + x-type: list + x-identifiers: + - QueryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.QueryName') as query_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::StoredQuery' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'QueryName') as query_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Config::StoredQuery' + AND region = 'us-east-1' + stored_query: + name: stored_query + id: awscc.config.stored_query + x-cfn-schema-name: StoredQuery + x-type: get + x-identifiers: + - QueryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.QueryArn') as query_arn, + JSON_EXTRACT(Properties, '$.QueryId') as query_id, + JSON_EXTRACT(Properties, '$.QueryName') as query_name, + JSON_EXTRACT(Properties, '$.QueryDescription') as query_description, + JSON_EXTRACT(Properties, '$.QueryExpression') as query_expression, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::StoredQuery' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'QueryArn') as query_arn, + json_extract_path_text(Properties, 'QueryId') as query_id, + json_extract_path_text(Properties, 'QueryName') as query_name, + json_extract_path_text(Properties, 'QueryDescription') as query_description, + json_extract_path_text(Properties, 'QueryExpression') as query_expression, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Config::StoredQuery' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/connect.yaml b/providers/src/awscc/v00.00.00000/services/connect.yaml new file mode 100644 index 00000000..6d1868c3 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/connect.yaml @@ -0,0 +1,4259 @@ +openapi: 3.0.0 +info: + title: Connect + version: 1.0.0 +paths: {} +components: + schemas: + Origin: + description: Domain name to be added to the allowlist of instance + type: string + maxLength: 267 + InstanceId: + description: Amazon Connect instance identifier + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + minLength: 1 + maxLength: 100 + ApprovedOrigin: + type: object + properties: + Origin: + $ref: '#/components/schemas/Origin' + InstanceId: + $ref: '#/components/schemas/InstanceId' + required: + - Origin + - InstanceId + x-stackql-resource-name: approved_origin + x-stackql-primaryIdentifier: + - InstanceId + - Origin + x-create-only-properties: + - InstanceId + - Origin + x-required-permissions: + create: + - connect:AssociateApprovedOrigin + - connect:ListApprovedOrigins + read: + - connect:ListApprovedOrigins + update: [] + delete: + - connect:DisassociateApprovedOrigin + - connect:ListApprovedOrigins + list: + - connect:ListApprovedOrigins + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: The key name of the tag. You can specify a value that is 1 to 128 Unicode characters + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + minLength: 1 + maxLength: 128 + Value: + type: string + description: The value for the tag. . You can specify a value that is maximum of 256 Unicode characters + maxLength: 256 + required: + - Key + - Value + ContactFlow: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance (ARN). + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + minLength: 1 + maxLength: 256 + ContactFlowArn: + description: The identifier of the contact flow (ARN). + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/contact-flow/[-a-zA-Z0-9]*$ + minLength: 1 + maxLength: 500 + Name: + description: The name of the contact flow. + type: string + minLength: 1 + maxLength: 127 + Content: + description: The content of the contact flow in JSON format. + type: string + minLength: 1 + maxLength: 256000 + Description: + description: The description of the contact flow. + type: string + maxLength: 500 + State: + type: string + description: The state of the contact flow. + enum: + - ACTIVE + - ARCHIVED + Type: + description: The type of the contact flow. + type: string + enum: + - CONTACT_FLOW + - CUSTOMER_QUEUE + - CUSTOMER_HOLD + - CUSTOMER_WHISPER + - AGENT_HOLD + - AGENT_WHISPER + - OUTBOUND_WHISPER + - AGENT_TRANSFER + - QUEUE_TRANSFER + Tags: + description: One or more tags. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - InstanceArn + - Content + - Name + - Type + x-stackql-resource-name: contact_flow + x-stackql-primaryIdentifier: + - ContactFlowArn + x-create-only-properties: + - Type + x-read-only-properties: + - ContactFlowArn + x-required-permissions: + create: + - connect:CreateContactFlow + - connect:TagResource + read: + - connect:DescribeContactFlow + delete: + - connect:DeleteContactFlow + - connect:UntagResource + update: + - connect:UpdateContactFlowMetadata + - connect:UpdateContactFlowContent + - connect:TagResource + - connect:UntagResource + list: + - connect:ListContactFlows + ContactFlowModule: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance (ARN). + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + minLength: 1 + maxLength: 256 + ContactFlowModuleArn: + description: The identifier of the contact flow module (ARN). + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/flow-module/[-a-zA-Z0-9]*$ + minLength: 1 + maxLength: 256 + Name: + description: The name of the contact flow module. + type: string + minLength: 1 + maxLength: 127 + pattern: .*\S.* + Content: + description: The content of the contact flow module in JSON format. + type: string + minLength: 1 + maxLength: 256000 + Description: + description: The description of the contact flow module. + type: string + maxLength: 500 + pattern: .*\S.* + State: + type: string + description: The state of the contact flow module. + maxLength: 500 + Status: + type: string + description: The status of the contact flow module. + maxLength: 500 + Tags: + description: One or more tags. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - InstanceArn + - Name + - Content + x-stackql-resource-name: contact_flow_module + x-stackql-primaryIdentifier: + - ContactFlowModuleArn + x-read-only-properties: + - ContactFlowModuleArn + - Status + x-required-permissions: + create: + - connect:CreateContactFlowModule + - connect:TagResource + read: + - connect:DescribeContactFlowModule + delete: + - connect:DeleteContactFlowModule + - connect:UntagResource + update: + - connect:UpdateContactFlowModuleMetadata + - connect:UpdateContactFlowModuleContent + - connect:TagResource + - connect:UntagResource + list: + - connect:ListContactFlowModules + RefId: + description: The identifier to reference the item. + type: string + pattern: ^[a-zA-Z0-9._-]{1,40}$ + Weight: + description: The item weight used for scoring. + type: number + minimum: 0 + maximum: 100 + Score: + description: The score of an answer option. + type: integer + minimum: 0 + maximum: 10 + EvaluationFormBaseItem: + description: The evaluation form base item. + type: object + additionalProperties: false + properties: + Section: + description: The evaluation form section item + $ref: '#/components/schemas/EvaluationFormSection' + required: + - Section + EvaluationFormItem: + description: The evaluation form item. + type: object + additionalProperties: false + properties: + Section: + description: The evaluation form section item + $ref: '#/components/schemas/EvaluationFormSection' + Question: + description: The evaluation form question item + $ref: '#/components/schemas/EvaluationFormQuestion' + EvaluationFormSection: + description: The evaluation form section. + type: object + additionalProperties: false + properties: + Title: + description: The title of the section. + type: string + minLength: 1 + maxLength: 128 + Instructions: + description: The instructions for the section. + type: string + maxLength: 1024 + RefId: + description: The identifier to reference the section. + $ref: '#/components/schemas/RefId' + Items: + description: The list of section items. + type: array + x-insertionOrder: true + minItems: 1 + maxItems: 200 + items: + $ref: '#/components/schemas/EvaluationFormItem' + Weight: + description: The item weight used for scoring. + $ref: '#/components/schemas/Weight' + required: + - RefId + - Title + EvaluationFormNumericQuestionOption: + description: The option ranges used for scoring in numeric questions. + type: object + additionalProperties: false + properties: + MinValue: + description: The minimum value of the option range. + type: integer + MaxValue: + description: The maximum value of the option range. + type: integer + Score: + description: The score of the option range. + $ref: '#/components/schemas/Score' + AutomaticFail: + description: The flag to mark the option as automatic fail. + type: boolean + required: + - MinValue + - MaxValue + NumericQuestionPropertyValueAutomation: + description: The automation property name of the question. + type: object + additionalProperties: false + properties: + Label: + description: The automation property label. + type: string + enum: + - OVERALL_CUSTOMER_SENTIMENT_SCORE + - OVERALL_AGENT_SENTIMENT_SCORE + - NON_TALK_TIME + - NON_TALK_TIME_PERCENTAGE + - NUMBER_OF_INTERRUPTIONS + - CONTACT_DURATION + - AGENT_INTERACTION_DURATION + - CUSTOMER_HOLD_TIME + required: + - Label + EvaluationFormNumericQuestionAutomation: + description: The automation properties for the numeric question. + type: object + additionalProperties: false + properties: + PropertyValue: + description: The automation property name of the question. + $ref: '#/components/schemas/NumericQuestionPropertyValueAutomation' + required: + - PropertyValue + EvaluationFormNumericQuestionProperties: + description: The properties of the numeric question. + type: object + additionalProperties: false + properties: + MinValue: + description: The minimum value for answers of the question. + type: integer + MaxValue: + description: The maximum value for answers of the question. + type: integer + Options: + description: The list of option ranges used for scoring. + type: array + x-insertionOrder: true + minItems: 1 + maxItems: 10 + items: + $ref: '#/components/schemas/EvaluationFormNumericQuestionOption' + Automation: + description: The automation properties for the numeric question. + $ref: '#/components/schemas/EvaluationFormNumericQuestionAutomation' + required: + - MinValue + - MaxValue + EvaluationFormSingleSelectQuestionAutomationOption: + description: The automation option for the single-select question. + type: object + additionalProperties: false + properties: + RuleCategory: + description: The automation option based on Rules categories. + $ref: '#/components/schemas/SingleSelectQuestionRuleCategoryAutomation' + required: + - RuleCategory + SingleSelectQuestionRuleCategoryAutomation: + description: The automation option based on Rules categories. + type: object + additionalProperties: false + properties: + Category: + description: The category name as defined in Rules. + type: string + minLength: 1 + maxLength: 50 + Condition: + description: The automation condition applied on contact categories. + type: string + enum: + - PRESENT + - NOT_PRESENT + OptionRefId: + description: The option identifier referencing the option to be selected when the automation option is triggered. + $ref: '#/components/schemas/RefId' + required: + - Category + - Condition + - OptionRefId + EvaluationFormSingleSelectQuestionAutomation: + description: The automation properties for the single-select question. + type: object + additionalProperties: false + properties: + Options: + description: The answer options for the automation. + type: array + x-insertionOrder: true + minItems: 1 + maxItems: 20 + items: + $ref: '#/components/schemas/EvaluationFormSingleSelectQuestionAutomationOption' + DefaultOptionRefId: + description: The option reference identifier of the default answer. + $ref: '#/components/schemas/RefId' + required: + - Options + EvaluationFormSingleSelectQuestionOption: + description: The option for a question. + type: object + additionalProperties: false + properties: + RefId: + description: The identifier used to reference the option. + $ref: '#/components/schemas/RefId' + Text: + description: The title of the option. + type: string + minLength: 1 + maxLength: 128 + Score: + description: The score of the option. + $ref: '#/components/schemas/Score' + AutomaticFail: + description: The flag to mark the option as automatic fail. + type: boolean + required: + - RefId + - Text + EvaluationFormSingleSelectQuestionProperties: + description: The properties of the single-select question. + type: object + additionalProperties: false + properties: + Options: + description: The list of options for the question. + type: array + x-insertionOrder: true + minItems: 2 + maxItems: 256 + items: + $ref: '#/components/schemas/EvaluationFormSingleSelectQuestionOption' + DisplayAs: + description: The display mode of the single-select question. + type: string + enum: + - DROPDOWN + - RADIO + Automation: + description: The automation properties for the single-select question. + $ref: '#/components/schemas/EvaluationFormSingleSelectQuestionAutomation' + required: + - Options + EvaluationFormQuestionTypeProperties: + description: The properties of the question. + type: object + additionalProperties: false + properties: + Numeric: + description: The properties of the numeric question. + $ref: '#/components/schemas/EvaluationFormNumericQuestionProperties' + SingleSelect: + description: The properties of the single-select question. + $ref: '#/components/schemas/EvaluationFormSingleSelectQuestionProperties' + EvaluationFormQuestion: + description: The evaluation form question. + type: object + additionalProperties: false + properties: + Title: + description: The title of the question. + type: string + minLength: 1 + maxLength: 350 + Instructions: + description: The instructions for the question. + type: string + maxLength: 1024 + RefId: + description: The identifier used to reference the question. + $ref: '#/components/schemas/RefId' + NotApplicableEnabled: + description: The flag to enable not applicable answers to the question. + type: boolean + QuestionType: + description: The type of the question. + type: string + enum: + - NUMERIC + - SINGLESELECT + - TEXT + QuestionTypeProperties: + description: The properties of the question + $ref: '#/components/schemas/EvaluationFormQuestionTypeProperties' + Weight: + description: The question weight used for scoring. + $ref: '#/components/schemas/Weight' + required: + - RefId + - Title + - QuestionType + ScoringStrategy: + description: The scoring strategy. + type: object + additionalProperties: false + properties: + Mode: + description: The scoring mode. + type: string + enum: + - QUESTION_ONLY + - SECTION_ONLY + Status: + description: The scoring status. + type: string + enum: + - ENABLED + - DISABLED + required: + - Mode + - Status + EvaluationForm: + type: object + properties: + Title: + description: The title of the evaluation form. + type: string + minLength: 1 + maxLength: 128 + Description: + description: The description of the evaluation form. + type: string + maxLength: 1024 + EvaluationFormArn: + description: The Amazon Resource Name (ARN) for the evaluation form. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/evaluation-form/[-a-zA-Z0-9]*$ + InstanceArn: + description: The Amazon Resource Name (ARN) of the instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Items: + description: The list of evaluation form items. + type: array + x-insertionOrder: true + minItems: 1 + maxItems: 200 + items: + $ref: '#/components/schemas/EvaluationFormBaseItem' + ScoringStrategy: + description: The scoring strategy. + $ref: '#/components/schemas/ScoringStrategy' + Status: + description: The status of the evaluation form. + type: string + default: DRAFT + enum: + - DRAFT + - ACTIVE + Tags: + description: One or more tags. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Title + - InstanceArn + - Items + - Status + x-stackql-resource-name: evaluation_form + x-stackql-primaryIdentifier: + - EvaluationFormArn + x-read-only-properties: + - EvaluationFormArn + x-required-permissions: + create: + - connect:CreateEvaluationForm + - connect:ActivateEvaluationForm + - connect:TagResource + read: + - connect:DescribeEvaluationForm + - connect:ListEvaluationFormVersions + list: + - connect:ListEvaluationForms + update: + - connect:UpdateEvaluationForm + - connect:ListEvaluationFormVersions + - connect:ActivateEvaluationForm + - connect:DeactivateEvaluationForm + - connect:TagResource + - connect:UntagResource + delete: + - connect:DeleteEvaluationForm + - connect:UntagResource + HoursOfOperationTimeSlice: + description: The start time or end time for an hours of operation. + type: object + additionalProperties: false + properties: + Hours: + type: integer + description: The hours. + minimum: 0 + maximum: 23 + Minutes: + type: integer + description: The minutes. + minimum: 0 + maximum: 59 + required: + - Hours + - Minutes + HoursOfOperationConfig: + description: Contains information about the hours of operation. + type: object + additionalProperties: false + properties: + Day: + type: string + description: The day that the hours of operation applies to. + enum: + - SUNDAY + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + StartTime: + description: The start time that your contact center opens. + $ref: '#/components/schemas/HoursOfOperationTimeSlice' + EndTime: + description: The end time that your contact center closes. + $ref: '#/components/schemas/HoursOfOperationTimeSlice' + required: + - Day + - StartTime + - EndTime + HoursOfOperation: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Name: + description: The name of the hours of operation. + type: string + minLength: 1 + maxLength: 127 + Description: + description: The description of the hours of operation. + type: string + minLength: 1 + maxLength: 250 + TimeZone: + description: The time zone of the hours of operation. + type: string + Config: + description: 'Configuration information for the hours of operation: day, start time, and end time.' + type: array + maxItems: 100 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/HoursOfOperationConfig' + HoursOfOperationArn: + description: The Amazon Resource Name (ARN) for the hours of operation. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/operating-hours/[-a-zA-Z0-9]*$ + Tags: + description: One or more tags. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - InstanceArn + - Name + - TimeZone + - Config + x-stackql-resource-name: hours_of_operation + x-stackql-primaryIdentifier: + - HoursOfOperationArn + x-read-only-properties: + - HoursOfOperationArn + x-required-permissions: + create: + - connect:CreateHoursOfOperation + - connect:TagResource + read: + - connect:DescribeHoursOfOperation + delete: + - connect:DeleteHoursOfOperation + - connect:UntagResource + update: + - connect:UpdateHoursOfOperation + - connect:TagResource + - connect:UntagResource + list: + - connect:ListHoursOfOperations + InboundCalls: + description: Mandatory element which enables inbound calls on new instance. + type: boolean + OutboundCalls: + description: Mandatory element which enables outbound calls on new instance. + type: boolean + ContactflowLogs: + description: Boolean flag which enables CONTACTFLOW_LOGS on an instance. + type: boolean + ContactLens: + description: Boolean flag which enables CONTACT_LENS on an instance. + type: boolean + AutoResolveBestVoices: + description: Boolean flag which enables AUTO_RESOLVE_BEST_VOICES on an instance. + type: boolean + UseCustomTTSVoices: + description: Boolean flag which enables USE_CUSTOM_TTS_VOICES on an instance. + type: boolean + EarlyMedia: + description: Boolean flag which enables EARLY_MEDIA on an instance. + type: boolean + Attributes: + type: object + additionalProperties: false + properties: + InboundCalls: + $ref: '#/components/schemas/InboundCalls' + OutboundCalls: + $ref: '#/components/schemas/OutboundCalls' + ContactflowLogs: + $ref: '#/components/schemas/ContactflowLogs' + ContactLens: + $ref: '#/components/schemas/ContactLens' + AutoResolveBestVoices: + $ref: '#/components/schemas/AutoResolveBestVoices' + UseCustomTTSVoices: + $ref: '#/components/schemas/UseCustomTTSVoices' + EarlyMedia: + $ref: '#/components/schemas/EarlyMedia' + required: + - InboundCalls + - OutboundCalls + Instance: + type: object + properties: + Id: + description: An instanceId is automatically generated on creation and assigned as the unique identifier. + type: string + Arn: + description: An instanceArn is automatically generated on creation based on instanceId. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + IdentityManagementType: + description: Specifies the type of directory integration for new instance. + type: string + enum: + - SAML + - CONNECT_MANAGED + - EXISTING_DIRECTORY + InstanceAlias: + description: Alias of the new directory created as part of new instance creation. + type: string + pattern: ^(?!d-)([\da-zA-Z]+)([-]*[\da-zA-Z])*$ + minLength: 1 + maxLength: 62 + CreatedTime: + description: Timestamp of instance creation logged as part of instance creation. + type: string + format: date-time + ServiceRole: + description: Service linked role created as part of instance creation. + type: string + InstanceStatus: + description: Specifies the creation status of new instance. + type: string + enum: + - CREATION_IN_PROGRESS + - CREATION_FAILED + - ACTIVE + DirectoryId: + description: Existing directoryId user wants to map to the new Connect instance. + type: string + pattern: ^d-[0-9a-f]{10}$ + minLength: 12 + maxLength: 12 + Attributes: + description: The attributes for the instance. + $ref: '#/components/schemas/Attributes' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - IdentityManagementType + - Attributes + x-stackql-resource-name: instance + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - DirectoryId + - InstanceAlias + - IdentityManagementType + x-read-only-properties: + - Id + - Arn + - ServiceRole + - CreatedTime + - InstanceStatus + x-required-permissions: + create: + - connect:CreateInstance + - connect:DescribeInstance + - connect:UpdateInstanceAttribute + - connect:TagResource + - ds:CheckAlias + - ds:CreateAlias + - ds:AuthorizeApplication + - ds:UnauthorizeApplication + - ds:CreateIdentityPoolDirectory + - ds:CreateDirectory + - ds:DescribeDirectories + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + - logs:CreateLogGroup + read: + - connect:DescribeInstance + - connect:ListInstanceAttributes + - ds:DescribeDirectories + update: + - connect:ListInstanceAttributes + - connect:UpdateInstanceAttribute + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + - connect:TagResource + - connect:UntagResource + delete: + - connect:DeleteInstance + - connect:DescribeInstance + - connect:UntagResource + - ds:DeleteDirectory + - ds:UnauthorizeApplication + - ds:DescribeDirectories + list: + - connect:ListInstances + - connect:ListInstanceAttributes + - ds:DescribeDirectories + KinesisStreamArn: + description: An ARN is a unique AWS resource identifier. + type: string + pattern: ^arn:aws[-a-z0-9]*:kinesis:[-a-z0-9]*:[0-9]{12}:stream/[-a-zA-Z0-9_.]*$ + FirehoseDeliveryStreamArn: + description: An ARN is a unique AWS resource identifier. + type: string + pattern: ^arn:aws[-a-z0-9]*:firehose:[-a-z0-9]*:[0-9]{12}:deliverystream/[-a-zA-Z0-9_.]*$ + AssociationId: + description: An associationID is automatically generated when a storage config is associated with an instance + type: string + pattern: ^[-a-z0-9]*$ + minLength: 1 + maxLength: 100 + InstanceStorageResourceType: + description: Specifies the type of storage resource available for the instance + type: string + enum: + - CHAT_TRANSCRIPTS + - CALL_RECORDINGS + - SCHEDULED_REPORTS + - MEDIA_STREAMS + - CONTACT_TRACE_RECORDS + - AGENT_EVENTS + StorageType: + description: Specifies the storage type to be associated with the instance + type: string + enum: + - S3 + - KINESIS_VIDEO_STREAM + - KINESIS_STREAM + - KINESIS_FIREHOSE + BucketName: + description: A name for the S3 Bucket + type: string + minLength: 1 + maxLength: 128 + Hours: + description: Number of hours + type: number + Prefix: + description: Prefixes are used to infer logical hierarchy + type: string + minLength: 1 + maxLength: 128 + EncryptionType: + description: Specifies default encryption using AWS KMS-Managed Keys + type: string + enum: + - KMS + KeyId: + description: Specifies the encryption key id + type: string + minLength: 1 + maxLength: 128 + EncryptionConfig: + type: object + additionalProperties: false + properties: + EncryptionType: + $ref: '#/components/schemas/EncryptionType' + KeyId: + $ref: '#/components/schemas/KeyId' + required: + - EncryptionType + - KeyId + S3Config: + type: object + additionalProperties: false + properties: + BucketName: + $ref: '#/components/schemas/BucketName' + BucketPrefix: + $ref: '#/components/schemas/Prefix' + EncryptionConfig: + $ref: '#/components/schemas/EncryptionConfig' + required: + - BucketName + - BucketPrefix + KinesisVideoStreamConfig: + type: object + additionalProperties: false + properties: + Prefix: + $ref: '#/components/schemas/Prefix' + RetentionPeriodHours: + $ref: '#/components/schemas/Hours' + EncryptionConfig: + $ref: '#/components/schemas/EncryptionConfig' + required: + - Prefix + - RetentionPeriodHours + - EncryptionConfig + KinesisStreamConfig: + type: object + additionalProperties: false + properties: + StreamArn: + $ref: '#/components/schemas/KinesisStreamArn' + required: + - StreamArn + KinesisFirehoseConfig: + type: object + additionalProperties: false + properties: + FirehoseArn: + $ref: '#/components/schemas/FirehoseDeliveryStreamArn' + required: + - FirehoseArn + InstanceStorageConfig: + type: object + properties: + InstanceArn: + description: Connect Instance ID with which the storage config will be associated + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + ResourceType: + $ref: '#/components/schemas/InstanceStorageResourceType' + AssociationId: + $ref: '#/components/schemas/AssociationId' + StorageType: + $ref: '#/components/schemas/StorageType' + S3Config: + $ref: '#/components/schemas/S3Config' + KinesisVideoStreamConfig: + $ref: '#/components/schemas/KinesisVideoStreamConfig' + KinesisStreamConfig: + $ref: '#/components/schemas/KinesisStreamConfig' + KinesisFirehoseConfig: + $ref: '#/components/schemas/KinesisFirehoseConfig' + required: + - InstanceArn + - ResourceType + - StorageType + x-stackql-resource-name: instance_storage_config + x-stackql-primaryIdentifier: + - InstanceArn + - AssociationId + - ResourceType + x-create-only-properties: + - InstanceArn + - ResourceType + x-read-only-properties: + - AssociationId + x-required-permissions: + create: + - connect:AssociateInstanceStorageConfig + - connect:DescribeInstance + - ds:DescribeDirectories + - s3:GetBucketAcl + - s3:GetBucketLocation + - iam:PutRolePolicy + - kinesis:DescribeStream + - kms:DescribeKey + - kms:CreateGrant + - firehose:DescribeDeliveryStream + read: + - connect:DescribeInstanceStorageConfig + - connect:ListInstanceStorageConfigs + - connect:DescribeInstance + - ds:DescribeDirectories + - s3:GetBucketAcl + - s3:GetBucketLocation + update: + - connect:UpdateInstanceStorageConfig + - ds:DescribeDirectories + - s3:GetBucketAcl + - s3:GetBucketLocation + - kinesis:DescribeStream + - iam:PutRolePolicy + - kms:DescribeKey + - kms:CreateGrant + - kms:RetireGrant + - firehose:DescribeDeliveryStream + delete: + - connect:DisassociateInstanceStorageConfig + - connect:DescribeInstance + - s3:GetBucketAcl + - s3:GetBucketLocation + - kms:RetireGrant + list: + - connect:DescribeInstance + - connect:ListInstanceStorageConfigs + - ds:DescribeDirectories + IntegrationArn: + description: ARN of Integration being associated with the instance + type: string + minLength: 1 + maxLength: 140 + IntegrationType: + description: Specifies the integration type to be associated with the instance + type: string + enum: + - LEX_BOT + - LAMBDA_FUNCTION + - APPLICATION + IntegrationAssociationId: + description: Identifier of the association with Connect Instance + type: string + pattern: ^[a-zA-Z]{1}(?:-?[a-zA-Z0-9])*$ + IntegrationAssociation: + type: object + properties: + IntegrationAssociationId: + $ref: '#/components/schemas/IntegrationAssociationId' + InstanceId: + $ref: '#/components/schemas/InstanceId' + IntegrationArn: + $ref: '#/components/schemas/IntegrationArn' + IntegrationType: + $ref: '#/components/schemas/IntegrationType' + required: + - InstanceId + - IntegrationType + - IntegrationArn + x-stackql-resource-name: integration_association + x-stackql-primaryIdentifier: + - InstanceId + - IntegrationType + - IntegrationArn + x-create-only-properties: + - InstanceId + - IntegrationArn + - IntegrationType + x-read-only-properties: + - IntegrationAssociationId + x-required-permissions: + create: + - connect:DescribeInstance + - ds:DescribeDirectories + - app-integrations:CreateEventIntegrationAssociation + - mobiletargeting:GetApp + - cases:GetDomain + - wisdom:GetAssistant + - wisdom:GetKnowledgeBase + - wisdom:TagResource + - voiceid:DescribeDomain + - events:PutTargets + - events:PutRule + - connect:AssociateBot + - connect:AssociateLambdaFunction + - connect:CreateIntegrationAssociation + - connect:ListBots + - connect:ListLambdaFunctions + - connect:ListIntegrationAssociations + - lambda:addPermission + - lex:GetBot + - lex:DescribeBotAlias + - lex:CreateResourcePolicy + - lex:UpdateResourcePolicy + - lex:CreateResourcePolicyStatement + - lambda:AddPermission + - app-integrations:GetApplication + - iam:AttachRolePolicy + - iam:CreateServiceLinkedRole + - iam:GetRolePolicy + - iam:PutRolePolicy + read: + - connect:ListBots + - connect:ListLambdaFunctions + - connect:ListIntegrationAssociations + update: [] + delete: + - connect:DescribeInstance + - ds:DescribeDirectories + - app-integrations:DeleteEventIntegrationAssociation + - events:ListTargetsByRule + - events:RemoveTargets + - events:DeleteRule + - connect:DisassociateBot + - connect:DisassociateLambdaFunction + - connect:DeleteIntegrationAssociation + - connect:ListBots + - connect:ListLambdaFunctions + - connect:ListIntegrationAssociations + - lex:DeleteResourcePolicy + - lex:DeleteResourcePolicyStatement + - lambda:RemovePermission + - iam:GetRolePolicy + - iam:DeleteRolePolicy + - iam:PutRolePolicy + list: + - connect:ListBots + - connect:ListLambdaFunctions + - connect:ListIntegrationAssociations + PhoneNumber: + description: The phone number in E.164 format. + type: string + pattern: ^\+[1-9]\d{1,14}$ + StringList: + description: Predefined attribute values of type string list. + type: array + minItems: 1 + maxItems: 128 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Value' + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + PredefinedAttribute: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Name: + description: The name of the predefined attribute. + type: string + minLength: 1 + maxLength: 64 + Values: + description: The values of a predefined attribute. + type: object + properties: + StringList: + $ref: '#/components/schemas/StringList' + additionalProperties: false + required: + - InstanceArn + - Name + - Values + x-stackql-resource-name: predefined_attribute + x-stackql-primaryIdentifier: + - InstanceArn + - Name + x-create-only-properties: + - InstanceArn + - Name + x-required-permissions: + create: + - connect:CreatePredefinedAttribute + read: + - connect:DescribePredefinedAttribute + delete: + - connect:DeletePredefinedAttribute + update: + - connect:UpdatePredefinedAttribute + list: + - connect:ListPredefinedAttributes + Prompt: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Name: + description: The name of the prompt. + type: string + minLength: 1 + maxLength: 127 + Description: + description: The description of the prompt. + type: string + minLength: 1 + maxLength: 250 + S3Uri: + description: S3 URI of the customer's audio file for creating prompts resource.. + type: string + minLength: 1 + maxLength: 2000 + pattern: s3://\S+/.+|https://\S+\.s3(\.\S+)?\.amazonaws\.com/\S+ + PromptArn: + description: The Amazon Resource Name (ARN) for the prompt. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/prompt/[-a-zA-Z0-9]*$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - InstanceArn + - Name + x-stackql-resource-name: prompt + x-stackql-primaryIdentifier: + - PromptArn + x-read-only-properties: + - PromptArn + x-required-permissions: + create: + - connect:CreatePrompt + - connect:TagResource + - s3:GetObject + - kms:Decrypt + - s3:GetObjectAcl + read: + - connect:DescribePrompt + update: + - connect:UpdatePrompt + - connect:TagResource + - connect:UntagResource + delete: + - connect:DeletePrompt + list: + - connect:ListPrompts + OutboundCallerIdName: + description: The caller ID name. + type: string + minLength: 1 + maxLength: 255 + OutboundCallerIdNumberArn: + description: The caller ID number. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:phone-number/[-a-zA-Z0-9]*$ + OutboundFlowArn: + description: The outbound whisper flow to be used during an outbound call. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/contact-flow/[-a-zA-Z0-9]*$ + minLength: 1 + maxLength: 500 + Key: + description: A valid security key in PEM format. + type: string + minLength: 1 + maxLength: 1024 + OutboundCallerConfig: + description: The outbound caller ID name, number, and outbound whisper flow. + type: object + additionalProperties: false + properties: + OutboundCallerIdName: + $ref: '#/components/schemas/OutboundCallerIdName' + OutboundCallerIdNumberArn: + $ref: '#/components/schemas/OutboundCallerIdNumberArn' + OutboundFlowArn: + $ref: '#/components/schemas/OutboundFlowArn' + QuickConnectArn: + description: The Amazon Resource Name (ARN) for the quick connect. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/transfer-destination/[-a-zA-Z0-9]*$ + Queue: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Description: + description: The description of the queue. + type: string + minLength: 1 + maxLength: 250 + HoursOfOperationArn: + description: The identifier for the hours of operation. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/operating-hours/[-a-zA-Z0-9]*$ + MaxContacts: + description: The maximum number of contacts that can be in the queue before it is considered full. + type: integer + minimum: 0 + Name: + description: The name of the queue. + type: string + minLength: 1 + maxLength: 127 + OutboundCallerConfig: + description: The outbound caller ID name, number, and outbound whisper flow. + $ref: '#/components/schemas/OutboundCallerConfig' + QueueArn: + description: The Amazon Resource Name (ARN) for the queue. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/queue/[-a-zA-Z0-9]*$ + Status: + description: The status of the queue. + type: string + enum: + - ENABLED + - DISABLED + QuickConnectArns: + description: The quick connects available to agents who are working the queue. + type: array + minItems: 1 + maxItems: 50 + x-insertionOrder: false + items: + $ref: '#/components/schemas/QuickConnectArn' + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + Type: + type: string + description: The type of queue. + enum: + - STANDARD + - AGENT + required: + - InstanceArn + - HoursOfOperationArn + - Name + x-stackql-resource-name: queue + x-stackql-primaryIdentifier: + - QueueArn + x-read-only-properties: + - QueueArn + - Type + x-required-permissions: + create: + - connect:CreateQueue + - connect:TagResource + read: + - connect:DescribeQueue + - connect:ListQueueQuickConnects + delete: + - connect:DeleteQueue + - connect:UntagResource + update: + - connect:UpdateQueueHoursOfOperation + - connect:UpdateQueueMaxContacts + - connect:UpdateQueueName + - connect:UpdateQueueOutboundCallerConfig + - connect:UpdateQueueStatus + - connect:AssociateQueueQuickConnects + - connect:DisassociateQueueQuickConnects + - connect:TagResource + - connect:UntagResource + list: + - connect:ListQueues + - connect:ListQueueQuickConnects + ContactFlowArn: + description: The identifier of the contact flow. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/contact-flow/[-a-zA-Z0-9]*$ + QueueArn: + description: The Amazon Resource Name (ARN) for the queue. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/queue/[-a-zA-Z0-9]*$ + UserArn: + description: The Amazon Resource Name (ARN) of the user. + type: string + pattern: ^$|arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent/[-a-zA-Z0-9]*$ + PhoneNumberQuickConnectConfig: + description: The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER. + type: object + additionalProperties: false + properties: + PhoneNumber: + $ref: '#/components/schemas/PhoneNumber' + required: + - PhoneNumber + QueueQuickConnectConfig: + description: The queue configuration. This is required only if QuickConnectType is QUEUE. + type: object + additionalProperties: false + properties: + ContactFlowArn: + $ref: '#/components/schemas/ContactFlowArn' + QueueArn: + $ref: '#/components/schemas/QueueArn' + required: + - ContactFlowArn + - QueueArn + UserQuickConnectConfig: + description: The user configuration. This is required only if QuickConnectType is USER. + type: object + additionalProperties: false + properties: + ContactFlowArn: + $ref: '#/components/schemas/ContactFlowArn' + UserArn: + $ref: '#/components/schemas/UserArn' + required: + - ContactFlowArn + - UserArn + QuickConnectConfig: + description: Configuration settings for the quick connect. + type: object + additionalProperties: false + properties: + QuickConnectType: + $ref: '#/components/schemas/QuickConnectType' + PhoneConfig: + $ref: '#/components/schemas/PhoneNumberQuickConnectConfig' + QueueConfig: + $ref: '#/components/schemas/QueueQuickConnectConfig' + UserConfig: + $ref: '#/components/schemas/UserQuickConnectConfig' + required: + - QuickConnectType + QuickConnectType: + description: 'The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).' + type: string + enum: + - PHONE_NUMBER + - QUEUE + - USER + QuickConnect: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Name: + description: The name of the quick connect. + type: string + minLength: 1 + maxLength: 127 + Description: + description: The description of the quick connect. + type: string + minLength: 1 + maxLength: 250 + QuickConnectConfig: + description: Configuration settings for the quick connect. + $ref: '#/components/schemas/QuickConnectConfig' + QuickConnectArn: + description: The Amazon Resource Name (ARN) for the quick connect. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/transfer-destination/[-a-zA-Z0-9]*$ + Tags: + type: array + maxItems: 200 + uniqueItems: true + x-insertionOrder: false + description: One or more tags. + items: + $ref: '#/components/schemas/Tag' + QuickConnectType: + description: 'The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).' + type: string + enum: + - PHONE_NUMBER + - QUEUE + - USER + required: + - Name + - InstanceArn + - QuickConnectConfig + x-stackql-resource-name: quick_connect + x-stackql-primaryIdentifier: + - QuickConnectArn + x-read-only-properties: + - QuickConnectArn + - QuickConnectType + x-required-permissions: + create: + - connect:CreateQuickConnect + - connect:TagResource + read: + - connect:DescribeQuickConnect + delete: + - connect:DeleteQuickConnect + - connect:UntagResource + update: + - connect:UpdateQuickConnectName + - connect:UpdateQuickConnectConfig + - connect:TagResource + - connect:UntagResource + list: + - connect:ListQuickConnects + Channel: + description: The channels that agents can handle in the Contact Control Panel (CCP). + type: string + enum: + - VOICE + - CHAT + - TASK + Concurrency: + description: The number of contacts an agent can have on a channel simultaneously. + type: integer + minimum: 1 + maximum: 10 + BehaviorType: + description: Specifies the other channels that can be routed to an agent handling their current channel. + type: string + enum: + - ROUTE_CURRENT_CHANNEL_ONLY + - ROUTE_ANY_CHANNEL + CrossChannelBehavior: + description: Defines the cross-channel routing behavior that allows an agent working on a contact in one channel to be offered a contact from a different channel. + type: object + additionalProperties: false + properties: + BehaviorType: + $ref: '#/components/schemas/BehaviorType' + required: + - BehaviorType + MediaConcurrency: + description: Contains information about which channels are supported, and how many contacts an agent can have on a channel simultaneously. + type: object + additionalProperties: false + properties: + Channel: + $ref: '#/components/schemas/Channel' + Concurrency: + $ref: '#/components/schemas/Concurrency' + CrossChannelBehavior: + $ref: '#/components/schemas/CrossChannelBehavior' + required: + - Channel + - Concurrency + Delay: + description: The delay, in seconds, a contact should wait in the queue before they are routed to an available agent. + type: integer + minimum: 0 + maximum: 9999 + Priority: + description: The order in which contacts are to be handled for the queue. + type: integer + minimum: 1 + maximum: 99 + RoutingProfileQueueReference: + description: Contains the channel and queue identifier for a routing profile. + type: object + additionalProperties: false + properties: + Channel: + $ref: '#/components/schemas/Channel' + QueueArn: + $ref: '#/components/schemas/QueueArn' + required: + - Channel + - QueueArn + RoutingProfileQueueConfig: + description: Contains information about the queue and channel for which priority and delay can be set. + type: object + additionalProperties: false + properties: + Delay: + $ref: '#/components/schemas/Delay' + Priority: + $ref: '#/components/schemas/Priority' + QueueReference: + $ref: '#/components/schemas/RoutingProfileQueueReference' + required: + - Delay + - Priority + - QueueReference + RoutingProfile: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Name: + description: The name of the routing profile. + type: string + minLength: 1 + maxLength: 127 + Description: + description: The description of the routing profile. + type: string + minLength: 1 + maxLength: 250 + MediaConcurrencies: + description: The channels agents can handle in the Contact Control Panel (CCP) for this routing profile. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/MediaConcurrency' + DefaultOutboundQueueArn: + description: The identifier of the default outbound queue for this routing profile. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/queue/[-a-zA-Z0-9]*$ + RoutingProfileArn: + description: The Amazon Resource Name (ARN) of the routing profile. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/routing-profile/[-a-zA-Z0-9]*$ + QueueConfigs: + description: The queues to associate with this routing profile. + type: array + minItems: 1 + maxItems: 10 + x-insertionOrder: false + items: + $ref: '#/components/schemas/RoutingProfileQueueConfig' + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + AgentAvailabilityTimer: + type: string + description: Whether agents with this routing profile will have their routing order calculated based on longest idle time or time since their last inbound contact. + enum: + - TIME_SINCE_LAST_ACTIVITY + - TIME_SINCE_LAST_INBOUND + required: + - InstanceArn + - Name + - Description + - MediaConcurrencies + - DefaultOutboundQueueArn + x-stackql-resource-name: routing_profile + x-stackql-primaryIdentifier: + - RoutingProfileArn + x-read-only-properties: + - RoutingProfileArn + x-required-permissions: + create: + - connect:CreateRoutingProfile + - connect:TagResource + read: + - connect:DescribeRoutingProfile + - connect:ListRoutingProfileQueues + delete: + - connect:DeleteRoutingProfile + - connect:UntagResource + update: + - connect:AssociateRoutingProfileQueues + - connect:DisassociateRoutingProfileQueues + - connect:UpdateRoutingProfileConcurrency + - connect:UpdateRoutingProfileName + - connect:UpdateRoutingProfileDefaultOutboundQueue + - connect:UpdateRoutingProfileQueues + - connect:TagResource + - connect:UntagResource + - connect:ListRoutingProfileQueues + - connect:UpdateRoutingProfileAgentAvailabilityTimer + list: + - connect:ListRoutingProfiles + - connect:ListRoutingProfileQueues + FieldValue: + description: the default value for the task template's field + type: string + minLength: 1 + maxLength: 4096 + Field: + description: A task template field object. + type: object + properties: + Id: + $ref: '#/components/schemas/FieldIdentifier' + Description: + description: The description of the task template's field + type: string + minLength: 0 + maxLength: 255 + Type: + $ref: '#/components/schemas/FieldType' + SingleSelectOptions: + description: list of field options to be used with single select + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/FieldOption' + additionalProperties: false + required: + - Id + - Type + Fields: + description: An array of case fields + type: array + x-insertionOrder: true + uniqueItems: true + items: + $ref: '#/components/schemas/Field' + minItems: 1 + maxItems: 100 + NotificationRecipientType: + description: The type of notification recipient. + type: object + properties: + UserTags: + description: The collection of recipients who are identified by user tags + x-patternProperties: + ^(?=.{1,128}$).+$: + type: string + additionalProperties: false + UserArns: + description: The list of recipients by user arns. + type: array + minItems: 1 + maxItems: 5 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/UserArn' + additionalProperties: false + Reference: + description: A contact reference. + type: object + properties: + Value: + type: string + pattern: ^(/|https:) + Type: + type: string + enum: + - URL + - ATTACHMENT + - NUMBER + - STRING + - DATE + - EMAIL + required: + - Value + - Type + additionalProperties: false + TaskAction: + description: The definition of task action. + type: object + properties: + Name: + description: The name which appears in the agent's Contact Control Panel (CCP). + type: string + minLength: 1 + maxLength: 512 + Description: + description: The description which appears in the agent's Contact Control Panel (CCP). + type: string + minLength: 0 + maxLength: 4096 + ContactFlowArn: + description: The Amazon Resource Name (ARN) of the contact flow. + type: string + pattern: ^$|arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/contact-flow/[-a-zA-Z0-9]*$ + References: + description: A formatted URL that is shown to an agent in the Contact Control Panel (CCP). + x-patternProperties: + ^(?=.{1,4096}$).+$: + $ref: '#/components/schemas/Reference' + additionalProperties: false + required: + - Name + - ContactFlowArn + additionalProperties: false + EventBridgeAction: + description: The definition for event bridge action. + type: object + properties: + Name: + description: The name of the event bridge action. + type: string + pattern: ^[a-zA-Z0-9._-]{1,100}$ + required: + - Name + additionalProperties: false + AssignContactCategoryAction: + description: The definition for assigning contact category action. + type: object + SendNotificationAction: + description: The definition for sending notification action. + type: object + properties: + DeliveryMethod: + description: The means of delivery. + type: string + enum: + - EMAIL + Subject: + description: The subject of notification. + type: string + minLength: 1 + maxLength: 200 + Content: + description: The content of notification. + type: string + minLength: 1 + maxLength: 1024 + ContentType: + description: The type of content. + type: string + enum: + - PLAIN_TEXT + Recipient: + $ref: '#/components/schemas/NotificationRecipientType' + required: + - DeliveryMethod + - Content + - Recipient + - ContentType + additionalProperties: false + CreateCaseAction: + description: The definition for create case action. + type: object + properties: + Fields: + $ref: '#/components/schemas/Fields' + TemplateId: + description: The Id of template. + type: string + minLength: 1 + maxLength: 500 + required: + - Fields + - TemplateId + additionalProperties: false + UpdateCaseAction: + description: The definition for update case action. + type: object + properties: + Fields: + $ref: '#/components/schemas/Fields' + required: + - Fields + additionalProperties: false + EndAssociatedTasksAction: + description: The definition for ending associated task action. + type: object + AssignContactCategoryActions: + description: This action will assign contact category when a rule is triggered. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/AssignContactCategoryAction' + minItems: 1 + maxItems: 1 + EventBridgeActions: + description: This action will send event bridge notification when a rule is triggered. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/EventBridgeAction' + minItems: 1 + maxItems: 1 + RuleTriggerEventSource: + description: The event source that will trigger the rule. + type: object + properties: + EventSourceName: + description: The name of event source. + type: string + enum: + - OnContactEvaluationSubmit + - OnPostCallAnalysisAvailable + - OnRealTimeCallAnalysisAvailable + - OnRealTimeChatAnalysisAvailable + - OnPostChatAnalysisAvailable + - OnZendeskTicketCreate + - OnZendeskTicketStatusUpdate + - OnSalesforceCaseCreate + - OnMetricDataUpdate + - OnCaseCreate + - OnCaseUpdate + IntegrationAssociationArn: + description: The Amazon Resource Name (ARN) for the AppIntegration association. + type: string + pattern: ^$|arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/integration-association/[-a-zA-Z0-9]*$ + required: + - EventSourceName + additionalProperties: false + TaskActions: + description: This action will generate a task when a rule is triggered. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/TaskAction' + minItems: 1 + maxItems: 1 + SendNotificationActions: + description: The action will send notification when a rule is triggered. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/SendNotificationAction' + minItems: 1 + maxItems: 1 + CreateCaseActions: + description: This action will create a case when a rule is triggered. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/CreateCaseAction' + minItems: 1 + maxItems: 1 + UpdateCaseActions: + description: This action will update a case when a rule is triggered. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/UpdateCaseAction' + minItems: 1 + maxItems: 1 + EndAssociatedTasksActions: + description: This action will end associated tasks when a rule is triggered. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/EndAssociatedTasksAction' + minItems: 1 + maxItems: 1 + Actions: + description: The list of actions that will be executed when a rule is triggered. + type: object + properties: + AssignContactCategoryActions: + $ref: '#/components/schemas/AssignContactCategoryActions' + EventBridgeActions: + $ref: '#/components/schemas/EventBridgeActions' + TaskActions: + $ref: '#/components/schemas/TaskActions' + SendNotificationActions: + $ref: '#/components/schemas/SendNotificationActions' + CreateCaseActions: + $ref: '#/components/schemas/CreateCaseActions' + UpdateCaseActions: + $ref: '#/components/schemas/UpdateCaseActions' + EndAssociatedTasksActions: + $ref: '#/components/schemas/EndAssociatedTasksActions' + additionalProperties: false + Rule: + type: object + properties: + Name: + description: The name of the rule. + type: string + pattern: ^[a-zA-Z0-9._-]{1,200}$ + RuleArn: + description: The Amazon Resource Name (ARN) of the rule. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/rule/[-a-zA-Z0-9]*$ + InstanceArn: + description: The Amazon Resource Name (ARN) of the instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + TriggerEventSource: + description: The event source that triggers the rule. + $ref: '#/components/schemas/RuleTriggerEventSource' + Function: + description: The conditions of a rule. + type: string + Actions: + description: The list of actions that will be executed when a rule is triggered. + $ref: '#/components/schemas/Actions' + PublishStatus: + description: The publish status of a rule, either draft or published. + type: string + enum: + - DRAFT + - PUBLISHED + Tags: + description: One or more tags. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - InstanceArn + - TriggerEventSource + - Function + - Actions + - PublishStatus + x-stackql-resource-name: rule + x-stackql-primaryIdentifier: + - RuleArn + x-create-only-properties: + - TriggerEventSource + - InstanceArn + x-read-only-properties: + - RuleArn + x-required-permissions: + create: + - connect:CreateRule + - cases:GetTemplate + - cases:ListFields + - cases:ListFieldOptions + read: + - connect:DescribeRule + delete: + - connect:DeleteRule + - connect:UntagResource + update: + - connect:UpdateRule + - cases:GetTemplate + - cases:ListFields + - cases:ListFieldOptions + - connect:TagResource + - connect:UntagResource + SecurityKey: + type: object + properties: + Key: + $ref: '#/components/schemas/Key' + InstanceId: + $ref: '#/components/schemas/InstanceId' + AssociationId: + $ref: '#/components/schemas/AssociationId' + required: + - Key + - InstanceId + x-stackql-resource-name: security_key + x-stackql-primaryIdentifier: + - InstanceId + - AssociationId + x-create-only-properties: + - InstanceId + - Key + x-read-only-properties: + - AssociationId + x-required-permissions: + create: + - connect:AssociateSecurityKey + read: + - connect:ListSecurityKeys + update: [] + delete: + - connect:DisassociateSecurityKey + list: + - connect:ListSecurityKeys + Permission: + description: A permission associated with the security profile. + type: string + minLength: 1 + maxLength: 128 + ResourceName: + description: A resource that a security profile applies tag restrictions to in Amazon Connect. + type: string + minLength: 1 + maxLength: 128 + SecurityProfile: + type: object + properties: + AllowedAccessControlTags: + type: array + maxItems: 2 + uniqueItems: true + x-insertionOrder: false + description: The list of tags that a security profile uses to restrict access to resources in Amazon Connect. + items: + $ref: '#/components/schemas/Tag' + Description: + type: string + minLength: 0 + maxLength: 250 + description: The description of the security profile. + InstanceArn: + type: string + description: The identifier of the Amazon Connect instance. + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Permissions: + type: array + maxItems: 500 + uniqueItems: true + x-insertionOrder: false + description: Permissions assigned to the security profile. + items: + $ref: '#/components/schemas/Permission' + SecurityProfileArn: + type: string + description: The Amazon Resource Name (ARN) for the security profile. + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/security-profile/[-a-zA-Z0-9]*$ + SecurityProfileName: + type: string + pattern: ^[ a-zA-Z0-9_@-]+$ + minLength: 1 + maxLength: 127 + description: The name of the security profile. + TagRestrictedResources: + type: array + maxItems: 10 + uniqueItems: true + x-insertionOrder: false + description: The list of resources that a security profile applies tag restrictions to in Amazon Connect. + items: + $ref: '#/components/schemas/ResourceName' + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: The tags used to organize, track, or control access for this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - InstanceArn + - SecurityProfileName + x-stackql-resource-name: security_profile + x-stackql-primaryIdentifier: + - SecurityProfileArn + x-create-only-properties: + - SecurityProfileName + - InstanceArn + x-read-only-properties: + - SecurityProfileArn + x-required-permissions: + create: + - connect:CreateSecurityProfile + - connect:TagResource + read: + - connect:DescribeSecurityProfile + - connect:ListSecurityProfilePermissions + update: + - connect:TagResource + - connect:UpdateSecurityProfile + - connect:UntagResource + delete: + - connect:DeleteSecurityProfile + - connect:UntagResource + list: + - connect:ListSecurityProfiles + Status: + description: The status of the task template + type: string + enum: + - ACTIVE + - INACTIVE + FieldType: + description: The type of the task template's field + type: string + enum: + - NAME + - DESCRIPTION + - SCHEDULED_TIME + - QUICK_CONNECT + - URL + - NUMBER + - TEXT + - TEXT_AREA + - DATE_TIME + - BOOLEAN + - SINGLE_SELECT + - EMAIL + FieldIdentifier: + description: the identifier (name) for the task template field + type: object + properties: + Name: + description: The name of the task template field + type: string + minLength: 1 + maxLength: 100 + additionalProperties: false + required: + - Name + FieldOption: + description: Single select field identifier + type: string + pattern: ^[A-Za-z0-9](?:[A-Za-z0-9_.,\s-]*[A-Za-z0-9_.,-])?$ + minLength: 1 + maxLength: 100 + InvisibleFieldInfo: + description: Invisible field info + type: object + properties: + Id: + $ref: '#/components/schemas/FieldIdentifier' + additionalProperties: false + required: + - Id + InvisibleTaskTemplateFields: + description: The list of the task template's invisible fields + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/InvisibleFieldInfo' + ReadOnlyFieldInfo: + description: ReadOnly field info + type: object + properties: + Id: + $ref: '#/components/schemas/FieldIdentifier' + additionalProperties: false + required: + - Id + ReadOnlyTaskTemplateFields: + description: The list of the task template's read only fields + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/ReadOnlyFieldInfo' + RequiredFieldInfo: + description: Required field info + type: object + properties: + Id: + $ref: '#/components/schemas/FieldIdentifier' + additionalProperties: false + required: + - Id + RequiredTaskTemplateFields: + description: The list of the task template's required fields + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/RequiredFieldInfo' + DefaultFieldValue: + description: the default value for the task template's field + type: object + properties: + Id: + $ref: '#/components/schemas/FieldIdentifier' + DefaultValue: + $ref: '#/components/schemas/FieldValue' + additionalProperties: false + required: + - Id + - DefaultValue + ClientToken: + description: the client token string in uuid format + type: string + pattern: ^$|[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$ + TaskTemplate: + type: object + properties: + Arn: + description: The identifier (arn) of the task template. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/task-template/[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89aAbB][a-f0-9]{3}-[a-f0-9]{12}$ + InstanceArn: + description: The identifier (arn) of the instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + Name: + description: The name of the task template. + type: string + minLength: 1 + maxLength: 100 + Description: + description: The description of the task template. + type: string + minLength: 0 + maxLength: 255 + ContactFlowArn: + description: The identifier of the contact flow. + type: string + pattern: ^$|arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/contact-flow/[-a-zA-Z0-9]*$ + Constraints: + description: The constraints for the task template + type: object + additionalProperties: false + properties: + InvisibleFields: + $ref: '#/components/schemas/InvisibleTaskTemplateFields' + RequiredFields: + $ref: '#/components/schemas/RequiredTaskTemplateFields' + ReadOnlyFields: + $ref: '#/components/schemas/ReadOnlyTaskTemplateFields' + Defaults: + description: '' + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/DefaultFieldValue' + Fields: + description: The list of task template's fields + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/Field' + Status: + $ref: '#/components/schemas/Status' + ClientToken: + $ref: '#/components/schemas/ClientToken' + Tags: + description: One or more tags. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - InstanceArn + x-stackql-resource-name: task_template + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - connect:CreateTaskTemplate + - connect:TagResource + read: + - connect:GetTaskTemplate + list: + - connect:ListTaskTemplates + update: + - connect:UpdateTaskTemplate + - connect:TagResource + - connect:UntagResource + delete: + - connect:DeleteTaskTemplate + - connect:UntagResource + - connect:GetTaskTemplate + TrafficDistributionGroup: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance that has been replicated. + type: string + pattern: ^arn:(aws|aws-us-gov):connect:[a-z]{2}-[a-z]+-[0-9]{1}:[0-9]{1,20}:instance/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + minLength: 1 + maxLength: 250 + TrafficDistributionGroupArn: + description: The identifier of the traffic distribution group. + type: string + pattern: ^arn:(aws|aws-us-gov):connect:[a-z]{2}-[a-z]+-[0-9]{1}:[0-9]{1,20}:traffic-distribution-group/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + Description: + description: A description for the traffic distribution group. + type: string + pattern: (^[\S].*[\S]$)|(^[\S]$) + minLength: 1 + maxLength: 250 + Name: + description: The name for the traffic distribution group. + type: string + pattern: (^[\S].*[\S]$)|(^[\S]$) + minLength: 1 + maxLength: 128 + Status: + description: The status of the traffic distribution group. + type: string + enum: + - CREATION_IN_PROGRESS + - ACTIVE + - CREATION_FAILED + - PENDING_DELETION + - DELETION_FAILED + - UPDATE_IN_PROGRESS + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: One or more tags. + items: + $ref: '#/components/schemas/Tag' + IsDefault: + description: If this is the default traffic distribution group. + type: boolean + required: + - InstanceArn + - Name + x-stackql-resource-name: traffic_distribution_group + x-stackql-primaryIdentifier: + - TrafficDistributionGroupArn + x-create-only-properties: + - Description + - Name + x-read-only-properties: + - TrafficDistributionGroupArn + - Status + - IsDefault + x-required-permissions: + create: + - connect:CreateTrafficDistributionGroup + - connect:DescribeTrafficDistributionGroup + - connect:TagResource + read: + - connect:DescribeTrafficDistributionGroup + update: + - connect:TagResource + - connect:UntagResource + delete: + - connect:DeleteTrafficDistributionGroup + - connect:DescribeTrafficDistributionGroup + - connect:UntagResource + list: + - connect:ListTrafficDistributionGroups + FirstName: + description: The first name. This is required if you are using Amazon Connect or SAML for identity management. + type: string + LastName: + description: The last name. This is required if you are using Amazon Connect or SAML for identity management. + type: string + Email: + description: The email address. If you are using SAML for identity management and include this parameter, an error is returned. + type: string + SecondaryEmail: + description: The secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address. + type: string + pattern: (?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,63} + Mobile: + description: The mobile phone number. + type: string + pattern: ^\+[1-9]\d{1,14}$ + SecurityProfileArn: + description: The identifier of the security profile for the user. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/security-profile/[-a-zA-Z0-9]*$ + AfterContactWorkTimeLimit: + description: The After Call Work (ACW) timeout setting, in seconds. + type: integer + minimum: 0 + AutoAccept: + description: The Auto accept setting. + type: boolean + DeskPhoneNumber: + description: The phone number for the user's desk phone. + type: string + PhoneType: + description: The phone type. + type: string + enum: + - SOFT_PHONE + - DESK_PHONE + UserIdentityInfo: + description: Contains information about the identity of a user. + type: object + additionalProperties: false + properties: + FirstName: + $ref: '#/components/schemas/FirstName' + LastName: + $ref: '#/components/schemas/LastName' + Email: + $ref: '#/components/schemas/Email' + SecondaryEmail: + $ref: '#/components/schemas/SecondaryEmail' + Mobile: + $ref: '#/components/schemas/Mobile' + UserPhoneConfig: + description: Contains information about the phone configuration settings for a user. + type: object + additionalProperties: false + properties: + AfterContactWorkTimeLimit: + $ref: '#/components/schemas/AfterContactWorkTimeLimit' + AutoAccept: + $ref: '#/components/schemas/AutoAccept' + DeskPhoneNumber: + $ref: '#/components/schemas/DeskPhoneNumber' + PhoneType: + $ref: '#/components/schemas/PhoneType' + required: + - PhoneType + UserProficiency: + description: Proficiency of a user. + type: object + additionalProperties: false + properties: + AttributeName: + $ref: '#/components/schemas/AttributeName' + AttributeValue: + $ref: '#/components/schemas/AttributeValue' + Level: + $ref: '#/components/schemas/Level' + required: + - AttributeName + - AttributeValue + - Level + AttributeName: + description: The name of user's proficiency. You must use name of predefined attribute present in the Amazon Connect instance. + type: string + minLength: 1 + maxLength: 64 + AttributeValue: + description: The value of user's proficiency. You must use value of predefined attribute present in the Amazon Connect instance. + type: string + minLength: 1 + maxLength: 64 + Level: + description: The level of the proficiency. The valid values are 1, 2, 3, 4 and 5. + type: number + minimum: 1 + maximum: 5 + User: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + DirectoryUserId: + description: The identifier of the user account in the directory used for identity management. + type: string + HierarchyGroupArn: + description: The identifier of the hierarchy group for the user. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent-group/[-a-zA-Z0-9]*$ + Username: + description: The user name for the account. + type: string + minLength: 1 + maxLength: 64 + pattern: '[a-zA-Z0-9\_\-\.\@]+' + Password: + description: The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password. + type: string + pattern: ^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d\S]{8,64}$ + RoutingProfileArn: + description: The identifier of the routing profile for the user. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/routing-profile/[-a-zA-Z0-9]*$ + IdentityInfo: + description: The information about the identity of the user. + $ref: '#/components/schemas/UserIdentityInfo' + PhoneConfig: + description: The phone settings for the user. + $ref: '#/components/schemas/UserPhoneConfig' + SecurityProfileArns: + type: array + minItems: 1 + maxItems: 10 + uniqueItems: true + x-insertionOrder: false + description: One or more security profile arns for the user + items: + $ref: '#/components/schemas/SecurityProfileArn' + UserArn: + description: The Amazon Resource Name (ARN) for the user. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent/[-a-zA-Z0-9]*$ + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: One or more tags. + items: + $ref: '#/components/schemas/Tag' + UserProficiencies: + description: One or more predefined attributes assigned to a user, with a level that indicates how skilled they are. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/UserProficiency' + required: + - InstanceArn + - PhoneConfig + - RoutingProfileArn + - SecurityProfileArns + - Username + x-stackql-resource-name: user + x-stackql-primaryIdentifier: + - UserArn + x-read-only-properties: + - UserArn + x-required-permissions: + create: + - connect:CreateUser + - connect:TagResource + - connect:AssociateUserProficiencies + read: + - connect:DescribeUser + - connect:ListUserProficiencies + delete: + - connect:DeleteUser + - connect:UntagResource + update: + - connect:UpdateUserIdentityInfo + - connect:UpdateUserPhoneConfig + - connect:UpdateUserRoutingProfile + - connect:UpdateUserSecurityProfiles + - connect:UpdateUserHierarchy + - connect:TagResource + - connect:UntagResource + - connect:AssociateUserProficiencies + - connect:DisassociateUserProficiencies + - connect:UpdateUserProficiencies + list: + - connect:ListUsers + UserHierarchyGroupArn: + description: The Amazon Resource Name (ARN) for the user hierarchy group. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent-group/[-a-zA-Z0-9]*$ + UserHierarchyGroup: + type: object + properties: + InstanceArn: + description: The identifier of the Amazon Connect instance. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + UserHierarchyGroupArn: + description: The Amazon Resource Name (ARN) for the user hierarchy group. + $ref: '#/components/schemas/UserHierarchyGroupArn' + ParentGroupArn: + description: The Amazon Resource Name (ARN) for the parent user hierarchy group. + $ref: '#/components/schemas/UserHierarchyGroupArn' + Name: + description: The name of the user hierarchy group. + type: string + minLength: 1 + maxLength: 100 + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: One or more tags. + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - InstanceArn + x-stackql-resource-name: user_hierarchy_group + x-stackql-primaryIdentifier: + - UserHierarchyGroupArn + x-create-only-properties: + - ParentGroupArn + x-read-only-properties: + - UserHierarchyGroupArn + x-required-permissions: + create: + - connect:CreateUserHierarchyGroup + - connect:TagResource + read: + - connect:DescribeUserHierarchyGroup + delete: + - connect:DeleteUserHierarchyGroup + - connect:UntagResource + update: + - connect:UpdateUserHierarchyGroupName + - connect:TagResource + - connect:UntagResource + list: + - connect:ListUserHierarchyGroups + View: + type: object + properties: + InstanceArn: + description: The Amazon Resource Name (ARN) of the instance. + type: string + minLength: 1 + maxLength: 100 + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + ViewArn: + description: The Amazon Resource Name (ARN) of the view. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/view/[-:$a-zA-Z0-9]*$ + minLength: 1 + maxLength: 255 + ViewId: + description: The view id of the view. + type: string + minLength: 1 + maxLength: 500 + pattern: ^[a-zA-Z0-9\_\-:\/$]+$ + Name: + description: The name of the view. + type: string + minLength: 1 + maxLength: 512 + pattern: ^([\p{L}\p{N}_.:\/=+\-@]+[\p{L}\p{Z}\p{N}_.:\/=+\-@]*)$ + Description: + description: The description of the view. + type: string + minLength: 0 + maxLength: 4096 + pattern: ^([\p{L}\p{N}_.:\/=+\-@,]+[\p{L}\p{Z}\p{N}_.:\/=+\-@,]*)$ + Template: + description: The template of the view as JSON. + type: object + Actions: + description: The actions of the view in an array. + type: array + x-insertionOrder: false + maxItems: 1000 + items: + type: string + minLength: 1 + maxLength: 255 + pattern: ^([\p{L}\p{N}_.:\/=+\-@]+[\p{L}\p{Z}\p{N}_.:\/=+\-@]*)$ + ViewContentSha256: + description: The view content hash. + type: string + pattern: ^[a-zA-Z0-9]{64}$ + Tags: + description: One or more tags. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - InstanceArn + - Template + - Actions + - Name + x-stackql-resource-name: view + x-stackql-primaryIdentifier: + - ViewArn + x-read-only-properties: + - ViewArn + - ViewId + - ViewContentSha256 + x-required-permissions: + create: + - connect:CreateView + - connect:TagResource + read: + - connect:DescribeView + delete: + - connect:DeleteView + - connect:UntagResource + list: + - connect:ListViews + update: + - connect:UpdateViewMetadata + - connect:UpdateViewContent + - connect:TagResource + - connect:UntagResource + ViewVersion: + type: object + properties: + ViewArn: + description: The Amazon Resource Name (ARN) of the view for which a version is being created. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/view/[-:a-zA-Z0-9]*$ + minLength: 1 + maxLength: 255 + ViewVersionArn: + description: The Amazon Resource Name (ARN) of the created view version. + type: string + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/view/[-:a-zA-Z0-9]*$ + minLength: 1 + maxLength: 255 + VersionDescription: + description: The description for the view version. + type: string + minLength: 1 + maxLength: 4096 + pattern: ^([\p{L}\p{N}_.:\/=+\-@,]+[\p{L}\p{Z}\p{N}_.:\/=+\-@,]*)$ + ViewContentSha256: + description: The view content hash to be checked. + type: string + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9]{64}$ + Version: + description: The version of the view. + type: integer + required: + - ViewArn + x-stackql-resource-name: view_version + x-stackql-primaryIdentifier: + - ViewVersionArn + x-create-only-properties: + - ViewArn + - VersionDescription + - ViewContentSha256 + x-read-only-properties: + - ViewVersionArn + - Version + x-required-permissions: + create: + - connect:CreateViewVersion + read: + - connect:DescribeView + list: + - connect:ListViewVersions + update: [] + delete: + - connect:DeleteViewVersion + x-stackQL-resources: + approved_origins: + name: approved_origins + id: awscc.connect.approved_origins + x-cfn-schema-name: ApprovedOrigin + x-type: list + x-identifiers: + - InstanceId + - Origin + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.Origin') as origin + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ApprovedOrigin' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'Origin') as origin + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ApprovedOrigin' + AND region = 'us-east-1' + approved_origin: + name: approved_origin + id: awscc.connect.approved_origin + x-cfn-schema-name: ApprovedOrigin + x-type: get + x-identifiers: + - InstanceId + - Origin + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Origin') as origin, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ApprovedOrigin' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Origin') as origin, + json_extract_path_text(Properties, 'InstanceId') as instance_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ApprovedOrigin' + AND data__Identifier = '' + AND region = 'us-east-1' + contact_flows: + name: contact_flows + id: awscc.connect.contact_flows + x-cfn-schema-name: ContactFlow + x-type: list + x-identifiers: + - ContactFlowArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContactFlowArn') as contact_flow_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ContactFlow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContactFlowArn') as contact_flow_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ContactFlow' + AND region = 'us-east-1' + contact_flow: + name: contact_flow + id: awscc.connect.contact_flow + x-cfn-schema-name: ContactFlow + x-type: get + x-identifiers: + - ContactFlowArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.ContactFlowArn') as contact_flow_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ContactFlow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'ContactFlowArn') as contact_flow_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ContactFlow' + AND data__Identifier = '' + AND region = 'us-east-1' + contact_flow_modules: + name: contact_flow_modules + id: awscc.connect.contact_flow_modules + x-cfn-schema-name: ContactFlowModule + x-type: list + x-identifiers: + - ContactFlowModuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContactFlowModuleArn') as contact_flow_module_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ContactFlowModule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContactFlowModuleArn') as contact_flow_module_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ContactFlowModule' + AND region = 'us-east-1' + contact_flow_module: + name: contact_flow_module + id: awscc.connect.contact_flow_module + x-cfn-schema-name: ContactFlowModule + x-type: get + x-identifiers: + - ContactFlowModuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.ContactFlowModuleArn') as contact_flow_module_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ContactFlowModule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'ContactFlowModuleArn') as contact_flow_module_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ContactFlowModule' + AND data__Identifier = '' + AND region = 'us-east-1' + evaluation_forms: + name: evaluation_forms + id: awscc.connect.evaluation_forms + x-cfn-schema-name: EvaluationForm + x-type: list + x-identifiers: + - EvaluationFormArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EvaluationFormArn') as evaluation_form_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::EvaluationForm' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EvaluationFormArn') as evaluation_form_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::EvaluationForm' + AND region = 'us-east-1' + evaluation_form: + name: evaluation_form + id: awscc.connect.evaluation_form + x-cfn-schema-name: EvaluationForm + x-type: get + x-identifiers: + - EvaluationFormArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Title') as title, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EvaluationFormArn') as evaluation_form_arn, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Items') as items, + JSON_EXTRACT(Properties, '$.ScoringStrategy') as scoring_strategy, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::EvaluationForm' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Title') as title, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EvaluationFormArn') as evaluation_form_arn, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Items') as items, + json_extract_path_text(Properties, 'ScoringStrategy') as scoring_strategy, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::EvaluationForm' + AND data__Identifier = '' + AND region = 'us-east-1' + hours_of_operations: + name: hours_of_operations + id: awscc.connect.hours_of_operations + x-cfn-schema-name: HoursOfOperation + x-type: list + x-identifiers: + - HoursOfOperationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HoursOfOperationArn') as hours_of_operation_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::HoursOfOperation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HoursOfOperationArn') as hours_of_operation_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::HoursOfOperation' + AND region = 'us-east-1' + hours_of_operation: + name: hours_of_operation + id: awscc.connect.hours_of_operation + x-cfn-schema-name: HoursOfOperation + x-type: get + x-identifiers: + - HoursOfOperationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.TimeZone') as time_zone, + JSON_EXTRACT(Properties, '$.Config') as config, + JSON_EXTRACT(Properties, '$.HoursOfOperationArn') as hours_of_operation_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::HoursOfOperation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'TimeZone') as time_zone, + json_extract_path_text(Properties, 'Config') as config, + json_extract_path_text(Properties, 'HoursOfOperationArn') as hours_of_operation_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::HoursOfOperation' + AND data__Identifier = '' + AND region = 'us-east-1' + instances: + name: instances + id: awscc.connect.instances + x-cfn-schema-name: Instance + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Instance' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Instance' + AND region = 'us-east-1' + instance: + name: instance + id: awscc.connect.instance + x-cfn-schema-name: Instance + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.IdentityManagementType') as identity_management_type, + JSON_EXTRACT(Properties, '$.InstanceAlias') as instance_alias, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.ServiceRole') as service_role, + JSON_EXTRACT(Properties, '$.InstanceStatus') as instance_status, + JSON_EXTRACT(Properties, '$.DirectoryId') as directory_id, + JSON_EXTRACT(Properties, '$.Attributes') as attributes, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Instance' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'IdentityManagementType') as identity_management_type, + json_extract_path_text(Properties, 'InstanceAlias') as instance_alias, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'ServiceRole') as service_role, + json_extract_path_text(Properties, 'InstanceStatus') as instance_status, + json_extract_path_text(Properties, 'DirectoryId') as directory_id, + json_extract_path_text(Properties, 'Attributes') as attributes, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Instance' + AND data__Identifier = '' + AND region = 'us-east-1' + instance_storage_configs: + name: instance_storage_configs + id: awscc.connect.instance_storage_configs + x-cfn-schema-name: InstanceStorageConfig + x-type: list + x-identifiers: + - InstanceArn + - AssociationId + - ResourceType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::InstanceStorageConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'AssociationId') as association_id, + json_extract_path_text(Properties, 'ResourceType') as resource_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::InstanceStorageConfig' + AND region = 'us-east-1' + instance_storage_config: + name: instance_storage_config + id: awscc.connect.instance_storage_config + x-cfn-schema-name: InstanceStorageConfig + x-type: get + x-identifiers: + - InstanceArn + - AssociationId + - ResourceType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id, + JSON_EXTRACT(Properties, '$.StorageType') as storage_type, + JSON_EXTRACT(Properties, '$.S3Config') as s3_config, + JSON_EXTRACT(Properties, '$.KinesisVideoStreamConfig') as kinesis_video_stream_config, + JSON_EXTRACT(Properties, '$.KinesisStreamConfig') as kinesis_stream_config, + JSON_EXTRACT(Properties, '$.KinesisFirehoseConfig') as kinesis_firehose_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::InstanceStorageConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'ResourceType') as resource_type, + json_extract_path_text(Properties, 'AssociationId') as association_id, + json_extract_path_text(Properties, 'StorageType') as storage_type, + json_extract_path_text(Properties, 'S3Config') as s3_config, + json_extract_path_text(Properties, 'KinesisVideoStreamConfig') as kinesis_video_stream_config, + json_extract_path_text(Properties, 'KinesisStreamConfig') as kinesis_stream_config, + json_extract_path_text(Properties, 'KinesisFirehoseConfig') as kinesis_firehose_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::InstanceStorageConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + integration_associations: + name: integration_associations + id: awscc.connect.integration_associations + x-cfn-schema-name: IntegrationAssociation + x-type: list + x-identifiers: + - InstanceId + - IntegrationType + - IntegrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.IntegrationType') as integration_type, + JSON_EXTRACT(Properties, '$.IntegrationArn') as integration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::IntegrationAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'IntegrationType') as integration_type, + json_extract_path_text(Properties, 'IntegrationArn') as integration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::IntegrationAssociation' + AND region = 'us-east-1' + integration_association: + name: integration_association + id: awscc.connect.integration_association + x-cfn-schema-name: IntegrationAssociation + x-type: get + x-identifiers: + - InstanceId + - IntegrationType + - IntegrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IntegrationAssociationId') as integration_association_id, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.IntegrationArn') as integration_arn, + JSON_EXTRACT(Properties, '$.IntegrationType') as integration_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::IntegrationAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IntegrationAssociationId') as integration_association_id, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'IntegrationArn') as integration_arn, + json_extract_path_text(Properties, 'IntegrationType') as integration_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::IntegrationAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + predefined_attributes: + name: predefined_attributes + id: awscc.connect.predefined_attributes + x-cfn-schema-name: PredefinedAttribute + x-type: list + x-identifiers: + - InstanceArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::PredefinedAttribute' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::PredefinedAttribute' + AND region = 'us-east-1' + predefined_attribute: + name: predefined_attribute + id: awscc.connect.predefined_attribute + x-cfn-schema-name: PredefinedAttribute + x-type: get + x-identifiers: + - InstanceArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Values') as _values + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::PredefinedAttribute' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Values') as _values + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::PredefinedAttribute' + AND data__Identifier = '' + AND region = 'us-east-1' + prompts: + name: prompts + id: awscc.connect.prompts + x-cfn-schema-name: Prompt + x-type: list + x-identifiers: + - PromptArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PromptArn') as prompt_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Prompt' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PromptArn') as prompt_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Prompt' + AND region = 'us-east-1' + prompt: + name: prompt + id: awscc.connect.prompt + x-cfn-schema-name: Prompt + x-type: get + x-identifiers: + - PromptArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.S3Uri') as s3_uri, + JSON_EXTRACT(Properties, '$.PromptArn') as prompt_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Prompt' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'S3Uri') as s3_uri, + json_extract_path_text(Properties, 'PromptArn') as prompt_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Prompt' + AND data__Identifier = '' + AND region = 'us-east-1' + queues: + name: queues + id: awscc.connect.queues + x-cfn-schema-name: Queue + x-type: list + x-identifiers: + - QueueArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.QueueArn') as queue_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Queue' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'QueueArn') as queue_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Queue' + AND region = 'us-east-1' + queue: + name: queue + id: awscc.connect.queue + x-cfn-schema-name: Queue + x-type: get + x-identifiers: + - QueueArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.HoursOfOperationArn') as hours_of_operation_arn, + JSON_EXTRACT(Properties, '$.MaxContacts') as max_contacts, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.OutboundCallerConfig') as outbound_caller_config, + JSON_EXTRACT(Properties, '$.QueueArn') as queue_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.QuickConnectArns') as quick_connect_arns, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Queue' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'HoursOfOperationArn') as hours_of_operation_arn, + json_extract_path_text(Properties, 'MaxContacts') as max_contacts, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'OutboundCallerConfig') as outbound_caller_config, + json_extract_path_text(Properties, 'QueueArn') as queue_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'QuickConnectArns') as quick_connect_arns, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Queue' + AND data__Identifier = '' + AND region = 'us-east-1' + quick_connects: + name: quick_connects + id: awscc.connect.quick_connects + x-cfn-schema-name: QuickConnect + x-type: list + x-identifiers: + - QuickConnectArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.QuickConnectArn') as quick_connect_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::QuickConnect' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'QuickConnectArn') as quick_connect_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::QuickConnect' + AND region = 'us-east-1' + quick_connect: + name: quick_connect + id: awscc.connect.quick_connect + x-cfn-schema-name: QuickConnect + x-type: get + x-identifiers: + - QuickConnectArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.QuickConnectConfig') as quick_connect_config, + JSON_EXTRACT(Properties, '$.QuickConnectArn') as quick_connect_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.QuickConnectType') as quick_connect_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::QuickConnect' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'QuickConnectConfig') as quick_connect_config, + json_extract_path_text(Properties, 'QuickConnectArn') as quick_connect_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'QuickConnectType') as quick_connect_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::QuickConnect' + AND data__Identifier = '' + AND region = 'us-east-1' + routing_profiles: + name: routing_profiles + id: awscc.connect.routing_profiles + x-cfn-schema-name: RoutingProfile + x-type: list + x-identifiers: + - RoutingProfileArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoutingProfileArn') as routing_profile_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::RoutingProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoutingProfileArn') as routing_profile_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::RoutingProfile' + AND region = 'us-east-1' + routing_profile: + name: routing_profile + id: awscc.connect.routing_profile + x-cfn-schema-name: RoutingProfile + x-type: get + x-identifiers: + - RoutingProfileArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.MediaConcurrencies') as media_concurrencies, + JSON_EXTRACT(Properties, '$.DefaultOutboundQueueArn') as default_outbound_queue_arn, + JSON_EXTRACT(Properties, '$.RoutingProfileArn') as routing_profile_arn, + JSON_EXTRACT(Properties, '$.QueueConfigs') as queue_configs, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AgentAvailabilityTimer') as agent_availability_timer + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::RoutingProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'MediaConcurrencies') as media_concurrencies, + json_extract_path_text(Properties, 'DefaultOutboundQueueArn') as default_outbound_queue_arn, + json_extract_path_text(Properties, 'RoutingProfileArn') as routing_profile_arn, + json_extract_path_text(Properties, 'QueueConfigs') as queue_configs, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AgentAvailabilityTimer') as agent_availability_timer + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::RoutingProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + rules: + name: rules + id: awscc.connect.rules + x-cfn-schema-name: Rule + x-type: list + x-identifiers: + - RuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleArn') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Rule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleArn') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::Rule' + AND region = 'us-east-1' + rule: + name: rule + id: awscc.connect.rule + x-cfn-schema-name: Rule + x-type: get + x-identifiers: + - RuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RuleArn') as rule_arn, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.TriggerEventSource') as trigger_event_source, + JSON_EXTRACT(Properties, '$.Function') as function, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.PublishStatus') as publish_status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Rule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RuleArn') as rule_arn, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'TriggerEventSource') as trigger_event_source, + json_extract_path_text(Properties, 'Function') as function, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'PublishStatus') as publish_status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::Rule' + AND data__Identifier = '' + AND region = 'us-east-1' + security_keys: + name: security_keys + id: awscc.connect.security_keys + x-cfn-schema-name: SecurityKey + x-type: list + x-identifiers: + - InstanceId + - AssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::SecurityKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'AssociationId') as association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::SecurityKey' + AND region = 'us-east-1' + security_key: + name: security_key + id: awscc.connect.security_key + x-cfn-schema-name: SecurityKey + x-type: get + x-identifiers: + - InstanceId + - AssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Key') as key, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::SecurityKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Key') as key, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'AssociationId') as association_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::SecurityKey' + AND data__Identifier = '' + AND region = 'us-east-1' + security_profiles: + name: security_profiles + id: awscc.connect.security_profiles + x-cfn-schema-name: SecurityProfile + x-type: list + x-identifiers: + - SecurityProfileArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SecurityProfileArn') as security_profile_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::SecurityProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SecurityProfileArn') as security_profile_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::SecurityProfile' + AND region = 'us-east-1' + security_profile: + name: security_profile + id: awscc.connect.security_profile + x-cfn-schema-name: SecurityProfile + x-type: get + x-identifiers: + - SecurityProfileArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AllowedAccessControlTags') as allowed_access_control_tags, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.SecurityProfileArn') as security_profile_arn, + JSON_EXTRACT(Properties, '$.SecurityProfileName') as security_profile_name, + JSON_EXTRACT(Properties, '$.TagRestrictedResources') as tag_restricted_resources, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::SecurityProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AllowedAccessControlTags') as allowed_access_control_tags, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'SecurityProfileArn') as security_profile_arn, + json_extract_path_text(Properties, 'SecurityProfileName') as security_profile_name, + json_extract_path_text(Properties, 'TagRestrictedResources') as tag_restricted_resources, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::SecurityProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + task_templates: + name: task_templates + id: awscc.connect.task_templates + x-cfn-schema-name: TaskTemplate + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::TaskTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::TaskTemplate' + AND region = 'us-east-1' + task_template: + name: task_template + id: awscc.connect.task_template + x-cfn-schema-name: TaskTemplate + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ContactFlowArn') as contact_flow_arn, + JSON_EXTRACT(Properties, '$.Constraints') as constraints, + JSON_EXTRACT(Properties, '$.Defaults') as defaults, + JSON_EXTRACT(Properties, '$.Fields') as fields, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.ClientToken') as client_token, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::TaskTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ContactFlowArn') as contact_flow_arn, + json_extract_path_text(Properties, 'Constraints') as constraints, + json_extract_path_text(Properties, 'Defaults') as defaults, + json_extract_path_text(Properties, 'Fields') as fields, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'ClientToken') as client_token, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::TaskTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + traffic_distribution_groups: + name: traffic_distribution_groups + id: awscc.connect.traffic_distribution_groups + x-cfn-schema-name: TrafficDistributionGroup + x-type: list + x-identifiers: + - TrafficDistributionGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TrafficDistributionGroupArn') as traffic_distribution_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::TrafficDistributionGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TrafficDistributionGroupArn') as traffic_distribution_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::TrafficDistributionGroup' + AND region = 'us-east-1' + traffic_distribution_group: + name: traffic_distribution_group + id: awscc.connect.traffic_distribution_group + x-cfn-schema-name: TrafficDistributionGroup + x-type: get + x-identifiers: + - TrafficDistributionGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.TrafficDistributionGroupArn') as traffic_distribution_group_arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.IsDefault') as is_default + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::TrafficDistributionGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'TrafficDistributionGroupArn') as traffic_distribution_group_arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'IsDefault') as is_default + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::TrafficDistributionGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + users: + name: users + id: awscc.connect.users + x-cfn-schema-name: User + x-type: list + x-identifiers: + - UserArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserArn') as user_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::User' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserArn') as user_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::User' + AND region = 'us-east-1' + user: + name: user + id: awscc.connect.user + x-cfn-schema-name: User + x-type: get + x-identifiers: + - UserArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.DirectoryUserId') as directory_user_id, + JSON_EXTRACT(Properties, '$.HierarchyGroupArn') as hierarchy_group_arn, + JSON_EXTRACT(Properties, '$.Username') as username, + JSON_EXTRACT(Properties, '$.Password') as password, + JSON_EXTRACT(Properties, '$.RoutingProfileArn') as routing_profile_arn, + JSON_EXTRACT(Properties, '$.IdentityInfo') as identity_info, + JSON_EXTRACT(Properties, '$.PhoneConfig') as phone_config, + JSON_EXTRACT(Properties, '$.SecurityProfileArns') as security_profile_arns, + JSON_EXTRACT(Properties, '$.UserArn') as user_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UserProficiencies') as user_proficiencies + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::User' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'DirectoryUserId') as directory_user_id, + json_extract_path_text(Properties, 'HierarchyGroupArn') as hierarchy_group_arn, + json_extract_path_text(Properties, 'Username') as username, + json_extract_path_text(Properties, 'Password') as password, + json_extract_path_text(Properties, 'RoutingProfileArn') as routing_profile_arn, + json_extract_path_text(Properties, 'IdentityInfo') as identity_info, + json_extract_path_text(Properties, 'PhoneConfig') as phone_config, + json_extract_path_text(Properties, 'SecurityProfileArns') as security_profile_arns, + json_extract_path_text(Properties, 'UserArn') as user_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UserProficiencies') as user_proficiencies + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::User' + AND data__Identifier = '' + AND region = 'us-east-1' + user_hierarchy_groups: + name: user_hierarchy_groups + id: awscc.connect.user_hierarchy_groups + x-cfn-schema-name: UserHierarchyGroup + x-type: list + x-identifiers: + - UserHierarchyGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserHierarchyGroupArn') as user_hierarchy_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::UserHierarchyGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserHierarchyGroupArn') as user_hierarchy_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::UserHierarchyGroup' + AND region = 'us-east-1' + user_hierarchy_group: + name: user_hierarchy_group + id: awscc.connect.user_hierarchy_group + x-cfn-schema-name: UserHierarchyGroup + x-type: get + x-identifiers: + - UserHierarchyGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.UserHierarchyGroupArn') as user_hierarchy_group_arn, + JSON_EXTRACT(Properties, '$.ParentGroupArn') as parent_group_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::UserHierarchyGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'UserHierarchyGroupArn') as user_hierarchy_group_arn, + json_extract_path_text(Properties, 'ParentGroupArn') as parent_group_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::UserHierarchyGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + views: + name: views + id: awscc.connect.views + x-cfn-schema-name: View + x-type: list + x-identifiers: + - ViewArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ViewArn') as view_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::View' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ViewArn') as view_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::View' + AND region = 'us-east-1' + view: + name: view + id: awscc.connect.view + x-cfn-schema-name: View + x-type: get + x-identifiers: + - ViewArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.ViewArn') as view_arn, + JSON_EXTRACT(Properties, '$.ViewId') as view_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Template') as template, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.ViewContentSha256') as view_content_sha256, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::View' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'ViewArn') as view_arn, + json_extract_path_text(Properties, 'ViewId') as view_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Template') as template, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'ViewContentSha256') as view_content_sha256, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::View' + AND data__Identifier = '' + AND region = 'us-east-1' + view_versions: + name: view_versions + id: awscc.connect.view_versions + x-cfn-schema-name: ViewVersion + x-type: list + x-identifiers: + - ViewVersionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ViewVersionArn') as view_version_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ViewVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ViewVersionArn') as view_version_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Connect::ViewVersion' + AND region = 'us-east-1' + view_version: + name: view_version + id: awscc.connect.view_version + x-cfn-schema-name: ViewVersion + x-type: get + x-identifiers: + - ViewVersionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ViewArn') as view_arn, + JSON_EXTRACT(Properties, '$.ViewVersionArn') as view_version_arn, + JSON_EXTRACT(Properties, '$.VersionDescription') as version_description, + JSON_EXTRACT(Properties, '$.ViewContentSha256') as view_content_sha256, + JSON_EXTRACT(Properties, '$.Version') as version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ViewVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ViewArn') as view_arn, + json_extract_path_text(Properties, 'ViewVersionArn') as view_version_arn, + json_extract_path_text(Properties, 'VersionDescription') as version_description, + json_extract_path_text(Properties, 'ViewContentSha256') as view_content_sha256, + json_extract_path_text(Properties, 'Version') as version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Connect::ViewVersion' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/connectcampaigns.yaml b/providers/src/awscc/v00.00.00000/services/connectcampaigns.yaml new file mode 100644 index 00000000..5499a415 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/connectcampaigns.yaml @@ -0,0 +1,250 @@ +openapi: 3.0.0 +info: + title: ConnectCampaigns + version: 1.0.0 +paths: {} +components: + schemas: + DialerConfig: + type: object + description: The possible types of dialer config parameters + properties: + ProgressiveDialerConfig: + $ref: '#/components/schemas/ProgressiveDialerConfig' + PredictiveDialerConfig: + $ref: '#/components/schemas/PredictiveDialerConfig' + AgentlessDialerConfig: + $ref: '#/components/schemas/AgentlessDialerConfig' + additionalProperties: false + oneOf: + - required: + - ProgressiveDialerConfig + - required: + - PredictiveDialerConfig + - required: + - AgentlessDialerConfig + OutboundCallConfig: + type: object + description: The configuration used for outbound calls. + properties: + ConnectContactFlowArn: + type: string + maxLength: 500 + description: The identifier of the contact flow for the outbound call. + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/contact-flow/[-a-zA-Z0-9]*$ + ConnectSourcePhoneNumber: + type: string + maxLength: 100 + description: The phone number associated with the Amazon Connect instance, in E.164 format. If you do not specify a source phone number, you must specify a queue. + ConnectQueueArn: + type: string + maxLength: 500 + description: The queue for the call. If you specify a queue, the phone displayed for caller ID is the phone number specified in the queue. If you do not specify a queue, the queue defined in the contact flow is used. If you do not specify a queue, you must specify a source phone number. + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/queue/[-a-zA-Z0-9]*$ + AnswerMachineDetectionConfig: + $ref: '#/components/schemas/AnswerMachineDetectionConfig' + required: + - ConnectContactFlowArn + additionalProperties: false + PredictiveDialerConfig: + type: object + description: Predictive Dialer config + properties: + BandwidthAllocation: + type: number + maximum: 1 + minimum: 0 + description: The bandwidth allocation of a queue resource. + DialingCapacity: + type: number + maximum: 1 + minimum: 0.01 + description: Allocates dialing capacity for this campaign between multiple active campaigns. + required: + - BandwidthAllocation + additionalProperties: false + ProgressiveDialerConfig: + type: object + description: Progressive Dialer config + properties: + BandwidthAllocation: + type: number + maximum: 1 + minimum: 0 + description: The bandwidth allocation of a queue resource. + DialingCapacity: + type: number + maximum: 1 + minimum: 0.01 + description: Allocates dialing capacity for this campaign between multiple active campaigns. + required: + - BandwidthAllocation + additionalProperties: false + AgentlessDialerConfig: + type: object + description: Agentless Dialer config + properties: + DialingCapacity: + type: number + maximum: 1 + minimum: 0.01 + description: Allocates dialing capacity for this campaign between multiple active campaigns. + required: [] + additionalProperties: false + AnswerMachineDetectionConfig: + type: object + description: The configuration used for answering machine detection during outbound calls + properties: + EnableAnswerMachineDetection: + type: boolean + description: Flag to decided whether outbound calls should have answering machine detection enabled or not + required: + - EnableAnswerMachineDetection + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + Value: + type: string + description: The value for the tag. You can specify a value that's 1 to 256 characters in length. + minLength: 1 + maxLength: 256 + required: + - Key + - Value + Campaign: + type: object + properties: + ConnectInstanceArn: + type: string + maxLength: 256 + minLength: 0 + description: Amazon Connect Instance Arn + pattern: ^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$ + DialerConfig: + $ref: '#/components/schemas/DialerConfig' + Arn: + type: string + maxLength: 256 + minLength: 0 + description: Amazon Connect Campaign Arn + pattern: ^arn:aws[-a-z0-9]*:connect-campaigns:[-a-z0-9]*:[0-9]{12}:campaign/[-a-zA-Z0-9]*$ + Name: + type: string + maxLength: 127 + minLength: 1 + description: Amazon Connect Campaign Name + OutboundCallConfig: + $ref: '#/components/schemas/OutboundCallConfig' + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: One or more tags. + items: + $ref: '#/components/schemas/Tag' + required: + - ConnectInstanceArn + - DialerConfig + - Name + - OutboundCallConfig + x-stackql-resource-name: campaign + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ConnectInstanceArn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - connect-campaigns:CreateCampaign + - connect-campaigns:DescribeCampaign + - connect-campaigns:TagResource + - connect:DescribeContactFlow + - connect:DescribeInstance + - connect:DescribeQueue + read: + - connect-campaigns:DescribeCampaign + delete: + - connect-campaigns:DeleteCampaign + list: + - connect-campaigns:ListCampaigns + update: + - connect-campaigns:UpdateCampaignDialerConfig + - connect-campaigns:UpdateCampaignName + - connect-campaigns:UpdateCampaignOutboundCallConfig + - connect-campaigns:TagResource + - connect-campaigns:UntagResource + - connect-campaigns:DescribeCampaign + x-stackQL-resources: + campaigns: + name: campaigns + id: awscc.connectcampaigns.campaigns + x-cfn-schema-name: Campaign + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ConnectCampaigns::Campaign' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ConnectCampaigns::Campaign' + AND region = 'us-east-1' + campaign: + name: campaign + id: awscc.connectcampaigns.campaign + x-cfn-schema-name: Campaign + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectInstanceArn') as connect_instance_arn, + JSON_EXTRACT(Properties, '$.DialerConfig') as dialer_config, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.OutboundCallConfig') as outbound_call_config, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ConnectCampaigns::Campaign' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectInstanceArn') as connect_instance_arn, + json_extract_path_text(Properties, 'DialerConfig') as dialer_config, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'OutboundCallConfig') as outbound_call_config, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ConnectCampaigns::Campaign' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/controltower.yaml b/providers/src/awscc/v00.00.00000/services/controltower.yaml new file mode 100644 index 00000000..6cb0e106 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/controltower.yaml @@ -0,0 +1,620 @@ +openapi: 3.0.0 +info: + title: ControlTower + version: 1.0.0 +paths: {} +components: + schemas: + Parameter: + type: object + properties: + Key: + type: string + maxLength: 256 + minLength: 1 + Value: + $ref: '#/components/schemas/AnyType' + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + maxLength: 256 + minLength: 1 + Value: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + AnyType: + anyOf: + - type: string + - type: object + - type: number + - type: array + items: + anyOf: + - type: boolean + - type: number + - type: object + - type: string + insertionOrder: false + - type: boolean + EnabledBaseline: + type: object + properties: + BaselineIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:aws[0-9a-zA-Z_\-:\/]+$ + BaselineVersion: + type: string + pattern: ^\d+(?:\.\d+){0,2}$ + EnabledBaselineIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:aws[0-9a-zA-Z_\-:\/]+$ + TargetIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:aws[0-9a-zA-Z_\-:\/]+$ + Parameters: + type: array + items: + $ref: '#/components/schemas/Parameter' + x-insertionOrder: false + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + required: + - BaselineIdentifier + - TargetIdentifier + - BaselineVersion + x-stackql-resource-name: enabled_baseline + x-stackql-primaryIdentifier: + - EnabledBaselineIdentifier + x-create-only-properties: + - TargetIdentifier + - BaselineIdentifier + x-read-only-properties: + - EnabledBaselineIdentifier + x-required-permissions: + create: + - controltower:EnableBaseline + - controltower:TagResource + - controltower:GetBaselineOperation + - controltower:GetEnabledBaseline + - controltower:ListTagsForResource + - organizations:CreateOrganizationalUnit + - organizations:CreateOrganization + - organizations:UpdatePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:DeletePolicy + - organizations:EnablePolicyType + - organizations:EnableAWSServiceAccess + - organizations:ListRoots + - servicecatalog:AssociatePrincipalWithPortfolio + - servicecatalog:AssociateProductWithPortfolio + - servicecatalog:CreatePortfolio + - servicecatalog:CreateProduct + - servicecatalog:CreateProvisioningArtifact + - servicecatalog:ListPortfolios + - servicecatalog:ListProvisioningArtifacts + - servicecatalog:SearchProductsAsAdmin + - servicecatalog:UpdatePortfolio + - servicecatalog:UpdateProvisioningArtifact + - servicecatalog:ListPrincipalsForPortfolio + - servicecatalog:DeleteProvisioningArtifact + read: + - controltower:GetEnabledBaseline + - controltower:ListEnabledBaselines + - controltower:ListTagsForResource + update: + - controltower:UpdateEnabledBaseline + - controltower:GetBaselineOperation + - organizations:CreateOrganizationalUnit + - organizations:CreateOrganization + - organizations:UpdatePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:DeletePolicy + - organizations:EnablePolicyType + - organizations:EnableAWSServiceAccess + - organizations:ListRoots + - servicecatalog:AssociatePrincipalWithPortfolio + - servicecatalog:AssociateProductWithPortfolio + - servicecatalog:CreatePortfolio + - servicecatalog:CreateProduct + - servicecatalog:CreateProvisioningArtifact + - servicecatalog:ListPortfolios + - servicecatalog:ListProvisioningArtifacts + - servicecatalog:SearchProductsAsAdmin + - servicecatalog:UpdatePortfolio + - servicecatalog:UpdateProvisioningArtifact + - servicecatalog:ListPrincipalsForPortfolio + - servicecatalog:DeleteProvisioningArtifact + - controltower:TagResource + - controltower:ListTagsForResource + - controltower:GetEnabledBaseline + delete: + - controltower:DisableBaseline + - controltower:GetBaselineOperation + - organizations:CreateOrganizationalUnit + - organizations:CreateOrganization + - organizations:UpdatePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:DeletePolicy + - organizations:EnablePolicyType + - organizations:EnableAWSServiceAccess + - organizations:ListRoots + - servicecatalog:AssociatePrincipalWithPortfolio + - servicecatalog:AssociateProductWithPortfolio + - servicecatalog:CreatePortfolio + - servicecatalog:CreateProduct + - servicecatalog:CreateProvisioningArtifact + - servicecatalog:ListPortfolios + - servicecatalog:ListProvisioningArtifacts + - servicecatalog:SearchProductsAsAdmin + - servicecatalog:UpdatePortfolio + - servicecatalog:UpdateProvisioningArtifact + - servicecatalog:ListPrincipalsForPortfolio + - servicecatalog:DeleteProvisioningArtifact + list: + - controltower:ListEnabledBaselines + EnabledControlParameter: + type: object + properties: + Value: + anyOf: + - type: array + items: + anyOf: + - type: string + - type: number + - type: object + - type: boolean + minItems: 1 + insertionOrder: false + - type: string + - type: number + - type: object + - type: boolean + Key: + type: string + required: + - Value + - Key + additionalProperties: false + EnabledControl: + type: object + properties: + ControlIdentifier: + description: Arn of the control. + type: string + pattern: ^arn:aws[0-9a-zA-Z_\-:\/]+$ + minLength: 20 + maxLength: 2048 + TargetIdentifier: + description: Arn for Organizational unit to which the control needs to be applied + type: string + pattern: ^arn:aws[0-9a-zA-Z_\-:\/]+$ + minLength: 20 + maxLength: 2048 + Parameters: + description: Parameters to configure the enabled control behavior. + type: array + items: + $ref: '#/components/schemas/EnabledControlParameter' + minItems: 1 + x-insertionOrder: false + Tags: + description: A set of tags to assign to the enabled control. + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + x-insertionOrder: false + required: + - TargetIdentifier + - ControlIdentifier + x-stackql-resource-name: enabled_control + x-stackql-primaryIdentifier: + - TargetIdentifier + - ControlIdentifier + x-create-only-properties: + - TargetIdentifier + - ControlIdentifier + x-required-permissions: + create: + - controltower:ListEnabledControls + - controltower:GetEnabledControl + - controltower:GetControlOperation + - controltower:EnableControl + - controltower:TagResource + - organizations:UpdatePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:ListPoliciesForTarget + - organizations:ListTargetsForPolicy + - organizations:DescribePolicy + update: + - controltower:ListEnabledControls + - controltower:GetEnabledControl + - controltower:GetControlOperation + - controltower:UpdateEnabledControl + - controltower:UntagResource + - controltower:TagResource + - organizations:UpdatePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:ListPoliciesForTarget + - organizations:ListTargetsForPolicy + - organizations:DescribePolicy + delete: + - controltower:GetControlOperation + - controltower:DisableControl + - organizations:UpdatePolicy + - organizations:DeletePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:ListPoliciesForTarget + - organizations:ListTargetsForPolicy + - organizations:DescribePolicy + read: + - controltower:ListEnabledControls + - controltower:GetEnabledControl + - controltower:ListTagsForResource + list: + - controltower:ListEnabledControls + LandingZoneDriftStatus: + type: string + enum: + - DRIFTED + - IN_SYNC + LandingZoneStatus: + type: string + enum: + - ACTIVE + - PROCESSING + - FAILED + LandingZone: + type: object + properties: + LandingZoneIdentifier: + type: string + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:aws[0-9a-zA-Z_\-:\/]+$ + Status: + $ref: '#/components/schemas/LandingZoneStatus' + LatestAvailableVersion: + type: string + maxLength: 10 + minLength: 3 + pattern: \d+.\d+ + DriftStatus: + $ref: '#/components/schemas/LandingZoneDriftStatus' + Manifest: {} + Version: + type: string + maxLength: 10 + minLength: 3 + pattern: \d+.\d+ + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - Manifest + - Version + x-stackql-resource-name: landing_zone + x-stackql-primaryIdentifier: + - LandingZoneIdentifier + x-read-only-properties: + - LandingZoneIdentifier + - Arn + - Status + - LatestAvailableVersion + - DriftStatus + x-required-permissions: + create: + - controltower:CreateLandingZone + - controltower:GetLandingZoneOperation + - controltower:ListTagsForResource + - controltower:TagResource + - controltower:GetLandingZone + - cloudformation:DescribeOrganizationsAccess + - servicecatalog:AssociatePrincipalWithPortfolio + - servicecatalog:AssociateProductWithPortfolio + - servicecatalog:CreatePortfolio + - servicecatalog:CreateProduct + - servicecatalog:CreateProvisioningArtifact + - servicecatalog:ListPortfolios + - servicecatalog:ListProvisioningArtifacts + - servicecatalog:SearchProductsAsAdmin + - servicecatalog:UpdatePortfolio + - servicecatalog:UpdateProvisioningArtifact + - servicecatalog:ListPrincipalsForPortfolio + - organizations:CreateOrganizationalUnit + - organizations:CreateOrganization + - organizations:UpdatePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:DeletePolicy + - organizations:EnablePolicyType + - organizations:EnableAWSServiceAccess + - organizations:ListRoots + - sso:GetPeregrineStatus + - sso:ListDirectoryAssociations + - sso:StartPeregrine + - sso:RegisterRegion + read: + - controltower:GetLandingZone + - controltower:ListTagsForResource + update: + - controltower:UpdateLandingZone + - controltower:GetLandingZoneOperation + - controltower:ListTagsForResource + - controltower:TagResource + - controltower:GetLandingZone + - controltower:UntagResource + - cloudformation:DescribeOrganizationsAccess + - servicecatalog:AssociatePrincipalWithPortfolio + - servicecatalog:AssociateProductWithPortfolio + - servicecatalog:CreatePortfolio + - servicecatalog:CreateProduct + - servicecatalog:CreateProvisioningArtifact + - servicecatalog:ListPortfolios + - servicecatalog:ListProvisioningArtifacts + - servicecatalog:SearchProductsAsAdmin + - servicecatalog:UpdatePortfolio + - servicecatalog:UpdateProvisioningArtifact + - servicecatalog:ListPrincipalsForPortfolio + - organizations:CreateOrganizationalUnit + - organizations:CreateOrganization + - organizations:UpdatePolicy + - organizations:CreatePolicy + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:DeletePolicy + - organizations:EnablePolicyType + - organizations:EnableAWSServiceAccess + - organizations:ListRoots + - sso:GetPeregrineStatus + - sso:ListDirectoryAssociations + - sso:StartPeregrine + - sso:RegisterRegion + delete: + - controltower:DeleteLandingZone + - controltower:GetLandingZone + - controltower:GetLandingZoneOperation + - cloudformation:DescribeOrganizationsAccess + - servicecatalog:ListPortfolios + - servicecatalog:ListProvisioningArtifacts + - servicecatalog:SearchProductsAsAdmin + - servicecatalog:DeleteProvisioningArtifact + - servicecatalog:ListPrincipalsForPortfolio + - servicecatalog:DeleteProduct + - servicecatalog:DisassociatePrincipalFromPortfolio + - servicecatalog:DisassociateProductFromPortfolio + - servicecatalog:DeletePortfolio + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:DeletePolicy + - organizations:ListRoots + - sso:GetPeregrineStatus + - sso:ListDirectoryAssociations + - iam:DeleteRolePolicy + - iam:DetachRolePolicy + - iam:DeleteRole + list: + - controltower:ListLandingZones + x-stackQL-resources: + enabled_baselines: + name: enabled_baselines + id: awscc.controltower.enabled_baselines + x-cfn-schema-name: EnabledBaseline + x-type: list + x-identifiers: + - EnabledBaselineIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnabledBaselineIdentifier') as enabled_baseline_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ControlTower::EnabledBaseline' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnabledBaselineIdentifier') as enabled_baseline_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ControlTower::EnabledBaseline' + AND region = 'us-east-1' + enabled_baseline: + name: enabled_baseline + id: awscc.controltower.enabled_baseline + x-cfn-schema-name: EnabledBaseline + x-type: get + x-identifiers: + - EnabledBaselineIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BaselineIdentifier') as baseline_identifier, + JSON_EXTRACT(Properties, '$.BaselineVersion') as baseline_version, + JSON_EXTRACT(Properties, '$.EnabledBaselineIdentifier') as enabled_baseline_identifier, + JSON_EXTRACT(Properties, '$.TargetIdentifier') as target_identifier, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ControlTower::EnabledBaseline' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BaselineIdentifier') as baseline_identifier, + json_extract_path_text(Properties, 'BaselineVersion') as baseline_version, + json_extract_path_text(Properties, 'EnabledBaselineIdentifier') as enabled_baseline_identifier, + json_extract_path_text(Properties, 'TargetIdentifier') as target_identifier, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ControlTower::EnabledBaseline' + AND data__Identifier = '' + AND region = 'us-east-1' + enabled_controls: + name: enabled_controls + id: awscc.controltower.enabled_controls + x-cfn-schema-name: EnabledControl + x-type: list + x-identifiers: + - TargetIdentifier + - ControlIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetIdentifier') as target_identifier, + JSON_EXTRACT(Properties, '$.ControlIdentifier') as control_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ControlTower::EnabledControl' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetIdentifier') as target_identifier, + json_extract_path_text(Properties, 'ControlIdentifier') as control_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ControlTower::EnabledControl' + AND region = 'us-east-1' + enabled_control: + name: enabled_control + id: awscc.controltower.enabled_control + x-cfn-schema-name: EnabledControl + x-type: get + x-identifiers: + - TargetIdentifier + - ControlIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ControlIdentifier') as control_identifier, + JSON_EXTRACT(Properties, '$.TargetIdentifier') as target_identifier, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ControlTower::EnabledControl' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ControlIdentifier') as control_identifier, + json_extract_path_text(Properties, 'TargetIdentifier') as target_identifier, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ControlTower::EnabledControl' + AND data__Identifier = '' + AND region = 'us-east-1' + landing_zones: + name: landing_zones + id: awscc.controltower.landing_zones + x-cfn-schema-name: LandingZone + x-type: list + x-identifiers: + - LandingZoneIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LandingZoneIdentifier') as landing_zone_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ControlTower::LandingZone' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LandingZoneIdentifier') as landing_zone_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ControlTower::LandingZone' + AND region = 'us-east-1' + landing_zone: + name: landing_zone + id: awscc.controltower.landing_zone + x-cfn-schema-name: LandingZone + x-type: get + x-identifiers: + - LandingZoneIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LandingZoneIdentifier') as landing_zone_identifier, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.LatestAvailableVersion') as latest_available_version, + JSON_EXTRACT(Properties, '$.DriftStatus') as drift_status, + JSON_EXTRACT(Properties, '$.Manifest') as manifest, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ControlTower::LandingZone' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LandingZoneIdentifier') as landing_zone_identifier, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'LatestAvailableVersion') as latest_available_version, + json_extract_path_text(Properties, 'DriftStatus') as drift_status, + json_extract_path_text(Properties, 'Manifest') as manifest, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ControlTower::LandingZone' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/cur.yaml b/providers/src/awscc/v00.00.00000/services/cur.yaml new file mode 100644 index 00000000..463fc53e --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/cur.yaml @@ -0,0 +1,194 @@ +openapi: 3.0.0 +info: + title: CUR + version: 1.0.0 +paths: {} +components: + schemas: + ReportDefinition: + type: object + properties: + ReportName: + description: The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces. + type: string + minLength: 1 + maxLength: 256 + pattern: '[0-9A-Za-z!\-_.*\''()]+' + TimeUnit: + description: The granularity of the line items in the report. + type: string + enum: + - HOURLY + - DAILY + - MONTHLY + Format: + description: The format that AWS saves the report in. + type: string + enum: + - textORcsv + - Parquet + Compression: + description: The compression format that AWS uses for the report. + type: string + enum: + - ZIP + - GZIP + - Parquet + AdditionalSchemaElements: + description: A list of strings that indicate additional content that Amazon Web Services includes in the report, such as individual resource IDs. + type: array + default: [] + items: + description: Whether or not AWS includes resource IDs in the report. + type: string + enum: + - RESOURCES + S3Bucket: + description: The S3 bucket where AWS delivers the report. + type: string + minLength: 1 + maxLength: 256 + pattern: '[A-Za-z0-9_\.\-]+' + S3Prefix: + description: The prefix that AWS adds to the report name when AWS delivers the report. Your prefix can't include spaces. + type: string + minLength: 1 + maxLength: 256 + pattern: '[0-9A-Za-z!\-_.*\''()/]*' + S3Region: + description: The region of the S3 bucket that AWS delivers the report into. + type: string + AdditionalArtifacts: + description: A list of manifests that you want Amazon Web Services to create for this report. + type: array + default: [] + items: + description: The types of manifest that you want AWS to create for this report. + type: string + enum: + - REDSHIFT + - QUICKSIGHT + - ATHENA + RefreshClosedReports: + description: Whether you want Amazon Web Services to update your reports after they have been finalized if Amazon Web Services detects charges related to previous months. These charges can include refunds, credits, or support fees. + type: boolean + ReportVersioning: + description: Whether you want Amazon Web Services to overwrite the previous version of each report or to deliver the report in addition to the previous versions. + type: string + enum: + - CREATE_NEW_REPORT + - OVERWRITE_REPORT + BillingViewArn: + description: The Amazon resource name of the billing view. You can get this value by using the billing view service public APIs. + type: string + default: null + pattern: (arn:aws(-cn)?:billing::[0-9]{12}:billingview/)?[a-zA-Z0-9_\+=\.\-@].{1,30} + minLength: 1 + maxLength: 128 + required: + - ReportName + - TimeUnit + - Format + - Compression + - S3Bucket + - S3Prefix + - S3Region + - RefreshClosedReports + - ReportVersioning + x-stackql-resource-name: report_definition + x-stackql-primaryIdentifier: + - ReportName + x-create-only-properties: + - ReportName + - AdditionalSchemaElements + - TimeUnit + - ReportVersioning + - BillingViewArn + x-required-permissions: + create: + - cur:PutReportDefinition + read: + - cur:DescribeReportDefinitions + update: + - cur:DescribeReportDefinitions + - cur:ModifyReportDefinition + delete: + - cur:DescribeReportDefinitions + - cur:DeleteReportDefinition + list: + - cur:DescribeReportDefinitions + x-stackQL-resources: + report_definitions: + name: report_definitions + id: awscc.cur.report_definitions + x-cfn-schema-name: ReportDefinition + x-type: list + x-identifiers: + - ReportName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReportName') as report_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CUR::ReportDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReportName') as report_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CUR::ReportDefinition' + AND region = 'us-east-1' + report_definition: + name: report_definition + id: awscc.cur.report_definition + x-cfn-schema-name: ReportDefinition + x-type: get + x-identifiers: + - ReportName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReportName') as report_name, + JSON_EXTRACT(Properties, '$.TimeUnit') as time_unit, + JSON_EXTRACT(Properties, '$.Format') as _format, + JSON_EXTRACT(Properties, '$.Compression') as compression, + JSON_EXTRACT(Properties, '$.AdditionalSchemaElements') as additional_schema_elements, + JSON_EXTRACT(Properties, '$.S3Bucket') as s3_bucket, + JSON_EXTRACT(Properties, '$.S3Prefix') as s3_prefix, + JSON_EXTRACT(Properties, '$.S3Region') as s3_region, + JSON_EXTRACT(Properties, '$.AdditionalArtifacts') as additional_artifacts, + JSON_EXTRACT(Properties, '$.RefreshClosedReports') as refresh_closed_reports, + JSON_EXTRACT(Properties, '$.ReportVersioning') as report_versioning, + JSON_EXTRACT(Properties, '$.BillingViewArn') as billing_view_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CUR::ReportDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReportName') as report_name, + json_extract_path_text(Properties, 'TimeUnit') as time_unit, + json_extract_path_text(Properties, 'Format') as _format, + json_extract_path_text(Properties, 'Compression') as compression, + json_extract_path_text(Properties, 'AdditionalSchemaElements') as additional_schema_elements, + json_extract_path_text(Properties, 'S3Bucket') as s3_bucket, + json_extract_path_text(Properties, 'S3Prefix') as s3_prefix, + json_extract_path_text(Properties, 'S3Region') as s3_region, + json_extract_path_text(Properties, 'AdditionalArtifacts') as additional_artifacts, + json_extract_path_text(Properties, 'RefreshClosedReports') as refresh_closed_reports, + json_extract_path_text(Properties, 'ReportVersioning') as report_versioning, + json_extract_path_text(Properties, 'BillingViewArn') as billing_view_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CUR::ReportDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/customerprofiles.yaml b/providers/src/awscc/v00.00.00000/services/customerprofiles.yaml new file mode 100644 index 00000000..d0dbb8c2 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/customerprofiles.yaml @@ -0,0 +1,1686 @@ +openapi: 3.0.0 +info: + title: CustomerProfiles + version: 1.0.0 +paths: {} +components: + schemas: + DomainName: + description: The unique name of the domain. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + CalculatedAttributeName: + description: The unique name of the calculated attribute. + type: string + pattern: ^[a-zA-Z_][a-zA-Z_0-9-]*$ + minLength: 1 + maxLength: 255 + DisplayName: + description: The display name of the calculated attribute. + type: string + pattern: ^[a-zA-Z_][a-zA-Z_0-9-\s]*$ + minLength: 1 + maxLength: 255 + Description: + description: The description of the calculated attribute. + type: string + minLength: 1 + maxLength: 1000 + AttributeName: + description: The name of an attribute defined in a profile object type. + type: string + pattern: ^[a-zA-Z0-9_.-]+$ + minLength: 1 + maxLength: 64 + AttributeItem: + description: The details of a single attribute item specified in the mathematical expression. + type: object + properties: + Name: + $ref: '#/components/schemas/AttributeName' + required: + - Name + additionalProperties: false + AttributeList: + description: A list of attribute items specified in the mathematical expression. + type: array + items: + $ref: '#/components/schemas/AttributeItem' + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 2 + Expression: + description: Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of "{ObjectTypeName.AttributeName}". + type: string + minLength: 1 + maxLength: 255 + AttributeDetails: + description: Mathematical expression and a list of attribute items specified in that expression. + type: object + properties: + Attributes: + $ref: '#/components/schemas/AttributeList' + Expression: + $ref: '#/components/schemas/Expression' + required: + - Attributes + - Expression + additionalProperties: false + RangeUnit: + description: The unit of time. + type: string + enum: + - DAYS + RangeValue: + description: The amount of time of the specified unit. + type: integer + minimum: 1 + maximum: 366 + Range: + description: The relative time period over which data is included in the aggregation. + type: object + properties: + Value: + $ref: '#/components/schemas/RangeValue' + Unit: + $ref: '#/components/schemas/RangeUnit' + required: + - Value + - Unit + additionalProperties: false + ObjectCount: + description: The number of profile objects used for the calculated attribute. + type: integer + minimum: 1 + maximum: 100 + ThresholdValue: + description: The value of the threshold. + type: string + minLength: 1 + maxLength: 255 + ThresholdOperator: + description: The operator of the threshold. + type: string + enum: + - EQUAL_TO + - GREATER_THAN + - LESS_THAN + - NOT_EQUAL_TO + Threshold: + description: The threshold for the calculated attribute. + type: object + properties: + Value: + $ref: '#/components/schemas/ThresholdValue' + Operator: + $ref: '#/components/schemas/ThresholdOperator' + required: + - Value + - Operator + additionalProperties: false + Conditions: + description: The conditions including range, object count, and threshold for the calculated attribute. + type: object + properties: + Range: + $ref: '#/components/schemas/Range' + ObjectCount: + $ref: '#/components/schemas/ObjectCount' + Threshold: + $ref: '#/components/schemas/Threshold' + additionalProperties: false + Statistic: + description: The aggregation operation to perform for the calculated attribute. + type: string + enum: + - FIRST_OCCURRENCE + - LAST_OCCURRENCE + - COUNT + - SUM + - MINIMUM + - MAXIMUM + - AVERAGE + - MAX_OCCURRENCE + Tag: + type: object + properties: + Key: + type: string + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + additionalProperties: false + required: + - Key + - Value + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + CalculatedAttributeDefinition: + type: object + properties: + DomainName: + $ref: '#/components/schemas/DomainName' + CalculatedAttributeName: + $ref: '#/components/schemas/CalculatedAttributeName' + DisplayName: + $ref: '#/components/schemas/DisplayName' + Description: + $ref: '#/components/schemas/Description' + AttributeDetails: + $ref: '#/components/schemas/AttributeDetails' + Conditions: + $ref: '#/components/schemas/Conditions' + Statistic: + $ref: '#/components/schemas/Statistic' + CreatedAt: + description: The timestamp of when the calculated attribute definition was created. + type: string + LastUpdatedAt: + description: The timestamp of when the calculated attribute definition was most recently edited. + type: string + Tags: + $ref: '#/components/schemas/Tags' + required: + - DomainName + - CalculatedAttributeName + - AttributeDetails + - Statistic + x-stackql-resource-name: calculated_attribute_definition + x-stackql-primaryIdentifier: + - DomainName + - CalculatedAttributeName + x-create-only-properties: + - DomainName + - CalculatedAttributeName + x-read-only-properties: + - CreatedAt + - LastUpdatedAt + x-required-permissions: + create: + - profile:CreateCalculatedAttributeDefinition + - profile:TagResource + read: + - profile:GetCalculatedAttributeDefinition + update: + - profile:GetCalculatedAttributeDefinition + - profile:UpdateCalculatedAttributeDefinition + - profile:UntagResource + - profile:TagResource + delete: + - profile:DeleteCalculatedAttributeDefinition + list: + - profile:ListCalculatedAttributeDefinitions + DomainStats: + type: object + description: Usage-specific statistics about the domain. + properties: + MeteringProfileCount: + description: The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on. + type: number + ObjectCount: + description: The total number of objects in domain. + type: number + ProfileCount: + description: The total number of profiles currently in the domain. + type: number + TotalSize: + description: The total size, in bytes, of all objects in the domain. + type: number + additionalProperties: false + S3ExportingConfig: + type: object + description: The S3 location where Identity Resolution Jobs write result files. + properties: + S3BucketName: + description: The name of the S3 bucket where Identity Resolution Jobs write result files. + type: string + minLength: 3 + maxLength: 63 + pattern: ^[a-z0-9.-]+$ + S3KeyName: + description: The S3 key name of the location where Identity Resolution Jobs write result files. + type: string + minLength: 1 + maxLength: 800 + pattern: .* + required: + - S3BucketName + additionalProperties: false + ExportingConfig: + type: object + description: Configuration information for exporting Identity Resolution results, for example, to an S3 bucket. + properties: + S3Exporting: + $ref: '#/components/schemas/S3ExportingConfig' + additionalProperties: false + JobSchedule: + type: object + description: The day and time when do you want to start the Identity Resolution Job every week. + properties: + DayOfTheWeek: + description: The day when the Identity Resolution Job should run every week. + type: string + enum: + - SUNDAY + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + Time: + description: The time when the Identity Resolution Job should run every week. + type: string + minLength: 3 + maxLength: 5 + pattern: ^([0-9]|0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$ + required: + - DayOfTheWeek + - Time + additionalProperties: false + ConflictResolution: + type: object + description: 'How the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same FirstName and LastName (and that is the matching criteria), which EmailAddress should be used? ' + properties: + ConflictResolvingModel: + description: How the auto-merging process should resolve conflicts between different profiles. + type: string + enum: + - RECENCY + - SOURCE + SourceName: + description: The ObjectType name that is used to resolve profile merging conflicts when choosing SOURCE as the ConflictResolvingModel. + type: string + minLength: 1 + maxLength: 255 + required: + - ConflictResolvingModel + additionalProperties: false + MatchingAttributes: + type: array + minItems: 1 + maxItems: 20 + items: + type: string + minLength: 1 + maxLength: 255 + Consolidation: + description: A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged. + type: object + properties: + MatchingAttributesList: + description: A list of matching criteria. + type: array + minItems: 1 + maxItems: 10 + items: + $ref: '#/components/schemas/MatchingAttributes' + required: + - MatchingAttributesList + additionalProperties: false + AutoMerging: + type: object + description: Configuration information about the auto-merging process. + properties: + Enabled: + description: The flag that enables the auto-merging of duplicate profiles. + type: boolean + ConflictResolution: + $ref: '#/components/schemas/ConflictResolution' + Consolidation: + $ref: '#/components/schemas/Consolidation' + MinAllowedConfidenceScoreForMerging: + description: A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means higher similarity required to merge profiles. + type: number + minimum: 0 + maximum: 1 + required: + - Enabled + additionalProperties: false + MatchingRuleAttributeList: + description: A single rule level of the MatchRules. Configures how the rule-based matching process should match profiles. + type: array + minItems: 1 + maxItems: 15 + items: + type: string + minLength: 1 + maxLength: 255 + MatchingRule: + description: Specifies how does the rule-based matching process should match profiles. + type: object + properties: + Rule: + $ref: '#/components/schemas/MatchingRuleAttributeList' + required: + - Rule + additionalProperties: false + AttributeTypesSelector: + description: Configures information about the AttributeTypesSelector where the rule-based identity resolution uses to match profiles. + type: object + properties: + AttributeMatchingModel: + description: Configures the AttributeMatchingModel, you can either choose ONE_TO_ONE or MANY_TO_MANY. + type: string + enum: + - ONE_TO_ONE + - MANY_TO_MANY + Address: + description: The Address type. You can choose from Address, BusinessAddress, MaillingAddress, and ShippingAddress. You only can use the Address type in the MatchingRule. For example, if you want to match profile based on BusinessAddress.City or MaillingAddress.City, you need to choose the BusinessAddress and the MaillingAddress to represent the Address type and specify the Address.City on the matching rule. + type: array + minItems: 1 + maxItems: 4 + items: + type: string + minLength: 1 + maxLength: 255 + EmailAddress: + description: The Email type. You can choose from EmailAddress, BusinessEmailAddress and PersonalEmailAddress. You only can use the EmailAddress type in the MatchingRule. For example, if you want to match profile based on PersonalEmailAddress or BusinessEmailAddress, you need to choose the PersonalEmailAddress and the BusinessEmailAddress to represent the EmailAddress type and only specify the EmailAddress on the matching rule. + type: array + minItems: 1 + maxItems: 3 + items: + type: string + minLength: 1 + maxLength: 255 + PhoneNumber: + description: The PhoneNumber type. You can choose from PhoneNumber, HomePhoneNumber, and MobilePhoneNumber. You only can use the PhoneNumber type in the MatchingRule. For example, if you want to match a profile based on Phone or HomePhone, you need to choose the Phone and the HomePhone to represent the PhoneNumber type and only specify the PhoneNumber on the matching rule. + type: array + minItems: 1 + maxItems: 4 + items: + type: string + minLength: 1 + maxLength: 255 + required: + - AttributeMatchingModel + additionalProperties: false + Matching: + description: >- + The process of matching duplicate profiles. If Matching = true, Amazon Connect Customer Profiles starts a weekly batch process called Identity Resolution Job. If you do not specify a date and time for Identity Resolution Job to run, by default it runs every Saturday at 12AM UTC to detect duplicate profiles in your domains. After the Identity Resolution Job completes, use the GetMatches API to return and review the results. Or, if you have configured ExportingConfig in the + MatchingRequest, you can download the results from S3. + type: object + properties: + Enabled: + description: The flag that enables the matching process of duplicate profiles. + type: boolean + AutoMerging: + $ref: '#/components/schemas/AutoMerging' + ExportingConfig: + $ref: '#/components/schemas/ExportingConfig' + JobSchedule: + $ref: '#/components/schemas/JobSchedule' + required: + - Enabled + additionalProperties: false + RuleBasedMatching: + description: The process of matching duplicate profiles using the Rule-Based matching. If RuleBasedMatching = true, Amazon Connect Customer Profiles will start to match and merge your profiles according to your configuration in the RuleBasedMatchingRequest. You can use the ListRuleBasedMatches and GetSimilarProfiles API to return and review the results. Also, if you have configured ExportingConfig in the RuleBasedMatchingRequest, you can download the results from S3. + type: object + properties: + Enabled: + description: The flag that enables the rule-based matching process of duplicate profiles. + type: boolean + AttributeTypesSelector: + $ref: '#/components/schemas/AttributeTypesSelector' + ConflictResolution: + $ref: '#/components/schemas/ConflictResolution' + ExportingConfig: + $ref: '#/components/schemas/ExportingConfig' + MatchingRules: + description: Configures how the rule-based matching process should match profiles. You can have up to 15 MatchingRule in the MatchingRules. + type: array + minItems: 1 + maxItems: 15 + items: + $ref: '#/components/schemas/MatchingRule' + MaxAllowedRuleLevelForMatching: + description: Indicates the maximum allowed rule level for matching. + type: integer + minimum: 1 + maximum: 15 + MaxAllowedRuleLevelForMerging: + description: Indicates the maximum allowed rule level for merging. + type: integer + minimum: 1 + maximum: 15 + Status: + type: string + enum: + - PENDING + - IN_PROGRESS + - ACTIVE + required: + - Enabled + additionalProperties: false + Domain: + type: object + properties: + DomainName: + description: The unique name of the domain. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + DeadLetterQueueUrl: + description: The URL of the SQS dead letter queue + type: string + minLength: 0 + maxLength: 255 + DefaultEncryptionKey: + description: The default encryption key + type: string + minLength: 0 + maxLength: 255 + DefaultExpirationDays: + description: The default number of days until the data within the domain expires. + type: integer + minimum: 1 + maximum: 1098 + Matching: + $ref: '#/components/schemas/Matching' + RuleBasedMatching: + $ref: '#/components/schemas/RuleBasedMatching' + Stats: + $ref: '#/components/schemas/DomainStats' + Tags: + description: The tags (keys and values) associated with the domain + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + CreatedAt: + description: The time of this integration got created + type: string + LastUpdatedAt: + description: The time of this integration got last updated at + type: string + required: + - DomainName + - DefaultExpirationDays + x-stackql-resource-name: domain + x-stackql-primaryIdentifier: + - DomainName + x-create-only-properties: + - DomainName + x-read-only-properties: + - LastUpdatedAt + - CreatedAt + - RuleBasedMatching/Status + - Stats + x-required-permissions: + create: + - profile:CreateDomain + - profile:TagResource + read: + - profile:GetDomain + update: + - profile:GetDomain + - profile:UpdateDomain + - profile:UntagResource + - profile:TagResource + delete: + - profile:DeleteDomain + list: + - profile:ListDomains + Uri: + description: The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name + type: string + minLength: 1 + maxLength: 255 + Status: + description: The status of enabling the Kinesis stream as a destination for export. + type: string + enum: + - HEALTHY + - UNHEALTHY + EventStream: + type: object + properties: + DomainName: + description: The unique name of the domain. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + EventStreamName: + description: The name of the event stream. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 255 + Uri: + $ref: '#/components/schemas/Uri' + EventStreamArn: + description: A unique identifier for the event stream. + type: string + minLength: 1 + maxLength: 255 + Tags: + description: The tags used to organize, track, or control access for this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + CreatedAt: + description: The timestamp of when the export was created. + type: string + State: + description: The operational state of destination stream for export. + type: string + enum: + - RUNNING + - STOPPED + DestinationDetails: + description: Details regarding the Kinesis stream. + type: object + properties: + Uri: + $ref: '#/components/schemas/Uri' + Status: + $ref: '#/components/schemas/Status' + required: + - Uri + - Status + additionalProperties: false + required: + - DomainName + - EventStreamName + - Uri + x-stackql-resource-name: event_stream + x-stackql-primaryIdentifier: + - DomainName + - EventStreamName + x-create-only-properties: + - DomainName + - EventStreamName + - Uri + x-read-only-properties: + - DestinationDetails + - CreatedAt + - State + - EventStreamArn + x-required-permissions: + create: + - profile:CreateEventStream + - iam:PutRolePolicy + - kinesis:DescribeStreamSummary + - profile:TagResource + read: + - profile:GetEventStream + - kinesis:DescribeStreamSummary + update: + - kinesis:DescribeStreamSummary + - profile:GetEventStream + - profile:UntagResource + - profile:TagResource + delete: + - profile:DeleteEventStream + - iam:DeleteRolePolicy + list: + - profile:ListEventStreams + Object: + type: string + maxLength: 512 + pattern: \S+ + additionalProperties: false + MarketoSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + S3SourceProperties: + type: object + properties: + BucketName: + type: string + minLength: 3 + maxLength: 63 + pattern: \S+ + BucketPrefix: + type: string + maxLength: 512 + pattern: .* + required: + - BucketName + additionalProperties: false + SalesforceSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + EnableDynamicFieldUpdate: + type: boolean + IncludeDeletedRecords: + type: boolean + required: + - Object + additionalProperties: false + ServiceNowSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + ZendeskSourceProperties: + type: object + properties: + Object: + $ref: '#/components/schemas/Object' + required: + - Object + additionalProperties: false + SourceConnectorProperties: + type: object + properties: + Marketo: + $ref: '#/components/schemas/MarketoSourceProperties' + S3: + $ref: '#/components/schemas/S3SourceProperties' + Salesforce: + $ref: '#/components/schemas/SalesforceSourceProperties' + ServiceNow: + $ref: '#/components/schemas/ServiceNowSourceProperties' + Zendesk: + $ref: '#/components/schemas/ZendeskSourceProperties' + additionalProperties: false + ConnectorType: + type: string + enum: + - Salesforce + - Marketo + - ServiceNow + - Zendesk + - S3 + IncrementalPullConfig: + type: object + properties: + DatetimeTypeFieldName: + type: string + maxLength: 256 + additionalProperties: false + SourceFlowConfig: + type: object + properties: + ConnectorType: + $ref: '#/components/schemas/ConnectorType' + ConnectorProfileName: + type: string + maxLength: 256 + pattern: '[\w/!@#+=.-]+' + IncrementalPullConfig: + $ref: '#/components/schemas/IncrementalPullConfig' + SourceConnectorProperties: + $ref: '#/components/schemas/SourceConnectorProperties' + required: + - ConnectorType + - SourceConnectorProperties + additionalProperties: false + ConnectorOperator: + type: object + properties: + Marketo: + $ref: '#/components/schemas/MarketoConnectorOperator' + S3: + $ref: '#/components/schemas/S3ConnectorOperator' + Salesforce: + $ref: '#/components/schemas/SalesforceConnectorOperator' + ServiceNow: + $ref: '#/components/schemas/ServiceNowConnectorOperator' + Zendesk: + $ref: '#/components/schemas/ZendeskConnectorOperator' + additionalProperties: false + Operator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - CONTAINS + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + MarketoConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - BETWEEN + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + S3ConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + SalesforceConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - CONTAINS + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + ServiceNowConnectorOperator: + type: string + enum: + - PROJECTION + - LESS_THAN + - GREATER_THAN + - CONTAINS + - BETWEEN + - LESS_THAN_OR_EQUAL_TO + - GREATER_THAN_OR_EQUAL_TO + - EQUAL_TO + - NOT_EQUAL_TO + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + ZendeskConnectorOperator: + type: string + enum: + - PROJECTION + - GREATER_THAN + - ADDITION + - MULTIPLICATION + - DIVISION + - SUBTRACTION + - MASK_ALL + - MASK_FIRST_N + - MASK_LAST_N + - VALIDATE_NON_NULL + - VALIDATE_NON_ZERO + - VALIDATE_NON_NEGATIVE + - VALIDATE_NUMERIC + - NO_OP + OperatorPropertiesKeys: + type: string + enum: + - VALUE + - VALUES + - DATA_TYPE + - UPPER_BOUND + - LOWER_BOUND + - SOURCE_DATA_TYPE + - DESTINATION_DATA_TYPE + - VALIDATION_ACTION + - MASK_VALUE + - MASK_LENGTH + - TRUNCATE_LENGTH + - MATH_OPERATION_FIELDS_ORDER + - CONCAT_FORMAT + - SUBFIELD_CATEGORY_MAP + DestinationField: + type: string + maxLength: 256 + pattern: .* + TaskType: + type: string + enum: + - Arithmetic + - Filter + - Map + - Mask + - Merge + - Truncate + - Validate + TaskPropertiesMap: + type: object + properties: + OperatorPropertyKey: + $ref: '#/components/schemas/OperatorPropertiesKeys' + Property: + type: string + maxLength: 2048 + pattern: .+ + required: + - OperatorPropertyKey + - Property + additionalProperties: false + Task: + type: object + properties: + ConnectorOperator: + $ref: '#/components/schemas/ConnectorOperator' + SourceFields: + type: array + items: + type: string + maxLength: 2048 + pattern: .* + DestinationField: + $ref: '#/components/schemas/DestinationField' + TaskType: + $ref: '#/components/schemas/TaskType' + TaskProperties: + type: array + items: + $ref: '#/components/schemas/TaskPropertiesMap' + required: + - SourceFields + - TaskType + additionalProperties: false + TriggerType: + type: string + enum: + - Scheduled + - Event + - OnDemand + Date: + type: number + ScheduledTriggerProperties: + type: object + properties: + ScheduleExpression: + type: string + maxLength: 256 + pattern: .* + DataPullMode: + type: string + enum: + - Incremental + - Complete + ScheduleStartTime: + $ref: '#/components/schemas/Date' + ScheduleEndTime: + $ref: '#/components/schemas/Date' + Timezone: + type: string + maxLength: 256 + pattern: .* + ScheduleOffset: + type: integer + minimum: 0 + maximum: 36000 + FirstExecutionFrom: + $ref: '#/components/schemas/Date' + required: + - ScheduleExpression + additionalProperties: false + TriggerProperties: + type: object + properties: + Scheduled: + $ref: '#/components/schemas/ScheduledTriggerProperties' + additionalProperties: false + TriggerConfig: + type: object + properties: + TriggerType: + $ref: '#/components/schemas/TriggerType' + TriggerProperties: + $ref: '#/components/schemas/TriggerProperties' + required: + - TriggerType + additionalProperties: false + FlowDefinition: + type: object + properties: + FlowName: + type: string + pattern: '[a-zA-Z0-9][\w!@#.-]+' + maxLength: 256 + Description: + type: string + pattern: '[\w!@#\-.?,\s]*' + maxLength: 2048 + KmsArn: + type: string + pattern: arn:aws:kms:.*:[0-9]+:.* + minLength: 20 + maxLength: 2048 + Tasks: + type: array + items: + $ref: '#/components/schemas/Task' + TriggerConfig: + $ref: '#/components/schemas/TriggerConfig' + SourceFlowConfig: + $ref: '#/components/schemas/SourceFlowConfig' + required: + - FlowName + - KmsArn + - Tasks + - TriggerConfig + - SourceFlowConfig + additionalProperties: false + ObjectTypeMapping: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 255 + Value: + type: string + pattern: ^[a-zA-Z_][a-zA-Z_0-9-]*$ + minLength: 1 + maxLength: 255 + additionalProperties: false + required: + - Key + - Value + Integration: + type: object + properties: + DomainName: + description: The unique name of the domain. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + Uri: + description: The URI of the S3 bucket or any other type of data source. + type: string + minLength: 1 + maxLength: 255 + FlowDefinition: + $ref: '#/components/schemas/FlowDefinition' + ObjectTypeName: + description: The name of the ObjectType defined for the 3rd party data in Profile Service + type: string + pattern: ^[a-zA-Z_][a-zA-Z_0-9-]*$ + minLength: 1 + maxLength: 255 + CreatedAt: + description: The time of this integration got created + type: string + LastUpdatedAt: + description: The time of this integration got last updated at + type: string + Tags: + description: The tags (keys and values) associated with the integration + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + ObjectTypeNames: + description: The mapping between 3rd party event types and ObjectType names + type: array + items: + $ref: '#/components/schemas/ObjectTypeMapping' + required: + - DomainName + x-stackql-resource-name: integration + x-stackql-primaryIdentifier: + - DomainName + - Uri + x-create-only-properties: + - DomainName + - Uri + x-read-only-properties: + - LastUpdatedAt + - CreatedAt + x-required-permissions: + create: + - profile:GetIntegration + - profile:PutIntegration + - appflow:CreateFlow + - app-integrations:CreateEventIntegrationAssociation + - app-integrations:GetEventIntegration + - events:ListTargetsByRule + - events:PutRule + - events:PutTargets + - events:PutEvents + - profile:TagResource + read: + - profile:GetIntegration + delete: + - profile:DeleteIntegration + - appflow:DeleteFlow + - app-integrations:ListEventIntegrationAssociations + - app-integrations:DeleteEventIntegrationAssociation + - events:RemoveTargets + - events:ListTargetsByRule + - events:DeleteRule + update: + - profile:PutIntegration + - profile:GetIntegration + - appflow:CreateFlow + - app-integrations:GetEventIntegration + - app-integrations:CreateEventIntegrationAssociation + - app-integrations:ListEventIntegrationAssociations + - app-integrations:DeleteEventIntegrationAssociation + - events:ListTargetsByRule + - events:RemoveTargets + - events:DeleteRule + - events:PutRule + - events:PutTargets + - events:PutEvents + - profile:UntagResource + - profile:TagResource + list: + - profile:ListIntegrations + FieldMap: + type: object + properties: + Name: + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + ObjectTypeField: + $ref: '#/components/schemas/ObjectTypeField' + additionalProperties: false + ObjectTypeField: + description: Represents a field in a ProfileObjectType. + type: object + properties: + Source: + description: 'A field of a ProfileObject. For example: _source.FirstName, where "_source" is a ProfileObjectType of a Zendesk user and "FirstName" is a field in that ObjectType.' + type: string + minLength: 1 + maxLength: 1000 + Target: + description: 'The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.' + type: string + minLength: 1 + maxLength: 1000 + ContentType: + description: The content type of the field. Used for determining equality when searching. + type: string + enum: + - STRING + - NUMBER + - PHONE_NUMBER + - EMAIL_ADDRESS + - NAME + additionalProperties: false + KeyMap: + type: object + properties: + Name: + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + ObjectTypeKeyList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ObjectTypeKey' + additionalProperties: false + ObjectTypeKey: + description: An object that defines the Key element of a ProfileObject. A Key is a special element that can be used to search for a customer profile. + type: object + properties: + FieldNames: + description: 'The reference for the key name of the fields map. ' + type: array + items: + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + StandardIdentifiers: + description: >- + The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the + profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles. + type: array + items: + type: string + enum: + - PROFILE + - UNIQUE + - SECONDARY + - LOOKUP_ONLY + - NEW_ONLY + - ASSET + - CASE + - ORDER + additionalProperties: false + ObjectType: + type: object + properties: + DomainName: + description: The unique name of the domain. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + ObjectTypeName: + description: The name of the profile object type. + type: string + pattern: ^[a-zA-Z_][a-zA-Z_0-9-]*$ + minLength: 1 + maxLength: 255 + AllowProfileCreation: + description: Indicates whether a profile should be created when data is received. + type: boolean + Description: + description: Description of the profile object type. + type: string + minLength: 1 + maxLength: 1000 + EncryptionKey: + description: The default encryption key + type: string + minLength: 0 + maxLength: 255 + ExpirationDays: + description: The default number of days until the data within the domain expires. + type: integer + minimum: 1 + maximum: 1098 + Fields: + description: A list of the name and ObjectType field. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/FieldMap' + Keys: + description: A list of unique keys that can be used to map data to the profile. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/KeyMap' + CreatedAt: + description: The time of this integration got created. + type: string + LastUpdatedAt: + description: The time of this integration got last updated at. + type: string + SourceLastUpdatedTimestampFormat: + description: The format of your sourceLastUpdatedTimestamp that was previously set up. + type: string + minLength: 1 + maxLength: 255 + Tags: + description: The tags (keys and values) associated with the integration. + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + TemplateId: + description: A unique identifier for the object template. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + minLength: 1 + maxLength: 64 + required: + - DomainName + - ObjectTypeName + - Description + x-stackql-resource-name: object_type + x-stackql-primaryIdentifier: + - DomainName + - ObjectTypeName + x-create-only-properties: + - DomainName + - ObjectTypeName + x-read-only-properties: + - LastUpdatedAt + - CreatedAt + x-required-permissions: + create: + - profile:GetProfileObjectType + - profile:PutProfileObjectType + - profile:TagResource + read: + - profile:GetProfileObjectType + update: + - profile:GetProfileObjectType + - profile:PutProfileObjectType + - profile:UntagResource + - profile:TagResource + delete: + - profile:DeleteProfileObjectType + list: + - profile:ListProfileObjectTypes + x-stackQL-resources: + calculated_attribute_definitions: + name: calculated_attribute_definitions + id: awscc.customerprofiles.calculated_attribute_definitions + x-cfn-schema-name: CalculatedAttributeDefinition + x-type: list + x-identifiers: + - DomainName + - CalculatedAttributeName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.CalculatedAttributeName') as calculated_attribute_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::CalculatedAttributeDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'CalculatedAttributeName') as calculated_attribute_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::CalculatedAttributeDefinition' + AND region = 'us-east-1' + calculated_attribute_definition: + name: calculated_attribute_definition + id: awscc.customerprofiles.calculated_attribute_definition + x-cfn-schema-name: CalculatedAttributeDefinition + x-type: get + x-identifiers: + - DomainName + - CalculatedAttributeName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.CalculatedAttributeName') as calculated_attribute_name, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.AttributeDetails') as attribute_details, + JSON_EXTRACT(Properties, '$.Conditions') as conditions, + JSON_EXTRACT(Properties, '$.Statistic') as statistic, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::CalculatedAttributeDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'CalculatedAttributeName') as calculated_attribute_name, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'AttributeDetails') as attribute_details, + json_extract_path_text(Properties, 'Conditions') as conditions, + json_extract_path_text(Properties, 'Statistic') as statistic, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::CalculatedAttributeDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + domains: + name: domains + id: awscc.customerprofiles.domains + x-cfn-schema-name: Domain + x-type: list + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::Domain' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::Domain' + AND region = 'us-east-1' + domain: + name: domain + id: awscc.customerprofiles.domain + x-cfn-schema-name: Domain + x-type: get + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.DeadLetterQueueUrl') as dead_letter_queue_url, + JSON_EXTRACT(Properties, '$.DefaultEncryptionKey') as default_encryption_key, + JSON_EXTRACT(Properties, '$.DefaultExpirationDays') as default_expiration_days, + JSON_EXTRACT(Properties, '$.Matching') as matching, + JSON_EXTRACT(Properties, '$.RuleBasedMatching') as rule_based_matching, + JSON_EXTRACT(Properties, '$.Stats') as stats, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'DeadLetterQueueUrl') as dead_letter_queue_url, + json_extract_path_text(Properties, 'DefaultEncryptionKey') as default_encryption_key, + json_extract_path_text(Properties, 'DefaultExpirationDays') as default_expiration_days, + json_extract_path_text(Properties, 'Matching') as matching, + json_extract_path_text(Properties, 'RuleBasedMatching') as rule_based_matching, + json_extract_path_text(Properties, 'Stats') as stats, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + event_streams: + name: event_streams + id: awscc.customerprofiles.event_streams + x-cfn-schema-name: EventStream + x-type: list + x-identifiers: + - DomainName + - EventStreamName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.EventStreamName') as event_stream_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::EventStream' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'EventStreamName') as event_stream_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::EventStream' + AND region = 'us-east-1' + event_stream: + name: event_stream + id: awscc.customerprofiles.event_stream + x-cfn-schema-name: EventStream + x-type: get + x-identifiers: + - DomainName + - EventStreamName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.EventStreamName') as event_stream_name, + JSON_EXTRACT(Properties, '$.Uri') as uri, + JSON_EXTRACT(Properties, '$.EventStreamArn') as event_stream_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.DestinationDetails') as destination_details + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::EventStream' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'EventStreamName') as event_stream_name, + json_extract_path_text(Properties, 'Uri') as uri, + json_extract_path_text(Properties, 'EventStreamArn') as event_stream_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'DestinationDetails') as destination_details + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::EventStream' + AND data__Identifier = '' + AND region = 'us-east-1' + integrations: + name: integrations + id: awscc.customerprofiles.integrations + x-cfn-schema-name: Integration + x-type: list + x-identifiers: + - DomainName + - Uri + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Uri') as uri + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::Integration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Uri') as uri + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::Integration' + AND region = 'us-east-1' + integration: + name: integration + id: awscc.customerprofiles.integration + x-cfn-schema-name: Integration + x-type: get + x-identifiers: + - DomainName + - Uri + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Uri') as uri, + JSON_EXTRACT(Properties, '$.FlowDefinition') as flow_definition, + JSON_EXTRACT(Properties, '$.ObjectTypeName') as object_type_name, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ObjectTypeNames') as object_type_names + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::Integration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Uri') as uri, + json_extract_path_text(Properties, 'FlowDefinition') as flow_definition, + json_extract_path_text(Properties, 'ObjectTypeName') as object_type_name, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ObjectTypeNames') as object_type_names + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::Integration' + AND data__Identifier = '' + AND region = 'us-east-1' + object_types: + name: object_types + id: awscc.customerprofiles.object_types + x-cfn-schema-name: ObjectType + x-type: list + x-identifiers: + - DomainName + - ObjectTypeName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.ObjectTypeName') as object_type_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::ObjectType' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'ObjectTypeName') as object_type_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::CustomerProfiles::ObjectType' + AND region = 'us-east-1' + object_type: + name: object_type + id: awscc.customerprofiles.object_type + x-cfn-schema-name: ObjectType + x-type: get + x-identifiers: + - DomainName + - ObjectTypeName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.ObjectTypeName') as object_type_name, + JSON_EXTRACT(Properties, '$.AllowProfileCreation') as allow_profile_creation, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EncryptionKey') as encryption_key, + JSON_EXTRACT(Properties, '$.ExpirationDays') as expiration_days, + JSON_EXTRACT(Properties, '$.Fields') as fields, + JSON_EXTRACT(Properties, '$.Keys') as keys, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.SourceLastUpdatedTimestampFormat') as source_last_updated_timestamp_format, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TemplateId') as template_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::ObjectType' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'ObjectTypeName') as object_type_name, + json_extract_path_text(Properties, 'AllowProfileCreation') as allow_profile_creation, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EncryptionKey') as encryption_key, + json_extract_path_text(Properties, 'ExpirationDays') as expiration_days, + json_extract_path_text(Properties, 'Fields') as fields, + json_extract_path_text(Properties, 'Keys') as keys, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'SourceLastUpdatedTimestampFormat') as source_last_updated_timestamp_format, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TemplateId') as template_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::CustomerProfiles::ObjectType' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/databrew.yaml b/providers/src/awscc/v00.00.00000/services/databrew.yaml new file mode 100644 index 00000000..fb7245fa --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/databrew.yaml @@ -0,0 +1,1763 @@ +openapi: 3.0.0 +info: + title: DataBrew + version: 1.0.0 +paths: {} +components: + schemas: + JsonOptions: + description: Json options + type: object + properties: + MultiLine: + type: boolean + additionalProperties: false + ExcelOptions: + type: object + properties: + SheetNames: + type: array + x-insertionOrder: true + items: + type: string + minItems: 1 + maxItems: 1 + SheetIndexes: + type: array + x-insertionOrder: true + items: + type: integer + minItems: 1 + maxItems: 1 + HeaderRow: + type: boolean + oneOf: + - required: + - SheetNames + - required: + - SheetIndexes + additionalProperties: false + CsvOptions: + description: Csv options + type: object + properties: + Delimiter: + type: string + minLength: 1 + maxLength: 1 + HeaderRow: + type: boolean + additionalProperties: false + FormatOptions: + description: Format options for dataset + type: object + properties: + Json: + $ref: '#/components/schemas/JsonOptions' + Excel: + $ref: '#/components/schemas/ExcelOptions' + Csv: + $ref: '#/components/schemas/CsvOptions' + additionalProperties: false + Input: + description: Input + type: object + properties: + S3InputDefinition: + $ref: '#/components/schemas/S3Location' + DataCatalogInputDefinition: + $ref: '#/components/schemas/DataCatalogInputDefinition' + DatabaseInputDefinition: + $ref: '#/components/schemas/DatabaseInputDefinition' + Metadata: + $ref: '#/components/schemas/Metadata' + additionalProperties: false + S3Location: + description: Input location + type: object + properties: + Bucket: + type: string + Key: + type: string + additionalProperties: false + required: + - Bucket + DataCatalogInputDefinition: + type: object + properties: + CatalogId: + description: Catalog id + type: string + DatabaseName: + description: Database name + type: string + TableName: + description: Table name + type: string + TempDirectory: + $ref: '#/components/schemas/S3Location' + additionalProperties: false + DatabaseInputDefinition: + type: object + properties: + GlueConnectionName: + description: Glue connection name + type: string + DatabaseTableName: + description: Database table name + type: string + TempDirectory: + $ref: '#/components/schemas/S3Location' + QueryString: + description: Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs. + type: string + additionalProperties: false + required: + - GlueConnectionName + Metadata: + type: object + properties: + SourceArn: + description: 'Arn of the source of the dataset. For e.g.: AppFlow Flow ARN.' + type: string + additionalProperties: false + PathOptions: + description: Path options for dataset + type: object + properties: + FilesLimit: + $ref: '#/components/schemas/FilesLimit' + LastModifiedDateCondition: + $ref: '#/components/schemas/FilterExpression' + Parameters: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/PathParameter' + additionalProperties: false + FilesLimit: + type: object + properties: + MaxFiles: + description: Maximum number of files + type: integer + OrderedBy: + description: Ordered by + enum: + - LAST_MODIFIED_DATE + type: string + Order: + description: Order + enum: + - ASCENDING + - DESCENDING + type: string + additionalProperties: false + required: + - MaxFiles + PathParameter: + description: A key-value pair to associate dataset parameter name with its definition. + type: object + properties: + PathParameterName: + $ref: '#/components/schemas/PathParameterName' + DatasetParameter: + $ref: '#/components/schemas/DatasetParameter' + additionalProperties: false + required: + - PathParameterName + - DatasetParameter + PathParameterName: + description: Parameter name + type: string + minLength: 1 + maxLength: 255 + DatasetParameter: + type: object + properties: + Name: + $ref: '#/components/schemas/PathParameterName' + Type: + description: Parameter type + enum: + - String + - Number + - Datetime + type: string + DatetimeOptions: + $ref: '#/components/schemas/DatetimeOptions' + CreateColumn: + description: Add the value of this parameter as a column in a dataset. + type: boolean + Filter: + $ref: '#/components/schemas/FilterExpression' + additionalProperties: false + required: + - Name + - Type + DatetimeOptions: + type: object + properties: + Format: + description: Date/time format of a date parameter + type: string + minLength: 2 + maxLength: 100 + TimezoneOffset: + description: Timezone offset + type: string + minLength: 1 + maxLength: 6 + pattern: ^(Z|[-+](\d|\d{2}|\d{2}:?\d{2}))$ + LocaleCode: + description: Locale code for a date parameter + type: string + minLength: 2 + maxLength: 100 + pattern: ^[A-Za-z0-9_\.#@\-]+$ + additionalProperties: false + required: + - Format + FilterExpression: + type: object + properties: + Expression: + description: Filtering expression for a parameter + type: string + minLength: 4 + maxLength: 1024 + pattern: ^[><0-9A-Za-z_.,:)(!= ]+$ + ValuesMap: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/FilterValue' + additionalProperties: false + required: + - Expression + - ValuesMap + FilterValue: + description: A key-value pair to associate expression variable names with their values + type: object + properties: + ValueReference: + description: Variable name + type: string + minLength: 2 + maxLength: 128 + pattern: ^:[A-Za-z0-9_]+$ + Value: + type: string + minLength: 0 + maxLength: 1024 + additionalProperties: false + required: + - ValueReference + - Value + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + additionalProperties: false + required: + - Value + - Key + Dataset: + type: object + properties: + Name: + description: Dataset name + type: string + minLength: 1 + maxLength: 255 + Format: + description: Dataset format + enum: + - CSV + - JSON + - PARQUET + - EXCEL + - ORC + type: string + FormatOptions: + description: Format options for dataset + $ref: '#/components/schemas/FormatOptions' + Input: + description: Input + $ref: '#/components/schemas/Input' + PathOptions: + description: PathOptions + $ref: '#/components/schemas/PathOptions' + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Input + x-stackql-resource-name: dataset + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Tags + x-required-permissions: + create: + - databrew:CreateDataset + - databrew:TagResource + - databrew:UntagResource + - glue:GetConnection + - glue:GetTable + - iam:PassRole + read: + - databrew:DescribeDataset + - databrew:ListTagsForResource + - iam:ListRoles + update: + - databrew:UpdateDataset + - glue:GetConnection + - glue:GetTable + delete: + - databrew:DeleteDataset + list: + - databrew:ListDatasets + - databrew:ListTagsForResource + - iam:ListRoles + CsvOutputOptions: + description: Output Csv options + type: object + properties: + Delimiter: + type: string + minLength: 1 + maxLength: 1 + additionalProperties: false + OutputFormatOptions: + description: Format options for job Output + type: object + properties: + Csv: + $ref: '#/components/schemas/CsvOutputOptions' + additionalProperties: false + OutputLocation: + description: Output location + type: object + properties: + Bucket: + type: string + Key: + type: string + BucketOwner: + type: string + minLength: 12 + maxLength: 12 + additionalProperties: false + required: + - Bucket + Output: + type: object + properties: + CompressionFormat: + enum: + - GZIP + - LZ4 + - SNAPPY + - BZIP2 + - DEFLATE + - LZO + - BROTLI + - ZSTD + - ZLIB + type: string + Format: + enum: + - CSV + - JSON + - PARQUET + - GLUEPARQUET + - AVRO + - ORC + - XML + - TABLEAUHYPER + type: string + FormatOptions: + $ref: '#/components/schemas/OutputFormatOptions' + PartitionColumns: + type: array + x-insertionOrder: true + uniqueItems: true + items: + type: string + Location: + $ref: '#/components/schemas/S3Location' + Overwrite: + type: boolean + MaxOutputFiles: + type: integer + minimum: 1 + maximum: 999 + additionalProperties: false + required: + - Location + DataCatalogOutput: + type: object + properties: + CatalogId: + type: string + minLength: 1 + maxLength: 255 + DatabaseName: + type: string + minLength: 1 + maxLength: 255 + TableName: + type: string + minLength: 1 + maxLength: 255 + S3Options: + $ref: '#/components/schemas/S3TableOutputOptions' + DatabaseOptions: + $ref: '#/components/schemas/DatabaseTableOutputOptions' + Overwrite: + type: boolean + additionalProperties: false + required: + - DatabaseName + - TableName + S3TableOutputOptions: + type: object + properties: + Location: + $ref: '#/components/schemas/S3Location' + additionalProperties: false + required: + - Location + DatabaseTableOutputOptions: + type: object + properties: + TempDirectory: + $ref: '#/components/schemas/S3Location' + TableName: + type: string + minLength: 1 + maxLength: 255 + additionalProperties: false + required: + - TableName + DatabaseOutput: + type: object + properties: + GlueConnectionName: + description: Glue connection name + type: string + DatabaseOutputMode: + description: Database table name + enum: + - NEW_TABLE + type: string + DatabaseOptions: + $ref: '#/components/schemas/DatabaseTableOutputOptions' + additionalProperties: false + required: + - GlueConnectionName + - DatabaseOptions + Recipe: + type: object + properties: + Description: + description: Description of the recipe + minLength: 0 + maxLength: 1024 + type: string + Name: + description: Recipe name + type: string + minLength: 1 + maxLength: 255 + Steps: + type: array + x-insertionOrder: true + items: + type: object + $ref: '#/components/schemas/RecipeStep' + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Steps + x-stackql-resource-name: recipe + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Tags + x-required-permissions: + create: + - databrew:CreateRecipe + - databrew:TagResource + - databrew:UntagResource + - iam:PassRole + read: + - databrew:DescribeRecipe + - databrew:ListTagsForResource + - iam:ListRoles + delete: + - databrew:DeleteRecipeVersion + list: + - databrew:ListRecipes + - databrew:ListTagsForResource + - iam:ListRoles + update: + - databrew:UpdateRecipe + SampleMode: + description: Sample configuration mode for profile jobs. + enum: + - FULL_DATASET + - CUSTOM_ROWS + type: string + JobSize: + description: Sample configuration size for profile jobs. + format: int64 + type: integer + JobSample: + description: Job Sample + type: object + properties: + Mode: + $ref: '#/components/schemas/SampleMode' + Size: + $ref: '#/components/schemas/JobSize' + additionalProperties: false + ProfileConfiguration: + type: object + properties: + DatasetStatisticsConfiguration: + $ref: '#/components/schemas/StatisticsConfiguration' + ProfileColumns: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ColumnSelector' + minItems: 1 + ColumnStatisticsConfigurations: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ColumnStatisticsConfiguration' + minItems: 1 + EntityDetectorConfiguration: + $ref: '#/components/schemas/EntityDetectorConfiguration' + additionalProperties: false + EntityDetectorConfiguration: + type: object + additionalProperties: false + required: + - EntityTypes + properties: + EntityTypes: + type: array + x-insertionOrder: true + minItems: 1 + items: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[A-Z_][A-Z\\d_]*$ + AllowedStatistics: + $ref: '#/components/schemas/AllowedStatistics' + AllowedStatistics: + type: object + additionalProperties: false + required: + - Statistics + properties: + Statistics: + type: array + x-insertionOrder: true + minItems: 1 + items: + $ref: '#/components/schemas/Statistic' + ColumnStatisticsConfiguration: + type: object + properties: + Selectors: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ColumnSelector' + minItems: 1 + Statistics: + $ref: '#/components/schemas/StatisticsConfiguration' + required: + - Statistics + additionalProperties: false + StatisticsConfiguration: + type: object + properties: + IncludedStatistics: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Statistic' + minItems: 1 + Overrides: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/StatisticOverride' + minItems: 1 + additionalProperties: false + ColumnSelector: + description: Selector of a column from a dataset for profile job configuration. One selector includes either a column name or a regular expression + type: object + properties: + Regex: + description: A regular expression for selecting a column from a dataset + type: string + minLength: 1 + maxLength: 255 + Name: + description: The name of a column from a dataset + type: string + minLength: 1 + maxLength: 255 + additionalProperties: false + Statistic: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[A-Z\_]+$ + StatisticOverride: + type: object + properties: + Statistic: + $ref: '#/components/schemas/Statistic' + Parameters: + $ref: '#/components/schemas/ParameterMap' + required: + - Statistic + - Parameters + additionalProperties: false + ParameterMap: + type: object + additionalProperties: false + x-patternProperties: + ^[A-Za-z0-9]{1,128}$: + type: string + ValidationMode: + type: string + enum: + - CHECK_ALL + ValidationConfiguration: + description: Configuration to attach Rulesets to the job + type: object + additionalProperties: false + properties: + RulesetArn: + description: Arn of the Ruleset + type: string + minLength: 20 + maxLength: 2048 + ValidationMode: + $ref: '#/components/schemas/ValidationMode' + required: + - RulesetArn + Job: + type: object + properties: + DatasetName: + description: Dataset name + type: string + minLength: 1 + maxLength: 255 + EncryptionKeyArn: + description: Encryption Key Arn + type: string + minLength: 20 + maxLength: 2048 + EncryptionMode: + description: Encryption mode + enum: + - SSE-KMS + - SSE-S3 + type: string + Name: + description: Job name + type: string + minLength: 1 + maxLength: 255 + Type: + description: Job type + enum: + - PROFILE + - RECIPE + type: string + LogSubscription: + description: Log subscription + enum: + - ENABLE + - DISABLE + type: string + MaxCapacity: + description: Max capacity + type: integer + MaxRetries: + description: Max retries + type: integer + Outputs: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Output' + DataCatalogOutputs: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/DataCatalogOutput' + DatabaseOutputs: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/DatabaseOutput' + OutputLocation: + description: Output location + $ref: '#/components/schemas/OutputLocation' + ProjectName: + description: Project name + type: string + minLength: 1 + maxLength: 255 + Recipe: + $ref: '#/components/schemas/Recipe' + RoleArn: + description: Role arn + type: string + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + Timeout: + description: Timeout + type: integer + JobSample: + description: Job Sample + $ref: '#/components/schemas/JobSample' + ProfileConfiguration: + description: Profile Job configuration + $ref: '#/components/schemas/ProfileConfiguration' + ValidationConfigurations: + description: Data quality rules configuration + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ValidationConfiguration' + required: + - Name + - RoleArn + - Type + x-stackql-resource-name: job + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Type + - Tags + x-required-permissions: + create: + - databrew:CreateProfileJob + - databrew:CreateRecipeJob + - databrew:TagResource + - databrew:UntagResource + - iam:PassRole + read: + - databrew:DescribeJob + - databrew:ListTagsForResource + - iam:ListRoles + update: + - databrew:UpdateProfileJob + - databrew:UpdateRecipeJob + - iam:PassRole + delete: + - databrew:DeleteJob + list: + - databrew:ListJobs + - databrew:ListTagsForResource + - iam:ListRoles + Sample: + type: object + properties: + Size: + description: Sample size + minimum: 1 + type: integer + Type: + description: Sample type + enum: + - FIRST_N + - LAST_N + - RANDOM + type: string + additionalProperties: false + required: + - Type + Project: + type: object + properties: + DatasetName: + description: Dataset name + type: string + minLength: 1 + maxLength: 255 + Name: + description: Project name + type: string + minLength: 1 + maxLength: 255 + RecipeName: + description: Recipe name + type: string + minLength: 1 + maxLength: 255 + RoleArn: + description: Role arn + type: string + Sample: + description: Sample + $ref: '#/components/schemas/Sample' + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - DatasetName + - Name + - RecipeName + - RoleArn + x-stackql-resource-name: project + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Tags + x-required-permissions: + create: + - databrew:CreateProject + - databrew:TagResource + - databrew:UntagResource + - iam:PassRole + read: + - databrew:DescribeProject + - databrew:ListTagsForResource + - iam:ListRoles + update: + - databrew:UpdateProject + - iam:PassRole + delete: + - databrew:DeleteProject + list: + - databrew:ListProjects + - databrew:ListTagsForResource + - iam:ListRoles + SecondaryInput: + description: Secondary input + type: object + properties: + S3InputDefinition: + $ref: '#/components/schemas/S3Location' + DataCatalogInputDefinition: + $ref: '#/components/schemas/DataCatalogInputDefinition' + oneOf: + - required: + - S3InputDefinition + - required: + - DataCatalogInputDefinition + additionalProperties: false + RecipeStep: + type: object + properties: + Action: + $ref: '#/components/schemas/Action' + ConditionExpressions: + description: Condition expressions applied to the step action + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ConditionExpression' + additionalProperties: false + required: + - Action + Action: + type: object + properties: + Operation: + description: Step action operation + type: string + Parameters: + anyOf: + - $ref: '#/components/schemas/RecipeParameters' + - $ref: '#/components/schemas/ParameterMap' + additionalProperties: false + required: + - Operation + ConditionExpression: + description: Condition expressions applied to the step action + type: object + properties: + Condition: + description: Input condition to be applied to the target column + type: string + Value: + description: Value of the condition + type: string + TargetColumn: + description: Name of the target column + type: string + additionalProperties: false + required: + - Condition + - TargetColumn + RecipeParameters: + additionalProperties: false + properties: + AggregateFunction: + type: string + Base: + type: string + CaseStatement: + type: string + CategoryMap: + type: string + CharsToRemove: + type: string + CollapseConsecutiveWhitespace: + type: string + ColumnDataType: + type: string + ColumnRange: + type: string + Count: + type: string + CustomCharacters: + type: string + CustomStopWords: + type: string + CustomValue: + type: string + DatasetsColumns: + type: string + DateAddValue: + type: string + DateTimeFormat: + type: string + DateTimeParameters: + type: string + DeleteOtherRows: + type: string + Delimiter: + type: string + EndPattern: + type: string + EndPosition: + type: string + EndValue: + type: string + ExpandContractions: + type: string + Exponent: + type: string + FalseString: + type: string + GroupByAggFunctionOptions: + type: string + GroupByColumns: + type: string + HiddenColumns: + type: string + IgnoreCase: + type: string + IncludeInSplit: + type: string + Interval: + type: string + IsText: + type: string + JoinKeys: + type: string + JoinType: + type: string + LeftColumns: + type: string + Limit: + type: string + LowerBound: + type: string + MapType: + type: string + ModeType: + type: string + MultiLine: + type: boolean + NumRows: + type: string + NumRowsAfter: + type: string + NumRowsBefore: + type: string + OrderByColumn: + type: string + OrderByColumns: + type: string + Other: + type: string + Pattern: + type: string + PatternOption1: + type: string + PatternOption2: + type: string + PatternOptions: + type: string + Period: + type: string + Position: + type: string + RemoveAllPunctuation: + type: string + RemoveAllQuotes: + type: string + RemoveAllWhitespace: + type: string + RemoveCustomCharacters: + type: string + RemoveCustomValue: + type: string + RemoveLeadingAndTrailingPunctuation: + type: string + RemoveLeadingAndTrailingQuotes: + type: string + RemoveLeadingAndTrailingWhitespace: + type: string + RemoveLetters: + type: string + RemoveNumbers: + type: string + RemoveSourceColumn: + type: string + RemoveSpecialCharacters: + type: string + RightColumns: + type: string + SampleSize: + type: string + SampleType: + type: string + SecondInput: + type: string + SecondaryInputs: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/SecondaryInput' + SourceColumn: + type: string + SourceColumn1: + type: string + SourceColumn2: + type: string + SourceColumns: + type: string + StartColumnIndex: + type: string + StartPattern: + type: string + StartPosition: + type: string + StartValue: + type: string + StemmingMode: + type: string + StepCount: + type: string + StepIndex: + type: string + StopWordsMode: + type: string + Strategy: + type: string + SheetNames: + type: array + x-insertionOrder: true + items: + type: string + minItems: 1 + maxItems: 1 + SheetIndexes: + type: array + x-insertionOrder: true + items: + type: integer + minItems: 1 + maxItems: 1 + TargetColumn: + type: string + TargetColumnNames: + type: string + TargetDateFormat: + type: string + TargetIndex: + type: string + TimeZone: + type: string + TokenizerPattern: + type: string + TrueString: + type: string + UdfLang: + type: string + Units: + type: string + UnpivotColumn: + type: string + UpperBound: + type: string + UseNewDataFrame: + type: string + Value: + type: string + Value1: + type: string + Value2: + type: string + ValueColumn: + type: string + ViewFrame: + type: string + Input: + description: Input + type: object + properties: + S3InputDefinition: + $ref: '#/components/schemas/S3Location' + DataCatalogInputDefinition: + $ref: '#/components/schemas/DataCatalogInputDefinition' + oneOf: + - required: + - S3InputDefinition + - required: + - DataCatalogInputDefinition + additionalProperties: false + Expression: + description: Expression with rule conditions + type: string + minLength: 4 + maxLength: 1024 + pattern: ^[><0-9A-Za-z_.,:)(!= ]+$ + SubstitutionValue: + description: A key-value pair to associate expression's substitution variable names with their values + type: object + properties: + ValueReference: + description: Variable name + type: string + minLength: 2 + maxLength: 128 + pattern: ^:[A-Za-z0-9_]+$ + Value: + description: Value or column name + type: string + minLength: 0 + maxLength: 1024 + additionalProperties: false + required: + - ValueReference + - Value + ValuesMap: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/SubstitutionValue' + ThresholdValue: + description: Threshold value for a rule + type: number + ThresholdType: + description: Threshold type for a rule + enum: + - GREATER_THAN_OR_EQUAL + - LESS_THAN_OR_EQUAL + - GREATER_THAN + - LESS_THAN + type: string + ThresholdUnit: + description: Threshold unit for a rule + enum: + - COUNT + - PERCENTAGE + type: string + Threshold: + type: object + properties: + Value: + $ref: '#/components/schemas/ThresholdValue' + Type: + $ref: '#/components/schemas/ThresholdType' + Unit: + $ref: '#/components/schemas/ThresholdUnit' + required: + - Value + additionalProperties: false + Disabled: + description: Boolean value to disable/enable a rule + type: boolean + Rule: + description: Data quality rule for a target resource (dataset) + type: object + properties: + Name: + description: Name of the rule + type: string + minLength: 1 + maxLength: 128 + Disabled: + $ref: '#/components/schemas/Disabled' + CheckExpression: + $ref: '#/components/schemas/Expression' + SubstitutionMap: + $ref: '#/components/schemas/ValuesMap' + Threshold: + $ref: '#/components/schemas/Threshold' + ColumnSelectors: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ColumnSelector' + minItems: 1 + required: + - Name + - CheckExpression + additionalProperties: false + Ruleset: + type: object + properties: + Name: + description: Name of the Ruleset + type: string + minLength: 1 + maxLength: 255 + Description: + description: Description of the Ruleset + type: string + maxLength: 1024 + TargetArn: + description: Arn of the target resource (dataset) to apply the ruleset to + type: string + minLength: 20 + maxLength: 2048 + Rules: + description: List of the data quality rules in the ruleset + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Rule' + minItems: 1 + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - TargetArn + - Rules + x-stackql-resource-name: ruleset + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - TargetArn + x-required-permissions: + create: + - databrew:CreateRuleset + - databrew:TagResource + - databrew:UntagResource + - iam:PassRole + read: + - databrew:DescribeRuleset + - databrew:ListTagsForResource + - iam:ListRoles + update: + - databrew:UpdateRuleset + delete: + - databrew:DeleteRuleset + list: + - databrew:ListRulesets + - databrew:ListTagsForResource + - iam:ListRoles + JobName: + description: Job name + type: string + minLength: 1 + maxLength: 255 + Schedule: + type: object + properties: + JobNames: + type: array + x-insertionOrder: true + uniqueItems: true + items: + $ref: '#/components/schemas/JobName' + CronExpression: + description: Schedule cron + type: string + minLength: 1 + maxLength: 512 + Name: + description: Schedule Name + type: string + minLength: 1 + maxLength: 255 + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - CronExpression + x-stackql-resource-name: schedule + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Tags + x-required-permissions: + create: + - databrew:CreateSchedule + - databrew:TagResource + - databrew:UntagResource + - iam:PassRole + read: + - databrew:DescribeSchedule + - databrew:ListTagsForResource + - iam:ListRoles + update: + - databrew:UpdateSchedule + delete: + - databrew:DeleteSchedule + list: + - databrew:ListSchedules + - databrew:ListTagsForResource + - iam:ListRoles + x-stackQL-resources: + datasets: + name: datasets + id: awscc.databrew.datasets + x-cfn-schema-name: Dataset + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Dataset' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Dataset' + AND region = 'us-east-1' + dataset: + name: dataset + id: awscc.databrew.dataset + x-cfn-schema-name: Dataset + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Format') as _format, + JSON_EXTRACT(Properties, '$.FormatOptions') as format_options, + JSON_EXTRACT(Properties, '$.Input') as input, + JSON_EXTRACT(Properties, '$.PathOptions') as path_options, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Format') as _format, + json_extract_path_text(Properties, 'FormatOptions') as format_options, + json_extract_path_text(Properties, 'Input') as input, + json_extract_path_text(Properties, 'PathOptions') as path_options, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + recipes: + name: recipes + id: awscc.databrew.recipes + x-cfn-schema-name: Recipe + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Recipe' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Recipe' + AND region = 'us-east-1' + recipe: + name: recipe + id: awscc.databrew.recipe + x-cfn-schema-name: Recipe + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Steps') as steps, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Recipe' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Steps') as steps, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Recipe' + AND data__Identifier = '' + AND region = 'us-east-1' + jobs: + name: jobs + id: awscc.databrew.jobs + x-cfn-schema-name: Job + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Job' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Job' + AND region = 'us-east-1' + job: + name: job + id: awscc.databrew.job + x-cfn-schema-name: Job + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetName') as dataset_name, + JSON_EXTRACT(Properties, '$.EncryptionKeyArn') as encryption_key_arn, + JSON_EXTRACT(Properties, '$.EncryptionMode') as encryption_mode, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.LogSubscription') as log_subscription, + JSON_EXTRACT(Properties, '$.MaxCapacity') as max_capacity, + JSON_EXTRACT(Properties, '$.MaxRetries') as max_retries, + JSON_EXTRACT(Properties, '$.Outputs') as outputs, + JSON_EXTRACT(Properties, '$.DataCatalogOutputs') as data_catalog_outputs, + JSON_EXTRACT(Properties, '$.DatabaseOutputs') as database_outputs, + JSON_EXTRACT(Properties, '$.OutputLocation') as output_location, + JSON_EXTRACT(Properties, '$.ProjectName') as project_name, + JSON_EXTRACT(Properties, '$.Recipe') as recipe, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Timeout') as timeout, + JSON_EXTRACT(Properties, '$.JobSample') as job_sample, + JSON_EXTRACT(Properties, '$.ProfileConfiguration') as profile_configuration, + JSON_EXTRACT(Properties, '$.ValidationConfigurations') as validation_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Job' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetName') as dataset_name, + json_extract_path_text(Properties, 'EncryptionKeyArn') as encryption_key_arn, + json_extract_path_text(Properties, 'EncryptionMode') as encryption_mode, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'LogSubscription') as log_subscription, + json_extract_path_text(Properties, 'MaxCapacity') as max_capacity, + json_extract_path_text(Properties, 'MaxRetries') as max_retries, + json_extract_path_text(Properties, 'Outputs') as outputs, + json_extract_path_text(Properties, 'DataCatalogOutputs') as data_catalog_outputs, + json_extract_path_text(Properties, 'DatabaseOutputs') as database_outputs, + json_extract_path_text(Properties, 'OutputLocation') as output_location, + json_extract_path_text(Properties, 'ProjectName') as project_name, + json_extract_path_text(Properties, 'Recipe') as recipe, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Timeout') as timeout, + json_extract_path_text(Properties, 'JobSample') as job_sample, + json_extract_path_text(Properties, 'ProfileConfiguration') as profile_configuration, + json_extract_path_text(Properties, 'ValidationConfigurations') as validation_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Job' + AND data__Identifier = '' + AND region = 'us-east-1' + projects: + name: projects + id: awscc.databrew.projects + x-cfn-schema-name: Project + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Project' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Project' + AND region = 'us-east-1' + project: + name: project + id: awscc.databrew.project + x-cfn-schema-name: Project + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetName') as dataset_name, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RecipeName') as recipe_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Sample') as sample, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetName') as dataset_name, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RecipeName') as recipe_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Sample') as sample, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + rulesets: + name: rulesets + id: awscc.databrew.rulesets + x-cfn-schema-name: Ruleset + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Ruleset' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Ruleset' + AND region = 'us-east-1' + ruleset: + name: ruleset + id: awscc.databrew.ruleset + x-cfn-schema-name: Ruleset + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.TargetArn') as target_arn, + JSON_EXTRACT(Properties, '$.Rules') as rules, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Ruleset' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'TargetArn') as target_arn, + json_extract_path_text(Properties, 'Rules') as rules, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Ruleset' + AND data__Identifier = '' + AND region = 'us-east-1' + schedules: + name: schedules + id: awscc.databrew.schedules + x-cfn-schema-name: Schedule + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Schedule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataBrew::Schedule' + AND region = 'us-east-1' + schedule: + name: schedule + id: awscc.databrew.schedule + x-cfn-schema-name: Schedule + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobNames') as job_names, + JSON_EXTRACT(Properties, '$.CronExpression') as cron_expression, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Schedule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobNames') as job_names, + json_extract_path_text(Properties, 'CronExpression') as cron_expression, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataBrew::Schedule' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/datapipeline.yaml b/providers/src/awscc/v00.00.00000/services/datapipeline.yaml new file mode 100644 index 00000000..a0dae5a4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/datapipeline.yaml @@ -0,0 +1,250 @@ +openapi: 3.0.0 +info: + title: DataPipeline + version: 1.0.0 +paths: {} +components: + schemas: + ParameterObject: + type: object + properties: + Attributes: + description: The attributes of the parameter object. + uniqueItems: false + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ParameterAttribute' + Id: + description: The ID of the parameter object. + type: string + required: + - Attributes + - Id + additionalProperties: false + ParameterAttribute: + type: object + properties: + Key: + description: The field identifier. + type: string + StringValue: + description: The field value, expressed as a String. + type: string + required: + - Key + - StringValue + additionalProperties: false + ParameterValue: + type: object + properties: + Id: + description: The ID of the parameter value. + type: string + StringValue: + description: The field value, expressed as a String. + type: string + required: + - Id + - StringValue + additionalProperties: false + Field: + type: object + additionalProperties: false + properties: + Key: + description: Specifies the name of a field for a particular object. To view valid values for a particular field, see Pipeline Object Reference in the AWS Data Pipeline Developer Guide. + type: string + RefValue: + description: A field value that you specify as an identifier of another object in the same pipeline definition. + type: string + StringValue: + description: A field value that you specify as a string. To view valid values for a particular field, see Pipeline Object Reference in the AWS Data Pipeline Developer Guide. + type: string + required: + - Key + PipelineObject: + type: object + additionalProperties: false + properties: + Fields: + description: Key-value pairs that define the properties of the object. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Field' + Id: + description: The ID of the object. + type: string + Name: + description: The name of the object. + type: string + required: + - Fields + - Id + - Name + PipelineTag: + type: object + additionalProperties: false + properties: + Key: + description: The key name of a tag. + type: string + Value: + description: The value to associate with the key name. + type: string + required: + - Key + - Value + Pipeline: + type: object + properties: + Activate: + description: Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to true. + type: boolean + Description: + description: A description of the pipeline. + type: string + Name: + description: The name of the pipeline. + type: string + ParameterObjects: + description: The parameter objects used with the pipeline. + uniqueItems: false + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ParameterObject' + ParameterValues: + description: The parameter values used with the pipeline. + uniqueItems: false + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ParameterValue' + PipelineObjects: + description: The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see Editing Your Pipeline in the AWS Data Pipeline Developer Guide. + uniqueItems: false + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/PipelineObject' + PipelineTags: + description: A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see Controlling Access to Pipelines and Resources in the AWS Data Pipeline Developer Guide. + uniqueItems: false + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/PipelineTag' + PipelineId: + type: string + required: + - Name + x-stackql-resource-name: pipeline + x-stackql-primaryIdentifier: + - PipelineId + x-create-only-properties: + - Description + - Name + x-read-only-properties: + - PipelineId + x-required-permissions: + create: + - datapipeline:CreatePipeline + - datapipeline:PutPipelineDefinition + - datapipeline:GetPipelineDefinition + - datapipeline:DescribePipelines + - datapipeline:ValidatePipelineDefinition + - datapipeline:ActivatePipeline + - datapipeline:AddTags + - iam:PassRole + read: + - datapipeline:GetPipelineDefinition + - datapipeline:DescribePipelines + update: + - datapipeline:PutPipelineDefinition + - datapipeline:AddTags + - datapipeline:RemoveTags + - datapipeline:DeactivatePipeline + - datapipeline:GetPipelineDefinition + - datapipeline:ActivatePipeline + - datapipeline:ValidatePipelineDefinition + - datapipeline:DescribePipelines + - datapipeline:AddTags + - datapipeline:RemoveTags + - iam:PassRole + delete: + - datapipeline:DeletePipeline + - datapipeline:DescribePipelines + - datapipeline:GetPipelineDefinition + - datapipeline:RemoveTags + list: + - datapipeline:ListPipelines + x-stackQL-resources: + pipelines: + name: pipelines + id: awscc.datapipeline.pipelines + x-cfn-schema-name: Pipeline + x-type: list + x-identifiers: + - PipelineId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PipelineId') as pipeline_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataPipeline::Pipeline' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PipelineId') as pipeline_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataPipeline::Pipeline' + AND region = 'us-east-1' + pipeline: + name: pipeline + id: awscc.datapipeline.pipeline + x-cfn-schema-name: Pipeline + x-type: get + x-identifiers: + - PipelineId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Activate') as activate, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ParameterObjects') as parameter_objects, + JSON_EXTRACT(Properties, '$.ParameterValues') as parameter_values, + JSON_EXTRACT(Properties, '$.PipelineObjects') as pipeline_objects, + JSON_EXTRACT(Properties, '$.PipelineTags') as pipeline_tags, + JSON_EXTRACT(Properties, '$.PipelineId') as pipeline_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataPipeline::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Activate') as activate, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ParameterObjects') as parameter_objects, + json_extract_path_text(Properties, 'ParameterValues') as parameter_values, + json_extract_path_text(Properties, 'PipelineObjects') as pipeline_objects, + json_extract_path_text(Properties, 'PipelineTags') as pipeline_tags, + json_extract_path_text(Properties, 'PipelineId') as pipeline_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataPipeline::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/datasync.yaml b/providers/src/awscc/v00.00.00000/services/datasync.yaml new file mode 100644 index 00000000..d23c4148 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/datasync.yaml @@ -0,0 +1,2622 @@ +openapi: 3.0.0 +info: + title: DataSync + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + additionalProperties: false + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: The key for an AWS resource tag. + pattern: ^[a-zA-Z0-9\s+=._:/-]+$ + maxLength: 256 + minLength: 1 + Value: + type: string + description: The value for an AWS resource tag. + pattern: ^[a-zA-Z0-9\s+=._:@/-]+$ + maxLength: 256 + minLength: 1 + required: + - Key + - Value + Agent: + type: object + properties: + AgentName: + description: The name configured for the agent. Text reference used to identify the agent in the console. + type: string + pattern: ^[a-zA-Z0-9\s+=._:@/-]+$ + maxLength: 256 + minLength: 1 + ActivationKey: + description: Activation key of the Agent. + type: string + pattern: '[A-Z0-9]{5}(-[A-Z0-9]{5}){4}' + maxLength: 29 + SecurityGroupArns: + description: The ARNs of the security group used to protect your data transfer task subnets. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/.*$ + maxLength: 128 + SubnetArns: + description: The ARNs of the subnets in which DataSync will create elastic network interfaces for each data transfer task. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:subnet/.*$ + maxLength: 128 + VpcEndpointId: + description: The ID of the VPC endpoint that the agent has access to. + type: string + pattern: ^vpce-[0-9a-f]{17}$ + EndpointType: + description: The service endpoints that the agent will connect to. + type: string + enum: + - FIPS + - PUBLIC + - PRIVATE_LINK + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AgentArn: + description: The DataSync Agent ARN. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:agent/agent-[0-9a-z]{17}$ + maxLength: 128 + required: [] + x-stackql-resource-name: agent + x-stackql-primaryIdentifier: + - AgentArn + x-create-only-properties: + - ActivationKey + - SecurityGroupArns + - SubnetArns + - VpcEndpointId + x-read-only-properties: + - AgentArn + - EndpointType + x-required-permissions: + create: + - datasync:CreateAgent + - datasync:TagResource + - datasync:DescribeAgent + - datasync:ListTagsForResource + - ec2:DescribeNetworkInterfaces + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcEndpoints + read: + - datasync:DescribeAgent + - datasync:ListTagsForResource + update: + - datasync:UpdateAgent + - datasync:DescribeAgent + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteAgent + list: + - datasync:ListAgents + AzureBlobSasConfiguration: + additionalProperties: false + description: Specifies the shared access signature (SAS) that DataSync uses to access your Azure Blob Storage container. + type: object + properties: + AzureBlobSasToken: + description: Specifies the shared access signature (SAS) token, which indicates the permissions DataSync needs to access your Azure Blob Storage container. + type: string + pattern: (^.+$) + minLength: 1 + maxLength: 255 + required: + - AzureBlobSasToken + LocationAzureBlob: + type: object + properties: + AgentArns: + description: The Amazon Resource Names (ARNs) of agents to use for an Azure Blob Location. + type: array + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:agent/agent-[0-9a-z]{17}$ + maxLength: 128 + minItems: 1 + maxItems: 4 + x-insertionOrder: false + AzureBlobAuthenticationType: + description: The specific authentication type that you want DataSync to use to access your Azure Blob Container. + type: string + enum: + - SAS + default: SAS + AzureBlobSasConfiguration: + $ref: '#/components/schemas/AzureBlobSasConfiguration' + AzureBlobContainerUrl: + description: The URL of the Azure Blob container that was described. + type: string + pattern: ^https://[A-Za-z0-9]((.|-+)?[A-Za-z0-9]){0,252}/[a-z0-9](-?[a-z0-9]){2,62}$ + maxLength: 325 + AzureBlobType: + description: Specifies a blob type for the objects you're transferring into your Azure Blob Storage container. + type: string + enum: + - BLOCK + default: BLOCK + AzureAccessTier: + description: Specifies an access tier for the objects you're transferring into your Azure Blob Storage container. + type: string + enum: + - HOT + - COOL + - ARCHIVE + default: HOT + Subdirectory: + description: The subdirectory in the Azure Blob Container that is used to read data from the Azure Blob Source Location. + type: string + maxLength: 1024 + pattern: ^[\p{L}\p{M}\p{Z}\p{S}\p{N}\p{P}\p{C}]*$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the Azure Blob Location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the Azure Blob Location that was described. + type: string + pattern: ^(azure-blob)://[a-zA-Z0-9./\-]+$ + maxLength: 4356 + required: + - AzureBlobAuthenticationType + - AgentArns + x-stackql-resource-name: location_azure_blob + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - AzureBlobContainerUrl + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationAzureBlob + - datasync:DescribeLocationAzureBlob + - datasync:TagResource + - datasync:ListTagsForResource + read: + - datasync:DescribeLocationAzureBlob + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationAzureBlob + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + - datasync:UpdateLocationAzureBlob + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + Ec2Config: + additionalProperties: false + description: The subnet and security group that DataSync uses to access target EFS file system. + type: object + properties: + SecurityGroupArns: + description: The Amazon Resource Names (ARNs) of the security groups that are configured for the Amazon EC2 resource. + type: array + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/.*$ + maxLength: 128 + minItems: 1 + maxItems: 5 + x-insertionOrder: false + SubnetArn: + description: The ARN of the subnet that DataSync uses to access the target EFS file system. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:subnet/.*$ + maxLength: 128 + required: + - SecurityGroupArns + - SubnetArn + LocationEFS: + type: object + properties: + Ec2Config: + $ref: '#/components/schemas/Ec2Config' + EfsFilesystemArn: + description: The Amazon Resource Name (ARN) for the Amazon EFS file system. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):elasticfilesystem:[a-z\-0-9]*:[0-9]{12}:file-system/fs-.*$ + maxLength: 128 + AccessPointArn: + description: The Amazon Resource Name (ARN) for the Amazon EFS Access point that DataSync uses when accessing the EFS file system. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):elasticfilesystem:[a-z\-0-9]+:[0-9]{12}:access-point/fsap-[0-9a-f]{8,40}$ + maxLength: 128 + FileSystemAccessRoleArn: + description: The Amazon Resource Name (ARN) of the AWS IAM role that the DataSync will assume when mounting the EFS file system. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*$ + maxLength: 128 + InTransitEncryption: + description: Protocol that is used for encrypting the traffic exchanged between the DataSync Agent and the EFS file system. + type: string + enum: + - NONE + - TLS1_2 + Subdirectory: + description: A subdirectory in the location's path. This subdirectory in the EFS file system is used to read data from the EFS source location or write data to the EFS destination. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the Amazon EFS file system location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the EFS location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw)://[a-zA-Z0-9.\-/]+$ + maxLength: 4356 + required: + - Ec2Config + x-stackql-resource-name: location_efs + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - Ec2Config + - EfsFilesystemArn + - Subdirectory + - FileSystemAccessRoleArn + - InTransitEncryption + - AccessPointArn + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationEfs + - datasync:DescribeLocationEfs + - datasync:ListTagsForResource + - datasync:TagResource + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:DescribeMountTargets + - elasticfilesystem:DescribeAccessPoints + - iam:PassRole + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + read: + - datasync:DescribeLocationEfs + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationEfs + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + LocationFSxLustre: + type: object + properties: + FsxFilesystemArn: + description: The Amazon Resource Name (ARN) for the FSx for Lustre file system. + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):fsx:[a-z\-0-9]+:[0-9]{12}:file-system/fs-[0-9a-f]+$ + SecurityGroupArns: + description: The ARNs of the security groups that are to use to configure the FSx for Lustre file system. + type: array + items: + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/sg-[a-f0-9]+$ + maxItems: 5 + minItems: 1 + x-insertionOrder: false + Subdirectory: + description: A subdirectory in the location's path. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + minItems: 0 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the Amazon FSx for Lustre file system location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the FSx for Lustre location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw|hdfs|fsxl)://[a-zA-Z0-9.:/\-]+$ + maxLength: 4356 + required: + - SecurityGroupArns + x-stackql-resource-name: locationf_sx_lustre + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - FsxFilesystemArn + - SecurityGroupArns + - Subdirectory + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationFsxLustre + - datasync:DescribeLocationFsxLustre + - datasync:ListTagsForResource + - datasync:TagResource + - fsx:DescribeFileSystems + - ec2:DescribeNetworkInterfaces + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + read: + - datasync:DescribeLocationFsxLustre + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationFsxLustre + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + Protocol: + additionalProperties: false + description: Configuration settings for an NFS or SMB protocol, currently only support NFS + type: object + properties: + NFS: + $ref: '#/components/schemas/NFS' + NFS: + additionalProperties: false + description: FSx OpenZFS file system NFS protocol information + type: object + properties: + MountOptions: + $ref: '#/components/schemas/MountOptions' + required: + - MountOptions + SMB: + additionalProperties: false + description: SMB protocol configuration for FSx ONTAP file system. + type: object + properties: + MountOptions: + $ref: '#/components/schemas/SmbMountOptions' + Domain: + description: The name of the Windows domain that the SMB server belongs to. + type: string + maxLength: 253 + pattern: ^([A-Za-z0-9]+[A-Za-z0-9-.]*)*[A-Za-z0-9-]*[A-Za-z0-9]$ + Password: + description: The password of the user who can mount the share and has the permissions to access files and folders in the SMB share. + type: string + maxLength: 104 + pattern: ^.{0,104}$ + User: + description: The user who can mount the share, has the permissions to access files and folders in the SMB share. + type: string + maxLength: 104 + pattern: ^[^\x5B\x5D\\/:;|=,+*?]{1,104}$ + required: + - User + - Password + - MountOptions + NfsMountOptions: + additionalProperties: false + description: The NFS mount options that DataSync can use to mount your NFS share. + type: object + properties: + Version: + description: The specific NFS version that you want DataSync to use to mount your NFS share. + type: string + enum: + - AUTOMATIC + - NFS3 + - NFS4_0 + - NFS4_1 + SmbMountOptions: + additionalProperties: false + description: The mount options used by DataSync to access the SMB server. + type: object + properties: + Version: + description: The specific SMB version that you want DataSync to use to mount your SMB share. + type: string + enum: + - AUTOMATIC + - SMB2 + - SMB3 + LocationFSxONTAP: + type: object + properties: + StorageVirtualMachineArn: + description: The Amazon Resource Name (ARN) for the FSx ONTAP SVM. + type: string + maxLength: 162 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):fsx:[a-z\-0-9]+:[0-9]{12}:storage-virtual-machine/fs-[0-9a-f]+/svm-[0-9a-f]{17,}$ + FsxFilesystemArn: + description: The Amazon Resource Name (ARN) for the FSx ONAP file system. + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):fsx:[a-z\-0-9]+:[0-9]{12}:file-system/fs-[0-9a-f]+$ + SecurityGroupArns: + description: The ARNs of the security groups that are to use to configure the FSx ONTAP file system. + type: array + items: + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/sg-[a-f0-9]+$ + maxItems: 5 + minItems: 1 + x-insertionOrder: false + Protocol: + $ref: '#/components/schemas/Protocol' + Subdirectory: + description: A subdirectory in the location's path. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + minItems: 0 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the Amazon FSx ONTAP file system location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the FSx ONTAP file system that was described. + type: string + pattern: ^(efs|nfs|s3|smb|hdfs|fsx[a-z0-9-]+)://[a-zA-Z0-9.:/\-]+$ + maxLength: 4360 + required: + - SecurityGroupArns + - StorageVirtualMachineArn + x-stackql-resource-name: locationf_sx_ontap + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - StorageVirtualMachineArn + - SecurityGroupArns + - Protocol + - Subdirectory + x-read-only-properties: + - LocationArn + - LocationUri + - FsxFilesystemArn + x-required-permissions: + create: + - datasync:CreateLocationFsxOntap + - datasync:DescribeLocationFsxOntap + - datasync:ListTagsForResource + - datasync:TagResource + - fsx:DescribeStorageVirtualMachines + - fsx:DescribeFileSystems + - ec2:DescribeNetworkInterfaces + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + read: + - datasync:DescribeLocationFsxOntap + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationFsxOntap + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + MountOptions: + additionalProperties: false + description: The mount options used by DataSync to access the SMB server. + type: object + properties: + Version: + description: The specific SMB version that you want DataSync to use to mount your SMB share. + type: string + enum: + - AUTOMATIC + - SMB1 + - SMB2_0 + - SMB2 + - SMB3 + LocationFSxOpenZFS: + type: object + properties: + FsxFilesystemArn: + description: The Amazon Resource Name (ARN) for the FSx OpenZFS file system. + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):fsx:[a-z\-0-9]+:[0-9]{12}:file-system/fs-[0-9a-f]+$ + SecurityGroupArns: + description: The ARNs of the security groups that are to use to configure the FSx OpenZFS file system. + type: array + items: + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/sg-[a-f0-9]+$ + maxItems: 5 + minItems: 1 + x-insertionOrder: false + Protocol: + $ref: '#/components/schemas/Protocol' + Subdirectory: + description: A subdirectory in the location's path. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + minItems: 0 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the Amazon FSx OpenZFS file system location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the FSx OpenZFS that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw|hdfs|fsxl|fsxz)://[a-zA-Z0-9.:/\-]+$ + maxLength: 4356 + required: + - SecurityGroupArns + - Protocol + x-stackql-resource-name: locationf_sx_open_zfs + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - FsxFilesystemArn + - SecurityGroupArns + - Protocol + - Subdirectory + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationFsxOpenZfs + - datasync:DescribeLocationFsxOpenZfs + - datasync:ListTagsForResource + - datasync:TagResource + - fsx:DescribeFileSystems + - ec2:DescribeNetworkInterfaces + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + read: + - datasync:DescribeLocationFsxOpenZfs + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationFsxOpenZfs + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + LocationFSxWindows: + type: object + properties: + Domain: + description: The name of the Windows domain that the FSx for Windows server belongs to. + type: string + maxLength: 253 + pattern: ^([A-Za-z0-9]+[A-Za-z0-9-.]*)*[A-Za-z0-9-]*[A-Za-z0-9]$ + FsxFilesystemArn: + description: The Amazon Resource Name (ARN) for the FSx for Windows file system. + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):fsx:[a-z\-0-9]*:[0-9]{12}:file-system/fs-.*$ + Password: + description: The password of the user who has the permissions to access files and folders in the FSx for Windows file system. + type: string + maxLength: 104 + pattern: ^.{0,104}$ + SecurityGroupArns: + description: The ARNs of the security groups that are to use to configure the FSx for Windows file system. + type: array + items: + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\-0-9]*:[0-9]{12}:security-group/.*$ + x-insertionOrder: false + Subdirectory: + description: A subdirectory in the location's path. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + User: + description: The user who has the permissions to access files and folders in the FSx for Windows file system. + type: string + maxLength: 104 + pattern: ^[^\x5B\x5D\\/:;|=,+*?]{1,104}$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the Amazon FSx for Windows file system location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the FSx for Windows location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw)://[a-zA-Z0-9./\-]+$ + maxLength: 4356 + required: + - User + - SecurityGroupArns + x-stackql-resource-name: locationf_sx_windows + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - Domain + - FsxFilesystemArn + - Password + - SecurityGroupArns + - Subdirectory + - User + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationFsxWindows + - datasync:DescribeLocationFsxWindows + - datasync:ListTagsForResource + - datasync:TagResource + - fsx:DescribeFileSystems + - ec2:DescribeNetworkInterfaces + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + read: + - datasync:DescribeLocationFsxWindows + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationFsxWindows + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + NameNode: + additionalProperties: false + description: HDFS Name Node IP and port information. + type: object + properties: + Hostname: + description: The DNS name or IP address of the Name Node in the customer's on premises HDFS cluster. + type: string + pattern: ^(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])$ + maxLength: 255 + Port: + description: The port on which the Name Node is listening on for client requests. + type: integer + minimum: 1 + maximum: 65536 + required: + - Hostname + - Port + QopConfiguration: + additionalProperties: false + description: Configuration information for RPC Protection and Data Transfer Protection. These parameters can be set to AUTHENTICATION, INTEGRITY, or PRIVACY. The default value is PRIVACY. + type: object + properties: + RpcProtection: + type: string + description: Configuration for RPC Protection. + enum: + - AUTHENTICATION + - INTEGRITY + - PRIVACY + - DISABLED + default: PRIVACY + DataTransferProtection: + type: string + description: Configuration for Data Transfer Protection. + enum: + - AUTHENTICATION + - INTEGRITY + - PRIVACY + - DISABLED + default: PRIVACY + LocationHDFS: + type: object + properties: + NameNodes: + description: An array of Name Node(s) of the HDFS location. + type: array + items: + $ref: '#/components/schemas/NameNode' + minItems: 1 + x-insertionOrder: false + BlockSize: + description: Size of chunks (blocks) in bytes that the data is divided into when stored in the HDFS cluster. + type: integer + format: int64 + minimum: 1048576 + maximum: 1073741824 + ReplicationFactor: + description: Number of copies of each block that exists inside the HDFS cluster. + type: integer + format: int64 + default: 3 + minimum: 1 + maximum: 512 + KmsKeyProviderUri: + description: The identifier for the Key Management Server where the encryption keys that encrypt data inside HDFS clusters are stored. + type: string + minLength: 1 + maxLength: 255 + pattern: ^kms:\/\/http[s]?@(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])(;(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9]))*:[0-9]{1,5}\/kms$ + QopConfiguration: + $ref: '#/components/schemas/QopConfiguration' + AuthenticationType: + description: The authentication mode used to determine identity of user. + type: string + enum: + - SIMPLE + - KERBEROS + SimpleUser: + description: The user name that has read and write permissions on the specified HDFS cluster. + type: string + pattern: ^[_.A-Za-z0-9][-_.A-Za-z0-9]*$ + minLength: 1 + maxLength: 256 + KerberosPrincipal: + description: The unique identity, or principal, to which Kerberos can assign tickets. + type: string + pattern: ^.+$ + minLength: 1 + maxLength: 256 + KerberosKeytab: + description: The Base64 string representation of the Keytab file. + type: string + maxLength: 87384 + KerberosKrb5Conf: + description: The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. + type: string + maxLength: 174764 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AgentArns: + description: ARN(s) of the agent(s) to use for an HDFS location. + type: array + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:agent/agent-[0-9a-z]{17}$ + maxLength: 128 + minItems: 1 + maxItems: 4 + x-insertionOrder: false + Subdirectory: + description: The subdirectory in HDFS that is used to read data from the HDFS source location or write data to the HDFS destination. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + LocationArn: + description: The Amazon Resource Name (ARN) of the HDFS location. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the HDFS location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw|hdfs)://[a-zA-Z0-9.:/\-]+$ + maxLength: 4356 + required: + - NameNodes + - AuthenticationType + - AgentArns + x-stackql-resource-name: location_hdfs + x-stackql-primaryIdentifier: + - LocationArn + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationHdfs + - datasync:DescribeLocationHdfs + - datasync:TagResource + - datasync:ListTagsForResource + read: + - datasync:DescribeLocationHdfs + - datasync:ListTagsForResource + update: + - datasync:UpdateLocationHdfs + - datasync:DescribeLocationHdfs + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + OnPremConfig: + additionalProperties: false + description: Contains a list of Amazon Resource Names (ARNs) of agents that are used to connect an NFS server. + type: object + properties: + AgentArns: + description: ARN(s) of the agent(s) to use for an NFS location. + type: array + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:agent/agent-[0-9a-z]{17}$ + maxLength: 128 + minItems: 1 + maxItems: 4 + x-insertionOrder: false + required: + - AgentArns + LocationNFS: + type: object + properties: + MountOptions: + $ref: '#/components/schemas/MountOptions' + default: + Version: AUTOMATIC + OnPremConfig: + $ref: '#/components/schemas/OnPremConfig' + ServerHostname: + description: The name of the NFS server. This value is the IP address or DNS name of the NFS server. + type: string + pattern: ^(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])$ + maxLength: 255 + Subdirectory: + description: The subdirectory in the NFS file system that is used to read data from the NFS source location or write data to the NFS destination. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the NFS location. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the NFS location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw)://[a-zA-Z0-9./\-]+$ + maxLength: 4356 + required: + - OnPremConfig + x-stackql-resource-name: location_nfs + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - ServerHostname + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationNfs + - datasync:DescribeLocationNfs + - datasync:ListTagsForResource + - datasync:TagResource + read: + - datasync:DescribeLocationNfs + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationNfs + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + - datasync:UpdateLocationNfs + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + LocationObjectStorage: + type: object + properties: + AccessKey: + description: Optional. The access key is used if credentials are required to access the self-managed object storage server. + type: string + minLength: 1 + maxLength: 200 + pattern: ^.+$ + AgentArns: + description: The Amazon Resource Name (ARN) of the agents associated with the self-managed object storage server location. + type: array + items: + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:agent/agent-[0-9a-z]{17}$ + minItems: 1 + maxItems: 4 + x-insertionOrder: false + BucketName: + description: The name of the bucket on the self-managed object storage server. + type: string + maxLength: 63 + minLength: 3 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + SecretKey: + description: Optional. The secret key is used if credentials are required to access the self-managed object storage server. + type: string + minLength: 8 + maxLength: 200 + pattern: ^.+$ + ServerCertificate: + description: X.509 PEM content containing a certificate authority or chain to trust. + type: string + maxLength: 32768 + ServerHostname: + description: The name of the self-managed object storage server. This value is the IP address or Domain Name Service (DNS) name of the object storage server. + type: string + maxLength: 255 + pattern: ^(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])$ + ServerPort: + description: The port that your self-managed server accepts inbound network traffic on. + type: integer + minimum: 1 + maximum: 65536 + ServerProtocol: + description: The protocol that the object storage server uses to communicate. + type: string + enum: + - HTTPS + - HTTP + Subdirectory: + description: The subdirectory in the self-managed object storage server that is used to read data from. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\p{Zs}]*$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the object storage location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw|object-storage)://[a-zA-Z0-9./\-]+$ + maxLength: 4356 + required: + - AgentArns + x-stackql-resource-name: location_object_storage + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - BucketName + - ServerHostname + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationObjectStorage + - datasync:DescribeLocationObjectStorage + - datasync:ListTagsForResource + - datasync:TagResource + read: + - datasync:DescribeLocationObjectStorage + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationObjectStorage + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + - datasync:UpdateLocationObjectStorage + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + S3Config: + additionalProperties: false + description: The Amazon Resource Name (ARN) of the AWS IAM role that is used to access an Amazon S3 bucket. + type: object + properties: + BucketAccessRoleArn: + description: The ARN of the IAM role of the Amazon S3 bucket. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*$ + maxLength: 2048 + required: + - BucketAccessRoleArn + LocationS3: + type: object + properties: + S3Config: + $ref: '#/components/schemas/S3Config' + S3BucketArn: + description: The Amazon Resource Name (ARN) of the Amazon S3 bucket. + type: string + maxLength: 156 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):s3:[a-z\-0-9]*:[0-9]*:.*$ + Subdirectory: + description: A subdirectory in the Amazon S3 bucket. This subdirectory in Amazon S3 is used to read data from the S3 source location or write data to the S3 destination. + type: string + maxLength: 1024 + pattern: ^[\p{L}\p{M}\p{Z}\p{S}\p{N}\p{P}\p{C}]*$ + S3StorageClass: + description: The Amazon S3 storage class you want to store your files in when this location is used as a task destination. + type: string + enum: + - STANDARD + - STANDARD_IA + - ONEZONE_IA + - INTELLIGENT_TIERING + - GLACIER + - GLACIER_INSTANT_RETRIEVAL + - DEEP_ARCHIVE + default: STANDARD + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the Amazon S3 bucket location. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the S3 location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw)://[a-zA-Z0-9.\-/]+$ + maxLength: 4356 + required: + - S3Config + x-stackql-resource-name: location_s3 + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - S3Config + - S3StorageClass + - Subdirectory + - S3BucketArn + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationS3 + - datasync:DescribeLocationS3 + - datasync:ListTagsForResource + - datasync:TagResource + - s3:ListAllMyBuckets + - s3:ListBucket + - iam:GetRole + - iam:PassRole + read: + - datasync:DescribeLocationS3 + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationS3 + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + LocationSMB: + type: object + properties: + AgentArns: + description: The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. + type: array + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:agent/agent-[0-9a-z]{17}$ + maxLength: 128 + minItems: 1 + maxItems: 4 + x-insertionOrder: false + Domain: + description: The name of the Windows domain that the SMB server belongs to. + type: string + maxLength: 253 + pattern: ^([A-Za-z0-9]+[A-Za-z0-9-.]*)*[A-Za-z0-9-]*[A-Za-z0-9]$ + MountOptions: + $ref: '#/components/schemas/MountOptions' + default: + Version: AUTOMATIC + Password: + description: The password of the user who can mount the share and has the permissions to access files and folders in the SMB share. + type: string + maxLength: 104 + pattern: ^.{0,104}$ + ServerHostname: + description: The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server. + type: string + maxLength: 255 + pattern: ^(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])$ + Subdirectory: + description: The subdirectory in the SMB file system that is used to read data from the SMB source location or write data to the SMB destination + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\$\p{Zs}]+$ + User: + description: The user who can mount the share, has the permissions to access files and folders in the SMB share. + type: string + maxLength: 104 + pattern: ^[^\x5B\x5D\\/:;|=,+*?]{1,104}$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LocationArn: + description: The Amazon Resource Name (ARN) of the SMB location that is created. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + maxLength: 128 + LocationUri: + description: The URL of the SMB location that was described. + type: string + pattern: ^(efs|nfs|s3|smb|fsxw)://[a-zA-Z0-9./\-]+$ + maxLength: 4356 + required: + - User + - AgentArns + x-stackql-resource-name: location_smb + x-stackql-primaryIdentifier: + - LocationArn + x-create-only-properties: + - ServerHostname + x-read-only-properties: + - LocationArn + - LocationUri + x-required-permissions: + create: + - datasync:CreateLocationSmb + - datasync:DescribeLocationSmb + - datasync:ListTagsForResource + - datasync:TagResource + read: + - datasync:DescribeLocationSmb + - datasync:ListTagsForResource + update: + - datasync:DescribeLocationSmb + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + - datasync:UpdateLocationSmb + delete: + - datasync:DeleteLocation + list: + - datasync:ListLocations + ServerConfiguration: + additionalProperties: false + description: The server name and network port required to connect with the management interface of the on-premises storage system. + type: object + properties: + ServerHostname: + type: string + description: The domain name or IP address of the storage system's management interface. + pattern: ^(([a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9\-]*[A-Za-z0-9])$ + maxLength: 255 + ServerPort: + type: integer + description: The network port needed to access the system's management interface + minimum: 1 + maximum: 65535 + required: + - ServerHostname + ServerCredentials: + additionalProperties: false + description: The username and password for accessing your on-premises storage system's management interface. + type: object + properties: + Username: + type: string + description: The username for your storage system's management interface. + maxLength: 1024 + Password: + type: string + description: The password for your storage system's management interface + maxLength: 1024 + required: + - Username + - Password + StorageSystem: + type: object + properties: + ServerConfiguration: + $ref: '#/components/schemas/ServerConfiguration' + ServerCredentials: + $ref: '#/components/schemas/ServerCredentials' + SecretsManagerArn: + description: The ARN of a secret stored by AWS Secrets Manager. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):secretsmanager:[a-z\-0-9]+:[0-9]{12}:secret:.* + maxLength: 2048 + SystemType: + description: The type of on-premises storage system that DataSync Discovery will analyze. + type: string + enum: + - NetAppONTAP + AgentArns: + description: The ARN of the DataSync agent that connects to and reads from the on-premises storage system's management interface. + type: array + items: + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:agent/agent-[0-9a-z]{17}$ + maxLength: 128 + minItems: 1 + maxItems: 1 + x-insertionOrder: false + CloudWatchLogGroupArn: + description: The ARN of the Amazon CloudWatch log group used to monitor and log discovery job events. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):logs:[a-z\-0-9]+:[0-9]{12}:log-group:([^:\*]*)(:\*)?$ + maxLength: 562 + Name: + description: A familiar name for the on-premises storage system. + type: string + pattern: ^[a-zA-Z0-9\s+=._:@/-]+$ + minLength: 1 + maxLength: 256 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + StorageSystemArn: + description: The ARN of the on-premises storage system added to DataSync Discovery. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:system/storage-system-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + maxLength: 128 + ConnectivityStatus: + description: Indicates whether the DataSync agent can access the on-premises storage system. + type: string + enum: + - PASS + - FAIL + - UNKNOWN + required: + - ServerConfiguration + - SystemType + - AgentArns + x-stackql-resource-name: storage_system + x-stackql-primaryIdentifier: + - StorageSystemArn + x-read-only-properties: + - StorageSystemArn + - ConnectivityStatus + - SecretsManagerArn + x-required-permissions: + create: + - datasync:AddStorageSystem + - datasync:DescribeStorageSystem + - datasync:ListTagsForResource + - datasync:TagResource + - secretsmanager:CreateSecret + - secretsmanager:DescribeSecret + - iam:CreateServiceLinkedRole + read: + - datasync:DescribeStorageSystem + - datasync:ListTagsForResource + - secretsmanager:DescribeSecret + update: + - datasync:UpdateStorageSystem + - datasync:DescribeStorageSystem + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + - secretsmanager:DescribeSecret + - secretsmanager:PutSecretValue + delete: + - datasync:DescribeStorageSystem + - datasync:RemoveStorageSystem + - secretsmanager:DescribeSecret + - secretsmanager:DeleteSecret + list: + - datasync:ListStorageSystems + FilterRule: + additionalProperties: false + description: Specifies which files folders and objects to include or exclude when transferring files from source to destination. + type: object + properties: + FilterType: + description: The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type. + type: string + enum: + - SIMPLE_PATTERN + pattern: ^[A-Z0-9_]+$ + maxLength: 128 + Value: + description: A single filter string that consists of the patterns to include or exclude. The patterns are delimited by "|". + type: string + pattern: ^[^\x00]+$ + maxLength: 409600 + TaskReportConfig: + additionalProperties: false + description: Specifies how you want to configure a task report, which provides detailed information about for your Datasync transfer. + type: object + properties: + Destination: + additionalProperties: false + description: Specifies where DataSync uploads your task report. + type: object + properties: + S3: + additionalProperties: false + description: Specifies the Amazon S3 bucket where DataSync uploads your task report. + type: object + properties: + Subdirectory: + description: Specifies a bucket prefix for your report. + type: string + maxLength: 4096 + pattern: ^[a-zA-Z0-9_\-\+\./\(\)\p{Zs}]*$ + BucketAccessRoleArn: + description: Specifies the Amazon Resource Name (ARN) of the IAM policy that allows Datasync to upload a task report to your S3 bucket. + type: string + maxLength: 2048 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*$ + S3BucketArn: + description: Specifies the ARN of the S3 bucket where Datasync uploads your report. + type: string + maxLength: 156 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):(s3|s3-outposts):[a-z\-0-9]*:[0-9]*:.*$ + OutputType: + description: Specifies the type of task report that you want. + type: string + enum: + - SUMMARY_ONLY + - STANDARD + ReportLevel: + description: Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. + type: string + enum: + - ERRORS_ONLY + - SUCCESSES_AND_ERRORS + ObjectVersionIds: + description: Specifies whether your task report includes the new version of each object transferred into an S3 bucket, this only applies if you enable versioning on your bucket. + type: string + enum: + - INCLUDE + - NONE + Overrides: + additionalProperties: false + description: Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that Datasync attempted to delete in your destination location. + type: object + properties: + Transferred: + additionalProperties: false + description: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to transfer. + type: object + properties: + ReportLevel: + description: Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. + type: string + enum: + - ERRORS_ONLY + - SUCCESSES_AND_ERRORS + Verified: + additionalProperties: false + description: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to verify at the end of your transfer. This only applies if you configure your task to verify data during and after the transfer (which Datasync does by default) + type: object + properties: + ReportLevel: + description: Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. + type: string + enum: + - ERRORS_ONLY + - SUCCESSES_AND_ERRORS + Deleted: + additionalProperties: false + description: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to delete in your destination location. This only applies if you configure your task to delete data in the destination that isn't in the source. + type: object + properties: + ReportLevel: + description: Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. + type: string + enum: + - ERRORS_ONLY + - SUCCESSES_AND_ERRORS + Skipped: + additionalProperties: false + description: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to skip during your transfer. + type: object + properties: + ReportLevel: + description: Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. + type: string + enum: + - ERRORS_ONLY + - SUCCESSES_AND_ERRORS + required: + - Destination + - OutputType + TaskSchedule: + additionalProperties: false + description: Specifies the schedule you want your task to use for repeated executions. + type: object + properties: + ScheduleExpression: + description: A cron expression that specifies when AWS DataSync initiates a scheduled transfer from a source to a destination location + type: string + maxLength: 256 + pattern: ^[a-zA-Z0-9\ \_\*\?\,\|\^\-\/\#\s\(\)\+]*$ + required: + - ScheduleExpression + Options: + additionalProperties: false + description: Represents the options that are available to control the behavior of a StartTaskExecution operation. + type: object + properties: + Atime: + description: A file metadata value that shows the last time a file was accessed (that is, when the file was read or written to). + type: string + enum: + - NONE + - BEST_EFFORT + BytesPerSecond: + description: A value that limits the bandwidth used by AWS DataSync. + type: integer + format: int64 + minimum: -1 + Gid: + description: The group ID (GID) of the file's owners. + type: string + enum: + - NONE + - INT_VALUE + - NAME + - BOTH + LogLevel: + description: A value that determines the types of logs that DataSync publishes to a log stream in the Amazon CloudWatch log group that you provide. + type: string + enum: + - 'OFF' + - BASIC + - TRANSFER + Mtime: + description: A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. + type: string + enum: + - NONE + - PRESERVE + OverwriteMode: + description: A value that determines whether files at the destination should be overwritten or preserved when copying files. + type: string + enum: + - ALWAYS + - NEVER + PosixPermissions: + description: A value that determines which users or groups can access a file for a specific purpose such as reading, writing, or execution of the file. + type: string + enum: + - NONE + - PRESERVE + PreserveDeletedFiles: + description: A value that specifies whether files in the destination that don't exist in the source file system should be preserved. + type: string + enum: + - PRESERVE + - REMOVE + PreserveDevices: + description: A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and recreate the files with that device name and metadata on the destination. + type: string + enum: + - NONE + - PRESERVE + SecurityDescriptorCopyFlags: + description: A value that determines which components of the SMB security descriptor are copied during transfer. + type: string + enum: + - NONE + - OWNER_DACL + - OWNER_DACL_SACL + TaskQueueing: + description: A value that determines whether tasks should be queued before executing the tasks. + type: string + enum: + - ENABLED + - DISABLED + TransferMode: + description: A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing to the destination location. + type: string + enum: + - CHANGED + - ALL + Uid: + description: The user ID (UID) of the file's owner. + type: string + enum: + - NONE + - INT_VALUE + - NAME + - BOTH + VerifyMode: + description: A value that determines whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. + type: string + enum: + - POINT_IN_TIME_CONSISTENT + - ONLY_FILES_TRANSFERRED + - NONE + ObjectTags: + description: A value that determines whether object tags should be read from the source object store and written to the destination object store. + type: string + enum: + - PRESERVE + - NONE + SourceNetworkInterfaceArns: + description: The Amazon Resource Names (ARNs) of the source ENIs (Elastic Network Interfaces) that were created for your subnet. + type: array + items: + type: string + pattern: ^arn:aws[\-a-z]{0,}:ec2:[a-z\-0-9]*:[0-9]{12}:network-interface/eni-[0-9a-f]+$ + maxItems: 128 + x-insertionOrder: false + DestinationNetworkInterfaceArns: + description: The Amazon Resource Names (ARNs) of the destination ENIs (Elastic Network Interfaces) that were created for your subnet. + type: array + items: + type: string + pattern: ^arn:aws[\-a-z]{0,}:ec2:[a-z\-0-9]*:[0-9]{12}:network-interface/eni-[0-9a-f]+$ + maxItems: 128 + x-insertionOrder: false + Task: + type: object + properties: + Excludes: + type: array + minItems: 0 + maxItems: 1 + items: + $ref: '#/components/schemas/FilterRule' + x-insertionOrder: false + Includes: + type: array + minItems: 0 + maxItems: 1 + items: + $ref: '#/components/schemas/FilterRule' + x-insertionOrder: false + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + CloudWatchLogGroupArn: + description: The ARN of the Amazon CloudWatch log group that is used to monitor and log events in the task. + type: string + maxLength: 562 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):logs:[a-z\-0-9]*:[0-9]{12}:log-group:([^:\*]*)(:\*)?$ + DestinationLocationArn: + description: The ARN of an AWS storage resource's location. + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + Name: + description: The name of a task. This value is a text reference that is used to identify the task in the console. + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9\s+=._:@/-]+$ + Options: + $ref: '#/components/schemas/Options' + TaskReportConfig: + $ref: '#/components/schemas/TaskReportConfig' + Schedule: + $ref: '#/components/schemas/TaskSchedule' + SourceLocationArn: + description: The ARN of the source location for the task. + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]+:[0-9]{12}:location/loc-[0-9a-z]{17}$ + TaskArn: + description: The ARN of the task. + type: string + maxLength: 128 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):datasync:[a-z\-0-9]*:[0-9]{12}:task/task-[0-9a-f]{17}$ + Status: + description: The status of the task that was described. + type: string + enum: + - AVAILABLE + - CREATING + - QUEUED + - RUNNING + - UNAVAILABLE + SourceNetworkInterfaceArns: + $ref: '#/components/schemas/SourceNetworkInterfaceArns' + DestinationNetworkInterfaceArns: + $ref: '#/components/schemas/DestinationNetworkInterfaceArns' + required: + - DestinationLocationArn + - SourceLocationArn + x-stackql-resource-name: task + x-stackql-primaryIdentifier: + - TaskArn + x-create-only-properties: + - DestinationLocationArn + - SourceLocationArn + x-read-only-properties: + - TaskArn + - Status + - SourceNetworkInterfaceArns + - DestinationNetworkInterfaceArns + x-required-permissions: + create: + - datasync:CreateTask + - datasync:DescribeTask + - datasync:ListTagsForResource + - datasync:TagResource + - s3:ListAllMyBuckets + - s3:ListBucket + - ec2:DescribeNetworkInterfaces + - ec2:CreateNetworkInterface + - ec2:DeleteNetworkInterface + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:CreateNetworkInterfacePermission + - fsx:DescribeFileSystems + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:DescribeMountTargets + - logs:DescribeLogGroups + - iam:GetRole + - iam:PassRole + - iam:AssumeRole + read: + - datasync:DescribeTask + - datasync:ListTagsForResource + update: + - datasync:UpdateTask + - datasync:DescribeTask + - datasync:ListTagsForResource + - datasync:TagResource + - datasync:UntagResource + - logs:DescribeLogGroups + - iam:PassRole + delete: + - datasync:DeleteTask + - ec2:DescribeNetworkInterfaces + - ec2:DeleteNetworkInterface + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - fsx:DescribeFileSystems + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:DescribeMountTargets + - iam:GetRole + list: + - datasync:ListTasks + x-stackQL-resources: + agents: + name: agents + id: awscc.datasync.agents + x-cfn-schema-name: Agent + x-type: list + x-identifiers: + - AgentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AgentArn') as agent_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::Agent' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AgentArn') as agent_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::Agent' + AND region = 'us-east-1' + agent: + name: agent + id: awscc.datasync.agent + x-cfn-schema-name: Agent + x-type: get + x-identifiers: + - AgentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AgentName') as agent_name, + JSON_EXTRACT(Properties, '$.ActivationKey') as activation_key, + JSON_EXTRACT(Properties, '$.SecurityGroupArns') as security_group_arns, + JSON_EXTRACT(Properties, '$.SubnetArns') as subnet_arns, + JSON_EXTRACT(Properties, '$.VpcEndpointId') as vpc_endpoint_id, + JSON_EXTRACT(Properties, '$.EndpointType') as endpoint_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AgentArn') as agent_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::Agent' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AgentName') as agent_name, + json_extract_path_text(Properties, 'ActivationKey') as activation_key, + json_extract_path_text(Properties, 'SecurityGroupArns') as security_group_arns, + json_extract_path_text(Properties, 'SubnetArns') as subnet_arns, + json_extract_path_text(Properties, 'VpcEndpointId') as vpc_endpoint_id, + json_extract_path_text(Properties, 'EndpointType') as endpoint_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AgentArn') as agent_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::Agent' + AND data__Identifier = '' + AND region = 'us-east-1' + location_azure_blobs: + name: location_azure_blobs + id: awscc.datasync.location_azure_blobs + x-cfn-schema-name: LocationAzureBlob + x-type: list + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationAzureBlob' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationAzureBlob' + AND region = 'us-east-1' + location_azure_blob: + name: location_azure_blob + id: awscc.datasync.location_azure_blob + x-cfn-schema-name: LocationAzureBlob + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AgentArns') as agent_arns, + JSON_EXTRACT(Properties, '$.AzureBlobAuthenticationType') as azure_blob_authentication_type, + JSON_EXTRACT(Properties, '$.AzureBlobSasConfiguration') as azure_blob_sas_configuration, + JSON_EXTRACT(Properties, '$.AzureBlobContainerUrl') as azure_blob_container_url, + JSON_EXTRACT(Properties, '$.AzureBlobType') as azure_blob_type, + JSON_EXTRACT(Properties, '$.AzureAccessTier') as azure_access_tier, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationAzureBlob' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AgentArns') as agent_arns, + json_extract_path_text(Properties, 'AzureBlobAuthenticationType') as azure_blob_authentication_type, + json_extract_path_text(Properties, 'AzureBlobSasConfiguration') as azure_blob_sas_configuration, + json_extract_path_text(Properties, 'AzureBlobContainerUrl') as azure_blob_container_url, + json_extract_path_text(Properties, 'AzureBlobType') as azure_blob_type, + json_extract_path_text(Properties, 'AzureAccessTier') as azure_access_tier, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationAzureBlob' + AND data__Identifier = '' + AND region = 'us-east-1' + location_efs: + name: location_efs + id: awscc.datasync.location_efs + x-cfn-schema-name: LocationEFS + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Ec2Config') as ec2_config, + JSON_EXTRACT(Properties, '$.EfsFilesystemArn') as efs_filesystem_arn, + JSON_EXTRACT(Properties, '$.AccessPointArn') as access_point_arn, + JSON_EXTRACT(Properties, '$.FileSystemAccessRoleArn') as file_system_access_role_arn, + JSON_EXTRACT(Properties, '$.InTransitEncryption') as in_transit_encryption, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationEFS' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Ec2Config') as ec2_config, + json_extract_path_text(Properties, 'EfsFilesystemArn') as efs_filesystem_arn, + json_extract_path_text(Properties, 'AccessPointArn') as access_point_arn, + json_extract_path_text(Properties, 'FileSystemAccessRoleArn') as file_system_access_role_arn, + json_extract_path_text(Properties, 'InTransitEncryption') as in_transit_encryption, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationEFS' + AND data__Identifier = '' + AND region = 'us-east-1' + locationf_sx_lustres: + name: locationf_sx_lustres + id: awscc.datasync.locationf_sx_lustres + x-cfn-schema-name: LocationFSxLustre + x-type: list + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationFSxLustre' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationFSxLustre' + AND region = 'us-east-1' + locationf_sx_lustre: + name: locationf_sx_lustre + id: awscc.datasync.locationf_sx_lustre + x-cfn-schema-name: LocationFSxLustre + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FsxFilesystemArn') as fsx_filesystem_arn, + JSON_EXTRACT(Properties, '$.SecurityGroupArns') as security_group_arns, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxLustre' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FsxFilesystemArn') as fsx_filesystem_arn, + json_extract_path_text(Properties, 'SecurityGroupArns') as security_group_arns, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxLustre' + AND data__Identifier = '' + AND region = 'us-east-1' + locationf_sx_ontaps: + name: locationf_sx_ontaps + id: awscc.datasync.locationf_sx_ontaps + x-cfn-schema-name: LocationFSxONTAP + x-type: list + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationFSxONTAP' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationFSxONTAP' + AND region = 'us-east-1' + locationf_sx_ontap: + name: locationf_sx_ontap + id: awscc.datasync.locationf_sx_ontap + x-cfn-schema-name: LocationFSxONTAP + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StorageVirtualMachineArn') as storage_virtual_machine_arn, + JSON_EXTRACT(Properties, '$.FsxFilesystemArn') as fsx_filesystem_arn, + JSON_EXTRACT(Properties, '$.SecurityGroupArns') as security_group_arns, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxONTAP' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StorageVirtualMachineArn') as storage_virtual_machine_arn, + json_extract_path_text(Properties, 'FsxFilesystemArn') as fsx_filesystem_arn, + json_extract_path_text(Properties, 'SecurityGroupArns') as security_group_arns, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxONTAP' + AND data__Identifier = '' + AND region = 'us-east-1' + locationf_sx_open_zfs: + name: locationf_sx_open_zfs + id: awscc.datasync.locationf_sx_open_zfs + x-cfn-schema-name: LocationFSxOpenZFS + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FsxFilesystemArn') as fsx_filesystem_arn, + JSON_EXTRACT(Properties, '$.SecurityGroupArns') as security_group_arns, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxOpenZFS' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FsxFilesystemArn') as fsx_filesystem_arn, + json_extract_path_text(Properties, 'SecurityGroupArns') as security_group_arns, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxOpenZFS' + AND data__Identifier = '' + AND region = 'us-east-1' + locationf_sx_windows: + name: locationf_sx_windows + id: awscc.datasync.locationf_sx_windows + x-cfn-schema-name: LocationFSxWindows + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.FsxFilesystemArn') as fsx_filesystem_arn, + JSON_EXTRACT(Properties, '$.Password') as password, + JSON_EXTRACT(Properties, '$.SecurityGroupArns') as security_group_arns, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.User') as user, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxWindows' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'FsxFilesystemArn') as fsx_filesystem_arn, + json_extract_path_text(Properties, 'Password') as password, + json_extract_path_text(Properties, 'SecurityGroupArns') as security_group_arns, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'User') as user, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationFSxWindows' + AND data__Identifier = '' + AND region = 'us-east-1' + location_hdfs: + name: location_hdfs + id: awscc.datasync.location_hdfs + x-cfn-schema-name: LocationHDFS + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.NameNodes') as name_nodes, + JSON_EXTRACT(Properties, '$.BlockSize') as block_size, + JSON_EXTRACT(Properties, '$.ReplicationFactor') as replication_factor, + JSON_EXTRACT(Properties, '$.KmsKeyProviderUri') as kms_key_provider_uri, + JSON_EXTRACT(Properties, '$.QopConfiguration') as qop_configuration, + JSON_EXTRACT(Properties, '$.AuthenticationType') as authentication_type, + JSON_EXTRACT(Properties, '$.SimpleUser') as simple_user, + JSON_EXTRACT(Properties, '$.KerberosPrincipal') as kerberos_principal, + JSON_EXTRACT(Properties, '$.KerberosKeytab') as kerberos_keytab, + JSON_EXTRACT(Properties, '$.KerberosKrb5Conf') as kerberos_krb5_conf, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AgentArns') as agent_arns, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationHDFS' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'NameNodes') as name_nodes, + json_extract_path_text(Properties, 'BlockSize') as block_size, + json_extract_path_text(Properties, 'ReplicationFactor') as replication_factor, + json_extract_path_text(Properties, 'KmsKeyProviderUri') as kms_key_provider_uri, + json_extract_path_text(Properties, 'QopConfiguration') as qop_configuration, + json_extract_path_text(Properties, 'AuthenticationType') as authentication_type, + json_extract_path_text(Properties, 'SimpleUser') as simple_user, + json_extract_path_text(Properties, 'KerberosPrincipal') as kerberos_principal, + json_extract_path_text(Properties, 'KerberosKeytab') as kerberos_keytab, + json_extract_path_text(Properties, 'KerberosKrb5Conf') as kerberos_krb5_conf, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AgentArns') as agent_arns, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationHDFS' + AND data__Identifier = '' + AND region = 'us-east-1' + location_nfs: + name: location_nfs + id: awscc.datasync.location_nfs + x-cfn-schema-name: LocationNFS + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MountOptions') as mount_options, + JSON_EXTRACT(Properties, '$.OnPremConfig') as on_prem_config, + JSON_EXTRACT(Properties, '$.ServerHostname') as server_hostname, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationNFS' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MountOptions') as mount_options, + json_extract_path_text(Properties, 'OnPremConfig') as on_prem_config, + json_extract_path_text(Properties, 'ServerHostname') as server_hostname, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationNFS' + AND data__Identifier = '' + AND region = 'us-east-1' + location_object_storages: + name: location_object_storages + id: awscc.datasync.location_object_storages + x-cfn-schema-name: LocationObjectStorage + x-type: list + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationObjectStorage' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationObjectStorage' + AND region = 'us-east-1' + location_object_storage: + name: location_object_storage + id: awscc.datasync.location_object_storage + x-cfn-schema-name: LocationObjectStorage + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessKey') as access_key, + JSON_EXTRACT(Properties, '$.AgentArns') as agent_arns, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name, + JSON_EXTRACT(Properties, '$.SecretKey') as secret_key, + JSON_EXTRACT(Properties, '$.ServerCertificate') as server_certificate, + JSON_EXTRACT(Properties, '$.ServerHostname') as server_hostname, + JSON_EXTRACT(Properties, '$.ServerPort') as server_port, + JSON_EXTRACT(Properties, '$.ServerProtocol') as server_protocol, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationObjectStorage' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessKey') as access_key, + json_extract_path_text(Properties, 'AgentArns') as agent_arns, + json_extract_path_text(Properties, 'BucketName') as bucket_name, + json_extract_path_text(Properties, 'SecretKey') as secret_key, + json_extract_path_text(Properties, 'ServerCertificate') as server_certificate, + json_extract_path_text(Properties, 'ServerHostname') as server_hostname, + json_extract_path_text(Properties, 'ServerPort') as server_port, + json_extract_path_text(Properties, 'ServerProtocol') as server_protocol, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationObjectStorage' + AND data__Identifier = '' + AND region = 'us-east-1' + location_s3s: + name: location_s3s + id: awscc.datasync.location_s3s + x-cfn-schema-name: LocationS3 + x-type: list + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationS3' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationS3' + AND region = 'us-east-1' + location_s3: + name: location_s3 + id: awscc.datasync.location_s3 + x-cfn-schema-name: LocationS3 + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.S3Config') as s3_config, + JSON_EXTRACT(Properties, '$.S3BucketArn') as s3_bucket_arn, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.S3StorageClass') as s3_storage_class, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationS3' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'S3Config') as s3_config, + json_extract_path_text(Properties, 'S3BucketArn') as s3_bucket_arn, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'S3StorageClass') as s3_storage_class, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationS3' + AND data__Identifier = '' + AND region = 'us-east-1' + location_smbs: + name: location_smbs + id: awscc.datasync.location_smbs + x-cfn-schema-name: LocationSMB + x-type: list + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationSMB' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationArn') as location_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::LocationSMB' + AND region = 'us-east-1' + location_smb: + name: location_smb + id: awscc.datasync.location_smb + x-cfn-schema-name: LocationSMB + x-type: get + x-identifiers: + - LocationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AgentArns') as agent_arns, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.MountOptions') as mount_options, + JSON_EXTRACT(Properties, '$.Password') as password, + JSON_EXTRACT(Properties, '$.ServerHostname') as server_hostname, + JSON_EXTRACT(Properties, '$.Subdirectory') as subdirectory, + JSON_EXTRACT(Properties, '$.User') as user, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationSMB' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AgentArns') as agent_arns, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'MountOptions') as mount_options, + json_extract_path_text(Properties, 'Password') as password, + json_extract_path_text(Properties, 'ServerHostname') as server_hostname, + json_extract_path_text(Properties, 'Subdirectory') as subdirectory, + json_extract_path_text(Properties, 'User') as user, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'LocationUri') as location_uri + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::LocationSMB' + AND data__Identifier = '' + AND region = 'us-east-1' + storage_systems: + name: storage_systems + id: awscc.datasync.storage_systems + x-cfn-schema-name: StorageSystem + x-type: list + x-identifiers: + - StorageSystemArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StorageSystemArn') as storage_system_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::StorageSystem' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StorageSystemArn') as storage_system_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::StorageSystem' + AND region = 'us-east-1' + storage_system: + name: storage_system + id: awscc.datasync.storage_system + x-cfn-schema-name: StorageSystem + x-type: get + x-identifiers: + - StorageSystemArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServerConfiguration') as server_configuration, + JSON_EXTRACT(Properties, '$.ServerCredentials') as server_credentials, + JSON_EXTRACT(Properties, '$.SecretsManagerArn') as secrets_manager_arn, + JSON_EXTRACT(Properties, '$.SystemType') as system_type, + JSON_EXTRACT(Properties, '$.AgentArns') as agent_arns, + JSON_EXTRACT(Properties, '$.CloudWatchLogGroupArn') as cloud_watch_log_group_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.StorageSystemArn') as storage_system_arn, + JSON_EXTRACT(Properties, '$.ConnectivityStatus') as connectivity_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::StorageSystem' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServerConfiguration') as server_configuration, + json_extract_path_text(Properties, 'ServerCredentials') as server_credentials, + json_extract_path_text(Properties, 'SecretsManagerArn') as secrets_manager_arn, + json_extract_path_text(Properties, 'SystemType') as system_type, + json_extract_path_text(Properties, 'AgentArns') as agent_arns, + json_extract_path_text(Properties, 'CloudWatchLogGroupArn') as cloud_watch_log_group_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'StorageSystemArn') as storage_system_arn, + json_extract_path_text(Properties, 'ConnectivityStatus') as connectivity_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::StorageSystem' + AND data__Identifier = '' + AND region = 'us-east-1' + tasks: + name: tasks + id: awscc.datasync.tasks + x-cfn-schema-name: Task + x-type: list + x-identifiers: + - TaskArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TaskArn') as task_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::Task' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TaskArn') as task_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataSync::Task' + AND region = 'us-east-1' + task: + name: task + id: awscc.datasync.task + x-cfn-schema-name: Task + x-type: get + x-identifiers: + - TaskArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Excludes') as excludes, + JSON_EXTRACT(Properties, '$.Includes') as includes, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CloudWatchLogGroupArn') as cloud_watch_log_group_arn, + JSON_EXTRACT(Properties, '$.DestinationLocationArn') as destination_location_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Options') as options, + JSON_EXTRACT(Properties, '$.TaskReportConfig') as task_report_config, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.SourceLocationArn') as source_location_arn, + JSON_EXTRACT(Properties, '$.TaskArn') as task_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.SourceNetworkInterfaceArns') as source_network_interface_arns, + JSON_EXTRACT(Properties, '$.DestinationNetworkInterfaceArns') as destination_network_interface_arns + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::Task' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Excludes') as excludes, + json_extract_path_text(Properties, 'Includes') as includes, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CloudWatchLogGroupArn') as cloud_watch_log_group_arn, + json_extract_path_text(Properties, 'DestinationLocationArn') as destination_location_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Options') as options, + json_extract_path_text(Properties, 'TaskReportConfig') as task_report_config, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'SourceLocationArn') as source_location_arn, + json_extract_path_text(Properties, 'TaskArn') as task_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'SourceNetworkInterfaceArns') as source_network_interface_arns, + json_extract_path_text(Properties, 'DestinationNetworkInterfaceArns') as destination_network_interface_arns + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataSync::Task' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/datazone.yaml b/providers/src/awscc/v00.00.00000/services/datazone.yaml new file mode 100644 index 00000000..c5ef0d92 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/datazone.yaml @@ -0,0 +1,1678 @@ +openapi: 3.0.0 +info: + title: DataZone + version: 1.0.0 +paths: {} +components: + schemas: + AccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^\d{12}$ + DataAccessRole: + type: string + description: The data access role included in the configuration details of the AWS Glue data source. + pattern: ^arn:aws[^:]*:iam::\d{12}:(role|role/service-role)/[\w+=,.@-]{1,128}$ + DataSourceConfigurationInput: + description: Specifies the configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration. + oneOf: + - type: object + title: GlueRunConfiguration + properties: + GlueRunConfiguration: + $ref: '#/components/schemas/GlueRunConfigurationInput' + additionalProperties: false + - type: object + title: RedshiftRunConfiguration + properties: + RedshiftRunConfiguration: + $ref: '#/components/schemas/RedshiftRunConfigurationInput' + additionalProperties: false + DataSourceStatus: + type: string + description: The status of the data source. + enum: + - CREATING + - FAILED_CREATION + - READY + - UPDATING + - FAILED_UPDATE + - RUNNING + - DELETING + - FAILED_DELETION + EnableSetting: + type: string + description: Specifies whether the data source is enabled. + enum: + - ENABLED + - DISABLED + FilterExpression: + type: object + description: The search filter expression. + properties: + Type: + $ref: '#/components/schemas/FilterExpressionType' + Expression: + type: string + maxLength: 2048 + minLength: 1 + required: + - Expression + - Type + additionalProperties: false + FilterExpressionType: + type: string + description: The search filter expression type. + enum: + - INCLUDE + - EXCLUDE + FormName: + type: string + description: The name of the metadata form. + maxLength: 128 + minLength: 1 + pattern: ^(?![0-9_])\w+$|^_\w*[a-zA-Z0-9]\w*$ + FormInput: + type: object + description: The details of a metadata form. + properties: + FormName: + description: The name of the metadata form. + $ref: '#/components/schemas/FormName' + TypeIdentifier: + type: string + description: The ID of the metadata form type. + maxLength: 385 + minLength: 1 + pattern: ^(?!\.)[\w\.]*\w$ + TypeRevision: + description: The revision of the metadata form type. + $ref: '#/components/schemas/TypeRevision' + Content: + type: string + description: The content of the metadata form. + maxLength: 75000 + required: + - FormName + additionalProperties: false + GlueRunConfigurationInput: + type: object + properties: + DataAccessRole: + description: The data access role included in the configuration details of the AWS Glue data source. + $ref: '#/components/schemas/DataAccessRole' + RelationalFilterConfigurations: + type: array + description: The relational filter configurations included in the configuration details of the AWS Glue data source. + items: + $ref: '#/components/schemas/RelationalFilterConfiguration' + x-insertionOrder: false + required: + - RelationalFilterConfigurations + additionalProperties: false + RecommendationConfiguration: + type: object + description: The recommendation to be updated as part of the UpdateDataSource action. + properties: + EnableBusinessNameGeneration: + type: boolean + description: Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration. + additionalProperties: false + RedshiftClusterStorage: + type: object + description: The name of an Amazon Redshift cluster. + properties: + ClusterName: + type: string + description: The name of an Amazon Redshift cluster. + maxLength: 63 + minLength: 1 + pattern: ^[0-9a-z].[a-z0-9\-]*$ + required: + - ClusterName + additionalProperties: false + RedshiftCredentialConfiguration: + type: object + description: The ARN of a secret manager for an Amazon Redshift cluster. + properties: + SecretManagerArn: + type: string + description: The ARN of a secret manager for an Amazon Redshift cluster. + maxLength: 256 + pattern: ^arn:aws[^:]*:secretsmanager:[a-z]{2}-?(iso|gov)?-{1}[a-z]*-{1}[0-9]:\d{12}:secret:.*$ + required: + - SecretManagerArn + additionalProperties: false + RedshiftRunConfigurationInput: + type: object + description: The configuration details of the Amazon Redshift data source. + properties: + DataAccessRole: + description: The data access role included in the configuration details of the Amazon Redshift data source. + $ref: '#/components/schemas/DataAccessRole' + RelationalFilterConfigurations: + $ref: '#/components/schemas/RelationalFilterConfigurations' + RedshiftCredentialConfiguration: + description: The details of the credentials required to access an Amazon Redshift cluster. + $ref: '#/components/schemas/RedshiftCredentialConfiguration' + RedshiftStorage: + description: The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run. + $ref: '#/components/schemas/RedshiftStorage' + required: + - RedshiftCredentialConfiguration + - RedshiftStorage + - RelationalFilterConfigurations + additionalProperties: false + RedshiftServerlessStorage: + type: object + description: The details of the Amazon Redshift Serverless workgroup storage. + properties: + WorkgroupName: + type: string + description: The name of the Amazon Redshift Serverless workgroup. + maxLength: 64 + minLength: 3 + pattern: ^[a-z0-9-]+$ + required: + - WorkgroupName + additionalProperties: false + RedshiftStorage: + description: The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run. + oneOf: + - type: object + title: RedshiftClusterSource + description: The details of the Amazon Redshift cluster source. + properties: + RedshiftClusterSource: + $ref: '#/components/schemas/RedshiftClusterStorage' + required: + - RedshiftClusterSource + additionalProperties: false + - type: object + title: RedshiftServerlessSource + description: The details of the Amazon Redshift Serverless workgroup source. + properties: + RedshiftServerlessSource: + $ref: '#/components/schemas/RedshiftServerlessStorage' + required: + - RedshiftServerlessSource + additionalProperties: false + Region: + type: string + maxLength: 16 + minLength: 4 + pattern: '[a-z]{2}-?(iso|gov)?-{1}[a-z]*-{1}[0-9]' + RelationalFilterConfiguration: + type: object + description: The relational filter configuration for the data source. + properties: + DatabaseName: + type: string + description: The database name specified in the relational filter configuration for the data source. + maxLength: 128 + minLength: 1 + SchemaName: + type: string + description: The schema name specified in the relational filter configuration for the data source. + maxLength: 128 + minLength: 1 + FilterExpressions: + type: array + description: The filter expressions specified in the relational filter configuration for the data source. + items: + $ref: '#/components/schemas/FilterExpression' + x-insertionOrder: false + required: + - DatabaseName + additionalProperties: false + RelationalFilterConfigurations: + type: array + description: The relational filter configurations included in the configuration details of the Amazon Redshift data source. + items: + $ref: '#/components/schemas/RelationalFilterConfiguration' + x-insertionOrder: false + ScheduleConfiguration: + type: object + description: The schedule of the data source runs. + properties: + Timezone: + description: The timezone of the data source run. + $ref: '#/components/schemas/Timezone' + Schedule: + type: string + description: The schedule of the data source runs. + maxLength: 256 + minLength: 1 + pattern: cron\((\b[0-5]?[0-9]\b) (\b2[0-3]\b|\b[0-1]?[0-9]\b) (.*){1,5} (.*){1,5} (.*){1,5} (.*){1,5}\) + additionalProperties: false + Timezone: + type: string + TypeRevision: + type: string + description: The revision of the metadata form type. + maxLength: 64 + minLength: 1 + DataSource: + type: object + properties: + AssetFormsInput: + type: array + description: The metadata forms that are to be attached to the assets that this data source works with. + items: + $ref: '#/components/schemas/FormInput' + maxItems: 10 + minItems: 0 + x-insertionOrder: false + CreatedAt: + type: string + description: The timestamp of when the data source was created. + format: date-time + Description: + type: string + description: The description of the data source. + maxLength: 2048 + DomainId: + type: string + description: The ID of the Amazon DataZone domain where the data source is created. + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + DomainIdentifier: + type: string + description: The ID of the Amazon DataZone domain where the data source is created. + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + EnableSetting: + description: Specifies whether the data source is enabled. + $ref: '#/components/schemas/EnableSetting' + EnvironmentId: + type: string + description: The unique identifier of the Amazon DataZone environment to which the data source publishes assets. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + EnvironmentIdentifier: + description: The unique identifier of the Amazon DataZone environment to which the data source publishes assets. + type: string + Id: + type: string + description: The unique identifier of the data source. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + Configuration: + description: Configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration. + $ref: '#/components/schemas/DataSourceConfigurationInput' + LastRunAssetCount: + description: The number of assets created by the data source during its last run. + type: number + LastRunAt: + type: string + description: The timestamp that specifies when the data source was last run. + LastRunStatus: + description: The status of the last run of this data source. + type: string + Name: + type: string + description: The name of the data source. + maxLength: 256 + minLength: 1 + ProjectId: + type: string + description: The ID of the Amazon DataZone project to which the data source is added. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + ProjectIdentifier: + type: string + description: The identifier of the Amazon DataZone project in which you want to add the data source. + PublishOnImport: + type: boolean + description: Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog. + Recommendation: + $ref: '#/components/schemas/RecommendationConfiguration' + description: Specifies whether the business name generation is to be enabled for this data source. + Schedule: + description: The schedule of the data source runs. + $ref: '#/components/schemas/ScheduleConfiguration' + Status: + description: The status of the data source. + $ref: '#/components/schemas/DataSourceStatus' + Type: + type: string + description: The type of the data source. + maxLength: 256 + minLength: 1 + UpdatedAt: + type: string + description: The timestamp of when this data source was updated. + format: date-time + required: + - Name + - DomainIdentifier + - ProjectIdentifier + - EnvironmentIdentifier + - Type + x-stackql-resource-name: data_source + x-stackql-primaryIdentifier: + - DomainId + - Id + x-create-only-properties: + - EnvironmentIdentifier + - DomainIdentifier + - ProjectIdentifier + - Type + x-read-only-properties: + - CreatedAt + - DomainId + - EnvironmentId + - Id + - LastRunAssetCount + - LastRunAt + - LastRunStatus + - ProjectId + - Status + - UpdatedAt + x-required-permissions: + create: + - datazone:CreateDataSource + - iam:PassRole + - datazone:GetDataSource + - datazone:DeleteDataSource + read: + - datazone:GetDataSource + update: + - datazone:UpdateDataSource + - datazone:GetDataSource + - datazone:DeleteDataSource + delete: + - datazone:DeleteDataSource + - datazone:GetDataSource + list: + - datazone:ListDataSources + AuthType: + type: string + description: The type of single sign-on in Amazon DataZone. + enum: + - IAM_IDC + - DISABLED + DomainStatus: + type: string + description: The status of the Amazon DataZone domain. + enum: + - CREATING + - AVAILABLE + - CREATION_FAILED + - DELETING + - DELETED + - DELETION_FAILED + SingleSignOn: + type: object + description: The single-sign on configuration of the Amazon DataZone domain. + properties: + Type: + $ref: '#/components/schemas/AuthType' + UserAssignment: + $ref: '#/components/schemas/UserAssignment' + additionalProperties: false + Tag: + description: A key-value pair to associate with the domain. + type: object + properties: + Key: + type: string + description: The key name of the tag. + minLength: 1 + maxLength: 128 + Value: + type: string + description: The value for the tag. + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + UserAssignment: + type: string + description: The single sign-on user assignment in Amazon DataZone. + enum: + - AUTOMATIC + - MANUAL + Domain: + type: object + properties: + Arn: + type: string + description: The ARN of the Amazon DataZone domain. + pattern: ^arn:aws(|-cn|-us-gov):datazone:\w+(?:-\w+)+:\d{12}:domain/dzd[-_][a-zA-Z0-9_-]{1,36}$ + CreatedAt: + type: string + description: The timestamp of when the Amazon DataZone domain was last updated. + format: date-time + Description: + type: string + description: The description of the Amazon DataZone domain. + DomainExecutionRole: + type: string + description: The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain. + pattern: ^arn:aws[^:]*:iam::\d{12}:(role|role/service-role)/[\w+=,.@-]*$ + Id: + type: string + description: The id of the Amazon DataZone domain. + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + KmsKeyIdentifier: + type: string + maxLength: 1024 + description: The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data. + minLength: 1 + pattern: ^arn:aws(|-cn|-us-gov):kms:[a-zA-Z0-9-]*:[0-9]{12}:key/[a-zA-Z0-9-]{36}$ + LastUpdatedAt: + type: string + description: The timestamp of when the Amazon DataZone domain was last updated. + format: date-time + ManagedAccountId: + type: string + description: The identifier of the AWS account that manages the domain. + Name: + type: string + description: The name of the Amazon DataZone domain. + PortalUrl: + type: string + description: The URL of the data portal for this Amazon DataZone domain. + SingleSignOn: + $ref: '#/components/schemas/SingleSignOn' + description: The single-sign on configuration of the Amazon DataZone domain. + Status: + $ref: '#/components/schemas/DomainStatus' + description: The status of the Amazon DataZone domain. + Tags: + type: array + description: The tags specified for the Amazon DataZone domain. + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DomainExecutionRole + - Name + x-stackql-resource-name: domain + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - KmsKeyIdentifier + x-read-only-properties: + - Arn + - CreatedAt + - Id + - LastUpdatedAt + - ManagedAccountId + - PortalUrl + - Status + x-required-permissions: + create: + - datazone:CreateDomain + - datazone:UpdateDomain + - datazone:GetDomain + - datazone:TagResource + - sso:CreateManagedApplicationInstance + - sso:DeleteManagedApplicationInstance + - sso:PutApplicationAssignmentConfiguration + read: + - datazone:GetDomain + update: + - datazone:UpdateDomain + - datazone:GetDomain + - datazone:TagResource + - datazone:UntagResource + - sso:CreateManagedApplicationInstance + - sso:DeleteManagedApplicationInstance + - sso:PutApplicationAssignmentConfiguration + delete: + - datazone:DeleteDomain + - datazone:GetDomain + list: + - datazone:ListDomains + EnvironmentParameter: + type: object + description: The parameter details of an environment profile. + properties: + Name: + type: string + description: The name of an environment profile parameter. + Value: + type: string + description: The value of an environment profile parameter. + additionalProperties: false + EnvironmentStatus: + type: string + description: The status of the Amazon DataZone environment. + enum: + - ACTIVE + - CREATING + - UPDATING + - DELETING + - CREATE_FAILED + - UPDATE_FAILED + - DELETE_FAILED + - VALIDATION_FAILED + - SUSPENDED + - DISABLED + - EXPIRED + - DELETED + - INACCESSIBLE + Environment: + type: object + properties: + AwsAccountId: + type: string + description: The AWS account in which the Amazon DataZone environment is created. + pattern: ^\d{12}$ + AwsAccountRegion: + type: string + description: The AWS region in which the Amazon DataZone environment is created. + pattern: ^[a-z]{2}-[a-z]{4,10}-\d$ + CreatedAt: + type: string + description: The timestamp of when the environment was created. + format: date-time + CreatedBy: + type: string + description: The Amazon DataZone user who created the environment. + Description: + type: string + description: The description of the Amazon DataZone environment. + maxLength: 2048 + DomainId: + type: string + description: The identifier of the Amazon DataZone domain in which the environment is created. + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + DomainIdentifier: + type: string + description: The identifier of the Amazon DataZone domain in which the environment would be created. + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + EnvironmentBlueprintId: + type: string + description: The ID of the blueprint with which the Amazon DataZone environment was created. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + EnvironmentProfileId: + type: string + description: The ID of the environment profile with which the Amazon DataZone environment was created. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + EnvironmentProfileIdentifier: + type: string + description: The ID of the environment profile with which the Amazon DataZone environment would be created. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + GlossaryTerms: + type: array + x-insertionOrder: false + description: The glossary terms that can be used in the Amazon DataZone environment. + items: + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + maxItems: 20 + minItems: 1 + Id: + type: string + description: The ID of the Amazon DataZone environment. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + Name: + type: string + description: The name of the environment. + maxLength: 64 + minLength: 1 + pattern: ^[\w -]+$ + ProjectId: + type: string + description: The ID of the Amazon DataZone project in which the environment is created. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + ProjectIdentifier: + type: string + description: The ID of the Amazon DataZone project in which the environment would be created. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + Provider: + type: string + description: The provider of the Amazon DataZone environment. + Status: + $ref: '#/components/schemas/EnvironmentStatus' + description: The status of the Amazon DataZone environment. + UpdatedAt: + type: string + description: The timestamp of when the environment was updated. + format: date-time + UserParameters: + type: array + x-insertionOrder: false + description: The user parameters of the Amazon DataZone environment. + items: + $ref: '#/components/schemas/EnvironmentParameter' + required: + - EnvironmentProfileIdentifier + - Name + - ProjectIdentifier + - DomainIdentifier + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - DomainId + - Id + x-create-only-properties: + - DomainIdentifier + - EnvironmentProfileIdentifier + - ProjectIdentifier + - UserParameters + x-read-only-properties: + - AwsAccountId + - AwsAccountRegion + - CreatedAt + - CreatedBy + - DomainId + - EnvironmentBlueprintId + - EnvironmentProfileId + - Id + - ProjectId + - Provider + - Status + - UpdatedAt + x-required-permissions: + create: + - datazone:CreateEnvironment + - datazone:GetEnvironment + - datazone:DeleteEnvironment + read: + - datazone:GetEnvironment + update: + - datazone:UpdateEnvironment + - datazone:GetEnvironment + - datazone:DeleteEnvironment + delete: + - datazone:DeleteEnvironment + - datazone:GetEnvironment + list: + - datazone:ListEnvironments + RegionalParameter: + additionalProperties: false + type: object + properties: + Parameters: + $ref: '#/components/schemas/Parameter' + Region: + pattern: ^[a-z]{2}-?(iso|gov)?-{1}[a-z]*-{1}[0-9]$ + type: string + Parameter: + x-patternProperties: + .+: + type: string + additionalProperties: false + type: object + EnvironmentBlueprintConfiguration: + type: object + properties: + RegionalParameters: + uniqueItems: true + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/RegionalParameter' + ProvisioningRoleArn: + pattern: ^arn:aws[^:]*:iam::\d{12}:(role|role/service-role)/[\w+=,.@-]*$ + type: string + DomainId: + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + type: string + CreatedAt: + format: date-time + type: string + EnabledRegions: + minItems: 0 + x-insertionOrder: false + type: array + items: + minLength: 4 + pattern: ^[a-z]{2}-?(iso|gov)?-{1}[a-z]*-{1}[0-9]$ + type: string + maxLength: 16 + EnvironmentBlueprintIdentifier: + pattern: ^[a-zA-Z0-9_-]{1,36}$ + type: string + EnvironmentBlueprintId: + pattern: ^[a-zA-Z0-9_-]{1,36}$ + type: string + UpdatedAt: + format: date-time + type: string + DomainIdentifier: + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + type: string + ManageAccessRoleArn: + pattern: ^arn:aws[^:]*:iam::\d{12}:(role|role/service-role)/[\w+=,.@-]*$ + type: string + required: + - DomainIdentifier + - EnvironmentBlueprintIdentifier + - EnabledRegions + x-stackql-resource-name: environment_blueprint_configuration + x-stackql-primaryIdentifier: + - DomainId + - EnvironmentBlueprintId + x-create-only-properties: + - DomainIdentifier + - EnvironmentBlueprintIdentifier + x-read-only-properties: + - CreatedAt + - DomainId + - EnvironmentBlueprintId + - UpdatedAt + x-required-permissions: + read: + - datazone:GetEnvironmentBlueprintConfiguration + create: + - datazone:ListEnvironmentBlueprints + - iam:PassRole + - datazone:GetEnvironmentBlueprintConfiguration + - datazone:PutEnvironmentBlueprintConfiguration + update: + - datazone:DeleteEnvironmentBlueprintConfiguration + - iam:PassRole + - datazone:GetEnvironmentBlueprintConfiguration + - datazone:PutEnvironmentBlueprintConfiguration + list: + - datazone:ListEnvironmentBlueprintConfigurations + delete: + - datazone:GetEnvironmentBlueprintConfiguration + - datazone:DeleteEnvironmentBlueprintConfiguration + EnvironmentProfile: + type: object + properties: + AwsAccountId: + description: The AWS account in which the Amazon DataZone environment is created. + type: string + pattern: ^\d{12}$ + AwsAccountRegion: + description: The AWS region in which this environment profile is created. + type: string + pattern: ^[a-z]{2}-[a-z]{4,10}-\d$ + CreatedAt: + description: The timestamp of when this environment profile was created. + type: string + format: date-time + CreatedBy: + description: The Amazon DataZone user who created this environment profile. + type: string + Description: + description: The description of this Amazon DataZone environment profile. + type: string + maxLength: 2048 + DomainId: + description: The ID of the Amazon DataZone domain in which this environment profile is created. + type: string + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + DomainIdentifier: + description: The ID of the Amazon DataZone domain in which this environment profile is created. + type: string + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + EnvironmentBlueprintId: + description: The ID of the blueprint with which this environment profile is created. + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + EnvironmentBlueprintIdentifier: + description: The ID of the blueprint with which this environment profile is created. + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + Id: + description: The ID of this Amazon DataZone environment profile. + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + Name: + description: The name of this Amazon DataZone environment profile. + type: string + maxLength: 64 + minLength: 1 + pattern: ^[\w -]+$ + ProjectId: + description: The identifier of the project in which to create the environment profile. + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + ProjectIdentifier: + description: The identifier of the project in which to create the environment profile. + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + UpdatedAt: + description: The timestamp of when this environment profile was updated. + type: string + format: date-time + UserParameters: + description: The user parameters of this Amazon DataZone environment profile. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/EnvironmentParameter' + required: + - EnvironmentBlueprintIdentifier + - ProjectIdentifier + - DomainIdentifier + - AwsAccountId + - AwsAccountRegion + - Name + x-stackql-resource-name: environment_profile + x-stackql-primaryIdentifier: + - DomainId + - Id + x-create-only-properties: + - DomainIdentifier + - EnvironmentBlueprintIdentifier + - ProjectIdentifier + x-read-only-properties: + - CreatedAt + - CreatedBy + - DomainId + - EnvironmentBlueprintId + - Id + - ProjectId + - UpdatedAt + x-required-permissions: + create: + - datazone:CreateEnvironmentProfile + - datazone:GetEnvironmentProfile + read: + - datazone:GetEnvironmentProfile + update: + - datazone:UpdateEnvironmentProfile + - datazone:GetEnvironmentProfile + delete: + - datazone:DeleteEnvironmentProfile + - datazone:GetEnvironmentProfile + list: + - datazone:ListEnvironmentProfiles + Project: + type: object + properties: + CreatedAt: + description: The timestamp of when the project was created. + type: string + format: date-time + CreatedBy: + description: The Amazon DataZone user who created the project. + type: string + Description: + description: The description of the Amazon DataZone project. + type: string + maxLength: 2048 + DomainId: + description: The identifier of the Amazon DataZone domain in which the project was created. + type: string + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + DomainIdentifier: + description: The ID of the Amazon DataZone domain in which this project is created. + type: string + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + GlossaryTerms: + description: The glossary terms that can be used in this Amazon DataZone project. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + maxItems: 20 + minItems: 1 + Id: + description: The ID of the Amazon DataZone project. + type: string + pattern: ^[a-zA-Z0-9_-]{1,36}$ + LastUpdatedAt: + description: The timestamp of when the project was last updated. + type: string + format: date-time + Name: + description: The name of the Amazon DataZone project. + type: string + maxLength: 64 + minLength: 1 + pattern: ^[\w -]+$ + required: + - DomainIdentifier + - Name + x-stackql-resource-name: project + x-stackql-primaryIdentifier: + - DomainId + - Id + x-create-only-properties: + - DomainIdentifier + x-read-only-properties: + - Id + - CreatedAt + - CreatedBy + - DomainId + - LastUpdatedAt + x-required-permissions: + create: + - datazone:CreateProject + - datazone:GetProject + read: + - datazone:GetProject + update: + - datazone:UpdateProject + - datazone:GetProject + delete: + - datazone:DeleteProject + - datazone:GetProject + list: + - datazone:ListProjects + SubscriptionTargetForm: + type: object + description: The details of the subscription target configuration. + properties: + FormName: + type: string + description: The form name included in the subscription target configuration. + maxLength: 128 + minLength: 1 + pattern: ^(?![0-9_])\w+$|^_\w*[a-zA-Z0-9]\w*$ + Content: + type: string + description: The content of the subscription target configuration. + required: + - Content + - FormName + additionalProperties: false + SubscriptionTarget: + type: object + properties: + ApplicableAssetTypes: + type: array + description: The asset types that can be included in the subscription target. + x-insertionOrder: false + items: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[^\.]* + AuthorizedPrincipals: + type: array + description: The authorized principals of the subscription target. + x-insertionOrder: false + items: + type: string + pattern: ^[a-zA-Z0-9:/_-]*$ + maxItems: 10 + minItems: 1 + CreatedAt: + type: string + description: The timestamp of when the subscription target was created. + format: date-time + CreatedBy: + type: string + description: The Amazon DataZone user who created the subscription target. + DomainId: + type: string + description: The ID of the Amazon DataZone domain in which subscription target is created. + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + DomainIdentifier: + type: string + description: The ID of the Amazon DataZone domain in which subscription target would be created. + pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$ + EnvironmentId: + type: string + description: The ID of the environment in which subscription target is created. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + EnvironmentIdentifier: + type: string + description: The ID of the environment in which subscription target would be created. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + Id: + type: string + description: The ID of the subscription target. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + ManageAccessRole: + type: string + description: The manage access role that is used to create the subscription target. + Name: + type: string + description: The name of the subscription target. + maxLength: 256 + minLength: 1 + ProjectId: + type: string + description: The identifier of the project specified in the subscription target. + pattern: ^[a-zA-Z0-9_-]{1,36}$ + Provider: + type: string + description: The provider of the subscription target. + SubscriptionTargetConfig: + type: array + description: The configuration of the subscription target. + x-insertionOrder: false + items: + $ref: '#/components/schemas/SubscriptionTargetForm' + Type: + type: string + description: The type of the subscription target. + UpdatedAt: + type: string + description: The timestamp of when the subscription target was updated. + format: date-time + UpdatedBy: + type: string + description: The Amazon DataZone user who updated the subscription target. + required: + - ApplicableAssetTypes + - AuthorizedPrincipals + - DomainIdentifier + - EnvironmentIdentifier + - ManageAccessRole + - Name + - SubscriptionTargetConfig + - Type + x-stackql-resource-name: subscription_target + x-stackql-primaryIdentifier: + - DomainId + - EnvironmentId + - Id + x-create-only-properties: + - Type + - DomainIdentifier + - EnvironmentIdentifier + x-read-only-properties: + - CreatedAt + - CreatedBy + - DomainId + - EnvironmentId + - Id + - ProjectId + - UpdatedAt + - UpdatedBy + x-required-permissions: + create: + - datazone:CreateSubscriptionTarget + - datazone:GetSubscriptionTarget + - iam:PassRole + read: + - datazone:GetSubscriptionTarget + update: + - datazone:UpdateSubscriptionTarget + - datazone:GetSubscriptionTarget + - iam:PassRole + delete: + - datazone:DeleteSubscriptionTarget + list: + - datazone:ListSubscriptionTargets + x-stackQL-resources: + data_sources: + name: data_sources + id: awscc.datazone.data_sources + x-cfn-schema-name: DataSource + x-type: list + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::DataSource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::DataSource' + AND region = 'us-east-1' + data_source: + name: data_source + id: awscc.datazone.data_source + x-cfn-schema-name: DataSource + x-type: get + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssetFormsInput') as asset_forms_input, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.DomainIdentifier') as domain_identifier, + JSON_EXTRACT(Properties, '$.EnableSetting') as enable_setting, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.LastRunAssetCount') as last_run_asset_count, + JSON_EXTRACT(Properties, '$.LastRunAt') as last_run_at, + JSON_EXTRACT(Properties, '$.LastRunStatus') as last_run_status, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id, + JSON_EXTRACT(Properties, '$.ProjectIdentifier') as project_identifier, + JSON_EXTRACT(Properties, '$.PublishOnImport') as publish_on_import, + JSON_EXTRACT(Properties, '$.Recommendation') as recommendation, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::DataSource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssetFormsInput') as asset_forms_input, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'DomainIdentifier') as domain_identifier, + json_extract_path_text(Properties, 'EnableSetting') as enable_setting, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'LastRunAssetCount') as last_run_asset_count, + json_extract_path_text(Properties, 'LastRunAt') as last_run_at, + json_extract_path_text(Properties, 'LastRunStatus') as last_run_status, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ProjectId') as project_id, + json_extract_path_text(Properties, 'ProjectIdentifier') as project_identifier, + json_extract_path_text(Properties, 'PublishOnImport') as publish_on_import, + json_extract_path_text(Properties, 'Recommendation') as recommendation, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::DataSource' + AND data__Identifier = '' + AND region = 'us-east-1' + domains: + name: domains + id: awscc.datazone.domains + x-cfn-schema-name: Domain + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::Domain' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::Domain' + AND region = 'us-east-1' + domain: + name: domain + id: awscc.datazone.domain + x-cfn-schema-name: Domain + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DomainExecutionRole') as domain_execution_role, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.KmsKeyIdentifier') as kms_key_identifier, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.ManagedAccountId') as managed_account_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PortalUrl') as portal_url, + JSON_EXTRACT(Properties, '$.SingleSignOn') as single_sign_on, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DomainExecutionRole') as domain_execution_role, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'KmsKeyIdentifier') as kms_key_identifier, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'ManagedAccountId') as managed_account_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PortalUrl') as portal_url, + json_extract_path_text(Properties, 'SingleSignOn') as single_sign_on, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + environments: + name: environments + id: awscc.datazone.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.datazone.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.AwsAccountRegion') as aws_account_region, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.CreatedBy') as created_by, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.DomainIdentifier') as domain_identifier, + JSON_EXTRACT(Properties, '$.EnvironmentBlueprintId') as environment_blueprint_id, + JSON_EXTRACT(Properties, '$.EnvironmentProfileId') as environment_profile_id, + JSON_EXTRACT(Properties, '$.EnvironmentProfileIdentifier') as environment_profile_identifier, + JSON_EXTRACT(Properties, '$.GlossaryTerms') as glossary_terms, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id, + JSON_EXTRACT(Properties, '$.ProjectIdentifier') as project_identifier, + JSON_EXTRACT(Properties, '$.Provider') as provider, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.UserParameters') as user_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'AwsAccountRegion') as aws_account_region, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'CreatedBy') as created_by, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'DomainIdentifier') as domain_identifier, + json_extract_path_text(Properties, 'EnvironmentBlueprintId') as environment_blueprint_id, + json_extract_path_text(Properties, 'EnvironmentProfileId') as environment_profile_id, + json_extract_path_text(Properties, 'EnvironmentProfileIdentifier') as environment_profile_identifier, + json_extract_path_text(Properties, 'GlossaryTerms') as glossary_terms, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ProjectId') as project_id, + json_extract_path_text(Properties, 'ProjectIdentifier') as project_identifier, + json_extract_path_text(Properties, 'Provider') as provider, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'UserParameters') as user_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + environment_blueprint_configurations: + name: environment_blueprint_configurations + id: awscc.datazone.environment_blueprint_configurations + x-cfn-schema-name: EnvironmentBlueprintConfiguration + x-type: list + x-identifiers: + - DomainId + - EnvironmentBlueprintId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.EnvironmentBlueprintId') as environment_blueprint_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::EnvironmentBlueprintConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'EnvironmentBlueprintId') as environment_blueprint_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::EnvironmentBlueprintConfiguration' + AND region = 'us-east-1' + environment_blueprint_configuration: + name: environment_blueprint_configuration + id: awscc.datazone.environment_blueprint_configuration + x-cfn-schema-name: EnvironmentBlueprintConfiguration + x-type: get + x-identifiers: + - DomainId + - EnvironmentBlueprintId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RegionalParameters') as regional_parameters, + JSON_EXTRACT(Properties, '$.ProvisioningRoleArn') as provisioning_role_arn, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.EnabledRegions') as enabled_regions, + JSON_EXTRACT(Properties, '$.EnvironmentBlueprintIdentifier') as environment_blueprint_identifier, + JSON_EXTRACT(Properties, '$.EnvironmentBlueprintId') as environment_blueprint_id, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.DomainIdentifier') as domain_identifier, + JSON_EXTRACT(Properties, '$.ManageAccessRoleArn') as manage_access_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::EnvironmentBlueprintConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RegionalParameters') as regional_parameters, + json_extract_path_text(Properties, 'ProvisioningRoleArn') as provisioning_role_arn, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'EnabledRegions') as enabled_regions, + json_extract_path_text(Properties, 'EnvironmentBlueprintIdentifier') as environment_blueprint_identifier, + json_extract_path_text(Properties, 'EnvironmentBlueprintId') as environment_blueprint_id, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'DomainIdentifier') as domain_identifier, + json_extract_path_text(Properties, 'ManageAccessRoleArn') as manage_access_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::EnvironmentBlueprintConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + environment_profiles: + name: environment_profiles + id: awscc.datazone.environment_profiles + x-cfn-schema-name: EnvironmentProfile + x-type: list + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::EnvironmentProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::EnvironmentProfile' + AND region = 'us-east-1' + environment_profile: + name: environment_profile + id: awscc.datazone.environment_profile + x-cfn-schema-name: EnvironmentProfile + x-type: get + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.AwsAccountRegion') as aws_account_region, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.CreatedBy') as created_by, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.DomainIdentifier') as domain_identifier, + JSON_EXTRACT(Properties, '$.EnvironmentBlueprintId') as environment_blueprint_id, + JSON_EXTRACT(Properties, '$.EnvironmentBlueprintIdentifier') as environment_blueprint_identifier, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id, + JSON_EXTRACT(Properties, '$.ProjectIdentifier') as project_identifier, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.UserParameters') as user_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::EnvironmentProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'AwsAccountRegion') as aws_account_region, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'CreatedBy') as created_by, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'DomainIdentifier') as domain_identifier, + json_extract_path_text(Properties, 'EnvironmentBlueprintId') as environment_blueprint_id, + json_extract_path_text(Properties, 'EnvironmentBlueprintIdentifier') as environment_blueprint_identifier, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ProjectId') as project_id, + json_extract_path_text(Properties, 'ProjectIdentifier') as project_identifier, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'UserParameters') as user_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::EnvironmentProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + projects: + name: projects + id: awscc.datazone.projects + x-cfn-schema-name: Project + x-type: list + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::Project' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::Project' + AND region = 'us-east-1' + project: + name: project + id: awscc.datazone.project + x-cfn-schema-name: Project + x-type: get + x-identifiers: + - DomainId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.CreatedBy') as created_by, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.DomainIdentifier') as domain_identifier, + JSON_EXTRACT(Properties, '$.GlossaryTerms') as glossary_terms, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'CreatedBy') as created_by, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'DomainIdentifier') as domain_identifier, + json_extract_path_text(Properties, 'GlossaryTerms') as glossary_terms, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + subscription_targets: + name: subscription_targets + id: awscc.datazone.subscription_targets + x-cfn-schema-name: SubscriptionTarget + x-type: list + x-identifiers: + - DomainId + - EnvironmentId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::SubscriptionTarget' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DataZone::SubscriptionTarget' + AND region = 'us-east-1' + subscription_target: + name: subscription_target + id: awscc.datazone.subscription_target + x-cfn-schema-name: SubscriptionTarget + x-type: get + x-identifiers: + - DomainId + - EnvironmentId + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicableAssetTypes') as applicable_asset_types, + JSON_EXTRACT(Properties, '$.AuthorizedPrincipals') as authorized_principals, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.CreatedBy') as created_by, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.DomainIdentifier') as domain_identifier, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ManageAccessRole') as manage_access_role, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id, + JSON_EXTRACT(Properties, '$.Provider') as provider, + JSON_EXTRACT(Properties, '$.SubscriptionTargetConfig') as subscription_target_config, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.UpdatedBy') as updated_by + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::SubscriptionTarget' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicableAssetTypes') as applicable_asset_types, + json_extract_path_text(Properties, 'AuthorizedPrincipals') as authorized_principals, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'CreatedBy') as created_by, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'DomainIdentifier') as domain_identifier, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ManageAccessRole') as manage_access_role, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ProjectId') as project_id, + json_extract_path_text(Properties, 'Provider') as provider, + json_extract_path_text(Properties, 'SubscriptionTargetConfig') as subscription_target_config, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'UpdatedBy') as updated_by + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DataZone::SubscriptionTarget' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/detective.yaml b/providers/src/awscc/v00.00.00000/services/detective.yaml new file mode 100644 index 00000000..344eeecf --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/detective.yaml @@ -0,0 +1,325 @@ +openapi: 3.0.0 +info: + title: Detective + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ ' + minLength: 0 + maxLength: 256 + additionalProperties: false + Graph: + type: object + properties: + Arn: + type: string + description: The Detective graph ARN + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + AutoEnableMembers: + type: boolean + default: false + description: Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph. + x-stackql-resource-name: graph + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - detective:CreateGraph + - detective:UpdateOrganizationConfiguration + - organizations:DescribeOrganization + update: + - detective:UntagResource + - detective:TagResource + - detective:ListTagsForResource + - detective:UpdateOrganizationConfiguration + - organizations:DescribeOrganization + read: + - detective:ListGraphs + - detective:ListTagsForResource + - detective:DescribeOrganizationConfiguration + - organizations:DescribeOrganization + delete: + - detective:DeleteGraph + list: + - detective:ListGraphs + - detective:ListTagsForResource + - detective:DescribeOrganizationConfiguration + - organizations:DescribeOrganization + MemberInvitation: + type: object + properties: + GraphArn: + description: The ARN of the graph to which the member account will be invited + type: string + pattern: arn:aws(-[\w]+)*:detective:(([a-z]+-)+[0-9]+):[0-9]{12}:graph:[0-9a-f]{32} + MemberId: + description: The AWS account ID to be invited to join the graph as a member + type: string + pattern: '[0-9]{12}' + MemberEmailAddress: + description: The root email address for the account to be invited, for validation. Updating this field has no effect. + type: string + pattern: .*@.* + DisableEmailNotification: + description: When set to true, invitation emails are not sent to the member accounts. Member accounts must still accept the invitation before they are added to the behavior graph. Updating this field has no effect. + type: boolean + default: false + Message: + description: A message to be included in the email invitation sent to the invited account. Updating this field has no effect. + type: string + minLength: 1 + maxLength: 1000 + required: + - GraphArn + - MemberId + - MemberEmailAddress + x-stackql-resource-name: member_invitation + x-stackql-primaryIdentifier: + - GraphArn + - MemberId + x-create-only-properties: + - GraphArn + - MemberId + x-required-permissions: + create: + - detective:CreateMembers + - detective:GetMembers + read: + - detective:GetMembers + update: [] + delete: + - detective:DeleteMembers + list: + - detective:ListGraphs + - detective:ListMembers + OrganizationAdmin: + type: object + properties: + AccountId: + description: The account ID of the account that should be registered as your Organization's delegated administrator for Detective + type: string + pattern: '[0-9]{12}' + GraphArn: + type: string + description: The Detective graph ARN + required: + - AccountId + x-stackql-resource-name: organization_admin + x-stackql-primaryIdentifier: + - AccountId + x-create-only-properties: + - AccountId + x-read-only-properties: + - GraphArn + x-required-permissions: + create: + - detective:EnableOrganizationAdminAccount + - detective:ListOrganizationAdminAccount + - iam:CreateServiceLinkedRole + - organizations:RegisterDelegatedAdministrator + - organizations:DescribeOrganization + - organizations:EnableAWSServiceAccess + - organizations:ListAccounts + read: + - detective:ListOrganizationAdminAccount + - organizations:DescribeOrganization + update: [] + delete: + - detective:DisableOrganizationAdminAccount + - detective:ListOrganizationAdminAccount + - organizations:DescribeOrganization + list: + - detective:ListOrganizationAdminAccount + - organizations:DescribeOrganization + x-stackQL-resources: + graphs: + name: graphs + id: awscc.detective.graphs + x-cfn-schema-name: Graph + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Detective::Graph' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Detective::Graph' + AND region = 'us-east-1' + graph: + name: graph + id: awscc.detective.graph + x-cfn-schema-name: Graph + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AutoEnableMembers') as auto_enable_members + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Detective::Graph' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AutoEnableMembers') as auto_enable_members + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Detective::Graph' + AND data__Identifier = '' + AND region = 'us-east-1' + member_invitations: + name: member_invitations + id: awscc.detective.member_invitations + x-cfn-schema-name: MemberInvitation + x-type: list + x-identifiers: + - GraphArn + - MemberId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GraphArn') as graph_arn, + JSON_EXTRACT(Properties, '$.MemberId') as member_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Detective::MemberInvitation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GraphArn') as graph_arn, + json_extract_path_text(Properties, 'MemberId') as member_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Detective::MemberInvitation' + AND region = 'us-east-1' + member_invitation: + name: member_invitation + id: awscc.detective.member_invitation + x-cfn-schema-name: MemberInvitation + x-type: get + x-identifiers: + - GraphArn + - MemberId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GraphArn') as graph_arn, + JSON_EXTRACT(Properties, '$.MemberId') as member_id, + JSON_EXTRACT(Properties, '$.MemberEmailAddress') as member_email_address, + JSON_EXTRACT(Properties, '$.DisableEmailNotification') as disable_email_notification, + JSON_EXTRACT(Properties, '$.Message') as message + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Detective::MemberInvitation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GraphArn') as graph_arn, + json_extract_path_text(Properties, 'MemberId') as member_id, + json_extract_path_text(Properties, 'MemberEmailAddress') as member_email_address, + json_extract_path_text(Properties, 'DisableEmailNotification') as disable_email_notification, + json_extract_path_text(Properties, 'Message') as message + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Detective::MemberInvitation' + AND data__Identifier = '' + AND region = 'us-east-1' + organization_admins: + name: organization_admins + id: awscc.detective.organization_admins + x-cfn-schema-name: OrganizationAdmin + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Detective::OrganizationAdmin' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Detective::OrganizationAdmin' + AND region = 'us-east-1' + organization_admin: + name: organization_admin + id: awscc.detective.organization_admin + x-cfn-schema-name: OrganizationAdmin + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.GraphArn') as graph_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Detective::OrganizationAdmin' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'GraphArn') as graph_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Detective::OrganizationAdmin' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/devopsguru.yaml b/providers/src/awscc/v00.00.00000/services/devopsguru.yaml new file mode 100644 index 00000000..330be0b7 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/devopsguru.yaml @@ -0,0 +1,378 @@ +openapi: 3.0.0 +info: + title: DevOpsGuru + version: 1.0.0 +paths: {} +components: + schemas: + AccountId: + description: User account id, used as the primary identifier for the resource + type: string + pattern: ^\d{12}$ + LogAnomalyDetectionIntegration: + type: object + properties: + AccountId: + $ref: '#/components/schemas/AccountId' + x-stackql-resource-name: log_anomaly_detection_integration + x-stackql-primaryIdentifier: + - AccountId + x-read-only-properties: + - AccountId + x-required-permissions: + create: + - devops-guru:DescribeServiceIntegration + - devops-guru:UpdateServiceIntegration + - logs:TagLogGroup + - logs:UntagLogGroup + read: + - devops-guru:DescribeServiceIntegration + update: + - devops-guru:UpdateServiceIntegration + - logs:TagLogGroup + - logs:UntagLogGroup + delete: + - devops-guru:DescribeServiceIntegration + - devops-guru:UpdateServiceIntegration + - logs:TagLogGroup + - logs:UntagLogGroup + list: + - devops-guru:DescribeServiceIntegration + NotificationChannelConfig: + description: Information about notification channels you have configured with DevOps Guru. + type: object + properties: + Sns: + $ref: '#/components/schemas/SnsChannelConfig' + Filters: + $ref: '#/components/schemas/NotificationFilterConfig' + additionalProperties: false + SnsChannelConfig: + description: Information about a notification channel configured in DevOps Guru to send notifications when insights are created. + type: object + properties: + TopicArn: + type: string + minLength: 36 + maxLength: 1024 + pattern: ^arn:aws[a-z0-9-]*:sns:[a-z0-9-]+:\d{12}:[^:]+$ + additionalProperties: false + NotificationFilterConfig: + description: Information about filters of a notification channel configured in DevOpsGuru to filter for insights. + type: object + properties: + Severities: + $ref: '#/components/schemas/InsightSeveritiesFilterList' + MessageTypes: + $ref: '#/components/schemas/NotificationMessageTypesFilterList' + additionalProperties: false + InsightSeverity: + description: DevOps Guru Insight Severity Enum + type: string + enum: + - LOW + - MEDIUM + - HIGH + NotificationMessageType: + description: DevOps Guru NotificationMessageType Enum + type: string + enum: + - NEW_INSIGHT + - CLOSED_INSIGHT + - NEW_ASSOCIATION + - SEVERITY_UPGRADED + - NEW_RECOMMENDATION + InsightSeveritiesFilterList: + description: DevOps Guru insight severities to filter for + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/InsightSeverity' + maxItems: 3 + minItems: 1 + NotificationMessageTypesFilterList: + description: DevOps Guru message types to filter for + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/NotificationMessageType' + maxItems: 5 + minItems: 1 + NotificationChannel: + type: object + properties: + Config: + $ref: '#/components/schemas/NotificationChannelConfig' + Id: + description: The ID of a notification channel. + type: string + minLength: 36 + maxLength: 36 + pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + required: + - Config + x-stackql-resource-name: notification_channel + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Config + x-read-only-properties: + - Id + x-required-permissions: + create: + - devops-guru:AddNotificationChannel + - devops-guru:ListNotificationChannels + - sns:Publish + - sns:GetTopicAttributes + - sns:SetTopicAttributes + list: + - devops-guru:ListNotificationChannels + delete: + - devops-guru:RemoveNotificationChannel + - devops-guru:ListNotificationChannels + read: + - devops-guru:ListNotificationChannels + ResourceCollectionFilter: + description: Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru. + type: object + properties: + CloudFormation: + $ref: '#/components/schemas/CloudFormationCollectionFilter' + Tags: + $ref: '#/components/schemas/TagCollections' + additionalProperties: false + CloudFormationCollectionFilter: + description: CloudFormation resource for DevOps Guru to monitor + type: object + properties: + StackNames: + description: An array of CloudFormation stack names. + type: array + items: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z*]+[a-zA-Z0-9-]*$ + minItems: 1 + maxItems: 1000 + x-insertionOrder: false + additionalProperties: false + TagCollections: + description: Tagged resources for DevOps Guru to monitor + type: array + items: + $ref: '#/components/schemas/TagCollection' + x-insertionOrder: false + TagCollection: + description: Tagged resource for DevOps Guru to monitor + type: object + properties: + AppBoundaryKey: + description: A Tag key for DevOps Guru app boundary. + type: string + minLength: 1 + maxLength: 128 + TagValues: + description: Tag values of DevOps Guru app boundary. + type: array + items: + type: string + minLength: 1 + maxLength: 256 + minItems: 1 + maxItems: 1000 + x-insertionOrder: false + additionalProperties: false + ResourceCollection: + type: object + properties: + ResourceCollectionFilter: + $ref: '#/components/schemas/ResourceCollectionFilter' + ResourceCollectionType: + description: The type of ResourceCollection + type: string + enum: + - AWS_CLOUD_FORMATION + - AWS_TAGS + required: + - ResourceCollectionFilter + x-stackql-resource-name: resource_collection + x-stackql-primaryIdentifier: + - ResourceCollectionType + x-read-only-properties: + - ResourceCollectionType + x-required-permissions: + create: + - devops-guru:UpdateResourceCollection + - devops-guru:GetResourceCollection + read: + - devops-guru:GetResourceCollection + delete: + - devops-guru:UpdateResourceCollection + - devops-guru:GetResourceCollection + list: + - devops-guru:GetResourceCollection + update: + - devops-guru:UpdateResourceCollection + - devops-guru:GetResourceCollection + x-stackQL-resources: + log_anomaly_detection_integrations: + name: log_anomaly_detection_integrations + id: awscc.devopsguru.log_anomaly_detection_integrations + x-cfn-schema-name: LogAnomalyDetectionIntegration + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DevOpsGuru::LogAnomalyDetectionIntegration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DevOpsGuru::LogAnomalyDetectionIntegration' + AND region = 'us-east-1' + log_anomaly_detection_integration: + name: log_anomaly_detection_integration + id: awscc.devopsguru.log_anomaly_detection_integration + x-cfn-schema-name: LogAnomalyDetectionIntegration + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DevOpsGuru::LogAnomalyDetectionIntegration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DevOpsGuru::LogAnomalyDetectionIntegration' + AND data__Identifier = '' + AND region = 'us-east-1' + notification_channels: + name: notification_channels + id: awscc.devopsguru.notification_channels + x-cfn-schema-name: NotificationChannel + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DevOpsGuru::NotificationChannel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DevOpsGuru::NotificationChannel' + AND region = 'us-east-1' + notification_channel: + name: notification_channel + id: awscc.devopsguru.notification_channel + x-cfn-schema-name: NotificationChannel + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Config') as config, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DevOpsGuru::NotificationChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Config') as config, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DevOpsGuru::NotificationChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_collections: + name: resource_collections + id: awscc.devopsguru.resource_collections + x-cfn-schema-name: ResourceCollection + x-type: list + x-identifiers: + - ResourceCollectionType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceCollectionType') as resource_collection_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DevOpsGuru::ResourceCollection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceCollectionType') as resource_collection_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DevOpsGuru::ResourceCollection' + AND region = 'us-east-1' + resource_collection: + name: resource_collection + id: awscc.devopsguru.resource_collection + x-cfn-schema-name: ResourceCollection + x-type: get + x-identifiers: + - ResourceCollectionType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceCollectionFilter') as resource_collection_filter, + JSON_EXTRACT(Properties, '$.ResourceCollectionType') as resource_collection_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DevOpsGuru::ResourceCollection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceCollectionFilter') as resource_collection_filter, + json_extract_path_text(Properties, 'ResourceCollectionType') as resource_collection_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DevOpsGuru::ResourceCollection' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/directoryservice.yaml b/providers/src/awscc/v00.00.00000/services/directoryservice.yaml new file mode 100644 index 00000000..ced4af66 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/directoryservice.yaml @@ -0,0 +1,188 @@ +openapi: 3.0.0 +info: + title: DirectoryService + version: 1.0.0 +paths: {} +components: + schemas: + VpcSettings: + x-$comment: Contains VPC information + type: object + additionalProperties: false + properties: + SubnetIds: + description: The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + VpcId: + description: The identifier of the VPC in which to create the directory. + type: string + required: + - VpcId + - SubnetIds + SimpleAD: + type: object + properties: + DirectoryId: + description: The unique identifier for a directory. + type: string + Alias: + description: The alias for a directory. + type: string + DnsIpAddresses: + description: The IP addresses of the DNS servers for the directory, such as [ "172.31.3.154", "172.31.63.203" ]. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + CreateAlias: + description: The name of the configuration set. + type: boolean + Description: + description: Description for the directory. + type: string + EnableSso: + description: Whether to enable single sign-on for a Simple Active Directory in AWS. + type: boolean + Name: + description: The fully qualified domain name for the AWS Managed Simple AD directory. + type: string + Password: + description: The password for the default administrative user named Admin. + type: string + ShortName: + description: The NetBIOS name for your domain. + type: string + Size: + description: The size of the directory. + type: string + VpcSettings: + description: VPC settings of the Simple AD directory server in AWS. + $ref: '#/components/schemas/VpcSettings' + required: + - VpcSettings + - Size + - Name + x-stackql-resource-name: simple_ad + x-stackql-primaryIdentifier: + - DirectoryId + x-create-only-properties: + - Size + - VpcSettings + - Name + - Password + - ShortName + - Description + - CreateAlias + x-read-only-properties: + - Alias + - DnsIpAddresses + - DirectoryId + x-required-permissions: + create: + - ds:CreateDirectory + - ds:CreateAlias + - ds:EnableSso + - ds:DescribeDirectories + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - ec2:CreateSecurityGroup + - ec2:CreateNetworkInterface + - ec2:DescribeNetworkInterfaces + - ec2:AuthorizeSecurityGroupIngress + - ec2:AuthorizeSecurityGroupEgress + - ec2:CreateTags + read: + - ds:DescribeDirectories + update: + - ds:EnableSso + - ds:DisableSso + - ds:DescribeDirectories + delete: + - ds:DeleteDirectory + - ds:DescribeDirectories + - ec2:DescribeNetworkInterfaces + - ec2:DeleteSecurityGroup + - ec2:DeleteNetworkInterface + - ec2:RevokeSecurityGroupIngress + - ec2:RevokeSecurityGroupEgress + - ec2:DeleteTags + list: + - ds:DescribeDirectories + x-stackQL-resources: + simple_ads: + name: simple_ads + id: awscc.directoryservice.simple_ads + x-cfn-schema-name: SimpleAD + x-type: list + x-identifiers: + - DirectoryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DirectoryId') as directory_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DirectoryService::SimpleAD' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DirectoryId') as directory_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DirectoryService::SimpleAD' + AND region = 'us-east-1' + simple_ad: + name: simple_ad + id: awscc.directoryservice.simple_ad + x-cfn-schema-name: SimpleAD + x-type: get + x-identifiers: + - DirectoryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DirectoryId') as directory_id, + JSON_EXTRACT(Properties, '$.Alias') as alias, + JSON_EXTRACT(Properties, '$.DnsIpAddresses') as dns_ip_addresses, + JSON_EXTRACT(Properties, '$.CreateAlias') as create_alias, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EnableSso') as enable_sso, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Password') as password, + JSON_EXTRACT(Properties, '$.ShortName') as short_name, + JSON_EXTRACT(Properties, '$.Size') as size, + JSON_EXTRACT(Properties, '$.VpcSettings') as vpc_settings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DirectoryService::SimpleAD' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DirectoryId') as directory_id, + json_extract_path_text(Properties, 'Alias') as alias, + json_extract_path_text(Properties, 'DnsIpAddresses') as dns_ip_addresses, + json_extract_path_text(Properties, 'CreateAlias') as create_alias, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EnableSso') as enable_sso, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Password') as password, + json_extract_path_text(Properties, 'ShortName') as short_name, + json_extract_path_text(Properties, 'Size') as size, + json_extract_path_text(Properties, 'VpcSettings') as vpc_settings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DirectoryService::SimpleAD' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/dms.yaml b/providers/src/awscc/v00.00.00000/services/dms.yaml new file mode 100644 index 00000000..64f44ded --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/dms.yaml @@ -0,0 +1,819 @@ +openapi: 3.0.0 +info: + title: DMS + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + description: |- +

The key or keys of the key-value pairs for the resource tag or tags assigned to the + resource.

+ properties: + Key: + type: string + maxLength: 128 + minLength: 1 + description:

Tag key.

+ Value: + type: string + maxLength: 256 + minLength: 1 + description:

Tag value.

+ required: + - Key + - Value + additionalProperties: false + DmsSslModeValue: + type: string + enum: + - none + - require + - verify_ca + - verify_full + DataProvider: + type: object + properties: + DataProviderName: + description: The property describes a name to identify the data provider. + type: string + minLength: 1 + maxLength: 255 + DataProviderIdentifier: + description: The property describes an identifier for the data provider. It is used for describing/deleting/modifying can be name/arn + type: string + minLength: 1 + maxLength: 255 + DataProviderArn: + description: The data provider ARN. + type: string + minLength: 1 + maxLength: 255 + DataProviderCreationTime: + description: The data provider creation time. + type: string + minLength: 1 + maxLength: 40 + Description: + description: The optional description of the data provider. + type: string + minLength: 1 + maxLength: 255 + Engine: + description: The property describes a data engine for the data provider. + type: string + enum: + - postgres + - mysql + - oracle + - sqlserver + - aurora + - aurora_postgresql + ExactSettings: + description: The property describes the exact settings which can be modified + type: boolean + default: false + Settings: + description: The property identifies the exact type of settings for the data provider. + type: object + oneOf: + - description: PostgreSqlSettings property identifier. + type: object + additionalProperties: false + properties: + PostgreSqlSettings: + type: object + additionalProperties: false + properties: + ServerName: + type: string + Port: + type: integer + DatabaseName: + type: string + SslMode: + type: object + $ref: '#/components/schemas/DmsSslModeValue' + CertificateArn: + type: string + - description: MySqlSettings property identifier. + type: object + additionalProperties: false + properties: + MySqlSettings: + type: object + additionalProperties: false + properties: + ServerName: + type: string + Port: + type: integer + SslMode: + type: object + $ref: '#/components/schemas/DmsSslModeValue' + CertificateArn: + type: string + - description: OracleSettings property identifier. + type: object + additionalProperties: false + properties: + OracleSettings: + type: object + additionalProperties: false + properties: + ServerName: + type: string + Port: + type: integer + DatabaseName: + type: string + SslMode: + type: object + $ref: '#/components/schemas/DmsSslModeValue' + CertificateArn: + type: string + AsmServer: + type: string + SecretsManagerOracleAsmSecretId: + type: string + SecretsManagerOracleAsmAccessRoleArn: + type: string + SecretsManagerSecurityDbEncryptionSecretId: + type: string + SecretsManagerSecurityDbEncryptionAccessRoleArn: + type: string + - description: MicrosoftSqlServerSettings property identifier. + type: object + additionalProperties: false + properties: + MicrosoftSqlServerSettings: + type: object + additionalProperties: false + properties: + ServerName: + type: string + Port: + type: integer + DatabaseName: + type: string + SslMode: + type: object + $ref: '#/components/schemas/DmsSslModeValue' + CertificateArn: + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Engine + x-stackql-resource-name: data_provider + x-stackql-primaryIdentifier: + - DataProviderArn + x-read-only-properties: + - DataProviderArn + - DataProviderCreationTime + x-required-permissions: + create: + - dms:CreateDataProvider + - dms:ListDataProviders + - dms:DescribeDataProviders + - dms:AddTagsToResource + - dms:ListTagsForResource + read: + - dms:ListDataProviders + - dms:DescribeDataProviders + - dms:ListTagsForResource + update: + - dms:UpdateDataProvider + - dms:ModifyDataProvider + - dms:AddTagsToResource + - dms:RemoveTagsToResource + - dms:ListTagsForResource + delete: + - dms:DeleteDataProvider + list: + - dms:ListDataProviders + - dms:DescribeDataProviders + - dms:ListTagsForResource + InstanceProfile: + type: object + properties: + InstanceProfileArn: + description: The property describes an ARN of the instance profile. + type: string + minLength: 1 + maxLength: 255 + InstanceProfileIdentifier: + description: The property describes an identifier for the instance profile. It is used for describing/deleting/modifying. Can be name/arn + type: string + minLength: 1 + maxLength: 255 + AvailabilityZone: + description: The property describes an availability zone of the instance profile. + type: string + minLength: 1 + maxLength: 255 + Description: + description: The optional description of the instance profile. + type: string + minLength: 1 + maxLength: 255 + KmsKeyArn: + description: The property describes kms key arn for the instance profile. + type: string + minLength: 1 + maxLength: 255 + PubliclyAccessible: + description: The property describes the publicly accessible of the instance profile + type: boolean + default: false + NetworkType: + description: The property describes a network type for the instance profile. + type: string + enum: + - IPV4 + - IPV6 + - DUAL + InstanceProfileName: + description: The property describes a name for the instance profile. + type: string + minLength: 1 + maxLength: 255 + InstanceProfileCreationTime: + description: The property describes a creating time of the instance profile. + type: string + minLength: 1 + maxLength: 40 + SubnetGroupIdentifier: + description: The property describes a subnet group identifier for the instance profile. + type: string + minLength: 1 + maxLength: 255 + VpcSecurityGroups: + description: The property describes vps security groups for the instance profile. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: instance_profile + x-stackql-primaryIdentifier: + - InstanceProfileArn + x-read-only-properties: + - InstanceProfileArn + - InstanceProfileCreationTime + x-required-permissions: + create: + - dms:CreateInstanceProfile + - dms:ListInstanceProfiles + - dms:DescribeInstanceProfiles + - dms:AddTagsToResource + - dms:ListTagsForResource + read: + - dms:ListInstanceProfiles + - dms:DescribeInstanceProfiles + - dms:ListTagsForResource + update: + - dms:UpdateInstanceProfile + - dms:ModifyInstanceProfile + - dms:AddTagsToResource + - dms:RemoveTagsToResource + - dms:ListTagsForResource + delete: + - dms:DeleteInstanceProfile + list: + - dms:ListInstanceProfiles + - dms:DescribeInstanceProfiles + - dms:ListTagsForResource + DataProviderDescriptor: + type: object + description: It is an object that describes Source and Target DataProviders and credentials for connecting to databases that are used in MigrationProject + additionalProperties: false + properties: + DataProviderIdentifier: + type: string + DataProviderName: + type: string + DataProviderArn: + type: string + SecretsManagerSecretId: + type: string + SecretsManagerAccessRoleArn: + type: string + MigrationProject: + type: object + properties: + MigrationProjectName: + description: The property describes a name to identify the migration project. + type: string + minLength: 1 + maxLength: 255 + MigrationProjectIdentifier: + description: The property describes an identifier for the migration project. It is used for describing/deleting/modifying can be name/arn + type: string + minLength: 1 + maxLength: 255 + MigrationProjectArn: + description: The property describes an ARN of the migration project. + type: string + minLength: 1 + maxLength: 255 + MigrationProjectCreationTime: + description: The property describes a creating time of the migration project. + type: string + minLength: 1 + maxLength: 40 + InstanceProfileIdentifier: + description: The property describes an instance profile identifier for the migration project. For create + type: string + minLength: 1 + maxLength: 255 + InstanceProfileName: + description: The property describes an instance profile name for the migration project. For read + type: string + minLength: 1 + maxLength: 255 + InstanceProfileArn: + description: The property describes an instance profile arn for the migration project. For read + type: string + minLength: 1 + maxLength: 255 + TransformationRules: + description: The property describes transformation rules for the migration project. + type: string + Description: + description: The optional description of the migration project. + type: string + minLength: 1 + maxLength: 255 + SchemaConversionApplicationAttributes: + description: The property describes schema conversion application attributes for the migration project. + type: object + additionalProperties: false + properties: + S3BucketPath: + type: string + S3BucketRoleArn: + type: string + SourceDataProviderDescriptors: + description: The property describes source data provider descriptors for the migration project. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/DataProviderDescriptor' + TargetDataProviderDescriptors: + description: The property describes target data provider descriptors for the migration project. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/DataProviderDescriptor' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: migration_project + x-stackql-primaryIdentifier: + - MigrationProjectArn + x-read-only-properties: + - MigrationProjectArn + x-required-permissions: + create: + - dms:CreateMigrationProject + - dms:ListMigrationProjects + - dms:DescribeMigrationProjects + - dms:AddTagsToResource + - dms:ListTagsForResource + - iam:PassRole + read: + - dms:DescribeMigrationProjects + - dms:ListMigrationProjects + - dms:ListTagsForResource + update: + - dms:UpdateMigrationProject + - dms:ModifyMigrationProject + - dms:AddTagsToResource + - dms:RemoveTagsToResource + - dms:ListTagsForResource + - iam:PassRole + delete: + - dms:DeleteMigrationProject + list: + - dms:ListMigrationProjects + - dms:DescribeMigrationProjects + - dms:ListTagsForResource + ComputeConfig: + description: Configuration parameters for provisioning a AWS DMS Serverless replication + type: object + properties: + AvailabilityZone: + type: string + DnsNameServers: + type: string + KmsKeyId: + type: string + MaxCapacityUnits: + type: integer + MinCapacityUnits: + type: integer + MultiAZ: + type: boolean + PreferredMaintenanceWindow: + type: string + ReplicationSubnetGroupId: + type: string + VpcSecurityGroupIds: + type: array + items: + type: string + required: + - MaxCapacityUnits + additionalProperties: false + ReplicationConfig: + type: object + properties: + ReplicationConfigIdentifier: + description: A unique identifier of replication configuration + type: string + ReplicationConfigArn: + description: The Amazon Resource Name (ARN) of the Replication Config + type: string + SourceEndpointArn: + description: The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration + type: string + TargetEndpointArn: + description: The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS Serverless replication configuration + type: string + ReplicationType: + description: The type of AWS DMS Serverless replication to provision using this replication configuration + type: string + enum: + - full-load + - full-load-and-cdc + - cdc + ComputeConfig: + $ref: '#/components/schemas/ComputeConfig' + ReplicationSettings: + description: JSON settings for Servereless replications that are provisioned using this replication configuration + type: object + SupplementalSettings: + description: JSON settings for specifying supplemental data + type: object + ResourceIdentifier: + description: A unique value or name that you get set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource + type: string + TableMappings: + description: JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration + type: object + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + description:

Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.

+ x-stackql-resource-name: replication_config + x-stackql-primaryIdentifier: + - ReplicationConfigArn + x-create-only-properties: + - ResourceIdentifier + x-read-only-properties: + - /Properties/ReplicationConfigArn + x-required-permissions: + create: + - dms:CreateReplicationConfig + - dms:AddTagsToResource + - dms:ListTagsForResource + - iam:CreateServiceLinkedRole + - iam:AttachRolePolicy + - iam:PutRolePolicy + - iam:UpdateRoleDescription + read: + - dms:DescribeReplicationConfigs + - dms:ListTagsForResource + update: + - dms:ModifyReplicationConfig + - dms:AddTagsToResource + - dms:RemoveTagsToResource + - dms:ListTagsForResource + - iam:CreateServiceLinkedRole + - iam:AttachRolePolicy + - iam:PutRolePolicy + - iam:UpdateRoleDescription + list: + - dms:DescribeReplicationConfigs + - dms:ListTagsForResource + delete: + - dms:DescribeReplicationConfigs + - dms:DeleteReplicationConfig + - dms:ListTagsForResource + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + x-stackQL-resources: + data_providers: + name: data_providers + id: awscc.dms.data_providers + x-cfn-schema-name: DataProvider + x-type: list + x-identifiers: + - DataProviderArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DataProviderArn') as data_provider_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::DataProvider' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DataProviderArn') as data_provider_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::DataProvider' + AND region = 'us-east-1' + data_provider: + name: data_provider + id: awscc.dms.data_provider + x-cfn-schema-name: DataProvider + x-type: get + x-identifiers: + - DataProviderArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DataProviderName') as data_provider_name, + JSON_EXTRACT(Properties, '$.DataProviderIdentifier') as data_provider_identifier, + JSON_EXTRACT(Properties, '$.DataProviderArn') as data_provider_arn, + JSON_EXTRACT(Properties, '$.DataProviderCreationTime') as data_provider_creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.ExactSettings') as exact_settings, + JSON_EXTRACT(Properties, '$.Settings') as settings, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::DataProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DataProviderName') as data_provider_name, + json_extract_path_text(Properties, 'DataProviderIdentifier') as data_provider_identifier, + json_extract_path_text(Properties, 'DataProviderArn') as data_provider_arn, + json_extract_path_text(Properties, 'DataProviderCreationTime') as data_provider_creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'ExactSettings') as exact_settings, + json_extract_path_text(Properties, 'Settings') as settings, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::DataProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + instance_profiles: + name: instance_profiles + id: awscc.dms.instance_profiles + x-cfn-schema-name: InstanceProfile + x-type: list + x-identifiers: + - InstanceProfileArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceProfileArn') as instance_profile_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::InstanceProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceProfileArn') as instance_profile_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::InstanceProfile' + AND region = 'us-east-1' + instance_profile: + name: instance_profile + id: awscc.dms.instance_profile + x-cfn-schema-name: InstanceProfile + x-type: get + x-identifiers: + - InstanceProfileArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceProfileArn') as instance_profile_arn, + JSON_EXTRACT(Properties, '$.InstanceProfileIdentifier') as instance_profile_identifier, + JSON_EXTRACT(Properties, '$.AvailabilityZone') as availability_zone, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.PubliclyAccessible') as publicly_accessible, + JSON_EXTRACT(Properties, '$.NetworkType') as network_type, + JSON_EXTRACT(Properties, '$.InstanceProfileName') as instance_profile_name, + JSON_EXTRACT(Properties, '$.InstanceProfileCreationTime') as instance_profile_creation_time, + JSON_EXTRACT(Properties, '$.SubnetGroupIdentifier') as subnet_group_identifier, + JSON_EXTRACT(Properties, '$.VpcSecurityGroups') as vpc_security_groups, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::InstanceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceProfileArn') as instance_profile_arn, + json_extract_path_text(Properties, 'InstanceProfileIdentifier') as instance_profile_identifier, + json_extract_path_text(Properties, 'AvailabilityZone') as availability_zone, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'PubliclyAccessible') as publicly_accessible, + json_extract_path_text(Properties, 'NetworkType') as network_type, + json_extract_path_text(Properties, 'InstanceProfileName') as instance_profile_name, + json_extract_path_text(Properties, 'InstanceProfileCreationTime') as instance_profile_creation_time, + json_extract_path_text(Properties, 'SubnetGroupIdentifier') as subnet_group_identifier, + json_extract_path_text(Properties, 'VpcSecurityGroups') as vpc_security_groups, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::InstanceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + migration_projects: + name: migration_projects + id: awscc.dms.migration_projects + x-cfn-schema-name: MigrationProject + x-type: list + x-identifiers: + - MigrationProjectArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MigrationProjectArn') as migration_project_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::MigrationProject' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MigrationProjectArn') as migration_project_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::MigrationProject' + AND region = 'us-east-1' + migration_project: + name: migration_project + id: awscc.dms.migration_project + x-cfn-schema-name: MigrationProject + x-type: get + x-identifiers: + - MigrationProjectArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MigrationProjectName') as migration_project_name, + JSON_EXTRACT(Properties, '$.MigrationProjectIdentifier') as migration_project_identifier, + JSON_EXTRACT(Properties, '$.MigrationProjectArn') as migration_project_arn, + JSON_EXTRACT(Properties, '$.MigrationProjectCreationTime') as migration_project_creation_time, + JSON_EXTRACT(Properties, '$.InstanceProfileIdentifier') as instance_profile_identifier, + JSON_EXTRACT(Properties, '$.InstanceProfileName') as instance_profile_name, + JSON_EXTRACT(Properties, '$.InstanceProfileArn') as instance_profile_arn, + JSON_EXTRACT(Properties, '$.TransformationRules') as transformation_rules, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SchemaConversionApplicationAttributes') as schema_conversion_application_attributes, + JSON_EXTRACT(Properties, '$.SourceDataProviderDescriptors') as source_data_provider_descriptors, + JSON_EXTRACT(Properties, '$.TargetDataProviderDescriptors') as target_data_provider_descriptors, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::MigrationProject' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MigrationProjectName') as migration_project_name, + json_extract_path_text(Properties, 'MigrationProjectIdentifier') as migration_project_identifier, + json_extract_path_text(Properties, 'MigrationProjectArn') as migration_project_arn, + json_extract_path_text(Properties, 'MigrationProjectCreationTime') as migration_project_creation_time, + json_extract_path_text(Properties, 'InstanceProfileIdentifier') as instance_profile_identifier, + json_extract_path_text(Properties, 'InstanceProfileName') as instance_profile_name, + json_extract_path_text(Properties, 'InstanceProfileArn') as instance_profile_arn, + json_extract_path_text(Properties, 'TransformationRules') as transformation_rules, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SchemaConversionApplicationAttributes') as schema_conversion_application_attributes, + json_extract_path_text(Properties, 'SourceDataProviderDescriptors') as source_data_provider_descriptors, + json_extract_path_text(Properties, 'TargetDataProviderDescriptors') as target_data_provider_descriptors, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::MigrationProject' + AND data__Identifier = '' + AND region = 'us-east-1' + replication_configs: + name: replication_configs + id: awscc.dms.replication_configs + x-cfn-schema-name: ReplicationConfig + x-type: list + x-identifiers: + - ReplicationConfigArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReplicationConfigArn') as replication_config_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::ReplicationConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReplicationConfigArn') as replication_config_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DMS::ReplicationConfig' + AND region = 'us-east-1' + replication_config: + name: replication_config + id: awscc.dms.replication_config + x-cfn-schema-name: ReplicationConfig + x-type: get + x-identifiers: + - ReplicationConfigArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReplicationConfigIdentifier') as replication_config_identifier, + JSON_EXTRACT(Properties, '$.ReplicationConfigArn') as replication_config_arn, + JSON_EXTRACT(Properties, '$.SourceEndpointArn') as source_endpoint_arn, + JSON_EXTRACT(Properties, '$.TargetEndpointArn') as target_endpoint_arn, + JSON_EXTRACT(Properties, '$.ReplicationType') as replication_type, + JSON_EXTRACT(Properties, '$.ComputeConfig') as compute_config, + JSON_EXTRACT(Properties, '$.ReplicationSettings') as replication_settings, + JSON_EXTRACT(Properties, '$.SupplementalSettings') as supplemental_settings, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier, + JSON_EXTRACT(Properties, '$.TableMappings') as table_mappings, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::ReplicationConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReplicationConfigIdentifier') as replication_config_identifier, + json_extract_path_text(Properties, 'ReplicationConfigArn') as replication_config_arn, + json_extract_path_text(Properties, 'SourceEndpointArn') as source_endpoint_arn, + json_extract_path_text(Properties, 'TargetEndpointArn') as target_endpoint_arn, + json_extract_path_text(Properties, 'ReplicationType') as replication_type, + json_extract_path_text(Properties, 'ComputeConfig') as compute_config, + json_extract_path_text(Properties, 'ReplicationSettings') as replication_settings, + json_extract_path_text(Properties, 'SupplementalSettings') as supplemental_settings, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier, + json_extract_path_text(Properties, 'TableMappings') as table_mappings, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DMS::ReplicationConfig' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/docdbelastic.yaml b/providers/src/awscc/v00.00.00000/services/docdbelastic.yaml new file mode 100644 index 00000000..b67484b4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/docdbelastic.yaml @@ -0,0 +1,222 @@ +openapi: 3.0.0 +info: + title: DocDBElastic + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + properties: + Key: + type: string + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + maxLength: 128 + minLength: 1 + Value: + type: string + maxLength: 256 + minLength: 0 + required: + - Key + - Value + additionalProperties: false + Cluster: + type: object + properties: + ClusterName: + type: string + pattern: '[a-zA-z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*' + maxLength: 50 + minLength: 1 + ClusterArn: + type: string + ClusterEndpoint: + type: string + AdminUserName: + type: string + AdminUserPassword: + type: string + ShardCapacity: + type: integer + ShardCount: + type: integer + VpcSecurityGroupIds: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + SubnetIds: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + PreferredMaintenanceWindow: + type: string + KmsKeyId: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + maxItems: 50 + minItems: 0 + AuthType: + type: string + required: + - ClusterName + - AdminUserName + - ShardCapacity + - ShardCount + - AuthType + x-stackql-resource-name: cluster + x-stackql-primaryIdentifier: + - ClusterArn + x-create-only-properties: + - AdminUserName + - AuthType + - ClusterName + - KmsKeyId + x-read-only-properties: + - ClusterArn + - ClusterEndpoint + x-required-permissions: + create: + - docdb-elastic:CreateCluster + - ec2:CreateVpcEndpoint + - ec2:DescribeVpcEndpoints + - ec2:DeleteVpcEndpoints + - ec2:ModifyVpcEndpoint + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - ec2:DescribeAvailabilityZones + - secretsmanager:ListSecrets + - secretsmanager:ListSecretVersionIds + - secretsmanager:DescribeSecret + - secretsmanager:GetSecretValue + - secretsmanager:GetResourcePolicy + - kms:DescribeKey + - kms:CreateGrant + - kms:GenerateDataKey + - kms:Decrypt + - iam:CreateServiceLinkedRole + read: + - docdb-elastic:GetCluster + - docdb-elastic:ListTagsForResource + update: + - docdb-elastic:UpdateCluster + - docdb-elastic:TagResource + - docdb-elastic:UntagResource + - ec2:CreateVpcEndpoint + - ec2:DescribeVpcEndpoints + - ec2:DeleteVpcEndpoints + - ec2:ModifyVpcEndpoint + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - ec2:DescribeAvailabilityZones + - secretsmanager:ListSecrets + - secretsmanager:ListSecretVersionIds + - secretsmanager:DescribeSecret + - secretsmanager:GetSecretValue + - secretsmanager:GetResourcePolicy + - kms:DescribeKey + - kms:CreateGrant + - kms:GenerateDataKey + - kms:Decrypt + delete: + - docdb-elastic:DeleteCluster + - ec2:DescribeVpcEndpoints + - ec2:DeleteVpcEndpoints + - ec2:ModifyVpcEndpoint + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - ec2:DescribeAvailabilityZones + list: + - docdb-elastic:ListClusters + x-stackQL-resources: + clusters: + name: clusters + id: awscc.docdbelastic.clusters + x-cfn-schema-name: Cluster + x-type: list + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DocDBElastic::Cluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DocDBElastic::Cluster' + AND region = 'us-east-1' + cluster: + name: cluster + id: awscc.docdbelastic.cluster + x-cfn-schema-name: Cluster + x-type: get + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn, + JSON_EXTRACT(Properties, '$.ClusterEndpoint') as cluster_endpoint, + JSON_EXTRACT(Properties, '$.AdminUserName') as admin_user_name, + JSON_EXTRACT(Properties, '$.AdminUserPassword') as admin_user_password, + JSON_EXTRACT(Properties, '$.ShardCapacity') as shard_capacity, + JSON_EXTRACT(Properties, '$.ShardCount') as shard_count, + JSON_EXTRACT(Properties, '$.VpcSecurityGroupIds') as vpc_security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AuthType') as auth_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DocDBElastic::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn, + json_extract_path_text(Properties, 'ClusterEndpoint') as cluster_endpoint, + json_extract_path_text(Properties, 'AdminUserName') as admin_user_name, + json_extract_path_text(Properties, 'AdminUserPassword') as admin_user_password, + json_extract_path_text(Properties, 'ShardCapacity') as shard_capacity, + json_extract_path_text(Properties, 'ShardCount') as shard_count, + json_extract_path_text(Properties, 'VpcSecurityGroupIds') as vpc_security_group_ids, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AuthType') as auth_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DocDBElastic::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/dynamodb.yaml b/providers/src/awscc/v00.00.00000/services/dynamodb.yaml new file mode 100644 index 00000000..09d8c513 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/dynamodb.yaml @@ -0,0 +1,964 @@ +openapi: 3.0.0 +info: + title: DynamoDB + version: 1.0.0 +paths: {} +components: + schemas: + LocalSecondaryIndex: + description: Represents the properties of a local secondary index. A local secondary index can only be created when its parent table is created. + additionalProperties: false + type: object + properties: + IndexName: + description: The name of the local secondary index. The name must be unique among all other indexes on this table. + type: string + Projection: + description: Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. + $ref: '#/components/schemas/Projection' + KeySchema: + uniqueItems: true + description: |- + The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types: + + ``HASH`` - partition key + + ``RANGE`` - sort key + + The partition key of an item is also known as its *hash attribute*. The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. + The sort key of an item is also known as its *range attribute*. The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. + type: array + items: + $ref: '#/components/schemas/KeySchema' + required: + - IndexName + - Projection + - KeySchema + SSESpecification: + description: Represents the settings used to enable server-side encryption. + additionalProperties: false + type: object + properties: + SSEEnabled: + description: Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to ``KMS`` and an AWS managed key is used (KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key. + type: boolean + SSEType: + description: |- + Server-side encryption type. The only supported value is: + + ``KMS`` - Server-side encryption that uses KMSlong. The key is stored in your account and is managed by KMS (KMS charges apply). + type: string + KMSMasterKeyId: + description: The KMS key that should be used for the KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key ``alias/aws/dynamodb``. + type: string + required: + - SSEEnabled + KinesisStreamSpecification: + description: The Kinesis Data Streams configuration for the specified table. + additionalProperties: false + type: object + properties: + ApproximateCreationDateTimePrecision: + description: The precision for the time and date that the stream was created. + type: string + enum: + - MICROSECOND + - MILLISECOND + StreamArn: + description: |- + The ARN for a specific Kinesis data stream. + Length Constraints: Minimum length of 37. Maximum length of 1024. + type: string + required: + - StreamArn + StreamSpecification: + description: Represents the DynamoDB Streams configuration for a table in DynamoDB. + additionalProperties: false + type: object + properties: + StreamViewType: + description: |- + When an item in the table is modified, ``StreamViewType`` determines what information is written to the stream for this table. Valid values for ``StreamViewType`` are: + + ``KEYS_ONLY`` - Only the key attributes of the modified item are written to the stream. + + ``NEW_IMAGE`` - The entire item, as it appears after it was modified, is written to the stream. + + ``OLD_IMAGE`` - The entire item, as it appeared before it was modified, is written to the stream. + + ``NEW_AND_OLD_IMAGES`` - Both the new and the old item images of the item are written to the stream. + type: string + required: + - StreamViewType + ContributorInsightsSpecification: + description: The settings used to enable or disable CloudWatch Contributor Insights. + additionalProperties: false + type: object + properties: + Enabled: + description: Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false). + type: boolean + required: + - Enabled + ReplicaSpecification: + additionalProperties: false + type: object + properties: + SSESpecification: + $ref: '#/components/schemas/ReplicaSSESpecification' + KinesisStreamSpecification: + $ref: '#/components/schemas/KinesisStreamSpecification' + ContributorInsightsSpecification: + $ref: '#/components/schemas/ContributorInsightsSpecification' + GlobalSecondaryIndexes: + uniqueItems: true + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ReplicaGlobalSecondaryIndexSpecification' + Region: + type: string + PointInTimeRecoverySpecification: + $ref: '#/components/schemas/PointInTimeRecoverySpecification' + ReadProvisionedThroughputSettings: + $ref: '#/components/schemas/ReadProvisionedThroughputSettings' + TableClass: + type: string + DeletionProtectionEnabled: + type: boolean + Tags: + uniqueItems: true + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - Region + CapacityAutoScalingSettings: + additionalProperties: false + type: object + properties: + MinCapacity: + type: integer + minimum: 1 + SeedCapacity: + type: integer + minimum: 1 + TargetTrackingScalingPolicyConfiguration: + $ref: '#/components/schemas/TargetTrackingScalingPolicyConfiguration' + MaxCapacity: + type: integer + minimum: 1 + required: + - MinCapacity + - MaxCapacity + - TargetTrackingScalingPolicyConfiguration + AttributeDefinition: + description: Represents an attribute for describing the schema for the table and indexes. + additionalProperties: false + type: object + properties: + AttributeType: + description: |- + The data type for the attribute, where: + + ``S`` - the attribute is of type String + + ``N`` - the attribute is of type Number + + ``B`` - the attribute is of type Binary + type: string + AttributeName: + description: A name for the attribute. + type: string + required: + - AttributeName + - AttributeType + Projection: + description: Represents attributes that are copied (projected) from the table into an index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. + additionalProperties: false + type: object + properties: + NonKeyAttributes: + uniqueItems: false + description: |- + Represents the non-key attribute names which will be projected into the index. + For local secondary indexes, the total count of ``NonKeyAttributes`` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. + type: array + items: + type: string + ProjectionType: + description: |- + The set of attributes that are projected into the index: + + ``KEYS_ONLY`` - Only the index and primary keys are projected into the index. + + ``INCLUDE`` - In addition to the attributes described in ``KEYS_ONLY``, the secondary index will include other non-key attributes that you specify. + + ``ALL`` - All of the table attributes are projected into the index. + + When using the DynamoDB console, ``ALL`` is selected by default. + type: string + PointInTimeRecoverySpecification: + description: The settings used to enable point in time recovery. + additionalProperties: false + type: object + properties: + PointInTimeRecoveryEnabled: + description: Indicates whether point in time recovery is enabled (true) or disabled (false) on the table. + type: boolean + ReplicaGlobalSecondaryIndexSpecification: + additionalProperties: false + type: object + properties: + IndexName: + minLength: 3 + type: string + maxLength: 255 + ContributorInsightsSpecification: + $ref: '#/components/schemas/ContributorInsightsSpecification' + ReadProvisionedThroughputSettings: + $ref: '#/components/schemas/ReadProvisionedThroughputSettings' + required: + - IndexName + TargetTrackingScalingPolicyConfiguration: + additionalProperties: false + type: object + properties: + ScaleOutCooldown: + type: integer + minimum: 0 + TargetValue: + format: double + type: number + DisableScaleIn: + type: boolean + ScaleInCooldown: + type: integer + minimum: 0 + required: + - TargetValue + GlobalSecondaryIndex: + description: Represents the properties of a global secondary index. + additionalProperties: false + type: object + properties: + IndexName: + description: The name of the global secondary index. The name must be unique among all other indexes on this table. + type: string + ContributorInsightsSpecification: + description: The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index. + $ref: '#/components/schemas/ContributorInsightsSpecification' + Projection: + description: Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. + $ref: '#/components/schemas/Projection' + ProvisionedThroughput: + description: |- + Represents the provisioned throughput settings for the specified global secondary index. + For current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide*. + $ref: '#/components/schemas/ProvisionedThroughput' + KeySchema: + uniqueItems: true + description: |- + The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types: + + ``HASH`` - partition key + + ``RANGE`` - sort key + + The partition key of an item is also known as its *hash attribute*. The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. + The sort key of an item is also known as its *range attribute*. The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. + type: array + items: + $ref: '#/components/schemas/KeySchema' + required: + - IndexName + - Projection + - KeySchema + WriteProvisionedThroughputSettings: + additionalProperties: false + type: object + properties: + WriteCapacityAutoScalingSettings: + $ref: '#/components/schemas/CapacityAutoScalingSettings' + ReplicaSSESpecification: + additionalProperties: false + type: object + properties: + KMSMasterKeyId: + type: string + required: + - KMSMasterKeyId + KeySchema: + description: |- + Represents *a single element* of a key schema. A key schema specifies the attributes that make up the primary key of a table, or the key attributes of an index. + A ``KeySchemaElement`` represents exactly one attribute of the primary key. For example, a simple primary key would be represented by one ``KeySchemaElement`` (for the partition key). A composite primary key would require one ``KeySchemaElement`` for the partition key, and another ``KeySchemaElement`` for the sort key. + A ``KeySchemaElement`` must be a scalar, top-level attribute (not a nested attribute). The data type must be one of String, Number, or Binary. The attribute cannot be nested within a List or a Map. + additionalProperties: false + type: object + properties: + KeyType: + description: |- + The role that this key attribute will assume: + + ``HASH`` - partition key + + ``RANGE`` - sort key + + The partition key of an item is also known as its *hash attribute*. The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. + The sort key of an item is also known as its *range attribute*. The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. + type: string + AttributeName: + description: The name of a key attribute. + type: string + required: + - KeyType + - AttributeName + Tag: + description: |- + Describes a tag. A tag is a key-value pair. You can add up to 50 tags to a single DynamoDB table. + AWS-assigned tag names and values are automatically assigned the ``aws:`` prefix, which the user cannot assign. AWS-assigned tag names do not count towards the tag limit of 50. User-assigned tag names have the prefix ``user:`` in the Cost Allocation Report. You cannot backdate the application of a tag. + For an overview on tagging DynamoDB resources, see [Tagging for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html) in the *Amazon DynamoDB Developer Guide*. + additionalProperties: false + type: object + properties: + Value: + description: The value of the tag. Tag values are case-sensitive and can be null. + type: string + Key: + description: The key of the tag. Tag keys are case sensitive. Each DynamoDB table can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value. + type: string + required: + - Value + - Key + ReadProvisionedThroughputSettings: + additionalProperties: false + type: object + properties: + ReadCapacityUnits: + type: integer + minimum: 1 + ReadCapacityAutoScalingSettings: + $ref: '#/components/schemas/CapacityAutoScalingSettings' + TimeToLiveSpecification: + description: Represents the settings used to enable or disable Time to Live (TTL) for the specified table. + additionalProperties: false + type: object + properties: + Enabled: + description: Indicates whether TTL is to be enabled (true) or disabled (false) on the table. + type: boolean + AttributeName: + description: |- + The name of the TTL attribute used to store the expiration time for items in the table. + + The ``AttributeName`` property is required when enabling the TTL, or when TTL is already enabled. + + To update this property, you must first disable TTL and then enable TTL with the new attribute name. + type: string + required: + - Enabled + GlobalTable: + type: object + properties: + TableId: + type: string + SSESpecification: + $ref: '#/components/schemas/SSESpecification' + StreamSpecification: + $ref: '#/components/schemas/StreamSpecification' + Replicas: + minItems: 1 + uniqueItems: true + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ReplicaSpecification' + WriteProvisionedThroughputSettings: + $ref: '#/components/schemas/WriteProvisionedThroughputSettings' + TableName: + type: string + AttributeDefinitions: + minItems: 1 + uniqueItems: true + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/AttributeDefinition' + BillingMode: + type: string + GlobalSecondaryIndexes: + uniqueItems: true + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/GlobalSecondaryIndex' + KeySchema: + minItems: 1 + maxItems: 2 + uniqueItems: true + type: array + items: + $ref: '#/components/schemas/KeySchema' + LocalSecondaryIndexes: + uniqueItems: true + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/LocalSecondaryIndex' + Arn: + type: string + StreamArn: + type: string + TimeToLiveSpecification: + $ref: '#/components/schemas/TimeToLiveSpecification' + required: + - KeySchema + - AttributeDefinitions + - Replicas + x-stackql-resource-name: global_table + x-stackql-primaryIdentifier: + - TableName + x-create-only-properties: + - LocalSecondaryIndexes + - TableName + - KeySchema + x-read-only-properties: + - Arn + - StreamArn + - TableId + x-required-permissions: + read: + - dynamodb:Describe* + - dynamodb:GetResourcePolicy + - application-autoscaling:Describe* + - cloudwatch:PutMetricData + - dynamodb:ListTagsOfResource + - kms:DescribeKey + create: + - dynamodb:CreateTable + - dynamodb:CreateTableReplica + - dynamodb:Describe* + - dynamodb:UpdateTimeToLive + - dynamodb:UpdateContributorInsights + - dynamodb:UpdateContinuousBackups + - dynamodb:ListTagsOfResource + - dynamodb:Query + - dynamodb:Scan + - dynamodb:UpdateItem + - dynamodb:PutItem + - dynamodb:GetItem + - dynamodb:DeleteItem + - dynamodb:BatchWriteItem + - dynamodb:TagResource + - dynamodb:EnableKinesisStreamingDestination + - dynamodb:DisableKinesisStreamingDestination + - dynamodb:UpdateTableReplicaAutoScaling + - dynamodb:TagResource + - dynamodb:GetResourcePolicy + - dynamodb:PutResourcePolicy + - application-autoscaling:DeleteScalingPolicy + - application-autoscaling:DeleteScheduledAction + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:Describe* + - application-autoscaling:PutScalingPolicy + - application-autoscaling:PutScheduledAction + - application-autoscaling:RegisterScalableTarget + - kinesis:ListStreams + - kinesis:DescribeStream + - kinesis:PutRecords + - kms:CreateGrant + - kms:DescribeKey + - kms:ListAliases + - kms:Decrypt + - kms:RevokeGrant + - cloudwatch:PutMetricData + - iam:CreateServiceLinkedRole + update: + - dynamodb:Describe* + - dynamodb:CreateTableReplica + - dynamodb:UpdateTable + - dynamodb:UpdateTimeToLive + - dynamodb:UpdateContinuousBackups + - dynamodb:UpdateContributorInsights + - dynamodb:ListTagsOfResource + - dynamodb:Query + - dynamodb:Scan + - dynamodb:UpdateItem + - dynamodb:PutItem + - dynamodb:GetItem + - dynamodb:DeleteItem + - dynamodb:BatchWriteItem + - dynamodb:DeleteTable + - dynamodb:DeleteTableReplica + - dynamodb:UpdateItem + - dynamodb:TagResource + - dynamodb:UntagResource + - dynamodb:EnableKinesisStreamingDestination + - dynamodb:DisableKinesisStreamingDestination + - dynamodb:UpdateTableReplicaAutoScaling + - dynamodb:UpdateKinesisStreamingDestination + - dynamodb:GetResourcePolicy + - dynamodb:PutResourcePolicy + - dynamodb:DeleteResourcePolicy + - application-autoscaling:DeleteScalingPolicy + - application-autoscaling:DeleteScheduledAction + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:Describe* + - application-autoscaling:PutScalingPolicy + - application-autoscaling:PutScheduledAction + - application-autoscaling:RegisterScalableTarget + - kinesis:ListStreams + - kinesis:DescribeStream + - kinesis:PutRecords + - kms:CreateGrant + - kms:DescribeKey + - kms:ListAliases + - kms:RevokeGrant + - cloudwatch:PutMetricData + list: + - dynamodb:ListTables + - cloudwatch:PutMetricData + delete: + - dynamodb:Describe* + - dynamodb:DeleteTable + - application-autoscaling:DeleteScalingPolicy + - application-autoscaling:DeleteScheduledAction + - application-autoscaling:DeregisterScalableTarget + - application-autoscaling:Describe* + - application-autoscaling:PutScalingPolicy + - application-autoscaling:PutScheduledAction + - application-autoscaling:RegisterScalableTarget + InputFormatOptions: + description: The format options for the data that was imported into the target table. There is one value, CsvOption. + additionalProperties: false + type: object + properties: + Csv: + description: The options for imported source files in CSV format. The values are Delimiter and HeaderList. + $ref: '#/components/schemas/Csv' + Csv: + description: The options for imported source files in CSV format. The values are Delimiter and HeaderList. + additionalProperties: false + type: object + properties: + Delimiter: + description: The delimiter used for separating items in the CSV file being imported. + type: string + HeaderList: + uniqueItems: true + description: List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header. + type: array + items: + type: string + ImportSourceSpecification: + description: Specifies the properties of data being imported from the S3 bucket source to the table. + additionalProperties: false + type: object + properties: + S3BucketSource: + description: The S3 bucket that provides the source for the import. + $ref: '#/components/schemas/S3BucketSource' + InputFormat: + description: The format of the source data. Valid values for ``ImportFormat`` are ``CSV``, ``DYNAMODB_JSON`` or ``ION``. + type: string + InputFormatOptions: + description: Additional properties that specify how the input is formatted, + $ref: '#/components/schemas/InputFormatOptions' + InputCompressionType: + description: Type of compression to be used on the input coming from the imported table. + type: string + required: + - S3BucketSource + - InputFormat + ProvisionedThroughput: + description: Throughput for the specified table, which consists of values for ``ReadCapacityUnits`` and ``WriteCapacityUnits``. For more information about the contents of a provisioned throughput structure, see [Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html). + additionalProperties: false + type: object + properties: + WriteCapacityUnits: + description: |- + The maximum number of writes consumed per second before DynamoDB returns a ``ThrottlingException``. For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide*. + If read/write capacity mode is ``PAY_PER_REQUEST`` the value is set to 0. + type: integer + ReadCapacityUnits: + description: |- + The maximum number of strongly consistent reads consumed per second before DynamoDB returns a ``ThrottlingException``. For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide*. + If read/write capacity mode is ``PAY_PER_REQUEST`` the value is set to 0. + type: integer + required: + - WriteCapacityUnits + - ReadCapacityUnits + S3BucketSource: + description: The S3 bucket that is being imported from. + additionalProperties: false + type: object + properties: + S3Bucket: + description: The S3 bucket that is being imported from. + type: string + S3KeyPrefix: + description: The key prefix shared by all S3 Objects that are being imported. + type: string + S3BucketOwner: + description: The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional. + type: string + required: + - S3Bucket + DeprecatedKeySchema: + description: '' + additionalProperties: false + type: object + properties: + HashKeyElement: + $ref: '#/components/schemas/DeprecatedHashKeyElement' + required: + - HashKeyElement + DeprecatedHashKeyElement: + description: '' + additionalProperties: false + type: object + properties: + AttributeType: + type: string + AttributeName: + type: string + required: + - AttributeType + - AttributeName + Table: + type: object + properties: + SSESpecification: + description: Specifies the settings to enable server-side encryption. + $ref: '#/components/schemas/SSESpecification' + KinesisStreamSpecification: + description: The Kinesis Data Streams configuration for the specified table. + $ref: '#/components/schemas/KinesisStreamSpecification' + StreamSpecification: + description: The settings for the DDB table stream, which capture changes to items stored in the table. + $ref: '#/components/schemas/StreamSpecification' + ContributorInsightsSpecification: + description: The settings used to enable or disable CloudWatch Contributor Insights for the specified table. + $ref: '#/components/schemas/ContributorInsightsSpecification' + ImportSourceSpecification: + description: |- + Specifies the properties of data being imported from the S3 bucket source to the table. + If you specify the ``ImportSourceSpecification`` property, and also specify either the ``StreamSpecification``, the ``TableClass`` property, or the ``DeletionProtectionEnabled`` property, the IAM entity creating/updating stack must have ``UpdateTable`` permission. + $ref: '#/components/schemas/ImportSourceSpecification' + PointInTimeRecoverySpecification: + description: The settings used to enable point in time recovery. + $ref: '#/components/schemas/PointInTimeRecoverySpecification' + ProvisionedThroughput: + description: |- + Throughput for the specified table, which consists of values for ``ReadCapacityUnits`` and ``WriteCapacityUnits``. For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html). + If you set ``BillingMode`` as ``PROVISIONED``, you must specify this property. If you set ``BillingMode`` as ``PAY_PER_REQUEST``, you cannot specify this property. + $ref: '#/components/schemas/ProvisionedThroughput' + TableName: + description: |- + A name for the table. If you don't specify a name, CFNlong generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html). + If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. + type: string + AttributeDefinitions: + uniqueItems: true + description: |- + A list of attributes that describe the key schema for the table and indexes. + This property is required to create a DDB table. + Update requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt). Replacement if you edit an existing AttributeDefinition. + type: array + items: + $ref: '#/components/schemas/AttributeDefinition' + BillingMode: + description: |- + Specify how you are charged for read and write throughput and how you manage capacity. + Valid values include: + + ``PROVISIONED`` - We recommend using ``PROVISIONED`` for predictable workloads. ``PROVISIONED`` sets the billing mode to [Provisioned Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual). + + ``PAY_PER_REQUEST`` - We recommend using ``PAY_PER_REQUEST`` for unpredictable workloads. ``PAY_PER_REQUEST`` sets the billing mode to [On-Demand Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand). + + If not specified, the default is ``PROVISIONED``. + type: string + GlobalSecondaryIndexes: + uniqueItems: false + description: |- + Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes. + If you update a table to include a new global secondary index, CFNlong initiates the index creation and then proceeds with the stack update. CFNlong doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is ``ACTIVE``. You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command. + If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index. + Updates are not supported. The following are exceptions: + + If you update either the contributor insights specification or the provisioned throughput value + type: array + items: + $ref: '#/components/schemas/GlobalSecondaryIndex' + KeySchema: + oneOf: + - uniqueItems: true + type: array + items: + $ref: '#/components/schemas/KeySchema' + - type: object + description: Specifies the attributes that make up the primary key for the table. The attributes in the ``KeySchema`` property must also be defined in the ``AttributeDefinitions`` property. + LocalSecondaryIndexes: + uniqueItems: false + description: Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. + type: array + items: + $ref: '#/components/schemas/LocalSecondaryIndex' + Arn: + description: '' + type: string + StreamArn: + description: '' + type: string + DeletionProtectionEnabled: + description: Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Developer Guide*. + type: boolean + TableClass: + description: The table class of the new table. Valid values are ``STANDARD`` and ``STANDARD_INFREQUENT_ACCESS``. + type: string + Tags: + uniqueItems: false + description: |- + An array of key-value pairs to apply to this resource. + For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). + type: array + items: + $ref: '#/components/schemas/Tag' + TimeToLiveSpecification: + description: |- + Specifies the Time to Live (TTL) settings for the table. + For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide. + $ref: '#/components/schemas/TimeToLiveSpecification' + required: + - KeySchema + x-stackql-resource-name: table + x-stackql-primaryIdentifier: + - TableName + x-create-only-properties: + - TableName + - ImportSourceSpecification + x-read-only-properties: + - Arn + - StreamArn + x-required-permissions: + read: + - dynamodb:DescribeTable + - dynamodb:DescribeContinuousBackups + - dynamodb:DescribeContributorInsights + - dynamodb:DescribeKinesisStreamingDestination + - dynamodb:ListTagsOfResource + - dynamodb:GetResourcePolicy + create: + - dynamodb:CreateTable + - dynamodb:DescribeImport + - dynamodb:DescribeTable + - dynamodb:DescribeTimeToLive + - dynamodb:UpdateTimeToLive + - dynamodb:UpdateContributorInsights + - dynamodb:UpdateContinuousBackups + - dynamodb:DescribeContinuousBackups + - dynamodb:DescribeContributorInsights + - dynamodb:EnableKinesisStreamingDestination + - dynamodb:DisableKinesisStreamingDestination + - dynamodb:DescribeKinesisStreamingDestination + - dynamodb:ImportTable + - dynamodb:ListTagsOfResource + - dynamodb:TagResource + - dynamodb:UpdateTable + - dynamodb:GetResourcePolicy + - dynamodb:PutResourcePolicy + - kinesis:DescribeStream + - kinesis:PutRecords + - iam:CreateServiceLinkedRole + - kms:CreateGrant + - kms:Decrypt + - kms:DescribeKey + - kms:ListAliases + - kms:Encrypt + - kms:RevokeGrant + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:DescribeLogGroups + - logs:DescribeLogStreams + - logs:PutLogEvents + - logs:PutRetentionPolicy + - s3:GetObject + - s3:GetObjectMetadata + - s3:ListBucket + update: + - dynamodb:UpdateTable + - dynamodb:DescribeTable + - dynamodb:DescribeTimeToLive + - dynamodb:UpdateTimeToLive + - dynamodb:UpdateContinuousBackups + - dynamodb:UpdateContributorInsights + - dynamodb:UpdateKinesisStreamingDestination + - dynamodb:DescribeContinuousBackups + - dynamodb:DescribeKinesisStreamingDestination + - dynamodb:ListTagsOfResource + - dynamodb:TagResource + - dynamodb:UntagResource + - dynamodb:DescribeContributorInsights + - dynamodb:EnableKinesisStreamingDestination + - dynamodb:DisableKinesisStreamingDestination + - dynamodb:GetResourcePolicy + - dynamodb:PutResourcePolicy + - dynamodb:DeleteResourcePolicy + - kinesis:DescribeStream + - kinesis:PutRecords + - iam:CreateServiceLinkedRole + - kms:CreateGrant + - kms:DescribeKey + - kms:ListAliases + - kms:RevokeGrant + list: + - dynamodb:ListTables + delete: + - dynamodb:DeleteTable + - dynamodb:DescribeTable + x-stackQL-resources: + global_tables: + name: global_tables + id: awscc.dynamodb.global_tables + x-cfn-schema-name: GlobalTable + x-type: list + x-identifiers: + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DynamoDB::GlobalTable' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DynamoDB::GlobalTable' + AND region = 'us-east-1' + global_table: + name: global_table + id: awscc.dynamodb.global_table + x-cfn-schema-name: GlobalTable + x-type: get + x-identifiers: + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TableId') as table_id, + JSON_EXTRACT(Properties, '$.SSESpecification') as s_se_specification, + JSON_EXTRACT(Properties, '$.StreamSpecification') as stream_specification, + JSON_EXTRACT(Properties, '$.Replicas') as replicas, + JSON_EXTRACT(Properties, '$.WriteProvisionedThroughputSettings') as write_provisioned_throughput_settings, + JSON_EXTRACT(Properties, '$.TableName') as table_name, + JSON_EXTRACT(Properties, '$.AttributeDefinitions') as attribute_definitions, + JSON_EXTRACT(Properties, '$.BillingMode') as billing_mode, + JSON_EXTRACT(Properties, '$.GlobalSecondaryIndexes') as global_secondary_indexes, + JSON_EXTRACT(Properties, '$.KeySchema') as key_schema, + JSON_EXTRACT(Properties, '$.LocalSecondaryIndexes') as local_secondary_indexes, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.StreamArn') as stream_arn, + JSON_EXTRACT(Properties, '$.TimeToLiveSpecification') as time_to_live_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DynamoDB::GlobalTable' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TableId') as table_id, + json_extract_path_text(Properties, 'SSESpecification') as s_se_specification, + json_extract_path_text(Properties, 'StreamSpecification') as stream_specification, + json_extract_path_text(Properties, 'Replicas') as replicas, + json_extract_path_text(Properties, 'WriteProvisionedThroughputSettings') as write_provisioned_throughput_settings, + json_extract_path_text(Properties, 'TableName') as table_name, + json_extract_path_text(Properties, 'AttributeDefinitions') as attribute_definitions, + json_extract_path_text(Properties, 'BillingMode') as billing_mode, + json_extract_path_text(Properties, 'GlobalSecondaryIndexes') as global_secondary_indexes, + json_extract_path_text(Properties, 'KeySchema') as key_schema, + json_extract_path_text(Properties, 'LocalSecondaryIndexes') as local_secondary_indexes, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'StreamArn') as stream_arn, + json_extract_path_text(Properties, 'TimeToLiveSpecification') as time_to_live_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DynamoDB::GlobalTable' + AND data__Identifier = '' + AND region = 'us-east-1' + tables: + name: tables + id: awscc.dynamodb.tables + x-cfn-schema-name: Table + x-type: list + x-identifiers: + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DynamoDB::Table' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::DynamoDB::Table' + AND region = 'us-east-1' + table: + name: table + id: awscc.dynamodb.table + x-cfn-schema-name: Table + x-type: get + x-identifiers: + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SSESpecification') as s_se_specification, + JSON_EXTRACT(Properties, '$.KinesisStreamSpecification') as kinesis_stream_specification, + JSON_EXTRACT(Properties, '$.StreamSpecification') as stream_specification, + JSON_EXTRACT(Properties, '$.ContributorInsightsSpecification') as contributor_insights_specification, + JSON_EXTRACT(Properties, '$.ImportSourceSpecification') as import_source_specification, + JSON_EXTRACT(Properties, '$.PointInTimeRecoverySpecification') as point_in_time_recovery_specification, + JSON_EXTRACT(Properties, '$.ProvisionedThroughput') as provisioned_throughput, + JSON_EXTRACT(Properties, '$.TableName') as table_name, + JSON_EXTRACT(Properties, '$.AttributeDefinitions') as attribute_definitions, + JSON_EXTRACT(Properties, '$.BillingMode') as billing_mode, + JSON_EXTRACT(Properties, '$.GlobalSecondaryIndexes') as global_secondary_indexes, + JSON_EXTRACT(Properties, '$.KeySchema') as key_schema, + JSON_EXTRACT(Properties, '$.LocalSecondaryIndexes') as local_secondary_indexes, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.StreamArn') as stream_arn, + JSON_EXTRACT(Properties, '$.DeletionProtectionEnabled') as deletion_protection_enabled, + JSON_EXTRACT(Properties, '$.TableClass') as table_class, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TimeToLiveSpecification') as time_to_live_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DynamoDB::Table' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SSESpecification') as s_se_specification, + json_extract_path_text(Properties, 'KinesisStreamSpecification') as kinesis_stream_specification, + json_extract_path_text(Properties, 'StreamSpecification') as stream_specification, + json_extract_path_text(Properties, 'ContributorInsightsSpecification') as contributor_insights_specification, + json_extract_path_text(Properties, 'ImportSourceSpecification') as import_source_specification, + json_extract_path_text(Properties, 'PointInTimeRecoverySpecification') as point_in_time_recovery_specification, + json_extract_path_text(Properties, 'ProvisionedThroughput') as provisioned_throughput, + json_extract_path_text(Properties, 'TableName') as table_name, + json_extract_path_text(Properties, 'AttributeDefinitions') as attribute_definitions, + json_extract_path_text(Properties, 'BillingMode') as billing_mode, + json_extract_path_text(Properties, 'GlobalSecondaryIndexes') as global_secondary_indexes, + json_extract_path_text(Properties, 'KeySchema') as key_schema, + json_extract_path_text(Properties, 'LocalSecondaryIndexes') as local_secondary_indexes, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'StreamArn') as stream_arn, + json_extract_path_text(Properties, 'DeletionProtectionEnabled') as deletion_protection_enabled, + json_extract_path_text(Properties, 'TableClass') as table_class, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TimeToLiveSpecification') as time_to_live_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::DynamoDB::Table' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ecr.yaml b/providers/src/awscc/v00.00.00000/services/ecr.yaml new file mode 100644 index 00000000..09a4239c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ecr.yaml @@ -0,0 +1,752 @@ +openapi: 3.0.0 +info: + title: ECR + version: 1.0.0 +paths: {} +components: + schemas: + RegistryId: + type: string + description: 'The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed. ' + minLength: 12 + maxLength: 12 + pattern: ^[0-9]{12}$ + RepositoryDescription: + type: string + description: The description of the public repository. + maxLength: 1024 + OperatingSystemList: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: Select the operating systems that the images in your repository are compatible with. + items: + $ref: '#/components/schemas/OperatingSystem' + OperatingSystem: + type: string + description: The name of the operating system. + maxLength: 50 + minLength: 1 + ArchitectureList: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: Select the system architectures that the images in your repository are compatible with. + items: + $ref: '#/components/schemas/Architecture' + Architecture: + type: string + description: The name of the architecture. + maxLength: 50 + minLength: 1 + UsageText: + type: string + description: Provide detailed information about how to use the images in the repository. This provides context, support information, and additional usage details for users of the repository. + maxLength: 10240 + AboutText: + type: string + description: Provide a detailed description of the repository. Identify what is included in the repository, any licensing details, or other relevant information. + maxLength: 10240 + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 127 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 255 + required: + - Value + - Key + additionalProperties: false + PublicRepository: + type: object + properties: + RepositoryName: + type: string + description: The name to use for the repository. The repository name may be specified on its own (such as nginx-web-app) or it can be prepended with a namespace to group the repository into a category (such as project-a/nginx-web-app). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html. + minLength: 2 + maxLength: 256 + pattern: ^(?=.{2,256}$)((?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)*)$ + RepositoryPolicyText: + type: object + description: 'The JSON repository policy text to apply to the repository. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html in the Amazon Elastic Container Registry User Guide. ' + Arn: + type: string + RepositoryCatalogData: + type: object + description: The CatalogData property type specifies Catalog data for ECR Public Repository. For information about Catalog Data, see + properties: + RepositoryDescription: + $ref: '#/components/schemas/RepositoryDescription' + Architectures: + $ref: '#/components/schemas/ArchitectureList' + OperatingSystems: + $ref: '#/components/schemas/OperatingSystemList' + AboutText: + $ref: '#/components/schemas/AboutText' + UsageText: + $ref: '#/components/schemas/UsageText' + additionalProperties: false + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: public_repository + x-stackql-primaryIdentifier: + - RepositoryName + x-create-only-properties: + - RepositoryName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ecr-public:CreateRepository + - ecr-public:SetRepositoryPolicy + - ecr-public:PutRepositoryCatalogData + - ecr-public:TagResource + read: + - ecr-public:DescribeRepositories + - ecr-public:GetRepositoryPolicy + - ecr-public:GetRepositoryCatalogData + - ecr-public:ListTagsForResource + update: + - ecr-public:SetRepositoryPolicy + - ecr-public:DeleteRepositoryPolicy + - ecr-public:PutRepositoryCatalogData + - ecr-public:TagResource + - ecr-public:UntagResource + delete: + - ecr-public:DeleteRepository + list: + - ecr-public:DescribeRepositories + PullThroughCacheRule: + type: object + properties: + EcrRepositoryPrefix: + type: string + description: The ECRRepositoryPrefix is a custom alias for upstream registry url. + minLength: 2 + maxLength: 30 + pattern: (?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)* + UpstreamRegistryUrl: + type: string + description: The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached + CredentialArn: + type: string + description: The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry. + minLength: 50 + maxLength: 612 + pattern: ^arn:aws:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$ + UpstreamRegistry: + type: string + description: The name of the upstream registry. + x-stackql-resource-name: pull_through_cache_rule + x-stackql-primaryIdentifier: + - EcrRepositoryPrefix + x-create-only-properties: + - EcrRepositoryPrefix + - UpstreamRegistryUrl + - CredentialArn + - UpstreamRegistry + x-required-permissions: + create: + - ecr:DescribePullThroughCacheRules + - ecr:CreatePullThroughCacheRule + - ecr:DeletePullThroughCacheRule + - iam:CreateServiceLinkedRole + - secretsmanager:GetSecretValue + read: + - ecr:DescribePullThroughCacheRules + update: + - ecr:DescribePullThroughCacheRules + - ecr:CreatePullThroughCacheRule + - ecr:DeletePullThroughCacheRule + - iam:CreateServiceLinkedRole + - secretsmanager:GetSecretValue + delete: + - ecr:DescribePullThroughCacheRules + - ecr:DeletePullThroughCacheRule + list: + - ecr:DescribePullThroughCacheRules + EcrRepositoryPrefix: + type: string + description: The ECRRepositoryPrefix is a custom alias for upstream registry url. + minLength: 2 + maxLength: 30 + pattern: (?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)* + UpstreamRegistryUrl: + type: string + description: The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached + CredentialArn: + type: string + description: The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry. + minLength: 50 + maxLength: 612 + pattern: ^arn:aws:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$ + UpstreamRegistry: + type: string + description: The name of the upstream registry. + RegistryPolicy: + type: object + properties: + RegistryId: + $ref: '#/components/schemas/RegistryId' + PolicyText: + type: object + description: The JSON policy text to apply to your registry. The policy text follows the same format as IAM policy text. For more information, see Registry permissions (https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html) in the Amazon Elastic Container Registry User Guide. + required: + - PolicyText + x-stackql-resource-name: registry_policy + x-stackql-primaryIdentifier: + - RegistryId + x-read-only-properties: + - RegistryId + x-required-permissions: + create: + - ecr:GetRegistryPolicy + - ecr:PutRegistryPolicy + read: + - ecr:GetRegistryPolicy + list: + - ecr:GetRegistryPolicy + update: + - ecr:GetRegistryPolicy + - ecr:PutRegistryPolicy + delete: + - ecr:DeleteRegistryPolicy + ReplicationConfiguration: + type: object + properties: + ReplicationConfiguration: + $ref: '#/components/schemas/ReplicationConfiguration' + RegistryId: + type: string + description: The RegistryId associated with the aws account. + required: + - ReplicationConfiguration + x-stackql-resource-name: replication_configuration + x-stackql-primaryIdentifier: + - RegistryId + x-read-only-properties: + - RegistryId + x-required-permissions: + create: + - ecr:DescribeRegistry + - ecr:PutReplicationConfiguration + - iam:CreateServiceLinkedRole + read: + - ecr:DescribeRegistry + update: + - ecr:DescribeRegistry + - ecr:PutReplicationConfiguration + - iam:CreateServiceLinkedRole + delete: + - ecr:DescribeRegistry + - ecr:PutReplicationConfiguration + - iam:CreateServiceLinkedRole + list: + - ecr:DescribeRegistry + ReplicationRule: + type: object + properties: + RepositoryFilters: + type: array + minItems: 0 + maxItems: 100 + items: + $ref: '#/components/schemas/RepositoryFilter' + description: An array of objects representing the details of a repository filter. + Destinations: + type: array + minItems: 1 + maxItems: 25 + items: + $ref: '#/components/schemas/ReplicationDestination' + description: An array of objects representing the details of a replication destination. + description: An array of objects representing the details of a replication destination. + required: + - Destinations + additionalProperties: false + RepositoryFilter: + type: object + properties: + Filter: + $ref: '#/components/schemas/Filter' + FilterType: + $ref: '#/components/schemas/FilterType' + description: An array of objects representing the details of a repository filter. + required: + - Filter + - FilterType + additionalProperties: false + Filter: + type: string + description: The repository filter to be applied for replication. + pattern: ^(?:[a-z0-9]+(?:[._-][a-z0-9]*)*/)*[a-z0-9]*(?:[._-][a-z0-9]*)*$ + FilterType: + description: Type of repository filter + type: string + enum: + - PREFIX_MATCH + ReplicationDestination: + type: object + properties: + Region: + $ref: '#/components/schemas/Region' + RegistryId: + $ref: '#/components/schemas/RegistryId' + description: An array of objects representing the details of a replication destination. + required: + - Region + - RegistryId + additionalProperties: false + Region: + description: A Region to replicate to. + type: string + pattern: '[0-9a-z-]{2,25}' + LifecyclePolicy: + type: object + description: The LifecyclePolicy property type specifies a lifecycle policy. For information about lifecycle policy syntax, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html + properties: + LifecyclePolicyText: + $ref: '#/components/schemas/LifecyclePolicyText' + RegistryId: + $ref: '#/components/schemas/RegistryId' + additionalProperties: false + LifecyclePolicyText: + type: string + description: The JSON repository policy text to apply to the repository. + minLength: 100 + maxLength: 30720 + ImageScanningConfiguration: + type: object + description: The image scanning configuration for the repository. This setting determines whether images are scanned for known vulnerabilities after being pushed to the repository. + properties: + ScanOnPush: + $ref: '#/components/schemas/ScanOnPush' + additionalProperties: false + ScanOnPush: + type: boolean + description: The setting that determines whether images are scanned after being pushed to a repository. + EncryptionConfiguration: + type: object + description: |- + The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest. + + By default, when no encryption configuration is set or the AES256 encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES-256 encryption algorithm. This does not require any action on your part. + + For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html + properties: + EncryptionType: + $ref: '#/components/schemas/EncryptionType' + KmsKey: + $ref: '#/components/schemas/KmsKey' + required: + - EncryptionType + additionalProperties: false + EncryptionType: + type: string + description: The encryption type to use. + enum: + - AES256 + - KMS + KmsKey: + type: string + description: If you use the KMS encryption type, specify the CMK to use for encryption. The alias, key ID, or full ARN of the CMK can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed CMK for Amazon ECR will be used. + minLength: 1 + maxLength: 2048 + EmptyOnDelete: + type: boolean + description: If true, deleting the repository force deletes the contents of the repository. Without a force delete, you can only delete empty repositories. + Repository: + type: object + properties: + EmptyOnDelete: + $ref: '#/components/schemas/EmptyOnDelete' + LifecyclePolicy: + $ref: '#/components/schemas/LifecyclePolicy' + RepositoryName: + type: string + description: The name to use for the repository. The repository name may be specified on its own (such as nginx-web-app) or it can be prepended with a namespace to group the repository into a category (such as project-a/nginx-web-app). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html. + minLength: 2 + maxLength: 256 + pattern: ^(?=.{2,256}$)((?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)*)$ + RepositoryPolicyText: + type: object + description: 'The JSON repository policy text to apply to the repository. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html in the Amazon Elastic Container Registry User Guide. ' + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + Arn: + type: string + RepositoryUri: + type: string + ImageTagMutability: + type: string + description: The image tag mutability setting for the repository. + enum: + - MUTABLE + - IMMUTABLE + ImageScanningConfiguration: + $ref: '#/components/schemas/ImageScanningConfiguration' + EncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + x-stackql-resource-name: repository + x-stackql-primaryIdentifier: + - RepositoryName + x-create-only-properties: + - RepositoryName + - EncryptionConfiguration + - EncryptionConfiguration/EncryptionType + - EncryptionConfiguration/KmsKey + x-read-only-properties: + - Arn + - RepositoryUri + x-required-permissions: + create: + - ecr:CreateRepository + - ecr:PutLifecyclePolicy + - ecr:SetRepositoryPolicy + - ecr:TagResource + - kms:DescribeKey + - kms:CreateGrant + - kms:RetireGrant + read: + - ecr:DescribeRepositories + - ecr:GetLifecyclePolicy + - ecr:GetRepositoryPolicy + - ecr:ListTagsForResource + update: + - ecr:DescribeRepositories + - ecr:PutLifecyclePolicy + - ecr:SetRepositoryPolicy + - ecr:ListTagsForResource + - ecr:TagResource + - ecr:UntagResource + - ecr:DeleteLifecyclePolicy + - ecr:DeleteRepositoryPolicy + - ecr:PutImageScanningConfiguration + - ecr:PutImageTagMutability + - kms:DescribeKey + - kms:CreateGrant + - kms:RetireGrant + delete: + - ecr:DeleteRepository + - kms:RetireGrant + list: + - ecr:DescribeRepositories + x-stackQL-resources: + public_repositories: + name: public_repositories + id: awscc.ecr.public_repositories + x-cfn-schema-name: PublicRepository + x-type: list + x-identifiers: + - RepositoryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RepositoryName') as repository_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::PublicRepository' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RepositoryName') as repository_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::PublicRepository' + AND region = 'us-east-1' + public_repository: + name: public_repository + id: awscc.ecr.public_repository + x-cfn-schema-name: PublicRepository + x-type: get + x-identifiers: + - RepositoryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RepositoryName') as repository_name, + JSON_EXTRACT(Properties, '$.RepositoryPolicyText') as repository_policy_text, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.RepositoryCatalogData') as repository_catalog_data, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::PublicRepository' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RepositoryName') as repository_name, + json_extract_path_text(Properties, 'RepositoryPolicyText') as repository_policy_text, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'RepositoryCatalogData') as repository_catalog_data, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::PublicRepository' + AND data__Identifier = '' + AND region = 'us-east-1' + pull_through_cache_rules: + name: pull_through_cache_rules + id: awscc.ecr.pull_through_cache_rules + x-cfn-schema-name: PullThroughCacheRule + x-type: list + x-identifiers: + - EcrRepositoryPrefix + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EcrRepositoryPrefix') as ecr_repository_prefix + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::PullThroughCacheRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EcrRepositoryPrefix') as ecr_repository_prefix + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::PullThroughCacheRule' + AND region = 'us-east-1' + pull_through_cache_rule: + name: pull_through_cache_rule + id: awscc.ecr.pull_through_cache_rule + x-cfn-schema-name: PullThroughCacheRule + x-type: get + x-identifiers: + - EcrRepositoryPrefix + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EcrRepositoryPrefix') as ecr_repository_prefix, + JSON_EXTRACT(Properties, '$.UpstreamRegistryUrl') as upstream_registry_url, + JSON_EXTRACT(Properties, '$.CredentialArn') as credential_arn, + JSON_EXTRACT(Properties, '$.UpstreamRegistry') as upstream_registry + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::PullThroughCacheRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EcrRepositoryPrefix') as ecr_repository_prefix, + json_extract_path_text(Properties, 'UpstreamRegistryUrl') as upstream_registry_url, + json_extract_path_text(Properties, 'CredentialArn') as credential_arn, + json_extract_path_text(Properties, 'UpstreamRegistry') as upstream_registry + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::PullThroughCacheRule' + AND data__Identifier = '' + AND region = 'us-east-1' + registry_policies: + name: registry_policies + id: awscc.ecr.registry_policies + x-cfn-schema-name: RegistryPolicy + x-type: list + x-identifiers: + - RegistryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RegistryId') as registry_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::RegistryPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RegistryId') as registry_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::RegistryPolicy' + AND region = 'us-east-1' + registry_policy: + name: registry_policy + id: awscc.ecr.registry_policy + x-cfn-schema-name: RegistryPolicy + x-type: get + x-identifiers: + - RegistryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RegistryId') as registry_id, + JSON_EXTRACT(Properties, '$.PolicyText') as policy_text + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::RegistryPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RegistryId') as registry_id, + json_extract_path_text(Properties, 'PolicyText') as policy_text + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::RegistryPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + replication_configurations: + name: replication_configurations + id: awscc.ecr.replication_configurations + x-cfn-schema-name: ReplicationConfiguration + x-type: list + x-identifiers: + - RegistryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RegistryId') as registry_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::ReplicationConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RegistryId') as registry_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::ReplicationConfiguration' + AND region = 'us-east-1' + replication_configuration: + name: replication_configuration + id: awscc.ecr.replication_configuration + x-cfn-schema-name: ReplicationConfiguration + x-type: get + x-identifiers: + - RegistryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReplicationConfiguration') as replication_configuration, + JSON_EXTRACT(Properties, '$.RegistryId') as registry_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::ReplicationConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReplicationConfiguration') as replication_configuration, + json_extract_path_text(Properties, 'RegistryId') as registry_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::ReplicationConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + repositories: + name: repositories + id: awscc.ecr.repositories + x-cfn-schema-name: Repository + x-type: list + x-identifiers: + - RepositoryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RepositoryName') as repository_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::Repository' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RepositoryName') as repository_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECR::Repository' + AND region = 'us-east-1' + repository: + name: repository + id: awscc.ecr.repository + x-cfn-schema-name: Repository + x-type: get + x-identifiers: + - RepositoryName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EmptyOnDelete') as empty_on_delete, + JSON_EXTRACT(Properties, '$.LifecyclePolicy') as lifecycle_policy, + JSON_EXTRACT(Properties, '$.RepositoryName') as repository_name, + JSON_EXTRACT(Properties, '$.RepositoryPolicyText') as repository_policy_text, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.RepositoryUri') as repository_uri, + JSON_EXTRACT(Properties, '$.ImageTagMutability') as image_tag_mutability, + JSON_EXTRACT(Properties, '$.ImageScanningConfiguration') as image_scanning_configuration, + JSON_EXTRACT(Properties, '$.EncryptionConfiguration') as encryption_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::Repository' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EmptyOnDelete') as empty_on_delete, + json_extract_path_text(Properties, 'LifecyclePolicy') as lifecycle_policy, + json_extract_path_text(Properties, 'RepositoryName') as repository_name, + json_extract_path_text(Properties, 'RepositoryPolicyText') as repository_policy_text, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'RepositoryUri') as repository_uri, + json_extract_path_text(Properties, 'ImageTagMutability') as image_tag_mutability, + json_extract_path_text(Properties, 'ImageScanningConfiguration') as image_scanning_configuration, + json_extract_path_text(Properties, 'EncryptionConfiguration') as encryption_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECR::Repository' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ecs.yaml b/providers/src/awscc/v00.00.00000/services/ecs.yaml new file mode 100644 index 00000000..494d697f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ecs.yaml @@ -0,0 +1,2158 @@ +openapi: 3.0.0 +info: + title: ECS + version: 1.0.0 +paths: {} +components: + schemas: + ManagedScaling: + description: The managed scaling settings for the Auto Scaling group capacity provider. + type: object + properties: + MinimumScalingStepSize: + type: integer + MaximumScalingStepSize: + type: integer + Status: + type: string + enum: + - DISABLED + - ENABLED + TargetCapacity: + type: integer + InstanceWarmupPeriod: + type: integer + additionalProperties: false + AutoScalingGroupProvider: + type: object + properties: + AutoScalingGroupArn: + type: string + ManagedScaling: + $ref: '#/components/schemas/ManagedScaling' + ManagedTerminationProtection: + type: string + enum: + - DISABLED + - ENABLED + ManagedDraining: + type: string + enum: + - DISABLED + - ENABLED + required: + - AutoScalingGroupArn + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + Value: + type: string + additionalProperties: false + CapacityProvider: + description: If using ec2 auto-scaling, the name of the associated capacity provider. Otherwise FARGATE, FARGATE_SPOT. + type: string + anyOf: + - type: string + enum: + - FARGATE + - FARGATE_SPOT + - type: string + minLength: 1 + maxLength: 2048 + CapacityProviderStrategyItem: + type: object + properties: + Base: + type: integer + CapacityProvider: + type: string + Weight: + type: integer + additionalProperties: false + ExecuteCommandLogConfiguration: + description: The session logging configuration for ExecuteCommand. + additionalProperties: false + type: object + properties: + S3EncryptionEnabled: + type: boolean + CloudWatchEncryptionEnabled: + type: boolean + CloudWatchLogGroupName: + type: string + S3KeyPrefix: + type: string + S3BucketName: + type: string + ClusterSettings: + description: The setting to use when creating a cluster. This parameter is used to enable CloudWatch Container Insights for a cluster. If this value is specified, it will override the containerInsights value set with PutAccountSetting or PutAccountSettingDefault. + additionalProperties: false + type: object + properties: + Value: + type: string + Name: + type: string + ServiceConnectDefaults: + description: Service Connect Configuration default for all services or tasks within this cluster + additionalProperties: false + type: object + properties: + Namespace: + description: Service Connect Namespace Name or ARN default for all services or tasks within this cluster + type: string + ClusterConfiguration: + description: The configurations to be set at cluster level. + additionalProperties: false + type: object + properties: + ExecuteCommandConfiguration: + $ref: '#/components/schemas/ExecuteCommandConfiguration' + ExecuteCommandConfiguration: + description: The configuration for ExecuteCommand. + additionalProperties: false + type: object + properties: + Logging: + type: string + KmsKeyId: + type: string + LogConfiguration: + $ref: '#/components/schemas/ExecuteCommandLogConfiguration' + Cluster: + description: The name of the cluster + type: string + minLength: 1 + maxLength: 2048 + CapacityProviders: + description: List of capacity providers to associate with the cluster + type: array + items: + $ref: '#/components/schemas/CapacityProvider' + uniqueItems: true + DefaultCapacityProviderStrategy: + description: List of capacity providers to associate with the cluster + type: array + items: + $ref: '#/components/schemas/CapacityProviderStrategy' + CapacityProviderStrategy: + type: object + properties: + Base: + type: integer + minimum: 0 + maximum: 100000 + Weight: + type: integer + minimum: 0 + maximum: 1000 + CapacityProvider: + $ref: '#/components/schemas/CapacityProvider' + required: + - CapacityProvider + additionalProperties: false + ClusterCapacityProviderAssociations: + type: object + properties: + CapacityProviders: + $ref: '#/components/schemas/CapacityProviders' + Cluster: + $ref: '#/components/schemas/Cluster' + DefaultCapacityProviderStrategy: + $ref: '#/components/schemas/DefaultCapacityProviderStrategy' + required: + - CapacityProviders + - Cluster + - DefaultCapacityProviderStrategy + x-stackql-resource-name: cluster_capacity_provider_associations + x-stackql-primaryIdentifier: + - Cluster + x-create-only-properties: + - Cluster + x-required-permissions: + create: + - ecs:DescribeClusters + - ecs:PutClusterCapacityProviders + read: + - ecs:DescribeClusters + update: + - ecs:DescribeClusters + - ecs:PutClusterCapacityProviders + delete: + - ecs:PutClusterCapacityProviders + - ecs:DescribeClusters + list: + - ecs:DescribeClusters + - ecs:ListClusters + PrimaryTaskSet: + type: object + properties: + Cluster: + description: The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in. + type: string + TaskSetId: + description: The ID or full Amazon Resource Name (ARN) of the task set. + type: string + Service: + description: The short name or full Amazon Resource Name (ARN) of the service to create the task set in. + type: string + required: + - Cluster + - Service + - TaskSetId + x-stackql-resource-name: primary_task_set + x-stackql-primaryIdentifier: + - Cluster + - Service + x-create-only-properties: + - Cluster + - Service + x-required-permissions: + create: + - ecs:DescribeTaskSets + - ecs:UpdateServicePrimaryTaskSet + read: [] + update: + - ecs:DescribeTaskSets + - ecs:UpdateServicePrimaryTaskSet + delete: [] + AwsVpcConfiguration: + description: The VPC subnets and security groups associated with a task. All specified subnets and security groups must be from the same VPC. + type: object + properties: + AssignPublicIp: + description: Whether the task's elastic network interface receives a public IP address. The default value is DISABLED. + type: string + enum: + - DISABLED + - ENABLED + SecurityGroups: + description: The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. There is a limit of 5 security groups that can be specified per AwsVpcConfiguration. + type: array + items: + type: string + maxItems: 5 + Subnets: + description: The subnets associated with the task or service. There is a limit of 16 subnets that can be specified per AwsVpcConfiguration. + type: array + items: + type: string + maxItems: 16 + required: + - Subnets + additionalProperties: false + DeploymentAlarms: + type: object + properties: + AlarmNames: + type: array + items: + type: string + Rollback: + type: boolean + Enable: + type: boolean + required: + - AlarmNames + - Rollback + - Enable + additionalProperties: false + DeploymentCircuitBreaker: + type: object + properties: + Enable: + type: boolean + Rollback: + type: boolean + required: + - Enable + - Rollback + additionalProperties: false + DeploymentConfiguration: + type: object + properties: + DeploymentCircuitBreaker: + $ref: '#/components/schemas/DeploymentCircuitBreaker' + MaximumPercent: + type: integer + MinimumHealthyPercent: + type: integer + Alarms: + $ref: '#/components/schemas/DeploymentAlarms' + additionalProperties: false + DeploymentController: + type: object + properties: + Type: + type: string + enum: + - CODE_DEPLOY + - ECS + - EXTERNAL + additionalProperties: false + EBSTagSpecification: + type: object + required: + - ResourceType + properties: + ResourceType: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + PropagateTags: + type: string + enum: + - SERVICE + - TASK_DEFINITION + LoadBalancer: + description: 'A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer. ' + type: object + properties: + ContainerName: + description: The name of the container (as it appears in a container definition) to associate with the load balancer. + type: string + ContainerPort: + description: The port on the container to associate with the load balancer. This port must correspond to a containerPort in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they are launched on must allow ingress traffic on the hostPort of the port mapping. + type: integer + TargetGroupArn: + description: >- + The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. If you are using a Classic Load Balancer this should be omitted. For services using the ECS deployment controller, you can specify one or multiple target groups. For more information, see + https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY deployment controller, you are required to define two target groups for the load balancer. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html in the Amazon Elastic Container Service Developer Guide. If your service's task definition + uses the awsvpc network mode (which is required for the Fargate launch type), you must choose ip as the target type, not instance, when creating your target groups because tasks that use the awsvpc network mode are associated with an elastic network interface, not an Amazon EC2 instance. + type: string + additionalProperties: false + LogConfiguration: + type: object + required: + - LogDriver + properties: + LogDriver: + type: string + description: |- + The log driver to use for the container. + For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``. + For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``. + For more information about using the ``awslogs`` log driver, see [Using the awslogs log driver](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*. + For more information about using the ``awsfirelens`` log driver, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. + If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs + Options: + type: object + x-patternProperties: + .{1,}: + type: string + additionalProperties: false + description: 'The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format ''{{.Server.APIVersion}}''``' + SecretOptions: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Secret' + description: The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. + additionalProperties: false + description: The ``LogConfiguration`` property specifies log configuration options to send to a custom log driver for the container. + NetworkConfiguration: + description: An object representing the network configuration for a task or service. + type: object + properties: + AwsVpcConfiguration: + $ref: '#/components/schemas/AwsVpcConfiguration' + additionalProperties: false + PlacementConstraint: + type: object + properties: + Expression: + type: string + Type: + type: string + enum: + - distinctInstance + - memberOf + required: + - Type + additionalProperties: false + PlacementStrategy: + type: object + properties: + Field: + type: string + Type: + type: string + enum: + - binpack + - random + - spread + required: + - Type + additionalProperties: false + Secret: + type: object + required: + - Name + - ValueFrom + properties: + Name: + type: string + description: The name of the secret. + ValueFrom: + type: string + description: |- + The secret to expose to the container. The supported values are either the full ARN of the ASMlong secret or the full ARN of the parameter in the SSM Parameter Store. + For information about the require IAMlong permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide*. + If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified. + additionalProperties: false + description: |- + An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways: + + To inject sensitive data into your containers as environment variables, use the ``secrets`` container definition parameter. + + To reference sensitive information in the log configuration of a container, use the ``secretOptions`` container definition parameter. + + For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. + ServiceConnectClientAlias: + type: object + properties: + Port: + type: integer + DnsName: + type: string + required: + - Port + additionalProperties: false + ServiceConnectConfiguration: + type: object + properties: + Enabled: + type: boolean + Namespace: + type: string + Services: + type: array + items: + $ref: '#/components/schemas/ServiceConnectService' + LogConfiguration: + $ref: '#/components/schemas/LogConfiguration' + required: + - Enabled + additionalProperties: false + ServiceConnectService: + type: object + properties: + PortName: + type: string + DiscoveryName: + type: string + ClientAliases: + type: array + items: + $ref: '#/components/schemas/ServiceConnectClientAlias' + IngressPortOverride: + type: integer + Tls: + $ref: '#/components/schemas/ServiceConnectTlsConfiguration' + Timeout: + $ref: '#/components/schemas/TimeoutConfiguration' + required: + - PortName + additionalProperties: false + ServiceConnectTlsConfiguration: + type: object + properties: + IssuerCertificateAuthority: + $ref: '#/components/schemas/ServiceConnectTlsCertificateAuthority' + KmsKey: + type: string + RoleArn: + type: string + required: + - IssuerCertificateAuthority + additionalProperties: false + ServiceConnectTlsCertificateAuthority: + type: object + properties: + AwsPcaAuthorityArn: + type: string + additionalProperties: false + ServiceManagedEBSVolumeConfiguration: + type: object + required: + - RoleArn + properties: + Encrypted: + type: boolean + KmsKeyId: + type: string + VolumeType: + type: string + SizeInGiB: + type: integer + SnapshotId: + type: string + Iops: + type: integer + Throughput: + type: integer + TagSpecifications: + type: array + items: + $ref: '#/components/schemas/EBSTagSpecification' + RoleArn: + type: string + FilesystemType: + type: string + TimeoutConfiguration: + type: object + properties: + IdleTimeoutSeconds: + type: integer + PerRequestTimeoutSeconds: + type: integer + additionalProperties: false + ServiceRegistry: + type: object + properties: + ContainerName: + description: >- + The container name value, already specified in the task definition, to be used for your service discovery service. If the task definition that your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition that your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination + or a port value, but not both. + type: string + ContainerPort: + description: >- + The port value, already specified in the task definition, to be used for your service discovery service. If the task definition your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but + not both. + type: integer + Port: + description: The port value used if your service discovery service specified an SRV record. This field may be used if both the awsvpc network mode and SRV records are used. + type: integer + RegistryArn: + description: The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map. For more information, see https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html + type: string + additionalProperties: false + ServiceVolumeConfiguration: + type: object + required: + - Name + properties: + Name: + type: string + ManagedEBSVolume: + $ref: '#/components/schemas/ServiceManagedEBSVolumeConfiguration' + Service: + type: object + properties: + ServiceArn: + type: string + CapacityProviderStrategy: + type: array + items: + $ref: '#/components/schemas/CapacityProviderStrategyItem' + Cluster: + type: string + DeploymentConfiguration: + $ref: '#/components/schemas/DeploymentConfiguration' + DeploymentController: + $ref: '#/components/schemas/DeploymentController' + DesiredCount: + type: integer + EnableECSManagedTags: + type: boolean + EnableExecuteCommand: + type: boolean + HealthCheckGracePeriodSeconds: + type: integer + LaunchType: + type: string + enum: + - EC2 + - FARGATE + - EXTERNAL + LoadBalancers: + type: array + items: + $ref: '#/components/schemas/LoadBalancer' + Name: + type: string + NetworkConfiguration: + $ref: '#/components/schemas/NetworkConfiguration' + PlacementConstraints: + type: array + items: + $ref: '#/components/schemas/PlacementConstraint' + PlacementStrategies: + type: array + items: + $ref: '#/components/schemas/PlacementStrategy' + PlatformVersion: + type: string + default: LATEST + PropagateTags: + type: string + enum: + - SERVICE + - TASK_DEFINITION + Role: + type: string + SchedulingStrategy: + type: string + enum: + - DAEMON + - REPLICA + ServiceConnectConfiguration: + $ref: '#/components/schemas/ServiceConnectConfiguration' + ServiceName: + type: string + ServiceRegistries: + type: array + items: + $ref: '#/components/schemas/ServiceRegistry' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + TaskDefinition: + type: string + VolumeConfigurations: + type: array + items: + $ref: '#/components/schemas/ServiceVolumeConfiguration' + x-stackql-resource-name: service + x-stackql-primaryIdentifier: + - ServiceArn + - Cluster + x-create-only-properties: + - Cluster + - DeploymentController + - LaunchType + - Role + - SchedulingStrategy + - ServiceName + x-read-only-properties: + - ServiceArn + - Name + x-required-permissions: + create: + - ecs:CreateService + - ecs:DescribeServices + - iam:PassRole + - ecs:TagResource + read: + - ecs:DescribeServices + update: + - ecs:DescribeServices + - ecs:ListTagsForResource + - ecs:TagResource + - ecs:UntagResource + - ecs:UpdateService + delete: + - ecs:DeleteService + - ecs:DescribeServices + list: + - ecs:DescribeServices + - ecs:ListClusters + - ecs:ListServices + ContainerDefinition: + description: The ``ContainerDefinition`` property specifies a container definition. Container definitions are used in task definitions to describe the different containers that are launched as part of a task. + type: object + required: + - Name + - Image + properties: + Command: + type: array + x-insertionOrder: true + items: + type: string + description: >- + The command that's passed to the container. This parameter maps to ``Cmd`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``COMMAND`` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). For more information, see + [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd). If there are multiple arguments, each argument is a separated string in the array. + Cpu: + type: integer + description: |- + The number of ``cpu`` units reserved for the container. This parameter maps to ``CpuShares`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--cpu-shares`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + This field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level ``cpu`` value. + You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. + Linux containers share unallocated CPU units with other containers on the cont + CredentialSpecs: + type: array + x-insertionOrder: false + items: + type: string + description: |- + A list of ARNs in SSM or Amazon S3 to a credential spec (``CredSpec``) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the ``dockerSecurityOptions``. The maximum number of ARNs is 1. + There are two formats for each ARN. + + credentialspecdomainless:MyARN You use credentialspecdomainless:MyARN to provide a CredSpec with an additional section for a secret in . You provide the login credentials to the domain in the secret. Each task that runs on any container instance can join different domains. You can use this format without joining the container instance to a domain. + credentialspec:MyARN You use credentialspec:MyARN to provide a CredSpec for a single domain. You must join the container instance to the domain before you start any tasks that use this task definition. + In both formats, replace ``MyARN`` with the ARN in SSM or Amazon S3. + If you provide a ``credentialspecdomainless:MyARN``, the ``credspec`` must + DependsOn: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ContainerDependency' + description: |- + The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. + For tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [ + DisableNetworking: + type: boolean + description: |- + When this parameter is true, networking is off within the container. This parameter maps to ``NetworkDisabled`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/). + This parameter is not supported for Windows containers. + DnsSearchDomains: + type: array + x-insertionOrder: false + items: + type: string + description: |- + A list of DNS search domains that are presented to the container. This parameter maps to ``DnsSearch`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--dns-search`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + This parameter is not supported for Windows containers. + DnsServers: + type: array + x-insertionOrder: false + items: + type: string + description: |- + A list of DNS servers that are presented to the container. This parameter maps to ``Dns`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--dns`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + This parameter is not supported for Windows containers. + DockerLabels: + type: object + x-patternProperties: + .{1,}: + type: string + additionalProperties: false + description: >- + A key/value map of labels to add to the container. This parameter maps to ``Labels`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--label`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). This parameter requires + version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` + DockerSecurityOptions: + type: array + x-insertionOrder: false + items: + type: string + description: |- + A list of strings to provide custom configuration for multiple security systems. For more information about valid values, see [Docker Run Security Configuration](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). This field isn't valid for containers in tasks using the Fargate launch type. + For Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems. + For any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide*. + This parameter maps to ``SecurityOpt`` in the [Create a co + EntryPoint: + type: array + x-insertionOrder: true + items: + type: string + description: |- + Early versions of the Amazon ECS container agent don't properly handle ``entryPoint`` parameters. If you have problems using ``entryPoint``, update your container agent or enter your commands and arguments as ``command`` array items instead. + The entry point that's passed to the container. This parameter maps to ``Entrypoint`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--entrypoint`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). For more information, see [https://docs.docker.com/engine/reference/builder/#entrypoint](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#entrypoint). + Environment: + description: |- + The environment variables to pass to a container. This parameter maps to ``Env`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--env`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + We don't recommend that you use plaintext environment variables for sensitive information, such as credential data. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/KeyValuePair' + EnvironmentFiles: + description: |- + A list of files containing the environment variables to pass to a container. This parameter maps to the ``--env-file`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file contains an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored. For more information about the environment variable file syntax, see [Declare default environment variables in file](https://docs.aws.amazon.com/https://docs.docker.com/compose/env-file/). + If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend t + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/EnvironmentFile' + Essential: + type: boolean + description: |- + If the ``essential`` parameter of a container is marked as ``true``, and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the ``essential`` parameter of a container is marked as ``false``, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential. + All tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide*. + ExtraHosts: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/HostEntry' + description: >- + A list of hostnames and IP address mappings to append to the ``/etc/hosts`` file on the container. This parameter maps to ``ExtraHosts`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--add-host`` option to [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + This parameter isn't supported for Windows containers or tasks that use the ``awsvpc`` network mode. + FirelensConfiguration: + $ref: '#/components/schemas/FirelensConfiguration' + description: The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. + HealthCheck: + $ref: '#/components/schemas/HealthCheck' + description: >- + The container health check command and associated configuration parameters for the container. This parameter maps to ``HealthCheck`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``HEALTHCHECK`` parameter of [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + Hostname: + type: string + description: |- + The hostname to use for your container. This parameter maps to ``Hostname`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--hostname`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + The ``hostname`` parameter is not supported if you're using the ``awsvpc`` network mode. + Image: + description: >- + The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to ``Image`` in the [Create a + container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``IMAGE`` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + + When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image + type: string + Links: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + description: >- + The ``links`` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is ``bridge``. The ``name:internalName`` construct is analogous to ``name:alias`` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. For more information about linking Docker containers, go to [Legacy container + links](https://docs.aws.amazon.com/https://docs.docker.com/network/links/) in the Docker documentation. This parameter maps to ``Links`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--link`` option to [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + This parameter is not supported for W + LinuxParameters: + $ref: '#/components/schemas/LinuxParameters' + description: |- + Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html). + This parameter is not supported for Windows containers. + LogConfiguration: + $ref: '#/components/schemas/LogConfiguration' + description: |- + The log configuration specification for the container. + This parameter maps to ``LogConfig`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--log-driver`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/htt + Memory: + description: >- + The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task ``memory`` value, if one is specified. This parameter maps to ``Memory`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote + API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--memory`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + If using the Fargate launch type, this parameter is optional. + If using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level ``memory`` and ``memoryReservation`` value, ``memory`` must be greater than ``memoryReserva + type: integer + MemoryReservation: + type: integer + description: >- + The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the ``memory`` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to ``MemoryReservation`` in the [Create a + container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--memory-reservation`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + If a task-level memory value is not specified, you must specify a non-zero integer for one or both of ``memory`` or ``memoryReservation`` in a container definiti + MountPoints: + type: array + x-insertionOrder: true + uniqueItems: true + items: + $ref: '#/components/schemas/MountPoint' + description: |- + The mount points for data volumes in your container. + This parameter maps to ``Volumes`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--volume`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. + Name: + description: >- + The name of a container. If you're linking multiple containers together in a task definition, the ``name`` of one container can be entered in the ``links`` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to ``name`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote + API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--name`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + type: string + PortMappings: + description: |- + The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic. + For task definitions that use the ``awsvpc`` network mode, you should only specify the ``containerPort``. The ``hostPort`` can be left blank or it must be the same value as the ``containerPort``. + Port mappings on Windows use the ``NetNAT`` gateway address rather than ``localhost``. There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself. + This parameter maps to ``PortBindings`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--publish`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). If the network mode of a task definition is set to + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/PortMapping' + Privileged: + type: boolean + description: >- + When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--privileged`` option to [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + This parameter is not supported for Windows containers or tasks run on FARGATElong. + ReadonlyRootFilesystem: + type: boolean + description: >- + When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--read-only`` option to [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + This parameter is not supported for Windows containers. + RepositoryCredentials: + $ref: '#/components/schemas/RepositoryCredentials' + description: The private repository authentication credentials to use. + ResourceRequirements: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ResourceRequirement' + description: The type and amount of a resource to assign to a container. The only supported resource is a GPU. + Secrets: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Secret' + description: The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. + StartTimeout: + type: integer + description: |- + Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a ``COMPLETE``, ``SUCCESS``, or ``HEALTHY`` status. If a ``startTimeout`` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a ``STOPPED`` state. + When the ``ECS_CONTAINER_START_TIMEOUT`` container agent configuration variable is used, it's enforced independently from this start timeout value. + For tasks using the Fargate launch type, the task or service requires the following platforms: + + Linux platform version ``1.3.0`` or later. + + Windows platform version ``1.0.0`` or later. + + For tasks using the EC2 launch type, your container instances require at least version ``1.26.0`` of the container agent to use a container start timeout value. However + StopTimeout: + type: integer + description: |- + Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own. + For tasks using the Fargate launch type, the task or service requires the following platforms: + + Linux platform version ``1.3.0`` or later. + + Windows platform version ``1.0.0`` or later. + + The max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used. + For tasks that use the EC2 launch type, if the ``stopTimeout`` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable ``ECS_CONTAINER_STOP_TIMEOUT`` is used. If neither the ``stopTimeout`` parameter or the ``ECS_CONTAINER_STOP_TIMEOUT`` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recomm + Ulimits: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Ulimit' + description: >- + A list of ``ulimits`` to set in the container. This parameter maps to ``Ulimits`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--ulimit`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). Valid naming values are displayed in the + [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` + This parameter is not supported for Windows containers. + User: + type: string + description: |- + The user to use inside the container. This parameter maps to ``User`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--user`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + When running tasks using the ``host`` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. + You can specify the ``user`` using the following formats. If specifying a UID or GID, you must specify it as a positive integer. + + ``user`` + + ``user:group`` + + ``uid`` + + ``uid:gid`` + + ``user:gid`` + + ``uid:group`` + + This parameter is not supported for Windows containers. + VolumesFrom: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/VolumeFrom' + description: Data volumes to mount from another container. This parameter maps to ``VolumesFrom`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--volumes-from`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + WorkingDirectory: + type: string + description: The working directory to run commands inside the container in. This parameter maps to ``WorkingDir`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--workdir`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + Interactive: + type: boolean + description: >- + When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. This parameter maps to ``OpenStdin`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--interactive`` option to [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + PseudoTerminal: + type: boolean + description: When this parameter is ``true``, a TTY is allocated. This parameter maps to ``Tty`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--tty`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + SystemControls: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SystemControl' + description: >- + A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--sysctl`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). For example, + you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. + additionalProperties: false + SystemControl: + type: object + properties: + Namespace: + type: string + description: The namespaced kernel parameter to set a ``value`` for. + Value: + type: string + description: |- + The namespaced kernel parameter to set a ``value`` for. + Valid IPC namespace values: ``"kernel.msgmax" | "kernel.msgmnb" | "kernel.msgmni" | "kernel.sem" | "kernel.shmall" | "kernel.shmmax" | "kernel.shmmni" | "kernel.shm_rmid_forced"``, and ``Sysctls`` that start with ``"fs.mqueue.*"`` + Valid network namespace values: ``Sysctls`` that start with ``"net.*"`` + All of these values are supported by Fargate. + additionalProperties: false + description: >- + A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--sysctl`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). For example, you + can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. + We don't recommend that you specify network-related ``systemControls`` parameters for multiple containers in a single task that also uses either the ``awsvpc`` or ``host`` network mode. Doing this has the following disadvantages: + + For tasks that use the ``awsvpc`` network mode including Fargate, if you set ``systemControls`` for any container, it applies to all containers in the task. If you set different ``sy + ContainerDependency: + type: object + properties: + ContainerName: + type: string + description: The name of a container. + Condition: + type: string + description: |- + The dependency condition of the container. The following are the available conditions and their behavior: + + ``START`` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start. + + ``COMPLETE`` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container. + + ``SUCCESS`` - This condition is the same as ``COMPLETE``, but it also requires that the container exits with a ``zero`` status. This condition can't be set on an essential container. + + ``HEALTHY`` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confi + additionalProperties: false + description: |- + The ``ContainerDependency`` property specifies the dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. + Your Amazon ECS container instances require at least version 1.26.0 of the container agent to enable container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you are using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For m + Device: + type: object + properties: + ContainerPath: + type: string + description: The path inside the container at which to expose the host device. + HostPath: + type: string + description: The path for the device on the host container instance. + Permissions: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + description: The explicit permissions to provide to the container for the device. By default, the container has permissions for ``read``, ``write``, and ``mknod`` for the device. + additionalProperties: false + description: The ``Device`` property specifies an object representing a container instance host device. + DockerVolumeConfiguration: + type: object + properties: + Autoprovision: + type: boolean + description: |- + If this value is ``true``, the Docker volume is created if it doesn't already exist. + This field is only used if the ``scope`` is ``shared``. + Driver: + type: string + description: >- + The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use ``docker plugin ls`` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. For more information, see [Docker plugin + discovery](https://docs.aws.amazon.com/https://docs.docker.com/engine/extend/plugin_api/#plugin-discovery). This parameter maps to ``Driver`` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``xxdriver`` option to [docker volume + create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/). + DriverOpts: + type: object + x-patternProperties: + .{1,}: + type: string + additionalProperties: false + description: A map of Docker driver-specific options passed through. This parameter maps to ``DriverOpts`` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``xxopt`` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/). + Labels: + type: object + x-patternProperties: + .{1,}: + type: string + additionalProperties: false + description: Custom metadata to add to your Docker volume. This parameter maps to ``Labels`` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``xxlabel`` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/). + Scope: + type: string + description: The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a ``task`` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as ``shared`` persist after the task stops. + additionalProperties: false + description: The ``DockerVolumeConfiguration`` property specifies a Docker volume configuration and is used when you use Docker volumes. Docker volumes are only supported when you are using the EC2 launch type. Windows containers only support the use of the ``local`` driver. To use bind mounts, specify a ``host`` instead. + AuthorizationConfig: + type: object + properties: + IAM: + type: string + enum: + - ENABLED + - DISABLED + description: >- + Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the ``EFSVolumeConfiguration``. If this parameter is omitted, the default value of ``DISABLED`` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service + Developer Guide*. + AccessPointId: + type: string + description: >- + The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the ``EFSVolumeConfiguration`` must either be omitted or set to ``/`` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the ``EFSVolumeConfiguration``. For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic + File System User Guide*. + additionalProperties: false + description: The authorization configuration details for the Amazon EFS file system. + EFSVolumeConfiguration: + type: object + required: + - FilesystemId + properties: + FilesystemId: + type: string + description: The Amazon EFS file system ID to use. + RootDirectory: + type: string + description: |- + The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying ``/`` will have the same effect as omitting this parameter. + If an EFS access point is specified in the ``authorizationConfig``, the root directory parameter must either be omitted or set to ``/`` which will enforce the path set on the EFS access point. + TransitEncryption: + type: string + enum: + - ENABLED + - DISABLED + description: Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of ``DISABLED`` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide*. + TransitEncryptionPort: + type: integer + description: The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide*. + AuthorizationConfig: + $ref: '#/components/schemas/AuthorizationConfig' + description: The authorization configuration details for the Amazon EFS file system. + additionalProperties: false + description: This parameter is specified when you're using an Amazon Elastic File System file system for task storage. For more information, see [Amazon EFS volumes](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html) in the *Amazon Elastic Container Service Developer Guide*. + EnvironmentFile: + type: object + properties: + Value: + type: string + description: The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file. + Type: + type: string + description: The file type to use. The only supported value is ``s3``. + additionalProperties: false + description: |- + A list of files containing the environment variables to pass to a container. You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file should contain an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored. + If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying environment variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide*. + You must use the following platforms for the Fargate launch type: + + Linux platform version ``1.4.0`` or la + EphemeralStorage: + type: object + properties: + SizeInGiB: + type: integer + description: The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is ``21`` GiB and the maximum supported value is ``200`` GiB. + additionalProperties: false + description: |- + The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on FARGATElong. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon ECS Developer Guide;*. + For tasks using the Fargate launch type, the task requires the following platforms: + + Linux platform version ``1.4.0`` or later. + + Windows platform version ``1.0.0`` or later. + FirelensConfiguration: + type: object + properties: + Type: + type: string + description: The log router to use. The valid values are ``fluentd`` or ``fluentbit``. + Options: + type: object + x-patternProperties: + .{1,}: + type: string + additionalProperties: false + description: |- + The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. + If specified, valid option keys are: + + ``enable-ecs-log-metadata``, which can be ``true`` or ``false`` + + ``config-file-type``, which can be ``s3`` or ``file`` + + ``config-file-value``, which is either an S3 ARN or a file path + additionalProperties: false + description: The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. + HealthCheck: + description: |- + The ``HealthCheck`` property specifies an object representing a container health check. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image (such as those specified in a parent image or from the image's Dockerfile). This configuration maps to the ``HEALTHCHECK`` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). + The Amazon ECS container agent only monitors and reports on the health checks specified in the task definition. Amazon ECS does not monitor Docker health checks that are embedded in a container image and not specified in the container definition. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image. + If a task is run manually, and not as part of a service, the task will continue its lifecycle regardless of its health status. For tasks that are part of a servi + type: object + properties: + Command: + description: |- + A string array representing the command that the container runs to determine if it is healthy. The string array must start with ``CMD`` to run the command arguments directly, or ``CMD-SHELL`` to run the command with the container's default shell. + When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. + ``[ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ]`` + You don't include the double quotes and brackets when you use the AWS Management Console. + ``CMD-SHELL, curl -f http://localhost/ || exit 1`` + An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/). + type: array + x-insertionOrder: true + items: + type: string + Interval: + description: The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. + type: integer + Timeout: + description: The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. + type: integer + Retries: + description: The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. + type: integer + StartPeriod: + description: |- + The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the ``startPeriod`` is off. + If a health check succeeds within the ``startPeriod``, then the container is considered healthy and any subsequent failures count toward the maximum number of retries. + type: integer + additionalProperties: false + HostEntry: + type: object + properties: + Hostname: + type: string + description: The hostname to use in the ``/etc/hosts`` entry. + IpAddress: + type: string + description: The IP address to use in the ``/etc/hosts`` entry. + additionalProperties: false + description: The ``HostEntry`` property specifies a hostname and an IP address that are added to the ``/etc/hosts`` file of a container through the ``extraHosts`` parameter of its ``ContainerDefinition`` resource. + HostVolumeProperties: + type: object + properties: + SourcePath: + type: string + description: >- + When the ``host`` parameter is used, specify a ``sourcePath`` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the ``host`` parameter contains a ``sourcePath`` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the ``sourcePath`` value doesn't exist on the host container + instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. + If you're using the Fargate launch type, the ``sourcePath`` parameter is not supported. + additionalProperties: false + description: The ``HostVolumeProperties`` property specifies details on a container instance bind mount host volume. + InferenceAccelerator: + type: object + properties: + DeviceName: + type: string + description: The Elastic Inference accelerator device name. The ``deviceName`` must also be referenced in a container definition as a [ResourceRequirement](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ResourceRequirement.html). + DeviceType: + type: string + description: The Elastic Inference accelerator type to use. + additionalProperties: false + description: Details on an Elastic Inference accelerator. For more information, see [Working with Amazon Elastic Inference on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-inference.html) in the *Amazon Elastic Container Service Developer Guide*. + KernelCapabilities: + type: object + properties: + Add: + type: array + x-insertionOrder: false + items: + type: string + description: >- + The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--cap-add`` option to [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + Tasks launched on FARGATElong only support adding the ``SYS_PTRACE`` kernel capability. + Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" + Drop: + type: array + x-insertionOrder: false + items: + type: string + description: >- + The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--cap-drop`` option to [docker + run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" + additionalProperties: false + description: >- + The ``KernelCapabilities`` property specifies the Linux capabilities for the container that are added to or dropped from the default configuration that is provided by Docker. For more information on the default capabilities and the non-default available capabilities, see [Runtime privilege and Linux capabilities](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) in the *Docker run reference*. For more detailed information + on these Linux capabilities, see the [capabilities(7)](https://docs.aws.amazon.com/http://man7.org/linux/man-pages/man7/capabilities.7.html) Linux manual page. + KeyValuePair: + type: object + properties: + Name: + type: string + description: The name of the key-value pair. For environment variables, this is the name of the environment variable. + Value: + type: string + description: The value of the key-value pair. For environment variables, this is the value of the environment variable. + additionalProperties: false + description: A key-value pair object. + LinuxParameters: + type: object + properties: + Capabilities: + $ref: '#/components/schemas/KernelCapabilities' + description: |- + The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. + For tasks that use the Fargate launch type, ``capabilities`` is supported for all platform versions but the ``add`` parameter is only supported if using platform version 1.4.0 or later. + Devices: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Device' + description: |- + Any host devices to expose to the container. This parameter maps to ``Devices`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--device`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + If you're using tasks that use the Fargate launch type, the ``devices`` parameter isn't supported. + InitProcessEnabled: + type: boolean + description: >- + Run an ``init`` process inside the container that forwards signals and reaps processes. This parameter maps to the ``--init`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo + docker version --format '{{.Server.APIVersion}}'`` + MaxSwap: + type: integer + description: |- + The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the ``--memory-swap`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) where the value would be the sum of the container memory plus the ``maxSwap`` value. + If a ``maxSwap`` value of ``0`` is specified, the container will not use swap. Accepted values are ``0`` or any positive integer. If the ``maxSwap`` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A ``maxSwap`` value must be set for the ``swappiness`` parameter to be used. + If you're using tasks that use the Fargate launch type, the ``maxSwap`` parameter isn't supported. + If you're using tasks on Amazon Linux 2023 the ``swappiness`` parameter isn't supported. + SharedMemorySize: + type: integer + description: |- + The value for the size (in MiB) of the ``/dev/shm`` volume. This parameter maps to the ``--shm-size`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + If you are using tasks that use the Fargate launch type, the ``sharedMemorySize`` parameter is not supported. + Swappiness: + type: integer + description: >- + This allows you to tune a container's memory swappiness behavior. A ``swappiness`` value of ``0`` will cause swapping to not happen unless absolutely necessary. A ``swappiness`` value of ``100`` will cause pages to be swapped very aggressively. Accepted values are whole numbers between ``0`` and ``100``. If the ``swappiness`` parameter is not specified, a default value of ``60`` is used. If a value is not specified for ``maxSwap`` then this parameter is ignored. This parameter maps + to the ``--memory-swappiness`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + If you're using tasks that use the Fargate launch type, the ``swappiness`` parameter isn't supported. + If you're using tasks on Amazon Linux 2023 the ``swappiness`` parameter isn't supported. + Tmpfs: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tmpfs' + description: |- + The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the ``--tmpfs`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). + If you're using tasks that use the Fargate launch type, the ``tmpfs`` parameter isn't supported. + additionalProperties: false + description: The Linux-specific options that are applied to the container, such as Linux [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html). + PortMapping: + type: object + properties: + Name: + type: string + description: |- + The name that's used for the port mapping. This parameter only applies to Service Connect. This parameter is the name that you use in the ``serviceConnectConfiguration`` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen. + For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. + ContainerPort: + type: integer + description: |- + The port number on the container that's bound to the user-specified or automatically assigned host port. + If you use containers in a task with the ``awsvpc`` or ``host`` network mode, specify the exposed ports using ``containerPort``. + If you use containers in a task with the ``bridge`` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see ``hostPort``. Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance. + ContainerPortRange: + type: string + description: |- + The port number range on the container that's bound to the dynamically mapped host port range. + The following rules apply when you specify a ``containerPortRange``: + + You must use either the ``bridge`` network mode or the ``awsvpc`` network mode. + + This parameter is available for both the EC2 and FARGATElong launch types. + + This parameter is available for both the Linux and Windows operating systems. + + The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the ``ecs-init`` package + + You can specify a maximum of 100 port ranges per container. + + You do not specify a ``hostPortRange``. The value of the ``hostPortRange`` is set as follows: + + For containers in a task with the ``awsvpc`` network mode, the ``hostPortRange`` is set to the same value as the ``containerPortRange``. This is a static mapping strategy. + + For containers in a task with the ``bridge`` network mode, the Amazon ECS agent finds open host + HostPort: + type: integer + description: |- + The port number on the container instance to reserve for your container. + If you specify a ``containerPortRange``, leave this field empty and the value of the ``hostPort`` is set as follows: + + For containers in a task with the ``awsvpc`` network mode, the ``hostPort`` is set to the same value as the ``containerPort``. This is a static mapping strategy. + + For containers in a task with the ``bridge`` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy. + + If you use containers in a task with the ``awsvpc`` or ``host`` network mode, the ``hostPort`` can either be left blank or set to the same value as the ``containerPort``. + If you use containers in a task with the ``bridge`` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the ``hostPort`` (or set it to ``0``) while specifying a ``containerPort`` and your container automatically + Protocol: + type: string + description: The protocol used for the port mapping. Valid values are ``tcp`` and ``udp``. The default is ``tcp``. ``protocol`` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment. + AppProtocol: + type: string + enum: + - http + - http2 + - grpc + description: |- + The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch. + If you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP. + ``appProtocol`` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment. + Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS se + additionalProperties: false + description: |- + The ``PortMapping`` property specifies a port mapping. Port mappings allow containers to access ports on the host container instance to send or receive traffic. Port mappings are specified as part of the container definition. + If you are using containers in a task with the ``awsvpc`` or ``host`` network mode, exposed ports should be specified using ``containerPort``. The ``hostPort`` can be left blank or it must be the same value as the ``containerPort``. + After a task reaches the ``RUNNING`` status, manual and automatic host and container port assignments are visible in the ``networkBindings`` section of [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) API responses. + MountPoint: + type: object + properties: + ContainerPath: + type: string + description: The path on the container to mount the host volume at. + ReadOnly: + type: boolean + description: If this value is ``true``, the container has read-only access to the volume. If this value is ``false``, then the container can write to the volume. The default value is ``false``. + SourceVolume: + type: string + description: The name of the volume to mount. Must be a volume name referenced in the ``name`` parameter of task definition ``volume``. + additionalProperties: false + description: The details for a volume mount point that's used in a container definition. + ProxyConfiguration: + type: object + required: + - ContainerName + properties: + ContainerName: + type: string + description: The name of the container that will serve as the App Mesh proxy. + ProxyConfigurationProperties: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/KeyValuePair' + description: |- + The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs. + + ``IgnoredUID`` - (Required) The user ID (UID) of the proxy container as defined by the ``user`` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If ``IgnoredGID`` is specified, this field can be empty. + + ``IgnoredGID`` - (Required) The group ID (GID) of the proxy container as defined by the ``user`` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If ``IgnoredUID`` is specified, this field can be empty. + + ``AppPorts`` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the ``ProxyIngressPort`` and ``ProxyEgressPort``. + + ``ProxyIngressPort`` - (Required) Specifies the port that incoming traffic to the ``AppPorts`` is directed to. + + ``ProxyEgressPort`` - (Required) Specifies the port that outgoi + Type: + type: string + description: The proxy type. The only supported value is ``APPMESH``. + additionalProperties: false + description: |- + The configuration details for the App Mesh proxy. + For tasks that use the EC2 launch type, the container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the ``ecs-init`` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) + RepositoryCredentials: + type: object + properties: + CredentialsParameter: + type: string + description: |- + The Amazon Resource Name (ARN) of the secret containing the private repository credentials. + When you use the Amazon ECS API, CLI, or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret. + additionalProperties: false + description: The repository credentials for private registry authentication. + ResourceRequirement: + type: object + required: + - Type + - Value + properties: + Type: + type: string + description: The type of resource to assign to a container. The supported values are ``GPU`` or ``InferenceAccelerator``. + Value: + type: string + description: |- + The value for the specified resource type. + If the ``GPU`` type is used, the value is the number of physical ``GPUs`` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on. + If the ``InferenceAccelerator`` type is used, the ``value`` matches the ``deviceName`` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition. + additionalProperties: false + description: The type and amount of a resource to assign to a container. The supported resource types are GPUs and Elastic Inference accelerators. For more information, see [Working with GPUs on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-gpu.html) or [Working with Amazon Elastic Inference on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-inference.html) in the *Amazon Elastic Container Service Developer Guide* + RuntimePlatform: + type: object + properties: + CpuArchitecture: + type: string + description: |- + The CPU architecture. + You can run your Linux tasks on an ARM-based platform by setting the value to ``ARM64``. This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate. + OperatingSystemFamily: + type: string + description: The operating system. + additionalProperties: false + description: |- + Information about the platform for the Amazon ECS service or task. + For more information about ``RuntimePlatform``, see [RuntimePlatform](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform) in the *Amazon Elastic Container Service Developer Guide*. + TaskDefinitionPlacementConstraint: + type: object + required: + - Type + properties: + Type: + type: string + description: The type of constraint. The ``MemberOf`` constraint restricts selection to be from a group of valid candidates. + Expression: + type: string + description: A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide*. + additionalProperties: false + description: |- + The constraint on task placement in the task definition. For more information, see [Task placement constraints](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-constraints.html) in the *Amazon Elastic Container Service Developer Guide*. + Task placement constraints aren't supported for tasks run on FARGATElong. + Tmpfs: + type: object + required: + - Size + properties: + ContainerPath: + type: string + description: The absolute file path where the tmpfs volume is to be mounted. + MountOptions: + type: array + x-insertionOrder: false + items: + type: string + description: |- + The list of tmpfs volume mount options. + Valid values: ``"defaults" | "ro" | "rw" | "suid" | "nosuid" | "dev" | "nodev" | "exec" | "noexec" | "sync" | "async" | "dirsync" | "remount" | "mand" | "nomand" | "atime" | "noatime" | "diratime" | "nodiratime" | "bind" | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime" | "norelatime" | "strictatime" | "nostrictatime" | "mode" | "uid" | "gid" | "nr_inodes" | "nr_blocks" | "mpol"`` + Size: + type: integer + description: The maximum size (in MiB) of the tmpfs volume. + additionalProperties: false + description: The container path, mount options, and size of the tmpfs mount. + Ulimit: + type: object + required: + - HardLimit + - Name + - SoftLimit + properties: + HardLimit: + type: integer + description: The hard limit for the ``ulimit`` type. + Name: + type: string + description: The ``type`` of the ``ulimit``. + SoftLimit: + type: integer + description: The soft limit for the ``ulimit`` type. + additionalProperties: false + description: |- + The ``ulimit`` settings to pass to the container. + Amazon ECS tasks hosted on FARGATElong use the default resource limit values set by the operating system with the exception of the ``nofile`` resource limit parameter which FARGATElong overrides. The ``nofile`` resource limit sets a restriction on the number of open files that a container can use. The default ``nofile`` soft limit is ``1024`` and the default hard limit is ``65535``. + You can specify the ``ulimit`` settings for a container in a task definition. + Volume: + type: object + properties: + ConfiguredAtLaunch: + type: boolean + description: |- + Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration. + To configure a volume at launch time, use this task definition revision and specify a ``volumeConfigurations`` object when calling the ``CreateService``, ``UpdateService``, ``RunTask`` or ``StartTask`` APIs. + DockerVolumeConfiguration: + $ref: '#/components/schemas/DockerVolumeConfiguration' + description: |- + This parameter is specified when you use Docker volumes. + Windows containers only support the use of the ``local`` driver. To use bind mounts, specify the ``host`` parameter instead. + Docker volumes aren't supported by tasks run on FARGATElong. + EFSVolumeConfiguration: + $ref: '#/components/schemas/EFSVolumeConfiguration' + description: This parameter is specified when you use an Amazon Elastic File System file system for task storage. + Host: + $ref: '#/components/schemas/HostVolumeProperties' + description: |- + This parameter is specified when you use bind mount host volumes. The contents of the ``host`` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the ``host`` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running. + Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount ``C:\my\path:C:\my\path`` and ``D:\:D:\``, but not ``D:\my\path:C:\my\path`` or ``D:\:C:\my\path``. + Name: + type: string + description: |- + The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. + When using a volume configured at launch, the ``name`` is required and must also be specified as the volume name in the ``ServiceVolumeConfiguration`` or ``TaskVolumeConfiguration`` parameter when creating your service or standalone task. + For all other types of volumes, this name is referenced in the ``sourceVolume`` parameter of the ``mountPoints`` object in the container definition. + When a volume is using the ``efsVolumeConfiguration``, the name is required. + additionalProperties: false + description: >- + The data volume configuration for tasks launched using this task definition. Specifying a volume configuration in a task definition is optional. The volume configuration may contain multiple volumes but only one volume configured at launch is supported. Each volume defined in the volume configuration may only specify a ``name`` and one of either ``configuredAtLaunch``, ``dockerVolumeConfiguration``, ``efsVolumeConfiguration``, ``fsxWindowsFileServerVolumeConfiguration``, or ``host``. If + an empty volume configuration is specified, by default Amazon ECS uses a host volume. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html). + VolumeFrom: + type: object + properties: + ReadOnly: + type: boolean + description: If this value is ``true``, the container has read-only access to the volume. If this value is ``false``, then the container can write to the volume. The default value is ``false``. + SourceContainer: + type: string + description: The name of another container within the same task definition to mount volumes from. + additionalProperties: false + description: Details on a data volume from another container in the same task definition. + TaskDefinition: + type: object + properties: + TaskDefinitionArn: + description: '' + type: string + Family: + type: string + description: |- + The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. + A family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add. + To use revision numbers when you update a task definition, specify this property. If you don't specify a value, CFNlong generates a new task definition each time that you update it. + ContainerDefinitions: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/ContainerDefinition' + description: A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide*. + Cpu: + type: string + description: |- + The number of ``cpu`` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the ``memory`` parameter. + The CPU units cannot be less than 1 vCPU when you use Windows containers on Fargate. + + 256 (.25 vCPU) - Available ``memory`` values: 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) + + 512 (.5 vCPU) - Available ``memory`` values: 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) + + 1024 (1 vCPU) - Available ``memory`` values: 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) + + 2048 (2 vCPU) - Available ``memory`` values: 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) + + 4096 (4 vCPU) - Available ``memory`` values: 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) + + 8192 (8 vCPU) - Available ``memory`` va + ExecutionRoleArn: + type: string + description: The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. The task execution IAM role is required depending on the requirements of your task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide*. + EphemeralStorage: + $ref: '#/components/schemas/EphemeralStorage' + description: The ephemeral storage settings to use for tasks run with the task definition. + InferenceAccelerators: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/InferenceAccelerator' + description: The Elastic Inference accelerators to use for the containers in the task. + Memory: + type: string + description: |- + The amount (in MiB) of memory used by the task. + If your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html). + If your tasks runs on FARGATElong, this field is required. You must use one of the following values. The value you choose determines your range of valid values for the ``cpu`` parameter. + + 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available ``cpu`` values: 256 (.25 vCPU) + + 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available ``cpu`` values: 512 (.5 vCPU) + + 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available ``cpu`` va + NetworkMode: + type: string + description: |- + The Docker networking mode to use for the containers in the task. The valid values are ``none``, ``bridge``, ``awsvpc``, and ``host``. If no network mode is specified, the default is ``bridge``. + For Amazon ECS tasks on Fargate, the ``awsvpc`` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, ```` or ``awsvpc`` can be used. If the network mode is set to ``none``, you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The ``host`` and ``awsvpc`` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the ``bridge`` mode. + With the ``host`` and ``awsvpc`` network modes, exposed container ports are mapped directly to the corresponding host port (for the ``host`` network mode) or the attached elasti + PlacementConstraints: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/TaskDefinitionPlacementConstraint' + description: |- + An array of placement constraint objects to use for tasks. + This parameter isn't supported for tasks run on FARGATElong. + ProxyConfiguration: + $ref: '#/components/schemas/ProxyConfiguration' + description: |- + The configuration details for the App Mesh proxy. + Your Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the ``ecs-init`` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version ``20190301`` or later, they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*. + RequiresCompatibilities: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + description: The task launch types the task definition was validated against. The valid values are ``EC2``, ``FARGATE``, and ``EXTERNAL``. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide*. + TaskRoleArn: + type: string + description: |- + The short name or full Amazon Resource Name (ARN) of the IAMlong role that grants containers in the task permission to call AWS APIs on your behalf. For more information, see [Amazon ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide*. + IAM roles for tasks on Windows require that the ``-EnableTaskIAMRole`` option is set when you launch the Amazon ECS-optimized Windows AMI. Your containers must also run some configuration code to use the feature. For more information, see [Windows IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows_task_IAM_roles.html) in the *Amazon Elastic Container Service Developer Guide*. + Volumes: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Volume' + description: |- + The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide*. + The ``host`` and ``sourcePath`` parameters aren't supported for tasks run on FARGATElong. + PidMode: + type: string + description: |- + The process namespace to use for the containers in the task. The valid values are ``host`` or ``task``. On Fargate for Linux containers, the only valid value is ``task``. For example, monitoring sidecars might need ``pidMode`` to access information about other containers running in the same task. + If ``host`` is specified, all containers within the tasks that specified the ``host`` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance. + If ``task`` is specified, all containers within the specified task share the same process namespace. + If no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the *Docker run reference*. + If the ``host`` PID mode is used, there's a heightened risk of undesired process namespace exposure. For more information, see [Docker security](https://doc + RuntimePlatform: + $ref: '#/components/schemas/RuntimePlatform' + description: |- + The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type. + When you specify a task definition in a service, this value must match the ``runtimePlatform`` value of the service. + IpcMode: + type: string + description: >- + The IPC resource namespace to use for the containers in the task. The valid values are ``host``, ``task``, or ``none``. If ``host`` is specified, then all containers within the tasks that specified the ``host`` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If ``task`` is specified, all containers within the specified task share the same IPC resources. If ``none`` is specified, then IPC resources within the containers of a task + are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the *Docker run reference*. + If the ``host`` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose. For more inform + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + description: |- + The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them. + The following basic restrictions apply to tags: + + Maximum number of tags per resource - 50 + + For each resource, each tag key must be unique, and each tag key can have only one value. + + Maximum key length - 128 Unicode characters in UTF-8 + + Maximum value length - 256 Unicode characters in UTF-8 + + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @. + + Tag keys and values are case-sensitive. + + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values + x-stackql-resource-name: task_definition + x-stackql-primaryIdentifier: + - TaskDefinitionArn + x-create-only-properties: + - Family + - ContainerDefinitions + - Cpu + - ExecutionRoleArn + - InferenceAccelerators + - Memory + - NetworkMode + - PlacementConstraints + - ProxyConfiguration + - RequiresCompatibilities + - RuntimePlatform + - TaskRoleArn + - Volumes + - PidMode + - IpcMode + - EphemeralStorage + x-read-only-properties: + - TaskDefinitionArn + x-required-permissions: + create: + - ecs:RegisterTaskDefinition + - ecs:DescribeTaskDefinition + - ecs:TagResource + - iam:GetRole + - iam:PassRole + read: + - ecs:DescribeTaskDefinition + update: + - ecs:TagResource + - ecs:UntagResource + - ecs:ListTagsForResource + - ecs:DescribeTaskDefinition + - iam:GetRole + - iam:PassRole + delete: + - ecs:DeregisterTaskDefinition + - ecs:DescribeTaskDefinition + - iam:GetRole + - iam:PassRole + list: + - ecs:ListTaskDefinitions + - ecs:DescribeTaskDefinition + Scale: + type: object + properties: + Unit: + description: The unit of measure for the scale value. + type: string + enum: + - PERCENT + Value: + description: The value, specified as a percent total of a service's desiredCount, to scale the task set. Accepted values are numbers between 0 and 100. + type: number + minimum: 0 + maximum: 100 + additionalProperties: false + TaskSet: + type: object + properties: + Cluster: + description: The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in. + type: string + ExternalId: + description: 'An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the ECS_TASK_SET_EXTERNAL_ID AWS Cloud Map attribute set to the provided value. ' + type: string + Id: + description: The ID of the task set. + type: string + LaunchType: + description: 'The launch type that new tasks in the task set will use. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html in the Amazon Elastic Container Service Developer Guide. ' + type: string + enum: + - EC2 + - FARGATE + LoadBalancers: + type: array + items: + $ref: '#/components/schemas/LoadBalancer' + NetworkConfiguration: + $ref: '#/components/schemas/NetworkConfiguration' + PlatformVersion: + description: The platform version that the tasks in the task set should use. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the LATEST platform version is used by default. + type: string + Scale: + description: A floating-point percentage of the desired number of tasks to place and keep running in the task set. + $ref: '#/components/schemas/Scale' + Service: + description: The short name or full Amazon Resource Name (ARN) of the service to create the task set in. + type: string + ServiceRegistries: + description: The details of the service discovery registries to assign to this task set. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html. + type: array + items: + $ref: '#/components/schemas/ServiceRegistry' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + TaskDefinition: + description: The short name or full Amazon Resource Name (ARN) of the task definition for the tasks in the task set to use. + type: string + required: + - Cluster + - Service + - TaskDefinition + x-stackql-resource-name: task_set + x-stackql-primaryIdentifier: + - Cluster + - Service + - Id + x-create-only-properties: + - Cluster + - ExternalId + - LaunchType + - LoadBalancers + - NetworkConfiguration + - PlatformVersion + - Service + - ServiceRegistries + - TaskDefinition + x-read-only-properties: + - Id + x-required-permissions: + create: + - ecs:CreateTaskSet + - ecs:DescribeTaskSets + - ecs:TagResource + read: + - ecs:DescribeTaskSets + update: + - ecs:DescribeTaskSets + - ecs:TagResource + - ecs:UntagResource + - ecs:UpdateTaskSet + delete: + - ecs:DeleteTaskSet + - ecs:DescribeTaskSets + x-stackQL-resources: + cluster_capacity_provider_associations: + name: cluster_capacity_provider_associations + id: awscc.ecs.cluster_capacity_provider_associations + x-cfn-schema-name: ClusterCapacityProviderAssociations + x-type: get + x-identifiers: + - Cluster + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CapacityProviders') as capacity_providers, + JSON_EXTRACT(Properties, '$.Cluster') as cluster, + JSON_EXTRACT(Properties, '$.DefaultCapacityProviderStrategy') as default_capacity_provider_strategy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::ClusterCapacityProviderAssociations' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CapacityProviders') as capacity_providers, + json_extract_path_text(Properties, 'Cluster') as cluster, + json_extract_path_text(Properties, 'DefaultCapacityProviderStrategy') as default_capacity_provider_strategy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::ClusterCapacityProviderAssociations' + AND data__Identifier = '' + AND region = 'us-east-1' + primary_task_sets: + name: primary_task_sets + id: awscc.ecs.primary_task_sets + x-cfn-schema-name: PrimaryTaskSet + x-type: list + x-identifiers: + - Cluster + - Service + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Cluster') as cluster, + JSON_EXTRACT(Properties, '$.Service') as service + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::PrimaryTaskSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Cluster') as cluster, + json_extract_path_text(Properties, 'Service') as service + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::PrimaryTaskSet' + AND region = 'us-east-1' + primary_task_set: + name: primary_task_set + id: awscc.ecs.primary_task_set + x-cfn-schema-name: PrimaryTaskSet + x-type: get + x-identifiers: + - Cluster + - Service + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Cluster') as cluster, + JSON_EXTRACT(Properties, '$.TaskSetId') as task_set_id, + JSON_EXTRACT(Properties, '$.Service') as service + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::PrimaryTaskSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Cluster') as cluster, + json_extract_path_text(Properties, 'TaskSetId') as task_set_id, + json_extract_path_text(Properties, 'Service') as service + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::PrimaryTaskSet' + AND data__Identifier = '' + AND region = 'us-east-1' + services: + name: services + id: awscc.ecs.services + x-cfn-schema-name: Service + x-type: list + x-identifiers: + - ServiceArn + - Cluster + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServiceArn') as service_arn, + JSON_EXTRACT(Properties, '$.Cluster') as cluster + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::Service' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServiceArn') as service_arn, + json_extract_path_text(Properties, 'Cluster') as cluster + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::Service' + AND region = 'us-east-1' + service: + name: service + id: awscc.ecs.service + x-cfn-schema-name: Service + x-type: get + x-identifiers: + - ServiceArn + - Cluster + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServiceArn') as service_arn, + JSON_EXTRACT(Properties, '$.CapacityProviderStrategy') as capacity_provider_strategy, + JSON_EXTRACT(Properties, '$.Cluster') as cluster, + JSON_EXTRACT(Properties, '$.DeploymentConfiguration') as deployment_configuration, + JSON_EXTRACT(Properties, '$.DeploymentController') as deployment_controller, + JSON_EXTRACT(Properties, '$.DesiredCount') as desired_count, + JSON_EXTRACT(Properties, '$.EnableECSManagedTags') as enable_ec_smanaged_tags, + JSON_EXTRACT(Properties, '$.EnableExecuteCommand') as enable_execute_command, + JSON_EXTRACT(Properties, '$.HealthCheckGracePeriodSeconds') as health_check_grace_period_seconds, + JSON_EXTRACT(Properties, '$.LaunchType') as launch_type, + JSON_EXTRACT(Properties, '$.LoadBalancers') as load_balancers, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.NetworkConfiguration') as network_configuration, + JSON_EXTRACT(Properties, '$.PlacementConstraints') as placement_constraints, + JSON_EXTRACT(Properties, '$.PlacementStrategies') as placement_strategies, + JSON_EXTRACT(Properties, '$.PlatformVersion') as platform_version, + JSON_EXTRACT(Properties, '$.PropagateTags') as propagate_tags, + JSON_EXTRACT(Properties, '$.Role') as role, + JSON_EXTRACT(Properties, '$.SchedulingStrategy') as scheduling_strategy, + JSON_EXTRACT(Properties, '$.ServiceConnectConfiguration') as service_connect_configuration, + JSON_EXTRACT(Properties, '$.ServiceName') as service_name, + JSON_EXTRACT(Properties, '$.ServiceRegistries') as service_registries, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TaskDefinition') as task_definition, + JSON_EXTRACT(Properties, '$.VolumeConfigurations') as volume_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::Service' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServiceArn') as service_arn, + json_extract_path_text(Properties, 'CapacityProviderStrategy') as capacity_provider_strategy, + json_extract_path_text(Properties, 'Cluster') as cluster, + json_extract_path_text(Properties, 'DeploymentConfiguration') as deployment_configuration, + json_extract_path_text(Properties, 'DeploymentController') as deployment_controller, + json_extract_path_text(Properties, 'DesiredCount') as desired_count, + json_extract_path_text(Properties, 'EnableECSManagedTags') as enable_ec_smanaged_tags, + json_extract_path_text(Properties, 'EnableExecuteCommand') as enable_execute_command, + json_extract_path_text(Properties, 'HealthCheckGracePeriodSeconds') as health_check_grace_period_seconds, + json_extract_path_text(Properties, 'LaunchType') as launch_type, + json_extract_path_text(Properties, 'LoadBalancers') as load_balancers, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'NetworkConfiguration') as network_configuration, + json_extract_path_text(Properties, 'PlacementConstraints') as placement_constraints, + json_extract_path_text(Properties, 'PlacementStrategies') as placement_strategies, + json_extract_path_text(Properties, 'PlatformVersion') as platform_version, + json_extract_path_text(Properties, 'PropagateTags') as propagate_tags, + json_extract_path_text(Properties, 'Role') as role, + json_extract_path_text(Properties, 'SchedulingStrategy') as scheduling_strategy, + json_extract_path_text(Properties, 'ServiceConnectConfiguration') as service_connect_configuration, + json_extract_path_text(Properties, 'ServiceName') as service_name, + json_extract_path_text(Properties, 'ServiceRegistries') as service_registries, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TaskDefinition') as task_definition, + json_extract_path_text(Properties, 'VolumeConfigurations') as volume_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::Service' + AND data__Identifier = '' + AND region = 'us-east-1' + task_definitions: + name: task_definitions + id: awscc.ecs.task_definitions + x-cfn-schema-name: TaskDefinition + x-type: list + x-identifiers: + - TaskDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TaskDefinitionArn') as task_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::TaskDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TaskDefinitionArn') as task_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::TaskDefinition' + AND region = 'us-east-1' + task_definition: + name: task_definition + id: awscc.ecs.task_definition + x-cfn-schema-name: TaskDefinition + x-type: get + x-identifiers: + - TaskDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TaskDefinitionArn') as task_definition_arn, + JSON_EXTRACT(Properties, '$.Family') as family, + JSON_EXTRACT(Properties, '$.ContainerDefinitions') as container_definitions, + JSON_EXTRACT(Properties, '$.Cpu') as cpu, + JSON_EXTRACT(Properties, '$.ExecutionRoleArn') as execution_role_arn, + JSON_EXTRACT(Properties, '$.EphemeralStorage') as ephemeral_storage, + JSON_EXTRACT(Properties, '$.InferenceAccelerators') as inference_accelerators, + JSON_EXTRACT(Properties, '$.Memory') as memory, + JSON_EXTRACT(Properties, '$.NetworkMode') as network_mode, + JSON_EXTRACT(Properties, '$.PlacementConstraints') as placement_constraints, + JSON_EXTRACT(Properties, '$.ProxyConfiguration') as proxy_configuration, + JSON_EXTRACT(Properties, '$.RequiresCompatibilities') as requires_compatibilities, + JSON_EXTRACT(Properties, '$.TaskRoleArn') as task_role_arn, + JSON_EXTRACT(Properties, '$.Volumes') as volumes, + JSON_EXTRACT(Properties, '$.PidMode') as pid_mode, + JSON_EXTRACT(Properties, '$.RuntimePlatform') as runtime_platform, + JSON_EXTRACT(Properties, '$.IpcMode') as ipc_mode, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::TaskDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TaskDefinitionArn') as task_definition_arn, + json_extract_path_text(Properties, 'Family') as family, + json_extract_path_text(Properties, 'ContainerDefinitions') as container_definitions, + json_extract_path_text(Properties, 'Cpu') as cpu, + json_extract_path_text(Properties, 'ExecutionRoleArn') as execution_role_arn, + json_extract_path_text(Properties, 'EphemeralStorage') as ephemeral_storage, + json_extract_path_text(Properties, 'InferenceAccelerators') as inference_accelerators, + json_extract_path_text(Properties, 'Memory') as memory, + json_extract_path_text(Properties, 'NetworkMode') as network_mode, + json_extract_path_text(Properties, 'PlacementConstraints') as placement_constraints, + json_extract_path_text(Properties, 'ProxyConfiguration') as proxy_configuration, + json_extract_path_text(Properties, 'RequiresCompatibilities') as requires_compatibilities, + json_extract_path_text(Properties, 'TaskRoleArn') as task_role_arn, + json_extract_path_text(Properties, 'Volumes') as volumes, + json_extract_path_text(Properties, 'PidMode') as pid_mode, + json_extract_path_text(Properties, 'RuntimePlatform') as runtime_platform, + json_extract_path_text(Properties, 'IpcMode') as ipc_mode, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::TaskDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + task_sets: + name: task_sets + id: awscc.ecs.task_sets + x-cfn-schema-name: TaskSet + x-type: list + x-identifiers: + - Cluster + - Service + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Cluster') as cluster, + JSON_EXTRACT(Properties, '$.Service') as service, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::TaskSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Cluster') as cluster, + json_extract_path_text(Properties, 'Service') as service, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ECS::TaskSet' + AND region = 'us-east-1' + task_set: + name: task_set + id: awscc.ecs.task_set + x-cfn-schema-name: TaskSet + x-type: get + x-identifiers: + - Cluster + - Service + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Cluster') as cluster, + JSON_EXTRACT(Properties, '$.ExternalId') as external_id, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LaunchType') as launch_type, + JSON_EXTRACT(Properties, '$.LoadBalancers') as load_balancers, + JSON_EXTRACT(Properties, '$.NetworkConfiguration') as network_configuration, + JSON_EXTRACT(Properties, '$.PlatformVersion') as platform_version, + JSON_EXTRACT(Properties, '$.Scale') as scale, + JSON_EXTRACT(Properties, '$.Service') as service, + JSON_EXTRACT(Properties, '$.ServiceRegistries') as service_registries, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TaskDefinition') as task_definition + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::TaskSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Cluster') as cluster, + json_extract_path_text(Properties, 'ExternalId') as external_id, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LaunchType') as launch_type, + json_extract_path_text(Properties, 'LoadBalancers') as load_balancers, + json_extract_path_text(Properties, 'NetworkConfiguration') as network_configuration, + json_extract_path_text(Properties, 'PlatformVersion') as platform_version, + json_extract_path_text(Properties, 'Scale') as scale, + json_extract_path_text(Properties, 'Service') as service, + json_extract_path_text(Properties, 'ServiceRegistries') as service_registries, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TaskDefinition') as task_definition + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ECS::TaskSet' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/efs.yaml b/providers/src/awscc/v00.00.00000/services/efs.yaml new file mode 100644 index 00000000..e373d042 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/efs.yaml @@ -0,0 +1,642 @@ +openapi: 3.0.0 +info: + title: EFS + version: 1.0.0 +paths: {} +components: + schemas: + AccessPointTag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + description: The tag key (String). The key can't start with ``aws:``. + Value: + type: string + minLength: 1 + maxLength: 256 + description: The value of the tag key. + additionalProperties: false + description: 'A tag is a key-value pair attached to a file system. Allowed characters in the ``Key`` and ``Value`` properties are letters, white space, and numbers that can be represented in UTF-8, and the following characters:``+ - = . _ : /``' + CreationInfo: + type: object + properties: + OwnerUid: + type: string + description: Specifies the POSIX user ID to apply to the ``RootDirectory``. Accepts values from 0 to 2^32 (4294967295). + OwnerGid: + type: string + description: Specifies the POSIX group ID to apply to the ``RootDirectory``. Accepts values from 0 to 2^32 (4294967295). + Permissions: + type: string + description: Specifies the POSIX permissions to apply to the ``RootDirectory``, in the format of an octal number representing the file's mode bits. + pattern: ^[0-7]{3,4}$ + required: + - OwnerUid + - OwnerGid + - Permissions + additionalProperties: false + description: |- + Required if the ``RootDirectory`` > ``Path`` specified does not exist. Specifies the POSIX IDs and permissions to apply to the access point's ``RootDirectory`` > ``Path``. If the access point root directory does not exist, EFS creates it with these settings when a client connects to the access point. When specifying ``CreationInfo``, you must include values for all properties. + Amazon EFS creates a root directory only if you have provided the CreationInfo: OwnUid, OwnGID, and permissions for the directory. If you do not provide this information, Amazon EFS does not create the root directory. If the root directory does not exist, attempts to mount using the access point will fail. + If you do not provide ``CreationInfo`` and the specified ``RootDirectory`` does not exist, attempts to mount the file system using the access point will fail. + RootDirectory: + type: object + properties: + Path: + type: string + description: Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the ``CreationInfo``. + minLength: 1 + maxLength: 100 + CreationInfo: + description: |- + (Optional) Specifies the POSIX IDs and permissions to apply to the access point's ``RootDirectory``. If the ``RootDirectory`` > ``Path`` specified does not exist, EFS creates the root directory using the ``CreationInfo`` settings when a client connects to an access point. When specifying the ``CreationInfo``, you must provide values for all properties. + If you do not provide ``CreationInfo`` and the specified ``RootDirectory`` > ``Path`` does not exist, attempts to mount the file system using the access point will fail. + $ref: '#/components/schemas/CreationInfo' + additionalProperties: false + description: Specifies the directory on the Amazon EFS file system that the access point provides access to. The access point exposes the specified file system path as the root directory of your file system to applications using the access point. NFS clients using the access point can only access data in the access point's ``RootDirectory`` and its subdirectories. + PosixUser: + type: object + properties: + Uid: + type: string + description: The POSIX user ID used for all file system operations using this access point. + Gid: + type: string + description: The POSIX group ID used for all file system operations using this access point. + SecondaryGids: + type: array + description: Secondary POSIX group IDs used for all file system operations using this access point. + items: + type: string + required: + - Uid + - Gid + additionalProperties: false + description: The full POSIX identity, including the user ID, group ID, and any secondary group IDs, on the access point that is used for all file system operations performed by NFS clients using the access point. + AccessPoint: + type: object + properties: + AccessPointId: + type: string + description: '' + Arn: + type: string + description: '' + ClientToken: + description: The opaque string specified in the request to ensure idempotent creation. + type: string + AccessPointTags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/AccessPointTag' + description: |- + An array of key-value pairs to apply to this resource. + For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). + FileSystemId: + description: The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example ``fs-0123456789abcedf2``. + type: string + PosixUser: + description: The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point. + $ref: '#/components/schemas/PosixUser' + RootDirectory: + description: The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point. + $ref: '#/components/schemas/RootDirectory' + required: + - FileSystemId + x-stackql-resource-name: access_point + x-stackql-primaryIdentifier: + - AccessPointId + x-create-only-properties: + - FileSystemId + - ClientToken + - CreationInfo + - CreationInfo/OwnerUid + - CreationInfo/OwnerGid + - CreationInfo/Permissions + - PosixUser + - PosixUser/Uid + - PosixUser/Gid + - PosixUser/SecondaryGids + - RootDirectory + - RootDirectory/Path + - RootDirectory/CreationInfo + x-read-only-properties: + - AccessPointId + - Arn + x-required-permissions: + create: + - elasticfilesystem:CreateAccessPoint + - elasticfilesystem:TagResource + - elasticfilesystem:DescribeAccessPoints + read: + - elasticfilesystem:DescribeAccessPoints + delete: + - elasticfilesystem:DeleteAccessPoint + - elasticfilesystem:DescribeAccessPoints + list: + - elasticfilesystem:DescribeAccessPoints + update: + - elasticfilesystem:DescribeAccessPoints + - elasticfilesystem:ListTagsForResource + - elasticfilesystem:TagResource + - elasticfilesystem:UntagResource + Arn: + type: string + ElasticFileSystemTag: + type: object + additionalProperties: false + properties: + Key: + type: string + description: The tag key (String). The key can't start with ``aws:``. + Value: + type: string + description: The value of the tag key. + required: + - Value + - Key + description: 'A tag is a key-value pair attached to a file system. Allowed characters in the ``Key`` and ``Value`` properties are letters, white space, and numbers that can be represented in UTF-8, and the following characters:``+ - = . _ : /``' + LifecyclePolicy: + type: object + additionalProperties: false + properties: + TransitionToIA: + type: string + description: The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events. + TransitionToPrimaryStorageClass: + type: string + description: Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events. + TransitionToArchive: + type: string + description: The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events. + description: |- + Describes a policy used by Lifecycle management that specifies when to transition files into and out of the EFS storage classes. For more information, see [Managing file system storage](https://docs.aws.amazon.com/efs/latest/ug/lifecycle-management-efs.html). + + Each ``LifecyclePolicy`` object can have only a single transition. This means that in a request body, ``LifecyclePolicies`` must be structured as an array of ``LifecyclePolicy`` objects, one object for each transition, ``TransitionToIA``, ``TransitionToArchive``, ``TransitionToPrimaryStorageClass``. + + See the AWS::EFS::FileSystem examples for the correct ``LifecyclePolicy`` structure. Do not use the syntax shown on this page. + BackupPolicy: + type: object + additionalProperties: false + properties: + Status: + type: string + description: |- + Set the backup policy status for the file system. + + *ENABLED* - Turns automatic backups on for the file system. + + *DISABLED* - Turns automatic backups off for the file system. + required: + - Status + description: The backup policy turns automatic backups for the file system on or off. + FileSystemProtection: + type: object + additionalProperties: false + properties: + ReplicationOverwriteProtection: + type: string + enum: + - DISABLED + - ENABLED + description: |- + The status of the file system's replication overwrite protection. + + ``ENABLED`` – The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is ``ENABLED`` by default. + + ``DISABLED`` – The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication. + + ``REPLICATING`` – The file system is being used as the destination file system in a replication configuration. The file system is read-only and is only modified only by EFS replication. + + If the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable. + description: Describes the protection on the file system. + ReplicationDestination: + type: object + additionalProperties: false + properties: + FileSystemId: + type: string + description: The ID of the destination Amazon EFS file system. + Region: + type: string + description: |- + The AWS-Region in which the destination file system is located. + For One Zone file systems, the replication configuration must specify the AWS-Region in which the destination file system is located. + AvailabilityZoneName: + type: string + description: |- + The AWS For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located. + Use the format ``us-east-1a`` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide*. + One Zone file system type is not available in all Availability Zones in AWS-Regions where Amazon EFS is available. + KmsKeyId: + type: string + description: The ID of an kms-key-long used to protect the encrypted file system. + description: Describes the destination file system in the replication configuration. + ReplicationConfiguration: + type: object + additionalProperties: false + properties: + Destinations: + type: array + uniqueItems: true + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/ReplicationDestination' + description: An array of destination objects. Only one destination object is supported. + description: Describes the replication configuration for a specific file system. + FileSystem: + type: object + properties: + FileSystemId: + type: string + description: '' + Arn: + $ref: '#/components/schemas/Arn' + description: '' + Encrypted: + type: boolean + description: A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing kms-key-long. If you don't specify a kms-key, then the default kms-key for EFS, ``/aws/elasticfilesystem``, is used to protect the encrypted file system. + FileSystemTags: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/ElasticFileSystemTag' + description: Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a ``"Key":"Name","Value":"{value}"`` key-value pair. Each key must be unique. For more information, see [Tagging resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *General Reference Guide*. + KmsKeyId: + type: string + description: |- + The ID of the kms-key-long to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault kms-key. If this parameter is not specified, the default kms-key for EFS is used. This ID can be in one of the following formats: + + Key ID - A unique identifier of the key, for example ``1234abcd-12ab-34cd-56ef-1234567890ab``. + + ARN - An Amazon Resource Name (ARN) for the key, for example ``arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``. + + Key alias - A previously created display name for a key, for example ``alias/projectKey1``. + + Key alias ARN - An ARN for a key alias, for example ``arn:aws:kms:us-west-2:444455556666:alias/projectKey1``. + + If ``KmsKeyId`` is specified, the ``Encrypted`` parameter must be set to true. + LifecyclePolicies: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/LifecyclePolicy' + description: |- + An array of ``LifecyclePolicy`` objects that define the file system's ``LifecycleConfiguration`` object. A ``LifecycleConfiguration`` object informs Lifecycle management of the following: + + When to move files in the file system from primary storage to IA storage. + + When to move files in the file system from primary storage or IA storage to Archive storage. + + When to move files that are in IA or Archive storage to primary storage. + + EFS requires that each ``LifecyclePolicy`` object have only a single transition. This means that in a request body, ``LifecyclePolicies`` needs to be structured as an array of ``LifecyclePolicy`` objects, one object for each transition, ``TransitionToIA``, ``TransitionToArchive`` ``TransitionToPrimaryStorageClass``. See the example requests in the following section for more information. + FileSystemProtection: + $ref: '#/components/schemas/FileSystemProtection' + description: Describes the protection on the file system. + PerformanceMode: + type: string + description: |- + The Performance mode of the file system. We recommend ``generalPurpose`` performance mode for all file systems. File systems using the ``maxIO`` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The ``maxIO`` mode is not supported on One Zone file systems. + Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. + Default is ``generalPurpose``. + ProvisionedThroughputInMibps: + type: number + description: The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if ``ThroughputMode`` is set to ``provisioned``. Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact SUP. For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide*. + ThroughputMode: + type: string + description: >- + Specifies the throughput mode for the file system. The mode can be ``bursting``, ``provisioned``, or ``elastic``. If you set ``ThroughputMode`` to ``provisioned``, you must also set a value for ``ProvisionedThroughputInMibps``. After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned + mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide*. + Default is ``bursting``. + FileSystemPolicy: + type: object + description: The ``FileSystemPolicy`` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide*. + BypassPolicyLockoutSafetyCheck: + description: >- + (Optional) A boolean that specifies whether or not to bypass the ``FileSystemPolicy`` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future ``PutFileSystemPolicy`` requests on this file system. Set ``BypassPolicyLockoutSafetyCheck`` to ``True`` only when you intend to prevent the IAM principal that is making the request from making subsequent + ``PutFileSystemPolicy`` requests on this file system. The default value is ``False``. + type: boolean + BackupPolicy: + $ref: '#/components/schemas/BackupPolicy' + description: Use the ``BackupPolicy`` to turn automatic backups on or off for the file system. + AvailabilityZoneName: + type: string + description: |- + For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format ``us-east-1a`` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide*. + One Zone file systems are not available in all Availability Zones in AWS-Regions where Amazon EFS is available. + ReplicationConfiguration: + $ref: '#/components/schemas/ReplicationConfiguration' + description: Describes the replication configuration for a specific file system. + x-stackql-resource-name: file_system + x-stackql-primaryIdentifier: + - FileSystemId + x-create-only-properties: + - AvailabilityZoneName + - Encrypted + - KmsKeyId + - PerformanceMode + x-read-only-properties: + - Arn + - FileSystemId + x-required-permissions: + create: + - elasticfilesystem:CreateFileSystem + - elasticfilesystem:DescribeReplicationConfigurations + - elasticfilesystem:TagResource + - elasticfilesystem:CreateReplicationConfiguration + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:PutBackupPolicy + - elasticfilesystem:PutFileSystemPolicy + - elasticfilesystem:PutLifecycleConfiguration + - elasticfilesystem:UpdateFileSystemProtection + - kms:DescribeKey + - kms:GenerateDataKeyWithoutPlaintext + - kms:CreateGrant + read: + - elasticfilesystem:DescribeBackupPolicy + - elasticfilesystem:DescribeFileSystemPolicy + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:DescribeLifecycleConfiguration + - elasticfilesystem:DescribeReplicationConfigurations + update: + - elasticfilesystem:CreateReplicationConfiguration + - elasticfilesystem:DeleteFileSystemPolicy + - elasticfilesystem:DescribeBackupPolicy + - elasticfilesystem:DescribeFileSystemPolicy + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:DescribeLifecycleConfiguration + - elasticfilesystem:DescribeReplicationConfigurations + - elasticfilesystem:DeleteTags + - elasticfilesystem:DeleteReplicationConfiguration + - elasticfilesystem:ListTagsForResource + - elasticfilesystem:PutBackupPolicy + - elasticfilesystem:PutFileSystemPolicy + - elasticfilesystem:PutLifecycleConfiguration + - elasticfilesystem:TagResource + - elasticfilesystem:UntagResource + - elasticfilesystem:UpdateFileSystem + - elasticfilesystem:UpdateFileSystemProtection + - kms:DescribeKey + - kms:GenerateDataKeyWithoutPlaintext + - kms:CreateGrant + delete: + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:DeleteFileSystem + - elasticfilesystem:DeleteReplicationConfiguration + - elasticfilesystem:DescribeReplicationConfigurations + list: + - elasticfilesystem:DescribeBackupPolicy + - elasticfilesystem:DescribeFileSystemPolicy + - elasticfilesystem:DescribeFileSystems + - elasticfilesystem:DescribeLifecycleConfiguration + - elasticfilesystem:DescribeReplicationConfigurations + MountTarget: + type: object + properties: + Id: + type: string + description: '' + IpAddress: + type: string + description: Valid IPv4 address within the address range of the specified subnet. + FileSystemId: + type: string + description: The ID of the file system for which to create the mount target. + SecurityGroups: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + description: Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + SubnetId: + type: string + description: The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. + required: + - FileSystemId + - SecurityGroups + - SubnetId + x-stackql-resource-name: mount_target + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - IpAddress + - SubnetId + - FileSystemId + x-read-only-properties: + - Id + x-required-permissions: + create: + - elasticfilesystem:CreateMountTarget + - elasticfilesystem:DescribeMountTargets + read: + - elasticfilesystem:DescribeMountTargets + - elasticfilesystem:DescribeMountTargetSecurityGroups + update: + - elasticfilesystem:DescribeMountTargets + - elasticfilesystem:DescribeMountTargetSecurityGroups + - elasticfilesystem:ModifyMountTargetSecurityGroups + delete: + - elasticfilesystem:DescribeMountTargets + - elasticfilesystem:DeleteMountTarget + list: + - elasticfilesystem:DescribeMountTargets + - elasticfilesystem:DescribeMountTargetSecurityGroups + x-stackQL-resources: + access_points: + name: access_points + id: awscc.efs.access_points + x-cfn-schema-name: AccessPoint + x-type: list + x-identifiers: + - AccessPointId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessPointId') as access_point_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EFS::AccessPoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessPointId') as access_point_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EFS::AccessPoint' + AND region = 'us-east-1' + access_point: + name: access_point + id: awscc.efs.access_point + x-cfn-schema-name: AccessPoint + x-type: get + x-identifiers: + - AccessPointId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessPointId') as access_point_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ClientToken') as client_token, + JSON_EXTRACT(Properties, '$.AccessPointTags') as access_point_tags, + JSON_EXTRACT(Properties, '$.FileSystemId') as file_system_id, + JSON_EXTRACT(Properties, '$.PosixUser') as posix_user, + JSON_EXTRACT(Properties, '$.RootDirectory') as root_directory + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EFS::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessPointId') as access_point_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ClientToken') as client_token, + json_extract_path_text(Properties, 'AccessPointTags') as access_point_tags, + json_extract_path_text(Properties, 'FileSystemId') as file_system_id, + json_extract_path_text(Properties, 'PosixUser') as posix_user, + json_extract_path_text(Properties, 'RootDirectory') as root_directory + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EFS::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + file_systems: + name: file_systems + id: awscc.efs.file_systems + x-cfn-schema-name: FileSystem + x-type: list + x-identifiers: + - FileSystemId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FileSystemId') as file_system_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EFS::FileSystem' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FileSystemId') as file_system_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EFS::FileSystem' + AND region = 'us-east-1' + file_system: + name: file_system + id: awscc.efs.file_system + x-cfn-schema-name: FileSystem + x-type: get + x-identifiers: + - FileSystemId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FileSystemId') as file_system_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Encrypted') as encrypted, + JSON_EXTRACT(Properties, '$.FileSystemTags') as file_system_tags, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.LifecyclePolicies') as lifecycle_policies, + JSON_EXTRACT(Properties, '$.FileSystemProtection') as file_system_protection, + JSON_EXTRACT(Properties, '$.PerformanceMode') as performance_mode, + JSON_EXTRACT(Properties, '$.ProvisionedThroughputInMibps') as provisioned_throughput_in_mibps, + JSON_EXTRACT(Properties, '$.ThroughputMode') as throughput_mode, + JSON_EXTRACT(Properties, '$.FileSystemPolicy') as file_system_policy, + JSON_EXTRACT(Properties, '$.BypassPolicyLockoutSafetyCheck') as bypass_policy_lockout_safety_check, + JSON_EXTRACT(Properties, '$.BackupPolicy') as backup_policy, + JSON_EXTRACT(Properties, '$.AvailabilityZoneName') as availability_zone_name, + JSON_EXTRACT(Properties, '$.ReplicationConfiguration') as replication_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EFS::FileSystem' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FileSystemId') as file_system_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Encrypted') as encrypted, + json_extract_path_text(Properties, 'FileSystemTags') as file_system_tags, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'LifecyclePolicies') as lifecycle_policies, + json_extract_path_text(Properties, 'FileSystemProtection') as file_system_protection, + json_extract_path_text(Properties, 'PerformanceMode') as performance_mode, + json_extract_path_text(Properties, 'ProvisionedThroughputInMibps') as provisioned_throughput_in_mibps, + json_extract_path_text(Properties, 'ThroughputMode') as throughput_mode, + json_extract_path_text(Properties, 'FileSystemPolicy') as file_system_policy, + json_extract_path_text(Properties, 'BypassPolicyLockoutSafetyCheck') as bypass_policy_lockout_safety_check, + json_extract_path_text(Properties, 'BackupPolicy') as backup_policy, + json_extract_path_text(Properties, 'AvailabilityZoneName') as availability_zone_name, + json_extract_path_text(Properties, 'ReplicationConfiguration') as replication_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EFS::FileSystem' + AND data__Identifier = '' + AND region = 'us-east-1' + mount_targets: + name: mount_targets + id: awscc.efs.mount_targets + x-cfn-schema-name: MountTarget + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EFS::MountTarget' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EFS::MountTarget' + AND region = 'us-east-1' + mount_target: + name: mount_target + id: awscc.efs.mount_target + x-cfn-schema-name: MountTarget + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.IpAddress') as ip_address, + JSON_EXTRACT(Properties, '$.FileSystemId') as file_system_id, + JSON_EXTRACT(Properties, '$.SecurityGroups') as security_groups, + JSON_EXTRACT(Properties, '$.SubnetId') as subnet_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EFS::MountTarget' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'IpAddress') as ip_address, + json_extract_path_text(Properties, 'FileSystemId') as file_system_id, + json_extract_path_text(Properties, 'SecurityGroups') as security_groups, + json_extract_path_text(Properties, 'SubnetId') as subnet_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EFS::MountTarget' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/eks.yaml b/providers/src/awscc/v00.00.00000/services/eks.yaml new file mode 100644 index 00000000..84d503df --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/eks.yaml @@ -0,0 +1,1484 @@ +openapi: 3.0.0 +info: + title: EKS + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + AccessPolicy: + description: An access policy to associate with the current access entry. + type: object + additionalProperties: false + properties: + PolicyArn: + type: string + description: The ARN of the access policy to add to the access entry. + AccessScope: + $ref: '#/components/schemas/AccessScope' + required: + - PolicyArn + - AccessScope + AccessScope: + description: The access scope of the access policy. + type: object + additionalProperties: false + properties: + Type: + description: The type of the access scope. + type: string + enum: + - namespace + - cluster + Namespaces: + description: The namespaces to associate with the access scope. Only specify if Type is set to 'namespace'. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + required: + - Type + AccessEntry: + type: object + properties: + ClusterName: + description: The cluster that the access entry is created for. + type: string + minLength: 1 + PrincipalArn: + description: The principal ARN that the access entry is created for. + type: string + minLength: 1 + Username: + description: The Kubernetes user that the access entry is associated with. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AccessEntryArn: + description: The ARN of the access entry. + type: string + KubernetesGroups: + description: The Kubernetes groups that the access entry is associated with. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + AccessPolicies: + description: An array of access policies that are associated with the access entry. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/AccessPolicy' + maxItems: 20 + Type: + description: The node type to associate with the access entry. + type: string + required: + - PrincipalArn + - ClusterName + x-stackql-resource-name: access_entry + x-stackql-primaryIdentifier: + - PrincipalArn + - ClusterName + x-create-only-properties: + - PrincipalArn + - ClusterName + - Type + x-read-only-properties: + - AccessEntryArn + x-required-permissions: + create: + - eks:CreateAccessEntry + - eks:DescribeAccessEntry + - eks:AssociateAccessPolicy + - eks:TagResource + - eks:ListAssociatedAccessPolicies + read: + - eks:DescribeAccessEntry + - eks:ListAssociatedAccessPolicies + update: + - eks:DescribeAccessEntry + - eks:ListAssociatedAccessPolicies + - eks:UpdateAccessEntry + - eks:AssociateAccessPolicy + - eks:DisassociateAccessPolicy + - eks:TagResource + - eks:UntagResource + delete: + - eks:DeleteAccessEntry + - eks:DescribeAccessEntry + list: + - eks:ListAccessEntries + Addon: + type: object + properties: + ClusterName: + description: Name of Cluster + type: string + minLength: 1 + AddonName: + description: Name of Addon + type: string + minLength: 1 + AddonVersion: + description: Version of Addon + type: string + minLength: 1 + PreserveOnDelete: + description: PreserveOnDelete parameter value + type: boolean + ResolveConflicts: + description: Resolve parameter value conflicts + type: string + minLength: 1 + enum: + - NONE + - OVERWRITE + - PRESERVE + ServiceAccountRoleArn: + description: IAM role to bind to the add-on's service account + type: string + minLength: 1 + ConfigurationValues: + description: The configuration values to use with the add-on + type: string + minLength: 1 + Arn: + description: Amazon Resource Name (ARN) of the add-on + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ClusterName + - AddonName + x-stackql-resource-name: addon + x-stackql-primaryIdentifier: + - ClusterName + - AddonName + x-create-only-properties: + - ClusterName + - AddonName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - eks:CreateAddon + - eks:DescribeAddon + - eks:TagResource + - iam:PassRole + read: + - eks:DescribeAddon + delete: + - eks:DeleteAddon + - eks:DescribeAddon + list: + - eks:ListAddons + update: + - iam:PassRole + - eks:UpdateAddon + - eks:DescribeAddon + - eks:DescribeUpdate + - eks:ListTagsForResource + - eks:TagResource + - eks:UntagResource + Provider: + type: object + additionalProperties: false + properties: + KeyArn: + description: Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. + type: string + EncryptionConfig: + description: The encryption configuration for the cluster + type: object + properties: + Provider: + description: The encryption provider for the cluster. + $ref: '#/components/schemas/Provider' + Resources: + description: Specifies the resources to be encrypted. The only supported value is "secrets". + type: array + x-insertionOrder: false + items: + type: string + additionalProperties: false + ResourcesVpcConfig: + description: An object representing the VPC configuration to use for an Amazon EKS cluster. + type: object + additionalProperties: false + properties: + EndpointPrivateAccess: + description: >- + Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for + communication with the nodes or Fargate pods. + type: boolean + EndpointPublicAccess: + description: Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server. + type: boolean + PublicAccessCidrs: + description: The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks. + type: array + x-insertionOrder: false + items: + type: string + minItems: 1 + SecurityGroupIds: + description: Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used. + type: array + x-insertionOrder: false + items: + type: string + minItems: 1 + SubnetIds: + description: Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane. + type: array + x-insertionOrder: false + items: + type: string + minItems: 1 + required: + - SubnetIds + LoggingTypeConfig: + description: Enabled Logging Type + type: object + properties: + Type: + description: name of the log type + type: string + enum: + - api + - audit + - authenticator + - controllerManager + - scheduler + additionalProperties: false + EnabledTypes: + description: Enable control plane logs for your cluster, all log types will be disabled if the array is empty + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/LoggingTypeConfig' + ClusterLogging: + description: 'The cluster control plane logging configuration for your cluster. ' + type: object + additionalProperties: false + properties: + EnabledTypes: + $ref: '#/components/schemas/EnabledTypes' + Logging: + description: Enable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs based on log types. By default, cluster control plane logs aren't exported to CloudWatch Logs. + type: object + additionalProperties: false + properties: + ClusterLogging: + description: 'The cluster control plane logging configuration for your cluster. ' + $ref: '#/components/schemas/ClusterLogging' + KubernetesNetworkConfig: + description: The Kubernetes network configuration for the cluster. + additionalProperties: false + type: object + properties: + ServiceIpv4Cidr: + description: 'The CIDR block to assign Kubernetes service IP addresses from. If you don''t specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. ' + type: string + ServiceIpv6Cidr: + description: The CIDR block to assign Kubernetes service IP addresses from. + type: string + IpFamily: + description: Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on + type: string + enum: + - ipv4 + - ipv6 + ControlPlanePlacement: + description: Specify the placement group of the control plane machines for your cluster. + type: object + additionalProperties: false + properties: + GroupName: + description: Specify the placement group name of the control place machines for your cluster. + type: string + OutpostConfig: + description: An object representing the Outpost configuration to use for AWS EKS outpost cluster. + additionalProperties: false + type: object + properties: + OutpostArns: + description: Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster. + type: array + x-insertionOrder: false + items: + type: string + minItems: 1 + ControlPlaneInstanceType: + description: Specify the Instance type of the machines that should be used to create your cluster. + type: string + ControlPlanePlacement: + description: Specify the placement group of the control plane machines for your cluster. + $ref: '#/components/schemas/ControlPlanePlacement' + required: + - OutpostArns + - ControlPlaneInstanceType + AccessConfig: + description: An object representing the Access Config to use for the cluster. + additionalProperties: false + type: object + properties: + BootstrapClusterCreatorAdminPermissions: + description: Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster. + type: boolean + AuthenticationMode: + description: Specify the authentication mode that should be used to create your cluster. + type: string + enum: + - CONFIG_MAP + - API_AND_CONFIG_MAP + - API + Cluster: + type: object + properties: + EncryptionConfig: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/EncryptionConfig' + maxItems: 1 + KubernetesNetworkConfig: + $ref: '#/components/schemas/KubernetesNetworkConfig' + Logging: + $ref: '#/components/schemas/Logging' + Name: + description: The unique name to give to your cluster. + type: string + pattern: ^[0-9A-Za-z][A-Za-z0-9\-_]* + minLength: 1 + maxLength: 100 + Id: + description: The unique ID given to your cluster. + type: string + ResourcesVpcConfig: + $ref: '#/components/schemas/ResourcesVpcConfig' + OutpostConfig: + $ref: '#/components/schemas/OutpostConfig' + AccessConfig: + $ref: '#/components/schemas/AccessConfig' + RoleArn: + description: The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. + type: string + Version: + description: The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used. + type: string + pattern: 1\.\d\d + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + description: The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod. + type: string + Endpoint: + description: The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com. + type: string + CertificateAuthorityData: + description: The certificate-authority-data for your cluster. + type: string + ClusterSecurityGroupId: + description: The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication. + type: string + EncryptionConfigKeyArn: + description: Amazon Resource Name (ARN) or alias of the customer master key (CMK). + type: string + OpenIdConnectIssuerUrl: + description: The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template. + type: string + required: + - RoleArn + - ResourcesVpcConfig + x-stackql-resource-name: cluster + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - OutpostConfig + - EncryptionConfig + - KubernetesNetworkConfig + - AccessConfig/BootstrapClusterCreatorAdminPermissions + - Name + - RoleArn + x-read-only-properties: + - Id + - Arn + - Endpoint + - CertificateAuthorityData + - ClusterSecurityGroupId + - EncryptionConfigKeyArn + - OpenIdConnectIssuerUrl + - KubernetesNetworkConfig/ServiceIpv6Cidr + x-required-permissions: + create: + - eks:CreateCluster + - eks:DescribeCluster + - eks:TagResource + - iam:PassRole + - iam:GetRole + - iam:ListAttachedRolePolicies + - iam:CreateServiceLinkedRole + - iam:CreateInstanceProfile + - iam:TagInstanceProfile + - iam:AddRoleToInstanceProfile + - iam:GetInstanceProfile + - iam:DeleteInstanceProfile + - iam:RemoveRoleFromInstanceProfile + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - kms:DescribeKey + - kms:CreateGrant + read: + - eks:DescribeCluster + update: + - iam:PassRole + - eks:UpdateClusterConfig + - eks:UpdateClusterVersion + - eks:DescribeCluster + - eks:DescribeUpdate + - eks:TagResource + - eks:UntagResource + delete: + - eks:DeleteCluster + - eks:DescribeCluster + list: + - eks:ListClusters + Selector: + type: object + additionalProperties: false + properties: + Namespace: + type: string + minLength: 1 + Labels: + type: array + items: + $ref: '#/components/schemas/Label' + required: + - Namespace + Label: + description: A key-value pair to associate with a pod. + type: object + additionalProperties: false + properties: + Key: + type: string + description: The key name of the label. + minLength: 1 + maxLength: 127 + Value: + type: string + description: 'The value for the label. ' + minLength: 1 + maxLength: 255 + required: + - Key + - Value + FargateProfile: + type: object + properties: + ClusterName: + description: Name of the Cluster + type: string + minLength: 1 + FargateProfileName: + description: Name of FargateProfile + type: string + minLength: 1 + PodExecutionRoleArn: + description: The IAM policy arn for pods + type: string + minLength: 1 + Arn: + type: string + Subnets: + type: array + items: + type: string + Selectors: + type: array + items: + $ref: '#/components/schemas/Selector' + minItems: 1 + Tags: + type: array + uniqueItems: true + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - ClusterName + - PodExecutionRoleArn + - Selectors + x-stackql-resource-name: fargate_profile + x-stackql-primaryIdentifier: + - ClusterName + - FargateProfileName + x-create-only-properties: + - ClusterName + - FargateProfileName + - PodExecutionRoleArn + - Subnets + - Selectors + x-read-only-properties: + - Arn + x-required-permissions: + create: + - eks:CreateFargateProfile + - eks:DescribeFargateProfile + - iam:GetRole + - iam:PassRole + - iam:CreateServiceLinkedRole + - eks:TagResource + read: + - eks:DescribeFargateProfile + delete: + - eks:DeleteFargateProfile + - eks:DescribeFargateProfile + list: + - eks:ListFargateProfiles + update: + - eks:DescribeFargateProfile + - eks:ListTagsForResource + - eks:TagResource + - eks:UntagResource + RequiredClaim: + description: The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. + type: object + additionalProperties: false + properties: + Key: + type: string + description: The key of the requiredClaims. + minLength: 1 + maxLength: 63 + Value: + type: string + description: The value for the requiredClaims. + minLength: 1 + maxLength: 253 + required: + - Key + - Value + OidcIdentityProviderConfig: + description: An object representing an OpenID Connect (OIDC) configuration. + type: object + additionalProperties: false + properties: + ClientId: + description: This is also known as audience. The ID for the client application that makes authentication requests to the OpenID identity provider. + type: string + GroupsClaim: + description: The JWT claim that the provider uses to return your groups. + type: string + GroupsPrefix: + description: 'The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups).' + type: string + IssuerUrl: + description: The URL of the OpenID identity provider that allows the API server to discover public signing keys for verifying tokens. + type: string + RequiredClaims: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/RequiredClaim' + UsernameClaim: + description: The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OpenID identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins. + type: string + UsernamePrefix: + description: The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing. + type: string + required: + - ClientId + - IssuerUrl + IdentityProviderConfig: + type: object + properties: + ClusterName: + description: The name of the identity provider configuration. + type: string + Type: + description: The type of the identity provider configuration. + type: string + enum: + - oidc + IdentityProviderConfigName: + description: The name of the OIDC provider configuration. + type: string + Oidc: + $ref: '#/components/schemas/OidcIdentityProviderConfig' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + IdentityProviderConfigArn: + description: The ARN of the configuration. + type: string + required: + - Type + - ClusterName + x-stackql-resource-name: identity_provider_config + x-stackql-primaryIdentifier: + - IdentityProviderConfigName + - ClusterName + - Type + x-create-only-properties: + - Oidc + - Type + - IdentityProviderConfigName + - ClusterName + x-read-only-properties: + - IdentityProviderConfigArn + x-required-permissions: + create: + - eks:DescribeUpdate + - eks:AssociateIdentityProviderConfig + - eks:DescribeIdentityProviderConfig + - eks:TagResource + read: + - eks:DescribeIdentityProviderConfig + update: + - eks:DescribeIdentityProviderConfig + - eks:TagResource + - eks:UntagResource + delete: + - eks:DisassociateIdentityProviderConfig + - eks:DescribeIdentityProviderConfig + list: + - eks:ListIdentityProviderConfigs + LaunchTemplateSpecification: + description: An object representing a launch template specification for AWS EKS Nodegroup. + type: object + additionalProperties: false + properties: + Id: + type: string + minLength: 1 + Version: + type: string + minLength: 1 + Name: + type: string + minLength: 1 + Taint: + description: An object representing a Taint specification for AWS EKS Nodegroup. + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + Value: + type: string + minLength: 0 + Effect: + type: string + minLength: 1 + ScalingConfig: + description: An object representing a auto scaling group specification for AWS EKS Nodegroup. + type: object + additionalProperties: false + properties: + MinSize: + type: integer + minimum: 0 + DesiredSize: + type: integer + minimum: 0 + MaxSize: + type: integer + minimum: 1 + RemoteAccess: + description: An object representing a remote access configuration specification for AWS EKS Nodegroup. + type: object + additionalProperties: false + properties: + SourceSecurityGroups: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + Ec2SshKey: + type: string + required: + - Ec2SshKey + UpdateConfig: + description: The node group update configuration. + type: object + additionalProperties: false + properties: + MaxUnavailable: + description: 'The maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. This value or maxUnavailablePercentage is required to have a value.The maximum number is 100. ' + type: number + minimum: 1 + MaxUnavailablePercentage: + description: The maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel, up to 100 nodes at once. This value or maxUnavailable is required to have a value. + type: number + minimum: 1 + maximum: 100 + Nodegroup: + type: object + properties: + AmiType: + description: The AMI type for your node group. + type: string + CapacityType: + description: The capacity type of your managed node group. + type: string + ClusterName: + description: Name of the cluster to create the node group in. + type: string + minLength: 1 + DiskSize: + description: The root device disk size (in GiB) for your node group instances. + type: integer + ForceUpdateEnabled: + description: Force the update if the existing node group's pods are unable to be drained due to a pod disruption budget issue. + type: boolean + default: false + InstanceTypes: + description: Specify the instance types for a node group. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + Labels: + description: The Kubernetes labels to be applied to the nodes in the node group when they are created. + type: object + x-patternProperties: + ^.+$: + type: string + additionalProperties: false + LaunchTemplate: + description: An object representing a node group's launch template specification. + $ref: '#/components/schemas/LaunchTemplateSpecification' + NodegroupName: + description: The unique name to give your node group. + type: string + minLength: 1 + NodeRole: + description: The Amazon Resource Name (ARN) of the IAM role to associate with your node group. + type: string + ReleaseVersion: + description: The AMI version of the Amazon EKS-optimized AMI to use with your node group. + type: string + RemoteAccess: + description: The remote access (SSH) configuration to use with your node group. + $ref: '#/components/schemas/RemoteAccess' + ScalingConfig: + description: The scaling configuration details for the Auto Scaling group that is created for your node group. + $ref: '#/components/schemas/ScalingConfig' + Subnets: + description: The subnets to use for the Auto Scaling group that is created for your node group. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + Tags: + description: The metadata, as key-value pairs, to apply to the node group to assist with categorization and organization. Follows same schema as Labels for consistency. + type: object + x-patternProperties: + ^.+$: + type: string + additionalProperties: false + Taints: + description: The Kubernetes taints to be applied to the nodes in the node group when they are created. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Taint' + UpdateConfig: + description: The node group update configuration. + $ref: '#/components/schemas/UpdateConfig' + Version: + description: The Kubernetes version to use for your managed nodes. + type: string + Id: + type: string + Arn: + type: string + required: + - ClusterName + - NodeRole + - Subnets + x-stackql-resource-name: nodegroup + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - CapacityType + - NodegroupName + - RemoteAccess + - NodeRole + - ClusterName + - InstanceTypes + - DiskSize + - AmiType + - Subnets + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - eks:CreateNodegroup + - eks:DescribeNodegroup + - eks:TagResource + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - ec2:DescribeSecurityGroups + - ec2:DescribeKeyPairs + - ec2:CreateTags + - ec2:DeleteTags + - ec2:DescribeRouteTables + - ec2:DescribeLaunchTemplates + - ec2:DescribeLaunchTemplateVersions + - ec2:RunInstances + - iam:CreateServiceLinkedRole + - iam:GetRole + - iam:PassRole + - iam:ListAttachedRolePolicies + read: + - eks:DescribeNodegroup + delete: + - eks:DeleteNodegroup + - eks:DescribeNodegroup + list: + - eks:ListNodegroups + update: + - iam:GetRole + - iam:PassRole + - eks:DescribeNodegroup + - eks:DescribeUpdate + - eks:ListUpdates + - eks:TagResource + - eks:UntagResource + - eks:UpdateNodegroupConfig + - eks:UpdateNodegroupVersion + PodIdentityAssociation: + type: object + properties: + ClusterName: + description: The cluster that the pod identity association is created for. + type: string + minLength: 1 + RoleArn: + description: The IAM role ARN that the pod identity association is created for. + type: string + Namespace: + description: The Kubernetes namespace that the pod identity association is created for. + type: string + ServiceAccount: + description: The Kubernetes service account that the pod identity association is created for. + type: string + AssociationArn: + description: The ARN of the pod identity association. + type: string + AssociationId: + description: The ID of the pod identity association. + type: string + minLength: 1 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ClusterName + - RoleArn + - Namespace + - ServiceAccount + x-stackql-resource-name: pod_identity_association + x-stackql-primaryIdentifier: + - AssociationArn + x-create-only-properties: + - ClusterName + - Namespace + - ServiceAccount + x-read-only-properties: + - AssociationArn + - AssociationId + x-required-permissions: + create: + - eks:CreatePodIdentityAssociation + - eks:DescribePodIdentityAssociation + - eks:TagResource + - iam:PassRole + - iam:GetRole + read: + - eks:DescribePodIdentityAssociation + update: + - eks:DescribePodIdentityAssociation + - eks:UpdatePodIdentityAssociation + - eks:TagResource + - eks:UntagResource + - iam:PassRole + - iam:GetRole + delete: + - eks:DeletePodIdentityAssociation + - eks:DescribePodIdentityAssociation + list: + - eks:ListPodIdentityAssociations + x-stackQL-resources: + access_entries: + name: access_entries + id: awscc.eks.access_entries + x-cfn-schema-name: AccessEntry + x-type: list + x-identifiers: + - PrincipalArn + - ClusterName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PrincipalArn') as principal_arn, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::AccessEntry' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PrincipalArn') as principal_arn, + json_extract_path_text(Properties, 'ClusterName') as cluster_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::AccessEntry' + AND region = 'us-east-1' + access_entry: + name: access_entry + id: awscc.eks.access_entry + x-cfn-schema-name: AccessEntry + x-type: get + x-identifiers: + - PrincipalArn + - ClusterName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.PrincipalArn') as principal_arn, + JSON_EXTRACT(Properties, '$.Username') as username, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AccessEntryArn') as access_entry_arn, + JSON_EXTRACT(Properties, '$.KubernetesGroups') as kubernetes_groups, + JSON_EXTRACT(Properties, '$.AccessPolicies') as access_policies, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::AccessEntry' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'PrincipalArn') as principal_arn, + json_extract_path_text(Properties, 'Username') as username, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AccessEntryArn') as access_entry_arn, + json_extract_path_text(Properties, 'KubernetesGroups') as kubernetes_groups, + json_extract_path_text(Properties, 'AccessPolicies') as access_policies, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::AccessEntry' + AND data__Identifier = '' + AND region = 'us-east-1' + addons: + name: addons + id: awscc.eks.addons + x-cfn-schema-name: Addon + x-type: list + x-identifiers: + - ClusterName + - AddonName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.AddonName') as addon_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::Addon' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'AddonName') as addon_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::Addon' + AND region = 'us-east-1' + addon: + name: addon + id: awscc.eks.addon + x-cfn-schema-name: Addon + x-type: get + x-identifiers: + - ClusterName + - AddonName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.AddonName') as addon_name, + JSON_EXTRACT(Properties, '$.AddonVersion') as addon_version, + JSON_EXTRACT(Properties, '$.PreserveOnDelete') as preserve_on_delete, + JSON_EXTRACT(Properties, '$.ResolveConflicts') as resolve_conflicts, + JSON_EXTRACT(Properties, '$.ServiceAccountRoleArn') as service_account_role_arn, + JSON_EXTRACT(Properties, '$.ConfigurationValues') as configuration_values, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::Addon' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'AddonName') as addon_name, + json_extract_path_text(Properties, 'AddonVersion') as addon_version, + json_extract_path_text(Properties, 'PreserveOnDelete') as preserve_on_delete, + json_extract_path_text(Properties, 'ResolveConflicts') as resolve_conflicts, + json_extract_path_text(Properties, 'ServiceAccountRoleArn') as service_account_role_arn, + json_extract_path_text(Properties, 'ConfigurationValues') as configuration_values, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::Addon' + AND data__Identifier = '' + AND region = 'us-east-1' + clusters: + name: clusters + id: awscc.eks.clusters + x-cfn-schema-name: Cluster + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::Cluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::Cluster' + AND region = 'us-east-1' + cluster: + name: cluster + id: awscc.eks.cluster + x-cfn-schema-name: Cluster + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EncryptionConfig') as encryption_config, + JSON_EXTRACT(Properties, '$.KubernetesNetworkConfig') as kubernetes_network_config, + JSON_EXTRACT(Properties, '$.Logging') as logging, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ResourcesVpcConfig') as resources_vpc_config, + JSON_EXTRACT(Properties, '$.OutpostConfig') as outpost_config, + JSON_EXTRACT(Properties, '$.AccessConfig') as access_config, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.CertificateAuthorityData') as certificate_authority_data, + JSON_EXTRACT(Properties, '$.ClusterSecurityGroupId') as cluster_security_group_id, + JSON_EXTRACT(Properties, '$.EncryptionConfigKeyArn') as encryption_config_key_arn, + JSON_EXTRACT(Properties, '$.OpenIdConnectIssuerUrl') as open_id_connect_issuer_url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EncryptionConfig') as encryption_config, + json_extract_path_text(Properties, 'KubernetesNetworkConfig') as kubernetes_network_config, + json_extract_path_text(Properties, 'Logging') as logging, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ResourcesVpcConfig') as resources_vpc_config, + json_extract_path_text(Properties, 'OutpostConfig') as outpost_config, + json_extract_path_text(Properties, 'AccessConfig') as access_config, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'CertificateAuthorityData') as certificate_authority_data, + json_extract_path_text(Properties, 'ClusterSecurityGroupId') as cluster_security_group_id, + json_extract_path_text(Properties, 'EncryptionConfigKeyArn') as encryption_config_key_arn, + json_extract_path_text(Properties, 'OpenIdConnectIssuerUrl') as open_id_connect_issuer_url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fargate_profiles: + name: fargate_profiles + id: awscc.eks.fargate_profiles + x-cfn-schema-name: FargateProfile + x-type: list + x-identifiers: + - ClusterName + - FargateProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.FargateProfileName') as fargate_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::FargateProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'FargateProfileName') as fargate_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::FargateProfile' + AND region = 'us-east-1' + fargate_profile: + name: fargate_profile + id: awscc.eks.fargate_profile + x-cfn-schema-name: FargateProfile + x-type: get + x-identifiers: + - ClusterName + - FargateProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.FargateProfileName') as fargate_profile_name, + JSON_EXTRACT(Properties, '$.PodExecutionRoleArn') as pod_execution_role_arn, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Subnets') as subnets, + JSON_EXTRACT(Properties, '$.Selectors') as selectors, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::FargateProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'FargateProfileName') as fargate_profile_name, + json_extract_path_text(Properties, 'PodExecutionRoleArn') as pod_execution_role_arn, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Subnets') as subnets, + json_extract_path_text(Properties, 'Selectors') as selectors, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::FargateProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + identity_provider_configs: + name: identity_provider_configs + id: awscc.eks.identity_provider_configs + x-cfn-schema-name: IdentityProviderConfig + x-type: list + x-identifiers: + - IdentityProviderConfigName + - ClusterName + - Type + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityProviderConfigName') as identity_provider_config_name, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::IdentityProviderConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityProviderConfigName') as identity_provider_config_name, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::IdentityProviderConfig' + AND region = 'us-east-1' + identity_provider_config: + name: identity_provider_config + id: awscc.eks.identity_provider_config + x-cfn-schema-name: IdentityProviderConfig + x-type: get + x-identifiers: + - IdentityProviderConfigName + - ClusterName + - Type + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.IdentityProviderConfigName') as identity_provider_config_name, + JSON_EXTRACT(Properties, '$.Oidc') as oidc, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.IdentityProviderConfigArn') as identity_provider_config_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::IdentityProviderConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'IdentityProviderConfigName') as identity_provider_config_name, + json_extract_path_text(Properties, 'Oidc') as oidc, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'IdentityProviderConfigArn') as identity_provider_config_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::IdentityProviderConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + nodegroups: + name: nodegroups + id: awscc.eks.nodegroups + x-cfn-schema-name: Nodegroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::Nodegroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::Nodegroup' + AND region = 'us-east-1' + nodegroup: + name: nodegroup + id: awscc.eks.nodegroup + x-cfn-schema-name: Nodegroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AmiType') as ami_type, + JSON_EXTRACT(Properties, '$.CapacityType') as capacity_type, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.DiskSize') as disk_size, + JSON_EXTRACT(Properties, '$.ForceUpdateEnabled') as force_update_enabled, + JSON_EXTRACT(Properties, '$.InstanceTypes') as instance_types, + JSON_EXTRACT(Properties, '$.Labels') as labels, + JSON_EXTRACT(Properties, '$.LaunchTemplate') as launch_template, + JSON_EXTRACT(Properties, '$.NodegroupName') as nodegroup_name, + JSON_EXTRACT(Properties, '$.NodeRole') as node_role, + JSON_EXTRACT(Properties, '$.ReleaseVersion') as release_version, + JSON_EXTRACT(Properties, '$.RemoteAccess') as remote_access, + JSON_EXTRACT(Properties, '$.ScalingConfig') as scaling_config, + JSON_EXTRACT(Properties, '$.Subnets') as subnets, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Taints') as taints, + JSON_EXTRACT(Properties, '$.UpdateConfig') as update_config, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::Nodegroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AmiType') as ami_type, + json_extract_path_text(Properties, 'CapacityType') as capacity_type, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'DiskSize') as disk_size, + json_extract_path_text(Properties, 'ForceUpdateEnabled') as force_update_enabled, + json_extract_path_text(Properties, 'InstanceTypes') as instance_types, + json_extract_path_text(Properties, 'Labels') as labels, + json_extract_path_text(Properties, 'LaunchTemplate') as launch_template, + json_extract_path_text(Properties, 'NodegroupName') as nodegroup_name, + json_extract_path_text(Properties, 'NodeRole') as node_role, + json_extract_path_text(Properties, 'ReleaseVersion') as release_version, + json_extract_path_text(Properties, 'RemoteAccess') as remote_access, + json_extract_path_text(Properties, 'ScalingConfig') as scaling_config, + json_extract_path_text(Properties, 'Subnets') as subnets, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Taints') as taints, + json_extract_path_text(Properties, 'UpdateConfig') as update_config, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::Nodegroup' + AND data__Identifier = '' + AND region = 'us-east-1' + pod_identity_associations: + name: pod_identity_associations + id: awscc.eks.pod_identity_associations + x-cfn-schema-name: PodIdentityAssociation + x-type: list + x-identifiers: + - AssociationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociationArn') as association_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::PodIdentityAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociationArn') as association_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EKS::PodIdentityAssociation' + AND region = 'us-east-1' + pod_identity_association: + name: pod_identity_association + id: awscc.eks.pod_identity_association + x-cfn-schema-name: PodIdentityAssociation + x-type: get + x-identifiers: + - AssociationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Namespace') as namespace, + JSON_EXTRACT(Properties, '$.ServiceAccount') as service_account, + JSON_EXTRACT(Properties, '$.AssociationArn') as association_arn, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::PodIdentityAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Namespace') as namespace, + json_extract_path_text(Properties, 'ServiceAccount') as service_account, + json_extract_path_text(Properties, 'AssociationArn') as association_arn, + json_extract_path_text(Properties, 'AssociationId') as association_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EKS::PodIdentityAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/elasticache.yaml b/providers/src/awscc/v00.00.00000/services/elasticache.yaml new file mode 100644 index 00000000..0de7d29f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/elasticache.yaml @@ -0,0 +1,882 @@ +openapi: 3.0.0 +info: + title: ElastiCache + version: 1.0.0 +paths: {} +components: + schemas: + GlobalReplicationGroupMember: + type: object + additionalProperties: false + properties: + ReplicationGroupId: + description: Regionally unique identifier for the member i.e. ReplicationGroupId. + type: string + ReplicationGroupRegion: + description: The AWS region of the Global Datastore member. + type: string + Role: + description: Indicates the role of the member, primary or secondary. + type: string + enum: + - PRIMARY + - SECONDARY + ReshardingConfiguration: + type: object + additionalProperties: false + properties: + NodeGroupId: + description: Unique identifier for the Node Group. This is either auto-generated by ElastiCache (4-digit id) or a user supplied id. + type: string + PreferredAvailabilityZones: + description: A list of preferred availability zones for the nodes of new node groups. + type: array + uniqueItems: false + items: + type: string + RegionalConfiguration: + type: object + additionalProperties: false + properties: + ReplicationGroupId: + description: The replication group id of the Global Datastore member. + type: string + ReplicationGroupRegion: + description: The AWS region of the Global Datastore member. + type: string + ReshardingConfigurations: + description: 'A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster. ' + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/ReshardingConfiguration' + GlobalReplicationGroup: + type: object + properties: + GlobalReplicationGroupIdSuffix: + description: 'The suffix name of a Global Datastore. Amazon ElastiCache automatically applies a prefix to the Global Datastore ID when it is created. Each AWS Region has its own prefix. ' + type: string + AutomaticFailoverEnabled: + description: AutomaticFailoverEnabled + type: boolean + CacheNodeType: + description: The cache node type of the Global Datastore + type: string + EngineVersion: + description: The engine version of the Global Datastore. + type: string + CacheParameterGroupName: + description: Cache parameter group name to use for the new engine version. This parameter cannot be modified independently. + type: string + GlobalNodeGroupCount: + description: Indicates the number of node groups in the Global Datastore. + type: integer + GlobalReplicationGroupDescription: + description: The optional description of the Global Datastore + type: string + GlobalReplicationGroupId: + description: The name of the Global Datastore, it is generated by ElastiCache adding a prefix to GlobalReplicationGroupIdSuffix. + type: string + Members: + description: The replication groups that comprise the Global Datastore. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/GlobalReplicationGroupMember' + minItems: 1 + Status: + description: The status of the Global Datastore + type: string + RegionalConfigurations: + description: 'Describes the replication group IDs, the AWS regions where they are stored and the shard configuration for each that comprise the Global Datastore ' + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/RegionalConfiguration' + required: + - Members + x-stackql-resource-name: global_replication_group + x-stackql-primaryIdentifier: + - GlobalReplicationGroupId + x-read-only-properties: + - GlobalReplicationGroupId + - Status + x-required-permissions: + create: + - elasticache:CreateGlobalReplicationGroup + - elasticache:DescribeGlobalReplicationGroups + read: + - elasticache:DescribeGlobalReplicationGroups + update: + - elasticache:ModifyGlobalReplicationGroup + - elasticache:FailoverGlobalReplicationGroup + - elasticache:DescribeGlobalReplicationGroups + - elasticache:IncreaseNodeGroupsInGlobalReplicationGroup + - elasticache:DecreaseNodeGroupsInGlobalReplicationGroup + - elasticache:DisassociateGlobalReplicationGroup + - elasticache:RebalanceSlotsInGlobalReplicationGroup + delete: + - elasticache:DeleteGlobalReplicationGroup + - elasticache:DisassociateGlobalReplicationGroup + - elasticache:DescribeGlobalReplicationGroups + list: + - elasticache:DescribeGlobalReplicationGroups + CacheUsageLimits: + description: The cache capacity limit of the Serverless Cache. + type: object + properties: + DataStorage: + $ref: '#/components/schemas/DataStorage' + ECPUPerSecond: + $ref: '#/components/schemas/ECPUPerSecond' + additionalProperties: false + DataStorage: + description: The cached data capacity of the Serverless Cache. + type: object + properties: + Maximum: + description: The maximum cached data capacity of the Serverless Cache. + type: integer + Unit: + description: The unix of cached data capacity of the Serverless Cache. + type: string + enum: + - GB + additionalProperties: false + required: + - Maximum + - Unit + ECPUPerSecond: + description: The ECPU per second of the Serverless Cache. + type: object + properties: + Maximum: + description: The maximum ECPU per second of the Serverless Cache. + type: integer + additionalProperties: false + required: + - Maximum + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with ''aws:''. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + pattern: ^(?!aws:)[a-zA-Z0-9 _\.\/=+:\-@]*$ + minLength: 1 + maxLength: 128 + Value: + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + pattern: ^[a-zA-Z0-9 _\.\/=+:\-@]*$ + minLength: 0 + maxLength: 256 + required: + - Key + Endpoint: + description: The address and the port. + type: object + properties: + Address: + description: Endpoint address. + type: string + Port: + description: Endpoint port. + type: string + additionalProperties: false + ServerlessCache: + type: object + properties: + ServerlessCacheName: + description: The name of the Serverless Cache. This value must be unique. + type: string + Description: + description: The description of the Serverless Cache. + type: string + Engine: + description: The engine name of the Serverless Cache. + type: string + MajorEngineVersion: + description: The major engine version of the Serverless Cache. + type: string + FullEngineVersion: + description: The full engine version of the Serverless Cache. + type: string + CacheUsageLimits: + $ref: '#/components/schemas/CacheUsageLimits' + KmsKeyId: + description: The ID of the KMS key used to encrypt the cluster. + type: string + SecurityGroupIds: + description: One or more Amazon VPC security groups associated with this Serverless Cache. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + SnapshotArnsToRestore: + description: The ARN's of snapshot to restore Serverless Cache. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Tags: + description: An array of key-value pairs to apply to this Serverless Cache. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + UserGroupId: + description: The ID of the user group. + type: string + SubnetIds: + description: The subnet id's of the Serverless Cache. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + SnapshotRetentionLimit: + description: The snapshot retention limit of the Serverless Cache. + type: integer + DailySnapshotTime: + description: The daily time range (in UTC) during which the service takes automatic snapshot of the Serverless Cache. + type: string + CreateTime: + description: The creation time of the Serverless Cache. + type: string + Status: + description: The status of the Serverless Cache. + type: string + Endpoint: + $ref: '#/components/schemas/Endpoint' + ReaderEndpoint: + $ref: '#/components/schemas/Endpoint' + ARN: + description: The ARN of the Serverless Cache. + type: string + FinalSnapshotName: + description: The final snapshot name which is taken before Serverless Cache is deleted. + type: string + required: + - ServerlessCacheName + - Engine + x-stackql-resource-name: serverless_cache + x-stackql-primaryIdentifier: + - ServerlessCacheName + x-create-only-properties: + - ServerlessCacheName + - Engine + - MajorEngineVersion + - KmsKeyId + - SnapshotArnsToRestore + - SubnetIds + x-read-only-properties: + - FullEngineVersion + - CreateTime + - Status + - Endpoint/Address + - Endpoint/Port + - ReaderEndpoint/Address + - ReaderEndpoint/Port + - ARN + x-required-permissions: + create: + - elasticache:CreateServerlessCache + - elasticache:DescribeServerlessCaches + - elasticache:AddTagsToResource + - elasticache:ListTagsForResource + - ec2:CreateTags + - ec2:CreateVpcEndpoint + - kms:CreateGrant + - kms:DescribeKey + read: + - elasticache:DescribeServerlessCaches + - elasticache:ListTagsForResource + update: + - elasticache:ModifyServerlessCache + - elasticache:DescribeServerlessCaches + - elasticache:AddTagsToResource + - elasticache:ListTagsForResource + - elasticache:RemoveTagsFromResource + delete: + - elasticache:DeleteServerlessCache + - elasticache:DescribeServerlessCaches + - elasticache:ListTagsForResource + list: + - elasticache:DescribeServerlessCaches + - elasticache:ListTagsForResource + SubnetGroup: + type: object + properties: + Description: + type: string + description: The description for the cache subnet group. + SubnetIds: + description: The EC2 subnet IDs for the cache subnet group. + type: array + items: + type: string + x-insertionOrder: false + uniqueItems: false + CacheSubnetGroupName: + type: string + description: The name for the cache subnet group. This value is stored as a lowercase string. + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Description + - SubnetIds + x-stackql-resource-name: subnet_group + x-stackql-primaryIdentifier: + - CacheSubnetGroupName + x-create-only-properties: + - CacheSubnetGroupName + x-required-permissions: + create: + - elasticache:CreateCacheSubnetGroup + - elasticache:AddTagsToResource + - elasticache:DescribeCacheSubnetGroups + - elasticache:ListTagsForResource + read: + - elasticache:DescribeCacheSubnetGroups + - elasticache:ListTagsForResource + delete: + - elasticache:DeleteCacheSubnetGroup + - elasticache:DescribeCacheSubnetGroups + - elasticache:ListTagsForResource + list: + - elasticache:DescribeCacheSubnetGroups + update: + - elasticache:ModifyCacheSubnetGroup + - elasticache:DescribeCacheSubnetGroups + - elasticache:AddTagsToResource + - elasticache:RemoveTagsFromResource + User: + type: object + properties: + Status: + description: Indicates the user status. Can be "active", "modifying" or "deleting". + type: string + UserId: + description: The ID of the user. + pattern: '[a-z][a-z0-9\\-]*' + type: string + UserName: + description: The username of the user. + type: string + Engine: + description: Must be redis. + type: string + enum: + - redis + AccessString: + description: Access permissions string used for this user account. + type: string + NoPasswordRequired: + description: Indicates a password is not required for this user account. + type: boolean + Passwords: + type: array + x-$comment: List of passwords. + uniqueItems: true + x-insertionOrder: true + items: + type: string + description: Passwords used for this user account. You can create up to two passwords for each user. + Arn: + description: The Amazon Resource Name (ARN) of the user account. + type: string + AuthenticationMode: + type: object + additionalProperties: false + properties: + Type: + description: Authentication Type + type: string + enum: + - password + - no-password-required + - iam + Passwords: + type: array + x-$comment: List of passwords. + uniqueItems: true + x-insertionOrder: true + items: + type: string + description: Passwords used for this user account. You can create up to two passwords for each user. + required: + - Type + Tags: + description: An array of key-value pairs to apply to this user. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - UserId + - UserName + - Engine + x-stackql-resource-name: user + x-stackql-primaryIdentifier: + - UserId + x-create-only-properties: + - UserId + - UserName + - Engine + x-read-only-properties: + - Status + - Arn + x-required-permissions: + create: + - elasticache:CreateUser + - elasticache:DescribeUsers + - elasticache:ListTagsForResource + read: + - elasticache:DescribeUsers + - elasticache:ListTagsForResource + update: + - elasticache:ModifyUser + - elasticache:DescribeUsers + - elasticache:ListTagsForResource + - elasticache:AddTagsToResource + - elasticache:RemoveTagsFromResource + delete: + - elasticache:DeleteUser + - elasticache:DescribeUsers + list: + - elasticache:DescribeUsers + - elasticache:ListTagsForResource + UserGroup: + type: object + properties: + Status: + description: Indicates user group status. Can be "creating", "active", "modifying", "deleting". + type: string + UserGroupId: + description: The ID of the user group. + pattern: '[a-z][a-z0-9\\-]*' + type: string + Engine: + description: Must be redis. + type: string + enum: + - redis + UserIds: + type: array + x-$comment: List of users. + uniqueItems: true + x-insertionOrder: false + items: + type: string + description: List of users associated to this user group. + Arn: + description: The Amazon Resource Name (ARN) of the user account. + type: string + Tags: + description: An array of key-value pairs to apply to this user. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - UserGroupId + - Engine + - UserIds + x-stackql-resource-name: user_group + x-stackql-primaryIdentifier: + - UserGroupId + x-create-only-properties: + - UserGroupId + - Engine + x-read-only-properties: + - Status + - Arn + x-required-permissions: + create: + - elasticache:CreateUserGroup + - elasticache:DescribeUserGroups + - elasticache:ListTagsForResource + read: + - elasticache:DescribeUserGroups + - elasticache:ListTagsForResource + update: + - elasticache:ModifyUserGroup + - elasticache:DescribeUserGroups + - elasticache:ListTagsForResource + - elasticache:AddTagsToResource + - elasticache:RemoveTagsFromResource + delete: + - elasticache:ModifyReplicationGroup + - elasticache:DeleteUserGroup + - elasticache:DescribeUserGroups + - elasticache:ListTagsForResource + list: + - elasticache:DescribeUserGroups + - elasticache:ListTagsForResource + x-stackQL-resources: + global_replication_groups: + name: global_replication_groups + id: awscc.elasticache.global_replication_groups + x-cfn-schema-name: GlobalReplicationGroup + x-type: list + x-identifiers: + - GlobalReplicationGroupId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalReplicationGroupId') as global_replication_group_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::GlobalReplicationGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalReplicationGroupId') as global_replication_group_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::GlobalReplicationGroup' + AND region = 'us-east-1' + global_replication_group: + name: global_replication_group + id: awscc.elasticache.global_replication_group + x-cfn-schema-name: GlobalReplicationGroup + x-type: get + x-identifiers: + - GlobalReplicationGroupId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalReplicationGroupIdSuffix') as global_replication_group_id_suffix, + JSON_EXTRACT(Properties, '$.AutomaticFailoverEnabled') as automatic_failover_enabled, + JSON_EXTRACT(Properties, '$.CacheNodeType') as cache_node_type, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.CacheParameterGroupName') as cache_parameter_group_name, + JSON_EXTRACT(Properties, '$.GlobalNodeGroupCount') as global_node_group_count, + JSON_EXTRACT(Properties, '$.GlobalReplicationGroupDescription') as global_replication_group_description, + JSON_EXTRACT(Properties, '$.GlobalReplicationGroupId') as global_replication_group_id, + JSON_EXTRACT(Properties, '$.Members') as members, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.RegionalConfigurations') as regional_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::GlobalReplicationGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalReplicationGroupIdSuffix') as global_replication_group_id_suffix, + json_extract_path_text(Properties, 'AutomaticFailoverEnabled') as automatic_failover_enabled, + json_extract_path_text(Properties, 'CacheNodeType') as cache_node_type, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'CacheParameterGroupName') as cache_parameter_group_name, + json_extract_path_text(Properties, 'GlobalNodeGroupCount') as global_node_group_count, + json_extract_path_text(Properties, 'GlobalReplicationGroupDescription') as global_replication_group_description, + json_extract_path_text(Properties, 'GlobalReplicationGroupId') as global_replication_group_id, + json_extract_path_text(Properties, 'Members') as members, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'RegionalConfigurations') as regional_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::GlobalReplicationGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + serverless_caches: + name: serverless_caches + id: awscc.elasticache.serverless_caches + x-cfn-schema-name: ServerlessCache + x-type: list + x-identifiers: + - ServerlessCacheName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServerlessCacheName') as serverless_cache_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::ServerlessCache' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServerlessCacheName') as serverless_cache_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::ServerlessCache' + AND region = 'us-east-1' + serverless_cache: + name: serverless_cache + id: awscc.elasticache.serverless_cache + x-cfn-schema-name: ServerlessCache + x-type: get + x-identifiers: + - ServerlessCacheName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServerlessCacheName') as serverless_cache_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.MajorEngineVersion') as major_engine_version, + JSON_EXTRACT(Properties, '$.FullEngineVersion') as full_engine_version, + JSON_EXTRACT(Properties, '$.CacheUsageLimits') as cache_usage_limits, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SnapshotArnsToRestore') as snapshot_arns_to_restore, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UserGroupId') as user_group_id, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.SnapshotRetentionLimit') as snapshot_retention_limit, + JSON_EXTRACT(Properties, '$.DailySnapshotTime') as daily_snapshot_time, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.ReaderEndpoint') as reader_endpoint, + JSON_EXTRACT(Properties, '$.ARN') as a_rn, + JSON_EXTRACT(Properties, '$.FinalSnapshotName') as final_snapshot_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::ServerlessCache' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServerlessCacheName') as serverless_cache_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'MajorEngineVersion') as major_engine_version, + json_extract_path_text(Properties, 'FullEngineVersion') as full_engine_version, + json_extract_path_text(Properties, 'CacheUsageLimits') as cache_usage_limits, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SnapshotArnsToRestore') as snapshot_arns_to_restore, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UserGroupId') as user_group_id, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'SnapshotRetentionLimit') as snapshot_retention_limit, + json_extract_path_text(Properties, 'DailySnapshotTime') as daily_snapshot_time, + json_extract_path_text(Properties, 'CreateTime') as create_time, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'ReaderEndpoint') as reader_endpoint, + json_extract_path_text(Properties, 'ARN') as a_rn, + json_extract_path_text(Properties, 'FinalSnapshotName') as final_snapshot_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::ServerlessCache' + AND data__Identifier = '' + AND region = 'us-east-1' + subnet_groups: + name: subnet_groups + id: awscc.elasticache.subnet_groups + x-cfn-schema-name: SubnetGroup + x-type: list + x-identifiers: + - CacheSubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CacheSubnetGroupName') as cache_subnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::SubnetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CacheSubnetGroupName') as cache_subnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::SubnetGroup' + AND region = 'us-east-1' + subnet_group: + name: subnet_group + id: awscc.elasticache.subnet_group + x-cfn-schema-name: SubnetGroup + x-type: get + x-identifiers: + - CacheSubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.CacheSubnetGroupName') as cache_subnet_group_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::SubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'CacheSubnetGroupName') as cache_subnet_group_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::SubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + users: + name: users + id: awscc.elasticache.users + x-cfn-schema-name: User + x-type: list + x-identifiers: + - UserId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserId') as user_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::User' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserId') as user_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::User' + AND region = 'us-east-1' + user: + name: user + id: awscc.elasticache.user + x-cfn-schema-name: User + x-type: get + x-identifiers: + - UserId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.UserId') as user_id, + JSON_EXTRACT(Properties, '$.UserName') as user_name, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.AccessString') as access_string, + JSON_EXTRACT(Properties, '$.NoPasswordRequired') as no_password_required, + JSON_EXTRACT(Properties, '$.Passwords') as passwords, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AuthenticationMode') as authentication_mode, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::User' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'UserId') as user_id, + json_extract_path_text(Properties, 'UserName') as user_name, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'AccessString') as access_string, + json_extract_path_text(Properties, 'NoPasswordRequired') as no_password_required, + json_extract_path_text(Properties, 'Passwords') as passwords, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AuthenticationMode') as authentication_mode, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::User' + AND data__Identifier = '' + AND region = 'us-east-1' + user_groups: + name: user_groups + id: awscc.elasticache.user_groups + x-cfn-schema-name: UserGroup + x-type: list + x-identifiers: + - UserGroupId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserGroupId') as user_group_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::UserGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserGroupId') as user_group_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElastiCache::UserGroup' + AND region = 'us-east-1' + user_group: + name: user_group + id: awscc.elasticache.user_group + x-cfn-schema-name: UserGroup + x-type: get + x-identifiers: + - UserGroupId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.UserGroupId') as user_group_id, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.UserIds') as user_ids, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::UserGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'UserGroupId') as user_group_id, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'UserIds') as user_ids, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElastiCache::UserGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/elasticbeanstalk.yaml b/providers/src/awscc/v00.00.00000/services/elasticbeanstalk.yaml new file mode 100644 index 00000000..09a4508d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/elasticbeanstalk.yaml @@ -0,0 +1,632 @@ +openapi: 3.0.0 +info: + title: ElasticBeanstalk + version: 1.0.0 +paths: {} +components: + schemas: + ApplicationResourceLifecycleConfig: + type: object + additionalProperties: false + properties: + ServiceRole: + description: The ARN of an IAM service role that Elastic Beanstalk has permission to assume. The ServiceRole property is required the first time that you provide a ResourceLifecycleConfig for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value. + type: string + VersionLifecycleConfig: + description: Defines lifecycle settings for application versions. + $ref: '#/components/schemas/ApplicationVersionLifecycleConfig' + ApplicationVersionLifecycleConfig: + type: object + additionalProperties: false + properties: + MaxAgeRule: + description: Specify a max age rule to restrict the length of time that application versions are retained for an application. + $ref: '#/components/schemas/MaxAgeRule' + MaxCountRule: + description: Specify a max count rule to restrict the number of application versions that are retained for an application. + $ref: '#/components/schemas/MaxCountRule' + MaxAgeRule: + type: object + additionalProperties: false + properties: + DeleteSourceFromS3: + description: Set to true to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version. + type: boolean + Enabled: + description: Specify true to apply the rule, or false to disable it. + type: boolean + MaxAgeInDays: + description: Specify the number of days to retain an application versions. + type: integer + MaxCountRule: + type: object + additionalProperties: false + properties: + DeleteSourceFromS3: + description: Set to true to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version. + type: boolean + Enabled: + description: Specify true to apply the rule, or false to disable it. + type: boolean + MaxCount: + description: Specify the maximum number of application versions to retain. + type: integer + Application: + type: object + properties: + ApplicationName: + description: A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. + type: string + Description: + description: Your description of the application. + type: string + ResourceLifecycleConfig: + description: Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions. + $ref: '#/components/schemas/ApplicationResourceLifecycleConfig' + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationName + x-create-only-properties: + - ApplicationName + x-required-permissions: + create: + - elasticbeanstalk:CreateApplication + read: + - elasticbeanstalk:DescribeApplications + update: + - elasticbeanstalk:UpdateApplication + - elasticbeanstalk:UpdateApplicationResourceLifecycle + delete: + - elasticbeanstalk:DeleteApplication + list: + - elasticbeanstalk:DescribeApplications + SourceBundle: + type: object + additionalProperties: false + properties: + S3Bucket: + description: The Amazon S3 bucket where the data is located. + type: string + S3Key: + description: The Amazon S3 key where the data is located. + type: string + required: + - S3Bucket + - S3Key + ApplicationVersion: + type: object + properties: + Id: + type: string + ApplicationName: + description: 'The name of the Elastic Beanstalk application that is associated with this application version. ' + type: string + Description: + description: A description of this application version. + type: string + SourceBundle: + description: 'The Amazon S3 bucket and key that identify the location of the source bundle for this version. ' + $ref: '#/components/schemas/SourceBundle' + required: + - ApplicationName + - SourceBundle + x-stackql-resource-name: application_version + x-stackql-primaryIdentifier: + - ApplicationName + - Id + x-create-only-properties: + - SourceBundle + - ApplicationName + x-read-only-properties: + - Id + x-required-permissions: + create: + - elasticbeanstalk:CreateApplicationVersion + - elasticbeanstalk:DescribeApplicationVersions + - s3:GetObject + - s3:PutObject + read: + - elasticbeanstalk:DescribeApplicationVersions + update: + - elasticbeanstalk:UpdateApplicationVersion + delete: + - elasticbeanstalk:DeleteApplicationVersion + list: + - elasticbeanstalk:DescribeApplicationVersions + SourceConfiguration: + type: object + additionalProperties: false + properties: + ApplicationName: + description: The name of the application associated with the configuration. + type: string + TemplateName: + description: The name of the configuration template. + type: string + required: + - TemplateName + - ApplicationName + ConfigurationOptionSetting: + type: object + additionalProperties: false + properties: + Namespace: + description: A unique namespace that identifies the option's associated AWS resource. + type: string + OptionName: + description: The name of the configuration option. + type: string + ResourceName: + description: 'A unique resource name for the option setting. Use it for a time–based scaling configuration option. ' + type: string + Value: + description: The current value for the configuration option. + type: string + required: + - Namespace + - OptionName + ConfigurationTemplate: + type: object + properties: + ApplicationName: + description: 'The name of the Elastic Beanstalk application to associate with this configuration template. ' + type: string + Description: + description: An optional description for this configuration. + type: string + EnvironmentId: + description: 'The ID of an environment whose settings you want to use to create the configuration template. You must specify EnvironmentId if you don''t specify PlatformArn, SolutionStackName, or SourceConfiguration. ' + type: string + OptionSettings: + description: 'Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the AWS Elastic Beanstalk Developer Guide. ' + type: array + x-arrayType: AttributeList + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConfigurationOptionSetting' + PlatformArn: + description: 'The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the AWS Elastic Beanstalk Developer Guide. ' + type: string + SolutionStackName: + description: >- + The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, 64bit Amazon Linux 2013.09 running Tomcat 7 Java 7. A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported + Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the AWS Elastic Beanstalk Developer Guide. + + You must specify SolutionStackName if you don't specify PlatformArn, EnvironmentId, or SourceConfiguration. + + Use the ListAvailableSolutionStacks API to obtain a list of available solution stacks. + type: string + SourceConfiguration: + description: |- + An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration. + + Values specified in OptionSettings override any values obtained from the SourceConfiguration. + + You must specify SourceConfiguration if you don't specify PlatformArn, EnvironmentId, or SolutionStackName. + + Constraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name. + $ref: '#/components/schemas/SourceConfiguration' + TemplateName: + description: The name of the configuration template + type: string + required: + - ApplicationName + x-stackql-resource-name: configuration_template + x-stackql-primaryIdentifier: + - ApplicationName + - TemplateName + x-create-only-properties: + - ApplicationName + - EnvironmentId + - PlatformArn + - SolutionStackName + - SourceConfiguration + x-read-only-properties: + - TemplateName + x-required-permissions: + create: + - elasticbeanstalk:CreateConfigurationTemplate + read: + - elasticbeanstalk:DescribeConfigurationSettings + update: + - elasticbeanstalk:UpdateConfigurationTemplate + delete: + - elasticbeanstalk:DeleteConfigurationTemplate + - elasticbeanstalk:DescribeConfigurationSettings + list: + - elasticbeanstalk:DescribeApplications + Tier: + additionalProperties: false + type: object + properties: + Type: + description: The type of this environment tier. + type: string + Version: + description: The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version. + type: string + Name: + description: The name of this environment tier. + type: string + OptionSetting: + additionalProperties: false + type: object + properties: + ResourceName: + description: A unique resource name for the option setting. Use it for a time–based scaling configuration option. + type: string + Value: + description: The current value for the configuration option. + type: string + Namespace: + description: A unique namespace that identifies the option's associated AWS resource. + type: string + OptionName: + description: The name of the configuration option. + type: string + required: + - Namespace + - OptionName + Tag: + additionalProperties: false + type: object + properties: + Value: + description: The value for the tag. + type: string + Key: + description: The key name of the tag. + type: string + required: + - Value + - Key + Environment: + type: object + properties: + PlatformArn: + description: The Amazon Resource Name (ARN) of the custom platform to use with the environment. + type: string + ApplicationName: + description: The name of the application that is associated with this environment. + type: string + Description: + description: Your description for this environment. + type: string + EnvironmentName: + description: A unique name for the environment. + type: string + OperationsRole: + description: The Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. + type: string + Tier: + description: Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks. + $ref: '#/components/schemas/Tier' + VersionLabel: + description: The name of the application version to deploy. + type: string + EndpointURL: + type: string + OptionSettings: + uniqueItems: false + description: Key-value pairs defining configuration options for this environment, such as the instance type. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/OptionSetting' + TemplateName: + description: The name of the Elastic Beanstalk configuration template to use with the environment. + type: string + SolutionStackName: + description: The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. + type: string + CNAMEPrefix: + description: If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name. + type: string + Tags: + uniqueItems: false + description: Specifies the tags applied to resources in the environment. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - ApplicationName + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - EnvironmentName + x-create-only-properties: + - CNAMEPrefix + - EnvironmentName + - ApplicationName + - SolutionStackName + - Tier/Name + - Tier/Type + x-read-only-properties: + - EndpointURL + x-required-permissions: + read: + - elasticbeanstalk:DescribeEnvironments + - elasticbeanstalk:DescribeConfigurationSettings + - elasticbeanstalk:ListTagsForResource + create: + - elasticbeanstalk:DescribeEnvironments + - elasticbeanstalk:CreateEnvironment + - iam:PassRole + update: + - elasticbeanstalk:DescribeEnvironments + - elasticbeanstalk:UpdateEnvironment + - elasticbeanstalk:UpdateTagsForResource + - elasticbeanstalk:AssociateEnvironmentOperationsRole + - elasticbeanstalk:DisassociateEnvironmentOperationsRole + - iam:PassRole + list: + - elasticbeanstalk:DescribeEnvironments + delete: + - elasticbeanstalk:DescribeEnvironments + - elasticbeanstalk:TerminateEnvironment + x-stackQL-resources: + applications: + name: applications + id: awscc.elasticbeanstalk.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.elasticbeanstalk.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ResourceLifecycleConfig') as resource_lifecycle_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ResourceLifecycleConfig') as resource_lifecycle_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + application_versions: + name: application_versions + id: awscc.elasticbeanstalk.application_versions + x-cfn-schema-name: ApplicationVersion + x-type: list + x-identifiers: + - ApplicationName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::ApplicationVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::ApplicationVersion' + AND region = 'us-east-1' + application_version: + name: application_version + id: awscc.elasticbeanstalk.application_version + x-cfn-schema-name: ApplicationVersion + x-type: get + x-identifiers: + - ApplicationName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SourceBundle') as source_bundle + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::ApplicationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SourceBundle') as source_bundle + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::ApplicationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + configuration_templates: + name: configuration_templates + id: awscc.elasticbeanstalk.configuration_templates + x-cfn-schema-name: ConfigurationTemplate + x-type: list + x-identifiers: + - ApplicationName + - TemplateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.TemplateName') as template_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::ConfigurationTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'TemplateName') as template_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::ConfigurationTemplate' + AND region = 'us-east-1' + configuration_template: + name: configuration_template + id: awscc.elasticbeanstalk.configuration_template + x-cfn-schema-name: ConfigurationTemplate + x-type: get + x-identifiers: + - ApplicationName + - TemplateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id, + JSON_EXTRACT(Properties, '$.OptionSettings') as option_settings, + JSON_EXTRACT(Properties, '$.PlatformArn') as platform_arn, + JSON_EXTRACT(Properties, '$.SolutionStackName') as solution_stack_name, + JSON_EXTRACT(Properties, '$.SourceConfiguration') as source_configuration, + JSON_EXTRACT(Properties, '$.TemplateName') as template_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::ConfigurationTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id, + json_extract_path_text(Properties, 'OptionSettings') as option_settings, + json_extract_path_text(Properties, 'PlatformArn') as platform_arn, + json_extract_path_text(Properties, 'SolutionStackName') as solution_stack_name, + json_extract_path_text(Properties, 'SourceConfiguration') as source_configuration, + json_extract_path_text(Properties, 'TemplateName') as template_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::ConfigurationTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + environments: + name: environments + id: awscc.elasticbeanstalk.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - EnvironmentName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticBeanstalk::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.elasticbeanstalk.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - EnvironmentName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PlatformArn') as platform_arn, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.OperationsRole') as operations_role, + JSON_EXTRACT(Properties, '$.Tier') as tier, + JSON_EXTRACT(Properties, '$.VersionLabel') as version_label, + JSON_EXTRACT(Properties, '$.EndpointURL') as endpoint_ur_l, + JSON_EXTRACT(Properties, '$.OptionSettings') as option_settings, + JSON_EXTRACT(Properties, '$.TemplateName') as template_name, + JSON_EXTRACT(Properties, '$.SolutionStackName') as solution_stack_name, + JSON_EXTRACT(Properties, '$.CNAMEPrefix') as c_na_me_prefix, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PlatformArn') as platform_arn, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'OperationsRole') as operations_role, + json_extract_path_text(Properties, 'Tier') as tier, + json_extract_path_text(Properties, 'VersionLabel') as version_label, + json_extract_path_text(Properties, 'EndpointURL') as endpoint_ur_l, + json_extract_path_text(Properties, 'OptionSettings') as option_settings, + json_extract_path_text(Properties, 'TemplateName') as template_name, + json_extract_path_text(Properties, 'SolutionStackName') as solution_stack_name, + json_extract_path_text(Properties, 'CNAMEPrefix') as c_na_me_prefix, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticBeanstalk::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/elasticloadbalancingv2.yaml b/providers/src/awscc/v00.00.00000/services/elasticloadbalancingv2.yaml new file mode 100644 index 00000000..b3fcfc5b --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/elasticloadbalancingv2.yaml @@ -0,0 +1,1287 @@ +openapi: 3.0.0 +info: + title: ElasticLoadBalancingV2 + version: 1.0.0 +paths: {} +components: + schemas: + MutualAuthentication: + type: object + additionalProperties: false + properties: + Mode: + type: string + description: The client certificate handling method. Options are ``off``, ``passthrough`` or ``verify``. The default value is ``off``. + TrustStoreArn: + type: string + description: The Amazon Resource Name (ARN) of the trust store. + IgnoreClientCertificateExpiry: + type: boolean + description: Indicates whether expired client certificates are ignored. + description: Specifies the configuration information for mutual authentication. + FixedResponseConfig: + type: object + additionalProperties: false + properties: + ContentType: + type: string + StatusCode: + type: string + MessageBody: + type: string + required: + - StatusCode + TargetGroupTuple: + type: object + additionalProperties: false + properties: + TargetGroupArn: + type: string + Weight: + type: integer + Action: + type: object + additionalProperties: false + properties: + Order: + type: integer + TargetGroupArn: + type: string + FixedResponseConfig: + $ref: '#/components/schemas/FixedResponseConfig' + AuthenticateCognitoConfig: + $ref: '#/components/schemas/AuthenticateCognitoConfig' + Type: + type: string + RedirectConfig: + $ref: '#/components/schemas/RedirectConfig' + ForwardConfig: + $ref: '#/components/schemas/ForwardConfig' + AuthenticateOidcConfig: + $ref: '#/components/schemas/AuthenticateOidcConfig' + required: + - Type + AuthenticateCognitoConfig: + type: object + additionalProperties: false + properties: + OnUnauthenticatedRequest: + type: string + UserPoolClientId: + type: string + UserPoolDomain: + type: string + SessionTimeout: + type: integer + Scope: + type: string + SessionCookieName: + type: string + UserPoolArn: + type: string + AuthenticationRequestExtraParams: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + required: + - UserPoolClientId + - UserPoolDomain + - UserPoolArn + RedirectConfig: + type: object + additionalProperties: false + properties: + Path: + type: string + Query: + type: string + Port: + type: string + Host: + type: string + Protocol: + type: string + StatusCode: + type: string + required: + - StatusCode + TargetGroupStickinessConfig: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + DurationSeconds: + type: integer + ForwardConfig: + type: object + additionalProperties: false + properties: + TargetGroupStickinessConfig: + $ref: '#/components/schemas/TargetGroupStickinessConfig' + TargetGroups: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/TargetGroupTuple' + AuthenticateOidcConfig: + type: object + additionalProperties: false + properties: + OnUnauthenticatedRequest: + type: string + TokenEndpoint: + type: string + SessionTimeout: + type: integer + Scope: + type: string + Issuer: + type: string + ClientSecret: + type: string + UserInfoEndpoint: + type: string + ClientId: + type: string + AuthorizationEndpoint: + type: string + SessionCookieName: + type: string + UseExistingClientSecret: + type: boolean + AuthenticationRequestExtraParams: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + required: + - TokenEndpoint + - Issuer + - UserInfoEndpoint + - ClientId + - AuthorizationEndpoint + Certificate: + type: object + additionalProperties: false + properties: + CertificateArn: + type: string + description: The Amazon Resource Name (ARN) of the certificate. + description: Specifies an SSL server certificate to use as the default certificate for a secure listener. + Listener: + type: object + properties: + SslPolicy: + type: string + description: |- + [HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported. + For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) in the *Network Load Balancers Guide*. + LoadBalancerArn: + type: string + description: The Amazon Resource Name (ARN) of the load balancer. + DefaultActions: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Action' + description: |- + The actions for the default rule. You cannot define a condition for a default rule. + To create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html). + Port: + type: integer + description: The port on which the load balancer is listening. You cannot specify a port for a Gateway Load Balancer. + Certificates: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Certificate' + description: |- + The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS. + To create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html). + Protocol: + type: string + description: The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer. + ListenerArn: + type: string + description: '' + AlpnPolicy: + type: array + items: + type: string + description: '[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.' + MutualAuthentication: + $ref: '#/components/schemas/MutualAuthentication' + description: The mutual authentication configuration information. + required: + - LoadBalancerArn + - DefaultActions + x-stackql-resource-name: listener + x-stackql-primaryIdentifier: + - ListenerArn + x-create-only-properties: + - LoadBalancerArn + x-read-only-properties: + - ListenerArn + x-required-permissions: + create: + - elasticloadbalancing:CreateListener + - elasticloadbalancing:DescribeListeners + - cognito-idp:DescribeUserPoolClient + delete: + - elasticloadbalancing:DeleteListener + - elasticloadbalancing:DescribeListeners + list: + - elasticloadbalancing:DescribeListeners + read: + - elasticloadbalancing:DescribeListeners + update: + - elasticloadbalancing:ModifyListener + - elasticloadbalancing:DescribeListeners + - cognito-idp:DescribeUserPoolClient + RuleCondition: + type: object + additionalProperties: false + properties: + Field: + type: string + Values: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + HttpRequestMethodConfig: + $ref: '#/components/schemas/HttpRequestMethodConfig' + PathPatternConfig: + $ref: '#/components/schemas/PathPatternConfig' + HttpHeaderConfig: + $ref: '#/components/schemas/HttpHeaderConfig' + SourceIpConfig: + $ref: '#/components/schemas/SourceIpConfig' + HostHeaderConfig: + $ref: '#/components/schemas/HostHeaderConfig' + QueryStringConfig: + $ref: '#/components/schemas/QueryStringConfig' + QueryStringConfig: + type: object + additionalProperties: false + properties: + Values: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/QueryStringKeyValue' + PathPatternConfig: + type: object + additionalProperties: false + properties: + Values: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + HttpHeaderConfig: + type: object + additionalProperties: false + properties: + Values: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + HttpHeaderName: + type: string + QueryStringKeyValue: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + HostHeaderConfig: + type: object + additionalProperties: false + properties: + Values: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + HttpRequestMethodConfig: + type: object + additionalProperties: false + properties: + Values: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + SourceIpConfig: + type: object + additionalProperties: false + properties: + Values: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + ListenerRule: + type: object + properties: + ListenerArn: + type: string + RuleArn: + type: string + Actions: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Action' + Priority: + type: integer + Conditions: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/RuleCondition' + IsDefault: + type: boolean + required: + - Actions + - Priority + - Conditions + x-stackql-resource-name: listener_rule + x-stackql-primaryIdentifier: + - RuleArn + x-create-only-properties: + - ListenerArn + x-read-only-properties: + - RuleArn + - IsDefault + x-required-permissions: + create: + - elasticloadbalancing:CreateRule + - elasticloadbalancing:DescribeRules + - cognito-idp:DescribeUserPoolClient + delete: + - elasticloadbalancing:DeleteRule + - elasticloadbalancing:DescribeRules + list: + - elasticloadbalancing:DescribeRules + read: + - elasticloadbalancing:DescribeRules + update: + - elasticloadbalancing:ModifyRule + - elasticloadbalancing:SetRulePriorities + - elasticloadbalancing:DescribeRules + SubnetMapping: + type: object + additionalProperties: false + properties: + SubnetId: + type: string + description: The ID of the subnet. + AllocationId: + type: string + description: '[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.' + PrivateIPv4Address: + type: string + description: '[Network Load Balancers] The private IPv4 address for an internal load balancer.' + IPv6Address: + type: string + description: '[Network Load Balancers] The IPv6 address.' + required: + - SubnetId + description: Specifies a subnet for a load balancer. + LoadBalancerAttribute: + type: object + additionalProperties: false + properties: + Value: + type: string + description: The value of the attribute. + Key: + type: string + description: |- + The name of the attribute. + The following attributes are supported by all load balancers: + + ``deletion_protection.enabled`` - Indicates whether deletion protection is enabled. The value is ``true`` or ``false``. The default is ``false``. + + ``load_balancing.cross_zone.enabled`` - Indicates whether cross-zone load balancing is enabled. The possible values are ``true`` and ``false``. The default for Network Load Balancers and Gateway Load Balancers is ``false``. The default for Application Load Balancers is ``true``, and cannot be changed. + + The following attributes are supported by both Application Load Balancers and Network Load Balancers: + + ``access_logs.s3.enabled`` - Indicates whether access logs are enabled. The value is ``true`` or ``false``. The default is ``false``. + + ``access_logs.s3.bucket`` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and h + description: Specifies an attribute for an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer. + Tag: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + LoadBalancer: + type: object + properties: + IpAddressType: + type: string + description: The IP address type. The possible values are ``ipv4`` (for IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener. + SecurityGroups: + type: array + description: '[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.' + uniqueItems: true + x-insertionOrder: false + items: + type: string + LoadBalancerAttributes: + type: array + description: The load balancer attributes. + uniqueItems: true + x-insertionOrder: false + x-arrayType: AttributeList + items: + $ref: '#/components/schemas/LoadBalancerAttribute' + Scheme: + type: string + description: |- + The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet. + The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer. + The default is an Internet-facing load balancer. + You cannot specify a scheme for a Gateway Load Balancer. + DNSName: + type: string + description: '' + Name: + type: string + description: |- + The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with "internal-". + If you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name. + LoadBalancerName: + type: string + description: '' + LoadBalancerFullName: + type: string + description: '' + Subnets: + type: array + description: |- + The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets. + [Application Load Balancers] You must specify subnets from at least two Availability Zones. + [Application Load Balancers on Outposts] You must specify one Outpost subnet. + [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones. + [Network Load Balancers] You can specify subnets from one or more Availability Zones. + [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. + uniqueItems: true + x-insertionOrder: false + items: + type: string + Type: + type: string + description: The type of load balancer. The default is ``application``. + CanonicalHostedZoneID: + type: string + description: '' + Tags: + type: array + description: The tags to assign to the load balancer. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LoadBalancerArn: + type: string + description: '' + SubnetMappings: + type: array + description: |- + The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. + [Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets. + [Application Load Balancers on Outposts] You must specify one Outpost subnet. + [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones. + [Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet. + [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/SubnetMapping' + EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic: + type: string + description: Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through privatelink. + x-stackql-resource-name: load_balancer + x-stackql-primaryIdentifier: + - LoadBalancerArn + x-create-only-properties: + - Name + - Type + - Scheme + x-read-only-properties: + - LoadBalancerName + - LoadBalancerFullName + - CanonicalHostedZoneID + - LoadBalancerArn + - DNSName + x-required-permissions: + create: + - elasticloadbalancing:CreateLoadBalancer + - elasticloadbalancing:DescribeLoadBalancers + - elasticloadbalancing:ModifyLoadBalancerAttributes + - elasticloadbalancing:AddTags + delete: + - elasticloadbalancing:DescribeLoadBalancers + - elasticloadbalancing:DeleteLoadBalancer + list: + - elasticloadbalancing:DescribeLoadBalancers + read: + - elasticloadbalancing:DescribeLoadBalancers + - elasticloadbalancing:DescribeLoadBalancerAttributes + - elasticloadbalancing:DescribeTags + update: + - elasticloadbalancing:ModifyLoadBalancerAttributes + - elasticloadbalancing:SetSubnets + - elasticloadbalancing:SetIpAddressType + - elasticloadbalancing:SetSecurityGroups + - elasticloadbalancing:AddTags + - elasticloadbalancing:RemoveTags + Matcher: + type: object + additionalProperties: false + properties: + GrpcCode: + type: string + description: You can specify values between 0 and 99. You can specify multiple values, or a range of values. The default value is 12. + HttpCode: + type: string + description: 'For Application Load Balancers, you can specify values between 200 and 499, and the default value is 200. You can specify multiple values or a range of values. ' + TargetDescription: + type: object + additionalProperties: false + properties: + AvailabilityZone: + type: string + description: An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. + Id: + type: string + description: 'The ID of the target. If the target type of the target group is instance, specify an instance ID. If the target type is ip, specify an IP address. If the target type is lambda, specify the ARN of the Lambda function. If the target type is alb, specify the ARN of the Application Load Balancer target. ' + Port: + type: integer + description: The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is alb, the targeted Application Load Balancer must have at least one listener whose port matches the target group port. Not used if the target is a Lambda function. + required: + - Id + TargetGroupAttribute: + type: object + additionalProperties: false + properties: + Value: + type: string + description: The name of the attribute. + Key: + type: string + description: The value of the attribute. + TargetGroup: + type: object + properties: + IpAddressType: + type: string + description: 'The type of IP address used for this target group. The possible values are ipv4 and ipv6. ' + HealthCheckIntervalSeconds: + type: integer + description: The approximate amount of time, in seconds, between health checks of an individual target. + LoadBalancerArns: + type: array + x-insertionOrder: false + description: The Amazon Resource Names (ARNs) of the load balancers that route traffic to this target group. + uniqueItems: false + items: + type: string + Matcher: + $ref: '#/components/schemas/Matcher' + description: '[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target.' + HealthCheckPath: + type: string + description: '[HTTP/HTTPS health checks] The destination for health checks on the targets. [HTTP1 or HTTP2 protocol version] The ping path. The default is /. [GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is /AWS.ALB/healthcheck.' + Port: + type: integer + description: The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081. + Targets: + type: array + description: The targets. + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/TargetDescription' + HealthCheckEnabled: + type: boolean + description: Indicates whether health checks are enabled. If the target type is lambda, health checks are disabled by default but can be enabled. If the target type is instance, ip, or alb, health checks are always enabled and cannot be disabled. + ProtocolVersion: + type: string + description: '[HTTP/HTTPS protocol] The protocol version. The possible values are GRPC, HTTP1, and HTTP2.' + UnhealthyThresholdCount: + type: integer + description: The number of consecutive health check failures required before considering a target unhealthy. + HealthCheckTimeoutSeconds: + type: integer + description: The amount of time, in seconds, during which no response from a target means a failed health check. + Name: + type: string + description: The name of the target group. + VpcId: + type: string + description: The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. + TargetGroupFullName: + type: string + description: The full name of the target group. + HealthyThresholdCount: + type: integer + description: 'The number of consecutive health checks successes required before considering an unhealthy target healthy. ' + HealthCheckProtocol: + type: string + description: 'The protocol the load balancer uses when performing health checks on targets. ' + TargetGroupAttributes: + type: array + x-arrayType: AttributeList + description: The attributes. + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/TargetGroupAttribute' + TargetType: + type: string + description: The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type. + HealthCheckPort: + type: string + description: 'The port the load balancer uses when performing health checks on targets. ' + TargetGroupArn: + type: string + description: The ARN of the Target Group + Protocol: + type: string + description: The protocol to use for routing traffic to the targets. + TargetGroupName: + type: string + description: The name of the target group. + Tags: + type: array + description: The tags. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: target_group + x-stackql-primaryIdentifier: + - TargetGroupArn + x-create-only-properties: + - TargetType + - ProtocolVersion + - Port + - Name + - VpcId + - Protocol + - IpAddressType + x-read-only-properties: + - LoadBalancerArns + - TargetGroupArn + - TargetGroupName + - TargetGroupFullName + x-required-permissions: + create: + - elasticloadbalancing:CreateTargetGroup + - elasticloadbalancing:DescribeTargetGroups + - elasticloadbalancing:RegisterTargets + - elasticloadbalancing:ModifyTargetGroupAttributes + - elasticloadbalancing:DescribeTargetHealth + - elasticloadbalancing:AddTags + delete: + - elasticloadbalancing:DeleteTargetGroup + - elasticloadbalancing:DescribeTargetGroups + list: + - elasticloadbalancing:DescribeTargetGroups + read: + - elasticloadbalancing:DescribeTargetGroups + - elasticloadbalancing:DescribeTargetGroupAttributes + - elasticloadbalancing:DescribeTargetHealth + - elasticloadbalancing:DescribeTags + update: + - elasticloadbalancing:DescribeTargetGroups + - elasticloadbalancing:ModifyTargetGroup + - elasticloadbalancing:ModifyTargetGroupAttributes + - elasticloadbalancing:RegisterTargets + - elasticloadbalancing:DescribeTargetHealth + - elasticloadbalancing:DeregisterTargets + - elasticloadbalancing:AddTags + - elasticloadbalancing:RemoveTags + TrustStore: + type: object + properties: + Name: + type: string + description: The name of the trust store. + CaCertificatesBundleS3Bucket: + type: string + description: The name of the S3 bucket to fetch the CA certificate bundle from. + CaCertificatesBundleS3Key: + type: string + description: The name of the S3 object to fetch the CA certificate bundle from. + CaCertificatesBundleS3ObjectVersion: + type: string + description: The version of the S3 bucket that contains the CA certificate bundle. + Status: + type: string + description: The status of the trust store, could be either of ACTIVE or CREATING. + NumberOfCaCertificates: + type: integer + description: The number of certificates associated with the trust store. + Tags: + type: array + description: The tags to assign to the trust store. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TrustStoreArn: + type: string + description: The Amazon Resource Name (ARN) of the trust store. + x-stackql-resource-name: trust_store + x-stackql-primaryIdentifier: + - TrustStoreArn + x-create-only-properties: + - Name + x-read-only-properties: + - TrustStoreArn + - Status + - NumberOfCaCertificates + x-required-permissions: + create: + - elasticloadbalancing:CreateTrustStore + - elasticloadbalancing:DescribeTrustStores + - elasticloadbalancing:AddTags + - s3:GetObject + - s3:GetObjectVersion + delete: + - elasticloadbalancing:DescribeTrustStores + - elasticloadbalancing:DeleteTrustStore + list: + - elasticloadbalancing:DescribeTrustStores + - s3:GetObject + - s3:GetObjectVersion + read: + - elasticloadbalancing:DescribeTrustStores + - elasticloadbalancing:DescribeTags + update: + - elasticloadbalancing:ModifyTrustStore + - elasticloadbalancing:AddTags + - elasticloadbalancing:RemoveTags + - s3:GetObject + - s3:GetObjectVersion + RevocationId: + type: string + RevocationContent: + type: object + additionalProperties: false + properties: + S3Bucket: + type: string + S3Key: + type: string + S3ObjectVersion: + type: string + RevocationType: + type: string + TrustStoreRevocation: + type: object + properties: + RevocationContents: + type: array + description: The attributes required to create a trust store revocation. + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/RevocationContent' + TrustStoreArn: + type: string + description: The Amazon Resource Name (ARN) of the trust store. + RevocationId: + type: integer + format: int64 + description: The ID associated with the revocation. + TrustStoreRevocations: + type: array + description: The data associated with a trust store revocation + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/TrustStoreRevocation' + x-stackql-resource-name: trust_store_revocation + x-stackql-primaryIdentifier: + - RevocationId + - TrustStoreArn + x-create-only-properties: + - TrustStoreArn + - RevocationContents + x-read-only-properties: + - RevocationId + - TrustStoreRevocations + x-required-permissions: + create: + - elasticloadbalancing:AddTrustStoreRevocations + - elasticloadbalancing:DescribeTrustStoreRevocations + - s3:GetObject + - s3:GetObjectVersion + delete: + - elasticloadbalancing:DescribeTrustStoreRevocations + - elasticloadbalancing:RemoveTrustStoreRevocations + list: + - elasticloadbalancing:DescribeTrustStoreRevocations + read: + - elasticloadbalancing:DescribeTrustStoreRevocations + x-stackQL-resources: + listeners: + name: listeners + id: awscc.elasticloadbalancingv2.listeners + x-cfn-schema-name: Listener + x-type: list + x-identifiers: + - ListenerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ListenerArn') as listener_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::Listener' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ListenerArn') as listener_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::Listener' + AND region = 'us-east-1' + listener: + name: listener + id: awscc.elasticloadbalancingv2.listener + x-cfn-schema-name: Listener + x-type: get + x-identifiers: + - ListenerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SslPolicy') as ssl_policy, + JSON_EXTRACT(Properties, '$.LoadBalancerArn') as load_balancer_arn, + JSON_EXTRACT(Properties, '$.DefaultActions') as default_actions, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.Certificates') as certificates, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.ListenerArn') as listener_arn, + JSON_EXTRACT(Properties, '$.AlpnPolicy') as alpn_policy, + JSON_EXTRACT(Properties, '$.MutualAuthentication') as mutual_authentication + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::Listener' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SslPolicy') as ssl_policy, + json_extract_path_text(Properties, 'LoadBalancerArn') as load_balancer_arn, + json_extract_path_text(Properties, 'DefaultActions') as default_actions, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'Certificates') as certificates, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'ListenerArn') as listener_arn, + json_extract_path_text(Properties, 'AlpnPolicy') as alpn_policy, + json_extract_path_text(Properties, 'MutualAuthentication') as mutual_authentication + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::Listener' + AND data__Identifier = '' + AND region = 'us-east-1' + listener_rules: + name: listener_rules + id: awscc.elasticloadbalancingv2.listener_rules + x-cfn-schema-name: ListenerRule + x-type: list + x-identifiers: + - RuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleArn') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::ListenerRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleArn') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::ListenerRule' + AND region = 'us-east-1' + listener_rule: + name: listener_rule + id: awscc.elasticloadbalancingv2.listener_rule + x-cfn-schema-name: ListenerRule + x-type: get + x-identifiers: + - RuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ListenerArn') as listener_arn, + JSON_EXTRACT(Properties, '$.RuleArn') as rule_arn, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.Priority') as priority, + JSON_EXTRACT(Properties, '$.Conditions') as conditions, + JSON_EXTRACT(Properties, '$.IsDefault') as is_default + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::ListenerRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ListenerArn') as listener_arn, + json_extract_path_text(Properties, 'RuleArn') as rule_arn, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'Priority') as priority, + json_extract_path_text(Properties, 'Conditions') as conditions, + json_extract_path_text(Properties, 'IsDefault') as is_default + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::ListenerRule' + AND data__Identifier = '' + AND region = 'us-east-1' + load_balancers: + name: load_balancers + id: awscc.elasticloadbalancingv2.load_balancers + x-cfn-schema-name: LoadBalancer + x-type: list + x-identifiers: + - LoadBalancerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LoadBalancerArn') as load_balancer_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::LoadBalancer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LoadBalancerArn') as load_balancer_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::LoadBalancer' + AND region = 'us-east-1' + load_balancer: + name: load_balancer + id: awscc.elasticloadbalancingv2.load_balancer + x-cfn-schema-name: LoadBalancer + x-type: get + x-identifiers: + - LoadBalancerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IpAddressType') as ip_address_type, + JSON_EXTRACT(Properties, '$.SecurityGroups') as security_groups, + JSON_EXTRACT(Properties, '$.LoadBalancerAttributes') as load_balancer_attributes, + JSON_EXTRACT(Properties, '$.Scheme') as scheme, + JSON_EXTRACT(Properties, '$.DNSName') as d_ns_name, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.LoadBalancerName') as load_balancer_name, + JSON_EXTRACT(Properties, '$.LoadBalancerFullName') as load_balancer_full_name, + JSON_EXTRACT(Properties, '$.Subnets') as subnets, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.CanonicalHostedZoneID') as canonical_hosted_zone_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LoadBalancerArn') as load_balancer_arn, + JSON_EXTRACT(Properties, '$.SubnetMappings') as subnet_mappings, + JSON_EXTRACT(Properties, '$.EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic') as enforce_security_group_inbound_rules_on_private_link_traffic + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::LoadBalancer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IpAddressType') as ip_address_type, + json_extract_path_text(Properties, 'SecurityGroups') as security_groups, + json_extract_path_text(Properties, 'LoadBalancerAttributes') as load_balancer_attributes, + json_extract_path_text(Properties, 'Scheme') as scheme, + json_extract_path_text(Properties, 'DNSName') as d_ns_name, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'LoadBalancerName') as load_balancer_name, + json_extract_path_text(Properties, 'LoadBalancerFullName') as load_balancer_full_name, + json_extract_path_text(Properties, 'Subnets') as subnets, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'CanonicalHostedZoneID') as canonical_hosted_zone_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LoadBalancerArn') as load_balancer_arn, + json_extract_path_text(Properties, 'SubnetMappings') as subnet_mappings, + json_extract_path_text(Properties, 'EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic') as enforce_security_group_inbound_rules_on_private_link_traffic + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::LoadBalancer' + AND data__Identifier = '' + AND region = 'us-east-1' + target_groups: + name: target_groups + id: awscc.elasticloadbalancingv2.target_groups + x-cfn-schema-name: TargetGroup + x-type: list + x-identifiers: + - TargetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetGroupArn') as target_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TargetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetGroupArn') as target_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TargetGroup' + AND region = 'us-east-1' + target_group: + name: target_group + id: awscc.elasticloadbalancingv2.target_group + x-cfn-schema-name: TargetGroup + x-type: get + x-identifiers: + - TargetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IpAddressType') as ip_address_type, + JSON_EXTRACT(Properties, '$.HealthCheckIntervalSeconds') as health_check_interval_seconds, + JSON_EXTRACT(Properties, '$.LoadBalancerArns') as load_balancer_arns, + JSON_EXTRACT(Properties, '$.Matcher') as matcher, + JSON_EXTRACT(Properties, '$.HealthCheckPath') as health_check_path, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.Targets') as targets, + JSON_EXTRACT(Properties, '$.HealthCheckEnabled') as health_check_enabled, + JSON_EXTRACT(Properties, '$.ProtocolVersion') as protocol_version, + JSON_EXTRACT(Properties, '$.UnhealthyThresholdCount') as unhealthy_threshold_count, + JSON_EXTRACT(Properties, '$.HealthCheckTimeoutSeconds') as health_check_timeout_seconds, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.TargetGroupFullName') as target_group_full_name, + JSON_EXTRACT(Properties, '$.HealthyThresholdCount') as healthy_threshold_count, + JSON_EXTRACT(Properties, '$.HealthCheckProtocol') as health_check_protocol, + JSON_EXTRACT(Properties, '$.TargetGroupAttributes') as target_group_attributes, + JSON_EXTRACT(Properties, '$.TargetType') as target_type, + JSON_EXTRACT(Properties, '$.HealthCheckPort') as health_check_port, + JSON_EXTRACT(Properties, '$.TargetGroupArn') as target_group_arn, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.TargetGroupName') as target_group_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TargetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IpAddressType') as ip_address_type, + json_extract_path_text(Properties, 'HealthCheckIntervalSeconds') as health_check_interval_seconds, + json_extract_path_text(Properties, 'LoadBalancerArns') as load_balancer_arns, + json_extract_path_text(Properties, 'Matcher') as matcher, + json_extract_path_text(Properties, 'HealthCheckPath') as health_check_path, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'Targets') as targets, + json_extract_path_text(Properties, 'HealthCheckEnabled') as health_check_enabled, + json_extract_path_text(Properties, 'ProtocolVersion') as protocol_version, + json_extract_path_text(Properties, 'UnhealthyThresholdCount') as unhealthy_threshold_count, + json_extract_path_text(Properties, 'HealthCheckTimeoutSeconds') as health_check_timeout_seconds, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'TargetGroupFullName') as target_group_full_name, + json_extract_path_text(Properties, 'HealthyThresholdCount') as healthy_threshold_count, + json_extract_path_text(Properties, 'HealthCheckProtocol') as health_check_protocol, + json_extract_path_text(Properties, 'TargetGroupAttributes') as target_group_attributes, + json_extract_path_text(Properties, 'TargetType') as target_type, + json_extract_path_text(Properties, 'HealthCheckPort') as health_check_port, + json_extract_path_text(Properties, 'TargetGroupArn') as target_group_arn, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'TargetGroupName') as target_group_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TargetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + trust_stores: + name: trust_stores + id: awscc.elasticloadbalancingv2.trust_stores + x-cfn-schema-name: TrustStore + x-type: list + x-identifiers: + - TrustStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStore' + AND region = 'us-east-1' + trust_store: + name: trust_store + id: awscc.elasticloadbalancingv2.trust_store + x-cfn-schema-name: TrustStore + x-type: get + x-identifiers: + - TrustStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.CaCertificatesBundleS3Bucket') as ca_certificates_bundle_s3_bucket, + JSON_EXTRACT(Properties, '$.CaCertificatesBundleS3Key') as ca_certificates_bundle_s3_key, + JSON_EXTRACT(Properties, '$.CaCertificatesBundleS3ObjectVersion') as ca_certificates_bundle_s3_object_version, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.NumberOfCaCertificates') as number_of_ca_certificates, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'CaCertificatesBundleS3Bucket') as ca_certificates_bundle_s3_bucket, + json_extract_path_text(Properties, 'CaCertificatesBundleS3Key') as ca_certificates_bundle_s3_key, + json_extract_path_text(Properties, 'CaCertificatesBundleS3ObjectVersion') as ca_certificates_bundle_s3_object_version, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'NumberOfCaCertificates') as number_of_ca_certificates, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStore' + AND data__Identifier = '' + AND region = 'us-east-1' + trust_store_revocations: + name: trust_store_revocations + id: awscc.elasticloadbalancingv2.trust_store_revocations + x-cfn-schema-name: TrustStoreRevocation + x-type: list + x-identifiers: + - RevocationId + - TrustStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RevocationId') as revocation_id, + JSON_EXTRACT(Properties, '$.TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStoreRevocation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RevocationId') as revocation_id, + json_extract_path_text(Properties, 'TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStoreRevocation' + AND region = 'us-east-1' + trust_store_revocation: + name: trust_store_revocation + id: awscc.elasticloadbalancingv2.trust_store_revocation + x-cfn-schema-name: TrustStoreRevocation + x-type: get + x-identifiers: + - RevocationId + - TrustStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RevocationContents') as revocation_contents, + JSON_EXTRACT(Properties, '$.TrustStoreArn') as trust_store_arn, + JSON_EXTRACT(Properties, '$.RevocationId') as revocation_id, + JSON_EXTRACT(Properties, '$.TrustStoreRevocations') as trust_store_revocations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStoreRevocation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RevocationContents') as revocation_contents, + json_extract_path_text(Properties, 'TrustStoreArn') as trust_store_arn, + json_extract_path_text(Properties, 'RevocationId') as revocation_id, + json_extract_path_text(Properties, 'TrustStoreRevocations') as trust_store_revocations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ElasticLoadBalancingV2::TrustStoreRevocation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/emr.yaml b/providers/src/awscc/v00.00.00000/services/emr.yaml new file mode 100644 index 00000000..401cab31 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/emr.yaml @@ -0,0 +1,717 @@ +openapi: 3.0.0 +info: + title: EMR + version: 1.0.0 +paths: {} +components: + schemas: + SecurityConfiguration: + type: object + properties: + Name: + description: The name of the security configuration. + type: string + SecurityConfiguration: + description: The security configuration details in JSON format. + type: object + required: + - SecurityConfiguration + x-stackql-resource-name: security_configuration + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - SecurityConfiguration + x-required-permissions: + create: + - elasticmapreduce:CreateSecurityConfiguration + - elasticmapreduce:DescribeSecurityConfiguration + read: + - elasticmapreduce:DescribeSecurityConfiguration + delete: + - elasticmapreduce:DeleteSecurityConfiguration + list: + - elasticmapreduce:ListSecurityConfigurations + HadoopJarStepConfig: + type: object + additionalProperties: false + properties: + Args: + type: array + uniqueItems: false + items: + type: string + Jar: + type: string + MainClass: + type: string + StepProperties: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/KeyValue' + required: + - Jar + KeyValue: + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + Step: + type: object + properties: + Id: + description: ID generated by service + type: string + ActionOnFailure: + description: This specifies what action to take when the cluster step fails. Possible values are CANCEL_AND_WAIT and CONTINUE. + type: string + HadoopJarStep: + description: The HadoopJarStepConfig property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps. + $ref: '#/components/schemas/HadoopJarStepConfig' + JobFlowId: + description: A string that uniquely identifies the cluster (job flow). + type: string + Name: + description: The name of the cluster step. + type: string + required: + - JobFlowId + - HadoopJarStep + - ActionOnFailure + - Name + x-stackql-resource-name: step + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - JobFlowId + - HadoopJarStep + - Name + - ActionOnFailure + x-read-only-properties: + - Id + x-required-permissions: + create: + - emr:AddJobFlowSteps + delete: [] + SubnetId: + description: Identifier of a subnet + type: string + pattern: ^(subnet-[a-f0-9]{13})|(subnet-[a-f0-9]{8})\Z + Arn: + type: string + pattern: ^arn:aws(-(cn|us-gov))?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Studio: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the EMR Studio. + $ref: '#/components/schemas/Arn' + AuthMode: + type: string + description: Specifies whether the Studio authenticates users using single sign-on (SSO) or IAM. Amazon EMR Studio currently only supports SSO authentication. + enum: + - SSO + - IAM + DefaultS3Location: + description: The default Amazon S3 location to back up EMR Studio Workspaces and notebook files. A Studio user can select an alternative Amazon S3 location when creating a Workspace. + type: string + minLength: 6 + maxLength: 10280 + pattern: ^s3://.* + Description: + description: A detailed description of the Studio. + type: string + minLength: 0 + maxLength: 256 + EngineSecurityGroupId: + description: The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by VpcId. + type: string + minLength: 4 + maxLength: 256 + pattern: ^sg-[a-zA-Z0-9\-._]+$ + Name: + description: A descriptive name for the Amazon EMR Studio. + type: string + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z0-9_-]+' + ServiceRole: + description: The IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services. + $ref: '#/components/schemas/Arn' + StudioId: + description: The ID of the EMR Studio. + type: string + pattern: ^es-[0-9A-Z]+ + minLength: 4 + maxLength: 256 + SubnetIds: + description: A list of up to 5 subnet IDs to associate with the Studio. The subnets must belong to the VPC specified by VpcId. Studio users can create a Workspace in any of the specified subnets. + type: array + minItems: 1 + items: + $ref: '#/components/schemas/SubnetId' + Tags: + description: A list of tags to associate with the Studio. Tags are user-defined key-value pairs that consist of a required key string with a maximum of 128 characters, and an optional value string with a maximum of 256 characters. + $ref: '#/components/schemas/Tags' + Url: + description: The unique Studio access URL. + type: string + pattern: ^https://[0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])(:[0-9]*)*([?/#].*)?$ + maxLength: 4096 + UserRole: + description: The IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. + $ref: '#/components/schemas/Arn' + VpcId: + description: The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio. + type: string + pattern: ^(vpc-[0-9a-f]{8}|vpc-[0-9a-f]{17})$ + WorkspaceSecurityGroupId: + description: The ID of the Amazon EMR Studio Workspace security group. The Workspace security group allows outbound network traffic to resources in the Engine security group, and it must be in the same VPC specified by VpcId. + type: string + pattern: ^sg-[a-zA-Z0-9\-._]+$ + IdpAuthUrl: + description: Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL. + type: string + pattern: ^https://[0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])(:[0-9]*)*([?/#].*)?$ + maxLength: 4096 + IdpRelayStateParameterName: + description: The name of relay state parameter for external Identity Provider. + type: string + minLength: 0 + maxLength: 256 + TrustedIdentityPropagationEnabled: + description: A Boolean indicating whether to enable Trusted identity propagation for the Studio. The default value is false. + type: boolean + IdcUserAssignment: + description: Specifies whether IAM Identity Center user assignment is REQUIRED or OPTIONAL. If the value is set to REQUIRED, users must be explicitly assigned to the Studio application to access the Studio. + type: string + enum: + - REQUIRED + - OPTIONAL + IdcInstanceArn: + description: The ARN of the IAM Identity Center instance to create the Studio application. + type: string + minLength: 20 + maxLength: 2048 + EncryptionKeyArn: + description: The AWS KMS key identifier (ARN) used to encrypt AWS EMR Studio workspace and notebook files when backed up to AWS S3. + $ref: '#/components/schemas/Arn' + required: + - AuthMode + - EngineSecurityGroupId + - Name + - ServiceRole + - SubnetIds + - VpcId + - WorkspaceSecurityGroupId + - DefaultS3Location + x-stackql-resource-name: studio + x-stackql-primaryIdentifier: + - StudioId + x-create-only-properties: + - AuthMode + - EngineSecurityGroupId + - ServiceRole + - UserRole + - VpcId + - WorkspaceSecurityGroupId + - TrustedIdentityPropagationEnabled + - IdcUserAssignment + - IdcInstanceArn + - EncryptionKeyArn + x-read-only-properties: + - StudioId + - Arn + - Url + x-required-permissions: + create: + - elasticmapreduce:CreateStudio + - elasticmapreduce:DescribeStudio + - elasticmapreduce:AddTags + - sso:CreateManagedApplicationInstance + - sso:DeleteManagedApplicationInstance + - iam:PassRole + read: + - elasticmapreduce:DescribeStudio + - sso:GetManagedApplicationInstance + update: + - elasticmapreduce:UpdateStudio + - elasticmapreduce:DescribeStudio + - elasticmapreduce:AddTags + - elasticmapreduce:RemoveTags + delete: + - elasticmapreduce:DeleteStudio + - elasticmapreduce:DescribeStudio + - sso:DeleteManagedApplicationInstance + list: + - elasticmapreduce:ListStudios + IamPolicyArn: + type: string + pattern: ^arn:aws(-(cn|us-gov))?:iam::([0-9]{12})?:policy\/[^.]+$ + StudioSessionMapping: + type: object + properties: + IdentityName: + type: string + description: The name of the user or group. For more information, see UserName and DisplayName in the AWS SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified. + IdentityType: + type: string + description: Specifies whether the identity to map to the Studio is a user or a group. + enum: + - USER + - GROUP + SessionPolicyArn: + description: The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. + $ref: '#/components/schemas/IamPolicyArn' + StudioId: + description: The ID of the Amazon EMR Studio to which the user or group will be mapped. + type: string + pattern: ^es-[0-9A-Z]+ + minLength: 4 + maxLength: 256 + required: + - StudioId + - IdentityName + - IdentityType + - SessionPolicyArn + x-stackql-resource-name: studio_session_mapping + x-stackql-primaryIdentifier: + - StudioId + - IdentityType + - IdentityName + x-create-only-properties: + - StudioId + - IdentityType + - IdentityName + x-required-permissions: + create: + - elasticmapreduce:CreateStudioSessionMapping + - sso-directory:SearchUsers + - sso-directory:SearchGroups + - sso-directory:DescribeUser + - sso-directory:DescribeGroup + - sso:ListDirectoryAssociations + - sso:GetProfile + - sso:ListProfiles + - sso:AssociateProfile + read: + - elasticmapreduce:GetStudioSessionMapping + - sso-directory:SearchUsers + - sso-directory:SearchGroups + - sso-directory:DescribeUser + - sso-directory:DescribeGroup + - sso:GetManagedApplicationInstance + - sso:DescribeInstance + update: + - elasticmapreduce:GetStudioSessionMapping + - elasticmapreduce:UpdateStudioSessionMapping + - sso-directory:SearchUsers + - sso-directory:SearchGroups + - sso-directory:DescribeUser + - sso-directory:DescribeGroup + - sso:GetManagedApplicationInstance + - sso:DescribeInstance + delete: + - elasticmapreduce:GetStudioSessionMapping + - elasticmapreduce:DeleteStudioSessionMapping + - sso-directory:SearchUsers + - sso-directory:SearchGroups + - sso-directory:DescribeUser + - sso-directory:DescribeGroup + - sso:GetManagedApplicationInstance + - sso:DescribeInstance + - sso:ListDirectoryAssociations + - sso:GetProfile + - sso:ListProfiles + - sso:DisassociateProfile + list: + - elasticmapreduce:ListStudioSessionMappings + WALWorkspace: + type: object + properties: + WALWorkspaceName: + description: The name of the emrwal container + type: string + minLength: 1 + maxLength: 32 + pattern: ^[a-zA-Z0-9]+$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: wal_workspace + x-stackql-primaryIdentifier: + - WALWorkspaceName + x-create-only-properties: + - WALWorkspaceName + x-required-permissions: + create: + - emrwal:CreateWorkspace + - emrwal:TagResource + - iam:CreateServiceLinkedRole + read: + - emrwal:ListTagsForResource + delete: + - emrwal:DeleteWorkspace + list: + - emrwal:ListWorkspaces + update: + - emrwal:TagResource + - emrwal:UntagResource + - emrwal:ListTagsForResource + x-stackQL-resources: + security_configurations: + name: security_configurations + id: awscc.emr.security_configurations + x-cfn-schema-name: SecurityConfiguration + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::SecurityConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::SecurityConfiguration' + AND region = 'us-east-1' + security_configuration: + name: security_configuration + id: awscc.emr.security_configuration + x-cfn-schema-name: SecurityConfiguration + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SecurityConfiguration') as security_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::SecurityConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SecurityConfiguration') as security_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::SecurityConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + steps: + name: steps + id: awscc.emr.steps + x-cfn-schema-name: Step + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::Step' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::Step' + AND region = 'us-east-1' + step: + name: step + id: awscc.emr.step + x-cfn-schema-name: Step + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ActionOnFailure') as action_on_failure, + JSON_EXTRACT(Properties, '$.HadoopJarStep') as hadoop_jar_step, + JSON_EXTRACT(Properties, '$.JobFlowId') as job_flow_id, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::Step' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ActionOnFailure') as action_on_failure, + json_extract_path_text(Properties, 'HadoopJarStep') as hadoop_jar_step, + json_extract_path_text(Properties, 'JobFlowId') as job_flow_id, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::Step' + AND data__Identifier = '' + AND region = 'us-east-1' + studios: + name: studios + id: awscc.emr.studios + x-cfn-schema-name: Studio + x-type: list + x-identifiers: + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::Studio' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::Studio' + AND region = 'us-east-1' + studio: + name: studio + id: awscc.emr.studio + x-cfn-schema-name: Studio + x-type: get + x-identifiers: + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AuthMode') as auth_mode, + JSON_EXTRACT(Properties, '$.DefaultS3Location') as default_s3_location, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EngineSecurityGroupId') as engine_security_group_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ServiceRole') as service_role, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Url') as url, + JSON_EXTRACT(Properties, '$.UserRole') as user_role, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.WorkspaceSecurityGroupId') as workspace_security_group_id, + JSON_EXTRACT(Properties, '$.IdpAuthUrl') as idp_auth_url, + JSON_EXTRACT(Properties, '$.IdpRelayStateParameterName') as idp_relay_state_parameter_name, + JSON_EXTRACT(Properties, '$.TrustedIdentityPropagationEnabled') as trusted_identity_propagation_enabled, + JSON_EXTRACT(Properties, '$.IdcUserAssignment') as idc_user_assignment, + JSON_EXTRACT(Properties, '$.IdcInstanceArn') as idc_instance_arn, + JSON_EXTRACT(Properties, '$.EncryptionKeyArn') as encryption_key_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::Studio' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AuthMode') as auth_mode, + json_extract_path_text(Properties, 'DefaultS3Location') as default_s3_location, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EngineSecurityGroupId') as engine_security_group_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ServiceRole') as service_role, + json_extract_path_text(Properties, 'StudioId') as studio_id, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Url') as url, + json_extract_path_text(Properties, 'UserRole') as user_role, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'WorkspaceSecurityGroupId') as workspace_security_group_id, + json_extract_path_text(Properties, 'IdpAuthUrl') as idp_auth_url, + json_extract_path_text(Properties, 'IdpRelayStateParameterName') as idp_relay_state_parameter_name, + json_extract_path_text(Properties, 'TrustedIdentityPropagationEnabled') as trusted_identity_propagation_enabled, + json_extract_path_text(Properties, 'IdcUserAssignment') as idc_user_assignment, + json_extract_path_text(Properties, 'IdcInstanceArn') as idc_instance_arn, + json_extract_path_text(Properties, 'EncryptionKeyArn') as encryption_key_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::Studio' + AND data__Identifier = '' + AND region = 'us-east-1' + studio_session_mappings: + name: studio_session_mappings + id: awscc.emr.studio_session_mappings + x-cfn-schema-name: StudioSessionMapping + x-type: list + x-identifiers: + - StudioId + - IdentityType + - IdentityName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id, + JSON_EXTRACT(Properties, '$.IdentityType') as identity_type, + JSON_EXTRACT(Properties, '$.IdentityName') as identity_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::StudioSessionMapping' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StudioId') as studio_id, + json_extract_path_text(Properties, 'IdentityType') as identity_type, + json_extract_path_text(Properties, 'IdentityName') as identity_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::StudioSessionMapping' + AND region = 'us-east-1' + studio_session_mapping: + name: studio_session_mapping + id: awscc.emr.studio_session_mapping + x-cfn-schema-name: StudioSessionMapping + x-type: get + x-identifiers: + - StudioId + - IdentityType + - IdentityName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityName') as identity_name, + JSON_EXTRACT(Properties, '$.IdentityType') as identity_type, + JSON_EXTRACT(Properties, '$.SessionPolicyArn') as session_policy_arn, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::StudioSessionMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityName') as identity_name, + json_extract_path_text(Properties, 'IdentityType') as identity_type, + json_extract_path_text(Properties, 'SessionPolicyArn') as session_policy_arn, + json_extract_path_text(Properties, 'StudioId') as studio_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::StudioSessionMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + wal_workspaces: + name: wal_workspaces + id: awscc.emr.wal_workspaces + x-cfn-schema-name: WALWorkspace + x-type: list + x-identifiers: + - WALWorkspaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WALWorkspaceName') as w_al_workspace_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::WALWorkspace' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WALWorkspaceName') as w_al_workspace_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMR::WALWorkspace' + AND region = 'us-east-1' + wal_workspace: + name: wal_workspace + id: awscc.emr.wal_workspace + x-cfn-schema-name: WALWorkspace + x-type: get + x-identifiers: + - WALWorkspaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WALWorkspaceName') as w_al_workspace_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::WALWorkspace' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WALWorkspaceName') as w_al_workspace_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMR::WALWorkspace' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/emrcontainers.yaml b/providers/src/awscc/v00.00.00000/services/emrcontainers.yaml new file mode 100644 index 00000000..492213b5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/emrcontainers.yaml @@ -0,0 +1,174 @@ +openapi: 3.0.0 +info: + title: EMRContainers + version: 1.0.0 +paths: {} +components: + schemas: + ContainerProvider: + type: object + additionalProperties: false + properties: + Type: + description: The type of the container provider + type: string + Id: + description: The ID of the container cluster + type: string + minLength: 1 + maxLength: 100 + pattern: ^[0-9A-Za-z][A-Za-z0-9\-_]* + Info: + $ref: '#/components/schemas/ContainerInfo' + required: + - Type + - Id + - Info + ContainerInfo: + type: object + additionalProperties: false + properties: + EksInfo: + $ref: '#/components/schemas/EksInfo' + required: + - EksInfo + EksInfo: + type: object + additionalProperties: false + properties: + Namespace: + type: string + minLength: 1 + maxLength: 63 + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?' + required: + - Namespace + Tag: + description: An arbitrary set of tags (key-value pairs) for this virtual cluster. + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + Value: + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + required: + - Value + - Key + VirtualCluster: + type: object + properties: + Arn: + type: string + ContainerProvider: + description: Container provider of the virtual cluster. + $ref: '#/components/schemas/ContainerProvider' + Id: + description: Id of the virtual cluster. + type: string + minLength: 1 + maxLength: 64 + Name: + description: Name of the virtual cluster. + type: string + minLength: 1 + maxLength: 64 + pattern: '[\.\-_/#A-Za-z0-9]+' + Tags: + description: An array of key-value pairs to apply to this virtual cluster. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - ContainerProvider + x-stackql-resource-name: virtual_cluster + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ContainerProvider + - Name + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - emr-containers:CreateVirtualCluster + - emr-containers:TagResource + - iam:CreateServiceLinkedRole + read: + - emr-containers:DescribeVirtualCluster + delete: + - emr-containers:DeleteVirtualCluster + list: + - emr-containers:ListVirtualClusters + update: + - emr-containers:DescribeVirtualCluster + - emr-containers:ListTagsForResource + - emr-containers:TagResource + - emr-containers:UntagResource + x-stackQL-resources: + virtual_clusters: + name: virtual_clusters + id: awscc.emrcontainers.virtual_clusters + x-cfn-schema-name: VirtualCluster + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMRContainers::VirtualCluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMRContainers::VirtualCluster' + AND region = 'us-east-1' + virtual_cluster: + name: virtual_cluster + id: awscc.emrcontainers.virtual_cluster + x-cfn-schema-name: VirtualCluster + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ContainerProvider') as container_provider, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMRContainers::VirtualCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ContainerProvider') as container_provider, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMRContainers::VirtualCluster' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/emrserverless.yaml b/providers/src/awscc/v00.00.00000/services/emrserverless.yaml new file mode 100644 index 00000000..55433cc3 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/emrserverless.yaml @@ -0,0 +1,562 @@ +openapi: 3.0.0 +info: + title: EMRServerless + version: 1.0.0 +paths: {} +components: + schemas: + Architecture: + description: The cpu architecture of an application. + enum: + - ARM64 + - X86_64 + type: string + ImageConfigurationInput: + type: object + description: The image configuration. + properties: + ImageUri: + type: string + maxLength: 1024 + minLength: 1 + pattern: ^([a-z0-9]+[a-z0-9-.]*)\/((?:[a-z0-9]+(?:[._-][a-z0-9]+)*\/)*[a-z0-9]+(?:[._-][a-z0-9]+)*)(?:\:([a-zA-Z0-9_][a-zA-Z0-9-._]{0,299})|@(sha256:[0-9a-f]{64}))$ + description: The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration. + additionalProperties: false + ConfigurationList: + type: array + description: Runtime configuration for batch and interactive JobRun. + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConfigurationObject' + MonitoringConfiguration: + type: object + description: Monitoring configuration for batch and interactive JobRun. + additionalProperties: false + properties: + S3MonitoringConfiguration: + description: S3 monitoring configurations for a JobRun. + $ref: '#/components/schemas/S3MonitoringConfiguration' + ManagedPersistenceMonitoringConfiguration: + description: Managed log persistence configurations for a JobRun. + $ref: '#/components/schemas/ManagedPersistenceMonitoringConfiguration' + CloudWatchLoggingConfiguration: + description: CloudWatch logging configurations for a JobRun. + $ref: '#/components/schemas/CloudWatchLoggingConfiguration' + S3MonitoringConfiguration: + additionalProperties: false + properties: + LogUri: + $ref: '#/components/schemas/UriString' + EncryptionKeyArn: + description: KMS key ARN to encrypt the logs stored in given s3 + $ref: '#/components/schemas/EncryptionKeyArn' + ManagedPersistenceMonitoringConfiguration: + additionalProperties: false + properties: + Enabled: + description: If set to false, managed logging will be turned off. Defaults to true. + type: boolean + default: true + EncryptionKeyArn: + description: KMS key ARN to encrypt the logs stored in managed persistence + $ref: '#/components/schemas/EncryptionKeyArn' + CloudWatchLoggingConfiguration: + additionalProperties: false + properties: + Enabled: + description: If set to false, CloudWatch logging will be turned off. Defaults to false. + type: boolean + default: false + LogGroupName: + description: Log-group name to produce log-streams on CloudWatch. If undefined, logs will be produced in a default log-group /aws/emr-serverless + $ref: '#/components/schemas/LogGroupName' + LogStreamNamePrefix: + description: Log-stream name prefix by which log-stream names will start in the CloudWatch Log-group. + $ref: '#/components/schemas/LogStreamNamePrefix' + EncryptionKeyArn: + description: KMS key ARN to encrypt the logs stored in given CloudWatch log-group. + $ref: '#/components/schemas/EncryptionKeyArn' + LogTypeMap: + description: The specific log-streams which need to be uploaded to CloudWatch. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/LogTypeMapKeyValuePair' + LogTypeMapKeyValuePair: + type: object + additionalProperties: false + properties: + Key: + $ref: '#/components/schemas/WorkerTypeString' + Value: + $ref: '#/components/schemas/LogTypeList' + required: + - Key + - Value + LogTypeList: + description: 'List of Applicable values: [STDOUT, STDERR, HIVE_LOG, TEZ_AM, SYSTEM_LOGS]' + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 5 + items: + $ref: '#/components/schemas/LogTypeString' + InitialCapacityConfigMap: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/InitialCapacityConfigKeyValuePair' + InitialCapacityConfigKeyValuePair: + type: object + additionalProperties: false + properties: + Key: + description: Worker type for an analytics framework. + type: string + minLength: 1 + maxLength: 50 + pattern: ^[a-zA-Z]+[-_]*[a-zA-Z]+$ + Value: + $ref: '#/components/schemas/InitialCapacityConfig' + required: + - Key + - Value + InitialCapacityConfig: + type: object + additionalProperties: false + properties: + WorkerCount: + description: Initial count of workers to be initialized when an Application is started. This count will be continued to be maintained until the Application is stopped + type: integer + format: int64 + minimum: 1 + maximum: 1000000 + WorkerConfiguration: + $ref: '#/components/schemas/WorkerConfiguration' + required: + - WorkerCount + - WorkerConfiguration + WorkerConfiguration: + type: object + additionalProperties: false + properties: + Cpu: + description: Per worker CPU resource. vCPU is the only supported unit and specifying vCPU is optional. + $ref: '#/components/schemas/CpuSize' + Memory: + description: Per worker memory resource. GB is the only supported unit and specifying GB is optional. + $ref: '#/components/schemas/MemorySize' + Disk: + description: Per worker Disk resource. GB is the only supported unit and specifying GB is optional + $ref: '#/components/schemas/DiskSize' + required: + - Cpu + - Memory + MaximumAllowedResources: + type: object + additionalProperties: false + properties: + Cpu: + description: Per worker CPU resource. vCPU is the only supported unit and specifying vCPU is optional. + $ref: '#/components/schemas/CpuSize' + Memory: + description: Per worker memory resource. GB is the only supported unit and specifying GB is optional. + $ref: '#/components/schemas/MemorySize' + Disk: + description: Per worker Disk resource. GB is the only supported unit and specifying GB is optional + $ref: '#/components/schemas/DiskSize' + required: + - Cpu + - Memory + AutoStartConfiguration: + description: Configuration for Auto Start of Application + type: object + additionalProperties: false + properties: + Enabled: + description: If set to true, the Application will automatically start. Defaults to true. + type: boolean + default: true + required: [] + AutoStopConfiguration: + description: Configuration for Auto Stop of Application + type: object + additionalProperties: false + properties: + Enabled: + description: If set to true, the Application will automatically stop after being idle. Defaults to true. + type: boolean + default: true + IdleTimeoutMinutes: + type: integer + description: The amount of time [in minutes] to wait before auto stopping the Application when idle. Defaults to 15 minutes. + required: [] + NetworkConfiguration: + type: object + additionalProperties: false + properties: + SubnetIds: + description: The ID of the subnets in the VPC to which you want to connect your job or application. + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 16 + items: + $ref: '#/components/schemas/SubnetId' + SecurityGroupIds: + description: The ID of the security groups in the VPC to which you want to connect your job or application. + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 5 + items: + $ref: '#/components/schemas/SecurityGroupId' + required: [] + SubnetId: + description: Identifier of a subnet + type: string + minLength: 1 + maxLength: 32 + pattern: ^[-0-9a-zA-Z]+ + SecurityGroupId: + description: Identifier of a security group + type: string + minLength: 1 + maxLength: 32 + pattern: ^[-0-9a-zA-Z]+ + UriString: + type: string + maxLength: 10280 + minLength: 1 + pattern: '[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDBFF-\uDC00\uDFFF\r\n\t]*' + EncryptionKeyArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:(aws[a-zA-Z0-9-]*):kms:[a-zA-Z0-9\-]*:(\d{12})?:key\/[a-zA-Z0-9-]+$ + Classification: + type: string + maxLength: 1024 + minLength: 1 + pattern: .*\S.* + LogGroupName: + type: string + maxLength: 512 + minLength: 1 + pattern: ^[\.\-_/#A-Za-z0-9]+$ + LogStreamNamePrefix: + type: string + maxLength: 512 + minLength: 1 + pattern: ^[^:*]*$ + LogTypeString: + type: string + maxLength: 50 + minLength: 1 + pattern: ^[a-zA-Z]+[-_]*[a-zA-Z]+$ + WorkerTypeString: + type: string + maxLength: 50 + minLength: 1 + pattern: ^[a-zA-Z]+[-_]*[a-zA-Z]+$ + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 128 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + pattern: ^[A-Za-z0-9 /_.:=+@-]+$ + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + pattern: ^[A-Za-z0-9 /_.:=+@-]*$ + required: + - Key + - Value + ConfigurationObject: + type: object + description: Configuration for a JobRun. + additionalProperties: false + properties: + Classification: + description: String with a maximum length of 1024. + $ref: '#/components/schemas/Classification' + Properties: + type: object + additionalProperties: false + x-patternProperties: + ^[a-zA-Z]+[-a-zA-Z0-9_.]*$: + $ref: '#/components/schemas/SensitivePropertiesMap' + Configurations: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConfigurationObject' + required: + - Classification + SensitivePropertiesMap: + type: string + minLength: 1 + maxLength: 1024 + pattern: .*\S.* + SensitivePropertiesKeyValuePair: + type: string + minLength: 1 + maxLength: 1024 + pattern: .*\S.* + CpuSize: + description: Per worker CPU resource. vCPU is the only supported unit and specifying vCPU is optional. + type: string + minLength: 1 + maxLength: 15 + pattern: ^[1-9][0-9]*(\s)?(vCPU|vcpu|VCPU)?$ + MemorySize: + description: Per worker memory resource. GB is the only supported unit and specifying GB is optional. + type: string + minLength: 1 + maxLength: 15 + pattern: ^[1-9][0-9]*(\s)?(GB|gb|gB|Gb)?$ + DiskSize: + description: Per worker Disk resource. GB is the only supported unit and specifying GB is optional + type: string + minLength: 1 + maxLength: 15 + pattern: ^[1-9][0-9]*(\s)?(GB|gb|gB|Gb)$ + WorkerTypeSpecificationInput: + type: object + description: The specifications for a worker type. + properties: + ImageConfiguration: + $ref: '#/components/schemas/ImageConfigurationInput' + additionalProperties: false + WorkerTypeSpecificationInputMap: + type: object + x-patternProperties: + ^[a-zA-Z]+[-_]*[a-zA-Z]+$: + $ref: '#/components/schemas/WorkerTypeSpecificationInput' + additionalProperties: false + Application: + type: object + properties: + Architecture: + $ref: '#/components/schemas/Architecture' + Name: + description: User friendly Application name. + type: string + minLength: 1 + maxLength: 64 + pattern: ^[A-Za-z0-9._\/#-]+$ + ReleaseLabel: + description: EMR release label. + type: string + minLength: 1 + maxLength: 64 + pattern: ^[A-Za-z0-9._/-]+$ + Type: + description: The type of the application + type: string + InitialCapacity: + description: Initial capacity initialized when an Application is started. + $ref: '#/components/schemas/InitialCapacityConfigMap' + MaximumCapacity: + description: Maximum allowed cumulative resources for an Application. No new resources will be created once the limit is hit. + $ref: '#/components/schemas/MaximumAllowedResources' + Tags: + description: Tag map with key and value + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AutoStartConfiguration: + description: Configuration for Auto Start of Application. + $ref: '#/components/schemas/AutoStartConfiguration' + AutoStopConfiguration: + description: Configuration for Auto Stop of Application. + $ref: '#/components/schemas/AutoStopConfiguration' + ImageConfiguration: + $ref: '#/components/schemas/ImageConfigurationInput' + MonitoringConfiguration: + $ref: '#/components/schemas/MonitoringConfiguration' + RuntimeConfiguration: + $ref: '#/components/schemas/ConfigurationList' + NetworkConfiguration: + description: Network Configuration for customer VPC connectivity. + $ref: '#/components/schemas/NetworkConfiguration' + Arn: + description: The Amazon Resource Name (ARN) of the EMR Serverless Application. + type: string + ApplicationId: + description: The ID of the EMR Serverless Application. + type: string + minLength: 1 + maxLength: 64 + WorkerTypeSpecifications: + description: The key-value pairs that specify worker type to WorkerTypeSpecificationInput. This parameter must contain all valid worker types for a Spark or Hive application. Valid worker types include Driver and Executor for Spark applications and HiveDriver and TezTask for Hive applications. You can either set image details in this parameter for each worker type, or in imageConfiguration for all worker types. + $ref: '#/components/schemas/WorkerTypeSpecificationInputMap' + required: + - ReleaseLabel + - Type + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationId + x-create-only-properties: + - Name + - Type + x-read-only-properties: + - Arn + - ApplicationId + x-required-permissions: + create: + - kms:Create* + - kms:Describe* + - kms:Enable* + - kms:List* + - kms:Put* + - kms:Update* + - kms:Revoke* + - kms:Disable* + - kms:Get* + - kms:Delete* + - kms:ScheduleKeyDeletion + - kms:CancelKeyDeletion + - kms:GenerateDataKey + - kms:TagResource + - kms:UntagResource + - kms:Decrypt + - emr-serverless:CreateApplication + - emr-serverless:TagResource + - emr-serverless:GetApplication + - iam:CreateServiceLinkedRole + - ec2:CreateNetworkInterface + - ecr:BatchGetImage + - ecr:DescribeImages + - ecr:GetDownloadUrlForLayer + read: + - emr-serverless:GetApplication + update: + - emr-serverless:UpdateApplication + - emr-serverless:TagResource + - emr-serverless:UntagResource + - emr-serverless:GetApplication + - ec2:CreateNetworkInterface + - ecr:BatchGetImage + - ecr:DescribeImages + - ecr:GetDownloadUrlForLayer + - kms:Create* + - kms:Describe* + - kms:Enable* + - kms:List* + - kms:Put* + - kms:Update* + - kms:Revoke* + - kms:Disable* + - kms:Get* + - kms:Delete* + - kms:ScheduleKeyDeletion + - kms:CancelKeyDeletion + - kms:GenerateDataKey + - kms:TagResource + - kms:UntagResource + - kms:Decrypt + delete: + - emr-serverless:DeleteApplication + - emr-serverless:GetApplication + list: + - emr-serverless:ListApplications + x-stackQL-resources: + applications: + name: applications + id: awscc.emrserverless.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMRServerless::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EMRServerless::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.emrserverless.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Architecture') as architecture, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ReleaseLabel') as release_label, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.InitialCapacity') as initial_capacity, + JSON_EXTRACT(Properties, '$.MaximumCapacity') as maximum_capacity, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AutoStartConfiguration') as auto_start_configuration, + JSON_EXTRACT(Properties, '$.AutoStopConfiguration') as auto_stop_configuration, + JSON_EXTRACT(Properties, '$.ImageConfiguration') as image_configuration, + JSON_EXTRACT(Properties, '$.MonitoringConfiguration') as monitoring_configuration, + JSON_EXTRACT(Properties, '$.RuntimeConfiguration') as runtime_configuration, + JSON_EXTRACT(Properties, '$.NetworkConfiguration') as network_configuration, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.WorkerTypeSpecifications') as worker_type_specifications + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMRServerless::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Architecture') as architecture, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ReleaseLabel') as release_label, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'InitialCapacity') as initial_capacity, + json_extract_path_text(Properties, 'MaximumCapacity') as maximum_capacity, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AutoStartConfiguration') as auto_start_configuration, + json_extract_path_text(Properties, 'AutoStopConfiguration') as auto_stop_configuration, + json_extract_path_text(Properties, 'ImageConfiguration') as image_configuration, + json_extract_path_text(Properties, 'MonitoringConfiguration') as monitoring_configuration, + json_extract_path_text(Properties, 'RuntimeConfiguration') as runtime_configuration, + json_extract_path_text(Properties, 'NetworkConfiguration') as network_configuration, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'WorkerTypeSpecifications') as worker_type_specifications + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EMRServerless::Application' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/entityresolution.yaml b/providers/src/awscc/v00.00.00000/services/entityresolution.yaml new file mode 100644 index 00000000..8ef6d2e7 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/entityresolution.yaml @@ -0,0 +1,707 @@ +openapi: 3.0.0 +info: + title: EntityResolution + version: 1.0.0 +paths: {} +components: + schemas: + EntityName: + type: string + pattern: ^[a-zA-Z_0-9-]*$ + minLength: 0 + maxLength: 255 + Description: + type: string + minLength: 0 + maxLength: 255 + AttributeName: + type: string + pattern: ^[a-zA-Z_0-9- \t]*$ + minLength: 0 + maxLength: 255 + SchemaMappingArn: + description: The SchemaMapping arn associated with the Schema + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):entityresolution:.*:[0-9]+:(schemamapping/.*)$ + KMSArn: + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):kms:.*:[0-9]+:.*$ + IdMappingWorkflowArn: + description: The default IdMappingWorkflow arn + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):entityresolution:.*:[0-9]+:(idmappingworkflow/.*)$ + CreatedAt: + description: The time of this SchemaMapping got created + type: string + UpdatedAt: + description: The time of this SchemaMapping got last updated at + type: string + IdMappingWorkflowInputSource: + type: object + properties: + InputSourceARN: + description: An Glue table ARN for the input source table + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):.*:.*:[0-9]+:.*$ + SchemaArn: + type: string + $ref: '#/components/schemas/SchemaMappingArn' + required: + - InputSourceARN + - SchemaArn + additionalProperties: false + IdMappingWorkflowOutputSource: + type: object + properties: + OutputS3Path: + description: The S3 path to which Entity Resolution will write the output table + type: string + pattern: ^s3://([^/]+)/?(.*?([^/]+)/?)$ + KMSArn: + $ref: '#/components/schemas/KMSArn' + required: + - OutputS3Path + additionalProperties: false + IdMappingTechniques: + type: object + properties: + IdMappingType: + type: string + enum: + - PROVIDER + ProviderProperties: + $ref: '#/components/schemas/ProviderProperties' + additionalProperties: false + ProviderProperties: + type: object + properties: + ProviderServiceArn: + type: string + description: Arn of the Provider service being used. + ProviderConfiguration: + type: object + additionalProperties: false + x-patternProperties: + ^.+$: + type: string + description: Additional Provider configuration that would be required for the provider service. The Configuration must be in JSON string format + IntermediateSourceConfiguration: + $ref: '#/components/schemas/IntermediateSourceConfiguration' + required: + - ProviderServiceArn + additionalProperties: false + IntermediateSourceConfiguration: + type: object + properties: + IntermediateS3Path: + type: string + description: The s3 path that would be used to stage the intermediate data being generated during workflow execution. + required: + - IntermediateS3Path + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + IdMappingWorkflow: + type: object + properties: + WorkflowName: + description: The name of the IdMappingWorkflow + $ref: '#/components/schemas/EntityName' + Description: + description: The description of the IdMappingWorkflow + $ref: '#/components/schemas/Description' + InputSourceConfig: + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 20 + items: + $ref: '#/components/schemas/IdMappingWorkflowInputSource' + OutputSourceConfig: + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/IdMappingWorkflowOutputSource' + IdMappingTechniques: + $ref: '#/components/schemas/IdMappingTechniques' + RoleArn: + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + Tags: + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + WorkflowArn: + $ref: '#/components/schemas/IdMappingWorkflowArn' + CreatedAt: + $ref: '#/components/schemas/CreatedAt' + UpdatedAt: + $ref: '#/components/schemas/UpdatedAt' + required: + - WorkflowName + - InputSourceConfig + - OutputSourceConfig + - IdMappingTechniques + - RoleArn + x-stackql-resource-name: id_mapping_workflow + x-stackql-primaryIdentifier: + - WorkflowName + x-create-only-properties: + - WorkflowName + x-read-only-properties: + - WorkflowArn + - UpdatedAt + - CreatedAt + x-required-permissions: + create: + - entityresolution:CreateIdMappingWorkflow + - entityresolution:GetIdMappingWorkflow + - entityresolution:TagResource + - kms:CreateGrant + - kms:DescribeKey + - iam:PassRole + update: + - entityresolution:GetIdMappingWorkflow + - entityresolution:UpdateIdMappingWorkflow + - entityresolution:ListTagsForResource + - entityresolution:TagResource + - entityresolution:UntagResource + - iam:PassRole + - kms:CreateGrant + - kms:DescribeKey + read: + - entityresolution:GetIdMappingWorkflow + - entityresolution:ListTagsForResource + delete: + - entityresolution:DeleteIdMappingWorkflow + - entityresolution:GetIdMappingWorkflow + - entityresolution:UntagResource + list: + - entityresolution:ListIdMappingWorkflows + MatchingWorkflowArn: + description: The default MatchingWorkflow arn + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):entityresolution:.*:[0-9]+:(matchingworkflow/.*)$ + InputSource: + type: object + properties: + InputSourceARN: + description: An Glue table ARN for the input source table + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):.*:.*:[0-9]+:.*$ + SchemaArn: + type: string + $ref: '#/components/schemas/SchemaMappingArn' + ApplyNormalization: + type: boolean + required: + - InputSourceARN + - SchemaArn + additionalProperties: false + OutputSource: + type: object + properties: + OutputS3Path: + description: The S3 path to which Entity Resolution will write the output table + type: string + pattern: ^s3://([^/]+)/?(.*?([^/]+)/?)$ + Output: + type: array + x-insertionOrder: false + minItems: 0 + maxItems: 750 + items: + $ref: '#/components/schemas/OutputAttribute' + KMSArn: + $ref: '#/components/schemas/KMSArn' + ApplyNormalization: + type: boolean + required: + - Output + - OutputS3Path + additionalProperties: false + OutputAttribute: + type: object + properties: + Name: + $ref: '#/components/schemas/AttributeName' + Hashed: + type: boolean + required: + - Name + additionalProperties: false + ResolutionTechniques: + type: object + properties: + ResolutionType: + type: string + enum: + - RULE_MATCHING + - ML_MATCHING + - PROVIDER + RuleBasedProperties: + $ref: '#/components/schemas/RuleBasedProperties' + ProviderProperties: + $ref: '#/components/schemas/ProviderProperties' + additionalProperties: false + RuleBasedProperties: + type: object + properties: + Rules: + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 15 + items: + $ref: '#/components/schemas/Rule' + AttributeMatchingModel: + type: string + enum: + - ONE_TO_ONE + - MANY_TO_MANY + required: + - AttributeMatchingModel + - Rules + additionalProperties: false + Rule: + type: object + properties: + RuleName: + type: string + pattern: ^[a-zA-Z_0-9- \t]*$ + minLength: 0 + maxLength: 255 + MatchingKeys: + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 15 + items: + $ref: '#/components/schemas/AttributeName' + required: + - RuleName + - MatchingKeys + additionalProperties: false + MatchingWorkflow: + type: object + properties: + WorkflowName: + description: The name of the MatchingWorkflow + $ref: '#/components/schemas/EntityName' + Description: + description: The description of the MatchingWorkflow + $ref: '#/components/schemas/Description' + InputSourceConfig: + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 20 + items: + $ref: '#/components/schemas/InputSource' + OutputSourceConfig: + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/OutputSource' + ResolutionTechniques: + $ref: '#/components/schemas/ResolutionTechniques' + RoleArn: + type: string + pattern: ^arn:(aws|aws-us-gov|aws-cn):iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + Tags: + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + WorkflowArn: + $ref: '#/components/schemas/MatchingWorkflowArn' + CreatedAt: + $ref: '#/components/schemas/CreatedAt' + UpdatedAt: + $ref: '#/components/schemas/UpdatedAt' + required: + - WorkflowName + - InputSourceConfig + - OutputSourceConfig + - ResolutionTechniques + - RoleArn + x-stackql-resource-name: matching_workflow + x-stackql-primaryIdentifier: + - WorkflowName + x-create-only-properties: + - WorkflowName + x-read-only-properties: + - WorkflowArn + - UpdatedAt + - CreatedAt + x-required-permissions: + create: + - entityresolution:CreateMatchingWorkflow + - entityresolution:GetMatchingWorkflow + - entityresolution:TagResource + - kms:CreateGrant + - kms:DescribeKey + - iam:PassRole + read: + - entityresolution:GetMatchingWorkflow + - entityresolution:ListTagsForResource + delete: + - entityresolution:DeleteMatchingWorkflow + - entityresolution:GetMatchingWorkflow + - entityresolution:UntagResource + list: + - entityresolution:ListMatchingWorkflows + update: + - entityresolution:GetMatchingWorkflow + - entityresolution:UpdateMatchingWorkflow + - entityresolution:ListTagsForResource + - entityresolution:TagResource + - entityresolution:UntagResource + - iam:PassRole + - kms:CreateGrant + - kms:DescribeKey + SchemaAttributeType: + type: string + enum: + - NAME + - NAME_FIRST + - NAME_MIDDLE + - NAME_LAST + - ADDRESS + - ADDRESS_STREET1 + - ADDRESS_STREET2 + - ADDRESS_STREET3 + - ADDRESS_CITY + - ADDRESS_STATE + - ADDRESS_COUNTRY + - ADDRESS_POSTALCODE + - PHONE + - PHONE_NUMBER + - PHONE_COUNTRYCODE + - EMAIL_ADDRESS + - UNIQUE_ID + - DATE + - STRING + - PROVIDER_ID + MappedInputFields: + type: array + items: + $ref: '#/components/schemas/SchemaInputAttribute' + minItems: 2 + maxItems: 25 + x-insertionOrder: false + SchemaInputAttribute: + type: object + properties: + FieldName: + $ref: '#/components/schemas/AttributeName' + Type: + $ref: '#/components/schemas/SchemaAttributeType' + SubType: + type: string + description: The subtype of the Attribute. Would be required only when type is PROVIDER_ID + GroupName: + $ref: '#/components/schemas/AttributeName' + MatchKey: + $ref: '#/components/schemas/AttributeName' + required: + - FieldName + - Type + additionalProperties: false + HasWorkflows: + description: The boolean value that indicates whether or not a SchemaMapping has MatchingWorkflows that are associated with + type: boolean + SchemaMapping: + type: object + properties: + SchemaName: + description: The name of the SchemaMapping + $ref: '#/components/schemas/EntityName' + Description: + description: The description of the SchemaMapping + $ref: '#/components/schemas/Description' + MappedInputFields: + description: The SchemaMapping attributes input + $ref: '#/components/schemas/MappedInputFields' + Tags: + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + SchemaArn: + $ref: '#/components/schemas/SchemaMappingArn' + CreatedAt: + $ref: '#/components/schemas/CreatedAt' + UpdatedAt: + $ref: '#/components/schemas/UpdatedAt' + HasWorkflows: + $ref: '#/components/schemas/HasWorkflows' + required: + - SchemaName + - MappedInputFields + x-stackql-resource-name: schema_mapping + x-stackql-primaryIdentifier: + - SchemaName + x-create-only-properties: + - SchemaName + x-read-only-properties: + - SchemaArn + - CreatedAt + - UpdatedAt + - HasWorkflows + x-required-permissions: + create: + - entityresolution:CreateSchemaMapping + - entityresolution:GetSchemaMapping + - entityresolution:TagResource + read: + - entityresolution:GetSchemaMapping + - entityresolution:ListTagsForResource + delete: + - entityresolution:DeleteSchemaMapping + - entityresolution:GetSchemaMapping + update: + - entityresolution:GetSchemaMapping + - entityresolution:UpdateSchemaMapping + - entityresolution:ListTagsForResource + - entityresolution:TagResource + - entityresolution:UntagResource + list: + - entityresolution:ListSchemaMappings + x-stackQL-resources: + id_mapping_workflows: + name: id_mapping_workflows + id: awscc.entityresolution.id_mapping_workflows + x-cfn-schema-name: IdMappingWorkflow + x-type: list + x-identifiers: + - WorkflowName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkflowName') as workflow_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EntityResolution::IdMappingWorkflow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkflowName') as workflow_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EntityResolution::IdMappingWorkflow' + AND region = 'us-east-1' + id_mapping_workflow: + name: id_mapping_workflow + id: awscc.entityresolution.id_mapping_workflow + x-cfn-schema-name: IdMappingWorkflow + x-type: get + x-identifiers: + - WorkflowName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkflowName') as workflow_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.InputSourceConfig') as input_source_config, + JSON_EXTRACT(Properties, '$.OutputSourceConfig') as output_source_config, + JSON_EXTRACT(Properties, '$.IdMappingTechniques') as id_mapping_techniques, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.WorkflowArn') as workflow_arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EntityResolution::IdMappingWorkflow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkflowName') as workflow_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'InputSourceConfig') as input_source_config, + json_extract_path_text(Properties, 'OutputSourceConfig') as output_source_config, + json_extract_path_text(Properties, 'IdMappingTechniques') as id_mapping_techniques, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'WorkflowArn') as workflow_arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EntityResolution::IdMappingWorkflow' + AND data__Identifier = '' + AND region = 'us-east-1' + matching_workflows: + name: matching_workflows + id: awscc.entityresolution.matching_workflows + x-cfn-schema-name: MatchingWorkflow + x-type: list + x-identifiers: + - WorkflowName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkflowName') as workflow_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EntityResolution::MatchingWorkflow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkflowName') as workflow_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EntityResolution::MatchingWorkflow' + AND region = 'us-east-1' + matching_workflow: + name: matching_workflow + id: awscc.entityresolution.matching_workflow + x-cfn-schema-name: MatchingWorkflow + x-type: get + x-identifiers: + - WorkflowName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkflowName') as workflow_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.InputSourceConfig') as input_source_config, + JSON_EXTRACT(Properties, '$.OutputSourceConfig') as output_source_config, + JSON_EXTRACT(Properties, '$.ResolutionTechniques') as resolution_techniques, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.WorkflowArn') as workflow_arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EntityResolution::MatchingWorkflow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkflowName') as workflow_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'InputSourceConfig') as input_source_config, + json_extract_path_text(Properties, 'OutputSourceConfig') as output_source_config, + json_extract_path_text(Properties, 'ResolutionTechniques') as resolution_techniques, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'WorkflowArn') as workflow_arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EntityResolution::MatchingWorkflow' + AND data__Identifier = '' + AND region = 'us-east-1' + schema_mappings: + name: schema_mappings + id: awscc.entityresolution.schema_mappings + x-cfn-schema-name: SchemaMapping + x-type: list + x-identifiers: + - SchemaName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SchemaName') as schema_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EntityResolution::SchemaMapping' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SchemaName') as schema_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EntityResolution::SchemaMapping' + AND region = 'us-east-1' + schema_mapping: + name: schema_mapping + id: awscc.entityresolution.schema_mapping + x-cfn-schema-name: SchemaMapping + x-type: get + x-identifiers: + - SchemaName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SchemaName') as schema_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.MappedInputFields') as mapped_input_fields, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.SchemaArn') as schema_arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.HasWorkflows') as has_workflows + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EntityResolution::SchemaMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SchemaName') as schema_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'MappedInputFields') as mapped_input_fields, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'SchemaArn') as schema_arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'HasWorkflows') as has_workflows + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EntityResolution::SchemaMapping' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/events.yaml b/providers/src/awscc/v00.00.00000/services/events.yaml new file mode 100644 index 00000000..b5df800e --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/events.yaml @@ -0,0 +1,1267 @@ +openapi: 3.0.0 +info: + title: Events + version: 1.0.0 +paths: {} +components: + schemas: + ApiDestination: + type: object + properties: + Name: + description: Name of the apiDestination. + type: string + minLength: 1 + maxLength: 64 + Description: + type: string + maxLength: 512 + ConnectionArn: + description: The arn of the connection. + type: string + Arn: + description: The arn of the api destination. + type: string + InvocationRateLimitPerSecond: + type: integer + minimum: 1 + InvocationEndpoint: + description: Url endpoint to invoke. + type: string + HttpMethod: + type: string + enum: + - GET + - HEAD + - POST + - OPTIONS + - PUT + - DELETE + - PATCH + required: + - ConnectionArn + - InvocationEndpoint + - HttpMethod + x-stackql-resource-name: api_destination + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - events:CreateApiDestination + - events:DescribeApiDestination + read: + - events:DescribeApiDestination + update: + - events:UpdateApiDestination + - events:DescribeApiDestination + delete: + - events:DeleteApiDestination + - events:DescribeApiDestination + list: + - events:ListApiDestinations + Archive: + type: object + properties: + ArchiveName: + type: string + minLength: 1 + maxLength: 48 + SourceArn: + type: string + Description: + type: string + EventPattern: + type: object + Arn: + type: string + RetentionDays: + type: integer + required: + - SourceArn + x-stackql-resource-name: archive + x-stackql-primaryIdentifier: + - ArchiveName + x-create-only-properties: + - ArchiveName + - SourceArn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - events:DescribeArchive + - events:CreateArchive + delete: + - events:DescribeArchive + - events:DeleteArchive + list: + - events:ListArchives + update: + - events:DescribeArchive + - events:UpdateArchive + read: + - events:DescribeArchive + AuthParameters: + type: object + minProperties: 1 + maxProperties: 2 + properties: + ApiKeyAuthParameters: + $ref: '#/components/schemas/ApiKeyAuthParameters' + BasicAuthParameters: + $ref: '#/components/schemas/BasicAuthParameters' + OAuthParameters: + $ref: '#/components/schemas/OAuthParameters' + InvocationHttpParameters: + $ref: '#/components/schemas/ConnectionHttpParameters' + oneOf: + - required: + - BasicAuthParameters + - required: + - OAuthParameters + - required: + - ApiKeyAuthParameters + additionalProperties: false + BasicAuthParameters: + type: object + properties: + Username: + type: string + Password: + type: string + required: + - Username + - Password + additionalProperties: false + OAuthParameters: + type: object + properties: + ClientParameters: + $ref: '#/components/schemas/ClientParameters' + AuthorizationEndpoint: + type: string + minLength: 1 + maxLength: 2048 + HttpMethod: + type: string + enum: + - GET + - POST + - PUT + OAuthHttpParameters: + $ref: '#/components/schemas/ConnectionHttpParameters' + required: + - ClientParameters + - AuthorizationEndpoint + - HttpMethod + additionalProperties: false + ApiKeyAuthParameters: + type: object + properties: + ApiKeyName: + type: string + ApiKeyValue: + type: string + required: + - ApiKeyName + - ApiKeyValue + additionalProperties: false + ClientParameters: + type: object + properties: + ClientID: + type: string + ClientSecret: + type: string + required: + - ClientID + - ClientSecret + additionalProperties: false + ConnectionHttpParameters: + type: object + properties: + HeaderParameters: + type: array + items: + $ref: '#/components/schemas/Parameter' + QueryStringParameters: + type: array + items: + $ref: '#/components/schemas/Parameter' + BodyParameters: + type: array + items: + $ref: '#/components/schemas/Parameter' + additionalProperties: false + Parameter: + type: object + properties: + Key: + type: string + Value: + type: string + IsValueSecret: + type: boolean + default: true + required: + - Key + - Value + additionalProperties: false + Connection: + type: object + properties: + Name: + description: Name of the connection. + type: string + minLength: 1 + maxLength: 64 + Arn: + description: The arn of the connection resource. + type: string + SecretArn: + description: The arn of the secrets manager secret created in the customer account. + type: string + Description: + description: Description of the connection. + type: string + maxLength: 512 + AuthorizationType: + type: string + enum: + - API_KEY + - BASIC + - OAUTH_CLIENT_CREDENTIALS + AuthParameters: + $ref: '#/components/schemas/AuthParameters' + x-stackql-resource-name: connection + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - SecretArn + x-required-permissions: + create: + - events:CreateConnection + - events:DescribeConnection + - secretsmanager:CreateSecret + - secretsmanager:GetSecretValue + - secretsmanager:PutSecretValue + - iam:CreateServiceLinkedRole + read: + - events:DescribeConnection + update: + - events:UpdateConnection + - events:DescribeConnection + - secretsmanager:CreateSecret + - secretsmanager:UpdateSecret + - secretsmanager:GetSecretValue + - secretsmanager:PutSecretValue + delete: + - events:DeleteConnection + - events:DescribeConnection + list: + - events:ListConnections + HealthCheck: + type: string + minLength: 1 + maxLength: 1600 + pattern: ^arn:aws([a-z]|\-)*:route53:::healthcheck/[\-a-z0-9]+$ + Primary: + type: object + additionalProperties: false + properties: + HealthCheck: + $ref: '#/components/schemas/HealthCheck' + required: + - HealthCheck + Route: + type: string + minLength: 9 + maxLength: 20 + pattern: ^[\-a-z0-9]+$ + Secondary: + type: object + additionalProperties: false + properties: + Route: + $ref: '#/components/schemas/Route' + required: + - Route + FailoverConfig: + type: object + additionalProperties: false + properties: + Primary: + $ref: '#/components/schemas/Primary' + Secondary: + $ref: '#/components/schemas/Secondary' + required: + - Primary + - Secondary + RoutingConfig: + type: object + additionalProperties: false + properties: + FailoverConfig: + $ref: '#/components/schemas/FailoverConfig' + required: + - FailoverConfig + EventBusArn: + type: string + minLength: 1 + maxLength: 512 + pattern: ^arn:aws[a-z-]*:events:[a-z]{2}-[a-z-]+-\d+:\d{12}:event-bus/[\w.-]+$ + EndpointEventBus: + type: object + additionalProperties: false + properties: + EventBusArn: + $ref: '#/components/schemas/EventBusArn' + required: + - EventBusArn + EventBuses: + type: array + x-insertionOrder: false + minItems: 2 + maxItems: 2 + items: + $ref: '#/components/schemas/EndpointEventBus' + ReplicationState: + type: string + enum: + - ENABLED + - DISABLED + ReplicationConfig: + type: object + additionalProperties: false + properties: + State: + $ref: '#/components/schemas/ReplicationState' + required: + - State + Endpoint: + type: object + properties: + Name: + type: string + minLength: 1 + maxLength: 64 + pattern: ^[\.\-_A-Za-z0-9]+$ + Arn: + type: string + minLength: 1 + maxLength: 1600 + pattern: ^arn:aws([a-z]|\-)*:events:([a-z]|\d|\-)*:([0-9]{12})?:endpoint\/[/\.\-_A-Za-z0-9]+$ + RoleArn: + type: string + minLength: 1 + maxLength: 256 + pattern: ^arn:aws[a-z-]*:iam::\d{12}:role\/[\w+=,.@/-]+$ + Description: + type: string + maxLength: 512 + pattern: .* + RoutingConfig: + $ref: '#/components/schemas/RoutingConfig' + ReplicationConfig: + $ref: '#/components/schemas/ReplicationConfig' + EventBuses: + $ref: '#/components/schemas/EventBuses' + EndpointId: + type: string + minLength: 1 + maxLength: 50 + pattern: ^[A-Za-z0-9\-]+[\.][A-Za-z0-9\-]+$ + EndpointUrl: + type: string + minLength: 1 + maxLength: 256 + pattern: ^(https://)?[\.\-a-z0-9]+$ + State: + type: string + enum: + - ACTIVE + - CREATING + - UPDATING + - DELETING + - CREATE_FAILED + - UPDATE_FAILED + StateReason: + type: string + minLength: 1 + maxLength: 512 + pattern: ^.*$ + required: + - RoutingConfig + - EventBuses + x-stackql-resource-name: endpoint + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - EndpointId + - EndpointUrl + - State + - StateReason + x-required-permissions: + create: + - events:CreateEndpoint + - events:DescribeEndpoint + - route53:GetHealthCheck + - iam:PassRole + read: + - events:DescribeEndpoint + update: + - events:DescribeEndpoint + - events:UpdateEndpoint + - route53:GetHealthCheck + - iam:PassRole + delete: + - events:DeleteEndpoint + - events:DescribeEndpoint + list: + - events:ListEndpoints + Tag: + additionalProperties: false + type: object + properties: + Value: + type: string + Key: + type: string + EventBus: + type: object + properties: + EventSourceName: + description: If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with. + type: string + Name: + description: The name of the event bus. + type: string + Tags: + description: Any tags assigned to the event bus. + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + Policy: + description: A JSON string that describes the permission policy statement for the event bus. + type: object + Arn: + description: The Amazon Resource Name (ARN) for the event bus. + type: string + required: + - Name + x-stackql-resource-name: event_bus + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - events:CreateEventBus + - events:DescribeEventBus + - events:PutPermission + - events:ListTagsForResource + - events:TagResource + read: + - events:DescribeEventBus + - events:ListTagsForResource + update: + - events:TagResource + - events:UntagResource + - events:PutPermission + - events:DescribeEventBus + delete: + - events:DescribeEventBus + - events:DeleteEventBus + list: + - events:ListEventBuses + - events:ListTagsForResource + CapacityProviderStrategyItem: + additionalProperties: false + type: object + properties: + CapacityProvider: + type: string + Base: + type: integer + Weight: + type: integer + required: + - CapacityProvider + HttpParameters: + additionalProperties: false + type: object + properties: + PathParameterValues: + uniqueItems: true + x-insertionOrder: true + type: array + items: + type: string + HeaderParameters: + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + additionalProperties: false + type: object + QueryStringParameters: + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + additionalProperties: false + type: object + DeadLetterConfig: + additionalProperties: false + type: object + properties: + Arn: + type: string + RunCommandParameters: + additionalProperties: false + type: object + properties: + RunCommandTargets: + uniqueItems: true + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/RunCommandTarget' + required: + - RunCommandTargets + PlacementStrategy: + additionalProperties: false + type: object + properties: + Field: + type: string + Type: + type: string + InputTransformer: + additionalProperties: false + type: object + properties: + InputPathsMap: + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + additionalProperties: false + type: object + InputTemplate: + type: string + required: + - InputTemplate + KinesisParameters: + additionalProperties: false + type: object + properties: + PartitionKeyPath: + type: string + required: + - PartitionKeyPath + BatchRetryStrategy: + additionalProperties: false + type: object + properties: + Attempts: + type: integer + RedshiftDataParameters: + additionalProperties: false + type: object + properties: + StatementName: + type: string + Sqls: + uniqueItems: false + x-insertionOrder: true + type: array + items: + type: string + Database: + type: string + SecretManagerArn: + type: string + DbUser: + type: string + Sql: + type: string + WithEvent: + type: boolean + required: + - Database + AppSyncParameters: + additionalProperties: false + type: object + properties: + GraphQLOperation: + type: string + required: + - GraphQLOperation + Target: + additionalProperties: false + type: object + properties: + InputPath: + type: string + HttpParameters: + $ref: '#/components/schemas/HttpParameters' + DeadLetterConfig: + $ref: '#/components/schemas/DeadLetterConfig' + RunCommandParameters: + $ref: '#/components/schemas/RunCommandParameters' + InputTransformer: + $ref: '#/components/schemas/InputTransformer' + KinesisParameters: + $ref: '#/components/schemas/KinesisParameters' + RoleArn: + type: string + RedshiftDataParameters: + $ref: '#/components/schemas/RedshiftDataParameters' + AppSyncParameters: + $ref: '#/components/schemas/AppSyncParameters' + Input: + type: string + SqsParameters: + $ref: '#/components/schemas/SqsParameters' + EcsParameters: + $ref: '#/components/schemas/EcsParameters' + BatchParameters: + $ref: '#/components/schemas/BatchParameters' + Id: + type: string + Arn: + type: string + SageMakerPipelineParameters: + $ref: '#/components/schemas/SageMakerPipelineParameters' + RetryPolicy: + $ref: '#/components/schemas/RetryPolicy' + required: + - Id + - Arn + PlacementConstraint: + additionalProperties: false + type: object + properties: + Type: + type: string + Expression: + type: string + AwsVpcConfiguration: + additionalProperties: false + type: object + properties: + SecurityGroups: + uniqueItems: true + x-insertionOrder: true + type: array + items: + type: string + Subnets: + uniqueItems: false + x-insertionOrder: true + type: array + items: + type: string + AssignPublicIp: + type: string + required: + - Subnets + SqsParameters: + additionalProperties: false + type: object + properties: + MessageGroupId: + type: string + required: + - MessageGroupId + RunCommandTarget: + additionalProperties: false + type: object + properties: + Values: + uniqueItems: true + x-insertionOrder: true + type: array + items: + type: string + Key: + type: string + required: + - Values + - Key + EcsParameters: + additionalProperties: false + type: object + properties: + PlatformVersion: + type: string + Group: + type: string + EnableECSManagedTags: + type: boolean + EnableExecuteCommand: + type: boolean + PlacementConstraints: + uniqueItems: true + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/PlacementConstraint' + PropagateTags: + type: string + TaskCount: + type: integer + PlacementStrategies: + uniqueItems: true + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/PlacementStrategy' + CapacityProviderStrategy: + uniqueItems: true + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/CapacityProviderStrategyItem' + LaunchType: + type: string + ReferenceId: + type: string + TagList: + uniqueItems: true + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/Tag' + NetworkConfiguration: + $ref: '#/components/schemas/NetworkConfiguration' + TaskDefinitionArn: + type: string + required: + - TaskDefinitionArn + BatchParameters: + additionalProperties: false + type: object + properties: + ArrayProperties: + $ref: '#/components/schemas/BatchArrayProperties' + JobName: + type: string + RetryStrategy: + $ref: '#/components/schemas/BatchRetryStrategy' + JobDefinition: + type: string + required: + - JobName + - JobDefinition + NetworkConfiguration: + additionalProperties: false + type: object + properties: + AwsVpcConfiguration: + $ref: '#/components/schemas/AwsVpcConfiguration' + SageMakerPipelineParameters: + additionalProperties: false + type: object + properties: + PipelineParameterList: + uniqueItems: true + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/SageMakerPipelineParameter' + RetryPolicy: + additionalProperties: false + type: object + properties: + MaximumRetryAttempts: + type: integer + MaximumEventAgeInSeconds: + type: integer + BatchArrayProperties: + additionalProperties: false + type: object + properties: + Size: + type: integer + SageMakerPipelineParameter: + additionalProperties: false + type: object + properties: + Value: + type: string + Name: + type: string + required: + - Value + - Name + Rule: + type: object + properties: + EventBusName: + description: The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used. + type: string + EventPattern: + description: The event pattern of the rule. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide. + type: object + ScheduleExpression: + description: The scheduling expression. For example, "cron(0 20 * * ? *)", "rate(5 minutes)". For more information, see Creating an Amazon EventBridge rule that runs on a schedule. + type: string + Description: + description: The description of the rule. + type: string + State: + description: The state of the rule. + type: string + enum: + - DISABLED + - ENABLED + - ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS + Targets: + uniqueItems: true + description: |- + Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule. + Targets are the resources that are invoked when a rule is triggered. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/Target' + Arn: + description: The ARN of the rule, such as arn:aws:events:us-east-2:123456789012:rule/example. + type: string + RoleArn: + description: The Amazon Resource Name (ARN) of the role that is used for target invocation. + type: string + Name: + description: The name of the rule. + type: string + x-stackql-resource-name: rule + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + read: + - iam:PassRole + - events:DescribeRule + - events:ListTargetsByRule + create: + - iam:PassRole + - events:DescribeRule + - events:PutRule + - events:PutTargets + update: + - iam:PassRole + - events:DescribeRule + - events:PutRule + - events:RemoveTargets + - events:PutTargets + list: + - events:ListRules + delete: + - iam:PassRole + - events:DescribeRule + - events:DeleteRule + - events:RemoveTargets + - events:ListTargetsByRule + x-stackQL-resources: + api_destinations: + name: api_destinations + id: awscc.events.api_destinations + x-cfn-schema-name: ApiDestination + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::ApiDestination' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::ApiDestination' + AND region = 'us-east-1' + api_destination: + name: api_destination + id: awscc.events.api_destination + x-cfn-schema-name: ApiDestination + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ConnectionArn') as connection_arn, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.InvocationRateLimitPerSecond') as invocation_rate_limit_per_second, + JSON_EXTRACT(Properties, '$.InvocationEndpoint') as invocation_endpoint, + JSON_EXTRACT(Properties, '$.HttpMethod') as http_method + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::ApiDestination' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ConnectionArn') as connection_arn, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'InvocationRateLimitPerSecond') as invocation_rate_limit_per_second, + json_extract_path_text(Properties, 'InvocationEndpoint') as invocation_endpoint, + json_extract_path_text(Properties, 'HttpMethod') as http_method + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::ApiDestination' + AND data__Identifier = '' + AND region = 'us-east-1' + archives: + name: archives + id: awscc.events.archives + x-cfn-schema-name: Archive + x-type: list + x-identifiers: + - ArchiveName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ArchiveName') as archive_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Archive' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ArchiveName') as archive_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Archive' + AND region = 'us-east-1' + archive: + name: archive + id: awscc.events.archive + x-cfn-schema-name: Archive + x-type: get + x-identifiers: + - ArchiveName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ArchiveName') as archive_name, + JSON_EXTRACT(Properties, '$.SourceArn') as source_arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EventPattern') as event_pattern, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.RetentionDays') as retention_days + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Archive' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ArchiveName') as archive_name, + json_extract_path_text(Properties, 'SourceArn') as source_arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EventPattern') as event_pattern, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'RetentionDays') as retention_days + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Archive' + AND data__Identifier = '' + AND region = 'us-east-1' + connections: + name: connections + id: awscc.events.connections + x-cfn-schema-name: Connection + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Connection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Connection' + AND region = 'us-east-1' + connection: + name: connection + id: awscc.events.connection + x-cfn-schema-name: Connection + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.SecretArn') as secret_arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.AuthorizationType') as authorization_type, + JSON_EXTRACT(Properties, '$.AuthParameters') as auth_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Connection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'SecretArn') as secret_arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'AuthorizationType') as authorization_type, + json_extract_path_text(Properties, 'AuthParameters') as auth_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Connection' + AND data__Identifier = '' + AND region = 'us-east-1' + endpoints: + name: endpoints + id: awscc.events.endpoints + x-cfn-schema-name: Endpoint + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Endpoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Endpoint' + AND region = 'us-east-1' + endpoint: + name: endpoint + id: awscc.events.endpoint + x-cfn-schema-name: Endpoint + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RoutingConfig') as routing_config, + JSON_EXTRACT(Properties, '$.ReplicationConfig') as replication_config, + JSON_EXTRACT(Properties, '$.EventBuses') as event_buses, + JSON_EXTRACT(Properties, '$.EndpointId') as endpoint_id, + JSON_EXTRACT(Properties, '$.EndpointUrl') as endpoint_url, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.StateReason') as state_reason + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Endpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RoutingConfig') as routing_config, + json_extract_path_text(Properties, 'ReplicationConfig') as replication_config, + json_extract_path_text(Properties, 'EventBuses') as event_buses, + json_extract_path_text(Properties, 'EndpointId') as endpoint_id, + json_extract_path_text(Properties, 'EndpointUrl') as endpoint_url, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'StateReason') as state_reason + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Endpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + event_buses: + name: event_buses + id: awscc.events.event_buses + x-cfn-schema-name: EventBus + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::EventBus' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::EventBus' + AND region = 'us-east-1' + event_bus: + name: event_bus + id: awscc.events.event_bus + x-cfn-schema-name: EventBus + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EventSourceName') as event_source_name, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::EventBus' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EventSourceName') as event_source_name, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::EventBus' + AND data__Identifier = '' + AND region = 'us-east-1' + rules: + name: rules + id: awscc.events.rules + x-cfn-schema-name: Rule + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Rule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Events::Rule' + AND region = 'us-east-1' + rule: + name: rule + id: awscc.events.rule + x-cfn-schema-name: Rule + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EventBusName') as event_bus_name, + JSON_EXTRACT(Properties, '$.EventPattern') as event_pattern, + JSON_EXTRACT(Properties, '$.ScheduleExpression') as schedule_expression, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Targets') as targets, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Rule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EventBusName') as event_bus_name, + json_extract_path_text(Properties, 'EventPattern') as event_pattern, + json_extract_path_text(Properties, 'ScheduleExpression') as schedule_expression, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Targets') as targets, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Events::Rule' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/eventschemas.yaml b/providers/src/awscc/v00.00.00000/services/eventschemas.yaml new file mode 100644 index 00000000..332a86f1 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/eventschemas.yaml @@ -0,0 +1,482 @@ +openapi: 3.0.0 +info: + title: EventSchemas + version: 1.0.0 +paths: {} +components: + schemas: + TagsEntry: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + Discoverer: + type: object + properties: + DiscovererArn: + type: string + description: The ARN of the discoverer. + DiscovererId: + type: string + description: The Id of the discoverer. + Description: + type: string + description: A description for the discoverer. + SourceArn: + type: string + description: The ARN of the event bus. + CrossAccount: + type: boolean + default: true + description: Defines whether event schemas from other accounts are discovered. Default is True. + State: + type: string + description: Defines the current state of the discoverer. + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/TagsEntry' + description: Tags associated with the resource. + required: + - SourceArn + x-stackql-resource-name: discoverer + x-stackql-primaryIdentifier: + - DiscovererArn + x-create-only-properties: + - SourceArn + x-read-only-properties: + - DiscovererArn + - DiscovererId + - State + x-required-permissions: + create: + - schemas:CreateDiscoverer + - schemas:DescribeDiscoverer + - schemas:TagResource + - events:PutRule + - events:PutTargets + - events:EnableRule + - events:ListTargetsByRule + - iam:CreateServiceLinkedRole + read: + - schemas:DescribeDiscoverer + update: + - schemas:DescribeDiscoverer + - schemas:UpdateDiscoverer + - schemas:TagResource + - schemas:UntagResource + - schemas:ListTagsForResource + - events:PutTargets + - events:PutRule + delete: + - schemas:DescribeDiscoverer + - schemas:DeleteDiscoverer + - events:DeleteRule + - events:DisableRule + - events:RemoveTargets + list: + - schemas:ListDiscoverers + Registry: + type: object + properties: + RegistryName: + type: string + description: The name of the schema registry. + Description: + type: string + description: A description of the registry to be created. + RegistryArn: + type: string + description: The ARN of the registry. + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/TagsEntry' + description: Tags associated with the resource. + x-stackql-resource-name: registry + x-stackql-primaryIdentifier: + - RegistryArn + x-create-only-properties: + - RegistryName + x-read-only-properties: + - RegistryArn + x-required-permissions: + create: + - schemas:DescribeRegistry + - schemas:CreateRegistry + - schemas:TagResource + read: + - schemas:DescribeRegistry + update: + - schemas:DescribeRegistry + - schemas:UpdateRegistry + - schemas:TagResource + - schemas:UntagResource + - schemas:ListTagsForResource + delete: + - schemas:DescribeRegistry + - schemas:DeleteRegistry + list: + - schemas:ListRegistries + RegistryPolicy: + type: object + properties: + Id: + type: string + Policy: + type: object + RegistryName: + type: string + RevisionId: + type: string + required: + - RegistryName + - Policy + x-stackql-resource-name: registry_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - schemas:PutResourcePolicy + - schemas:GetResourcePolicy + - schemas:DescribeRegistry + delete: + - schemas:DeleteResourcePolicy + - schemas:GetResourcePolicy + update: + - schemas:PutResourcePolicy + - schemas:GetResourcePolicy + read: + - schemas:GetResourcePolicy + Schema: + type: object + properties: + Type: + type: string + description: The type of schema. Valid types include OpenApi3 and JSONSchemaDraft4. + Description: + type: string + description: A description of the schema. + SchemaVersion: + type: string + description: The version number of the schema. + Content: + type: string + description: The source of the schema definition. + RegistryName: + type: string + description: The name of the schema registry. + SchemaArn: + type: string + description: The ARN of the schema. + SchemaName: + type: string + description: The name of the schema. + LastModified: + type: string + description: The last modified time of the schema. + VersionCreatedDate: + type: string + description: The date the schema version was created. + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/TagsEntry' + description: Tags associated with the resource. + required: + - Type + - Content + - RegistryName + x-stackql-resource-name: schema + x-stackql-primaryIdentifier: + - SchemaArn + x-create-only-properties: + - SchemaName + - RegistryName + x-read-only-properties: + - SchemaArn + - LastModified + - VersionCreatedDate + - SchemaVersion + x-required-permissions: + create: + - schemas:DescribeSchema + - schemas:CreateSchema + - schemas:TagResource + read: + - schemas:DescribeSchema + update: + - schemas:DescribeSchema + - schemas:UpdateSchema + - schemas:TagResource + - schemas:UntagResource + - schemas:ListTagsForResource + delete: + - schemas:DescribeSchema + - schemas:DeleteSchema + - schemas:DeleteSchemaVersion + list: + - schemas:ListSchemas + - schemas:ListSchemaVersions + x-stackQL-resources: + discoverers: + name: discoverers + id: awscc.eventschemas.discoverers + x-cfn-schema-name: Discoverer + x-type: list + x-identifiers: + - DiscovererArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DiscovererArn') as discoverer_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::Discoverer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DiscovererArn') as discoverer_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::Discoverer' + AND region = 'us-east-1' + discoverer: + name: discoverer + id: awscc.eventschemas.discoverer + x-cfn-schema-name: Discoverer + x-type: get + x-identifiers: + - DiscovererArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DiscovererArn') as discoverer_arn, + JSON_EXTRACT(Properties, '$.DiscovererId') as discoverer_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SourceArn') as source_arn, + JSON_EXTRACT(Properties, '$.CrossAccount') as cross_account, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::Discoverer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DiscovererArn') as discoverer_arn, + json_extract_path_text(Properties, 'DiscovererId') as discoverer_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SourceArn') as source_arn, + json_extract_path_text(Properties, 'CrossAccount') as cross_account, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::Discoverer' + AND data__Identifier = '' + AND region = 'us-east-1' + registries: + name: registries + id: awscc.eventschemas.registries + x-cfn-schema-name: Registry + x-type: list + x-identifiers: + - RegistryArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RegistryArn') as registry_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::Registry' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RegistryArn') as registry_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::Registry' + AND region = 'us-east-1' + eventschemas_registry: + name: eventschemas_registry + id: awscc.eventschemas.eventschemas_registry + x-cfn-schema-name: Registry + x-type: get + x-identifiers: + - RegistryArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RegistryName') as registry_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RegistryArn') as registry_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::Registry' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RegistryName') as registry_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RegistryArn') as registry_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::Registry' + AND data__Identifier = '' + AND region = 'us-east-1' + registry_policies: + name: registry_policies + id: awscc.eventschemas.registry_policies + x-cfn-schema-name: RegistryPolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::RegistryPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::RegistryPolicy' + AND region = 'us-east-1' + registry_policy: + name: registry_policy + id: awscc.eventschemas.registry_policy + x-cfn-schema-name: RegistryPolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.RegistryName') as registry_name, + JSON_EXTRACT(Properties, '$.RevisionId') as revision_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::RegistryPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'RegistryName') as registry_name, + json_extract_path_text(Properties, 'RevisionId') as revision_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::RegistryPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + schemata: + name: schemata + id: awscc.eventschemas.schemata + x-cfn-schema-name: Schema + x-type: list + x-identifiers: + - SchemaArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SchemaArn') as schema_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::Schema' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SchemaArn') as schema_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::EventSchemas::Schema' + AND region = 'us-east-1' + schema: + name: schema + id: awscc.eventschemas.schema + x-cfn-schema-name: Schema + x-type: get + x-identifiers: + - SchemaArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SchemaVersion') as schema_version, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.RegistryName') as registry_name, + JSON_EXTRACT(Properties, '$.SchemaArn') as schema_arn, + JSON_EXTRACT(Properties, '$.SchemaName') as schema_name, + JSON_EXTRACT(Properties, '$.LastModified') as last_modified, + JSON_EXTRACT(Properties, '$.VersionCreatedDate') as version_created_date, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::Schema' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SchemaVersion') as schema_version, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'RegistryName') as registry_name, + json_extract_path_text(Properties, 'SchemaArn') as schema_arn, + json_extract_path_text(Properties, 'SchemaName') as schema_name, + json_extract_path_text(Properties, 'LastModified') as last_modified, + json_extract_path_text(Properties, 'VersionCreatedDate') as version_created_date, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::EventSchemas::Schema' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/evidently.yaml b/providers/src/awscc/v00.00.00000/services/evidently.yaml new file mode 100644 index 00000000..0263cb3e --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/evidently.yaml @@ -0,0 +1,1109 @@ +openapi: 3.0.0 +info: + title: Evidently + version: 1.0.0 +paths: {} +components: + schemas: + RunningStatusObject: + type: object + additionalProperties: false + properties: + Status: + description: Provide START or STOP action to apply on an experiment + type: string + AnalysisCompleteTime: + description: Provide the analysis Completion time for an experiment + type: string + Reason: + description: Reason is a required input for stopping the experiment + type: string + DesiredState: + description: Provide CANCELLED or COMPLETED desired state when stopping an experiment + type: string + pattern: ^(CANCELLED|COMPLETED) + oneOf: + - required: + - Status + - AnalysisCompleteTime + - required: + - Status + - Reason + - DesiredState + TreatmentObject: + type: object + properties: + TreatmentName: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + Description: + type: string + Feature: + type: string + pattern: ([-a-zA-Z0-9._]*)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:.*) + Variation: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 255 + required: + - TreatmentName + - Feature + - Variation + additionalProperties: false + MetricGoalObject: + type: object + properties: + MetricName: + type: string + minLength: 1 + maxLength: 255 + pattern: ^[\S]+$ + EntityIdKey: + description: The JSON path to reference the entity id in the event. + type: string + ValueKey: + description: The JSON path to reference the numerical metric value in the event. + type: string + EventPattern: + description: Event patterns have the same structure as the events they match. Rules use event patterns to select events. An event pattern either matches an event or it doesn't. + type: string + UnitLabel: + type: string + minLength: 1 + maxLength: 256 + pattern: .* + DesiredChange: + type: string + enum: + - INCREASE + - DECREASE + required: + - MetricName + - EntityIdKey + - ValueKey + - DesiredChange + additionalProperties: false + OnlineAbConfigObject: + type: object + properties: + ControlTreatmentName: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + TreatmentWeights: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/TreatmentToWeight' + additionalProperties: false + TreatmentToWeight: + type: object + properties: + Treatment: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + SplitWeight: + type: integer + minimum: 0 + maximum: 100000 + required: + - Treatment + - SplitWeight + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Experiment: + type: object + properties: + Arn: + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]*/experiment/[-a-zA-Z0-9._]* + Name: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + Project: + type: string + pattern: ([-a-zA-Z0-9._]*)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]*) + minLength: 0 + maxLength: 2048 + Description: + type: string + minLength: 0 + maxLength: 160 + RunningStatus: + description: Start Experiment. Default is False + $ref: '#/components/schemas/RunningStatusObject' + RandomizationSalt: + type: string + minLength: 0 + maxLength: 127 + pattern: .* + Treatments: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/TreatmentObject' + minItems: 2 + maxItems: 5 + MetricGoals: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/MetricGoalObject' + minItems: 1 + maxItems: 3 + SamplingRate: + type: integer + minimum: 0 + maximum: 100000 + OnlineAbConfig: + $ref: '#/components/schemas/OnlineAbConfigObject' + Segment: + type: string + minLength: 0 + maxLength: 2048 + pattern: ([-a-zA-Z0-9._]*)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:segment/[-a-zA-Z0-9._]*) + RemoveSegment: + type: boolean + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Project + - Treatments + - MetricGoals + - OnlineAbConfig + x-stackql-resource-name: experiment + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Project + x-read-only-properties: + - Arn + x-required-permissions: + create: + - evidently:CreateExperiment + - evidently:TagResource + - evidently:GetExperiment + - evidently:StartExperiment + read: + - evidently:GetExperiment + - evidently:ListTagsForResource + update: + - evidently:UpdateExperiment + - evidently:TagResource + - evidently:UntagResource + - evidently:GetExperiment + - evidently:StartExperiment + - evidently:StopExperiment + delete: + - evidently:DeleteExperiment + - evidently:UntagResource + - evidently:GetExperiment + VariationObject: + type: object + properties: + VariationName: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + BooleanValue: + type: boolean + StringValue: + type: string + minLength: 0 + maxLength: 512 + LongValue: + type: number + DoubleValue: + type: number + oneOf: + - required: + - VariationName + - StringValue + - required: + - VariationName + - BooleanValue + - required: + - VariationName + - LongValue + - required: + - VariationName + - DoubleValue + additionalProperties: false + EntityOverride: + type: object + properties: + EntityId: + type: string + Variation: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + additionalProperties: false + Feature: + type: object + properties: + Arn: + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]*/feature/[-a-zA-Z0-9._]* + minLength: 0 + maxLength: 2048 + Project: + type: string + pattern: ([-a-zA-Z0-9._]*)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]*) + minLength: 0 + maxLength: 2048 + Name: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + Description: + type: string + minLength: 0 + maxLength: 160 + EvaluationStrategy: + type: string + enum: + - ALL_RULES + - DEFAULT_VARIATION + Variations: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/VariationObject' + minItems: 1 + maxItems: 5 + DefaultVariation: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + EntityOverrides: + type: array + items: + $ref: '#/components/schemas/EntityOverride' + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 2500 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Project + - Variations + x-stackql-resource-name: feature + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Project + x-read-only-properties: + - Arn + x-required-permissions: + create: + - evidently:CreateFeature + - evidently:TagResource + - evidently:GetFeature + read: + - evidently:GetFeature + - evidently:ListTagsForResource + update: + - evidently:UpdateFeature + - evidently:ListTagsForResource + - evidently:TagResource + - evidently:UntagResource + - evidently:GetFeature + delete: + - evidently:DeleteFeature + - evidently:UntagResource + - evidently:GetFeature + ExecutionStatusObject: + type: object + additionalProperties: false + properties: + Status: + description: Provide START or STOP action to apply on a launch + type: string + DesiredState: + description: Provide CANCELLED or COMPLETED as the launch desired state. Defaults to Completed if not provided. + type: string + Reason: + description: Provide a reason for stopping the launch. Defaults to empty if not provided. + type: string + required: + - Status + LaunchGroupObject: + type: object + properties: + GroupName: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + Description: + type: string + minLength: 0 + maxLength: 160 + Feature: + type: string + Variation: + type: string + required: + - GroupName + - Feature + - Variation + additionalProperties: false + GroupToWeight: + type: object + properties: + GroupName: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + SplitWeight: + type: integer + additionalProperties: false + required: + - GroupName + - SplitWeight + SegmentOverride: + type: object + properties: + Segment: + type: string + minLength: 1 + maxLength: 2048 + pattern: ([-a-zA-Z0-9._]*)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:segment/[-a-zA-Z0-9._]*) + EvaluationOrder: + type: integer + Weights: + type: array + items: + $ref: '#/components/schemas/GroupToWeight' + uniqueItems: true + x-insertionOrder: false + additionalProperties: false + required: + - Segment + - EvaluationOrder + - Weights + StepConfig: + type: object + properties: + StartTime: + type: string + GroupWeights: + type: array + items: + $ref: '#/components/schemas/GroupToWeight' + uniqueItems: true + x-insertionOrder: false + SegmentOverrides: + type: array + items: + $ref: '#/components/schemas/SegmentOverride' + uniqueItems: true + x-insertionOrder: false + required: + - StartTime + - GroupWeights + additionalProperties: false + MetricDefinitionObject: + type: object + properties: + MetricName: + type: string + minLength: 1 + maxLength: 255 + pattern: ^[\S]+$ + EntityIdKey: + description: The JSON path to reference the entity id in the event. + type: string + ValueKey: + description: The JSON path to reference the numerical metric value in the event. + type: string + EventPattern: + description: Event patterns have the same structure as the events they match. Rules use event patterns to select events. An event pattern either matches an event or it doesn't. + type: string + UnitLabel: + type: string + minLength: 1 + maxLength: 256 + pattern: .* + required: + - MetricName + - EntityIdKey + - ValueKey + additionalProperties: false + Launch: + type: object + properties: + Arn: + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]*/launch/[-a-zA-Z0-9._]* + Name: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + Project: + type: string + pattern: ([-a-zA-Z0-9._]*)|(arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]*) + minLength: 0 + maxLength: 2048 + Description: + type: string + minLength: 0 + maxLength: 160 + RandomizationSalt: + type: string + minLength: 0 + maxLength: 127 + pattern: .* + ScheduledSplitsConfig: + type: array + items: + $ref: '#/components/schemas/StepConfig' + uniqueItems: true + x-insertionOrder: true + minItems: 1 + maxItems: 6 + Groups: + type: array + items: + $ref: '#/components/schemas/LaunchGroupObject' + uniqueItems: true + x-insertionOrder: true + minItems: 1 + maxItems: 5 + MetricMonitors: + type: array + items: + $ref: '#/components/schemas/MetricDefinitionObject' + uniqueItems: true + x-insertionOrder: true + minItems: 0 + maxItems: 3 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + ExecutionStatus: + description: Start or Stop Launch Launch. Default is not started. + $ref: '#/components/schemas/ExecutionStatusObject' + required: + - Name + - Project + - Groups + - ScheduledSplitsConfig + x-stackql-resource-name: launch + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Project + x-read-only-properties: + - Arn + x-required-permissions: + create: + - evidently:CreateLaunch + - evidently:TagResource + - evidently:GetLaunch + - evidently:StartLaunch + read: + - evidently:GetLaunch + - evidently:ListTagsForResource + update: + - evidently:UpdateLaunch + - evidently:ListTagsForResource + - evidently:TagResource + - evidently:UntagResource + - evidently:GetLaunch + - evidently:StartLaunch + - evidently:StopLaunch + delete: + - evidently:DeleteLaunch + - evidently:UntagResource + - evidently:GetLaunch + DataDeliveryObject: + type: object + description: Destinations for data. + properties: + S3: + $ref: '#/components/schemas/S3Destination' + LogGroup: + type: string + pattern: ^[-a-zA-Z0-9._/]+$ + minLength: 1 + maxLength: 512 + oneOf: + - required: + - S3 + - required: + - LogGroup + additionalProperties: false + S3Destination: + type: object + properties: + BucketName: + type: string + pattern: ^[a-z0-9][-a-z0-9]*[a-z0-9]$ + minLength: 3 + maxLength: 63 + Prefix: + type: string + pattern: ^[-a-zA-Z0-9!_.*'()/]*$ + minLength: 1 + maxLength: 1024 + required: + - BucketName + additionalProperties: false + AppConfigResourceObject: + type: object + properties: + ApplicationId: + type: string + pattern: '[a-z0-9]{4,7}' + EnvironmentId: + type: string + pattern: '[a-z0-9]{4,7}' + required: + - ApplicationId + - EnvironmentId + additionalProperties: false + Project: + type: object + properties: + Arn: + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:project/[-a-zA-Z0-9._]* + minLength: 0 + maxLength: 2048 + Name: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + Description: + type: string + minLength: 0 + maxLength: 160 + DataDelivery: + $ref: '#/components/schemas/DataDeliveryObject' + AppConfigResource: + $ref: '#/components/schemas/AppConfigResourceObject' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: project + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - evidently:CreateProject + - evidently:GetProject + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - evidently:TagResource + - evidently:ExportProjectAsConfiguration + - appconfig:GetEnvironment + - appconfig:CreateConfigurationProfile + - appconfig:CreateHostedConfigurationVersion + - appconfig:CreateExtensionAssociation + - appconfig:TagResource + - iam:GetRole + - iam:CreateServiceLinkedRole + read: + - evidently:GetProject + - logs:GetLogDelivery + - logs:ListLogDeliveries + - s3:GetBucketPolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - evidently:ListTagsForResource + update: + - evidently:UpdateProject + - evidently:UpdateProjectDataDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:ListLogDeliveries + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - evidently:TagResource + - evidently:UntagResource + - evidently:ListTagsForResource + - evidently:GetProject + - evidently:ExportProjectAsConfiguration + - appconfig:GetEnvironment + - appconfig:CreateConfigurationProfile + - appconfig:CreateHostedConfigurationVersion + - appconfig:CreateExtensionAssociation + - appconfig:TagResource + - iam:GetRole + - iam:CreateServiceLinkedRole + delete: + - evidently:DeleteProject + - evidently:GetProject + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - s3:GetBucketPolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - evidently:UntagResource + - appconfig:DeleteHostedConfigurationVersion + - appconfig:DeleteExtensionAssociation + - appconfig:DeleteConfigurationProfile + Segment: + type: object + properties: + Arn: + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:segment/[-a-zA-Z0-9._]* + minLength: 0 + maxLength: 2048 + Name: + type: string + pattern: '[-a-zA-Z0-9._]*' + minLength: 1 + maxLength: 127 + Description: + type: string + minLength: 0 + maxLength: 160 + Pattern: + type: string + minLength: 1 + maxLength: 1024 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: segment + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - evidently:CreateSegment + - evidently:GetSegment + - evidently:TagResource + read: + - evidently:GetSegment + - evidently:ListTagsForResource + delete: + - evidently:DeleteSegment + - evidently:GetSegment + - evidently:UntagResource + list: + - evidently:ListSegment + - evidently:ListTagsForResource + x-stackQL-resources: + experiments: + name: experiments + id: awscc.evidently.experiments + x-cfn-schema-name: Experiment + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Experiment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Experiment' + AND region = 'us-east-1' + experiment: + name: experiment + id: awscc.evidently.experiment + x-cfn-schema-name: Experiment + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Project') as project, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RunningStatus') as running_status, + JSON_EXTRACT(Properties, '$.RandomizationSalt') as randomization_salt, + JSON_EXTRACT(Properties, '$.Treatments') as treatments, + JSON_EXTRACT(Properties, '$.MetricGoals') as metric_goals, + JSON_EXTRACT(Properties, '$.SamplingRate') as sampling_rate, + JSON_EXTRACT(Properties, '$.OnlineAbConfig') as online_ab_config, + JSON_EXTRACT(Properties, '$.Segment') as segment, + JSON_EXTRACT(Properties, '$.RemoveSegment') as remove_segment, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Experiment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Project') as project, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RunningStatus') as running_status, + json_extract_path_text(Properties, 'RandomizationSalt') as randomization_salt, + json_extract_path_text(Properties, 'Treatments') as treatments, + json_extract_path_text(Properties, 'MetricGoals') as metric_goals, + json_extract_path_text(Properties, 'SamplingRate') as sampling_rate, + json_extract_path_text(Properties, 'OnlineAbConfig') as online_ab_config, + json_extract_path_text(Properties, 'Segment') as segment, + json_extract_path_text(Properties, 'RemoveSegment') as remove_segment, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Experiment' + AND data__Identifier = '' + AND region = 'us-east-1' + features: + name: features + id: awscc.evidently.features + x-cfn-schema-name: Feature + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Feature' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Feature' + AND region = 'us-east-1' + feature: + name: feature + id: awscc.evidently.feature + x-cfn-schema-name: Feature + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Project') as project, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EvaluationStrategy') as evaluation_strategy, + JSON_EXTRACT(Properties, '$.Variations') as variations, + JSON_EXTRACT(Properties, '$.DefaultVariation') as default_variation, + JSON_EXTRACT(Properties, '$.EntityOverrides') as entity_overrides, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Feature' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Project') as project, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EvaluationStrategy') as evaluation_strategy, + json_extract_path_text(Properties, 'Variations') as variations, + json_extract_path_text(Properties, 'DefaultVariation') as default_variation, + json_extract_path_text(Properties, 'EntityOverrides') as entity_overrides, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Feature' + AND data__Identifier = '' + AND region = 'us-east-1' + launches: + name: launches + id: awscc.evidently.launches + x-cfn-schema-name: Launch + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Launch' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Launch' + AND region = 'us-east-1' + launch: + name: launch + id: awscc.evidently.launch + x-cfn-schema-name: Launch + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Project') as project, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RandomizationSalt') as randomization_salt, + JSON_EXTRACT(Properties, '$.ScheduledSplitsConfig') as scheduled_splits_config, + JSON_EXTRACT(Properties, '$.Groups') as groups, + JSON_EXTRACT(Properties, '$.MetricMonitors') as metric_monitors, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ExecutionStatus') as execution_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Launch' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Project') as project, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RandomizationSalt') as randomization_salt, + json_extract_path_text(Properties, 'ScheduledSplitsConfig') as scheduled_splits_config, + json_extract_path_text(Properties, 'Groups') as groups, + json_extract_path_text(Properties, 'MetricMonitors') as metric_monitors, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ExecutionStatus') as execution_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Launch' + AND data__Identifier = '' + AND region = 'us-east-1' + projects: + name: projects + id: awscc.evidently.projects + x-cfn-schema-name: Project + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Project' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Project' + AND region = 'us-east-1' + project: + name: project + id: awscc.evidently.project + x-cfn-schema-name: Project + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DataDelivery') as data_delivery, + JSON_EXTRACT(Properties, '$.AppConfigResource') as app_config_resource, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DataDelivery') as data_delivery, + json_extract_path_text(Properties, 'AppConfigResource') as app_config_resource, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + segments: + name: segments + id: awscc.evidently.segments + x-cfn-schema-name: Segment + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Segment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Evidently::Segment' + AND region = 'us-east-1' + segment: + name: segment + id: awscc.evidently.segment + x-cfn-schema-name: Segment + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Pattern') as pattern, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Segment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Pattern') as pattern, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Evidently::Segment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/finspace.yaml b/providers/src/awscc/v00.00.00000/services/finspace.yaml new file mode 100644 index 00000000..767b531d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/finspace.yaml @@ -0,0 +1,289 @@ +openapi: 3.0.0 +info: + title: FinSpace + version: 1.0.0 +paths: {} +components: + schemas: + FederationParameters: + description: Additional parameters to identify Federation mode + type: object + properties: + SamlMetadataURL: + description: SAML metadata URL to link with the Environment + type: string + pattern: ^https?://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]{1,1000} + FederationProviderName: + description: Federation provider name to link with the Environment + type: string + pattern: '[^_\p{Z}][\p{L}\p{M}\p{S}\p{N}\p{P}][^_\p{Z}]+' + minLength: 1 + maxLength: 32 + SamlMetadataDocument: + description: SAML metadata document to link the federation provider to the Environment + type: string + pattern: .* + minLength: 1000 + maxLength: 10000000 + ApplicationCallBackURL: + description: SAML metadata URL to link with the Environment + type: string + pattern: ^https?://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]{1,1000} + FederationURN: + description: SAML metadata URL to link with the Environment + type: string + AttributeMap: + description: Attribute map for SAML configuration + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + additionalProperties: false + additionalProperties: false + SuperuserParameters: + description: Parameters of the first Superuser for the FinSpace Environment + type: object + properties: + FirstName: + description: First name + type: string + pattern: ^[a-zA-Z0-9]{1,50}$ + minLength: 1 + maxLength: 50 + LastName: + description: Last name + type: string + pattern: ^[a-zA-Z0-9]{1,50}$ + minLength: 1 + maxLength: 50 + EmailAddress: + description: Email address + type: string + pattern: '[A-Z0-9a-z._%+-]+@[A-Za-z0-9.-]+[.]+[A-Za-z]+' + minLength: 1 + maxLength: 128 + additionalProperties: false + DataBundleArn: + type: string + pattern: ^arn:aws:finspace:[A-Za-z0-9_/.-]{0,63}:\d*:data-bundle/[0-9A-Za-z_-]{1,128}$ + Tag: + description: A list of all tags for a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Environment: + type: object + properties: + EnvironmentId: + description: Unique identifier for representing FinSpace Environment + type: string + pattern: ^[a-zA-Z0-9]{1,26}$ + Name: + description: Name of the Environment + type: string + pattern: ^[a-zA-Z0-9]+[a-zA-Z0-9-]*[a-zA-Z0-9]{1,255}$ + AwsAccountId: + description: AWS account ID associated with the Environment + type: string + pattern: ^[a-zA-Z0-9]{1,26}$ + Description: + description: Description of the Environment + type: string + pattern: ^[a-zA-Z0-9. ]{1,1000}$ + Status: + description: State of the Environment + type: string + enum: + - CREATE_REQUESTED + - CREATING + - CREATED + - DELETE_REQUESTED + - DELETING + - DELETED + - FAILED_CREATION + - FAILED_DELETION + - RETRY_DELETION + - SUSPENDED + EnvironmentUrl: + description: URL used to login to the Environment + type: string + pattern: ^[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]{1,1000} + EnvironmentArn: + description: ARN of the Environment + type: string + pattern: ^arn:aws:finspace:[A-Za-z0-9_/.-]{0,63}:\d+:environment/[0-9A-Za-z_-]{1,128}$ + SageMakerStudioDomainUrl: + description: SageMaker Studio Domain URL associated with the Environment + type: string + pattern: ^[a-zA-Z-0-9-:\/.]*{1,1000}$ + KmsKeyId: + description: KMS key used to encrypt customer data within FinSpace Environment infrastructure + type: string + pattern: ^[a-zA-Z-0-9-:\/]*{1,1000}$ + DedicatedServiceAccountId: + description: ID for FinSpace created account used to store Environment artifacts + type: string + pattern: ^[a-zA-Z0-9]{1,26}$ + FederationMode: + description: Federation mode used with the Environment + type: string + enum: + - LOCAL + - FEDERATED + FederationParameters: + $ref: '#/components/schemas/FederationParameters' + SuperuserParameters: + $ref: '#/components/schemas/SuperuserParameters' + DataBundles: + description: ARNs of FinSpace Data Bundles to install + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/DataBundleArn' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - EnvironmentId + x-create-only-properties: + - KmsKeyId + - SuperuserParameters + - FederationParameters + - DataBundles + - Tags + x-read-only-properties: + - EnvironmentId + - Status + - SageMakerStudioDomainUrl + - EnvironmentArn + - EnvironmentUrl + - AwsAccountId + - DedicatedServiceAccountId + x-required-permissions: + create: + - finspace:CreateEnvironment + - finspace:GetEnvironment + - finspace:ListEnvironments + - sts:AssumeRole + read: + - finspace:GetEnvironment + update: + - finspace:UpdateEnvironment + delete: + - finspace:DeleteEnvironment + - finspace:GetEnvironment + list: + - finspace:ListEnvironments + x-stackQL-resources: + environments: + name: environments + id: awscc.finspace.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - EnvironmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FinSpace::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FinSpace::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.finspace.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - EnvironmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.EnvironmentUrl') as environment_url, + JSON_EXTRACT(Properties, '$.EnvironmentArn') as environment_arn, + JSON_EXTRACT(Properties, '$.SageMakerStudioDomainUrl') as sage_maker_studio_domain_url, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.DedicatedServiceAccountId') as dedicated_service_account_id, + JSON_EXTRACT(Properties, '$.FederationMode') as federation_mode, + JSON_EXTRACT(Properties, '$.FederationParameters') as federation_parameters, + JSON_EXTRACT(Properties, '$.SuperuserParameters') as superuser_parameters, + JSON_EXTRACT(Properties, '$.DataBundles') as data_bundles, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FinSpace::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'EnvironmentUrl') as environment_url, + json_extract_path_text(Properties, 'EnvironmentArn') as environment_arn, + json_extract_path_text(Properties, 'SageMakerStudioDomainUrl') as sage_maker_studio_domain_url, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'DedicatedServiceAccountId') as dedicated_service_account_id, + json_extract_path_text(Properties, 'FederationMode') as federation_mode, + json_extract_path_text(Properties, 'FederationParameters') as federation_parameters, + json_extract_path_text(Properties, 'SuperuserParameters') as superuser_parameters, + json_extract_path_text(Properties, 'DataBundles') as data_bundles, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FinSpace::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/fis.yaml b/providers/src/awscc/v00.00.00000/services/fis.yaml new file mode 100644 index 00000000..3d2e2af6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/fis.yaml @@ -0,0 +1,463 @@ +openapi: 3.0.0 +info: + title: FIS + version: 1.0.0 +paths: {} +components: + schemas: + ExperimentTemplateId: + type: string + ExperimentTemplateDescription: + type: string + description: A description for the experiment template. + maxLength: 512 + StopConditionSource: + type: string + maxLength: 64 + StopConditionValue: + type: string + minLength: 20 + maxLength: 2048 + ExperimentTemplateStopCondition: + type: object + additionalProperties: false + properties: + Source: + $ref: '#/components/schemas/StopConditionSource' + Value: + $ref: '#/components/schemas/StopConditionValue' + required: + - Source + ExperimentTemplateStopConditionList: + type: array + description: One or more stop conditions. + items: + $ref: '#/components/schemas/ExperimentTemplateStopCondition' + ResourceType: + type: string + description: The AWS resource type. The resource type must be supported for the specified action. + maxLength: 64 + ResourceArn: + type: string + minLength: 20 + maxLength: 2048 + ResourceArnList: + type: array + description: The Amazon Resource Names (ARNs) of the target resources. + items: + $ref: '#/components/schemas/ResourceArn' + ExperimentTemplateTargetSelectionMode: + type: string + description: Scopes the identified resources to a specific number of the resources at random, or a percentage of the resources. + maxLength: 64 + ExperimentTemplateTargetFilterPath: + type: string + description: The attribute path for the filter. + maxLength: 256 + ExperimentTemplateTargetFilterValue: + type: string + maxLength: 128 + ExperimentTemplateTargetFilterValues: + type: array + description: The attribute values for the filter. + items: + $ref: '#/components/schemas/ExperimentTemplateTargetFilterValue' + ExperimentTemplateTargetFilter: + type: object + description: Describes a filter used for the target resource input in an experiment template. + additionalProperties: false + properties: + Path: + $ref: '#/components/schemas/ExperimentTemplateTargetFilterPath' + Values: + $ref: '#/components/schemas/ExperimentTemplateTargetFilterValues' + required: + - Path + - Values + ExperimentTemplateTargetFilterList: + type: array + items: + $ref: '#/components/schemas/ExperimentTemplateTargetFilter' + ExperimentTemplateTarget: + type: object + description: Specifies a target for an experiment. + additionalProperties: false + properties: + ResourceType: + $ref: '#/components/schemas/ResourceType' + ResourceArns: + $ref: '#/components/schemas/ResourceArnList' + ResourceTags: + type: object + x-patternProperties: + .{1,128}: + type: string + maxLength: 256 + additionalProperties: false + Parameters: + type: object + x-patternProperties: + .{1,64}: + type: string + maxLength: 1024 + additionalProperties: false + Filters: + $ref: '#/components/schemas/ExperimentTemplateTargetFilterList' + SelectionMode: + $ref: '#/components/schemas/ExperimentTemplateTargetSelectionMode' + required: + - ResourceType + - SelectionMode + ExperimentTemplateTargetMap: + type: object + description: The targets for the experiment. + x-patternProperties: + .{1,64}: + $ref: '#/components/schemas/ExperimentTemplateTarget' + additionalProperties: false + ActionId: + type: string + description: The ID of the action. + maxLength: 64 + ExperimentTemplateActionItemDescription: + type: string + description: A description for the action. + maxLength: 512 + ExperimentTemplateActionItemParameter: + type: string + maxLength: 1024 + ExperimentTemplateActionItemTarget: + type: string + maxLength: 64 + ExperimentTemplateActionItemStartAfter: + type: string + maxLength: 64 + ExperimentTemplateActionItemStartAfterList: + type: array + description: The names of the actions that must be completed before the current action starts. + items: + $ref: '#/components/schemas/ExperimentTemplateActionItemStartAfter' + ExperimentTemplateAction: + type: object + description: Specifies an action for the experiment template. + additionalProperties: false + properties: + ActionId: + $ref: '#/components/schemas/ActionId' + Description: + $ref: '#/components/schemas/ExperimentTemplateActionItemDescription' + Parameters: + type: object + description: The parameters for the action, if applicable. + x-patternProperties: + .{1,64}: + $ref: '#/components/schemas/ExperimentTemplateActionItemParameter' + additionalProperties: false + Targets: + type: object + description: One or more targets for the action. + x-patternProperties: + .{1,64}: + $ref: '#/components/schemas/ExperimentTemplateActionItemTarget' + additionalProperties: false + StartAfter: + $ref: '#/components/schemas/ExperimentTemplateActionItemStartAfterList' + required: + - ActionId + ExperimentTemplateActionMap: + type: object + description: The actions for the experiment. + x-patternProperties: + '[\S]{1,64}': + $ref: '#/components/schemas/ExperimentTemplateAction' + additionalProperties: false + ExperimentTemplateLogConfiguration: + type: object + additionalProperties: false + properties: + CloudWatchLogsConfiguration: + type: object + additionalProperties: false + properties: + LogGroupArn: + type: string + minLength: 20 + maxLength: 2048 + required: + - LogGroupArn + S3Configuration: + type: object + additionalProperties: false + properties: + BucketName: + type: string + minLength: 3 + maxLength: 63 + Prefix: + type: string + minLength: 1 + maxLength: 1024 + required: + - BucketName + LogSchemaVersion: + type: integer + minimum: 1 + required: + - LogSchemaVersion + ExperimentTemplateExperimentOptions: + type: object + additionalProperties: false + properties: + AccountTargeting: + type: string + description: The account targeting setting for the experiment template. + enum: + - multi-account + - single-account + EmptyTargetResolutionMode: + type: string + description: The target resolution failure mode for the experiment template. + enum: + - fail + - skip + RoleArn: + type: string + description: The Amazon Resource Name (ARN) of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf. + maxLength: 1224 + ExperimentTemplate: + type: object + properties: + Id: + $ref: '#/components/schemas/ExperimentTemplateId' + Description: + $ref: '#/components/schemas/ExperimentTemplateDescription' + Targets: + $ref: '#/components/schemas/ExperimentTemplateTargetMap' + Actions: + $ref: '#/components/schemas/ExperimentTemplateActionMap' + StopConditions: + $ref: '#/components/schemas/ExperimentTemplateStopConditionList' + LogConfiguration: + $ref: '#/components/schemas/ExperimentTemplateLogConfiguration' + RoleArn: + $ref: '#/components/schemas/RoleArn' + Tags: + type: object + x-patternProperties: + .{1,128}: + type: string + maxLength: 256 + additionalProperties: false + ExperimentOptions: + $ref: '#/components/schemas/ExperimentTemplateExperimentOptions' + required: + - Description + - StopConditions + - Targets + - RoleArn + - Tags + x-stackql-resource-name: experiment_template + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Tags + - ExperimentOptions/properties/AccountTargeting + x-read-only-properties: + - Id + x-required-permissions: + create: + - fis:CreateExperimentTemplate + - fis:TagResource + - iam:PassRole + read: + - fis:GetExperimentTemplate + - fis:ListTagsForResource + update: + - fis:UpdateExperimentTemplate + - fis:TagResource + - fis:UntagResource + - iam:PassRole + delete: + - fis:DeleteExperimentTemplate + list: + - fis:ListExperimentTemplates + - fis:ListTagsForResource + TargetExperimentTemplateId: + type: string + description: The ID of the experiment template. + TargetAccountId: + type: string + description: The AWS account ID of the target account. + maxLength: 512 + TargetAccountRoleArn: + type: string + description: The Amazon Resource Name (ARN) of an IAM role for the target account. + maxLength: 1224 + TargetAccountConfigurationDescription: + type: string + description: The description of the target account. + maxLength: 512 + TargetAccountConfiguration: + type: object + properties: + ExperimentTemplateId: + $ref: '#/components/schemas/TargetExperimentTemplateId' + AccountId: + $ref: '#/components/schemas/TargetAccountId' + RoleArn: + $ref: '#/components/schemas/TargetAccountRoleArn' + Description: + $ref: '#/components/schemas/TargetAccountConfigurationDescription' + required: + - ExperimentTemplateId + - AccountId + - RoleArn + x-stackql-resource-name: target_account_configuration + x-stackql-primaryIdentifier: + - ExperimentTemplateId + - AccountId + x-create-only-properties: + - ExperimentTemplateId + - AccountId + x-required-permissions: + create: + - fis:CreateTargetAccountConfiguration + read: + - fis:GetTargetAccountConfiguration + update: + - fis:UpdateTargetAccountConfiguration + delete: + - fis:DeleteTargetAccountConfiguration + list: + - fis:ListTargetAccountConfigurations + x-stackQL-resources: + experiment_templates: + name: experiment_templates + id: awscc.fis.experiment_templates + x-cfn-schema-name: ExperimentTemplate + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FIS::ExperimentTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FIS::ExperimentTemplate' + AND region = 'us-east-1' + experiment_template: + name: experiment_template + id: awscc.fis.experiment_template + x-cfn-schema-name: ExperimentTemplate + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Targets') as targets, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.StopConditions') as stop_conditions, + JSON_EXTRACT(Properties, '$.LogConfiguration') as log_configuration, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ExperimentOptions') as experiment_options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FIS::ExperimentTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Targets') as targets, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'StopConditions') as stop_conditions, + json_extract_path_text(Properties, 'LogConfiguration') as log_configuration, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ExperimentOptions') as experiment_options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FIS::ExperimentTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + target_account_configurations: + name: target_account_configurations + id: awscc.fis.target_account_configurations + x-cfn-schema-name: TargetAccountConfiguration + x-type: list + x-identifiers: + - ExperimentTemplateId + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ExperimentTemplateId') as experiment_template_id, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FIS::TargetAccountConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ExperimentTemplateId') as experiment_template_id, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FIS::TargetAccountConfiguration' + AND region = 'us-east-1' + target_account_configuration: + name: target_account_configuration + id: awscc.fis.target_account_configuration + x-cfn-schema-name: TargetAccountConfiguration + x-type: get + x-identifiers: + - ExperimentTemplateId + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ExperimentTemplateId') as experiment_template_id, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FIS::TargetAccountConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ExperimentTemplateId') as experiment_template_id, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FIS::TargetAccountConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/fms.yaml b/providers/src/awscc/v00.00.00000/services/fms.yaml new file mode 100644 index 00000000..1725058e --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/fms.yaml @@ -0,0 +1,572 @@ +openapi: 3.0.0 +info: + title: FMS + version: 1.0.0 +paths: {} +components: + schemas: + ResourceArn: + description: A resource ARN. + type: string + pattern: ^([^\s]*)$ + minLength: 1 + maxLength: 1024 + NotificationChannel: + type: object + properties: + SnsRoleName: + $ref: '#/components/schemas/ResourceArn' + SnsTopicArn: + $ref: '#/components/schemas/ResourceArn' + required: + - SnsRoleName + - SnsTopicArn + x-stackql-resource-name: notification_channel + x-stackql-primaryIdentifier: + - SnsTopicArn + x-required-permissions: + create: + - fms:PutNotificationChannel + - iam:PassRole + update: + - fms:PutNotificationChannel + - iam:PassRole + read: + - fms:GetNotificationChannel + delete: + - fms:DeleteNotificationChannel + list: + - fms:GetNotificationChannel + AccountId: + description: An AWS account ID. + type: string + pattern: ^([0-9]*)$ + minLength: 12 + maxLength: 12 + Base62Id: + description: A Base62 ID + type: string + pattern: ^([a-z0-9A-Z]*)$ + minLength: 22 + maxLength: 22 + OrganizationalUnitId: + description: An Organizational Unit ID. + type: string + pattern: ^(ou-[0-9a-z]{4,32}-[a-z0-9]{8,32})$ + minLength: 16 + maxLength: 68 + IEMap: + description: An FMS includeMap or excludeMap. + type: object + properties: + ACCOUNT: + type: array + items: + $ref: '#/components/schemas/AccountId' + x-insertionOrder: true + ORGUNIT: + type: array + items: + $ref: '#/components/schemas/OrganizationalUnitId' + x-insertionOrder: true + additionalProperties: false + PolicyTag: + description: A policy tag. + type: object + properties: + Key: + type: string + pattern: ^([^\s]*)$ + minLength: 1 + maxLength: 128 + Value: + type: string + pattern: ^([^\s]*)$ + maxLength: 256 + additionalProperties: false + required: + - Key + - Value + ResourceTag: + description: A resource tag. + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + maxLength: 256 + additionalProperties: false + required: + - Key + ResourceType: + description: An AWS resource type + type: string + pattern: ^([^\s]*)$ + minLength: 1 + maxLength: 128 + SecurityServicePolicyData: + description: Firewall security service policy data. + type: object + properties: + ManagedServiceData: + $ref: '#/components/schemas/ManagedServiceData' + Type: + $ref: '#/components/schemas/PolicyType' + PolicyOption: + $ref: '#/components/schemas/PolicyOption' + additionalProperties: false + required: + - Type + FirewallDeploymentModel: + description: Firewall deployment mode. + type: string + enum: + - DISTRIBUTED + - CENTRALIZED + ManagedServiceData: + description: Firewall managed service data. + type: string + minLength: 1 + maxLength: 8192 + PolicyType: + description: Firewall policy type. + type: string + enum: + - WAF + - WAFV2 + - SHIELD_ADVANCED + - SECURITY_GROUPS_COMMON + - SECURITY_GROUPS_CONTENT_AUDIT + - SECURITY_GROUPS_USAGE_AUDIT + - NETWORK_FIREWALL + - THIRD_PARTY_FIREWALL + - DNS_FIREWALL + - IMPORT_NETWORK_FIREWALL + NetworkFirewallPolicy: + description: Network firewall policy. + type: object + properties: + FirewallDeploymentModel: + $ref: '#/components/schemas/FirewallDeploymentModel' + additionalProperties: false + required: + - FirewallDeploymentModel + ThirdPartyFirewallPolicy: + description: Third party firewall policy. + type: object + properties: + FirewallDeploymentModel: + $ref: '#/components/schemas/FirewallDeploymentModel' + additionalProperties: false + required: + - FirewallDeploymentModel + PolicyOption: + description: Firewall policy option. + type: object + properties: + NetworkFirewallPolicy: + $ref: '#/components/schemas/NetworkFirewallPolicy' + ThirdPartyFirewallPolicy: + $ref: '#/components/schemas/ThirdPartyFirewallPolicy' + additionalProperties: false + oneOf: + - required: + - NetworkFirewallPolicy + - required: + - ThirdPartyFirewallPolicy + Policy: + type: object + properties: + ExcludeMap: + $ref: '#/components/schemas/IEMap' + ExcludeResourceTags: + type: boolean + IncludeMap: + $ref: '#/components/schemas/IEMap' + Id: + type: string + pattern: ^[a-z0-9A-Z-]{36}$ + minLength: 36 + maxLength: 36 + PolicyName: + type: string + pattern: ^([a-zA-Z0-9_.:/=+\-@\s]+)$ + minLength: 1 + maxLength: 1024 + PolicyDescription: + type: string + pattern: ^([a-zA-Z0-9_.:/=+\-@\s]+)$ + maxLength: 256 + RemediationEnabled: + type: boolean + ResourceTags: + type: array + items: + $ref: '#/components/schemas/ResourceTag' + maxItems: 8 + x-insertionOrder: true + ResourceType: + $ref: '#/components/schemas/ResourceType' + ResourceTypeList: + type: array + items: + $ref: '#/components/schemas/ResourceType' + x-insertionOrder: true + ResourceSetIds: + type: array + items: + $ref: '#/components/schemas/Base62Id' + x-insertionOrder: true + uniqueItems: true + SecurityServicePolicyData: + $ref: '#/components/schemas/SecurityServicePolicyData' + Arn: + $ref: '#/components/schemas/ResourceArn' + DeleteAllPolicyResources: + type: boolean + ResourcesCleanUp: + type: boolean + Tags: + type: array + items: + $ref: '#/components/schemas/PolicyTag' + x-insertionOrder: true + required: + - ExcludeResourceTags + - PolicyName + - RemediationEnabled + - SecurityServicePolicyData + x-stackql-resource-name: policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - fms:PutPolicy + - fms:TagResource + - waf-regional:ListRuleGroups + - wafv2:CheckCapacity + - wafv2:ListRuleGroups + - wafv2:ListAvailableManagedRuleGroups + - wafv2:ListAvailableManagedRuleGroupVersions + - network-firewall:DescribeRuleGroup + - network-firewall:DescribeRuleGroupMetadata + - route53resolver:ListFirewallRuleGroups + - ec2:DescribeAvailabilityZones + - s3:PutBucketPolicy + - s3:GetBucketPolicy + update: + - fms:PutPolicy + - fms:GetPolicy + - fms:TagResource + - fms:UntagResource + - fms:ListTagsForResource + - waf-regional:ListRuleGroups + - wafv2:CheckCapacity + - wafv2:ListRuleGroups + - wafv2:ListAvailableManagedRuleGroups + - wafv2:ListAvailableManagedRuleGroupVersions + - network-firewall:DescribeRuleGroup + - network-firewall:DescribeRuleGroupMetadata + - route53resolver:ListFirewallRuleGroups + - ec2:DescribeAvailabilityZones + - s3:PutBucketPolicy + - s3:GetBucketPolicy + read: + - fms:GetPolicy + - fms:ListTagsForResource + delete: + - fms:DeletePolicy + list: + - fms:ListPolicies + - fms:ListTagsForResource + Tag: + description: A tag. + type: object + properties: + Key: + type: string + pattern: ^([^\s]*)$ + minLength: 1 + maxLength: 128 + Value: + type: string + pattern: ^([^\s]*)$ + maxLength: 256 + additionalProperties: false + required: + - Key + - Value + Resource: + description: A resource ARN or URI. + type: string + pattern: ^([^\s]*)$ + minLength: 1 + maxLength: 1024 + ResourceSet: + type: object + properties: + Id: + $ref: '#/components/schemas/Base62Id' + Name: + type: string + pattern: ^([a-zA-Z0-9_.:/=+\-@\s]+)$ + minLength: 1 + maxLength: 128 + Description: + type: string + pattern: ^([a-zA-Z0-9_.:/=+\-@\s]*)$ + maxLength: 256 + ResourceTypeList: + type: array + items: + $ref: '#/components/schemas/ResourceType' + x-insertionOrder: true + uniqueItems: true + Resources: + type: array + items: + $ref: '#/components/schemas/Resource' + x-insertionOrder: false + uniqueItems: true + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: true + uniqueItems: true + required: + - Name + - ResourceTypeList + x-stackql-resource-name: resource_set + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - fms:PutResourceSet + - fms:BatchAssociateResource + - fms:ListResourceSetResources + - fms:TagResource + update: + - fms:PutResourceSet + - fms:BatchAssociateResource + - fms:BatchDisassociateResource + - fms:GetResourceSet + - fms:ListResourceSetResources + - fms:TagResource + - fms:UntagResource + - fms:ListTagsForResource + read: + - fms:GetResourceSet + - fms:ListResourceSetResources + - fms:ListTagsForResource + delete: + - fms:DeleteResourceSet + list: + - fms:ListResourceSets + x-stackQL-resources: + notification_channels: + name: notification_channels + id: awscc.fms.notification_channels + x-cfn-schema-name: NotificationChannel + x-type: list + x-identifiers: + - SnsTopicArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SnsTopicArn') as sns_topic_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FMS::NotificationChannel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SnsTopicArn') as sns_topic_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FMS::NotificationChannel' + AND region = 'us-east-1' + notification_channel: + name: notification_channel + id: awscc.fms.notification_channel + x-cfn-schema-name: NotificationChannel + x-type: get + x-identifiers: + - SnsTopicArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SnsRoleName') as sns_role_name, + JSON_EXTRACT(Properties, '$.SnsTopicArn') as sns_topic_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FMS::NotificationChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SnsRoleName') as sns_role_name, + json_extract_path_text(Properties, 'SnsTopicArn') as sns_topic_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FMS::NotificationChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + policies: + name: policies + id: awscc.fms.policies + x-cfn-schema-name: Policy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FMS::Policy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FMS::Policy' + AND region = 'us-east-1' + policy: + name: policy + id: awscc.fms.policy + x-cfn-schema-name: Policy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ExcludeMap') as exclude_map, + JSON_EXTRACT(Properties, '$.ExcludeResourceTags') as exclude_resource_tags, + JSON_EXTRACT(Properties, '$.IncludeMap') as include_map, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.PolicyDescription') as policy_description, + JSON_EXTRACT(Properties, '$.RemediationEnabled') as remediation_enabled, + JSON_EXTRACT(Properties, '$.ResourceTags') as resource_tags, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type, + JSON_EXTRACT(Properties, '$.ResourceTypeList') as resource_type_list, + JSON_EXTRACT(Properties, '$.ResourceSetIds') as resource_set_ids, + JSON_EXTRACT(Properties, '$.SecurityServicePolicyData') as security_service_policy_data, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DeleteAllPolicyResources') as delete_all_policy_resources, + JSON_EXTRACT(Properties, '$.ResourcesCleanUp') as resources_clean_up, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FMS::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ExcludeMap') as exclude_map, + json_extract_path_text(Properties, 'ExcludeResourceTags') as exclude_resource_tags, + json_extract_path_text(Properties, 'IncludeMap') as include_map, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'PolicyDescription') as policy_description, + json_extract_path_text(Properties, 'RemediationEnabled') as remediation_enabled, + json_extract_path_text(Properties, 'ResourceTags') as resource_tags, + json_extract_path_text(Properties, 'ResourceType') as resource_type, + json_extract_path_text(Properties, 'ResourceTypeList') as resource_type_list, + json_extract_path_text(Properties, 'ResourceSetIds') as resource_set_ids, + json_extract_path_text(Properties, 'SecurityServicePolicyData') as security_service_policy_data, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DeleteAllPolicyResources') as delete_all_policy_resources, + json_extract_path_text(Properties, 'ResourcesCleanUp') as resources_clean_up, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FMS::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_sets: + name: resource_sets + id: awscc.fms.resource_sets + x-cfn-schema-name: ResourceSet + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FMS::ResourceSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FMS::ResourceSet' + AND region = 'us-east-1' + resource_set: + name: resource_set + id: awscc.fms.resource_set + x-cfn-schema-name: ResourceSet + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ResourceTypeList') as resource_type_list, + JSON_EXTRACT(Properties, '$.Resources') as resources, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FMS::ResourceSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ResourceTypeList') as resource_type_list, + json_extract_path_text(Properties, 'Resources') as resources, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FMS::ResourceSet' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/forecast.yaml b/providers/src/awscc/v00.00.00000/services/forecast.yaml new file mode 100644 index 00000000..41f81867 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/forecast.yaml @@ -0,0 +1,355 @@ +openapi: 3.0.0 +info: + title: Forecast + version: 1.0.0 +paths: {} +components: + schemas: + Attributes: + type: array + x-insertionOrder: true + items: + type: object + additionalProperties: false + properties: + AttributeName: + description: Name of the dataset field + type: string + pattern: ^[a-zA-Z][a-zA-Z0-9_]* + AttributeType: + description: Data type of the field + type: string + enum: + - string + - integer + - float + - timestamp + - geolocation + minItems: 1 + maxItems: 100 + KmsKeyArn: + description: KMS key used to encrypt the Dataset data + type: string + maxLength: 256 + pattern: arn:aws[-a-z]*:kms:.*:key/.* + RoleArn: + description: The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key. + type: string + maxLength: 256 + pattern: ^[a-zA-Z0-9\-\_\.\/\:]+$ + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + Dataset: + type: object + properties: + Arn: + type: string + maxLength: 256 + pattern: ^[a-zA-Z0-9\-\_\.\/\:]+$ + DatasetName: + description: A name for the dataset + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z][a-zA-Z0-9_]* + DatasetType: + description: The dataset type + type: string + enum: + - TARGET_TIME_SERIES + - RELATED_TIME_SERIES + - ITEM_METADATA + DataFrequency: + description: Frequency of data collection. This parameter is required for RELATED_TIME_SERIES + type: string + pattern: ^Y|M|W|D|H|30min|15min|10min|5min|1min$ + Domain: + description: The domain associated with the dataset + type: string + enum: + - RETAIL + - CUSTOM + - INVENTORY_PLANNING + - EC2_CAPACITY + - WORK_FORCE + - WEB_TRAFFIC + - METRICS + EncryptionConfig: + type: object + additionalProperties: false + properties: + KmsKeyArn: + $ref: '#/components/schemas/KmsKeyArn' + RoleArn: + $ref: '#/components/schemas/RoleArn' + Schema: + type: object + additionalProperties: false + properties: + Attributes: + $ref: '#/components/schemas/Attributes' + Tags: + type: array + x-insertionOrder: true + items: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + $ref: '#/components/schemas/Key' + Value: + $ref: '#/components/schemas/Value' + required: + - Key + - Value + additionalProperties: false + minItems: 0 + maxItems: 200 + required: + - DatasetName + - DatasetType + - Domain + - Schema + x-stackql-resource-name: dataset + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - DatasetName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - forecast:CreateDataset + read: + - forecast:DescribeDataset + delete: + - forecast:DeleteDataset + list: + - forecast:ListDatasets + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Arn: + type: string + maxLength: 256 + pattern: ^[a-zA-Z0-9\-\_\.\/\:]+$ + MaxResults: + description: The number of items to return in the response. + type: integer + minimum: 1 + maximum: 100 + NextToken: + description: If the result of the previous request was truncated, the response includes a NextToken. To retrieve the next set of results, use the token in the next request. Tokens expire after 24 hours. + type: string + minLength: 1 + maxLength: 3000 + DatasetGroup: + type: object + properties: + DatasetArns: + description: An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group. + type: array + items: + $ref: '#/components/schemas/Arn' + x-insertionOrder: true + DatasetGroupName: + description: A name for the dataset group. + type: string + pattern: ^[a-zA-Z][a-zA-Z0-9_]* + minLength: 1 + maxLength: 63 + Domain: + description: The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the Domain parameter of the CreateDataset operation must match. + type: string + enum: + - RETAIL + - CUSTOM + - INVENTORY_PLANNING + - EC2_CAPACITY + - WORK_FORCE + - WEB_TRAFFIC + - METRICS + Tags: + description: The tags of Application Insights application. + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 200 + x-insertionOrder: true + DatasetGroupArn: + description: The Amazon Resource Name (ARN) of the dataset group to delete. + type: string + maxLength: 256 + pattern: ^[a-zA-Z0-9\-\_\.\/\:]+$ + required: + - DatasetGroupName + - Domain + x-stackql-resource-name: dataset_group + x-stackql-primaryIdentifier: + - DatasetGroupArn + x-create-only-properties: + - DatasetGroupName + x-read-only-properties: + - DatasetGroupArn + x-required-permissions: + create: + - forecast:CreateDatasetGroup + read: + - forecast:DescribeDatasetGroup + update: + - forecast:UpdateDatasetGroup + delete: + - forecast:DeleteDatasetGroup + list: + - forecast:ListDatasetGroups + x-stackQL-resources: + datasets: + name: datasets + id: awscc.forecast.datasets + x-cfn-schema-name: Dataset + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Forecast::Dataset' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Forecast::Dataset' + AND region = 'us-east-1' + dataset: + name: dataset + id: awscc.forecast.dataset + x-cfn-schema-name: Dataset + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DatasetName') as dataset_name, + JSON_EXTRACT(Properties, '$.DatasetType') as dataset_type, + JSON_EXTRACT(Properties, '$.DataFrequency') as data_frequency, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.EncryptionConfig') as encryption_config, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Forecast::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DatasetName') as dataset_name, + json_extract_path_text(Properties, 'DatasetType') as dataset_type, + json_extract_path_text(Properties, 'DataFrequency') as data_frequency, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'EncryptionConfig') as encryption_config, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Forecast::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + dataset_groups: + name: dataset_groups + id: awscc.forecast.dataset_groups + x-cfn-schema-name: DatasetGroup + x-type: list + x-identifiers: + - DatasetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetGroupArn') as dataset_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Forecast::DatasetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetGroupArn') as dataset_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Forecast::DatasetGroup' + AND region = 'us-east-1' + dataset_group: + name: dataset_group + id: awscc.forecast.dataset_group + x-cfn-schema-name: DatasetGroup + x-type: get + x-identifiers: + - DatasetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetArns') as dataset_arns, + JSON_EXTRACT(Properties, '$.DatasetGroupName') as dataset_group_name, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.DatasetGroupArn') as dataset_group_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Forecast::DatasetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetArns') as dataset_arns, + json_extract_path_text(Properties, 'DatasetGroupName') as dataset_group_name, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'DatasetGroupArn') as dataset_group_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Forecast::DatasetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/frauddetector.yaml b/providers/src/awscc/v00.00.00000/services/frauddetector.yaml new file mode 100644 index 00000000..60d269a8 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/frauddetector.yaml @@ -0,0 +1,1244 @@ +openapi: 3.0.0 +info: + title: FraudDetector + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + EventVariable: + type: object + properties: + Arn: + type: string + Inline: + type: boolean + Name: + type: string + DataSource: + type: string + enum: + - EVENT + DataType: + type: string + enum: + - STRING + - INTEGER + - FLOAT + - BOOLEAN + DefaultValue: + type: string + VariableType: + type: string + enum: + - AUTH_CODE + - AVS + - BILLING_ADDRESS_L1 + - BILLING_ADDRESS_L2 + - BILLING_CITY + - BILLING_COUNTRY + - BILLING_NAME + - BILLING_PHONE + - BILLING_STATE + - BILLING_ZIP + - CARD_BIN + - CATEGORICAL + - CURRENCY_CODE + - EMAIL_ADDRESS + - FINGERPRINT + - FRAUD_LABEL + - FREE_FORM_TEXT + - IP_ADDRESS + - NUMERIC + - ORDER_ID + - PAYMENT_TYPE + - PHONE_NUMBER + - PRICE + - PRODUCT_CATEGORY + - SHIPPING_ADDRESS_L1 + - SHIPPING_ADDRESS_L2 + - SHIPPING_CITY + - SHIPPING_COUNTRY + - SHIPPING_NAME + - SHIPPING_PHONE + - SHIPPING_STATE + - SHIPPING_ZIP + - USERAGENT + Description: + description: The description. + type: string + minLength: 1 + maxLength: 256 + Tags: + description: Tags associated with this event type. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + CreatedTime: + description: The time when the event type was created. + type: string + LastUpdatedTime: + description: The time when the event type was last updated. + type: string + additionalProperties: false + Label: + type: object + properties: + Name: + description: The name of the label. + type: string + pattern: ^[0-9a-z_-]+$ + minLength: 1 + maxLength: 64 + Tags: + description: Tags associated with this label. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + Description: + description: The label description. + type: string + minLength: 1 + maxLength: 128 + Arn: + description: The label ARN. + type: string + CreatedTime: + description: The timestamp when the label was created. + type: string + LastUpdatedTime: + description: The timestamp when the label was last updated. + type: string + required: + - Name + x-stackql-resource-name: label + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + x-required-permissions: + create: + - frauddetector:GetLabels + - frauddetector:PutLabel + - frauddetector:ListTagsForResource + - frauddetector:TagResource + read: + - frauddetector:GetLabels + - frauddetector:ListTagsForResource + update: + - frauddetector:GetLabels + - frauddetector:PutLabel + - frauddetector:ListTagsForResource + - frauddetector:TagResource + - frauddetector:UntagResource + delete: + - frauddetector:GetLabels + - frauddetector:DeleteLabel + list: + - frauddetector:GetLabels + - frauddetector:ListTagsForResource + Outcome: + type: object + properties: + Name: + description: The name of the outcome. + type: string + pattern: ^[0-9a-z_-]+$ + minLength: 1 + maxLength: 64 + Tags: + description: Tags associated with this outcome. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + Description: + description: The outcome description. + type: string + minLength: 1 + maxLength: 128 + Arn: + description: The outcome ARN. + type: string + CreatedTime: + description: The timestamp when the outcome was created. + type: string + LastUpdatedTime: + description: The timestamp when the outcome was last updated. + type: string + required: + - Name + x-stackql-resource-name: outcome + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + x-required-permissions: + create: + - frauddetector:GetOutcomes + - frauddetector:PutOutcome + - frauddetector:ListTagsForResource + - frauddetector:TagResource + read: + - frauddetector:GetOutcomes + - frauddetector:ListTagsForResource + update: + - frauddetector:GetOutcomes + - frauddetector:PutOutcome + - frauddetector:ListTagsForResource + - frauddetector:TagResource + - frauddetector:UntagResource + delete: + - frauddetector:GetOutcomes + - frauddetector:DeleteOutcome + list: + - frauddetector:GetOutcomes + - frauddetector:ListTagsForResource + Rule: + type: object + properties: + RuleId: + type: string + RuleVersion: + type: string + DetectorId: + type: string + Expression: + type: string + Language: + type: string + enum: + - DETECTORPL + Outcomes: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/Outcome' + Arn: + type: string + Description: + description: The description. + type: string + minLength: 1 + maxLength: 256 + Tags: + description: Tags associated with this event type. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + CreatedTime: + description: The time when the event type was created. + type: string + LastUpdatedTime: + description: The time when the event type was last updated. + type: string + additionalProperties: false + EntityType: + type: object + properties: + Arn: + type: string + Inline: + type: boolean + Name: + type: string + Description: + description: The description. + type: string + minLength: 1 + maxLength: 256 + Tags: + description: Tags associated with this event type. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + CreatedTime: + description: The time when the event type was created. + type: string + LastUpdatedTime: + description: The time when the event type was last updated. + type: string + additionalProperties: false + EventType: + type: object + properties: + Name: + description: The name for the event type + type: string + pattern: ^[0-9a-z_-]+$ + minLength: 1 + maxLength: 64 + Tags: + description: Tags associated with this event type. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + Description: + description: The description of the event type. + type: string + minLength: 1 + maxLength: 128 + EventVariables: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/EventVariable' + Labels: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 2 + items: + $ref: '#/components/schemas/Label' + EntityTypes: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/EntityType' + Arn: + description: The ARN of the event type. + type: string + CreatedTime: + description: The time when the event type was created. + type: string + LastUpdatedTime: + description: The time when the event type was last updated. + type: string + required: + - EntityTypes + - EventVariables + - Labels + - Name + x-stackql-resource-name: event_type + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + - EventVariables/*/Arn + - EventVariables/*/CreatedTime + - EventVariables/*/LastUpdatedTime + - Labels/*/Arn + - Labels/*/CreatedTime + - Labels/*/LastUpdatedTime + - EntityTypes/*/Arn + - EntityTypes/*/CreatedTime + - EntityTypes/*/LastUpdatedTime + x-required-permissions: + create: + - frauddetector:BatchCreateVariable + - frauddetector:BatchGetVariable + - frauddetector:CreateVariable + - frauddetector:GetVariables + - frauddetector:PutLabel + - frauddetector:PutEntityType + - frauddetector:PutEventType + - frauddetector:GetEventTypes + - frauddetector:GetLabels + - frauddetector:GetEntityTypes + - frauddetector:ListTagsForResource + - frauddetector:TagResource + update: + - frauddetector:BatchCreateVariable + - frauddetector:BatchGetVariable + - frauddetector:CreateVariable + - frauddetector:UpdateVariable + - frauddetector:GetVariables + - frauddetector:PutLabel + - frauddetector:PutEntityType + - frauddetector:PutEventType + - frauddetector:GetEventTypes + - frauddetector:GetLabels + - frauddetector:GetEntityTypes + - frauddetector:DeleteEventType + - frauddetector:DeleteVariable + - frauddetector:DeleteLabel + - frauddetector:DeleteEntityType + - frauddetector:ListTagsForResource + - frauddetector:TagResource + - frauddetector:UntagResource + delete: + - frauddetector:BatchGetVariable + - frauddetector:GetVariables + - frauddetector:GetEventTypes + - frauddetector:GetLabels + - frauddetector:GetEntityTypes + - frauddetector:DeleteEventType + - frauddetector:DeleteVariable + - frauddetector:DeleteLabel + - frauddetector:DeleteEntityType + - frauddetector:ListTagsForResource + read: + - frauddetector:BatchGetVariable + - frauddetector:GetVariables + - frauddetector:GetEventTypes + - frauddetector:GetLabels + - frauddetector:GetEntityTypes + - frauddetector:ListTagsForResource + list: + - frauddetector:BatchGetVariable + - frauddetector:GetVariables + - frauddetector:GetEventTypes + - frauddetector:GetLabels + - frauddetector:GetEntityTypes + - frauddetector:ListTagsForResource + Model: + description: A model to associate with a detector. + type: object + properties: + Arn: + type: string + additionalProperties: false + Detector: + type: object + properties: + DetectorId: + description: The ID of the detector + type: string + pattern: ^[0-9a-z_-]+$ + minLength: 1 + maxLength: 64 + DetectorVersionStatus: + description: The desired detector version status for the detector + type: string + enum: + - DRAFT + - ACTIVE + DetectorVersionId: + description: The active version ID of the detector + type: string + RuleExecutionMode: + type: string + enum: + - FIRST_MATCHED + - ALL_MATCHED + Tags: + description: Tags associated with this detector. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + Description: + description: The description of the detector. + type: string + minLength: 1 + maxLength: 128 + Rules: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/Rule' + EventType: + description: The event type to associate this detector with. + $ref: '#/components/schemas/EventType' + Arn: + description: The ARN of the detector. + type: string + CreatedTime: + description: The time when the detector was created. + type: string + LastUpdatedTime: + description: The time when the detector was last updated. + type: string + AssociatedModels: + description: The models to associate with this detector. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 10 + items: + $ref: '#/components/schemas/Model' + required: + - DetectorId + - EventType + - Rules + x-stackql-resource-name: detector + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - DetectorId + x-read-only-properties: + - Arn + - DetectorVersionId + - CreatedTime + - LastUpdatedTime + - Rules/*/RuleVersion + - Rules/*/Arn + - Rules/*/CreatedTime + - Rules/*/LastUpdatedTime + - Rules/*/Outcomes/*/Arn + - Rules/*/Outcomes/*/CreatedTime + - Rules/*/Outcomes/*/LastUpdatedTime + - EventType/Arn + - EventType/CreatedTime + - EventType/LastUpdatedTime + - EventType/EventVariables/*/Arn + - EventType/EventVariables/*/CreatedTime + - EventType/EventVariables/*/LastUpdatedTime + - EventType/Labels/*/Arn + - EventType/Labels/*/CreatedTime + - EventType/Labels/*/LastUpdatedTime + - EventType/EntityTypes/*/Arn + - EventType/EntityTypes/*/CreatedTime + - EventType/EntityTypes/*/LastUpdatedTime + - AssociatedModels/*/Arn + x-required-permissions: + create: + - frauddetector:PutDetector + - frauddetector:CreateDetectorVersion + - frauddetector:UpdateDetectorVersionStatus + - frauddetector:CreateRule + - frauddetector:CreateVariable + - frauddetector:PutLabel + - frauddetector:PutOutcome + - frauddetector:PutEntityType + - frauddetector:PutEventType + - frauddetector:DescribeDetector + - frauddetector:GetDetectors + - frauddetector:GetDetectorVersion + - frauddetector:GetRules + - frauddetector:GetVariables + - frauddetector:GetEventTypes + - frauddetector:GetExternalModels + - frauddetector:GetModelVersion + - frauddetector:GetLabels + - frauddetector:GetOutcomes + - frauddetector:GetEntityTypes + - frauddetector:ListTagsForResource + update: + - frauddetector:GetDetectors + - frauddetector:GetDetectorVersion + - frauddetector:PutDetector + - frauddetector:UpdateDetectorVersion + - frauddetector:UpdateDetectorVersionStatus + - frauddetector:UpdateDetectorVersionMetadata + - frauddetector:UpdateRuleVersion + - frauddetector:UpdateRuleMetadata + - frauddetector:CreateRule + - frauddetector:CreateVariable + - frauddetector:UpdateVariable + - frauddetector:GetVariables + - frauddetector:PutLabel + - frauddetector:PutOutcome + - frauddetector:PutEntityType + - frauddetector:PutEventType + - frauddetector:GetRules + - frauddetector:GetEventTypes + - frauddetector:GetLabels + - frauddetector:GetOutcomes + - frauddetector:GetEntityTypes + - frauddetector:GetExternalModels + - frauddetector:GetModelVersion + - frauddetector:DeleteEventType + - frauddetector:DeleteVariable + - frauddetector:DeleteLabel + - frauddetector:DeleteEntityType + - frauddetector:ListTagsForResource + - frauddetector:TagResource + - frauddetector:UntagResource + delete: + - frauddetector:GetDetectors + - frauddetector:GetDetectorVersion + - frauddetector:DescribeDetector + - frauddetector:GetRules + - frauddetector:GetVariables + - frauddetector:GetEventTypes + - frauddetector:GetLabels + - frauddetector:GetOutcomes + - frauddetector:GetEntityTypes + - frauddetector:DeleteDetector + - frauddetector:DeleteDetectorVersion + - frauddetector:DeleteRule + - frauddetector:DeleteEventType + - frauddetector:DeleteVariable + - frauddetector:DeleteLabel + - frauddetector:DeleteOutcome + - frauddetector:DeleteEntityType + - frauddetector:ListTagsForResource + read: + - frauddetector:GetDetectors + - frauddetector:GetDetectorVersion + - frauddetector:DescribeDetector + - frauddetector:GetRules + - frauddetector:GetVariables + - frauddetector:GetEventTypes + - frauddetector:GetExternalModels + - frauddetector:GetModelVersion + - frauddetector:GetLabels + - frauddetector:GetOutcomes + - frauddetector:GetEntityTypes + - frauddetector:ListTagsForResource + list: + - frauddetector:GetDetectors + - frauddetector:GetDetectorVersion + - frauddetector:DescribeDetector + - frauddetector:GetRules + - frauddetector:GetVariables + - frauddetector:GetEventTypes + - frauddetector:GetExternalModels + - frauddetector:GetModelVersion + - frauddetector:GetLabels + - frauddetector:GetOutcomes + - frauddetector:GetEntityTypes + - frauddetector:ListTagsForResource + Element: + description: An element in a list. + type: string + pattern: ^\S+( +\S+)*$ + minLength: 1 + maxLength: 64 + List: + type: object + properties: + Arn: + description: The list ARN. + type: string + Name: + description: The name of the list. + type: string + pattern: ^[0-9a-z_]+$ + minLength: 1 + maxLength: 64 + Description: + description: The description of the list. + type: string + minLength: 1 + maxLength: 128 + VariableType: + description: The variable type of the list. + type: string + pattern: ^[A-Z_]{1,64}$ + minLength: 1 + maxLength: 64 + CreatedTime: + description: The time when the list was created. + type: string + LastUpdatedTime: + description: The time when the list was last updated. + type: string + Tags: + description: Tags associated with this list. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + Elements: + description: The elements in this list. + type: array + x-insertionOrder: false + minItems: 0 + maxItems: 100000 + items: + $ref: '#/components/schemas/Element' + required: + - Name + x-stackql-resource-name: list + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + x-required-permissions: + create: + - frauddetector:CreateList + - frauddetector:GetListElements + - frauddetector:GetListsMetadata + - frauddetector:ListTagsForResource + - frauddetector:TagResource + - frauddetector:UpdateList + read: + - frauddetector:GetListElements + - frauddetector:GetListsMetadata + - frauddetector:ListTagsForResource + update: + - frauddetector:GetListElements + - frauddetector:GetListsMetadata + - frauddetector:ListTagsForResource + - frauddetector:UntagResource + - frauddetector:UpdateList + - frauddetector:TagResource + delete: + - frauddetector:DeleteList + - frauddetector:GetListsMetadata + list: + - frauddetector:GetListElements + - frauddetector:GetListsMetadata + - frauddetector:ListTagsForResource + Variable: + type: object + properties: + Name: + description: The name of the variable. + type: string + pattern: ^[a-z_][a-z0-9_]{0,99}?$ + DataSource: + description: The source of the data. + type: string + enum: + - EVENT + - EXTERNAL_MODEL_SCORE + DataType: + description: The data type. + type: string + enum: + - STRING + - INTEGER + - FLOAT + - BOOLEAN + DefaultValue: + description: The default value for the variable when no value is received. + type: string + Description: + description: The description. + type: string + minLength: 1 + maxLength: 256 + Tags: + description: Tags associated with this variable. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + VariableType: + description: The variable type. For more information see https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types + type: string + enum: + - AUTH_CODE + - AVS + - BILLING_ADDRESS_L1 + - BILLING_ADDRESS_L2 + - BILLING_CITY + - BILLING_COUNTRY + - BILLING_NAME + - BILLING_PHONE + - BILLING_STATE + - BILLING_ZIP + - CARD_BIN + - CATEGORICAL + - CURRENCY_CODE + - EMAIL_ADDRESS + - FINGERPRINT + - FRAUD_LABEL + - FREE_FORM_TEXT + - IP_ADDRESS + - NUMERIC + - ORDER_ID + - PAYMENT_TYPE + - PHONE_NUMBER + - PRICE + - PRODUCT_CATEGORY + - SHIPPING_ADDRESS_L1 + - SHIPPING_ADDRESS_L2 + - SHIPPING_CITY + - SHIPPING_COUNTRY + - SHIPPING_NAME + - SHIPPING_PHONE + - SHIPPING_STATE + - SHIPPING_ZIP + - USERAGENT + Arn: + description: The ARN of the variable. + type: string + CreatedTime: + description: The time when the variable was created. + type: string + LastUpdatedTime: + description: The time when the variable was last updated. + type: string + required: + - DataType + - DataSource + - DefaultValue + - Name + x-stackql-resource-name: variable + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + x-required-permissions: + create: + - frauddetector:GetVariables + - frauddetector:CreateVariable + - frauddetector:ListTagsForResource + - frauddetector:TagResource + read: + - frauddetector:GetVariables + - frauddetector:ListTagsForResource + update: + - frauddetector:GetVariables + - frauddetector:UpdateVariable + - frauddetector:ListTagsForResource + - frauddetector:TagResource + - frauddetector:UntagResource + delete: + - frauddetector:GetVariables + - frauddetector:DeleteVariable + list: + - frauddetector:GetVariables + - frauddetector:ListTagsForResource + x-stackQL-resources: + labels: + name: labels + id: awscc.frauddetector.labels + x-cfn-schema-name: Label + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Label' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Label' + AND region = 'us-east-1' + label: + name: label + id: awscc.frauddetector.label + x-cfn-schema-name: Label + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Label' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Label' + AND data__Identifier = '' + AND region = 'us-east-1' + outcomes: + name: outcomes + id: awscc.frauddetector.outcomes + x-cfn-schema-name: Outcome + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Outcome' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Outcome' + AND region = 'us-east-1' + outcome: + name: outcome + id: awscc.frauddetector.outcome + x-cfn-schema-name: Outcome + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Outcome' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Outcome' + AND data__Identifier = '' + AND region = 'us-east-1' + event_types: + name: event_types + id: awscc.frauddetector.event_types + x-cfn-schema-name: EventType + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::EventType' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::EventType' + AND region = 'us-east-1' + event_type: + name: event_type + id: awscc.frauddetector.event_type + x-cfn-schema-name: EventType + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EventVariables') as event_variables, + JSON_EXTRACT(Properties, '$.Labels') as labels, + JSON_EXTRACT(Properties, '$.EntityTypes') as entity_types, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::EventType' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EventVariables') as event_variables, + json_extract_path_text(Properties, 'Labels') as labels, + json_extract_path_text(Properties, 'EntityTypes') as entity_types, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::EventType' + AND data__Identifier = '' + AND region = 'us-east-1' + detectors: + name: detectors + id: awscc.frauddetector.detectors + x-cfn-schema-name: Detector + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Detector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Detector' + AND region = 'us-east-1' + detector: + name: detector + id: awscc.frauddetector.detector + x-cfn-schema-name: Detector + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id, + JSON_EXTRACT(Properties, '$.DetectorVersionStatus') as detector_version_status, + JSON_EXTRACT(Properties, '$.DetectorVersionId') as detector_version_id, + JSON_EXTRACT(Properties, '$.RuleExecutionMode') as rule_execution_mode, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Rules') as rules, + JSON_EXTRACT(Properties, '$.EventType') as event_type, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.AssociatedModels') as associated_models + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Detector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DetectorId') as detector_id, + json_extract_path_text(Properties, 'DetectorVersionStatus') as detector_version_status, + json_extract_path_text(Properties, 'DetectorVersionId') as detector_version_id, + json_extract_path_text(Properties, 'RuleExecutionMode') as rule_execution_mode, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Rules') as rules, + json_extract_path_text(Properties, 'EventType') as event_type, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'AssociatedModels') as associated_models + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Detector' + AND data__Identifier = '' + AND region = 'us-east-1' + lists: + name: lists + id: awscc.frauddetector.lists + x-cfn-schema-name: List + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::List' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::List' + AND region = 'us-east-1' + frauddetector_list: + name: frauddetector_list + id: awscc.frauddetector.frauddetector_list + x-cfn-schema-name: List + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.VariableType') as variable_type, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Elements') as elements + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::List' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'VariableType') as variable_type, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Elements') as elements + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::List' + AND data__Identifier = '' + AND region = 'us-east-1' + variables: + name: variables + id: awscc.frauddetector.variables + x-cfn-schema-name: Variable + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Variable' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FraudDetector::Variable' + AND region = 'us-east-1' + variable: + name: variable + id: awscc.frauddetector.variable + x-cfn-schema-name: Variable + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DataSource') as data_source, + JSON_EXTRACT(Properties, '$.DataType') as data_type, + JSON_EXTRACT(Properties, '$.DefaultValue') as default_value, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VariableType') as variable_type, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Variable' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DataSource') as data_source, + json_extract_path_text(Properties, 'DataType') as data_type, + json_extract_path_text(Properties, 'DefaultValue') as default_value, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VariableType') as variable_type, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FraudDetector::Variable' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/fsx.yaml b/providers/src/awscc/v00.00.00000/services/fsx.yaml new file mode 100644 index 00000000..a25df1c6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/fsx.yaml @@ -0,0 +1,242 @@ +openapi: 3.0.0 +info: + title: FSx + version: 1.0.0 +paths: {} +components: + schemas: + EventType: + type: string + enum: + - NEW + - CHANGED + - DELETED + EventTypes: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/EventType' + maxItems: 3 + AutoImportPolicy: + description: |- + Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket. + The ``AutoImportPolicy`` is only supported on Amazon FSx for Lustre file systems with a data repository association. + type: object + additionalProperties: false + properties: + Events: + $ref: '#/components/schemas/EventTypes' + description: |- + The ``AutoImportPolicy`` can have the following event values: + + ``NEW`` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system. + + ``CHANGED`` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository. + + ``DELETED`` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository. + + You can define any combination of event types for your ``AutoImportPolicy``. + required: + - Events + AutoExportPolicy: + description: |- + Describes a data repository association's automatic export policy. The ``AutoExportPolicy`` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file. + The ``AutoExportPolicy`` is only supported on Amazon FSx for Lustre file systems with a data repository association. + type: object + additionalProperties: false + properties: + Events: + $ref: '#/components/schemas/EventTypes' + description: |- + The ``AutoExportPolicy`` can have the following event values: + + ``NEW`` - New files and directories are automatically exported to the data repository as they are added to the file system. + + ``CHANGED`` - Changes to files and directories on the file system are automatically exported to the data repository. + + ``DELETED`` - Files and directories are automatically deleted on the data repository when they are deleted on the file system. + + You can define any combination of event types for your ``AutoExportPolicy``. + required: + - Events + Tag: + description: Specifies a key-value pair for a resource tag. + type: object + additionalProperties: false + properties: + Key: + type: string + description: A value that specifies the ``TagKey``, the name of the tag. Tag keys must be unique for the resource to which they are attached. + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'A value that specifies the ``TagValue``, the value assigned to the corresponding tag key. Tag values can be null and don''t have to be unique in a tag set. For example, you can have a key-value pair in a tag set of ``finances : April`` and also of ``payroll : April``.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + S3: + description: The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository. + type: object + additionalProperties: false + properties: + AutoImportPolicy: + $ref: '#/components/schemas/AutoImportPolicy' + description: |- + Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket. + The ``AutoImportPolicy`` is only supported on Amazon FSx for Lustre file systems with a data repository association. + AutoExportPolicy: + $ref: '#/components/schemas/AutoExportPolicy' + description: |- + Describes a data repository association's automatic export policy. The ``AutoExportPolicy`` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file. + The ``AutoExportPolicy`` is only supported on Amazon FSx for Lustre file systems with a data repository association. + DataRepositoryAssociation: + type: object + properties: + AssociationId: + type: string + description: '' + ResourceARN: + type: string + description: '' + FileSystemId: + type: string + description: The ID of the file system on which the data repository association is configured. + FileSystemPath: + type: string + description: >- + A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as ``/ns1/``) or subdirectory (such as ``/ns1/subdir/``) that will be mapped 1-1 with ``DataRepositoryPath``. The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path ``/ns1/``, then you cannot link another data repository with file system path + ``/ns1/ns2``. + This path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory. + If you specify only a forward slash (``/``) as the file system path, you can link only one data repository to the file system. You can only specify "/" as the file system path for the first data repository associated with a file system. + DataRepositoryPath: + type: string + description: The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format ``s3://myBucket/myPrefix/``. This path specifies where in the S3 data repository files will be imported from or exported to. + BatchImportMetaDataOnCreate: + type: boolean + description: A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to ``true``. + ImportedFileChunkSize: + type: integer + description: |- + For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache. + The default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB. + S3: + description: The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository. + $ref: '#/components/schemas/S3' + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + description: |- + An array of key-value pairs to apply to this resource. + For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). + required: + - FileSystemId + - FileSystemPath + - DataRepositoryPath + x-stackql-resource-name: data_repository_association + x-stackql-primaryIdentifier: + - AssociationId + x-create-only-properties: + - FileSystemId + - FileSystemPath + - DataRepositoryPath + - BatchImportMetaDataOnCreate + x-read-only-properties: + - AssociationId + - ResourceARN + x-required-permissions: + create: + - fsx:CreateDataRepositoryAssociation + - fsx:DescribeDataRepositoryAssociations + - fsx:TagResource + - s3:ListBucket + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + read: + - fsx:DescribeDataRepositoryAssociations + update: + - fsx:DescribeDataRepositoryAssociations + - fsx:UpdateDataRepositoryAssociation + - fsx:TagResource + - fsx:UntagResource + - s3:ListBucket + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + delete: + - fsx:DescribeDataRepositoryAssociations + - fsx:DeleteDataRepositoryAssociation + list: + - fsx:DescribeDataRepositoryAssociations + x-stackQL-resources: + data_repository_associations: + name: data_repository_associations + id: awscc.fsx.data_repository_associations + x-cfn-schema-name: DataRepositoryAssociation + x-type: list + x-identifiers: + - AssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FSx::DataRepositoryAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociationId') as association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::FSx::DataRepositoryAssociation' + AND region = 'us-east-1' + data_repository_association: + name: data_repository_association + id: awscc.fsx.data_repository_association + x-cfn-schema-name: DataRepositoryAssociation + x-type: get + x-identifiers: + - AssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id, + JSON_EXTRACT(Properties, '$.ResourceARN') as resource_arn, + JSON_EXTRACT(Properties, '$.FileSystemId') as file_system_id, + JSON_EXTRACT(Properties, '$.FileSystemPath') as file_system_path, + JSON_EXTRACT(Properties, '$.DataRepositoryPath') as data_repository_path, + JSON_EXTRACT(Properties, '$.BatchImportMetaDataOnCreate') as batch_import_meta_data_on_create, + JSON_EXTRACT(Properties, '$.ImportedFileChunkSize') as imported_file_chunk_size, + JSON_EXTRACT(Properties, '$.S3') as s3, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FSx::DataRepositoryAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociationId') as association_id, + json_extract_path_text(Properties, 'ResourceARN') as resource_arn, + json_extract_path_text(Properties, 'FileSystemId') as file_system_id, + json_extract_path_text(Properties, 'FileSystemPath') as file_system_path, + json_extract_path_text(Properties, 'DataRepositoryPath') as data_repository_path, + json_extract_path_text(Properties, 'BatchImportMetaDataOnCreate') as batch_import_meta_data_on_create, + json_extract_path_text(Properties, 'ImportedFileChunkSize') as imported_file_chunk_size, + json_extract_path_text(Properties, 'S3') as s3, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::FSx::DataRepositoryAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/gamelift.yaml b/providers/src/awscc/v00.00.00000/services/gamelift.yaml new file mode 100644 index 00000000..48b2b2e6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/gamelift.yaml @@ -0,0 +1,2064 @@ +openapi: 3.0.0 +info: + title: GameLift + version: 1.0.0 +paths: {} +components: + schemas: + RoutingStrategy: + type: object + properties: + Message: + description: The message text to be used with a terminal routing strategy. If you specify TERMINAL for the Type property, you must specify this property. + type: string + FleetId: + description: A unique identifier for a fleet that the alias points to. If you specify SIMPLE for the Type property, you must specify this property. + type: string + pattern: ^fleet-\S+ + Type: + description: Simple routing strategy. The alias resolves to one specific fleet. Use this type when routing to active fleets. + type: string + enum: + - SIMPLE + - TERMINAL + additionalProperties: false + required: + - Type + anyOf: + - required: + - FleetId + - required: + - Message + Alias: + type: object + properties: + Description: + description: A human-readable description of the alias. + type: string + minLength: 1 + maxLength: 1024 + Name: + description: A descriptive label that is associated with an alias. Alias names do not need to be unique. + type: string + minLength: 1 + maxLength: 1024 + pattern: .*\S.* + RoutingStrategy: + description: A routing configuration that specifies where traffic is directed for this alias, such as to a fleet or to a message. + $ref: '#/components/schemas/RoutingStrategy' + AliasId: + description: Unique alias ID + type: string + required: + - Name + - RoutingStrategy + x-stackql-resource-name: alias + x-stackql-primaryIdentifier: + - AliasId + x-read-only-properties: + - AliasId + x-required-permissions: + create: + - gamelift:CreateAlias + read: + - gamelift:DescribeAlias + update: + - gamelift:UpdateAlias + delete: + - gamelift:DeleteAlias + list: + - gamelift:ListAliases + StorageLocation: + x-$comment: Contains object details present in the S3 Bucket + type: object + additionalProperties: false + properties: + Bucket: + description: An Amazon S3 bucket identifier. This is the name of the S3 bucket. + type: string + Key: + description: The name of the zip file that contains the build files or script files. + type: string + ObjectVersion: + description: The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from your S3 bucket. To retrieve a specific version of the file, provide an object version. To retrieve the latest version of the file, do not set this parameter. + type: string + RoleArn: + description: The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access the S3 bucket. + type: string + required: + - Bucket + - Key + - RoleArn + Build: + type: object + properties: + BuildId: + description: A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created. + type: string + Name: + description: A descriptive label that is associated with a build. Build names do not need to be unique. + type: string + OperatingSystem: + description: The operating system that the game server binaries are built to run on. This value determines the type of fleet resources that you can use for this build. If your game build contains multiple executables, they all must run on the same operating system. If an operating system is not specified when creating a build, Amazon GameLift uses the default value (WINDOWS_2012). This value cannot be changed later. + type: string + enum: + - AMAZON_LINUX + - AMAZON_LINUX_2 + - AMAZON_LINUX_2023 + - WINDOWS_2012 + - WINDOWS_2016 + StorageLocation: + description: Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region. + $ref: '#/components/schemas/StorageLocation' + Version: + description: Version information that is associated with this build. Version strings do not need to be unique. + type: string + ServerSdkVersion: + description: A server SDK version you used when integrating your game server build with Amazon GameLift. By default Amazon GameLift sets this value to 4.0.2. + type: string + required: [] + x-stackql-resource-name: build + x-stackql-primaryIdentifier: + - BuildId + x-create-only-properties: + - StorageLocation + - OperatingSystem + - ServerSdkVersion + x-read-only-properties: + - BuildId + x-required-permissions: + create: + - gamelift:DescribeBuild + - gamelift:CreateBuild + read: + - gamelift:DescribeBuild + update: + - gamelift:UpdateBuild + delete: + - gamelift:DescribeBuild + - gamelift:DeleteBuild + list: + - gamelift:ListBuilds + ScalingPolicy: + description: Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID. + additionalProperties: false + type: object + properties: + Status: + description: Current status of the scaling policy. The scaling policy can be in force only when in an ACTIVE status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change. + type: string + enum: + - ACTIVE + - UPDATE_REQUESTED + - UPDATING + - DELETE_REQUESTED + - DELETING + - DELETED + - ERROR + MetricName: + description: Name of the Amazon GameLift-defined metric that is used to trigger a scaling adjustment. + type: string + enum: + - ActivatingGameSessions + - ActiveGameSessions + - ActiveInstances + - AvailableGameSessions + - AvailablePlayerSessions + - CurrentPlayerSessions + - IdleInstances + - PercentAvailableGameSessions + - PercentIdleInstances + - QueueDepth + - WaitTime + - ConcurrentActivatableGameSessions + PolicyType: + description: 'The type of scaling policy to create. For a target-based policy, set the parameter MetricName to ''PercentAvailableGameSessions'' and specify a TargetConfiguration. For a rule-based policy set the following parameters: MetricName, ComparisonOperator, Threshold, EvaluationPeriods, ScalingAdjustmentType, and ScalingAdjustment.' + type: string + enum: + - RuleBased + - TargetBased + ComparisonOperator: + description: Comparison operator to use when measuring a metric against the threshold value. + type: string + enum: + - GreaterThanOrEqualToThreshold + - GreaterThanThreshold + - LessThanThreshold + - LessThanOrEqualToThreshold + TargetConfiguration: + description: An object that contains settings for a target-based scaling policy. + $ref: '#/components/schemas/TargetConfiguration' + UpdateStatus: + description: The current status of the fleet's scaling policies in a requested fleet location. The status PENDING_UPDATE indicates that an update was requested for the fleet but has not yet been completed for the location. + type: string + enum: + - PENDING_UPDATE + ScalingAdjustment: + description: Amount of adjustment to make, based on the scaling adjustment type. + type: integer + EvaluationPeriods: + description: Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered. + type: integer + minimum: 1 + Location: + $ref: '#/components/schemas/Location' + Name: + minLength: 1 + description: A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique. + type: string + maxLength: 1024 + ScalingAdjustmentType: + description: The type of adjustment to make to a fleet's instance count. + type: string + enum: + - ChangeInCapacity + - ExactCapacity + - PercentChangeInCapacity + Threshold: + description: Metric value used to trigger a scaling event. + type: number + required: + - MetricName + - Name + ServerProcess: + description: A set of instructions for launching server processes on each instance in a fleet. Each instruction set identifies the location of the server executable, optional launch parameters, and the number of server processes with this configuration to maintain concurrently on the instance. Server process configurations make up a fleet's RuntimeConfiguration. + additionalProperties: false + type: object + properties: + ConcurrentExecutions: + description: The number of server processes that use this configuration to run concurrently on an instance. + type: integer + minimum: 1 + Parameters: + minLength: 1 + description: An optional list of parameters to pass to the server executable or Realtime script on launch. + type: string + maxLength: 1024 + LaunchPath: + minLength: 1 + pattern: ^([Cc]:\\game\S+|/local/game/\S+) + description: |- + The location of the server executable in a custom game build or the name of the Realtime script file that contains the Init() function. Game builds and Realtime scripts are installed on instances at the root: + + Windows (for custom game builds only): C:\game. Example: "C:\game\MyGame\server.exe" + + Linux: /local/game. Examples: "/local/game/MyGame/server.exe" or "/local/game/MyRealtimeScript.js" + type: string + maxLength: 1024 + required: + - ConcurrentExecutions + - LaunchPath + TargetConfiguration: + description: Settings for a target-based scaling policy. A target-based policy tracks a particular fleet metric specifies a target value for the metric. As player usage changes, the policy triggers Amazon GameLift to adjust capacity so that the metric returns to the target value. The target configuration specifies settings as needed for the target based policy, including the target value. + additionalProperties: false + type: object + properties: + TargetValue: + description: Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions). + type: number + required: + - TargetValue + RuntimeConfiguration: + description: >- + A collection of server process configurations that describe the processes to run on each instance in a fleet. All fleets must have a runtime configuration. Each instance in the fleet maintains server processes as specified in the runtime configuration, launching new ones as existing processes end. Each instance regularly checks for an updated runtime configuration makes adjustments as called for. + + + The runtime configuration enables the instances in a fleet to run multiple processes simultaneously. Potential scenarios are as follows: (1) Run multiple processes of a single game server executable to maximize usage of your hosting resources. (2) Run one or more processes of different executables, such as your game server and a metrics tracking program. (3) Run multiple processes of a single game server but with different launch parameters, for example to run one process on each + instance in debug mode. + + + An Amazon GameLift instance is limited to 50 processes running simultaneously. A runtime configuration must specify fewer than this limit. To calculate the total number of processes specified in a runtime configuration, add the values of the ConcurrentExecutions parameter for each ServerProcess object in the runtime configuration. + additionalProperties: false + type: object + properties: + ServerProcesses: + maxItems: 50 + description: A collection of server process configurations that describe which server processes to run on each instance in a fleet. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ServerProcess' + MaxConcurrentGameSessionActivations: + description: The maximum number of game sessions with status ACTIVATING to allow on an instance simultaneously. This setting limits the amount of instance resources that can be used for new game activations at any one time. + maximum: 2147483647 + type: integer + minimum: 1 + GameSessionActivationTimeoutSeconds: + description: The maximum amount of time (in seconds) that a game session can remain in status ACTIVATING. If the game session is not active before the timeout, activation is terminated and the game session status is changed to TERMINATED. + maximum: 600 + type: integer + minimum: 1 + LocationConfiguration: + description: A remote location where a multi-location fleet can deploy EC2 instances for game hosting. + additionalProperties: false + type: object + properties: + LocationCapacity: + $ref: '#/components/schemas/LocationCapacity' + Location: + $ref: '#/components/schemas/Location' + required: + - Location + AnywhereConfiguration: + description: Configuration for Anywhere fleet. + additionalProperties: false + properties: + Cost: + minLength: 1 + pattern: ^\d{1,5}(?:\.\d{1,5})?$ + description: Cost of compute can be specified on Anywhere Fleets to prioritize placement across Queue destinations based on Cost. + type: string + maxLength: 11 + required: + - Cost + ResourceCreationLimitPolicy: + description: |- + A policy that limits the number of game sessions a player can create on the same fleet. This optional policy gives game owners control over how players can consume available game server resources. A resource creation policy makes the following statement: "An individual player can create a maximum number of new game sessions within a specified time period". + + The policy is evaluated when a player tries to create a new game session. For example, assume you have a policy of 10 new game sessions and a time period of 60 minutes. On receiving a CreateGameSession request, Amazon GameLift checks that the player (identified by CreatorId) has created fewer than 10 game sessions in the past 60 minutes. + additionalProperties: false + type: object + properties: + PolicyPeriodInMinutes: + description: The time span used in evaluating the resource creation limit policy. + type: integer + minimum: 0 + NewGameSessionsPerCreator: + description: The maximum number of game sessions that an individual can create during the policy period. + type: integer + minimum: 0 + LocationCapacity: + description: Current resource capacity settings in a specified fleet or location. The location value might refer to a fleet's remote location or its home Region. + additionalProperties: false + type: object + properties: + MinSize: + description: The minimum value allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "0". After the fleet is active, you can change this value. + type: integer + minimum: 0 + DesiredEC2Instances: + description: The number of EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. + type: integer + minimum: 0 + MaxSize: + description: The maximum value that is allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "1". Once the fleet is active, you can change this value. + type: integer + minimum: 0 + required: + - DesiredEC2Instances + - MinSize + - MaxSize + CertificateConfiguration: + description: Information about the use of a TLS/SSL certificate for a fleet. TLS certificate generation is enabled at the fleet level, with one certificate generated for the fleet. When this feature is enabled, the certificate can be retrieved using the GameLift Server SDK call GetInstanceCertificate. All instances in a fleet share the same certificate. + additionalProperties: false + type: object + properties: + CertificateType: + type: string + enum: + - DISABLED + - GENERATED + required: + - CertificateType + IpPermission: + description: >- + A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift hosting resource. New game sessions that are started on the fleet are assigned an IP address/port number combination, which must fall into the fleet's allowed ranges. For fleets created with a custom game server, the ranges reflect the server's game session assignments. For Realtime Servers fleets, Amazon GameLift automatically opens two port ranges, one for TCP + messaging and one for UDP, for use by the Realtime servers. + additionalProperties: false + type: object + properties: + IpRange: + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/([0-9]|[1-2][0-9]|3[0-2]))$) + description: 'A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: "000.000.000.000/[subnet mask]" or optionally the shortened version "0.0.0.0/[subnet mask]".' + type: string + FromPort: + description: A starting value for a range of allowed port numbers. + maximum: 60000 + type: integer + minimum: 1 + ToPort: + description: An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort. + maximum: 60000 + type: integer + minimum: 1 + Protocol: + description: The network communication protocol used by the fleet. + type: string + enum: + - TCP + - UDP + required: + - FromPort + - IpRange + - Protocol + - ToPort + Location: + type: object + properties: + LocationName: + type: string + minLength: 8 + maxLength: 64 + pattern: ^custom-[A-Za-z0-9\-]+ + LocationArn: + type: string + pattern: ^arn:.*:location/custom-\S+ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - LocationName + x-stackql-resource-name: location + x-stackql-primaryIdentifier: + - LocationName + x-create-only-properties: + - LocationName + x-read-only-properties: + - LocationArn + x-required-permissions: + create: + - gamelift:CreateLocation + - gamelift:ListLocations + - gamelift:ListTagsForResource + - gamelift:TagResource + read: + - gamelift:ListLocations + - gamelift:ListTagsForResource + delete: + - gamelift:DeleteLocation + list: + - gamelift:ListLocations + update: + - gamelift:ListLocations + - gamelift:ListTagsForResource + - gamelift:TagResource + - gamelift:UntagResource + Fleet: + type: object + properties: + ScalingPolicies: + maxItems: 50 + description: A list of rules that control how a fleet is scaled. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ScalingPolicy' + Description: + minLength: 1 + description: A human-readable description of a fleet. + type: string + maxLength: 1024 + PeerVpcId: + minLength: 1 + pattern: ^vpc-\S+ + description: A unique identifier for a VPC with resources to be accessed by your Amazon GameLift fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the VPC Dashboard in the AWS Management Console. + type: string + maxLength: 1024 + ApplyCapacity: + description: Determines whether to apply fleet or location capacities on fleet creation. + type: string + enum: + - ON_UPDATE + - ON_CREATE_AND_UPDATE + EC2InboundPermissions: + maxItems: 50 + description: A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift server. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/IpPermission' + ComputeType: + description: ComputeType to differentiate EC2 hardware managed by GameLift and Anywhere hardware managed by the customer. + type: string + enum: + - EC2 + - ANYWHERE + Name: + minLength: 1 + description: A descriptive label that is associated with a fleet. Fleet names do not need to be unique. + type: string + maxLength: 1024 + AnywhereConfiguration: + description: Configuration for Anywhere fleet. + $ref: '#/components/schemas/AnywhereConfiguration' + InstanceRoleARN: + minLength: 1 + pattern: ^arn:aws(-.*)?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + description: A unique identifier for an AWS IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN from the IAM dashboard in the AWS Management Console. + type: string + FleetId: + pattern: ^fleet-\S+ + description: Unique fleet ID + type: string + CertificateConfiguration: + description: Indicates whether to generate a TLS/SSL certificate for the new fleet. TLS certificates are used for encrypting traffic between game clients and game servers running on GameLift. If this parameter is not set, certificate generation is disabled. This fleet setting cannot be changed once the fleet is created. + $ref: '#/components/schemas/CertificateConfiguration' + InstanceRoleCredentialsProvider: + description: Credentials provider implementation that loads credentials from the Amazon EC2 Instance Metadata Service. + type: string + enum: + - SHARED_CREDENTIAL_FILE + DesiredEC2Instances: + description: '[DEPRECATED] The number of EC2 instances that you want this fleet to host. When creating a new fleet, GameLift automatically sets this value to "1" and initiates a single instance. Once the fleet is active, update this value to trigger GameLift to add or remove instances from the fleet.' + type: integer + minimum: 0 + ServerLaunchParameters: + minLength: 1 + description: This parameter is no longer used but is retained for backward compatibility. Instead, specify server launch parameters in the RuntimeConfiguration parameter. A request must specify either a runtime configuration or values for both ServerLaunchParameters and ServerLaunchPath. + type: string + maxLength: 1024 + FleetType: + description: Indicates whether to use On-Demand instances or Spot instances for this fleet. If empty, the default is ON_DEMAND. Both categories of instances use identical hardware and configurations based on the instance type selected for this fleet. + type: string + enum: + - ON_DEMAND + - SPOT + Locations: + minItems: 1 + maxItems: 100 + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/LocationConfiguration' + NewGameSessionProtectionPolicy: + description: A game session protection policy to apply to all game sessions hosted on instances in this fleet. When protected, active game sessions cannot be terminated during a scale-down event. If this parameter is not set, instances in this fleet default to no protection. You can change a fleet's protection policy to affect future game sessions on the fleet. You can also set protection for individual game sessions. + type: string + enum: + - FullProtection + - NoProtection + ScriptId: + pattern: ^script-\S+|^arn:.*:script/script-\S+ + description: |- + A unique identifier for a Realtime script to be deployed on a new Realtime Servers fleet. The script must have been successfully uploaded to Amazon GameLift. This fleet setting cannot be changed once the fleet is created. + + Note: It is not currently possible to use the !Ref command to reference a script created with a CloudFormation template for the fleet property ScriptId. Instead, use Fn::GetAtt Script.Arn or Fn::GetAtt Script.Id to retrieve either of these properties as input for ScriptId. Alternatively, enter a ScriptId string manually. + type: string + MaxSize: + description: '[DEPRECATED] The maximum value that is allowed for the fleet''s instance count. When creating a new fleet, GameLift automatically sets this value to "1". Once the fleet is active, you can change this value.' + type: integer + minimum: 0 + RuntimeConfiguration: + description: |- + Instructions for launching server processes on each instance in the fleet. Server processes run either a custom game build executable or a Realtime script. The runtime configuration defines the server executables or launch script file, launch parameters, and the number of processes to run concurrently on each instance. When creating a fleet, the runtime configuration must have at least one server process configuration; otherwise the request fails with an invalid request exception. + + This parameter is required unless the parameters ServerLaunchPath and ServerLaunchParameters are defined. Runtime configuration has replaced these parameters, but fleets that use them will continue to work. + $ref: '#/components/schemas/RuntimeConfiguration' + LogPaths: + description: This parameter is no longer used. When hosting a custom game build, specify where Amazon GameLift should store log files using the Amazon GameLift server API call ProcessReady() + x-insertionOrder: false + type: array + items: + type: string + ServerLaunchPath: + minLength: 1 + description: This parameter is no longer used. Instead, specify a server launch path using the RuntimeConfiguration parameter. Requests that specify a server launch path and launch parameters instead of a runtime configuration will continue to work. + type: string + maxLength: 1024 + MinSize: + description: '[DEPRECATED] The minimum value allowed for the fleet''s instance count. When creating a new fleet, GameLift automatically sets this value to "0". After the fleet is active, you can change this value.' + type: integer + minimum: 0 + PeerVpcAwsAccountId: + minLength: 1 + pattern: ^[0-9]{12}$ + description: A unique identifier for the AWS account with the VPC that you want to peer your Amazon GameLift fleet with. You can find your account ID in the AWS Management Console under account settings. + type: string + maxLength: 1024 + MetricGroups: + maxItems: 1 + description: The name of an Amazon CloudWatch metric group. A metric group aggregates the metrics for all fleets in the group. Specify a string containing the metric group name. You can use an existing name or use a new name to create a new metric group. Currently, this parameter can have only one string. + x-insertionOrder: false + type: array + items: + type: string + BuildId: + pattern: ^build-\S+|^arn:.*:build/build-\S+ + description: A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created. + type: string + ResourceCreationLimitPolicy: + description: A policy that limits the number of game sessions an individual player can create over a span of time for this fleet. + $ref: '#/components/schemas/ResourceCreationLimitPolicy' + EC2InstanceType: + pattern: ^.*..*$ + description: The name of an EC2 instance type that is supported in Amazon GameLift. A fleet instance type determines the computing resources of each instance in the fleet, including CPU, memory, storage, and networking capacity. Amazon GameLift supports the following EC2 instance types. See Amazon EC2 Instance Types for detailed descriptions. + type: string + required: + - Name + x-stackql-resource-name: fleet + x-stackql-primaryIdentifier: + - FleetId + x-create-only-properties: + - ApplyCapacity + - BuildId + - CertificateConfiguration + - EC2InstanceType + - FleetType + - InstanceRoleARN + - InstanceRoleCredentialsProvider + - LogPaths + - PeerVpcAwsAccountId + - PeerVpcId + - ScriptId + - ServerLaunchParameters + - ServerLaunchPath + - CertificateType + - ComputeType + x-read-only-properties: + - FleetId + x-required-permissions: + read: + - gamelift:DescribeFleetAttributes + - gamelift:DescribeFleetLocationAttributes + - gamelift:DescribeFleetCapacity + - gamelift:DescribeFleetPortSettings + - gamelift:DescribeFleetUtilization + - gamelift:DescribeRuntimeConfiguration + - gamelift:DescribeEC2InstanceLimits + - gamelift:DescribeFleetEvents + - gamelift:DescribeScalingPolicies + create: + - gamelift:CreateFleet + - gamelift:DescribeFleetAttributes + - gamelift:DescribeFleetLocationAttributes + - gamelift:UpdateFleetCapacity + - gamelift:DescribeFleetLocationCapacity + - gamelift:PutScalingPolicy + - gamelift:DescribeScalingPolicies + update: + - gamelift:UpdateFleetAttributes + - gamelift:CreateFleetLocations + - gamelift:DeleteFleetLocations + - gamelift:UpdateFleetCapacity + - gamelift:UpdateFleetPortSettings + - gamelift:UpdateRuntimeConfiguration + - gamelift:DescribeFleetLocationCapacity + - gamelift:DescribeFleetPortSettings + - gamelift:DescribeFleetLocationAttributes + - gamelift:PutScalingPolicy + - gamelift:DescribeScalingPolicies + - gamelift:DeleteScalingPolicy + list: + - gamelift:ListFleets + delete: + - gamelift:DeleteFleet + - gamelift:DescribeFleetLocationCapacity + - gamelift:DescribeScalingPolicies + - gamelift:DeleteScalingPolicy + AutoScalingPolicy: + type: object + description: Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting + properties: + EstimatedInstanceWarmup: + $ref: '#/components/schemas/EstimatedInstanceWarmup' + TargetTrackingConfiguration: + $ref: '#/components/schemas/TargetTrackingConfiguration' + required: + - TargetTrackingConfiguration + additionalProperties: false + EstimatedInstanceWarmup: + type: number + description: Length of time, in seconds, it takes for a new instance to start new game server processes and register with GameLift FleetIQ. + TargetTrackingConfiguration: + type: object + description: Settings for a target-based scaling policy applied to Auto Scaling group. + properties: + TargetValue: + $ref: '#/components/schemas/TargetValue' + required: + - TargetValue + additionalProperties: false + TargetValue: + type: number + description: Desired value to use with a game server group target-based scaling policy. + BalancingStrategy: + type: string + description: The fallback balancing method to use for the game server group when Spot Instances in a Region become unavailable or are not viable for game hosting. + enum: + - SPOT_ONLY + - SPOT_PREFERRED + - ON_DEMAND_ONLY + DeleteOption: + description: The type of delete to perform. + type: string + enum: + - SAFE_DELETE + - FORCE_DELETE + - RETAIN + GameServerGroupName: + type: string + description: An identifier for the new game server group. + pattern: '[a-zA-Z0-9-\.]+' + minLength: 1 + maxLength: 128 + GameServerProtectionPolicy: + type: string + description: A flag that indicates whether instances in the game server group are protected from early termination. + enum: + - NO_PROTECTION + - FULL_PROTECTION + GameServerGroupArn: + description: A generated unique ID for the game server group. + type: string + pattern: ^arn:.*:gameservergroup\/[a-zA-Z0-9-\.]* + minLength: 1 + maxLength: 256 + InstanceDefinitions: + type: array + description: A set of EC2 instance types to use when creating instances in the group. + items: + $ref: '#/components/schemas/InstanceDefinition' + maxItems: 20 + minItems: 2 + x-insertionOrder: false + InstanceDefinition: + type: object + description: An allowed instance type for your game server group. + properties: + InstanceType: + $ref: '#/components/schemas/InstanceType' + WeightedCapacity: + $ref: '#/components/schemas/WeightedCapacity' + required: + - InstanceType + additionalProperties: false + InstanceType: + type: string + description: An EC2 instance type designation. + WeightedCapacity: + type: string + description: Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. + pattern: ^[\u0031-\u0039][\u0030-\u0039]{0,2}$ + LaunchTemplate: + type: object + description: The EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. + properties: + LaunchTemplateId: + $ref: '#/components/schemas/LaunchTemplateId' + LaunchTemplateName: + $ref: '#/components/schemas/LaunchTemplateName' + Version: + $ref: '#/components/schemas/Version' + additionalProperties: false + LaunchTemplateId: + type: string + description: A unique identifier for an existing EC2 launch template. + LaunchTemplateName: + type: string + description: A readable identifier for an existing EC2 launch template. + Version: + type: string + description: The version of the EC2 launch template to use. + MaxSize: + type: number + description: The maximum number of instances allowed in the EC2 Auto Scaling group. + minimum: 1 + MinSize: + type: number + description: The minimum number of instances allowed in the EC2 Auto Scaling group. + minimum: 0 + RoleArn: + type: string + description: The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access your EC2 Auto Scaling groups. + pattern: ^arn:.*:role\/[\w+=,.@-]+ + minLength: 1 + maxLength: 256 + Tags: + type: array + description: A list of labels to assign to the new game server group resource. + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 200 + x-insertionOrder: false + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length. + minLength: 1 + maxLength: 128 + Value: + type: string + description: The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + VpcSubnets: + type: array + description: A list of virtual private cloud (VPC) subnets to use with instances in the game server group. + items: + type: string + pattern: ^subnet-[0-9a-z]+$ + minLength: 15 + maxLength: 24 + minItems: 1 + maxItems: 20 + x-insertionOrder: false + GameServerGroup: + type: object + properties: + AutoScalingGroupArn: + description: A generated unique ID for the EC2 Auto Scaling group that is associated with this game server group. + $ref: '#/components/schemas/AutoScalingGroupArn' + AutoScalingPolicy: + description: Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting + $ref: '#/components/schemas/AutoScalingPolicy' + BalancingStrategy: + description: The fallback balancing method to use for the game server group when Spot Instances in a Region become unavailable or are not viable for game hosting. + $ref: '#/components/schemas/BalancingStrategy' + DeleteOption: + description: The type of delete to perform. + $ref: '#/components/schemas/DeleteOption' + GameServerGroupArn: + description: A generated unique ID for the game server group. + $ref: '#/components/schemas/GameServerGroupArn' + GameServerGroupName: + description: An identifier for the new game server group. + $ref: '#/components/schemas/GameServerGroupName' + GameServerProtectionPolicy: + description: A flag that indicates whether instances in the game server group are protected from early termination. + $ref: '#/components/schemas/GameServerProtectionPolicy' + InstanceDefinitions: + description: A set of EC2 instance types to use when creating instances in the group. + $ref: '#/components/schemas/InstanceDefinitions' + LaunchTemplate: + description: The EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. + $ref: '#/components/schemas/LaunchTemplate' + MaxSize: + description: The maximum number of instances allowed in the EC2 Auto Scaling group. + $ref: '#/components/schemas/MaxSize' + MinSize: + description: The minimum number of instances allowed in the EC2 Auto Scaling group. + $ref: '#/components/schemas/MinSize' + RoleArn: + description: The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access your EC2 Auto Scaling groups. + $ref: '#/components/schemas/RoleArn' + Tags: + description: A list of labels to assign to the new game server group resource. + $ref: '#/components/schemas/Tags' + VpcSubnets: + description: A list of virtual private cloud (VPC) subnets to use with instances in the game server group. + $ref: '#/components/schemas/VpcSubnets' + required: + - GameServerGroupName + - InstanceDefinitions + - RoleArn + x-stackql-resource-name: game_server_group + x-stackql-primaryIdentifier: + - GameServerGroupArn + x-read-only-properties: + - GameServerGroupArn + - AutoScalingGroupArn + x-required-permissions: + create: + - gamelift:CreateGameServerGroup + - gamelift:TagResource + - gamelift:DescribeGameServerGroup + - iam:assumeRole + - iam:PassRole + - iam:CreateServiceLinkedRole + - ec2:DescribeAvailabilityZones + - ec2:DescribeSubnets + - ec2:RunInstances + - ec2:CreateTags + - ec2:DescribeLaunchTemplateVersions + - autoscaling:CreateAutoScalingGroup + - autoscaling:DescribeLifecycleHooks + - autoscaling:DescribeNotificationConfigurations + - autoscaling:CreateAutoScalingGroup + - autoscaling:CreateOrUpdateTags + - autoscaling:DescribeAutoScalingGroups + - autoscaling:ExitStandby + - autoscaling:PutLifecycleHook + - autoscaling:PutScalingPolicy + - autoscaling:ResumeProcesses + - autoscaling:SetInstanceProtection + - autoscaling:UpdateAutoScalingGroup + - events:PutRule + - events:PutTargets + read: + - gamelift:DescribeGameServerGroup + update: + - gamelift:UpdateGameServerGroup + - iam:assumeRole + - iam:PassRole + - autoscaling:DescribeAutoScalingGroups + - autoscaling:UpdateAutoScalingGroup + - autoscaling:SetInstanceProtection + delete: + - gamelift:DeleteGameServerGroup + - gamelift:DescribeGameServerGroup + - iam:assumeRole + - iam:PassRole + - iam:CreateServiceLinkedRole + - ec2:DescribeAvailabilityZones + - ec2:DescribeSubnets + - ec2:DescribeLaunchTemplateVersions + - autoscaling:CreateAutoScalingGroup + - autoscaling:DescribeLifecycleHooks + - autoscaling:DescribeNotificationConfigurations + - autoscaling:DescribeAutoScalingGroups + - autoscaling:ExitStandby + - autoscaling:PutLifecycleHook + - autoscaling:PutScalingPolicy + - autoscaling:ResumeProcesses + - autoscaling:SetInstanceProtection + - autoscaling:UpdateAutoScalingGroup + - autoscaling:DeleteAutoScalingGroup + - events:PutRule + - events:PutTargets + list: + - gamelift:ListGameServerGroups + AutoScalingGroupArn: + type: string + description: A generated unique ID for the EC2 Auto Scaling group that is associated with this game server group. + minLength: 0 + maxLength: 256 + pattern: "[ -퟿-�𐀀-􏿿\r\n\t]*" + CreationTime: + type: string + description: A timestamp that indicates when this data object was created. + LastUpdatedTime: + type: string + description: A timestamp that indicates when this game server group was last updated. + Status: + type: string + description: The current status of the game server group. + enum: + - NEW + - ACTIVATING + - ACTIVE + - DELETE_SCHEDULED + - DELETING + - DELETED + - ERROR + StatusReason: + type: string + description: Additional information about the current game server group status. + minLength: 1 + maxLength: 1024 + SuspendedActions: + type: array + items: + type: string + enum: + - REPLACE_INSTANCE_TYPES + GameSessionQueueDestination: + type: object + description: A fleet or alias designated in a game session queue. + properties: + DestinationArn: + type: string + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z0-9:/-]+' + additionalProperties: false + PlayerLatencyPolicy: + type: object + description: Sets a latency cap for individual players when placing a game session. + properties: + MaximumIndividualPlayerLatencyMilliseconds: + type: integer + description: The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property. + minimum: 0 + PolicyDurationSeconds: + type: integer + description: The length of time, in seconds, that the policy is enforced while placing a new game session. + minimum: 0 + additionalProperties: false + AllowedLocations: + type: array + x-insertionOrder: false + description: A list of locations to allow game session placement in, in the form of AWS Region codes such as us-west-2. + minItems: 1 + maxItems: 100 + items: + type: string + minLength: 1 + maxLength: 64 + pattern: ^[a-z]+(-([a-z]+|\d))* + FilterConfiguration: + type: object + properties: + AllowedLocations: + $ref: '#/components/schemas/AllowedLocations' + additionalProperties: false + LocationOrder: + description: The prioritization order to use for fleet locations, when the PriorityOrder property includes LOCATION. + type: array + x-insertionOrder: true + minItems: 1 + maxItems: 100 + items: + type: string + minLength: 1 + maxLength: 64 + pattern: ^[A-Za-z0-9\-]+ + PriorityOrder: + description: The recommended sequence to use when prioritizing where to place new game sessions. + type: array + x-insertionOrder: true + minItems: 1 + maxItems: 4 + items: + type: string + enum: + - LATENCY + - COST + - DESTINATION + - LOCATION + PriorityConfiguration: + type: object + properties: + LocationOrder: + $ref: '#/components/schemas/LocationOrder' + PriorityOrder: + $ref: '#/components/schemas/PriorityOrder' + additionalProperties: false + GameSessionQueue: + type: object + properties: + Name: + description: A descriptive label that is associated with game session queue. Queue names must be unique within each Region. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9-]+' + TimeoutInSeconds: + description: The maximum time, in seconds, that a new game session placement request remains in the queue. + type: integer + minimum: 0 + Destinations: + description: A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/GameSessionQueueDestination' + PlayerLatencyPolicies: + description: A set of policies that act as a sliding cap on player latency. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/PlayerLatencyPolicy' + CustomEventData: + description: Information that is added to all events that are related to this game session queue. + type: string + minLength: 1 + maxLength: 256 + pattern: '[\s\S]*' + NotificationTarget: + description: An SNS topic ARN that is set up to receive game session placement notifications. + type: string + minLength: 1 + maxLength: 300 + pattern: '[a-zA-Z0-9:_-]*(\.fifo)?' + FilterConfiguration: + description: A list of locations where a queue is allowed to place new game sessions. + type: object + $ref: '#/components/schemas/FilterConfiguration' + PriorityConfiguration: + description: Custom settings to use when prioritizing destinations and locations for game session placements. + type: object + $ref: '#/components/schemas/PriorityConfiguration' + Arn: + description: The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it. + type: string + minLength: 1 + maxLength: 256 + pattern: ^arn:.*:gamesessionqueue\/[a-zA-Z0-9-]+ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: game_session_queue + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - gamelift:CreateGameSessionQueue + - gamelift:ListTagsForResource + - gamelift:TagResource + read: + - gamelift:DescribeGameSessionQueues + - gamelift:ListTagsForResource + delete: + - gamelift:DescribeGameSessionQueues + - gamelift:DeleteGameSessionQueue + update: + - gamelift:UpdateGameSessionQueue + - gamelift:ListTagsForResource + - gamelift:TagResource + - gamelift:UntagResource + list: + - gamelift:DescribeGameSessionQueues + GameProperty: + description: A key-value pair that contains information about a game session. + type: object + properties: + Key: + type: string + description: The game property identifier. + maxLength: 32 + Value: + type: string + description: The game property value. + maxLength: 96 + required: + - Key + - Value + additionalProperties: false + MatchmakingConfiguration: + type: object + properties: + AcceptanceRequired: + description: A flag that indicates whether a match that was created with this configuration must be accepted by the matched players + type: boolean + AcceptanceTimeoutSeconds: + description: The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required. + type: integer + minimum: 1 + maximum: 600 + AdditionalPlayerCount: + description: The number of player slots in a match to keep open for future players. + type: integer + minimum: 0 + BackfillMode: + description: The method used to backfill game sessions created with this matchmaking configuration. + type: string + enum: + - AUTOMATIC + - MANUAL + Arn: + description: The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift matchmaking configuration resource and uniquely identifies it. + type: string + pattern: ^arn:.*:matchmakingconfiguration\/[a-zA-Z0-9-\.]* + CreationTime: + description: A time stamp indicating when this data object was created. + type: string + CustomEventData: + description: Information to attach to all events related to the matchmaking configuration. + type: string + minLength: 0 + maxLength: 256 + Description: + description: A descriptive label that is associated with matchmaking configuration. + type: string + minLength: 1 + maxLength: 1024 + FlexMatchMode: + description: Indicates whether this matchmaking configuration is being used with Amazon GameLift hosting or as a standalone matchmaking solution. + type: string + enum: + - STANDALONE + - WITH_QUEUE + GameProperties: + description: A set of custom properties for a game session, formatted as key:value pairs. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 16 + items: + $ref: '#/components/schemas/GameProperty' + GameSessionData: + description: A set of custom game session properties, formatted as a single string value. + type: string + minLength: 1 + maxLength: 4096 + GameSessionQueueArns: + description: The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it. + type: array + x-insertionOrder: false + items: + type: string + pattern: '[a-zA-Z0-9:/-]+' + minLength: 1 + maxLength: 256 + Name: + description: A unique identifier for the matchmaking configuration. + type: string + pattern: '[a-zA-Z0-9-\.]*' + maxLength: 128 + NotificationTarget: + description: An SNS topic ARN that is set up to receive matchmaking notifications. + type: string + pattern: '[a-zA-Z0-9:_/-]*(.fifo)?' + minLength: 0 + maxLength: 300 + RequestTimeoutSeconds: + description: The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. + type: integer + minimum: 1 + maximum: 43200 + RuleSetArn: + description: The Amazon Resource Name (ARN) associated with the GameLift matchmaking rule set resource that this configuration uses. + type: string + pattern: ^arn:.*:matchmakingruleset\/[a-zA-Z0-9-\.]* + RuleSetName: + description: A unique identifier for the matchmaking rule set to use with this configuration. + type: string + pattern: '[a-zA-Z0-9-\.]*' + maxLength: 128 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - AcceptanceRequired + - Name + - RequestTimeoutSeconds + - RuleSetName + x-stackql-resource-name: matchmaking_configuration + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - gamelift:CreateMatchmakingConfiguration + - gamelift:ListTagsForResource + - gamelift:TagResource + - gamelift:DescribeMatchmakingConfigurations + read: + - gamelift:DescribeMatchmakingConfigurations + - gamelift:ListTagsForResource + delete: + - gamelift:DescribeMatchmakingConfigurations + - gamelift:DeleteMatchmakingConfiguration + list: + - gamelift:DescribeMatchmakingConfigurations + update: + - gamelift:DescribeMatchmakingConfigurations + - gamelift:UpdateMatchmakingConfiguration + - gamelift:ListTagsForResource + - gamelift:TagResource + - gamelift:UntagResource + MatchmakingRuleSet: + type: object + properties: + Name: + description: A unique identifier for the matchmaking rule set. + type: string + maxLength: 128 + pattern: '[a-zA-Z0-9-\.]*' + RuleSetBody: + description: A collection of matchmaking rules, formatted as a JSON string. + type: string + minLength: 1 + maxLength: 65535 + CreationTime: + description: A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds. + type: string + Arn: + description: The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift matchmaking rule set resource and uniquely identifies it. + type: string + pattern: ^arn:.*:matchmakingruleset\/[a-zA-Z0-9-\.]* + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - RuleSetBody + x-stackql-resource-name: matchmaking_rule_set + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - RuleSetBody + x-read-only-properties: + - Arn + - CreationTime + x-required-permissions: + create: + - gamelift:CreateMatchmakingRuleSet + - gamelift:DescribeMatchmakingRuleSets + - gamelift:ValidateMatchmakingRuleSet + - gamelift:ListTagsForResource + - gamelift:TagResource + read: + - gamelift:DescribeMatchmakingRuleSets + - gamelift:ValidateMatchmakingRuleSet + - gamelift:ListTagsForResource + delete: + - gamelift:DeleteMatchmakingRuleSet + update: + - gamelift:DescribeMatchmakingRuleSets + - gamelift:ListTagsForResource + - gamelift:TagResource + - gamelift:UntagResource + list: + - gamelift:DescribeMatchmakingRuleSets + S3Location: + x-$comment: Contains object details present in the S3 Bucket + type: object + additionalProperties: false + properties: + Bucket: + description: An Amazon S3 bucket identifier. This is the name of the S3 bucket. + type: string + minLength: 1 + Key: + description: The name of the zip file that contains the script files. + type: string + minLength: 1 + ObjectVersion: + description: The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from your S3 bucket. To retrieve a specific version of the file, provide an object version. To retrieve the latest version of the file, do not set this parameter. + type: string + minLength: 1 + RoleArn: + description: The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access the S3 bucket. + type: string + minLength: 1 + required: + - Bucket + - Key + - RoleArn + Script: + type: object + properties: + Name: + type: string + description: A descriptive label that is associated with a script. Script names do not need to be unique. + minLength: 1 + maxLength: 1024 + StorageLocation: + type: object + description: >- + The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the "key"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use + the ObjectVersion parameter to specify an earlier version. + $ref: '#/components/schemas/S3Location' + Version: + description: The version that is associated with a script. Version strings do not need to be unique. + type: string + minLength: 1 + maxLength: 1024 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + CreationTime: + description: A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example "1469498468.057"). + type: string + Arn: + description: The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift script resource and uniquely identifies it. ARNs are unique across all Regions. In a GameLift script ARN, the resource ID matches the Id value. + pattern: ^arn:.*:script\/script-\S+ + type: string + Id: + description: A unique identifier for the Realtime script + pattern: ^script-\S+ + type: string + SizeOnDisk: + description: The file size of the uploaded Realtime script, expressed in bytes. When files are uploaded from an S3 location, this value remains at "0". + type: integer + minimum: 1 + required: + - StorageLocation + x-stackql-resource-name: script + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - CreationTime + - Arn + - SizeOnDisk + x-required-permissions: + create: + - gamelift:CreateScript + - gamelift:ListTagsForResource + - gamelift:TagResource + - gamelift:DescribeScript + - iam:PassRole + read: + - gamelift:DescribeScript + - gamelift:ListScripts + - gamelift:ListTagsForResource + delete: + - gamelift:DeleteScript + list: + - gamelift:ListScripts + - gamelift:DescribeScript + update: + - gamelift:DescribeScript + - gamelift:UpdateScript + - gamelift:ListTagsForResource + - gamelift:TagResource + - gamelift:UntagResource + - iam:PassRole + x-stackQL-resources: + aliases: + name: aliases + id: awscc.gamelift.aliases + x-cfn-schema-name: Alias + x-type: list + x-identifiers: + - AliasId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AliasId') as alias_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Alias' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AliasId') as alias_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Alias' + AND region = 'us-east-1' + alias: + name: alias + id: awscc.gamelift.alias + x-cfn-schema-name: Alias + x-type: get + x-identifiers: + - AliasId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoutingStrategy') as routing_strategy, + JSON_EXTRACT(Properties, '$.AliasId') as alias_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Alias' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoutingStrategy') as routing_strategy, + json_extract_path_text(Properties, 'AliasId') as alias_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Alias' + AND data__Identifier = '' + AND region = 'us-east-1' + builds: + name: builds + id: awscc.gamelift.builds + x-cfn-schema-name: Build + x-type: list + x-identifiers: + - BuildId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BuildId') as build_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Build' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BuildId') as build_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Build' + AND region = 'us-east-1' + build: + name: build + id: awscc.gamelift.build + x-cfn-schema-name: Build + x-type: get + x-identifiers: + - BuildId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BuildId') as build_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.OperatingSystem') as operating_system, + JSON_EXTRACT(Properties, '$.StorageLocation') as storage_location, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.ServerSdkVersion') as server_sdk_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Build' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BuildId') as build_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'OperatingSystem') as operating_system, + json_extract_path_text(Properties, 'StorageLocation') as storage_location, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'ServerSdkVersion') as server_sdk_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Build' + AND data__Identifier = '' + AND region = 'us-east-1' + locations: + name: locations + id: awscc.gamelift.locations + x-cfn-schema-name: Location + x-type: list + x-identifiers: + - LocationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationName') as location_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Location' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationName') as location_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Location' + AND region = 'us-east-1' + location: + name: location + id: awscc.gamelift.location + x-cfn-schema-name: Location + x-type: get + x-identifiers: + - LocationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LocationName') as location_name, + JSON_EXTRACT(Properties, '$.LocationArn') as location_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Location' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LocationName') as location_name, + json_extract_path_text(Properties, 'LocationArn') as location_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Location' + AND data__Identifier = '' + AND region = 'us-east-1' + fleets: + name: fleets + id: awscc.gamelift.fleets + x-cfn-schema-name: Fleet + x-type: list + x-identifiers: + - FleetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FleetId') as fleet_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Fleet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FleetId') as fleet_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Fleet' + AND region = 'us-east-1' + fleet: + name: fleet + id: awscc.gamelift.fleet + x-cfn-schema-name: Fleet + x-type: get + x-identifiers: + - FleetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScalingPolicies') as scaling_policies, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.PeerVpcId') as peer_vpc_id, + JSON_EXTRACT(Properties, '$.ApplyCapacity') as apply_capacity, + JSON_EXTRACT(Properties, '$.EC2InboundPermissions') as e_c2_inbound_permissions, + JSON_EXTRACT(Properties, '$.ComputeType') as compute_type, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.AnywhereConfiguration') as anywhere_configuration, + JSON_EXTRACT(Properties, '$.InstanceRoleARN') as instance_role_arn, + JSON_EXTRACT(Properties, '$.FleetId') as fleet_id, + JSON_EXTRACT(Properties, '$.CertificateConfiguration') as certificate_configuration, + JSON_EXTRACT(Properties, '$.InstanceRoleCredentialsProvider') as instance_role_credentials_provider, + JSON_EXTRACT(Properties, '$.DesiredEC2Instances') as desired_ec2_instances, + JSON_EXTRACT(Properties, '$.ServerLaunchParameters') as server_launch_parameters, + JSON_EXTRACT(Properties, '$.FleetType') as fleet_type, + JSON_EXTRACT(Properties, '$.Locations') as locations, + JSON_EXTRACT(Properties, '$.NewGameSessionProtectionPolicy') as new_game_session_protection_policy, + JSON_EXTRACT(Properties, '$.ScriptId') as script_id, + JSON_EXTRACT(Properties, '$.MaxSize') as max_size, + JSON_EXTRACT(Properties, '$.RuntimeConfiguration') as runtime_configuration, + JSON_EXTRACT(Properties, '$.LogPaths') as log_paths, + JSON_EXTRACT(Properties, '$.ServerLaunchPath') as server_launch_path, + JSON_EXTRACT(Properties, '$.MinSize') as min_size, + JSON_EXTRACT(Properties, '$.PeerVpcAwsAccountId') as peer_vpc_aws_account_id, + JSON_EXTRACT(Properties, '$.MetricGroups') as metric_groups, + JSON_EXTRACT(Properties, '$.BuildId') as build_id, + JSON_EXTRACT(Properties, '$.ResourceCreationLimitPolicy') as resource_creation_limit_policy, + JSON_EXTRACT(Properties, '$.EC2InstanceType') as e_c2_instance_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScalingPolicies') as scaling_policies, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'PeerVpcId') as peer_vpc_id, + json_extract_path_text(Properties, 'ApplyCapacity') as apply_capacity, + json_extract_path_text(Properties, 'EC2InboundPermissions') as e_c2_inbound_permissions, + json_extract_path_text(Properties, 'ComputeType') as compute_type, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'AnywhereConfiguration') as anywhere_configuration, + json_extract_path_text(Properties, 'InstanceRoleARN') as instance_role_arn, + json_extract_path_text(Properties, 'FleetId') as fleet_id, + json_extract_path_text(Properties, 'CertificateConfiguration') as certificate_configuration, + json_extract_path_text(Properties, 'InstanceRoleCredentialsProvider') as instance_role_credentials_provider, + json_extract_path_text(Properties, 'DesiredEC2Instances') as desired_ec2_instances, + json_extract_path_text(Properties, 'ServerLaunchParameters') as server_launch_parameters, + json_extract_path_text(Properties, 'FleetType') as fleet_type, + json_extract_path_text(Properties, 'Locations') as locations, + json_extract_path_text(Properties, 'NewGameSessionProtectionPolicy') as new_game_session_protection_policy, + json_extract_path_text(Properties, 'ScriptId') as script_id, + json_extract_path_text(Properties, 'MaxSize') as max_size, + json_extract_path_text(Properties, 'RuntimeConfiguration') as runtime_configuration, + json_extract_path_text(Properties, 'LogPaths') as log_paths, + json_extract_path_text(Properties, 'ServerLaunchPath') as server_launch_path, + json_extract_path_text(Properties, 'MinSize') as min_size, + json_extract_path_text(Properties, 'PeerVpcAwsAccountId') as peer_vpc_aws_account_id, + json_extract_path_text(Properties, 'MetricGroups') as metric_groups, + json_extract_path_text(Properties, 'BuildId') as build_id, + json_extract_path_text(Properties, 'ResourceCreationLimitPolicy') as resource_creation_limit_policy, + json_extract_path_text(Properties, 'EC2InstanceType') as e_c2_instance_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' + game_server_groups: + name: game_server_groups + id: awscc.gamelift.game_server_groups + x-cfn-schema-name: GameServerGroup + x-type: list + x-identifiers: + - GameServerGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GameServerGroupArn') as game_server_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::GameServerGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GameServerGroupArn') as game_server_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::GameServerGroup' + AND region = 'us-east-1' + game_server_group: + name: game_server_group + id: awscc.gamelift.game_server_group + x-cfn-schema-name: GameServerGroup + x-type: get + x-identifiers: + - GameServerGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AutoScalingGroupArn') as auto_scaling_group_arn, + JSON_EXTRACT(Properties, '$.AutoScalingPolicy') as auto_scaling_policy, + JSON_EXTRACT(Properties, '$.BalancingStrategy') as balancing_strategy, + JSON_EXTRACT(Properties, '$.DeleteOption') as delete_option, + JSON_EXTRACT(Properties, '$.GameServerGroupArn') as game_server_group_arn, + JSON_EXTRACT(Properties, '$.GameServerGroupName') as game_server_group_name, + JSON_EXTRACT(Properties, '$.GameServerProtectionPolicy') as game_server_protection_policy, + JSON_EXTRACT(Properties, '$.InstanceDefinitions') as instance_definitions, + JSON_EXTRACT(Properties, '$.LaunchTemplate') as launch_template, + JSON_EXTRACT(Properties, '$.MaxSize') as max_size, + JSON_EXTRACT(Properties, '$.MinSize') as min_size, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcSubnets') as vpc_subnets + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::GameServerGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AutoScalingGroupArn') as auto_scaling_group_arn, + json_extract_path_text(Properties, 'AutoScalingPolicy') as auto_scaling_policy, + json_extract_path_text(Properties, 'BalancingStrategy') as balancing_strategy, + json_extract_path_text(Properties, 'DeleteOption') as delete_option, + json_extract_path_text(Properties, 'GameServerGroupArn') as game_server_group_arn, + json_extract_path_text(Properties, 'GameServerGroupName') as game_server_group_name, + json_extract_path_text(Properties, 'GameServerProtectionPolicy') as game_server_protection_policy, + json_extract_path_text(Properties, 'InstanceDefinitions') as instance_definitions, + json_extract_path_text(Properties, 'LaunchTemplate') as launch_template, + json_extract_path_text(Properties, 'MaxSize') as max_size, + json_extract_path_text(Properties, 'MinSize') as min_size, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcSubnets') as vpc_subnets + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::GameServerGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + game_session_queues: + name: game_session_queues + id: awscc.gamelift.game_session_queues + x-cfn-schema-name: GameSessionQueue + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::GameSessionQueue' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::GameSessionQueue' + AND region = 'us-east-1' + game_session_queue: + name: game_session_queue + id: awscc.gamelift.game_session_queue + x-cfn-schema-name: GameSessionQueue + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.TimeoutInSeconds') as timeout_in_seconds, + JSON_EXTRACT(Properties, '$.Destinations') as destinations, + JSON_EXTRACT(Properties, '$.PlayerLatencyPolicies') as player_latency_policies, + JSON_EXTRACT(Properties, '$.CustomEventData') as custom_event_data, + JSON_EXTRACT(Properties, '$.NotificationTarget') as notification_target, + JSON_EXTRACT(Properties, '$.FilterConfiguration') as filter_configuration, + JSON_EXTRACT(Properties, '$.PriorityConfiguration') as priority_configuration, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::GameSessionQueue' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'TimeoutInSeconds') as timeout_in_seconds, + json_extract_path_text(Properties, 'Destinations') as destinations, + json_extract_path_text(Properties, 'PlayerLatencyPolicies') as player_latency_policies, + json_extract_path_text(Properties, 'CustomEventData') as custom_event_data, + json_extract_path_text(Properties, 'NotificationTarget') as notification_target, + json_extract_path_text(Properties, 'FilterConfiguration') as filter_configuration, + json_extract_path_text(Properties, 'PriorityConfiguration') as priority_configuration, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::GameSessionQueue' + AND data__Identifier = '' + AND region = 'us-east-1' + matchmaking_configurations: + name: matchmaking_configurations + id: awscc.gamelift.matchmaking_configurations + x-cfn-schema-name: MatchmakingConfiguration + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::MatchmakingConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::MatchmakingConfiguration' + AND region = 'us-east-1' + matchmaking_configuration: + name: matchmaking_configuration + id: awscc.gamelift.matchmaking_configuration + x-cfn-schema-name: MatchmakingConfiguration + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AcceptanceRequired') as acceptance_required, + JSON_EXTRACT(Properties, '$.AcceptanceTimeoutSeconds') as acceptance_timeout_seconds, + JSON_EXTRACT(Properties, '$.AdditionalPlayerCount') as additional_player_count, + JSON_EXTRACT(Properties, '$.BackfillMode') as backfill_mode, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.CustomEventData') as custom_event_data, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.FlexMatchMode') as flex_match_mode, + JSON_EXTRACT(Properties, '$.GameProperties') as game_properties, + JSON_EXTRACT(Properties, '$.GameSessionData') as game_session_data, + JSON_EXTRACT(Properties, '$.GameSessionQueueArns') as game_session_queue_arns, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.NotificationTarget') as notification_target, + JSON_EXTRACT(Properties, '$.RequestTimeoutSeconds') as request_timeout_seconds, + JSON_EXTRACT(Properties, '$.RuleSetArn') as rule_set_arn, + JSON_EXTRACT(Properties, '$.RuleSetName') as rule_set_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::MatchmakingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AcceptanceRequired') as acceptance_required, + json_extract_path_text(Properties, 'AcceptanceTimeoutSeconds') as acceptance_timeout_seconds, + json_extract_path_text(Properties, 'AdditionalPlayerCount') as additional_player_count, + json_extract_path_text(Properties, 'BackfillMode') as backfill_mode, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'CustomEventData') as custom_event_data, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'FlexMatchMode') as flex_match_mode, + json_extract_path_text(Properties, 'GameProperties') as game_properties, + json_extract_path_text(Properties, 'GameSessionData') as game_session_data, + json_extract_path_text(Properties, 'GameSessionQueueArns') as game_session_queue_arns, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'NotificationTarget') as notification_target, + json_extract_path_text(Properties, 'RequestTimeoutSeconds') as request_timeout_seconds, + json_extract_path_text(Properties, 'RuleSetArn') as rule_set_arn, + json_extract_path_text(Properties, 'RuleSetName') as rule_set_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::MatchmakingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + matchmaking_rule_sets: + name: matchmaking_rule_sets + id: awscc.gamelift.matchmaking_rule_sets + x-cfn-schema-name: MatchmakingRuleSet + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::MatchmakingRuleSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::MatchmakingRuleSet' + AND region = 'us-east-1' + matchmaking_rule_set: + name: matchmaking_rule_set + id: awscc.gamelift.matchmaking_rule_set + x-cfn-schema-name: MatchmakingRuleSet + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RuleSetBody') as rule_set_body, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::MatchmakingRuleSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RuleSetBody') as rule_set_body, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::MatchmakingRuleSet' + AND data__Identifier = '' + AND region = 'us-east-1' + scripts: + name: scripts + id: awscc.gamelift.scripts + x-cfn-schema-name: Script + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Script' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GameLift::Script' + AND region = 'us-east-1' + script: + name: script + id: awscc.gamelift.script + x-cfn-schema-name: Script + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.StorageLocation') as storage_location, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.SizeOnDisk') as size_on_disk + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Script' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'StorageLocation') as storage_location, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'SizeOnDisk') as size_on_disk + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GameLift::Script' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/globalaccelerator.yaml b/providers/src/awscc/v00.00.00000/services/globalaccelerator.yaml new file mode 100644 index 00000000..4b51c3e5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/globalaccelerator.yaml @@ -0,0 +1,507 @@ +openapi: 3.0.0 +info: + title: GlobalAccelerator + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: Tag is a key-value pair associated with accelerator. + type: object + properties: + Key: + description: Key of the tag. Value can be 1 to 127 characters. + type: string + minLength: 1 + maxLength: 127 + Value: + description: Value for the tag. Value can be 1 to 255 characters. + type: string + minLength: 1 + maxLength: 255 + required: + - Value + - Key + additionalProperties: false + IpAddress: + pattern: ^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$ + description: An IPV4 address + type: string + Accelerator: + type: object + properties: + Name: + description: Name of accelerator. + type: string + pattern: ^[a-zA-Z0-9_-]{0,64}$ + minLength: 1 + maxLength: 64 + IpAddressType: + description: IP Address type. + type: string + default: IPV4 + enum: + - IPV4 + - DUAL_STACK + IpAddresses: + description: The IP addresses from BYOIP Prefix pool. + default: null + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/IpAddress' + Enabled: + description: Indicates whether an accelerator is enabled. The value is true or false. + default: true + type: boolean + DnsName: + description: The Domain Name System (DNS) name that Global Accelerator creates that points to your accelerator's static IPv4 addresses. + type: string + Ipv4Addresses: + description: The IPv4 addresses assigned to the accelerator. + x-insertionOrder: true + type: array + items: + type: string + Ipv6Addresses: + description: The IPv6 addresses assigned if the accelerator is dualstack + default: null + x-insertionOrder: true + type: array + items: + type: string + DualStackDnsName: + description: The Domain Name System (DNS) name that Global Accelerator creates that points to your accelerator's static IPv4 and IPv6 addresses. + type: string + AcceleratorArn: + description: The Amazon Resource Name (ARN) of the accelerator. + type: string + Tags: + x-insertionOrder: true + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: accelerator + x-stackql-primaryIdentifier: + - AcceleratorArn + x-read-only-properties: + - AcceleratorArn + - DnsName + - Ipv4Addresses + - Ipv6Addresses + - DualStackDnsName + x-required-permissions: + create: + - globalaccelerator:CreateAccelerator + - globalaccelerator:DescribeAccelerator + - globalaccelerator:TagResource + read: + - globalaccelerator:DescribeAccelerator + update: + - globalaccelerator:UpdateAccelerator + - globalaccelerator:TagResource + - globalaccelerator:UntagResource + - globalaccelerator:DescribeAccelerator + delete: + - globalaccelerator:UpdateAccelerator + - globalaccelerator:DeleteAccelerator + - globalaccelerator:DescribeAccelerator + list: + - globalaccelerator:ListAccelerators + EndpointConfiguration: + description: The configuration for a given endpoint + type: object + properties: + EndpointId: + description: Id of the endpoint. For Network/Application Load Balancer this value is the ARN. For EIP, this value is the allocation ID. For EC2 instances, this is the EC2 instance ID + type: string + AttachmentArn: + description: Attachment ARN that provides access control to the cross account endpoint. Not required for resources hosted in the same account as the endpoint group. + type: string + Weight: + description: The weight for the endpoint. + type: integer + minimum: 0 + maximum: 255 + default: 100 + ClientIPPreservationEnabled: + description: true if client ip should be preserved + type: boolean + default: true + required: + - EndpointId + additionalProperties: false + Port: + description: A network port number + type: integer + minimum: 0 + maximum: 65535 + PortOverride: + description: listener to endpoint port mapping. + type: object + properties: + ListenerPort: + $ref: '#/components/schemas/Port' + EndpointPort: + $ref: '#/components/schemas/Port' + required: + - ListenerPort + - EndpointPort + additionalProperties: false + EndpointGroup: + type: object + properties: + ListenerArn: + description: The Amazon Resource Name (ARN) of the listener + type: string + EndpointGroupRegion: + description: The name of the AWS Region where the endpoint group is located + type: string + EndpointConfigurations: + description: The list of endpoint objects. + type: array + items: + $ref: '#/components/schemas/EndpointConfiguration' + TrafficDialPercentage: + description: The percentage of traffic to sent to an AWS Region + type: number + minimum: 0 + maximum: 100 + default: 100 + HealthCheckPort: + description: The port that AWS Global Accelerator uses to check the health of endpoints in this endpoint group. + type: integer + minimum: -1 + maximum: 65535 + default: -1 + HealthCheckProtocol: + description: The protocol that AWS Global Accelerator uses to check the health of endpoints in this endpoint group. + type: string + default: TCP + enum: + - TCP + - HTTP + - HTTPS + HealthCheckPath: + description: '' + type: string + default: / + HealthCheckIntervalSeconds: + description: The time in seconds between each health check for an endpoint. Must be a value of 10 or 30 + type: integer + default: 30 + ThresholdCount: + description: The number of consecutive health checks required to set the state of the endpoint to unhealthy. + type: integer + default: 3 + EndpointGroupArn: + description: The Amazon Resource Name (ARN) of the endpoint group + type: string + PortOverrides: + type: array + items: + $ref: '#/components/schemas/PortOverride' + required: + - ListenerArn + - EndpointGroupRegion + x-stackql-resource-name: endpoint_group + x-stackql-primaryIdentifier: + - EndpointGroupArn + x-create-only-properties: + - EndpointGroupRegion + - ListenerArn + x-read-only-properties: + - EndpointGroupArn + x-required-permissions: + create: + - globalaccelerator:CreateEndpointGroup + - globalaccelerator:DescribeEndpointGroup + - globalaccelerator:DescribeAccelerator + - globalaccelerator:DescribeListener + - globalaccelerator:ListAccelerators + - globalaccelerator:ListListeners + read: + - globalaccelerator:DescribeEndpointGroup + update: + - globalaccelerator:UpdateEndpointGroup + - globalaccelerator:DescribeEndpointGroup + - globalaccelerator:DescribeListener + - globalaccelerator:DescribeAccelerator + delete: + - globalaccelerator:DeleteEndpointGroup + - globalaccelerator:DescribeEndpointGroup + - globalaccelerator:DescribeAccelerator + list: + - globalaccelerator:ListEndpointGroups + PortRange: + description: A port range to support for connections from clients to your accelerator. + type: object + properties: + FromPort: + $ref: '#/components/schemas/Port' + ToPort: + $ref: '#/components/schemas/Port' + required: + - FromPort + - ToPort + additionalProperties: false + Listener: + type: object + properties: + ListenerArn: + description: The Amazon Resource Name (ARN) of the listener. + type: string + AcceleratorArn: + description: The Amazon Resource Name (ARN) of the accelerator. + type: string + PortRanges: + type: array + items: + $ref: '#/components/schemas/PortRange' + Protocol: + description: The protocol for the listener. + type: string + default: TCP + enum: + - TCP + - UDP + ClientAffinity: + description: Client affinity lets you direct all requests from a user to the same endpoint. + type: string + default: NONE + enum: + - NONE + - SOURCE_IP + required: + - AcceleratorArn + - PortRanges + - Protocol + x-stackql-resource-name: listener + x-stackql-primaryIdentifier: + - ListenerArn + x-create-only-properties: + - AcceleratorArn + x-read-only-properties: + - ListenerArn + x-required-permissions: + create: + - globalaccelerator:CreateListener + - globalaccelerator:DescribeListener + - globalaccelerator:DescribeAccelerator + read: + - globalaccelerator:DescribeListener + update: + - globalaccelerator:UpdateListener + - globalaccelerator:DescribeListener + - globalaccelerator:DescribeAccelerator + delete: + - globalaccelerator:DescribeListener + - globalaccelerator:DeleteListener + - globalaccelerator:DescribeAccelerator + list: + - globalaccelerator:ListListeners + x-stackQL-resources: + accelerators: + name: accelerators + id: awscc.globalaccelerator.accelerators + x-cfn-schema-name: Accelerator + x-type: list + x-identifiers: + - AcceleratorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AcceleratorArn') as accelerator_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GlobalAccelerator::Accelerator' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AcceleratorArn') as accelerator_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GlobalAccelerator::Accelerator' + AND region = 'us-east-1' + accelerator: + name: accelerator + id: awscc.globalaccelerator.accelerator + x-cfn-schema-name: Accelerator + x-type: get + x-identifiers: + - AcceleratorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.IpAddressType') as ip_address_type, + JSON_EXTRACT(Properties, '$.IpAddresses') as ip_addresses, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.DnsName') as dns_name, + JSON_EXTRACT(Properties, '$.Ipv4Addresses') as ipv4_addresses, + JSON_EXTRACT(Properties, '$.Ipv6Addresses') as ipv6_addresses, + JSON_EXTRACT(Properties, '$.DualStackDnsName') as dual_stack_dns_name, + JSON_EXTRACT(Properties, '$.AcceleratorArn') as accelerator_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GlobalAccelerator::Accelerator' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'IpAddressType') as ip_address_type, + json_extract_path_text(Properties, 'IpAddresses') as ip_addresses, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'DnsName') as dns_name, + json_extract_path_text(Properties, 'Ipv4Addresses') as ipv4_addresses, + json_extract_path_text(Properties, 'Ipv6Addresses') as ipv6_addresses, + json_extract_path_text(Properties, 'DualStackDnsName') as dual_stack_dns_name, + json_extract_path_text(Properties, 'AcceleratorArn') as accelerator_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GlobalAccelerator::Accelerator' + AND data__Identifier = '' + AND region = 'us-east-1' + endpoint_groups: + name: endpoint_groups + id: awscc.globalaccelerator.endpoint_groups + x-cfn-schema-name: EndpointGroup + x-type: list + x-identifiers: + - EndpointGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EndpointGroupArn') as endpoint_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GlobalAccelerator::EndpointGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EndpointGroupArn') as endpoint_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GlobalAccelerator::EndpointGroup' + AND region = 'us-east-1' + endpoint_group: + name: endpoint_group + id: awscc.globalaccelerator.endpoint_group + x-cfn-schema-name: EndpointGroup + x-type: get + x-identifiers: + - EndpointGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ListenerArn') as listener_arn, + JSON_EXTRACT(Properties, '$.EndpointGroupRegion') as endpoint_group_region, + JSON_EXTRACT(Properties, '$.EndpointConfigurations') as endpoint_configurations, + JSON_EXTRACT(Properties, '$.TrafficDialPercentage') as traffic_dial_percentage, + JSON_EXTRACT(Properties, '$.HealthCheckPort') as health_check_port, + JSON_EXTRACT(Properties, '$.HealthCheckProtocol') as health_check_protocol, + JSON_EXTRACT(Properties, '$.HealthCheckPath') as health_check_path, + JSON_EXTRACT(Properties, '$.HealthCheckIntervalSeconds') as health_check_interval_seconds, + JSON_EXTRACT(Properties, '$.ThresholdCount') as threshold_count, + JSON_EXTRACT(Properties, '$.EndpointGroupArn') as endpoint_group_arn, + JSON_EXTRACT(Properties, '$.PortOverrides') as port_overrides + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GlobalAccelerator::EndpointGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ListenerArn') as listener_arn, + json_extract_path_text(Properties, 'EndpointGroupRegion') as endpoint_group_region, + json_extract_path_text(Properties, 'EndpointConfigurations') as endpoint_configurations, + json_extract_path_text(Properties, 'TrafficDialPercentage') as traffic_dial_percentage, + json_extract_path_text(Properties, 'HealthCheckPort') as health_check_port, + json_extract_path_text(Properties, 'HealthCheckProtocol') as health_check_protocol, + json_extract_path_text(Properties, 'HealthCheckPath') as health_check_path, + json_extract_path_text(Properties, 'HealthCheckIntervalSeconds') as health_check_interval_seconds, + json_extract_path_text(Properties, 'ThresholdCount') as threshold_count, + json_extract_path_text(Properties, 'EndpointGroupArn') as endpoint_group_arn, + json_extract_path_text(Properties, 'PortOverrides') as port_overrides + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GlobalAccelerator::EndpointGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + listeners: + name: listeners + id: awscc.globalaccelerator.listeners + x-cfn-schema-name: Listener + x-type: list + x-identifiers: + - ListenerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ListenerArn') as listener_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GlobalAccelerator::Listener' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ListenerArn') as listener_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GlobalAccelerator::Listener' + AND region = 'us-east-1' + listener: + name: listener + id: awscc.globalaccelerator.listener + x-cfn-schema-name: Listener + x-type: get + x-identifiers: + - ListenerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ListenerArn') as listener_arn, + JSON_EXTRACT(Properties, '$.AcceleratorArn') as accelerator_arn, + JSON_EXTRACT(Properties, '$.PortRanges') as port_ranges, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.ClientAffinity') as client_affinity + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GlobalAccelerator::Listener' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ListenerArn') as listener_arn, + json_extract_path_text(Properties, 'AcceleratorArn') as accelerator_arn, + json_extract_path_text(Properties, 'PortRanges') as port_ranges, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'ClientAffinity') as client_affinity + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GlobalAccelerator::Listener' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/glue.yaml b/providers/src/awscc/v00.00.00000/services/glue.yaml new file mode 100644 index 00000000..1de0d491 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/glue.yaml @@ -0,0 +1,223 @@ +openapi: 3.0.0 +info: + title: Glue + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + properties: + Key: + description: A key to identify the tag. + type: string + minLength: 1 + maxLength: 128 + Value: + description: Corresponding tag value for the key. + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Registry: + type: object + description: Identifier for the registry which the schema is part of. + properties: + Name: + description: Name of the registry in which the schema will be created. + type: string + maxLength: 255 + minLength: 1 + Arn: + description: Amazon Resource Name for the Registry. + type: string + pattern: arn:aws(-(cn|us-gov|iso(-[bef])?))?:glue:.* + additionalProperties: false + SchemaVersion: + type: object + properties: + Schema: + $ref: '#/components/schemas/Schema' + SchemaDefinition: + type: string + description: Complete definition of the schema in plain-text. + minLength: 1 + maxLength: 170000 + VersionId: + type: string + description: Represents the version ID associated with the schema version. + pattern: '[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}' + required: + - Schema + - SchemaDefinition + x-stackql-resource-name: schema_version + x-stackql-primaryIdentifier: + - VersionId + x-create-only-properties: + - Schema + - SchemaDefinition + x-read-only-properties: + - VersionId + x-required-permissions: + create: + - glue:RegisterSchemaVersion + - glue:GetSchemaVersion + - glue:GetSchemaByDefinition + read: + - glue:GetSchemaVersion + delete: + - glue:DeleteSchemaVersions + - glue:GetSchemaVersion + list: + - glue:ListSchemaVersions + Schema: + description: Identifier for the schema where the schema version will be created. + type: object + properties: + SchemaArn: + description: Amazon Resource Name for the Schema. This attribute can be used to uniquely represent the Schema. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):glue:.* + SchemaName: + description: Name of the schema. This parameter requires RegistryName to be provided. + type: string + minLength: 1 + maxLength: 255 + RegistryName: + description: Name of the registry to identify where the Schema is located. + type: string + maxLength: 255 + minLength: 1 + additionalProperties: false + SchemaVersionMetadata: + type: object + properties: + SchemaVersionId: + type: string + description: Represents the version ID associated with the schema version. + pattern: '[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}' + Key: + type: string + description: Metadata key + minLength: 1 + maxLength: 128 + Value: + type: string + description: Metadata value + minLength: 1 + maxLength: 256 + required: + - SchemaVersionId + - Key + - Value + x-stackql-resource-name: schema_version_metadata + x-stackql-primaryIdentifier: + - SchemaVersionId + - Key + - Value + x-create-only-properties: + - SchemaVersionId + - Key + - Value + x-required-permissions: + create: + - glue:putSchemaVersionMetadata + read: + - glue:querySchemaVersionMetadata + delete: + - glue:removeSchemaVersionMetadata + list: + - glue:querySchemaVersionMetadata + x-stackQL-resources: + schema_versions: + name: schema_versions + id: awscc.glue.schema_versions + x-cfn-schema-name: SchemaVersion + x-type: list + x-identifiers: + - VersionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VersionId') as version_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Glue::SchemaVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VersionId') as version_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Glue::SchemaVersion' + AND region = 'us-east-1' + schema_version: + name: schema_version + id: awscc.glue.schema_version + x-cfn-schema-name: SchemaVersion + x-type: get + x-identifiers: + - VersionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.SchemaDefinition') as schema_definition, + JSON_EXTRACT(Properties, '$.VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Glue::SchemaVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'SchemaDefinition') as schema_definition, + json_extract_path_text(Properties, 'VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Glue::SchemaVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + schema_version_metadata: + name: schema_version_metadata + id: awscc.glue.schema_version_metadata + x-cfn-schema-name: SchemaVersionMetadata + x-type: get + x-identifiers: + - SchemaVersionId + - Key + - Value + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SchemaVersionId') as schema_version_id, + JSON_EXTRACT(Properties, '$.Key') as key, + JSON_EXTRACT(Properties, '$.Value') as value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Glue::SchemaVersionMetadata' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SchemaVersionId') as schema_version_id, + json_extract_path_text(Properties, 'Key') as key, + json_extract_path_text(Properties, 'Value') as value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Glue::SchemaVersionMetadata' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/grafana.yaml b/providers/src/awscc/v00.00.00000/services/grafana.yaml new file mode 100644 index 00000000..e322ed93 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/grafana.yaml @@ -0,0 +1,485 @@ +openapi: 3.0.0 +info: + title: Grafana + version: 1.0.0 +paths: {} +components: + schemas: + AssertionAttributes: + type: object + description: Maps Grafana friendly names to the IdPs SAML attributes. + properties: + Name: + type: string + maxLength: 256 + minLength: 1 + description: Name of the attribute within the SAML assert to use as the users name in Grafana. + Login: + type: string + maxLength: 256 + minLength: 1 + description: Name of the attribute within the SAML assert to use as the users login handle in Grafana. + Email: + type: string + maxLength: 256 + minLength: 1 + description: Name of the attribute within the SAML assert to use as the users email in Grafana. + Groups: + type: string + maxLength: 256 + minLength: 1 + description: Name of the attribute within the SAML assert to use as the users groups in Grafana. + Role: + type: string + maxLength: 256 + minLength: 1 + description: Name of the attribute within the SAML assert to use as the users roles in Grafana. + Org: + type: string + maxLength: 256 + minLength: 1 + description: Name of the attribute within the SAML assert to use as the users organizations in Grafana. + additionalProperties: false + IdpMetadata: + type: object + description: IdP Metadata used to configure SAML authentication in Grafana. + properties: + Url: + type: string + maxLength: 2048 + minLength: 1 + description: URL that vends the IdPs metadata. + Xml: + type: string + description: XML blob of the IdPs metadata. + additionalProperties: false + RoleValues: + type: object + description: Maps SAML roles to the Grafana Editor and Admin roles. + properties: + Editor: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 256 + minLength: 1 + description: A single SAML role. + description: List of SAML roles which will be mapped into the Grafana Editor role. + Admin: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 256 + minLength: 1 + description: A single SAML role. + description: List of SAML roles which will be mapped into the Grafana Admin role. + additionalProperties: false + SamlConfiguration: + type: object + description: SAML configuration data associated with an AMG workspace. + properties: + IdpMetadata: + $ref: '#/components/schemas/IdpMetadata' + AssertionAttributes: + $ref: '#/components/schemas/AssertionAttributes' + RoleValues: + $ref: '#/components/schemas/RoleValues' + AllowedOrganizations: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 256 + minLength: 1 + description: A single SAML organization. + description: List of SAML organizations allowed to access Grafana. + LoginValidityDuration: + type: number + description: The maximum lifetime an authenticated user can be logged in (in minutes) before being required to re-authenticate. + required: + - IdpMetadata + additionalProperties: false + NetworkAccessControl: + type: object + description: The configuration settings for Network Access Control. + properties: + PrefixListIds: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 5 + items: + type: string + minLength: 1 + description: Prefix List Ids + description: The list of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration then no IP addresses will be allowed to access the workspace. + VpceIds: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 5 + items: + type: string + minLength: 1 + description: VPCE Ids + description: The list of Amazon VPC endpoint IDs for the workspace. If a NetworkAccessConfiguration is specified then only VPC endpoints specified here will be allowed to access the workspace. + additionalProperties: false + VpcConfiguration: + type: object + description: The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to. + properties: + SecurityGroupIds: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 1 + maxItems: 5 + items: + type: string + minLength: 1 + maxLength: 255 + description: VPC Security Group Id + description: The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. + SubnetIds: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 2 + maxItems: 6 + items: + type: string + minLength: 1 + maxLength: 255 + description: VPC Subnet Id + description: The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. + required: + - SecurityGroupIds + - SubnetIds + additionalProperties: false + AccountAccessType: + type: string + description: These enums represent valid account access types. Specifically these enums determine whether the workspace can access AWS resources in the AWS account only, or whether it can also access resources in other accounts in the same organization. If the value CURRENT_ACCOUNT is used, a workspace role ARN must be provided. If the value is ORGANIZATION, a list of organizational units must be provided. + enum: + - CURRENT_ACCOUNT + - ORGANIZATION + AuthenticationProviderTypes: + type: string + description: Valid workspace authentication providers. + enum: + - AWS_SSO + - SAML + DataSourceType: + type: string + description: These enums represent valid AWS data sources that can be queried via the Grafana workspace. These data sources are primarily used to help customers visualize which data sources have been added to a service managed workspace IAM role. + enum: + - AMAZON_OPENSEARCH_SERVICE + - CLOUDWATCH + - PROMETHEUS + - XRAY + - TIMESTREAM + - SITEWISE + - ATHENA + - REDSHIFT + NotificationDestinationType: + type: string + description: These enums represent valid AWS notification destinations that the Grafana workspace has permission to use. These notification destinations are primarily used to help customers visualize which destinations have been added to a service managed IAM role. + enum: + - SNS + PermissionType: + type: string + description: These enums represent valid permission types to use when creating or configuring a Grafana workspace. The SERVICE_MANAGED permission type means the Managed Grafana service will create a workspace IAM role on your behalf. The CUSTOMER_MANAGED permission type means that the customer is expected to provide an IAM role that the Grafana workspace can use to query data sources. + enum: + - CUSTOMER_MANAGED + - SERVICE_MANAGED + WorkspaceStatus: + type: string + description: These enums represent the status of a workspace. + enum: + - ACTIVE + - CREATING + - DELETING + - FAILED + - UPDATING + - UPGRADING + - VERSION_UPDATING + - DELETION_FAILED + - CREATION_FAILED + - UPDATE_FAILED + - UPGRADE_FAILED + - LICENSE_REMOVAL_FAILED + - VERSION_UPDATE_FAILED + SamlConfigurationStatus: + type: string + description: Valid SAML configuration statuses. + enum: + - CONFIGURED + - NOT_CONFIGURED + Workspace: + type: object + properties: + AuthenticationProviders: + type: array + x-insertionOrder: false + minItems: 1 + uniqueItems: true + items: + $ref: '#/components/schemas/AuthenticationProviderTypes' + description: List of authentication providers to enable. + SsoClientId: + type: string + description: The client ID of the AWS SSO Managed Application. + SamlConfiguration: + $ref: '#/components/schemas/SamlConfiguration' + NetworkAccessControl: + $ref: '#/components/schemas/NetworkAccessControl' + VpcConfiguration: + $ref: '#/components/schemas/VpcConfiguration' + SamlConfigurationStatus: + $ref: '#/components/schemas/SamlConfigurationStatus' + ClientToken: + type: string + pattern: ^[!-~]{1,64}$ + description: A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request. + Status: + $ref: '#/components/schemas/WorkspaceStatus' + CreationTimestamp: + type: string + description: Timestamp when the workspace was created. + format: date-time + ModificationTimestamp: + type: string + description: Timestamp when the workspace was last modified + format: date-time + GrafanaVersion: + type: string + maxLength: 255 + minLength: 1 + description: The version of Grafana to support in your workspace. + Endpoint: + type: string + maxLength: 2048 + minLength: 1 + description: Endpoint for the Grafana workspace. + AccountAccessType: + $ref: '#/components/schemas/AccountAccessType' + OrganizationRoleName: + type: string + maxLength: 2048 + minLength: 1 + description: The name of an IAM role that already exists to use with AWS Organizations to access AWS data sources and notification channels in other accounts in an organization. + PermissionType: + $ref: '#/components/schemas/PermissionType' + StackSetName: + type: string + description: The name of the AWS CloudFormation stack set to use to generate IAM roles to be used for this workspace. + DataSources: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/DataSourceType' + description: List of data sources on the service managed IAM role. + Description: + type: string + maxLength: 2048 + minLength: 0 + description: Description of a workspace. + Id: + type: string + pattern: ^g-[0-9a-f]{10}$ + description: The id that uniquely identifies a Grafana workspace. + Name: + type: string + pattern: ^[a-zA-Z0-9-._~]{1,255}$ + description: The user friendly name of a workspace. + NotificationDestinations: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/NotificationDestinationType' + description: List of notification destinations on the customers service managed IAM role that the Grafana workspace can query. + OrganizationalUnits: + type: array + x-insertionOrder: false + items: + type: string + description: Id of an organizational unit. + description: List of Organizational Units containing AWS accounts the Grafana workspace can pull data from. + RoleArn: + type: string + maxLength: 2048 + minLength: 1 + description: IAM Role that will be used to grant the Grafana workspace access to a customers AWS resources. + PluginAdminEnabled: + type: boolean + description: Allow workspace admins to install plugins + required: + - AuthenticationProviders + - PermissionType + - AccountAccessType + x-stackql-resource-name: workspace + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ClientToken + x-read-only-properties: + - Id + - SsoClientId + - SamlConfigurationStatus + - Endpoint + - Status + - CreationTimestamp + - ModificationTimestamp + x-required-permissions: + create: + - grafana:CreateWorkspace + - grafana:DescribeWorkspace + - grafana:DescribeWorkspaceAuthentication + - grafana:DescribeWorkspaceConfiguration + - grafana:UpdateWorkspaceAuthentication + - sso:DescribeRegisteredRegions + - sso:CreateManagedApplicationInstance + - organizations:DescribeOrganization + - sso:GetSharedSsoConfiguration + - iam:PassRole + - ec2:GetManagedPrefixListEntries + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - iam:CreateServiceLinkedRole + - sso:ListApplicationInstances + - sso:GetApplicationInstance + read: + - grafana:DescribeWorkspace + - grafana:DescribeWorkspaceAuthentication + - grafana:DescribeWorkspaceConfiguration + update: + - grafana:DescribeWorkspace + - grafana:DescribeWorkspaceAuthentication + - grafana:DescribeWorkspaceConfiguration + - grafana:UpdateWorkspace + - grafana:UpdateWorkspaceAuthentication + - grafana:UpdateWorkspaceConfiguration + - sso:DescribeRegisteredRegions + - sso:CreateManagedApplicationInstance + - ec2:GetManagedPrefixListEntries + - iam:PassRole + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - iam:CreateServiceLinkedRole + - sso:ListApplicationInstances + - sso:GetApplicationInstance + delete: + - grafana:DeleteWorkspace + - grafana:DescribeWorkspace + - grafana:DescribeWorkspaceAuthentication + - grafana:DescribeWorkspaceConfiguration + - sso:DeleteManagedApplicationInstance + - sso:DescribeRegisteredRegions + list: + - grafana:ListWorkspaces + - grafana:DescribeWorkspaceAuthentication + - grafana:DescribeWorkspaceConfiguration + x-stackQL-resources: + workspaces: + name: workspaces + id: awscc.grafana.workspaces + x-cfn-schema-name: Workspace + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Grafana::Workspace' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Grafana::Workspace' + AND region = 'us-east-1' + workspace: + name: workspace + id: awscc.grafana.workspace + x-cfn-schema-name: Workspace + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AuthenticationProviders') as authentication_providers, + JSON_EXTRACT(Properties, '$.SsoClientId') as sso_client_id, + JSON_EXTRACT(Properties, '$.SamlConfiguration') as saml_configuration, + JSON_EXTRACT(Properties, '$.NetworkAccessControl') as network_access_control, + JSON_EXTRACT(Properties, '$.VpcConfiguration') as vpc_configuration, + JSON_EXTRACT(Properties, '$.SamlConfigurationStatus') as saml_configuration_status, + JSON_EXTRACT(Properties, '$.ClientToken') as client_token, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.CreationTimestamp') as creation_timestamp, + JSON_EXTRACT(Properties, '$.ModificationTimestamp') as modification_timestamp, + JSON_EXTRACT(Properties, '$.GrafanaVersion') as grafana_version, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.AccountAccessType') as account_access_type, + JSON_EXTRACT(Properties, '$.OrganizationRoleName') as organization_role_name, + JSON_EXTRACT(Properties, '$.PermissionType') as permission_type, + JSON_EXTRACT(Properties, '$.StackSetName') as stack_set_name, + JSON_EXTRACT(Properties, '$.DataSources') as data_sources, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.NotificationDestinations') as notification_destinations, + JSON_EXTRACT(Properties, '$.OrganizationalUnits') as organizational_units, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.PluginAdminEnabled') as plugin_admin_enabled + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Grafana::Workspace' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AuthenticationProviders') as authentication_providers, + json_extract_path_text(Properties, 'SsoClientId') as sso_client_id, + json_extract_path_text(Properties, 'SamlConfiguration') as saml_configuration, + json_extract_path_text(Properties, 'NetworkAccessControl') as network_access_control, + json_extract_path_text(Properties, 'VpcConfiguration') as vpc_configuration, + json_extract_path_text(Properties, 'SamlConfigurationStatus') as saml_configuration_status, + json_extract_path_text(Properties, 'ClientToken') as client_token, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'CreationTimestamp') as creation_timestamp, + json_extract_path_text(Properties, 'ModificationTimestamp') as modification_timestamp, + json_extract_path_text(Properties, 'GrafanaVersion') as grafana_version, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'AccountAccessType') as account_access_type, + json_extract_path_text(Properties, 'OrganizationRoleName') as organization_role_name, + json_extract_path_text(Properties, 'PermissionType') as permission_type, + json_extract_path_text(Properties, 'StackSetName') as stack_set_name, + json_extract_path_text(Properties, 'DataSources') as data_sources, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'NotificationDestinations') as notification_destinations, + json_extract_path_text(Properties, 'OrganizationalUnits') as organizational_units, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'PluginAdminEnabled') as plugin_admin_enabled + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Grafana::Workspace' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/greengrassv2.yaml b/providers/src/awscc/v00.00.00000/services/greengrassv2.yaml new file mode 100644 index 00000000..ec570e73 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/greengrassv2.yaml @@ -0,0 +1,617 @@ +openapi: 3.0.0 +info: + title: GreengrassV2 + version: 1.0.0 +paths: {} +components: + schemas: + LambdaFunctionRecipeSource: + type: object + properties: + LambdaArn: + type: string + pattern: ^arn:[^:]*:lambda:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + ComponentName: + type: string + ComponentVersion: + type: string + ComponentPlatforms: + type: array + items: + $ref: '#/components/schemas/ComponentPlatform' + x-insertionOrder: false + ComponentDependencies: + type: object + x-patternProperties: + .*: + $ref: '#/components/schemas/ComponentDependencyRequirement' + additionalProperties: false + ComponentLambdaParameters: + $ref: '#/components/schemas/LambdaExecutionParameters' + additionalProperties: false + ComponentPlatform: + type: object + properties: + Name: + type: string + Attributes: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + additionalProperties: false + ComponentDependencyRequirement: + type: object + properties: + VersionRequirement: + type: string + DependencyType: + type: string + enum: + - SOFT + - HARD + additionalProperties: false + LambdaExecutionParameters: + type: object + properties: + EventSources: + type: array + items: + $ref: '#/components/schemas/LambdaEventSource' + x-insertionOrder: false + MaxQueueSize: + type: integer + MaxInstancesCount: + type: integer + MaxIdleTimeInSeconds: + type: integer + TimeoutInSeconds: + type: integer + StatusTimeoutInSeconds: + type: integer + Pinned: + type: boolean + InputPayloadEncodingType: + type: string + enum: + - json + - binary + ExecArgs: + type: array + items: + type: string + x-insertionOrder: true + EnvironmentVariables: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + LinuxProcessParams: + $ref: '#/components/schemas/LambdaLinuxProcessParams' + additionalProperties: false + LambdaEventSource: + type: object + properties: + Topic: + type: string + Type: + type: string + enum: + - PUB_SUB + - IOT_CORE + additionalProperties: false + LambdaLinuxProcessParams: + type: object + properties: + IsolationMode: + type: string + enum: + - GreengrassContainer + - NoContainer + ContainerParams: + $ref: '#/components/schemas/LambdaContainerParams' + additionalProperties: false + LambdaContainerParams: + type: object + properties: + MemorySizeInKB: + type: integer + MountROSysfs: + type: boolean + Volumes: + type: array + items: + $ref: '#/components/schemas/LambdaVolumeMount' + x-insertionOrder: false + Devices: + type: array + items: + $ref: '#/components/schemas/LambdaDeviceMount' + x-insertionOrder: false + additionalProperties: false + LambdaVolumeMount: + type: object + properties: + SourcePath: + $ref: '#/components/schemas/FilesystemPath' + DestinationPath: + $ref: '#/components/schemas/FilesystemPath' + Permission: + $ref: '#/components/schemas/LambdaFilesystemPermission' + AddGroupOwner: + $ref: '#/components/schemas/LambdaAddGroupOwnerBoolean' + additionalProperties: false + LambdaDeviceMount: + type: object + properties: + Path: + $ref: '#/components/schemas/FilesystemPath' + Permission: + $ref: '#/components/schemas/LambdaFilesystemPermission' + AddGroupOwner: + $ref: '#/components/schemas/LambdaAddGroupOwnerBoolean' + additionalProperties: false + FilesystemPath: + type: string + LambdaFilesystemPermission: + type: string + enum: + - ro + - rw + LambdaAddGroupOwnerBoolean: + type: boolean + ComponentVersion: + type: object + properties: + Arn: + type: string + ComponentName: + type: string + ComponentVersion: + type: string + InlineRecipe: + type: string + LambdaFunction: + $ref: '#/components/schemas/LambdaFunctionRecipeSource' + Tags: + type: object + x-patternProperties: + ^(?!aws:)[a-zA-Z+-=._:/]{1,128}$: + type: string + maxLength: 256 + maxProperties: 50 + additionalProperties: false + x-stackql-resource-name: component_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - LambdaFunction + - InlineRecipe + x-read-only-properties: + - Arn + - ComponentName + - ComponentVersion + x-required-permissions: + create: + - greengrass:CreateComponentVersion + - greengrass:DescribeComponent + - greengrass:ListTagsForResource + - greengrass:TagResource + - lambda:GetFunction + - s3:GetObject + read: + - greengrass:DescribeComponent + - greengrass:ListTagsForResource + update: + - greengrass:DescribeComponent + - greengrass:ListTagsForResource + - greengrass:TagResource + - greengrass:UntagResource + delete: + - greengrass:DeleteComponent + list: + - greengrass:ListComponentVersions + ComponentDeploymentSpecification: + type: object + properties: + ComponentVersion: + type: string + minLength: 1 + maxLength: 64 + ConfigurationUpdate: + $ref: '#/components/schemas/ComponentConfigurationUpdate' + RunWith: + $ref: '#/components/schemas/ComponentRunWith' + additionalProperties: false + SystemResourceLimits: + type: object + properties: + Memory: + type: integer + format: int64 + minimum: 0 + maximum: 9223372036854772000 + Cpus: + type: number + minimum: 0 + additionalProperties: false + ComponentRunWith: + type: object + properties: + PosixUser: + type: string + minLength: 1 + SystemResourceLimits: + $ref: '#/components/schemas/SystemResourceLimits' + WindowsUser: + type: string + minLength: 1 + additionalProperties: false + ComponentConfigurationUpdate: + type: object + properties: + Merge: + type: string + minLength: 1 + maxLength: 10485760 + Reset: + type: array + items: + type: string + minLength: 0 + maxLength: 256 + x-insertionOrder: false + additionalProperties: false + DeploymentIoTJobConfiguration: + type: object + properties: + JobExecutionsRolloutConfig: + $ref: '#/components/schemas/IoTJobExecutionsRolloutConfig' + AbortConfig: + $ref: '#/components/schemas/IoTJobAbortConfig' + TimeoutConfig: + $ref: '#/components/schemas/IoTJobTimeoutConfig' + additionalProperties: false + IoTJobExecutionsRolloutConfig: + type: object + properties: + ExponentialRate: + $ref: '#/components/schemas/IoTJobExponentialRolloutRate' + MaximumPerMinute: + type: integer + minimum: 1 + maximum: 1000 + additionalProperties: false + IoTJobAbortConfig: + type: object + properties: + CriteriaList: + type: array + items: + $ref: '#/components/schemas/IoTJobAbortCriteria' + minItems: 1 + x-insertionOrder: false + required: + - CriteriaList + additionalProperties: false + IoTJobAbortCriteria: + type: object + properties: + FailureType: + type: string + enum: + - FAILED + - REJECTED + - TIMED_OUT + - ALL + Action: + type: string + enum: + - CANCEL + ThresholdPercentage: + type: number + minimum: 0 + maximum: 100 + MinNumberOfExecutedThings: + type: integer + minimum: 1 + maximum: 2147483647 + required: + - FailureType + - Action + - ThresholdPercentage + - MinNumberOfExecutedThings + additionalProperties: false + IoTJobTimeoutConfig: + type: object + properties: + InProgressTimeoutInMinutes: + type: integer + minimum: 0 + maximum: 2147483647 + additionalProperties: false + IoTJobExponentialRolloutRate: + type: object + properties: + BaseRatePerMinute: + type: integer + minimum: 1 + maximum: 1000 + IncrementFactor: + type: number + minimum: 1 + maximum: 5 + RateIncreaseCriteria: + $ref: '#/components/schemas/IoTJobRateIncreaseCriteria' + required: + - BaseRatePerMinute + - IncrementFactor + - RateIncreaseCriteria + additionalProperties: false + IoTJobRateIncreaseCriteria: + type: object + oneOf: + - type: object + additionalProperties: false + properties: + NumberOfNotifiedThings: + $ref: '#/components/schemas/NumberOfThings' + - type: object + additionalProperties: false + properties: + NumberOfSucceededThings: + $ref: '#/components/schemas/NumberOfThings' + NumberOfThings: + type: integer + minimum: 1 + maximum: 2147483647 + DeploymentPolicies: + type: object + properties: + FailureHandlingPolicy: + type: string + enum: + - ROLLBACK + - DO_NOTHING + ComponentUpdatePolicy: + $ref: '#/components/schemas/DeploymentComponentUpdatePolicy' + ConfigurationValidationPolicy: + $ref: '#/components/schemas/DeploymentConfigurationValidationPolicy' + additionalProperties: false + DeploymentComponentUpdatePolicy: + type: object + properties: + TimeoutInSeconds: + type: integer + minimum: 1 + maximum: 2147483647 + Action: + type: string + enum: + - NOTIFY_COMPONENTS + - SKIP_NOTIFY_COMPONENTS + additionalProperties: false + DeploymentConfigurationValidationPolicy: + type: object + properties: + TimeoutInSeconds: + type: integer + minimum: 1 + maximum: 2147483647 + additionalProperties: false + Deployment: + type: object + properties: + TargetArn: + type: string + pattern: arn:[^:]*:iot:[^:]*:[0-9]+:(thing|thinggroup)/.+ + ParentTargetArn: + type: string + pattern: arn:[^:]*:iot:[^:]*:[0-9]+:thinggroup/.+ + DeploymentId: + type: string + pattern: .+ + DeploymentName: + type: string + minLength: 1 + maxLength: 256 + Components: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/ComponentDeploymentSpecification' + additionalProperties: false + IotJobConfiguration: + $ref: '#/components/schemas/DeploymentIoTJobConfiguration' + DeploymentPolicies: + $ref: '#/components/schemas/DeploymentPolicies' + Tags: + type: object + x-patternProperties: + .*: + type: string + maxLength: 256 + maxProperties: 200 + additionalProperties: false + required: + - TargetArn + x-stackql-resource-name: deployment + x-stackql-primaryIdentifier: + - DeploymentId + x-create-only-properties: + - TargetArn + - ParentTargetArn + - DeploymentName + - Components + - IotJobConfiguration + - DeploymentPolicies + x-read-only-properties: + - DeploymentId + x-required-permissions: + create: + - greengrass:CreateDeployment + - greengrass:GetDeployment + - greengrass:TagResource + - iot:CancelJob + - iot:CreateJob + - iot:DeleteThingShadow + - iot:DescribeJob + - iot:DescribeThing + - iot:DescribeThingGroup + - iot:GetThingShadow + - iot:UpdateJob + - iot:UpdateThingShadow + read: + - greengrass:GetDeployment + - iot:DescribeJob + - iot:DescribeThing + - iot:DescribeThingGroup + - iot:GetThingShadow + update: + - greengrass:GetDeployment + - greengrass:TagResource + - greengrass:UntagResource + - iot:DescribeJob + delete: + - greengrass:DeleteDeployment + - greengrass:CancelDeployment + - iot:CancelJob + - iot:DeleteJob + - iot:DescribeJob + list: + - greengrass:ListDeployments + - iot:DescribeJob + - iot:DescribeThing + - iot:DescribeThingGroup + - iot:GetThingShadow + x-stackQL-resources: + component_versions: + name: component_versions + id: awscc.greengrassv2.component_versions + x-cfn-schema-name: ComponentVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GreengrassV2::ComponentVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GreengrassV2::ComponentVersion' + AND region = 'us-east-1' + component_version: + name: component_version + id: awscc.greengrassv2.component_version + x-cfn-schema-name: ComponentVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ComponentName') as component_name, + JSON_EXTRACT(Properties, '$.ComponentVersion') as component_version, + JSON_EXTRACT(Properties, '$.InlineRecipe') as inline_recipe, + JSON_EXTRACT(Properties, '$.LambdaFunction') as lambda_function, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GreengrassV2::ComponentVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ComponentName') as component_name, + json_extract_path_text(Properties, 'ComponentVersion') as component_version, + json_extract_path_text(Properties, 'InlineRecipe') as inline_recipe, + json_extract_path_text(Properties, 'LambdaFunction') as lambda_function, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GreengrassV2::ComponentVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + deployments: + name: deployments + id: awscc.greengrassv2.deployments + x-cfn-schema-name: Deployment + x-type: list + x-identifiers: + - DeploymentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeploymentId') as deployment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GreengrassV2::Deployment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeploymentId') as deployment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GreengrassV2::Deployment' + AND region = 'us-east-1' + deployment: + name: deployment + id: awscc.greengrassv2.deployment + x-cfn-schema-name: Deployment + x-type: get + x-identifiers: + - DeploymentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetArn') as target_arn, + JSON_EXTRACT(Properties, '$.ParentTargetArn') as parent_target_arn, + JSON_EXTRACT(Properties, '$.DeploymentId') as deployment_id, + JSON_EXTRACT(Properties, '$.DeploymentName') as deployment_name, + JSON_EXTRACT(Properties, '$.Components') as components, + JSON_EXTRACT(Properties, '$.IotJobConfiguration') as iot_job_configuration, + JSON_EXTRACT(Properties, '$.DeploymentPolicies') as deployment_policies, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GreengrassV2::Deployment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetArn') as target_arn, + json_extract_path_text(Properties, 'ParentTargetArn') as parent_target_arn, + json_extract_path_text(Properties, 'DeploymentId') as deployment_id, + json_extract_path_text(Properties, 'DeploymentName') as deployment_name, + json_extract_path_text(Properties, 'Components') as components, + json_extract_path_text(Properties, 'IotJobConfiguration') as iot_job_configuration, + json_extract_path_text(Properties, 'DeploymentPolicies') as deployment_policies, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GreengrassV2::Deployment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/groundstation.yaml b/providers/src/awscc/v00.00.00000/services/groundstation.yaml new file mode 100644 index 00000000..da6f8571 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/groundstation.yaml @@ -0,0 +1,706 @@ +openapi: 3.0.0 +info: + title: GroundStation + version: 1.0.0 +paths: {} +components: + schemas: + JsonString: + type: string + pattern: ^[{}\[\]:.,"0-9A-z\-_\s]{1,8192}$ + ConfigData: + type: object + minProperties: 1 + maxProperties: 1 + properties: + AntennaDownlinkConfig: + $ref: '#/components/schemas/AntennaDownlinkConfig' + TrackingConfig: + $ref: '#/components/schemas/TrackingConfig' + DataflowEndpointConfig: + $ref: '#/components/schemas/DataflowEndpointConfig' + AntennaDownlinkDemodDecodeConfig: + $ref: '#/components/schemas/AntennaDownlinkDemodDecodeConfig' + AntennaUplinkConfig: + $ref: '#/components/schemas/AntennaUplinkConfig' + UplinkEchoConfig: + $ref: '#/components/schemas/UplinkEchoConfig' + S3RecordingConfig: + $ref: '#/components/schemas/S3RecordingConfig' + additionalProperties: false + EirpUnits: + type: string + enum: + - dBW + Eirp: + type: object + properties: + Value: + type: number + Units: + $ref: '#/components/schemas/EirpUnits' + additionalProperties: false + FrequencyUnits: + type: string + enum: + - GHz + - MHz + - kHz + BandwidthUnits: + type: string + enum: + - GHz + - MHz + - kHz + FrequencyBandwidth: + type: object + properties: + Value: + type: number + Units: + $ref: '#/components/schemas/BandwidthUnits' + additionalProperties: false + Frequency: + type: object + properties: + Value: + type: number + Units: + $ref: '#/components/schemas/FrequencyUnits' + additionalProperties: false + Polarization: + type: string + enum: + - LEFT_HAND + - RIGHT_HAND + - NONE + S3KeyPrefix: + type: string + pattern: ^([a-zA-Z0-9_\-=/]|\{satellite_id\}|\{config\-name}|\{s3\-config-id}|\{year\}|\{month\}|\{day\}){1,900}$ + BucketArn: + type: string + RoleArn: + type: string + UplinkSpectrumConfig: + type: object + properties: + CenterFrequency: + $ref: '#/components/schemas/Frequency' + Polarization: + $ref: '#/components/schemas/Polarization' + additionalProperties: false + SpectrumConfig: + type: object + properties: + CenterFrequency: + $ref: '#/components/schemas/Frequency' + Bandwidth: + $ref: '#/components/schemas/FrequencyBandwidth' + Polarization: + $ref: '#/components/schemas/Polarization' + additionalProperties: false + AntennaDownlinkConfig: + type: object + properties: + SpectrumConfig: + $ref: '#/components/schemas/SpectrumConfig' + additionalProperties: false + TrackingConfig: + type: object + properties: + Autotrack: + type: string + enum: + - REQUIRED + - PREFERRED + - REMOVED + additionalProperties: false + DataflowEndpointConfig: + type: object + properties: + DataflowEndpointName: + type: string + DataflowEndpointRegion: + type: string + additionalProperties: false + DemodulationConfig: + type: object + properties: + UnvalidatedJSON: + $ref: '#/components/schemas/JsonString' + additionalProperties: false + DecodeConfig: + type: object + properties: + UnvalidatedJSON: + $ref: '#/components/schemas/JsonString' + additionalProperties: false + AntennaDownlinkDemodDecodeConfig: + type: object + properties: + SpectrumConfig: + $ref: '#/components/schemas/SpectrumConfig' + DemodulationConfig: + $ref: '#/components/schemas/DemodulationConfig' + DecodeConfig: + $ref: '#/components/schemas/DecodeConfig' + additionalProperties: false + AntennaUplinkConfig: + type: object + properties: + SpectrumConfig: + $ref: '#/components/schemas/UplinkSpectrumConfig' + TargetEirp: + $ref: '#/components/schemas/Eirp' + TransmitDisabled: + type: boolean + additionalProperties: false + UplinkEchoConfig: + type: object + properties: + Enabled: + type: boolean + AntennaUplinkConfigArn: + type: string + additionalProperties: false + S3RecordingConfig: + type: object + properties: + BucketArn: + $ref: '#/components/schemas/BucketArn' + RoleArn: + $ref: '#/components/schemas/RoleArn' + Prefix: + $ref: '#/components/schemas/S3KeyPrefix' + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + pattern: ^[ a-zA-Z0-9\+\-=._:/@]{1,128}$ + Value: + type: string + pattern: ^[ a-zA-Z0-9\+\-=._:/@]{1,256}$ + additionalProperties: false + required: + - Key + - Value + Config: + type: object + properties: + Name: + type: string + pattern: ^[ a-zA-Z0-9_:-]{1,256}$ + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + Type: + type: string + ConfigData: + $ref: '#/components/schemas/ConfigData' + Arn: + type: string + Id: + type: string + required: + - Name + - ConfigData + x-stackql-resource-name: config + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - Id + - Type + x-required-permissions: + create: + - groundstation:CreateConfig + - groundstation:TagResource + - iam:PassRole + read: + - groundstation:GetConfig + - groundstation:ListTagsForResource + update: + - groundstation:UpdateConfig + - groundstation:ListTagsForResource + - groundstation:TagResource + - groundstation:UntagResource + - iam:PassRole + delete: + - groundstation:DeleteConfig + list: + - groundstation:ListConfigs + SocketAddress: + type: object + properties: + Name: + type: string + Port: + type: integer + additionalProperties: false + AgentStatus: + description: The status of AgentEndpoint. + type: string + enum: + - SUCCESS + - FAILED + - ACTIVE + - INACTIVE + AuditResults: + description: The results of the audit. + type: string + enum: + - HEALTHY + - UNHEALTHY + IntegerRange: + description: An integer range that has a minimum and maximum value. + type: object + properties: + Minimum: + description: A minimum value. + type: integer + Maximum: + description: A maximum value. + type: integer + additionalProperties: false + RangedSocketAddress: + description: A socket address with a port range. + type: object + properties: + Name: + description: IPv4 socket address. + type: string + PortRange: + description: Port range of a socket address. + $ref: '#/components/schemas/IntegerRange' + additionalProperties: false + ConnectionDetails: + description: Egress address of AgentEndpoint with an optional mtu. + type: object + properties: + SocketAddress: + $ref: '#/components/schemas/SocketAddress' + Mtu: + description: Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. + type: integer + additionalProperties: false + RangedConnectionDetails: + description: Ingress address of AgentEndpoint with a port range and an optional mtu. + type: object + properties: + SocketAddress: + $ref: '#/components/schemas/RangedSocketAddress' + Mtu: + description: Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. + type: integer + additionalProperties: false + AwsGroundStationAgentEndpoint: + description: Information about AwsGroundStationAgentEndpoint. + type: object + properties: + Name: + type: string + pattern: ^[ a-zA-Z0-9_:-]{1,256}$ + EgressAddress: + $ref: '#/components/schemas/ConnectionDetails' + IngressAddress: + $ref: '#/components/schemas/RangedConnectionDetails' + AgentStatus: + $ref: '#/components/schemas/AgentStatus' + AuditResults: + $ref: '#/components/schemas/AuditResults' + additionalProperties: false + DataflowEndpoint: + type: object + properties: + Name: + type: string + pattern: ^[ a-zA-Z0-9_:-]{1,256}$ + Address: + $ref: '#/components/schemas/SocketAddress' + Mtu: + type: integer + additionalProperties: false + SecurityDetails: + type: object + properties: + SubnetIds: + type: array + items: + type: string + SecurityGroupIds: + type: array + items: + type: string + RoleArn: + type: string + additionalProperties: false + EndpointDetails: + type: object + properties: + SecurityDetails: + $ref: '#/components/schemas/SecurityDetails' + Endpoint: + $ref: '#/components/schemas/DataflowEndpoint' + AwsGroundStationAgentEndpoint: + $ref: '#/components/schemas/AwsGroundStationAgentEndpoint' + oneOf: + - required: + - Endpoint + - SecurityDetails + - required: + - AwsGroundStationAgentEndpoint + additionalProperties: false + DataflowEndpointGroup: + type: object + properties: + Id: + type: string + Arn: + type: string + EndpointDetails: + type: array + minItems: 1 + items: + $ref: '#/components/schemas/EndpointDetails' + ContactPrePassDurationSeconds: + type: integer + description: Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state. + ContactPostPassDurationSeconds: + type: integer + description: Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state. + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - EndpointDetails + x-stackql-resource-name: dataflow_endpoint_group + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - groundstation:CreateDataflowEndpointGroup + - groundstation:GetDataflowEndpointGroup + - groundstation:TagResource + - iam:PassRole + - ec2:describeAddresses + - ec2:describeNetworkInterfaces + - iam:createServiceLinkedRole + read: + - groundstation:GetDataflowEndpointGroup + - groundstation:ListTagsForResource + delete: + - groundstation:DeleteDataflowEndpointGroup + - groundstation:GetDataflowEndpointGroup + list: + - groundstation:ListDataflowEndpointGroups + DataflowEdge: + type: object + properties: + Source: + type: string + Destination: + type: string + additionalProperties: false + StreamsKmsKey: + type: object + properties: + KmsKeyArn: + type: string + KmsAliasArn: + type: string + oneOf: + - required: + - KmsKeyArn + - required: + - KmsAliasArn + additionalProperties: false + MissionProfile: + type: object + properties: + Name: + description: A name used to identify a mission profile. + type: string + pattern: ^[ a-zA-Z0-9_:-]{1,256}$ + ContactPrePassDurationSeconds: + description: Pre-pass time needed before the contact. + type: integer + ContactPostPassDurationSeconds: + description: Post-pass time needed after the contact. + type: integer + MinimumViableContactDurationSeconds: + description: Visibilities with shorter duration than the specified minimum viable contact duration will be ignored when searching for available contacts. + type: integer + StreamsKmsKey: + description: The ARN of a KMS Key used for encrypting data during transmission from the source to destination locations. + $ref: '#/components/schemas/StreamsKmsKey' + StreamsKmsRole: + description: The ARN of the KMS Key or Alias Key role used to define permissions on KMS Key usage. + type: string + DataflowEdges: + description: '' + type: array + minItems: 1 + items: + $ref: '#/components/schemas/DataflowEdge' + TrackingConfigArn: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + Id: + type: string + Arn: + type: string + Region: + type: string + required: + - Name + - MinimumViableContactDurationSeconds + - DataflowEdges + - TrackingConfigArn + x-stackql-resource-name: mission_profile + x-stackql-primaryIdentifier: + - Id + - Arn + x-read-only-properties: + - Id + - Arn + - Region + x-required-permissions: + create: + - groundstation:CreateMissionProfile + - groundstation:GetMissionProfile + - groundstation:TagResource + - iam:PassRole + - kms:DescribeKey + - kms:CreateGrant + read: + - groundstation:GetMissionProfile + - groundstation:ListTagsForResource + - kms:DescribeKey + - kms:CreateGrant + update: + - groundstation:UpdateMissionProfile + - groundstation:GetMissionProfile + - groundstation:ListTagsForResource + - groundstation:TagResource + - groundstation:UntagResource + - iam:PassRole + - kms:DescribeKey + - kms:CreateGrant + delete: + - groundstation:DeleteMissionProfile + - groundstation:GetMissionProfile + list: + - groundstation:ListMissionProfiles + x-stackQL-resources: + configs: + name: configs + id: awscc.groundstation.configs + x-cfn-schema-name: Config + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GroundStation::Config' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GroundStation::Config' + AND region = 'us-east-1' + config: + name: config + id: awscc.groundstation.config + x-cfn-schema-name: Config + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.ConfigData') as config_data, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GroundStation::Config' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'ConfigData') as config_data, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GroundStation::Config' + AND data__Identifier = '' + AND region = 'us-east-1' + dataflow_endpoint_groups: + name: dataflow_endpoint_groups + id: awscc.groundstation.dataflow_endpoint_groups + x-cfn-schema-name: DataflowEndpointGroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GroundStation::DataflowEndpointGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GroundStation::DataflowEndpointGroup' + AND region = 'us-east-1' + dataflow_endpoint_group: + name: dataflow_endpoint_group + id: awscc.groundstation.dataflow_endpoint_group + x-cfn-schema-name: DataflowEndpointGroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.EndpointDetails') as endpoint_details, + JSON_EXTRACT(Properties, '$.ContactPrePassDurationSeconds') as contact_pre_pass_duration_seconds, + JSON_EXTRACT(Properties, '$.ContactPostPassDurationSeconds') as contact_post_pass_duration_seconds, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GroundStation::DataflowEndpointGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'EndpointDetails') as endpoint_details, + json_extract_path_text(Properties, 'ContactPrePassDurationSeconds') as contact_pre_pass_duration_seconds, + json_extract_path_text(Properties, 'ContactPostPassDurationSeconds') as contact_post_pass_duration_seconds, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GroundStation::DataflowEndpointGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + mission_profiles: + name: mission_profiles + id: awscc.groundstation.mission_profiles + x-cfn-schema-name: MissionProfile + x-type: list + x-identifiers: + - Id + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GroundStation::MissionProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GroundStation::MissionProfile' + AND region = 'us-east-1' + mission_profile: + name: mission_profile + id: awscc.groundstation.mission_profile + x-cfn-schema-name: MissionProfile + x-type: get + x-identifiers: + - Id + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ContactPrePassDurationSeconds') as contact_pre_pass_duration_seconds, + JSON_EXTRACT(Properties, '$.ContactPostPassDurationSeconds') as contact_post_pass_duration_seconds, + JSON_EXTRACT(Properties, '$.MinimumViableContactDurationSeconds') as minimum_viable_contact_duration_seconds, + JSON_EXTRACT(Properties, '$.StreamsKmsKey') as streams_kms_key, + JSON_EXTRACT(Properties, '$.StreamsKmsRole') as streams_kms_role, + JSON_EXTRACT(Properties, '$.DataflowEdges') as dataflow_edges, + JSON_EXTRACT(Properties, '$.TrackingConfigArn') as tracking_config_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Region') as region + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GroundStation::MissionProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ContactPrePassDurationSeconds') as contact_pre_pass_duration_seconds, + json_extract_path_text(Properties, 'ContactPostPassDurationSeconds') as contact_post_pass_duration_seconds, + json_extract_path_text(Properties, 'MinimumViableContactDurationSeconds') as minimum_viable_contact_duration_seconds, + json_extract_path_text(Properties, 'StreamsKmsKey') as streams_kms_key, + json_extract_path_text(Properties, 'StreamsKmsRole') as streams_kms_role, + json_extract_path_text(Properties, 'DataflowEdges') as dataflow_edges, + json_extract_path_text(Properties, 'TrackingConfigArn') as tracking_config_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Region') as region + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GroundStation::MissionProfile' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/guardduty.yaml b/providers/src/awscc/v00.00.00000/services/guardduty.yaml new file mode 100644 index 00000000..cc114af0 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/guardduty.yaml @@ -0,0 +1,839 @@ +openapi: 3.0.0 +info: + title: GuardDuty + version: 1.0.0 +paths: {} +components: + schemas: + TagItem: + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + CFNS3LogsConfiguration: + type: object + additionalProperties: false + properties: + Enable: + type: boolean + required: + - Enable + CFNKubernetesAuditLogsConfiguration: + type: object + additionalProperties: false + properties: + Enable: + type: boolean + required: + - Enable + CFNKubernetesConfiguration: + type: object + additionalProperties: false + properties: + AuditLogs: + $ref: '#/components/schemas/CFNKubernetesAuditLogsConfiguration' + required: + - AuditLogs + CFNDataSourceConfigurations: + type: object + additionalProperties: false + properties: + S3Logs: + $ref: '#/components/schemas/CFNS3LogsConfiguration' + Kubernetes: + $ref: '#/components/schemas/CFNKubernetesConfiguration' + MalwareProtection: + $ref: '#/components/schemas/CFNMalwareProtectionConfiguration' + CFNMalwareProtectionConfiguration: + type: object + additionalProperties: false + properties: + ScanEc2InstanceWithFindings: + $ref: '#/components/schemas/CFNScanEc2InstanceWithFindingsConfiguration' + CFNScanEc2InstanceWithFindingsConfiguration: + type: object + additionalProperties: false + properties: + EbsVolumes: + type: boolean + CFNFeatureConfiguration: + type: object + additionalProperties: false + properties: + Name: + type: string + maxLength: 128 + Status: + type: string + enum: + - ENABLED + - DISABLED + AdditionalConfiguration: + type: array + items: + $ref: '#/components/schemas/CFNFeatureAdditionalConfiguration' + required: + - Name + - Status + CFNFeatureAdditionalConfiguration: + type: object + additionalProperties: false + properties: + Name: + type: string + minLength: 1 + maxLength: 256 + Status: + type: string + minLength: 1 + maxLength: 128 + Detector: + type: object + properties: + FindingPublishingFrequency: + type: string + Enable: + type: boolean + DataSources: + $ref: '#/components/schemas/CFNDataSourceConfigurations' + Features: + type: array + items: + $ref: '#/components/schemas/CFNFeatureConfiguration' + Id: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/TagItem' + required: + - Enable + x-stackql-resource-name: detector + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - guardduty:CreateDetector + - guardduty:GetDetector + - guardduty:TagResource + - iam:CreateServiceLinkedRole + - iam:GetRole + read: + - guardduty:GetDetector + delete: + - guardduty:ListDetectors + - guardduty:DeleteDetector + - guardduty:GetDetector + update: + - guardduty:UpdateDetector + - guardduty:GetDetector + - guardduty:ListDetectors + - iam:CreateServiceLinkedRole + - iam:GetRole + list: + - guardduty:ListDetectors + Condition: + type: object + additionalProperties: false + properties: + Lt: + type: integer + Gt: + type: integer + Gte: + type: integer + Neq: + type: array + uniqueItems: false + items: + type: string + Eq: + type: array + uniqueItems: false + items: + type: string + Lte: + type: integer + Equals: + type: array + uniqueItems: false + items: + type: string + GreaterThan: + type: integer + format: int64 + GreaterThanOrEqual: + type: integer + format: int64 + LessThan: + type: integer + format: int64 + LessThanOrEqual: + type: integer + format: int64 + NotEquals: + type: array + uniqueItems: false + items: + type: string + FindingCriteria: + type: object + additionalProperties: false + properties: + Criterion: + type: object + x-patternProperties: + ^.+$: + $ref: '#/components/schemas/Condition' + additionalProperties: false + Filter: + type: object + properties: + Action: + type: string + Description: + type: string + DetectorId: + type: string + minLength: 1 + maxLength: 300 + FindingCriteria: + $ref: '#/components/schemas/FindingCriteria' + Rank: + type: integer + minimum: 1 + maximum: 100 + Name: + type: string + minLength: 1 + maxLength: 64 + Tags: + type: array + items: + $ref: '#/components/schemas/TagItem' + required: + - FindingCriteria + x-stackql-resource-name: filter + x-stackql-primaryIdentifier: + - DetectorId + - Name + x-create-only-properties: + - DetectorId + - Name + x-required-permissions: + create: + - guardduty:CreateFilter + - guardduty:GetFilter + - guardduty:TagResource + read: + - guardduty:GetFilter + delete: + - guardduty:ListDetectors + - guardduty:ListFilters + - guardduty:GetFilter + - guardduty:DeleteFilter + update: + - guardduty:UpdateFilter + - guardduty:GetFilter + - guardduty:ListFilters + list: + - guardduty:ListFilters + IPSet: + type: object + properties: + Id: + type: string + Format: + type: string + Activate: + type: boolean + DetectorId: + type: string + minLength: 1 + maxLength: 300 + Name: + type: string + minLength: 1 + maxLength: 300 + Location: + type: string + minLength: 1 + maxLength: 300 + Tags: + type: array + items: + $ref: '#/components/schemas/TagItem' + required: + - Format + - Location + x-stackql-resource-name: ip_set + x-stackql-primaryIdentifier: + - Id + - DetectorId + x-create-only-properties: + - Format + - DetectorId + x-read-only-properties: + - Id + x-required-permissions: + create: + - guardduty:CreateIPSet + - guardduty:GetIPSet + - guardduty:TagResource + - iam:PutRolePolicy + read: + - guardduty:GetIPSet + delete: + - guardduty:GetDetector + - guardduty:ListDetectors + - guardduty:ListIPSets + - guardduty:GetIPSet + - guardduty:DeleteIPSet + - iam:DeleteRolePolicy + update: + - guardduty:UpdateIPSet + - guardduty:GetIPSet + - guardduty:ListIPSets + - iam:PutRolePolicy + list: + - guardduty:ListIPSets + Master: + type: object + properties: + MasterId: + description: ID of the account used as the master account. + type: string + InvitationId: + description: Value used to validate the master account to the member account. + type: string + DetectorId: + description: Unique ID of the detector of the GuardDuty member account. + type: string + required: + - MasterId + - DetectorId + x-stackql-resource-name: master + x-stackql-primaryIdentifier: + - DetectorId + - MasterId + x-create-only-properties: + - MasterId + - InvitationId + - DetectorId + x-required-permissions: + create: + - guardduty:ListInvitations + - guardduty:AcceptInvitation + - guardduty:GetMasterAccount + read: + - guardduty:GetMasterAccount + delete: + - guardduty:DisassociateFromMasterAccount + list: + - guardduty:GetMasterAccount + Member: + type: object + properties: + Status: + type: string + MemberId: + type: string + Email: + type: string + Message: + type: string + DisableEmailNotification: + type: boolean + DetectorId: + type: string + required: + - Email + x-stackql-resource-name: member + x-stackql-primaryIdentifier: + - DetectorId + - MemberId + x-create-only-properties: + - DetectorId + - MemberId + x-required-permissions: + create: + - guardduty:CreateMembers + - guardduty:GetMembers + read: + - guardduty:GetMembers + delete: + - guardduty:GetMembers + - guardduty:DisassociateMembers + - guardduty:DeleteMembers + update: + - guardduty:GetMembers + - guardduty:CreateMembers + - guardduty:DisassociateMembers + - guardduty:StartMonitoringMembers + - guardduty:StopMonitoringMembers + - guardduty:InviteMembers + list: + - guardduty:ListMembers + ThreatIntelSet: + type: object + properties: + Id: + type: string + Format: + type: string + minLength: 1 + maxLength: 300 + Activate: + type: boolean + DetectorId: + type: string + minLength: 1 + maxLength: 32 + Name: + type: string + Location: + type: string + minLength: 1 + maxLength: 300 + Tags: + type: array + items: + $ref: '#/components/schemas/TagItem' + required: + - Format + - Location + x-stackql-resource-name: threat_intel_set + x-stackql-primaryIdentifier: + - Id + - DetectorId + x-create-only-properties: + - Format + - DetectorId + x-read-only-properties: + - Id + x-required-permissions: + create: + - guardduty:CreateThreatIntelSet + - guardduty:GetThreatIntelSet + - guardduty:TagResource + - iam:PutRolePolicy + read: + - guardduty:GetThreatIntelSet + delete: + - guardduty:ListDetectors + - guardduty:ListThreatIntelSets + - guardduty:DeleteThreatIntelSet + - guardduty:GetThreatIntelSet + - iam:DeleteRolePolicy + update: + - guardduty:UpdateThreatIntelSet + - guardduty:GetThreatIntelSet + - guardduty:ListThreatIntelSets + - iam:PutRolePolicy + list: + - guardduty:ListThreatIntelSets + x-stackQL-resources: + detectors: + name: detectors + id: awscc.guardduty.detectors + x-cfn-schema-name: Detector + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Detector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Detector' + AND region = 'us-east-1' + detector: + name: detector + id: awscc.guardduty.detector + x-cfn-schema-name: Detector + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FindingPublishingFrequency') as finding_publishing_frequency, + JSON_EXTRACT(Properties, '$.Enable') as enable, + JSON_EXTRACT(Properties, '$.DataSources') as data_sources, + JSON_EXTRACT(Properties, '$.Features') as features, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Detector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FindingPublishingFrequency') as finding_publishing_frequency, + json_extract_path_text(Properties, 'Enable') as enable, + json_extract_path_text(Properties, 'DataSources') as data_sources, + json_extract_path_text(Properties, 'Features') as features, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Detector' + AND data__Identifier = '' + AND region = 'us-east-1' + filters: + name: filters + id: awscc.guardduty.filters + x-cfn-schema-name: Filter + x-type: list + x-identifiers: + - DetectorId + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Filter' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DetectorId') as detector_id, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Filter' + AND region = 'us-east-1' + filter: + name: filter + id: awscc.guardduty.filter + x-cfn-schema-name: Filter + x-type: get + x-identifiers: + - DetectorId + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Action') as action, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id, + JSON_EXTRACT(Properties, '$.FindingCriteria') as finding_criteria, + JSON_EXTRACT(Properties, '$.Rank') as rank, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Filter' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Action') as action, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DetectorId') as detector_id, + json_extract_path_text(Properties, 'FindingCriteria') as finding_criteria, + json_extract_path_text(Properties, 'Rank') as rank, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Filter' + AND data__Identifier = '' + AND region = 'us-east-1' + ip_sets: + name: ip_sets + id: awscc.guardduty.ip_sets + x-cfn-schema-name: IPSet + x-type: list + x-identifiers: + - Id + - DetectorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::IPSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'DetectorId') as detector_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::IPSet' + AND region = 'us-east-1' + ip_set: + name: ip_set + id: awscc.guardduty.ip_set + x-cfn-schema-name: IPSet + x-type: get + x-identifiers: + - Id + - DetectorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Format') as _format, + JSON_EXTRACT(Properties, '$.Activate') as activate, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Location') as location, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::IPSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Format') as _format, + json_extract_path_text(Properties, 'Activate') as activate, + json_extract_path_text(Properties, 'DetectorId') as detector_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Location') as location, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::IPSet' + AND data__Identifier = '' + AND region = 'us-east-1' + masters: + name: masters + id: awscc.guardduty.masters + x-cfn-schema-name: Master + x-type: list + x-identifiers: + - DetectorId + - MasterId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id, + JSON_EXTRACT(Properties, '$.MasterId') as master_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Master' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DetectorId') as detector_id, + json_extract_path_text(Properties, 'MasterId') as master_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Master' + AND region = 'us-east-1' + master: + name: master + id: awscc.guardduty.master + x-cfn-schema-name: Master + x-type: get + x-identifiers: + - DetectorId + - MasterId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MasterId') as master_id, + JSON_EXTRACT(Properties, '$.InvitationId') as invitation_id, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Master' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MasterId') as master_id, + json_extract_path_text(Properties, 'InvitationId') as invitation_id, + json_extract_path_text(Properties, 'DetectorId') as detector_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Master' + AND data__Identifier = '' + AND region = 'us-east-1' + members: + name: members + id: awscc.guardduty.members + x-cfn-schema-name: Member + x-type: list + x-identifiers: + - DetectorId + - MemberId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id, + JSON_EXTRACT(Properties, '$.MemberId') as member_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Member' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DetectorId') as detector_id, + json_extract_path_text(Properties, 'MemberId') as member_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::Member' + AND region = 'us-east-1' + member: + name: member + id: awscc.guardduty.member + x-cfn-schema-name: Member + x-type: get + x-identifiers: + - DetectorId + - MemberId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.MemberId') as member_id, + JSON_EXTRACT(Properties, '$.Email') as email, + JSON_EXTRACT(Properties, '$.Message') as message, + JSON_EXTRACT(Properties, '$.DisableEmailNotification') as disable_email_notification, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Member' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'MemberId') as member_id, + json_extract_path_text(Properties, 'Email') as email, + json_extract_path_text(Properties, 'Message') as message, + json_extract_path_text(Properties, 'DisableEmailNotification') as disable_email_notification, + json_extract_path_text(Properties, 'DetectorId') as detector_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::Member' + AND data__Identifier = '' + AND region = 'us-east-1' + threat_intel_sets: + name: threat_intel_sets + id: awscc.guardduty.threat_intel_sets + x-cfn-schema-name: ThreatIntelSet + x-type: list + x-identifiers: + - Id + - DetectorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::ThreatIntelSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'DetectorId') as detector_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::GuardDuty::ThreatIntelSet' + AND region = 'us-east-1' + threat_intel_set: + name: threat_intel_set + id: awscc.guardduty.threat_intel_set + x-cfn-schema-name: ThreatIntelSet + x-type: get + x-identifiers: + - Id + - DetectorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Format') as _format, + JSON_EXTRACT(Properties, '$.Activate') as activate, + JSON_EXTRACT(Properties, '$.DetectorId') as detector_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Location') as location, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::ThreatIntelSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Format') as _format, + json_extract_path_text(Properties, 'Activate') as activate, + json_extract_path_text(Properties, 'DetectorId') as detector_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Location') as location, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::GuardDuty::ThreatIntelSet' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/healthimaging.yaml b/providers/src/awscc/v00.00.00000/services/healthimaging.yaml new file mode 100644 index 00000000..528272f4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/healthimaging.yaml @@ -0,0 +1,182 @@ +openapi: 3.0.0 +info: + title: HealthImaging + version: 1.0.0 +paths: {} +components: + schemas: + DatastoreArn: + type: string + maxLength: 127 + minLength: 1 + pattern: ^arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:medical-imaging:[a-z0-9-]+:[0-9]{12}:datastore/[0-9a-z]{32}(/imageset/[0-9a-z]{32})?$ + description: The Datastore's ARN. + DatastoreName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[A-Za-z0-9._/#-]+$ + description: User friendly name for Datastore. + DatastoreId: + type: string + maxLength: 32 + minLength: 0 + pattern: ^[0-9a-z]{32}$ + DatastoreStatus: + type: string + maxLength: 127 + minLength: 1 + description: A string to denote the Datastore's state. + enum: + - CREATING + - CREATE_FAILED + - ACTIVE + - DELETING + - DELETED + KmsKeyArn: + type: string + maxLength: 512 + minLength: 1 + description: ARN referencing a KMS key or KMS key alias. + CreatedAt: + type: string + description: The timestamp when the data store was created. + UpdatedAt: + type: string + description: The timestamp when the data store was created. + Tags: + type: object + description: A Map of key value pairs for Tags. + x-patternProperties: + ^.+$: + type: string + description: The string value for the tag. + maxLength: 256 + minLength: 0 + additionalProperties: false + Datastore: + type: object + properties: + DatastoreArn: + $ref: '#/components/schemas/DatastoreArn' + DatastoreName: + $ref: '#/components/schemas/DatastoreName' + DatastoreId: + $ref: '#/components/schemas/DatastoreId' + DatastoreStatus: + $ref: '#/components/schemas/DatastoreStatus' + KmsKeyArn: + $ref: '#/components/schemas/KmsKeyArn' + CreatedAt: + $ref: '#/components/schemas/CreatedAt' + UpdatedAt: + $ref: '#/components/schemas/UpdatedAt' + Tags: + $ref: '#/components/schemas/Tags' + required: [] + x-stackql-resource-name: datastore + x-stackql-primaryIdentifier: + - DatastoreId + x-create-only-properties: + - DatastoreName + - Tags + - KmsKeyArn + x-read-only-properties: + - DatastoreArn + - CreatedAt + - UpdatedAt + - DatastoreId + - DatastoreStatus + x-required-permissions: + create: + - medical-imaging:CreateDatastore + - medical-imaging:GetDatastore + - kms:DescribeKey + - kms:CreateGrant + - kms:RetireGrant + - kms:GenerateDataKey + - kms:Decrypt + - lambda:InvokeFunction + - medical-imaging:TagResource + - medical-imaging:UntagResource + - medical-imaging:ListTagsForResource + read: + - medical-imaging:GetDatastore + - medical-imaging:ListTagsForResource + delete: + - medical-imaging:DeleteDatastore + - medical-imaging:GetDatastore + - medical-imaging:UntagResource + - kms:DescribeKey + - kms:RetireGrant + - kms:GenerateDataKey + - kms:Decrypt + list: + - medical-imaging:ListDatastores + x-stackQL-resources: + datastores: + name: datastores + id: awscc.healthimaging.datastores + x-cfn-schema-name: Datastore + x-type: list + x-identifiers: + - DatastoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatastoreId') as datastore_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::HealthImaging::Datastore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatastoreId') as datastore_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::HealthImaging::Datastore' + AND region = 'us-east-1' + datastore: + name: datastore + id: awscc.healthimaging.datastore + x-cfn-schema-name: Datastore + x-type: get + x-identifiers: + - DatastoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatastoreArn') as datastore_arn, + JSON_EXTRACT(Properties, '$.DatastoreName') as datastore_name, + JSON_EXTRACT(Properties, '$.DatastoreId') as datastore_id, + JSON_EXTRACT(Properties, '$.DatastoreStatus') as datastore_status, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::HealthImaging::Datastore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatastoreArn') as datastore_arn, + json_extract_path_text(Properties, 'DatastoreName') as datastore_name, + json_extract_path_text(Properties, 'DatastoreId') as datastore_id, + json_extract_path_text(Properties, 'DatastoreStatus') as datastore_status, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::HealthImaging::Datastore' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/healthlake.yaml b/providers/src/awscc/v00.00.00000/services/healthlake.yaml new file mode 100644 index 00000000..add79bfe --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/healthlake.yaml @@ -0,0 +1,296 @@ +openapi: 3.0.0 +info: + title: HealthLake + version: 1.0.0 +paths: {} +components: + schemas: + CreatedAt: + description: The time that a Data Store was created. + type: object + properties: + Seconds: + description: Seconds since epoch. + type: string + Nanos: + description: Nanoseconds. + type: integer + required: + - Seconds + - Nanos + additionalProperties: false + DatastoreArn: + description: The Amazon Resource Name used in the creation of the Data Store. + type: string + pattern: ^arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:healthlake:[a-zA-Z0-9-]+:[0-9]{12}:datastore/.+? + DatastoreEndpoint: + description: The AWS endpoint for the Data Store. Each Data Store will have it's own endpoint with Data Store ID in the endpoint URL. + type: string + maxLength: 10000 + DatastoreId: + description: The AWS-generated ID number for the Data Store. + type: string + minLength: 1 + maxLength: 32 + DatastoreName: + description: The user-generated name for the Data Store. + type: string + minLength: 1 + maxLength: 256 + DatastoreStatus: + description: The status of the Data Store. Possible statuses are 'CREATING', 'ACTIVE', 'DELETING', or 'DELETED'. + type: string + enum: + - CREATING + - ACTIVE + - DELETING + - DELETED + DatastoreTypeVersion: + description: The FHIR version. Only R4 version data is supported. + type: string + enum: + - R4 + PreloadDataConfig: + description: The preloaded data configuration for the Data Store. Only data preloaded from Synthea is supported. + type: object + properties: + PreloadDataType: + description: The type of preloaded data. Only Synthea preloaded data is supported. + type: string + enum: + - SYNTHEA + required: + - PreloadDataType + additionalProperties: false + SseConfiguration: + description: The server-side encryption key configuration for a customer provided encryption key. + type: object + properties: + KmsEncryptionConfig: + $ref: '#/components/schemas/KmsEncryptionConfig' + required: + - KmsEncryptionConfig + additionalProperties: false + KmsEncryptionConfig: + description: The customer-managed-key (CMK) used when creating a Data Store. If a customer owned key is not specified, an AWS owned key will be used for encryption. + type: object + properties: + CmkType: + description: The type of customer-managed-key (CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and AWS owned CMKs. + type: string + enum: + - CUSTOMER_MANAGED_KMS_KEY + - AWS_OWNED_KMS_KEY + KmsKeyId: + description: The KMS encryption key id/alias used to encrypt the Data Store contents at rest. + type: string + minLength: 1 + maxLength: 400 + pattern: (arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:kms:)?([a-z]{2}-[a-z]+(-[a-z]+)?-\d:)?(\d{12}:)?(((key/)?[a-zA-Z0-9-_]+)|(alias/[a-zA-Z0-9:/_-]+)) + required: + - CmkType + additionalProperties: false + IdentityProviderConfiguration: + description: The identity provider configuration for the datastore + type: object + properties: + AuthorizationStrategy: + description: Type of Authorization Strategy. The two types of supported Authorization strategies are SMART_ON_FHIR_V1 and AWS_AUTH. + type: string + enum: + - SMART_ON_FHIR_V1 + - AWS_AUTH + FineGrainedAuthorizationEnabled: + description: Flag to indicate if fine-grained authorization will be enabled for the datastore + type: boolean + Metadata: + description: The JSON metadata elements for identity provider configuration. + type: string + IdpLambdaArn: + description: The Amazon Resource Name (ARN) of the Lambda function that will be used to decode the access token created by the authorization server. + type: string + minLength: 49 + maxLength: 256 + pattern: arn:aws[-a-z]*:lambda:[a-z]{2}-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9\-_\.]+(:(\$LATEST|[a-zA-Z0-9\-_]+))? + required: + - AuthorizationStrategy + additionalProperties: false + Tag: + description: A key-value pair. A tag consists of a tag key and a tag value. Tag keys and tag values are both required, but tag values can be empty (null) strings. + type: object + properties: + Key: + description: The key of the tag. + type: string + minLength: 1 + maxLength: 128 + Value: + description: The value of the tag. + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + FHIRDatastore: + type: object + properties: + CreatedAt: + $ref: '#/components/schemas/CreatedAt' + DatastoreArn: + $ref: '#/components/schemas/DatastoreArn' + DatastoreEndpoint: + $ref: '#/components/schemas/DatastoreEndpoint' + DatastoreId: + $ref: '#/components/schemas/DatastoreId' + DatastoreName: + $ref: '#/components/schemas/DatastoreName' + DatastoreStatus: + $ref: '#/components/schemas/DatastoreStatus' + DatastoreTypeVersion: + $ref: '#/components/schemas/DatastoreTypeVersion' + PreloadDataConfig: + $ref: '#/components/schemas/PreloadDataConfig' + SseConfiguration: + $ref: '#/components/schemas/SseConfiguration' + IdentityProviderConfiguration: + $ref: '#/components/schemas/IdentityProviderConfiguration' + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DatastoreTypeVersion + x-stackql-resource-name: fhir_datastore + x-stackql-primaryIdentifier: + - DatastoreId + x-create-only-properties: + - DatastoreName + - DatastoreTypeVersion + - PreloadDataConfig + - SseConfiguration + - KmsEncryptionConfig + - IdentityProviderConfiguration + x-read-only-properties: + - CreatedAt + - DatastoreArn + - DatastoreEndpoint + - DatastoreId + - DatastoreStatus + x-required-permissions: + create: + - healthlake:CreateFHIRDatastore + - healthlake:DescribeFHIRDatastore + - iam:PassRole + - kms:DescribeKey + - kms:CreateGrant + - kms:GenerateDataKey + - kms:Decrypt + - iam:GetRole + - iam:CreateServiceLinkedRole + - ram:GetResourceShareInvitations + - ram:AcceptResourceShareInvitation + - glue:CreateDatabase + - glue:DeleteDatabase + - lambda:InvokeFunction + - healthlake:TagResource + - healthlake:UntagResource + - healthlake:ListTagsForResource + read: + - healthlake:DescribeFHIRDatastore + - healthlake:ListTagsForResource + update: + - healthlake:TagResource + - healthlake:UntagResource + - healthlake:ListTagsForResource + - healthlake:DescribeFHIRDatastore + - iam:PassRole + - iam:GetRole + - iam:CreateServiceLinkedRole + delete: + - healthlake:DeleteFHIRDatastore + - healthlake:DescribeFHIRDatastore + - iam:PassRole + - iam:GetRole + - iam:CreateServiceLinkedRole + - ram:GetResourceShareInvitations + - ram:AcceptResourceShareInvitation + - glue:CreateDatabase + - glue:DeleteDatabase + list: + - healthlake:ListFHIRDatastores + x-stackQL-resources: + fhir_datastores: + name: fhir_datastores + id: awscc.healthlake.fhir_datastores + x-cfn-schema-name: FHIRDatastore + x-type: list + x-identifiers: + - DatastoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatastoreId') as datastore_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::HealthLake::FHIRDatastore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatastoreId') as datastore_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::HealthLake::FHIRDatastore' + AND region = 'us-east-1' + fhir_datastore: + name: fhir_datastore + id: awscc.healthlake.fhir_datastore + x-cfn-schema-name: FHIRDatastore + x-type: get + x-identifiers: + - DatastoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.DatastoreArn') as datastore_arn, + JSON_EXTRACT(Properties, '$.DatastoreEndpoint') as datastore_endpoint, + JSON_EXTRACT(Properties, '$.DatastoreId') as datastore_id, + JSON_EXTRACT(Properties, '$.DatastoreName') as datastore_name, + JSON_EXTRACT(Properties, '$.DatastoreStatus') as datastore_status, + JSON_EXTRACT(Properties, '$.DatastoreTypeVersion') as datastore_type_version, + JSON_EXTRACT(Properties, '$.PreloadDataConfig') as preload_data_config, + JSON_EXTRACT(Properties, '$.SseConfiguration') as sse_configuration, + JSON_EXTRACT(Properties, '$.IdentityProviderConfiguration') as identity_provider_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::HealthLake::FHIRDatastore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'DatastoreArn') as datastore_arn, + json_extract_path_text(Properties, 'DatastoreEndpoint') as datastore_endpoint, + json_extract_path_text(Properties, 'DatastoreId') as datastore_id, + json_extract_path_text(Properties, 'DatastoreName') as datastore_name, + json_extract_path_text(Properties, 'DatastoreStatus') as datastore_status, + json_extract_path_text(Properties, 'DatastoreTypeVersion') as datastore_type_version, + json_extract_path_text(Properties, 'PreloadDataConfig') as preload_data_config, + json_extract_path_text(Properties, 'SseConfiguration') as sse_configuration, + json_extract_path_text(Properties, 'IdentityProviderConfiguration') as identity_provider_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::HealthLake::FHIRDatastore' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iam.yaml b/providers/src/awscc/v00.00.00000/services/iam.yaml new file mode 100644 index 00000000..dbd6e266 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iam.yaml @@ -0,0 +1,1733 @@ +openapi: 3.0.0 +info: + title: IAM + version: 1.0.0 +paths: {} +components: + schemas: + Policy: + description: |- + Contains information about an attached policy. + An attached policy is a managed policy that has been attached to a user, group, or role. + For more information about managed policies, refer to [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *User Guide*. + type: object + additionalProperties: false + properties: + PolicyDocument: + description: The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json). + type: object + PolicyName: + description: The friendly name (not ARN) identifying the policy. + type: string + required: + - PolicyName + - PolicyDocument + Group: + type: object + properties: + Arn: + description: The Arn of the group to create + type: string + GroupName: + description: The name of the group to create + type: string + ManagedPolicyArns: + description: 'A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role. ' + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Path: + description: The path to the group + type: string + Policies: + description: Adds or updates an inline policy document that is embedded in the specified IAM group + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Policy' + x-stackql-resource-name: group + x-stackql-primaryIdentifier: + - GroupName + x-create-only-properties: + - GroupName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:CreateGroup + - iam:PutGroupPolicy + - iam:AttachGroupPolicy + - iam:GetGroupPolicy + - iam:GetGroup + read: + - iam:GetGroup + - iam:ListGroupPolicies + - iam:GetGroupPolicy + - iam:ListAttachedGroupPolicies + update: + - iam:GetGroup + - iam:UpdateGroup + - iam:DetachGroupPolicy + - iam:AttachGroupPolicy + - iam:DeleteGroupPolicy + - iam:PutGroupPolicy + - iam:GetGroupPolicy + delete: + - iam:GetGroup + - iam:DeleteGroup + - iam:ListAttachedGroupPolicies + - iam:ListGroupPolicies + - iam:DetachGroupPolicy + - iam:DeleteGroupPolicy + - iam:GetGroupPolicy + list: + - iam:ListGroups + GroupPolicy: + type: object + properties: + PolicyDocument: + description: |- + The policy document. + You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM. + The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following: + + Any printable ASCII character ranging from the space character (``\u0020``) through the end of the ASCII character range + + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\u00FF``) + + The special characters tab (``\u0009``), line feed (``\u000A``), and carriage return (``\u000D``) + type: object + PolicyName: + description: |- + The name of the policy document. + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@- + type: string + GroupName: + description: |- + The name of the group to associate the policy with. + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. + type: string + required: + - PolicyName + - GroupName + x-stackql-resource-name: group_policy + x-stackql-primaryIdentifier: + - PolicyName + - GroupName + x-create-only-properties: + - PolicyName + - GroupName + x-required-permissions: + create: + - iam:PutGroupPolicy + - iam:GetGroupPolicy + read: + - iam:GetGroupPolicy + update: + - iam:PutGroupPolicy + - iam:GetGroupPolicy + delete: + - iam:DeleteGroupPolicy + - iam:GetGroupPolicy + InstanceProfile: + type: object + properties: + Path: + type: string + description: |- + The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*. + This parameter is optional. If it is not included, it defaults to a slash (/). + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\u0021``) through the DEL character (``\u007F``), including most punctuation characters, digits, and upper and lowercased letters. + Roles: + type: array + description: The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions. + uniqueItems: true + x-insertionOrder: false + items: + type: string + InstanceProfileName: + type: string + description: |- + The name of the instance profile to create. + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@- + Arn: + type: string + description: '' + required: + - Roles + x-stackql-resource-name: instance_profile + x-stackql-primaryIdentifier: + - InstanceProfileName + x-create-only-properties: + - InstanceProfileName + - Path + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:CreateInstanceProfile + - iam:PassRole + - iam:AddRoleToInstanceProfile + - iam:GetInstanceProfile + read: + - iam:GetInstanceProfile + update: + - iam:PassRole + - iam:RemoveRoleFromInstanceProfile + - iam:AddRoleToInstanceProfile + - iam:GetInstanceProfile + delete: + - iam:GetInstanceProfile + - iam:RemoveRoleFromInstanceProfile + - iam:DeleteInstanceProfile + list: + - iam:ListInstanceProfiles + ManagedPolicy: + type: object + properties: + Description: + type: string + description: A friendly description of the policy. + Groups: + x-insertionOrder: false + type: array + description: The name (friendly name, not ARN) of the group to attach the policy to. + uniqueItems: true + items: + type: string + ManagedPolicyName: + type: string + description: The friendly name of the policy. + Path: + type: string + description: The path for the policy. + PolicyDocument: + type: object + description: The JSON policy document that you want to use as the content for the new policy. + Roles: + x-insertionOrder: false + type: array + description: The name (friendly name, not ARN) of the role to attach the policy to. + uniqueItems: true + items: + type: string + Users: + x-insertionOrder: false + type: array + description: The name (friendly name, not ARN) of the IAM user to attach the policy to. + uniqueItems: true + items: + type: string + PolicyArn: + type: string + description: Amazon Resource Name (ARN) of the managed policy + AttachmentCount: + type: integer + description: The number of entities (users, groups, and roles) that the policy is attached to. + CreateDate: + type: string + description: The date and time, in ISO 8601 date-time format, when the policy was created. + UpdateDate: + type: string + description: The date and time, in ISO 8601 date-time format, when the policy was last updated. + DefaultVersionId: + type: string + description: The identifier for the version of the policy that is set as the default version. + IsAttachable: + type: boolean + description: Specifies whether the policy can be attached to an IAM user, group, or role. + PermissionsBoundaryUsageCount: + type: integer + description: The number of entities (users and roles) for which the policy is used to set the permissions boundary. + PolicyId: + type: string + description: The stable and unique string identifying the policy. + required: + - PolicyDocument + x-stackql-resource-name: managed_policy + x-stackql-primaryIdentifier: + - PolicyArn + x-create-only-properties: + - ManagedPolicyName + - Description + - Path + x-read-only-properties: + - PolicyArn + - AttachmentCount + - CreateDate + - DefaultVersionId + - IsAttachable + - PermissionsBoundaryUsageCount + - PolicyId + - UpdateDate + x-required-permissions: + create: + - iam:CreatePolicy + - iam:AttachGroupPolicy + - iam:AttachUserPolicy + - iam:AttachRolePolicy + read: + - iam:GetPolicy + - iam:ListEntitiesForPolicy + - iam:GetPolicyVersion + update: + - iam:DetachRolePolicy + - iam:GetPolicy + - iam:ListPolicyVersions + - iam:DetachGroupPolicy + - iam:DetachUserPolicy + - iam:CreatePolicyVersion + - iam:DeletePolicyVersion + - iam:AttachGroupPolicy + - iam:AttachUserPolicy + - iam:AttachRolePolicy + delete: + - iam:DetachRolePolicy + - iam:GetPolicy + - iam:ListPolicyVersions + - iam:DetachGroupPolicy + - iam:DetachUserPolicy + - iam:DeletePolicyVersion + - iam:DeletePolicy + - iam:ListEntitiesForPolicy + list: + - iam:ListPolicies + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Value: + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + minLength: 1 + maxLength: 256 + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + minLength: 1 + maxLength: 128 + required: + - Value + - Key + OIDCProvider: + type: object + properties: + ClientIdList: + type: array + x-insertionOrder: false + items: + minLength: 1 + maxLength: 255 + type: string + Url: + minLength: 1 + maxLength: 255 + type: string + ThumbprintList: + type: array + x-insertionOrder: false + items: + minLength: 40 + maxLength: 40 + pattern: '[0-9A-Fa-f]{40}' + type: string + maxItems: 5 + Arn: + description: Amazon Resource Name (ARN) of the OIDC provider + minLength: 20 + maxLength: 2048 + type: string + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ThumbprintList + x-stackql-resource-name: oidc_provider + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Url + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:CreateOpenIDConnectProvider + - iam:TagOpenIDConnectProvider + - iam:GetOpenIDConnectProvider + read: + - iam:GetOpenIDConnectProvider + update: + - iam:UpdateOpenIDConnectProviderThumbprint + - iam:RemoveClientIDFromOpenIDConnectProvider + - iam:AddClientIDToOpenIDConnectProvider + - iam:GetOpenIDConnectProvider + - iam:TagOpenIDConnectProvider + - iam:UntagOpenIDConnectProvider + - iam:ListOpenIDConnectProviderTags + delete: + - iam:DeleteOpenIDConnectProvider + list: + - iam:ListOpenIDConnectProvider + - iam:GetOpenIDConnectProvider + Role: + type: object + properties: + Arn: + description: '' + type: string + AssumeRolePolicyDocument: + description: >- + The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples). For more information about the elements that you can use in an IAM policy, see [Policy Elements + Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *User Guide*. + type: object + Description: + description: A description of the role that you provide. + type: string + ManagedPolicyArns: + description: |- + A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role. + For more information about ARNs, see [Amazon Resource Names (ARNs) and Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + MaxSessionDuration: + description: |- + The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours. + Anyone who assumes the role from the CLI or API can use the ``DurationSeconds`` API parameter or the ``duration-seconds`` CLI parameter to request a longer session. The ``MaxSessionDuration`` setting determines the maximum duration that can be requested using the ``DurationSeconds`` parameter. If users don't specify a value for the ``DurationSeconds`` parameter, their security credentials are valid for one hour by default. This applies when you use the ``AssumeRole*`` API operations or the ``assume-role*`` CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide*. + type: integer + Path: + description: |- + The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*. + This parameter is optional. If it is not included, it defaults to a slash (/). + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\u0021``) through the DEL character (``\u007F``), including most punctuation characters, digits, and upper and lowercased letters. + default: / + type: string + PermissionsBoundary: + description: |- + The ARN of the policy used to set the permissions boundary for the role. + For more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*. + type: string + Policies: + description: |- + Adds or updates an inline policy document that is embedded in the specified IAM role. + When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). + A role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *User Guide*. + For information about limits on the number of inline policies that you can embed with a role, see [Limitations on Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *User Guide*. + If an external policy (such as ``AWS::IAM::Policy`` or + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Policy' + RoleId: + description: '' + type: string + RoleName: + description: |- + A name for the IAM role, up to 64 characters in length. For valid values, see the ``RoleName`` parameter for the [CreateRole](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *User Guide*. + This parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both "Role1" and "role1". + If you don't specify a name, CFN generates a unique physical ID and uses that ID for the role name. + If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/Use + type: string + Tags: + description: A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide*. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - AssumeRolePolicyDocument + x-stackql-resource-name: role + x-stackql-primaryIdentifier: + - RoleName + x-create-only-properties: + - Path + - RoleName + x-read-only-properties: + - Arn + - RoleId + x-required-permissions: + create: + - iam:CreateRole + - iam:PutRolePolicy + - iam:AttachRolePolicy + - iam:GetRolePolicy + - iam:TagRole + - iam:UntagRole + - iam:GetRole + read: + - iam:GetRole + - iam:ListAttachedRolePolicies + - iam:ListRolePolicies + - iam:GetRolePolicy + update: + - iam:UpdateRole + - iam:UpdateRoleDescription + - iam:UpdateAssumeRolePolicy + - iam:DetachRolePolicy + - iam:AttachRolePolicy + - iam:DeleteRolePermissionsBoundary + - iam:PutRolePermissionsBoundary + - iam:DeleteRolePolicy + - iam:PutRolePolicy + - iam:TagRole + - iam:UntagRole + delete: + - iam:DeleteRole + - iam:DetachRolePolicy + - iam:DeleteRolePolicy + - iam:GetRole + - iam:ListAttachedRolePolicies + - iam:ListRolePolicies + - iam:TagRole + - iam:UntagRole + list: + - iam:ListRoles + RolePolicy: + type: object + properties: + PolicyDocument: + description: |- + The policy document. + You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM. + The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following: + + Any printable ASCII character ranging from the space character (``\u0020``) through the end of the ASCII character range + + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\u00FF``) + + The special characters tab (``\u0009``), line feed (``\u000A``), and carriage return (``\u000D``) + type: object + PolicyName: + description: |- + The name of the policy document. + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@- + type: string + RoleName: + description: |- + The name of the role to associate the policy with. + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@- + type: string + required: + - PolicyName + - RoleName + x-stackql-resource-name: role_policy + x-stackql-primaryIdentifier: + - PolicyName + - RoleName + x-create-only-properties: + - PolicyName + - RoleName + x-required-permissions: + create: + - iam:PutRolePolicy + - iam:GetRolePolicy + read: + - iam:GetRolePolicy + update: + - iam:PutRolePolicy + - iam:GetRolePolicy + delete: + - iam:DeleteRolePolicy + - iam:GetRolePolicy + SAMLProvider: + type: object + properties: + Name: + minLength: 1 + maxLength: 128 + pattern: '[\w._-]+' + type: string + SamlMetadataDocument: + minLength: 1000 + maxLength: 10000000 + type: string + Arn: + description: Amazon Resource Name (ARN) of the SAML provider + minLength: 1 + maxLength: 1600 + type: string + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - SamlMetadataDocument + x-stackql-resource-name: saml_provider + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:CreateSAMLProvider + - iam:GetSAMLProvider + - iam:TagSAMLProvider + read: + - iam:GetSAMLProvider + update: + - iam:UpdateSAMLProvider + - iam:GetSAMLProvider + - iam:TagSAMLProvider + - iam:ListSAMLProviderTags + - iam:UntagSAMLProvider + delete: + - iam:DeleteSAMLProvider + list: + - iam:ListSAMLProviders + - iam:GetSAMLProvider + ServerCertificate: + type: object + properties: + CertificateBody: + minLength: 1 + maxLength: 16384 + pattern: '[\u0009\u000A\u000D\u0020-\u00FF]+' + type: string + CertificateChain: + minLength: 1 + maxLength: 2097152 + pattern: '[\u0009\u000A\u000D\u0020-\u00FF]+' + type: string + ServerCertificateName: + minLength: 1 + maxLength: 128 + pattern: '[\w+=,.@-]+' + type: string + Path: + minLength: 1 + maxLength: 512 + pattern: (\u002F)|(\u002F[\u0021-\u007F]+\u002F) + type: string + PrivateKey: + minLength: 1 + maxLength: 16384 + pattern: '[\u0009\u000A\u000D\u0020-\u00FF]+' + type: string + Arn: + description: Amazon Resource Name (ARN) of the server certificate + minLength: 1 + maxLength: 1600 + type: string + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: server_certificate + x-stackql-primaryIdentifier: + - ServerCertificateName + x-create-only-properties: + - ServerCertificateName + - PrivateKey + - CertificateBody + - CertificateChain + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:UploadServerCertificate + - iam:TagServerCertificate + - iam:GetServerCertificate + read: + - iam:GetServerCertificate + update: + - iam:TagServerCertificate + - iam:UntagServerCertificate + - iam:ListServerCertificateTags + - iam:GetServerCertificate + delete: + - iam:DeleteServerCertificate + list: + - iam:ListServerCertificates + - iam:GetServerCertificate + ServiceLinkedRole: + type: object + properties: + RoleName: + description: The name of the role. + type: string + CustomSuffix: + description: A string that you provide, which is combined with the service-provided prefix to form the complete role name. + type: string + Description: + description: The description of the role. + type: string + AWSServiceName: + description: The service principal for the AWS service to which this role is attached. + type: string + required: [] + x-stackql-resource-name: service_linked_role + x-stackql-primaryIdentifier: + - RoleName + x-create-only-properties: + - CustomSuffix + - AWSServiceName + x-read-only-properties: + - RoleName + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - iam:GetRole + read: + - iam:GetRole + update: + - iam:UpdateRole + - iam:GetRole + delete: + - iam:DeleteServiceLinkedRole + - iam:GetServiceLinkedRoleDeletionStatus + - iam:GetRole + LoginProfile: + description: Creates a password for the specified user, giving the user the ability to access AWS services through the console. For more information about managing passwords, see [Managing Passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *User Guide*. + type: object + additionalProperties: false + properties: + PasswordResetRequired: + description: Specifies whether the user is required to set a new password on next sign-in. + type: boolean + Password: + description: The user's password. + type: string + required: + - Password + User: + type: object + properties: + Path: + description: |- + The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*. + This parameter is optional. If it is not included, it defaults to a slash (/). + This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\u0021``) through the DEL character (``\u007F``), including most punctuation characters, digits, and upper and lowercased letters. + type: string + ManagedPolicyArns: + description: |- + A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user. + For more information about ARNs, see [Amazon Resource Names (ARNs) and Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Policies: + description: |- + Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user). + The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. + For information about limits on the number of inline policies that you can embed in a user, see [Limitations on Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *User Guide*. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Policy' + UserName: + description: |- + The name of the user to create. Do not include the path in this value. + This parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both "John" and "john". + If you don't specify a name, CFN generates a unique physical ID and uses that ID for the user name. + If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities). + Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using ``Fn::Join`` and ``AWS::Region`` to create a Region-specific name, as in the following example: ``{"Fn::Join": ["", [{"Ref": "AWS::Region"}, {"Ref": "MyResourceName"}]]}``. + type: string + Groups: + description: A list of group names to which you want to add the user. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + Arn: + description: '' + type: string + LoginProfile: + description: |- + Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the console. + You can use the CLI, the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the console. + For more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *User Guide*. + $ref: '#/components/schemas/LoginProfile' + Tags: + description: |- + A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide*. + If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + PermissionsBoundary: + description: |- + The ARN of the managed policy that is used to set the permissions boundary for the user. + A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*. + For more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide*. + type: string + x-stackql-resource-name: user + x-stackql-primaryIdentifier: + - UserName + x-create-only-properties: + - UserName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:CreateLoginProfile + - iam:AddUserToGroup + - iam:PutUserPolicy + - iam:AttachUserPolicy + - iam:CreateUser + - iam:GetUser + - iam:TagUser + read: + - iam:GetUserPolicy + - iam:ListGroupsForUser + - iam:ListAttachedUserPolicies + - iam:ListUserPolicies + - iam:GetUser + - iam:GetLoginProfile + update: + - iam:UpdateLoginProfile + - iam:UpdateUser + - iam:PutUserPermissionsBoundary + - iam:AttachUserPolicy + - iam:DeleteUserPolicy + - iam:DeleteUserPermissionsBoundary + - iam:TagUser + - iam:UntagUser + - iam:CreateLoginProfile + - iam:RemoveUserFromGroup + - iam:AddUserToGroup + - iam:PutUserPolicy + - iam:DetachUserPolicy + - iam:GetLoginProfile + - iam:DeleteLoginProfile + - iam:GetUser + - iam:ListUserTags + delete: + - iam:DeleteAccessKey + - iam:RemoveUserFromGroup + - iam:DeleteUserPolicy + - iam:DeleteUser + - iam:DetachUserPolicy + - iam:DeleteLoginProfile + - iam:ListAccessKeys + - iam:GetUserPolicy + - iam:ListGroupsForUser + - iam:ListAttachedUserPolicies + - iam:ListUserPolicies + - iam:GetUser + - iam:GetLoginProfile + list: + - iam:listUsers + UserPolicy: + type: object + properties: + PolicyDocument: + description: The policy document. + type: object + PolicyName: + description: The name of the policy document. + type: string + UserName: + description: The name of the user to associate the policy with. + type: string + required: + - PolicyName + - UserName + x-stackql-resource-name: user_policy + x-stackql-primaryIdentifier: + - PolicyName + - UserName + x-create-only-properties: + - PolicyName + - UserName + x-required-permissions: + create: + - iam:PutUserPolicy + - iam:GetUserPolicy + read: + - iam:GetUserPolicy + update: + - iam:PutUserPolicy + - iam:GetUserPolicy + delete: + - iam:DeleteUserPolicy + - iam:GetUserPolicy + VirtualMFADevice: + type: object + properties: + VirtualMfaDeviceName: + minLength: 1 + maxLength: 226 + pattern: '[\w+=,.@-]+' + type: string + Path: + minLength: 1 + maxLength: 512 + pattern: (\u002F)|(\u002F[\u0021-\u007F]+\u002F) + type: string + SerialNumber: + minLength: 9 + maxLength: 256 + pattern: '[\w+=/:,.@-]+' + type: string + Users: + type: array + uniqueItems: false + items: + type: string + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - Users + x-stackql-resource-name: virtualmfa_device + x-stackql-primaryIdentifier: + - SerialNumber + x-create-only-properties: + - VirtualMfaDeviceName + - Base32StringSeed + - Path + x-read-only-properties: + - SerialNumber + x-required-permissions: + create: + - iam:CreateVirtualMFADevice + - iam:EnableMFADevice + - iam:ListVirtualMFADevices + read: + - iam:ListVirtualMFADevices + update: + - iam:TagMFADevice + - iam:UntagMFADevice + delete: + - iam:DeleteVirtualMFADevice + - iam:DeactivateMFADevice + list: + - iam:ListVirtualMFADevices + x-stackQL-resources: + groups: + name: groups + id: awscc.iam.groups + x-cfn-schema-name: Group + x-type: list + x-identifiers: + - GroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GroupName') as group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::Group' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GroupName') as group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::Group' + AND region = 'us-east-1' + group: + name: group + id: awscc.iam.group + x-cfn-schema-name: Group + x-type: get + x-identifiers: + - GroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.GroupName') as group_name, + JSON_EXTRACT(Properties, '$.ManagedPolicyArns') as managed_policy_arns, + JSON_EXTRACT(Properties, '$.Path') as path, + JSON_EXTRACT(Properties, '$.Policies') as policies + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'GroupName') as group_name, + json_extract_path_text(Properties, 'ManagedPolicyArns') as managed_policy_arns, + json_extract_path_text(Properties, 'Path') as path, + json_extract_path_text(Properties, 'Policies') as policies + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + group_policies: + name: group_policies + id: awscc.iam.group_policies + x-cfn-schema-name: GroupPolicy + x-type: list + x-identifiers: + - PolicyName + - GroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.GroupName') as group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::GroupPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'GroupName') as group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::GroupPolicy' + AND region = 'us-east-1' + group_policy: + name: group_policy + id: awscc.iam.group_policy + x-cfn-schema-name: GroupPolicy + x-type: get + x-identifiers: + - PolicyName + - GroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.GroupName') as group_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::GroupPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'GroupName') as group_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::GroupPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + instance_profiles: + name: instance_profiles + id: awscc.iam.instance_profiles + x-cfn-schema-name: InstanceProfile + x-type: list + x-identifiers: + - InstanceProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceProfileName') as instance_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::InstanceProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceProfileName') as instance_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::InstanceProfile' + AND region = 'us-east-1' + instance_profile: + name: instance_profile + id: awscc.iam.instance_profile + x-cfn-schema-name: InstanceProfile + x-type: get + x-identifiers: + - InstanceProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Path') as path, + JSON_EXTRACT(Properties, '$.Roles') as roles, + JSON_EXTRACT(Properties, '$.InstanceProfileName') as instance_profile_name, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::InstanceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Path') as path, + json_extract_path_text(Properties, 'Roles') as roles, + json_extract_path_text(Properties, 'InstanceProfileName') as instance_profile_name, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::InstanceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + managed_policies: + name: managed_policies + id: awscc.iam.managed_policies + x-cfn-schema-name: ManagedPolicy + x-type: list + x-identifiers: + - PolicyArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyArn') as policy_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::ManagedPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyArn') as policy_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::ManagedPolicy' + AND region = 'us-east-1' + managed_policy: + name: managed_policy + id: awscc.iam.managed_policy + x-cfn-schema-name: ManagedPolicy + x-type: get + x-identifiers: + - PolicyArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Groups') as groups, + JSON_EXTRACT(Properties, '$.ManagedPolicyName') as managed_policy_name, + JSON_EXTRACT(Properties, '$.Path') as path, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.Roles') as roles, + JSON_EXTRACT(Properties, '$.Users') as users, + JSON_EXTRACT(Properties, '$.PolicyArn') as policy_arn, + JSON_EXTRACT(Properties, '$.AttachmentCount') as attachment_count, + JSON_EXTRACT(Properties, '$.CreateDate') as create_date, + JSON_EXTRACT(Properties, '$.UpdateDate') as update_date, + JSON_EXTRACT(Properties, '$.DefaultVersionId') as default_version_id, + JSON_EXTRACT(Properties, '$.IsAttachable') as is_attachable, + JSON_EXTRACT(Properties, '$.PermissionsBoundaryUsageCount') as permissions_boundary_usage_count, + JSON_EXTRACT(Properties, '$.PolicyId') as policy_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::ManagedPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Groups') as groups, + json_extract_path_text(Properties, 'ManagedPolicyName') as managed_policy_name, + json_extract_path_text(Properties, 'Path') as path, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'Roles') as roles, + json_extract_path_text(Properties, 'Users') as users, + json_extract_path_text(Properties, 'PolicyArn') as policy_arn, + json_extract_path_text(Properties, 'AttachmentCount') as attachment_count, + json_extract_path_text(Properties, 'CreateDate') as create_date, + json_extract_path_text(Properties, 'UpdateDate') as update_date, + json_extract_path_text(Properties, 'DefaultVersionId') as default_version_id, + json_extract_path_text(Properties, 'IsAttachable') as is_attachable, + json_extract_path_text(Properties, 'PermissionsBoundaryUsageCount') as permissions_boundary_usage_count, + json_extract_path_text(Properties, 'PolicyId') as policy_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::ManagedPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + oidc_providers: + name: oidc_providers + id: awscc.iam.oidc_providers + x-cfn-schema-name: OIDCProvider + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::OIDCProvider' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::OIDCProvider' + AND region = 'us-east-1' + oidc_provider: + name: oidc_provider + id: awscc.iam.oidc_provider + x-cfn-schema-name: OIDCProvider + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClientIdList') as client_id_list, + JSON_EXTRACT(Properties, '$.Url') as url, + JSON_EXTRACT(Properties, '$.ThumbprintList') as thumbprint_list, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::OIDCProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClientIdList') as client_id_list, + json_extract_path_text(Properties, 'Url') as url, + json_extract_path_text(Properties, 'ThumbprintList') as thumbprint_list, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::OIDCProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + roles: + name: roles + id: awscc.iam.roles + x-cfn-schema-name: Role + x-type: list + x-identifiers: + - RoleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoleName') as role_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::Role' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoleName') as role_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::Role' + AND region = 'us-east-1' + role: + name: role + id: awscc.iam.role + x-cfn-schema-name: Role + x-type: get + x-identifiers: + - RoleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AssumeRolePolicyDocument') as assume_role_policy_document, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ManagedPolicyArns') as managed_policy_arns, + JSON_EXTRACT(Properties, '$.MaxSessionDuration') as max_session_duration, + JSON_EXTRACT(Properties, '$.Path') as path, + JSON_EXTRACT(Properties, '$.PermissionsBoundary') as permissions_boundary, + JSON_EXTRACT(Properties, '$.Policies') as policies, + JSON_EXTRACT(Properties, '$.RoleId') as role_id, + JSON_EXTRACT(Properties, '$.RoleName') as role_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::Role' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AssumeRolePolicyDocument') as assume_role_policy_document, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ManagedPolicyArns') as managed_policy_arns, + json_extract_path_text(Properties, 'MaxSessionDuration') as max_session_duration, + json_extract_path_text(Properties, 'Path') as path, + json_extract_path_text(Properties, 'PermissionsBoundary') as permissions_boundary, + json_extract_path_text(Properties, 'Policies') as policies, + json_extract_path_text(Properties, 'RoleId') as role_id, + json_extract_path_text(Properties, 'RoleName') as role_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::Role' + AND data__Identifier = '' + AND region = 'us-east-1' + role_policies: + name: role_policies + id: awscc.iam.role_policies + x-cfn-schema-name: RolePolicy + x-type: list + x-identifiers: + - PolicyName + - RoleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.RoleName') as role_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::RolePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'RoleName') as role_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::RolePolicy' + AND region = 'us-east-1' + role_policy: + name: role_policy + id: awscc.iam.role_policy + x-cfn-schema-name: RolePolicy + x-type: get + x-identifiers: + - PolicyName + - RoleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.RoleName') as role_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::RolePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'RoleName') as role_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::RolePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + saml_providers: + name: saml_providers + id: awscc.iam.saml_providers + x-cfn-schema-name: SAMLProvider + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::SAMLProvider' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::SAMLProvider' + AND region = 'us-east-1' + saml_provider: + name: saml_provider + id: awscc.iam.saml_provider + x-cfn-schema-name: SAMLProvider + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SamlMetadataDocument') as saml_metadata_document, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::SAMLProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SamlMetadataDocument') as saml_metadata_document, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::SAMLProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + server_certificates: + name: server_certificates + id: awscc.iam.server_certificates + x-cfn-schema-name: ServerCertificate + x-type: list + x-identifiers: + - ServerCertificateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServerCertificateName') as server_certificate_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::ServerCertificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServerCertificateName') as server_certificate_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::ServerCertificate' + AND region = 'us-east-1' + server_certificate: + name: server_certificate + id: awscc.iam.server_certificate + x-cfn-schema-name: ServerCertificate + x-type: get + x-identifiers: + - ServerCertificateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateBody') as certificate_body, + JSON_EXTRACT(Properties, '$.CertificateChain') as certificate_chain, + JSON_EXTRACT(Properties, '$.ServerCertificateName') as server_certificate_name, + JSON_EXTRACT(Properties, '$.Path') as path, + JSON_EXTRACT(Properties, '$.PrivateKey') as private_key, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::ServerCertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateBody') as certificate_body, + json_extract_path_text(Properties, 'CertificateChain') as certificate_chain, + json_extract_path_text(Properties, 'ServerCertificateName') as server_certificate_name, + json_extract_path_text(Properties, 'Path') as path, + json_extract_path_text(Properties, 'PrivateKey') as private_key, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::ServerCertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + service_linked_roles: + name: service_linked_roles + id: awscc.iam.service_linked_roles + x-cfn-schema-name: ServiceLinkedRole + x-type: list + x-identifiers: + - RoleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoleName') as role_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::ServiceLinkedRole' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoleName') as role_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::ServiceLinkedRole' + AND region = 'us-east-1' + service_linked_role: + name: service_linked_role + id: awscc.iam.service_linked_role + x-cfn-schema-name: ServiceLinkedRole + x-type: get + x-identifiers: + - RoleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoleName') as role_name, + JSON_EXTRACT(Properties, '$.CustomSuffix') as custom_suffix, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.AWSServiceName') as a_ws_service_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::ServiceLinkedRole' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoleName') as role_name, + json_extract_path_text(Properties, 'CustomSuffix') as custom_suffix, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'AWSServiceName') as a_ws_service_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::ServiceLinkedRole' + AND data__Identifier = '' + AND region = 'us-east-1' + users: + name: users + id: awscc.iam.users + x-cfn-schema-name: User + x-type: list + x-identifiers: + - UserName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserName') as user_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::User' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserName') as user_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::User' + AND region = 'us-east-1' + user: + name: user + id: awscc.iam.user + x-cfn-schema-name: User + x-type: get + x-identifiers: + - UserName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Path') as path, + JSON_EXTRACT(Properties, '$.ManagedPolicyArns') as managed_policy_arns, + JSON_EXTRACT(Properties, '$.Policies') as policies, + JSON_EXTRACT(Properties, '$.UserName') as user_name, + JSON_EXTRACT(Properties, '$.Groups') as groups, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.LoginProfile') as login_profile, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.PermissionsBoundary') as permissions_boundary + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::User' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Path') as path, + json_extract_path_text(Properties, 'ManagedPolicyArns') as managed_policy_arns, + json_extract_path_text(Properties, 'Policies') as policies, + json_extract_path_text(Properties, 'UserName') as user_name, + json_extract_path_text(Properties, 'Groups') as groups, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'LoginProfile') as login_profile, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'PermissionsBoundary') as permissions_boundary + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::User' + AND data__Identifier = '' + AND region = 'us-east-1' + user_policies: + name: user_policies + id: awscc.iam.user_policies + x-cfn-schema-name: UserPolicy + x-type: list + x-identifiers: + - PolicyName + - UserName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.UserName') as user_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::UserPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'UserName') as user_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::UserPolicy' + AND region = 'us-east-1' + user_policy: + name: user_policy + id: awscc.iam.user_policy + x-cfn-schema-name: UserPolicy + x-type: get + x-identifiers: + - PolicyName + - UserName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.UserName') as user_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::UserPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'UserName') as user_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::UserPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + virtualmfa_devices: + name: virtualmfa_devices + id: awscc.iam.virtualmfa_devices + x-cfn-schema-name: VirtualMFADevice + x-type: list + x-identifiers: + - SerialNumber + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SerialNumber') as serial_number + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::VirtualMFADevice' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SerialNumber') as serial_number + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IAM::VirtualMFADevice' + AND region = 'us-east-1' + virtualmfa_device: + name: virtualmfa_device + id: awscc.iam.virtualmfa_device + x-cfn-schema-name: VirtualMFADevice + x-type: get + x-identifiers: + - SerialNumber + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VirtualMfaDeviceName') as virtual_mfa_device_name, + JSON_EXTRACT(Properties, '$.Path') as path, + JSON_EXTRACT(Properties, '$.SerialNumber') as serial_number, + JSON_EXTRACT(Properties, '$.Users') as users, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::VirtualMFADevice' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VirtualMfaDeviceName') as virtual_mfa_device_name, + json_extract_path_text(Properties, 'Path') as path, + json_extract_path_text(Properties, 'SerialNumber') as serial_number, + json_extract_path_text(Properties, 'Users') as users, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IAM::VirtualMFADevice' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/identitystore.yaml b/providers/src/awscc/v00.00.00000/services/identitystore.yaml new file mode 100644 index 00000000..9853fde9 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/identitystore.yaml @@ -0,0 +1,247 @@ +openapi: 3.0.0 +info: + title: IdentityStore + version: 1.0.0 +paths: {} +components: + schemas: + Group: + type: object + properties: + Description: + description: A string containing the description of the group. + type: string + maxLength: 1024 + minLength: 1 + pattern: ^[\p{L}\p{M}\p{S}\p{N}\p{P}\t\n\r  ]+$ + DisplayName: + description: A string containing the name of the group. This value is commonly displayed when the group is referenced. + type: string + maxLength: 1024 + minLength: 1 + pattern: ^[\p{L}\p{M}\p{S}\p{N}\p{P}\t\n\r ]+$ + GroupId: + description: The unique identifier for a group in the identity store. + type: string + maxLength: 47 + minLength: 1 + pattern: ^([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$ + IdentityStoreId: + description: The globally unique identifier for the identity store. + type: string + maxLength: 36 + minLength: 1 + pattern: ^d-[0-9a-f]{10}$|^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$ + required: + - IdentityStoreId + - DisplayName + x-stackql-resource-name: group + x-stackql-primaryIdentifier: + - GroupId + - IdentityStoreId + x-create-only-properties: + - IdentityStoreId + x-read-only-properties: + - GroupId + x-required-permissions: + create: + - identitystore:CreateGroup + - identitystore:DescribeGroup + read: + - identitystore:DescribeGroup + update: + - identitystore:DescribeGroup + - identitystore:UpdateGroup + delete: + - identitystore:DescribeGroup + - identitystore:DeleteGroup + list: + - identitystore:ListGroups + MemberId: + description: An object containing the identifier of a group member. + type: object + x-title: UserId + properties: + UserId: + description: The identifier for a user in the identity store. + type: string + maxLength: 47 + minLength: 1 + pattern: ^([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$ + required: + - UserId + additionalProperties: false + GroupMembership: + type: object + properties: + GroupId: + description: The unique identifier for a group in the identity store. + type: string + maxLength: 47 + minLength: 1 + pattern: ^([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$ + IdentityStoreId: + description: The globally unique identifier for the identity store. + type: string + maxLength: 36 + minLength: 1 + pattern: ^d-[0-9a-f]{10}$|^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$ + MemberId: + description: An object containing the identifier of a group member. + $ref: '#/components/schemas/MemberId' + MembershipId: + description: The identifier for a GroupMembership in the identity store. + type: string + maxLength: 47 + minLength: 1 + pattern: ^([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$ + required: + - IdentityStoreId + - GroupId + - MemberId + x-stackql-resource-name: group_membership + x-stackql-primaryIdentifier: + - MembershipId + - IdentityStoreId + x-create-only-properties: + - IdentityStoreId + - GroupId + - MemberId + x-read-only-properties: + - MembershipId + x-required-permissions: + create: + - identitystore:CreateGroupMembership + - identitystore:DescribeGroupMembership + read: + - identitystore:DescribeGroupMembership + delete: + - identitystore:DeleteGroupMembership + - identitystore:DescribeGroupMembership + list: + - identitystore:ListGroupMemberships + x-stackQL-resources: + groups: + name: groups + id: awscc.identitystore.groups + x-cfn-schema-name: Group + x-type: list + x-identifiers: + - GroupId + - IdentityStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GroupId') as group_id, + JSON_EXTRACT(Properties, '$.IdentityStoreId') as identity_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IdentityStore::Group' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GroupId') as group_id, + json_extract_path_text(Properties, 'IdentityStoreId') as identity_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IdentityStore::Group' + AND region = 'us-east-1' + group: + name: group + id: awscc.identitystore.group + x-cfn-schema-name: Group + x-type: get + x-identifiers: + - GroupId + - IdentityStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.GroupId') as group_id, + JSON_EXTRACT(Properties, '$.IdentityStoreId') as identity_store_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IdentityStore::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'GroupId') as group_id, + json_extract_path_text(Properties, 'IdentityStoreId') as identity_store_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IdentityStore::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + group_memberships: + name: group_memberships + id: awscc.identitystore.group_memberships + x-cfn-schema-name: GroupMembership + x-type: list + x-identifiers: + - MembershipId + - IdentityStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MembershipId') as membership_id, + JSON_EXTRACT(Properties, '$.IdentityStoreId') as identity_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IdentityStore::GroupMembership' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MembershipId') as membership_id, + json_extract_path_text(Properties, 'IdentityStoreId') as identity_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IdentityStore::GroupMembership' + AND region = 'us-east-1' + group_membership: + name: group_membership + id: awscc.identitystore.group_membership + x-cfn-schema-name: GroupMembership + x-type: get + x-identifiers: + - MembershipId + - IdentityStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GroupId') as group_id, + JSON_EXTRACT(Properties, '$.IdentityStoreId') as identity_store_id, + JSON_EXTRACT(Properties, '$.MemberId') as member_id, + JSON_EXTRACT(Properties, '$.MembershipId') as membership_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IdentityStore::GroupMembership' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GroupId') as group_id, + json_extract_path_text(Properties, 'IdentityStoreId') as identity_store_id, + json_extract_path_text(Properties, 'MemberId') as member_id, + json_extract_path_text(Properties, 'MembershipId') as membership_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IdentityStore::GroupMembership' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/imagebuilder.yaml b/providers/src/awscc/v00.00.00000/services/imagebuilder.yaml new file mode 100644 index 00000000..27f273ed --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/imagebuilder.yaml @@ -0,0 +1,2052 @@ +openapi: 3.0.0 +info: + title: ImageBuilder + version: 1.0.0 +paths: {} +components: + schemas: + Component: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the component. + type: string + Name: + description: The name of the component. + type: string + Version: + description: The version of the component. + type: string + Description: + description: The description of the component. + type: string + ChangeDescription: + description: The change description of the component. + type: string + Type: + description: 'The type of the component denotes whether the component is used to build the image or only to test it. ' + type: string + enum: + - BUILD + - TEST + Platform: + description: The platform of the component. + type: string + enum: + - Windows + - Linux + Data: + description: The data of the component. + type: string + minLength: 1 + maxLength: 16000 + KmsKeyId: + description: The KMS key identifier used to encrypt the component. + type: string + Encrypted: + description: The encryption status of the component. + type: boolean + Tags: + description: The tags associated with the component. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + Uri: + description: The uri of the component. + type: string + SupportedOsVersions: + description: The operating system (OS) version supported by the component. + type: array + x-insertionOrder: false + items: + type: string + required: + - Name + - Platform + - Version + x-stackql-resource-name: component + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Version + - ChangeDescription + - Description + - Platform + - Data + - Uri + - KmsKeyId + - SupportedOsVersions + - Tags + x-read-only-properties: + - Arn + - Type + - Encrypted + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - iam:GetRole + - kms:GenerateDataKey* + - kms:Encrypt + - kms:Decrypt + - s3:GetObject + - s3:HeadBucket + - s3:GetBucketLocation + - imagebuilder:TagResource + - imagebuilder:GetComponent + - imagebuilder:CreateComponent + read: + - imagebuilder:GetComponent + delete: + - imagebuilder:GetComponent + - imagebuilder:UnTagResource + - imagebuilder:DeleteComponent + list: + - imagebuilder:ListComponents + ComponentConfiguration: + description: Configuration details of the component. + type: object + additionalProperties: false + properties: + ComponentArn: + description: The Amazon Resource Name (ARN) of the component. + type: string + Parameters: + description: A group of parameter settings that are used to configure the component for a specific recipe. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ComponentParameter' + InstanceConfiguration: + description: A group of options that can be used to configure an instance for building and testing container images. + type: object + additionalProperties: false + properties: + Image: + description: The AMI ID to use as the base image for a container build and test instance. If not specified, Image Builder will use the appropriate ECS-optimized AMI as a base image. + type: string + BlockDeviceMappings: + description: Defines the block devices to attach for building an instance from this Image Builder AMI. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/InstanceBlockDeviceMapping' + InstanceBlockDeviceMapping: + description: 'Defines block device mappings for the instance used to configure your image. ' + type: object + additionalProperties: false + properties: + DeviceName: + description: The device to which these mappings apply. + type: string + VirtualName: + description: Use to manage instance ephemeral devices. + type: string + NoDevice: + description: Use to remove a mapping from the parent image. + type: string + Ebs: + description: Use to manage Amazon EBS-specific configuration for this mapping. + $ref: '#/components/schemas/EbsInstanceBlockDeviceSpecification' + EbsInstanceBlockDeviceSpecification: + description: 'Amazon EBS-specific block device mapping specifications. ' + type: object + additionalProperties: false + properties: + Encrypted: + description: Use to configure device encryption. + type: boolean + DeleteOnTermination: + description: Use to configure delete on termination of the associated device. + type: boolean + Iops: + description: Use to configure device IOPS. + type: integer + KmsKeyId: + description: Use to configure the KMS key to use when encrypting the device. + type: string + SnapshotId: + description: The snapshot that defines the device contents. + type: string + Throughput: + description: For GP3 volumes only - The throughput in MiB/s that the volume supports. + type: integer + VolumeSize: + description: Use to override the device's volume size. + type: integer + VolumeType: + description: Use to override the device's volume type. + type: string + enum: + - standard + - io1 + - io2 + - gp2 + - gp3 + - sc1 + - st1 + TargetContainerRepository: + description: The destination repository for the container image. + type: object + additionalProperties: false + properties: + Service: + description: The service of target container repository. + type: string + enum: + - ECR + RepositoryName: + description: The repository name of target container repository. + type: string + ComponentParameter: + additionalProperties: false + description: Contains a key/value pair that sets the named component parameter. + type: object + properties: + Name: + description: The name of the component parameter to set. + type: string + Value: + description: Sets the value for the named component parameter. + type: array + x-insertionOrder: true + items: + type: string + required: + - Name + - Value + ContainerRecipe: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the container recipe. + type: string + Name: + description: The name of the container recipe. + type: string + Description: + description: The description of the container recipe. + type: string + Version: + description: The semantic version of the container recipe (..). + type: string + Components: + description: Components for build and test that are included in the container recipe. + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ComponentConfiguration' + InstanceConfiguration: + additionalProperties: false + description: A group of options that can be used to configure an instance for building and testing container images. + $ref: '#/components/schemas/InstanceConfiguration' + DockerfileTemplateData: + description: Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe. + type: string + DockerfileTemplateUri: + description: The S3 URI for the Dockerfile that will be used to build your container image. + type: string + PlatformOverride: + description: Specifies the operating system platform when you use a custom source image. + type: string + enum: + - Windows + - Linux + ContainerType: + description: Specifies the type of container, such as Docker. + type: string + enum: + - DOCKER + ImageOsVersionOverride: + description: Specifies the operating system version for the source image. + type: string + TargetRepository: + description: The destination repository for the container image. + $ref: '#/components/schemas/TargetContainerRepository' + KmsKeyId: + description: Identifies which KMS key is used to encrypt the container image. + type: string + ParentImage: + description: The source image for the container recipe. + type: string + WorkingDirectory: + description: The working directory to be used during build and test workflows. + type: string + Tags: + description: Tags that are attached to the container recipe. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + x-stackql-resource-name: container_recipe + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Version + - ContainerType + - TargetRepository + - InstanceConfiguration + - ParentImage + - Description + - DockerfileTemplateUri + - DockerfileTemplateData + - ImageOsVersionOverride + - KmsKeyId + - PlatformOverride + - WorkingDirectory + - Components + - Tags + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:GetRole + - iam:CreateServiceLinkedRole + - imagebuilder:GetComponent + - imagebuilder:TagResource + - imagebuilder:GetContainerRecipe + - imagebuilder:CreateContainerRecipe + - imagebuilder:GetImage + - kms:Encrypt + - kms:Decrypt + - kms:ReEncryptFrom + - kms:ReEncryptTo + - kms:GenerateDataKey* + - s3:GetObject + - s3:ListBucket + - ecr:DescribeRepositories + - ec2:DescribeImages + read: + - imagebuilder:GetContainerRecipe + delete: + - imagebuilder:UnTagResource + - imagebuilder:GetContainerRecipe + - imagebuilder:DeleteContainerRecipe + list: + - imagebuilder:ListContainerRecipes + Distribution: + description: The distributions of the distribution configuration. + type: object + additionalProperties: false + properties: + Region: + description: region + type: string + AmiDistributionConfiguration: + $ref: '#/components/schemas/AmiDistributionConfiguration' + ContainerDistributionConfiguration: + $ref: '#/components/schemas/ContainerDistributionConfiguration' + LicenseConfigurationArns: + description: The License Manager Configuration to associate with the AMI in the specified Region. + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/LicenseConfigurationArn' + LaunchTemplateConfigurations: + description: A group of launchTemplateConfiguration settings that apply to image distribution. + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/LaunchTemplateConfiguration' + FastLaunchConfigurations: + description: The Windows faster-launching configurations to use for AMI distribution. + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/FastLaunchConfiguration' + required: + - Region + AmiDistributionConfiguration: + description: The specific AMI settings (for example, launch permissions, AMI tags). + type: object + additionalProperties: false + properties: + Name: + description: The name of the AMI distribution configuration. + type: string + KmsKeyId: + description: The KMS key identifier used to encrypt the distributed image. + type: string + Description: + description: The description of the AMI distribution configuration. + type: string + AmiTags: + description: The tags to apply to AMIs distributed to this Region. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + TargetAccountIds: + description: The ID of accounts to which you want to distribute an image. + type: array + x-insertionOrder: true + items: + type: string + LaunchPermissionConfiguration: + $ref: '#/components/schemas/LaunchPermissionConfiguration' + ContainerDistributionConfiguration: + description: Container distribution settings for encryption, licensing, and sharing in a specific Region. + type: object + additionalProperties: false + properties: + Description: + description: The description of the container distribution configuration. + type: string + ContainerTags: + description: Tags that are attached to the container distribution configuration. + type: array + x-insertionOrder: true + items: + type: string + TargetRepository: + description: The destination repository for the container distribution configuration. + $ref: '#/components/schemas/TargetContainerRepository' + LaunchTemplateConfiguration: + description: launchTemplateConfiguration settings that apply to image distribution. + type: object + additionalProperties: false + properties: + LaunchTemplateId: + description: Identifies the EC2 launch template to use. + type: string + AccountId: + description: The account ID that this configuration applies to. + type: string + SetDefaultVersion: + description: Set the specified EC2 launch template as the default launch template for the specified account. + type: boolean + FastLaunchConfiguration: + description: The Windows faster-launching configuration to use for AMI distribution. + type: object + additionalProperties: false + properties: + AccountId: + description: The owner account ID for the fast-launch enabled Windows AMI. + type: string + Enabled: + description: A Boolean that represents the current state of faster launching for the Windows AMI. Set to true to start using Windows faster launching, or false to stop using it. + type: boolean + LaunchTemplate: + description: The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots. + $ref: '#/components/schemas/FastLaunchLaunchTemplateSpecification' + MaxParallelLaunches: + description: The maximum number of parallel instances that are launched for creating resources. + type: integer + SnapshotConfiguration: + description: Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled. + $ref: '#/components/schemas/FastLaunchSnapshotConfiguration' + LaunchPermissionConfiguration: + description: Launch permissions can be used to configure which AWS accounts can use the AMI to launch instances. + type: object + additionalProperties: false + properties: + UserIds: + description: The AWS account ID. + type: array + x-insertionOrder: false + items: + type: string + UserGroups: + description: The name of the group. + type: array + x-insertionOrder: false + items: + type: string + OrganizationArns: + description: The ARN for an Amazon Web Services Organization that you want to share your AMI with. + type: array + x-insertionOrder: false + items: + type: string + OrganizationalUnitArns: + description: The ARN for an Organizations organizational unit (OU) that you want to share your AMI with. + type: array + x-insertionOrder: false + items: + type: string + LicenseConfigurationArn: + description: The Amazon Resource Name (ARN) of the License Manager configuration. + type: string + FastLaunchLaunchTemplateSpecification: + description: The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots. + type: object + additionalProperties: false + properties: + LaunchTemplateId: + description: The ID of the launch template to use for faster launching for a Windows AMI. + type: string + LaunchTemplateName: + description: The name of the launch template to use for faster launching for a Windows AMI. + type: string + LaunchTemplateVersion: + description: The version of the launch template to use for faster launching for a Windows AMI. + type: string + FastLaunchSnapshotConfiguration: + description: Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled. + type: object + additionalProperties: false + properties: + TargetResourceCount: + description: The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI. + type: integer + DistributionConfiguration: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the distribution configuration. + type: string + Name: + description: The name of the distribution configuration. + type: string + Description: + description: The description of the distribution configuration. + type: string + Distributions: + description: The distributions of the distribution configuration. + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Distribution' + Tags: + description: The tags associated with the component. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + required: + - Name + - Distributions + x-stackql-resource-name: distribution_configuration + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:GetRole + - iam:CreateServiceLinkedRole + - ec2:DescribeLaunchTemplates + - ec2:CreateLaunchTemplateVersion + - ec2:ModifyLaunchTemplate + - imagebuilder:TagResource + - imagebuilder:GetDistributionConfiguration + - imagebuilder:CreateDistributionConfiguration + update: + - ec2:DescribeLaunchTemplates + - ec2:CreateLaunchTemplateVersion + - ec2:ModifyLaunchTemplate + - imagebuilder:GetDistributionConfiguration + - imagebuilder:UpdateDistributionConfiguration + read: + - imagebuilder:GetDistributionConfiguration + delete: + - imagebuilder:GetDistributionConfiguration + - imagebuilder:UnTagResource + - imagebuilder:DeleteDistributionConfiguration + list: + - imagebuilder:ListDistributionConfigurations + ImageTestsConfiguration: + description: Image tests configuration. + type: object + additionalProperties: false + properties: + ImageTestsEnabled: + description: Defines if tests should be executed when building this image. + type: boolean + TimeoutMinutes: + description: The maximum time in minutes that tests are permitted to run. + type: integer + minimum: 60 + maximum: 1440 + ImageScanningConfiguration: + description: Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution. + type: object + additionalProperties: false + properties: + EcrConfiguration: + description: Contains ECR settings for vulnerability scans. + $ref: '#/components/schemas/EcrConfiguration' + ImageScanningEnabled: + description: This sets whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image. + type: boolean + EcrConfiguration: + description: Settings for Image Builder to configure the ECR repository and output container images that are scanned. + type: object + additionalProperties: false + properties: + ContainerTags: + description: Tags for Image Builder to apply the output container image that is scanned. Tags can help you identify and manage your scanned images. + type: array + x-insertionOrder: true + items: + type: string + RepositoryName: + description: The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don't provide this information, Image Builder creates a repository in your account named image-builder-image-scanning-repository to use for vulnerability scans for your output container images. + type: string + WorkflowConfiguration: + description: The workflow configuration of the image + type: object + additionalProperties: false + properties: + WorkflowArn: + description: The Amazon Resource Name (ARN) of the workflow + type: string + Parameters: + description: The parameters associated with the workflow + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/WorkflowParameter' + ParallelGroup: + description: The parallel group name + type: string + OnFailure: + description: Define execution decision in case of workflow failure + type: string + enum: + - CONTINUE + - ABORT + WorkflowParameter: + description: A parameter associated with the workflow + type: object + additionalProperties: false + properties: + Name: + type: string + Value: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/WorkflowParameterValue' + WorkflowParameterValue: + description: The value associated with the workflow parameter + type: string + Image: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the image. + type: string + Name: + description: The name of the image. + type: string + ImageTestsConfiguration: + description: The image tests configuration used when creating this image. + $ref: '#/components/schemas/ImageTestsConfiguration' + ImageRecipeArn: + description: The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed. + type: string + ContainerRecipeArn: + description: The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested. + type: string + DistributionConfigurationArn: + description: The Amazon Resource Name (ARN) of the distribution configuration. + type: string + InfrastructureConfigurationArn: + description: The Amazon Resource Name (ARN) of the infrastructure configuration. + type: string + Workflows: + description: Workflows to define the image build process + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/WorkflowConfiguration' + ImageId: + description: The AMI ID of the EC2 AMI in current region. + type: string + ImageUri: + description: URI for containers created in current Region with default ECR image tag + type: string + EnhancedImageMetadataEnabled: + description: Collects additional information about the image being created, including the operating system (OS) version and package list. + type: boolean + ImageScanningConfiguration: + description: Contains settings for vulnerability scans. + $ref: '#/components/schemas/ImageScanningConfiguration' + ExecutionRole: + description: The execution role name/ARN for the image build, if provided + type: string + Tags: + description: The tags associated with the image. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + x-stackql-resource-name: image + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ImageRecipeArn + - ContainerRecipeArn + - InfrastructureConfigurationArn + - Workflows + - DistributionConfigurationArn + - ImageTestsConfiguration + - ImageScanningConfiguration + - EnhancedImageMetadataEnabled + - Tags + x-read-only-properties: + - Arn + - Name + - ImageId + - ImageUri + x-required-permissions: + create: + - ecr:BatchGetRepositoryScanningConfiguration + - iam:GetRole + - iam:PassRole + - iam:CreateServiceLinkedRole + - imagebuilder:GetImageRecipe + - imagebuilder:GetInfrastructureConfiguration + - imagebuilder:GetDistributionConfiguration + - imagebuilder:GetWorkflow + - imagebuilder:GetImage + - imagebuilder:CreateImage + - imagebuilder:TagResource + - inspector2:BatchGetAccountStatus + read: + - imagebuilder:GetImage + delete: + - imagebuilder:GetImage + - imagebuilder:DeleteImage + - imagebuilder:UnTagResource + - imagebuilder:CancelImageCreation + list: + - imagebuilder:ListImages + Schedule: + description: The schedule of the image pipeline. + type: object + additionalProperties: false + properties: + ScheduleExpression: + description: The expression determines how often EC2 Image Builder evaluates your pipelineExecutionStartCondition. + type: string + PipelineExecutionStartCondition: + description: The condition configures when the pipeline should trigger a new image build. + type: string + enum: + - EXPRESSION_MATCH_ONLY + - EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE + ImagePipeline: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the image pipeline. + type: string + Name: + description: The name of the image pipeline. + type: string + Description: + description: The description of the image pipeline. + type: string + ImageTestsConfiguration: + description: The image tests configuration of the image pipeline. + $ref: '#/components/schemas/ImageTestsConfiguration' + Status: + description: The status of the image pipeline. + type: string + enum: + - DISABLED + - ENABLED + Schedule: + description: The schedule of the image pipeline. + $ref: '#/components/schemas/Schedule' + ImageRecipeArn: + description: The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed. + type: string + ContainerRecipeArn: + description: The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested. + type: string + DistributionConfigurationArn: + description: The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline. + type: string + InfrastructureConfigurationArn: + description: The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline. + type: string + Workflows: + description: Workflows to define the image build process + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/WorkflowConfiguration' + EnhancedImageMetadataEnabled: + description: Collects additional information about the image being created, including the operating system (OS) version and package list. + type: boolean + ImageScanningConfiguration: + description: Contains settings for vulnerability scans. + $ref: '#/components/schemas/ImageScanningConfiguration' + ExecutionRole: + description: The execution role name/ARN for the image build, if provided + type: string + Tags: + description: The tags of this image pipeline. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + x-stackql-resource-name: image_pipeline + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ecr:BatchGetRepositoryScanningConfiguration + - iam:GetRole + - iam:PassRole + - iam:CreateServiceLinkedRole + - imagebuilder:TagResource + - imagebuilder:GetImagePipeline + - imagebuilder:GetImageRecipe + - imagebuilder:GetInfrastructureConfiguration + - imagebuilder:GetDistributionConfiguration + - imagebuilder:CreateImagePipeline + - imagebuilder:GetWorkflow + - inspector2:BatchGetAccountStatus + update: + - iam:PassRole + - imagebuilder:GetImagePipeline + - imagebuilder:UpdateImagePipeline + - imagebuilder:GetWorkflow + read: + - imagebuilder:GetImagePipeline + delete: + - imagebuilder:UnTagResource + - imagebuilder:GetImagePipeline + - imagebuilder:DeleteImagePipeline + list: + - imagebuilder:ListImagePipelines + AdditionalInstanceConfiguration: + additionalProperties: false + description: Specify additional settings and launch scripts for your build instances. + type: object + properties: + SystemsManagerAgent: + description: Contains settings for the SSM agent on your build instance. + $ref: '#/components/schemas/SystemsManagerAgent' + UserDataOverride: + description: Use this property to provide commands or a command script to run when you launch your build instance. + type: string + SystemsManagerAgent: + additionalProperties: false + description: Contains settings for the SSM agent on your build instance. + type: object + properties: + UninstallAfterBuild: + description: Controls whether the SSM agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false. + type: boolean + ImageRecipe: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the image recipe. + type: string + Name: + description: The name of the image recipe. + type: string + Description: + description: The description of the image recipe. + type: string + Version: + description: The version of the image recipe. + type: string + Components: + description: The components of the image recipe. + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ComponentConfiguration' + BlockDeviceMappings: + description: The block device mappings to apply when creating images from this recipe. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/InstanceBlockDeviceMapping' + ParentImage: + description: The parent image of the image recipe. + type: string + WorkingDirectory: + description: The working directory to be used during build and test workflows. + type: string + AdditionalInstanceConfiguration: + description: Specify additional settings and launch scripts for your build instances. + $ref: '#/components/schemas/AdditionalInstanceConfiguration' + Tags: + description: The tags of the image recipe. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + required: + - Name + - Version + - Components + - ParentImage + x-stackql-resource-name: image_recipe + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Version + - Components + - ParentImage + - Description + - BlockDeviceMappings + - WorkingDirectory + - Tags + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:GetRole + - iam:CreateServiceLinkedRole + - imagebuilder:GetComponent + - imagebuilder:GetImage + - imagebuilder:TagResource + - imagebuilder:GetImageRecipe + - imagebuilder:CreateImageRecipe + - ec2:DescribeImages + read: + - imagebuilder:GetImageRecipe + delete: + - imagebuilder:UnTagResource + - imagebuilder:GetImageRecipe + - imagebuilder:DeleteImageRecipe + list: + - imagebuilder:ListImageRecipes + TagMap: + description: TagMap + type: object + additionalProperties: false + properties: + TagKey: + description: TagKey + type: string + minLength: 1 + maxLength: 128 + TagValue: + description: TagValue + type: string + minLength: 1 + maxLength: 256 + Logging: + description: The logging configuration of the infrastructure configuration. + type: object + additionalProperties: false + properties: + S3Logs: + $ref: '#/components/schemas/S3Logs' + InstanceMetadataOptions: + description: The instance metadata option settings for the infrastructure configuration. + type: object + additionalProperties: false + properties: + HttpPutResponseHopLimit: + description: Limit the number of hops that an instance metadata request can traverse to reach its destination. + type: integer + HttpTokens: + description: 'Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows: ' + type: string + enum: + - required + - optional + S3Logs: + description: The S3 path in which to store the logs. + type: object + additionalProperties: false + properties: + S3BucketName: + description: S3BucketName + type: string + S3KeyPrefix: + description: S3KeyPrefix + type: string + InfrastructureConfiguration: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the infrastructure configuration. + type: string + Name: + description: The name of the infrastructure configuration. + type: string + Description: + description: The description of the infrastructure configuration. + type: string + InstanceTypes: + description: The instance types of the infrastructure configuration. + type: array + x-insertionOrder: true + items: + type: string + SecurityGroupIds: + description: The security group IDs of the infrastructure configuration. + type: array + x-insertionOrder: false + items: + type: string + Logging: + description: The logging configuration of the infrastructure configuration. + $ref: '#/components/schemas/Logging' + SubnetId: + description: The subnet ID of the infrastructure configuration. + type: string + KeyPair: + description: The EC2 key pair of the infrastructure configuration.. + type: string + TerminateInstanceOnFailure: + description: The terminate instance on failure configuration of the infrastructure configuration. + type: boolean + InstanceProfileName: + description: The instance profile of the infrastructure configuration. + type: string + InstanceMetadataOptions: + description: The instance metadata option settings for the infrastructure configuration. + $ref: '#/components/schemas/InstanceMetadataOptions' + SnsTopicArn: + description: The SNS Topic Amazon Resource Name (ARN) of the infrastructure configuration. + type: string + ResourceTags: + description: The tags attached to the resource created by Image Builder. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + Tags: + description: The tags associated with the component. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + required: + - Name + - InstanceProfileName + x-stackql-resource-name: infrastructure_configuration + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:PassRole + - iam:GetRole + - iam:GetInstanceProfile + - iam:CreateServiceLinkedRole + - sns:Publish + - imagebuilder:TagResource + - imagebuilder:GetInfrastructureConfiguration + - imagebuilder:CreateInfrastructureConfiguration + update: + - iam:PassRole + - sns:Publish + - imagebuilder:GetInfrastructureConfiguration + - imagebuilder:UpdateInfrastructureConfiguration + read: + - imagebuilder:GetInfrastructureConfiguration + delete: + - imagebuilder:UnTagResource + - imagebuilder:GetInfrastructureConfiguration + - imagebuilder:DeleteInfrastructureConfiguration + list: + - imagebuilder:ListInfrastructureConfigurations + PolicyDetail: + description: The policy detail of the lifecycle policy. + type: object + additionalProperties: false + properties: + Action: + $ref: '#/components/schemas/Action' + Filter: + $ref: '#/components/schemas/Filter' + ExclusionRules: + $ref: '#/components/schemas/ExclusionRules' + required: + - Action + - Filter + Action: + description: The action of the policy detail. + type: object + additionalProperties: false + properties: + Type: + description: The action type of the policy detail. + type: string + enum: + - DELETE + - DEPRECATE + - DISABLE + IncludeResources: + $ref: '#/components/schemas/IncludeResources' + required: + - Type + Filter: + description: The filters to apply of the policy detail. + type: object + additionalProperties: false + properties: + Type: + description: The filter type. + type: string + enum: + - AGE + - COUNT + Value: + description: The filter value. + type: integer + Unit: + description: The value's time unit. + $ref: '#/components/schemas/TimeUnit' + RetainAtLeast: + description: The minimum number of Image Builder resources to retain. + type: integer + required: + - Type + - Value + ExclusionRules: + description: The exclusion rules to apply of the policy detail. + type: object + additionalProperties: false + properties: + TagMap: + description: The Image Builder tags to filter on. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + Amis: + $ref: '#/components/schemas/AmiExclusionRules' + TimeUnit: + description: A time unit. + type: string + enum: + - DAYS + - WEEKS + - MONTHS + - YEARS + IncludeResources: + description: The included resources of the policy detail. + type: object + additionalProperties: false + properties: + Amis: + description: Use to configure lifecycle actions on AMIs. + type: boolean + Containers: + description: Use to configure lifecycle actions on containers. + type: boolean + Snapshots: + description: Use to configure lifecycle actions on snapshots. + type: boolean + AmiExclusionRules: + description: The AMI exclusion rules for the policy detail. + type: object + additionalProperties: false + properties: + IsPublic: + description: Use to apply lifecycle policy actions on whether the AMI is public. + type: boolean + Regions: + description: Use to apply lifecycle policy actions on AMIs distributed to a set of regions. + type: array + x-insertionOrder: false + items: + type: string + SharedAccounts: + description: Use to apply lifecycle policy actions on AMIs shared with a set of regions. + type: array + x-insertionOrder: false + items: + type: string + LastLaunched: + description: Use to apply lifecycle policy actions on AMIs launched before a certain time. + $ref: '#/components/schemas/LastLaunched' + TagMap: + description: The AMIs to select by tag. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + LastLaunched: + description: The last launched time of a resource. + type: object + additionalProperties: false + properties: + Value: + description: The last launched value. + type: integer + Unit: + description: The value's time unit. + $ref: '#/components/schemas/TimeUnit' + required: + - Value + - Unit + ResourceSelection: + description: The resource selection for the lifecycle policy. + type: object + additionalProperties: false + properties: + Recipes: + description: The recipes to select. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/RecipeSelection' + TagMap: + description: The Image Builder resources to select by tag. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + RecipeSelection: + description: The recipe to apply the lifecycle policy for. + type: object + additionalProperties: false + properties: + Name: + description: The recipe name. + type: string + SemanticVersion: + description: The recipe version. + type: string + required: + - Name + - SemanticVersion + LifecyclePolicy: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the lifecycle policy. + type: string + Name: + description: The name of the lifecycle policy. + type: string + Description: + description: The description of the lifecycle policy. + type: string + Status: + description: The status of the lifecycle policy. + type: string + enum: + - DISABLED + - ENABLED + ExecutionRole: + description: The execution role of the lifecycle policy. + type: string + ResourceType: + description: The resource type of the lifecycle policy. + type: string + enum: + - AMI_IMAGE + - CONTAINER_IMAGE + PolicyDetails: + description: The policy details of the lifecycle policy. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/PolicyDetail' + ResourceSelection: + description: The resource selection of the lifecycle policy. + $ref: '#/components/schemas/ResourceSelection' + Tags: + description: The tags associated with the lifecycle policy. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + required: + - Name + - ExecutionRole + - ResourceType + - PolicyDetails + - ResourceSelection + x-stackql-resource-name: lifecycle_policy + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:PassRole + - imagebuilder:CreateLifecyclePolicy + - imagebuilder:GetLifecyclePolicy + - imagebuilder:TagResource + update: + - iam:PassRole + - imagebuilder:GetLifecyclePolicy + - imagebuilder:UpdateLifecyclePolicy + read: + - imagebuilder:GetLifecyclePolicy + delete: + - imagebuilder:GetLifecyclePolicy + - imagebuilder:DeleteLifecyclePolicy + - imagebuilder:UnTagResource + list: + - imagebuilder:ListLifecyclePolicies + Workflow: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the workflow. + type: string + Name: + description: The name of the workflow. + type: string + Version: + description: The version of the workflow. + type: string + Description: + description: The description of the workflow. + type: string + ChangeDescription: + description: The change description of the workflow. + type: string + Type: + description: The type of the workflow denotes whether the workflow is used to build, test, or distribute. + type: string + enum: + - BUILD + - TEST + - DISTRIBUTION + Data: + description: The data of the workflow. + type: string + minLength: 1 + maxLength: 16000 + Uri: + description: The uri of the workflow. + type: string + KmsKeyId: + description: The KMS key identifier used to encrypt the workflow. + type: string + Tags: + description: The tags associated with the workflow. + type: object + additionalProperties: false + x-patternProperties: + .{1,}: + type: string + required: + - Name + - Type + - Version + x-stackql-resource-name: workflow + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Version + - ChangeDescription + - Description + - Data + - Uri + - Type + - KmsKeyId + - Tags + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:GetRole + - kms:GenerateDataKey* + - kms:Encrypt + - kms:Decrypt + - s3:GetObject + - s3:HeadBucket + - s3:GetBucketLocation + - imagebuilder:TagResource + - imagebuilder:GetWorkflow + - imagebuilder:CreateWorkflow + read: + - imagebuilder:GetWorkflow + delete: + - imagebuilder:GetWorkflow + - imagebuilder:UnTagResource + - imagebuilder:DeleteWorkflow + list: + - imagebuilder:ListWorkflows + x-stackQL-resources: + components: + name: components + id: awscc.imagebuilder.components + x-cfn-schema-name: Component + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::Component' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::Component' + AND region = 'us-east-1' + component: + name: component + id: awscc.imagebuilder.component + x-cfn-schema-name: Component + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ChangeDescription') as change_description, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Platform') as platform, + JSON_EXTRACT(Properties, '$.Data') as data, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Encrypted') as encrypted, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Uri') as uri, + JSON_EXTRACT(Properties, '$.SupportedOsVersions') as supported_os_versions + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::Component' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ChangeDescription') as change_description, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Platform') as platform, + json_extract_path_text(Properties, 'Data') as data, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Encrypted') as encrypted, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Uri') as uri, + json_extract_path_text(Properties, 'SupportedOsVersions') as supported_os_versions + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::Component' + AND data__Identifier = '' + AND region = 'us-east-1' + container_recipes: + name: container_recipes + id: awscc.imagebuilder.container_recipes + x-cfn-schema-name: ContainerRecipe + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::ContainerRecipe' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::ContainerRecipe' + AND region = 'us-east-1' + container_recipe: + name: container_recipe + id: awscc.imagebuilder.container_recipe + x-cfn-schema-name: ContainerRecipe + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Components') as components, + JSON_EXTRACT(Properties, '$.InstanceConfiguration') as instance_configuration, + JSON_EXTRACT(Properties, '$.DockerfileTemplateData') as dockerfile_template_data, + JSON_EXTRACT(Properties, '$.DockerfileTemplateUri') as dockerfile_template_uri, + JSON_EXTRACT(Properties, '$.PlatformOverride') as platform_override, + JSON_EXTRACT(Properties, '$.ContainerType') as container_type, + JSON_EXTRACT(Properties, '$.ImageOsVersionOverride') as image_os_version_override, + JSON_EXTRACT(Properties, '$.TargetRepository') as target_repository, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.ParentImage') as parent_image, + JSON_EXTRACT(Properties, '$.WorkingDirectory') as working_directory, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::ContainerRecipe' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Components') as components, + json_extract_path_text(Properties, 'InstanceConfiguration') as instance_configuration, + json_extract_path_text(Properties, 'DockerfileTemplateData') as dockerfile_template_data, + json_extract_path_text(Properties, 'DockerfileTemplateUri') as dockerfile_template_uri, + json_extract_path_text(Properties, 'PlatformOverride') as platform_override, + json_extract_path_text(Properties, 'ContainerType') as container_type, + json_extract_path_text(Properties, 'ImageOsVersionOverride') as image_os_version_override, + json_extract_path_text(Properties, 'TargetRepository') as target_repository, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'ParentImage') as parent_image, + json_extract_path_text(Properties, 'WorkingDirectory') as working_directory, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::ContainerRecipe' + AND data__Identifier = '' + AND region = 'us-east-1' + distribution_configurations: + name: distribution_configurations + id: awscc.imagebuilder.distribution_configurations + x-cfn-schema-name: DistributionConfiguration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::DistributionConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::DistributionConfiguration' + AND region = 'us-east-1' + distribution_configuration: + name: distribution_configuration + id: awscc.imagebuilder.distribution_configuration + x-cfn-schema-name: DistributionConfiguration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Distributions') as distributions, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::DistributionConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Distributions') as distributions, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::DistributionConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + images: + name: images + id: awscc.imagebuilder.images + x-cfn-schema-name: Image + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::Image' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::Image' + AND region = 'us-east-1' + image: + name: image + id: awscc.imagebuilder.image + x-cfn-schema-name: Image + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ImageTestsConfiguration') as image_tests_configuration, + JSON_EXTRACT(Properties, '$.ImageRecipeArn') as image_recipe_arn, + JSON_EXTRACT(Properties, '$.ContainerRecipeArn') as container_recipe_arn, + JSON_EXTRACT(Properties, '$.DistributionConfigurationArn') as distribution_configuration_arn, + JSON_EXTRACT(Properties, '$.InfrastructureConfigurationArn') as infrastructure_configuration_arn, + JSON_EXTRACT(Properties, '$.Workflows') as workflows, + JSON_EXTRACT(Properties, '$.ImageId') as image_id, + JSON_EXTRACT(Properties, '$.ImageUri') as image_uri, + JSON_EXTRACT(Properties, '$.EnhancedImageMetadataEnabled') as enhanced_image_metadata_enabled, + JSON_EXTRACT(Properties, '$.ImageScanningConfiguration') as image_scanning_configuration, + JSON_EXTRACT(Properties, '$.ExecutionRole') as execution_role, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::Image' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ImageTestsConfiguration') as image_tests_configuration, + json_extract_path_text(Properties, 'ImageRecipeArn') as image_recipe_arn, + json_extract_path_text(Properties, 'ContainerRecipeArn') as container_recipe_arn, + json_extract_path_text(Properties, 'DistributionConfigurationArn') as distribution_configuration_arn, + json_extract_path_text(Properties, 'InfrastructureConfigurationArn') as infrastructure_configuration_arn, + json_extract_path_text(Properties, 'Workflows') as workflows, + json_extract_path_text(Properties, 'ImageId') as image_id, + json_extract_path_text(Properties, 'ImageUri') as image_uri, + json_extract_path_text(Properties, 'EnhancedImageMetadataEnabled') as enhanced_image_metadata_enabled, + json_extract_path_text(Properties, 'ImageScanningConfiguration') as image_scanning_configuration, + json_extract_path_text(Properties, 'ExecutionRole') as execution_role, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::Image' + AND data__Identifier = '' + AND region = 'us-east-1' + image_pipelines: + name: image_pipelines + id: awscc.imagebuilder.image_pipelines + x-cfn-schema-name: ImagePipeline + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::ImagePipeline' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::ImagePipeline' + AND region = 'us-east-1' + image_pipeline: + name: image_pipeline + id: awscc.imagebuilder.image_pipeline + x-cfn-schema-name: ImagePipeline + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ImageTestsConfiguration') as image_tests_configuration, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.ImageRecipeArn') as image_recipe_arn, + JSON_EXTRACT(Properties, '$.ContainerRecipeArn') as container_recipe_arn, + JSON_EXTRACT(Properties, '$.DistributionConfigurationArn') as distribution_configuration_arn, + JSON_EXTRACT(Properties, '$.InfrastructureConfigurationArn') as infrastructure_configuration_arn, + JSON_EXTRACT(Properties, '$.Workflows') as workflows, + JSON_EXTRACT(Properties, '$.EnhancedImageMetadataEnabled') as enhanced_image_metadata_enabled, + JSON_EXTRACT(Properties, '$.ImageScanningConfiguration') as image_scanning_configuration, + JSON_EXTRACT(Properties, '$.ExecutionRole') as execution_role, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::ImagePipeline' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ImageTestsConfiguration') as image_tests_configuration, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'ImageRecipeArn') as image_recipe_arn, + json_extract_path_text(Properties, 'ContainerRecipeArn') as container_recipe_arn, + json_extract_path_text(Properties, 'DistributionConfigurationArn') as distribution_configuration_arn, + json_extract_path_text(Properties, 'InfrastructureConfigurationArn') as infrastructure_configuration_arn, + json_extract_path_text(Properties, 'Workflows') as workflows, + json_extract_path_text(Properties, 'EnhancedImageMetadataEnabled') as enhanced_image_metadata_enabled, + json_extract_path_text(Properties, 'ImageScanningConfiguration') as image_scanning_configuration, + json_extract_path_text(Properties, 'ExecutionRole') as execution_role, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::ImagePipeline' + AND data__Identifier = '' + AND region = 'us-east-1' + image_recipes: + name: image_recipes + id: awscc.imagebuilder.image_recipes + x-cfn-schema-name: ImageRecipe + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::ImageRecipe' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::ImageRecipe' + AND region = 'us-east-1' + image_recipe: + name: image_recipe + id: awscc.imagebuilder.image_recipe + x-cfn-schema-name: ImageRecipe + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Components') as components, + JSON_EXTRACT(Properties, '$.BlockDeviceMappings') as block_device_mappings, + JSON_EXTRACT(Properties, '$.ParentImage') as parent_image, + JSON_EXTRACT(Properties, '$.WorkingDirectory') as working_directory, + JSON_EXTRACT(Properties, '$.AdditionalInstanceConfiguration') as additional_instance_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::ImageRecipe' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Components') as components, + json_extract_path_text(Properties, 'BlockDeviceMappings') as block_device_mappings, + json_extract_path_text(Properties, 'ParentImage') as parent_image, + json_extract_path_text(Properties, 'WorkingDirectory') as working_directory, + json_extract_path_text(Properties, 'AdditionalInstanceConfiguration') as additional_instance_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::ImageRecipe' + AND data__Identifier = '' + AND region = 'us-east-1' + infrastructure_configurations: + name: infrastructure_configurations + id: awscc.imagebuilder.infrastructure_configurations + x-cfn-schema-name: InfrastructureConfiguration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::InfrastructureConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::InfrastructureConfiguration' + AND region = 'us-east-1' + infrastructure_configuration: + name: infrastructure_configuration + id: awscc.imagebuilder.infrastructure_configuration + x-cfn-schema-name: InfrastructureConfiguration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.InstanceTypes') as instance_types, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.Logging') as logging, + JSON_EXTRACT(Properties, '$.SubnetId') as subnet_id, + JSON_EXTRACT(Properties, '$.KeyPair') as key_pair, + JSON_EXTRACT(Properties, '$.TerminateInstanceOnFailure') as terminate_instance_on_failure, + JSON_EXTRACT(Properties, '$.InstanceProfileName') as instance_profile_name, + JSON_EXTRACT(Properties, '$.InstanceMetadataOptions') as instance_metadata_options, + JSON_EXTRACT(Properties, '$.SnsTopicArn') as sns_topic_arn, + JSON_EXTRACT(Properties, '$.ResourceTags') as resource_tags, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::InfrastructureConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'InstanceTypes') as instance_types, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'Logging') as logging, + json_extract_path_text(Properties, 'SubnetId') as subnet_id, + json_extract_path_text(Properties, 'KeyPair') as key_pair, + json_extract_path_text(Properties, 'TerminateInstanceOnFailure') as terminate_instance_on_failure, + json_extract_path_text(Properties, 'InstanceProfileName') as instance_profile_name, + json_extract_path_text(Properties, 'InstanceMetadataOptions') as instance_metadata_options, + json_extract_path_text(Properties, 'SnsTopicArn') as sns_topic_arn, + json_extract_path_text(Properties, 'ResourceTags') as resource_tags, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::InfrastructureConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + lifecycle_policies: + name: lifecycle_policies + id: awscc.imagebuilder.lifecycle_policies + x-cfn-schema-name: LifecyclePolicy + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::LifecyclePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::LifecyclePolicy' + AND region = 'us-east-1' + lifecycle_policy: + name: lifecycle_policy + id: awscc.imagebuilder.lifecycle_policy + x-cfn-schema-name: LifecyclePolicy + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.ExecutionRole') as execution_role, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type, + JSON_EXTRACT(Properties, '$.PolicyDetails') as policy_details, + JSON_EXTRACT(Properties, '$.ResourceSelection') as resource_selection, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::LifecyclePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'ExecutionRole') as execution_role, + json_extract_path_text(Properties, 'ResourceType') as resource_type, + json_extract_path_text(Properties, 'PolicyDetails') as policy_details, + json_extract_path_text(Properties, 'ResourceSelection') as resource_selection, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::LifecyclePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + workflows: + name: workflows + id: awscc.imagebuilder.workflows + x-cfn-schema-name: Workflow + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::Workflow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ImageBuilder::Workflow' + AND region = 'us-east-1' + workflow: + name: workflow + id: awscc.imagebuilder.workflow + x-cfn-schema-name: Workflow + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ChangeDescription') as change_description, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Data') as data, + JSON_EXTRACT(Properties, '$.Uri') as uri, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::Workflow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ChangeDescription') as change_description, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Data') as data, + json_extract_path_text(Properties, 'Uri') as uri, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ImageBuilder::Workflow' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/inspector.yaml b/providers/src/awscc/v00.00.00000/services/inspector.yaml new file mode 100644 index 00000000..71b56274 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/inspector.yaml @@ -0,0 +1,294 @@ +openapi: 3.0.0 +info: + title: Inspector + version: 1.0.0 +paths: {} +components: + schemas: + AssessmentTarget: + type: object + properties: + Arn: + type: string + AssessmentTargetName: + type: string + ResourceGroupArn: + type: string + x-stackql-resource-name: assessment_target + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - AssessmentTargetName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - inspector:CreateAssessmentTarget + - inspector:ListAssessmentTargets + - inspector:DescribeAssessmentTargets + update: + - inspector:DescribeAssessmentTargets + - inspector:UpdateAssessmentTarget + read: + - inspector:DescribeAssessmentTargets + delete: + - inspector:DeleteAssessmentTarget + list: + - inspector:ListAssessmentTargets + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + required: + - Value + - Key + AssessmentTemplate: + type: object + properties: + Arn: + type: string + AssessmentTargetArn: + type: string + DurationInSeconds: + type: integer + AssessmentTemplateName: + type: string + RulesPackageArns: + type: array + uniqueItems: false + items: + type: string + UserAttributesForFindings: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - AssessmentTargetArn + - DurationInSeconds + - RulesPackageArns + x-stackql-resource-name: assessment_template + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - DurationInSeconds + - AssessmentTemplateName + - UserAttributesForFindings + - AssessmentTargetArn + - RulesPackageArns + x-read-only-properties: + - Arn + x-required-permissions: + create: + - inspector:CreateAssessmentTemplate + - inspector:ListAssessmentTemplates + - inspector:DescribeAssessmentTemplates + read: + - inspector:DescribeAssessmentTemplates + delete: + - inspector:DeleteAssessmentTemplate + list: + - inspector:ListAssessmentTemplates + ResourceGroup: + type: object + properties: + Arn: + type: string + ResourceGroupTags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - ResourceGroupTags + x-stackql-resource-name: resource_group + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ResourceGroupTags + x-read-only-properties: + - Arn + x-required-permissions: + create: + - inspector:CreateResourceGroup + read: + - inspector:CreateResourceGroup + delete: + - inspector:CreateResourceGroup + x-stackQL-resources: + assessment_targets: + name: assessment_targets + id: awscc.inspector.assessment_targets + x-cfn-schema-name: AssessmentTarget + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Inspector::AssessmentTarget' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Inspector::AssessmentTarget' + AND region = 'us-east-1' + assessment_target: + name: assessment_target + id: awscc.inspector.assessment_target + x-cfn-schema-name: AssessmentTarget + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AssessmentTargetName') as assessment_target_name, + JSON_EXTRACT(Properties, '$.ResourceGroupArn') as resource_group_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Inspector::AssessmentTarget' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AssessmentTargetName') as assessment_target_name, + json_extract_path_text(Properties, 'ResourceGroupArn') as resource_group_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Inspector::AssessmentTarget' + AND data__Identifier = '' + AND region = 'us-east-1' + assessment_templates: + name: assessment_templates + id: awscc.inspector.assessment_templates + x-cfn-schema-name: AssessmentTemplate + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Inspector::AssessmentTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Inspector::AssessmentTemplate' + AND region = 'us-east-1' + assessment_template: + name: assessment_template + id: awscc.inspector.assessment_template + x-cfn-schema-name: AssessmentTemplate + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AssessmentTargetArn') as assessment_target_arn, + JSON_EXTRACT(Properties, '$.DurationInSeconds') as duration_in_seconds, + JSON_EXTRACT(Properties, '$.AssessmentTemplateName') as assessment_template_name, + JSON_EXTRACT(Properties, '$.RulesPackageArns') as rules_package_arns, + JSON_EXTRACT(Properties, '$.UserAttributesForFindings') as user_attributes_for_findings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Inspector::AssessmentTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AssessmentTargetArn') as assessment_target_arn, + json_extract_path_text(Properties, 'DurationInSeconds') as duration_in_seconds, + json_extract_path_text(Properties, 'AssessmentTemplateName') as assessment_template_name, + json_extract_path_text(Properties, 'RulesPackageArns') as rules_package_arns, + json_extract_path_text(Properties, 'UserAttributesForFindings') as user_attributes_for_findings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Inspector::AssessmentTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_groups: + name: resource_groups + id: awscc.inspector.resource_groups + x-cfn-schema-name: ResourceGroup + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Inspector::ResourceGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Inspector::ResourceGroup' + AND region = 'us-east-1' + resource_group: + name: resource_group + id: awscc.inspector.resource_group + x-cfn-schema-name: ResourceGroup + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ResourceGroupTags') as resource_group_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Inspector::ResourceGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ResourceGroupTags') as resource_group_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Inspector::ResourceGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/inspectorv2.yaml b/providers/src/awscc/v00.00.00000/services/inspectorv2.yaml new file mode 100644 index 00000000..6338f4b5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/inspectorv2.yaml @@ -0,0 +1,538 @@ +openapi: 3.0.0 +info: + title: InspectorV2 + version: 1.0.0 +paths: {} +components: + schemas: + CisSecurityLevel: + type: string + enum: + - LEVEL_1 + - LEVEL_2 + Schedule: + description: Choose a Schedule cadence + properties: + OneTime: + $ref: '#/components/schemas/OneTimeSchedule' + Daily: + $ref: '#/components/schemas/DailySchedule' + Weekly: + $ref: '#/components/schemas/WeeklySchedule' + Monthly: + $ref: '#/components/schemas/MonthlySchedule' + OneTimeSchedule: + type: object + DailySchedule: + type: object + properties: + StartTime: + $ref: '#/components/schemas/Time' + required: + - StartTime + additionalProperties: false + WeeklySchedule: + type: object + properties: + StartTime: + $ref: '#/components/schemas/Time' + Days: + $ref: '#/components/schemas/DaysList' + required: + - StartTime + - Days + additionalProperties: false + MonthlySchedule: + type: object + properties: + StartTime: + $ref: '#/components/schemas/Time' + Day: + $ref: '#/components/schemas/Day' + required: + - StartTime + - Day + additionalProperties: false + Time: + type: object + properties: + TimeOfDay: + type: string + pattern: ^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$ + TimeZone: + type: string + required: + - TimeOfDay + - TimeZone + additionalProperties: false + DaysList: + type: array + minItems: 1 + maxItems: 7 + items: + $ref: '#/components/schemas/Day' + uniqueItems: true + Day: + type: string + enum: + - MON + - TUE + - WED + - THU + - FRI + - SAT + - SUN + CisTargets: + properties: + AccountIds: + type: array + minItems: 1 + maxItems: 10000 + items: + type: string + pattern: ^\d{12}|ALL_MEMBERS|SELF$ + uniqueItems: true + TargetResourceTags: + $ref: '#/components/schemas/TargetResourceTags' + additionalProperties: false + required: + - AccountIds + TargetResourceTags: + x-patternProperties: + ^.+$: + $ref: '#/components/schemas/TagValueList' + maxProperties: 5 + additionalProperties: false + TagValueList: + type: array + minItems: 1 + maxItems: 5 + items: + type: string + uniqueItems: true + CisTagMap: + type: object + x-patternProperties: + ^.{2,127}$: + type: string + pattern: ^.{1,255}$ + additionalProperties: false + CisScanConfiguration: + type: object + properties: + ScanName: + description: Name of the scan + type: string + minLength: 1 + SecurityLevel: + $ref: '#/components/schemas/CisSecurityLevel' + Schedule: + $ref: '#/components/schemas/Schedule' + Targets: + $ref: '#/components/schemas/CisTargets' + Arn: + type: string + description: CIS Scan configuration unique identifier + Tags: + $ref: '#/components/schemas/CisTagMap' + x-stackql-resource-name: cis_scan_configuration + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - inspector2:CreateCisScanConfiguration + - inspector2:ListCisScanConfigurations + - inspector2:TagResource + read: + - inspector2:ListCisScanConfigurations + - inspector2:ListTagsForResource + update: + - inspector2:ListCisScanConfigurations + - inspector2:UpdateCisScanConfiguration + - inspector2:TagResource + - inspector2:UntagResource + - inspector2:ListTagsForResource + delete: + - inspector2:ListCisScanConfigurations + - inspector2:DeleteCisScanConfiguration + - inspector2:UntagResource + list: + - inspector2:ListCisScanConfigurations + - inspector2:ListTagsForResource + StringComparison: + type: string + enum: + - EQUALS + - PREFIX + - NOT_EQUALS + StringInput: + type: string + maxLength: 1024 + minLength: 1 + StringFilter: + type: object + required: + - Comparison + - Value + properties: + Comparison: + $ref: '#/components/schemas/StringComparison' + Value: + $ref: '#/components/schemas/StringInput' + additionalProperties: false + StringFilterList: + type: array + items: + $ref: '#/components/schemas/StringFilter' + x-insertionOrder: false + maxItems: 10 + minItems: 1 + Timestamp: + type: integer + format: int64 + DateFilter: + type: object + properties: + EndInclusive: + $ref: '#/components/schemas/Timestamp' + StartInclusive: + $ref: '#/components/schemas/Timestamp' + additionalProperties: false + DateFilterList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/DateFilter' + maxItems: 10 + minItems: 1 + Port: + type: integer + maximum: 65535 + minimum: 0 + PortRangeFilter: + type: object + properties: + BeginInclusive: + $ref: '#/components/schemas/Port' + EndInclusive: + $ref: '#/components/schemas/Port' + additionalProperties: false + PortRangeFilterList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/PortRangeFilter' + maxItems: 10 + minItems: 1 + NumberFilter: + type: object + properties: + LowerInclusive: + type: number + UpperInclusive: + type: number + additionalProperties: false + NumberFilterList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/NumberFilter' + maxItems: 10 + minItems: 1 + MapComparison: + type: string + enum: + - EQUALS + MapFilter: + type: object + required: + - Comparison + properties: + Comparison: + $ref: '#/components/schemas/MapComparison' + Key: + $ref: '#/components/schemas/MapKey' + Value: + $ref: '#/components/schemas/MapValue' + additionalProperties: false + MapFilterList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/MapFilter' + maxItems: 10 + minItems: 1 + PackageFilter: + type: object + additionalProperties: false + properties: + Architecture: + $ref: '#/components/schemas/StringFilter' + Epoch: + $ref: '#/components/schemas/NumberFilter' + Name: + $ref: '#/components/schemas/StringFilter' + Release: + $ref: '#/components/schemas/StringFilter' + SourceLayerHash: + $ref: '#/components/schemas/StringFilter' + Version: + $ref: '#/components/schemas/StringFilter' + PackageFilterList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/PackageFilter' + maxItems: 10 + minItems: 1 + FilterCriteria: + type: object + additionalProperties: false + properties: + AwsAccountId: + $ref: '#/components/schemas/StringFilterList' + ComponentId: + $ref: '#/components/schemas/StringFilterList' + ComponentType: + $ref: '#/components/schemas/StringFilterList' + Ec2InstanceImageId: + $ref: '#/components/schemas/StringFilterList' + Ec2InstanceSubnetId: + $ref: '#/components/schemas/StringFilterList' + Ec2InstanceVpcId: + $ref: '#/components/schemas/StringFilterList' + EcrImageArchitecture: + $ref: '#/components/schemas/StringFilterList' + EcrImageHash: + $ref: '#/components/schemas/StringFilterList' + EcrImageTags: + $ref: '#/components/schemas/StringFilterList' + EcrImagePushedAt: + $ref: '#/components/schemas/DateFilterList' + EcrImageRegistry: + $ref: '#/components/schemas/StringFilterList' + EcrImageRepositoryName: + $ref: '#/components/schemas/StringFilterList' + FindingArn: + $ref: '#/components/schemas/StringFilterList' + FindingStatus: + $ref: '#/components/schemas/StringFilterList' + FindingType: + $ref: '#/components/schemas/StringFilterList' + FirstObservedAt: + $ref: '#/components/schemas/DateFilterList' + InspectorScore: + $ref: '#/components/schemas/NumberFilterList' + LastObservedAt: + $ref: '#/components/schemas/DateFilterList' + NetworkProtocol: + $ref: '#/components/schemas/StringFilterList' + PortRange: + $ref: '#/components/schemas/PortRangeFilterList' + RelatedVulnerabilities: + $ref: '#/components/schemas/StringFilterList' + ResourceId: + $ref: '#/components/schemas/StringFilterList' + ResourceTags: + $ref: '#/components/schemas/MapFilterList' + ResourceType: + $ref: '#/components/schemas/StringFilterList' + Severity: + $ref: '#/components/schemas/StringFilterList' + Title: + $ref: '#/components/schemas/StringFilterList' + UpdatedAt: + $ref: '#/components/schemas/DateFilterList' + VendorSeverity: + $ref: '#/components/schemas/StringFilterList' + VulnerabilityId: + $ref: '#/components/schemas/StringFilterList' + VulnerabilitySource: + $ref: '#/components/schemas/StringFilterList' + VulnerablePackages: + $ref: '#/components/schemas/PackageFilterList' + FilterAction: + type: string + enum: + - NONE + - SUPPRESS + MapKey: + type: string + maxLength: 128 + minLength: 1 + MapValue: + type: string + maxLength: 256 + minLength: 0 + Filter: + type: object + properties: + Name: + description: Findings filter name. + type: string + maxLength: 128 + minLength: 1 + Description: + description: Findings filter description. + type: string + maxLength: 512 + minLength: 1 + FilterCriteria: + description: Findings filter criteria. + $ref: '#/components/schemas/FilterCriteria' + FilterAction: + description: Findings filter action. + $ref: '#/components/schemas/FilterAction' + Arn: + description: Findings filter ARN. + type: string + maxLength: 128 + minLength: 1 + required: + - Name + - FilterCriteria + - FilterAction + x-stackql-resource-name: filter + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - inspector2:CreateFilter + - inspector2:ListFilters + read: + - inspector2:ListFilters + update: + - inspector2:ListFilters + - inspector2:UpdateFilter + delete: + - inspector2:DeleteFilter + - inspector2:ListFilters + list: + - inspector2:ListFilters + x-stackQL-resources: + cis_scan_configurations: + name: cis_scan_configurations + id: awscc.inspectorv2.cis_scan_configurations + x-cfn-schema-name: CisScanConfiguration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::InspectorV2::CisScanConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::InspectorV2::CisScanConfiguration' + AND region = 'us-east-1' + cis_scan_configuration: + name: cis_scan_configuration + id: awscc.inspectorv2.cis_scan_configuration + x-cfn-schema-name: CisScanConfiguration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScanName') as scan_name, + JSON_EXTRACT(Properties, '$.SecurityLevel') as security_level, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.Targets') as targets, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::InspectorV2::CisScanConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScanName') as scan_name, + json_extract_path_text(Properties, 'SecurityLevel') as security_level, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'Targets') as targets, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::InspectorV2::CisScanConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + filters: + name: filters + id: awscc.inspectorv2.filters + x-cfn-schema-name: Filter + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::InspectorV2::Filter' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::InspectorV2::Filter' + AND region = 'us-east-1' + filter: + name: filter + id: awscc.inspectorv2.filter + x-cfn-schema-name: Filter + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.FilterCriteria') as filter_criteria, + JSON_EXTRACT(Properties, '$.FilterAction') as filter_action, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::InspectorV2::Filter' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'FilterCriteria') as filter_criteria, + json_extract_path_text(Properties, 'FilterAction') as filter_action, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::InspectorV2::Filter' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/internetmonitor.yaml b/providers/src/awscc/v00.00.00000/services/internetmonitor.yaml new file mode 100644 index 00000000..82deafa2 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/internetmonitor.yaml @@ -0,0 +1,285 @@ +openapi: 3.0.0 +info: + title: InternetMonitor + version: 1.0.0 +paths: {} +components: + schemas: + MonitorConfigState: + type: string + enum: + - PENDING + - ACTIVE + - INACTIVE + - ERROR + MonitorProcessingStatusCode: + type: string + enum: + - OK + - INACTIVE + - COLLECTING_DATA + - INSUFFICIENT_DATA + - FAULT_SERVICE + - FAULT_ACCESS_CLOUDWATCH + Tag: + description: The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. + type: object + properties: + Key: + type: string + Value: + type: string + additionalProperties: false + iso8601UTC: + description: The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ) + type: string + pattern: ^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$ + InternetMeasurementsLogDelivery: + type: object + properties: + S3Config: + $ref: '#/components/schemas/S3Config' + additionalProperties: false + S3Config: + type: object + properties: + BucketName: + type: string + minLength: 3 + BucketPrefix: + type: string + LogDeliveryStatus: + type: string + enum: + - ENABLED + - DISABLED + additionalProperties: false + HealthEventsConfig: + type: object + properties: + AvailabilityScoreThreshold: + type: number + minimum: 0 + maximum: 100 + PerformanceScoreThreshold: + type: number + minimum: 0 + maximum: 100 + AvailabilityLocalHealthEventsConfig: + $ref: '#/components/schemas/LocalHealthEventsConfig' + PerformanceLocalHealthEventsConfig: + $ref: '#/components/schemas/LocalHealthEventsConfig' + additionalProperties: false + LocalHealthEventsConfig: + type: object + properties: + Status: + type: string + enum: + - ENABLED + - DISABLED + HealthScoreThreshold: + type: number + minimum: 0 + maximum: 100 + MinTrafficImpact: + type: number + minimum: 0 + maximum: 100 + additionalProperties: false + Monitor: + type: object + properties: + CreatedAt: + $ref: '#/components/schemas/iso8601UTC' + ModifiedAt: + $ref: '#/components/schemas/iso8601UTC' + MonitorArn: + type: string + maxLength: 512 + minLength: 20 + pattern: ^arn:.* + MonitorName: + type: string + maxLength: 255 + minLength: 1 + pattern: ^[a-zA-Z0-9_.-]+$ + ProcessingStatus: + $ref: '#/components/schemas/MonitorProcessingStatusCode' + ProcessingStatusInfo: + type: string + Resources: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:.* + ResourcesToAdd: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 2048 + minLength: 20 + ResourcesToRemove: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 2048 + minLength: 20 + Status: + $ref: '#/components/schemas/MonitorConfigState' + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + MaxCityNetworksToMonitor: + type: integer + minimum: 1 + maximum: 500000 + TrafficPercentageToMonitor: + type: integer + minimum: 1 + maximum: 100 + InternetMeasurementsLogDelivery: + $ref: '#/components/schemas/InternetMeasurementsLogDelivery' + HealthEventsConfig: + $ref: '#/components/schemas/HealthEventsConfig' + required: + - MonitorName + x-stackql-resource-name: monitor + x-stackql-primaryIdentifier: + - MonitorName + x-create-only-properties: + - MonitorName + x-read-only-properties: + - CreatedAt + - ModifiedAt + - MonitorArn + - ProcessingStatus + - ProcessingStatusInfo + x-required-permissions: + create: + - internetmonitor:CreateMonitor + - internetmonitor:GetMonitor + - internetmonitor:TagResource + - internetmonitor:UntagResource + - logs:CreateLogDelivery + - logs:GetLogDelivery + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - s3:ListBucket + - iam:PassRole + read: + - internetmonitor:GetMonitor + - internetmonitor:ListTagsForResource + - logs:GetLogDelivery + update: + - internetmonitor:CreateMonitor + - internetmonitor:GetMonitor + - internetmonitor:UpdateMonitor + - internetmonitor:TagResource + - internetmonitor:UntagResource + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - s3:ListBucket + - iam:PassRole + delete: + - internetmonitor:UpdateMonitor + - internetmonitor:DeleteMonitor + - internetmonitor:GetMonitor + - logs:DeleteLogDelivery + list: + - internetmonitor:ListMonitors + - internetmonitor:GetMonitor + - logs:GetLogDelivery + x-stackQL-resources: + monitors: + name: monitors + id: awscc.internetmonitor.monitors + x-cfn-schema-name: Monitor + x-type: list + x-identifiers: + - MonitorName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MonitorName') as monitor_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::InternetMonitor::Monitor' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MonitorName') as monitor_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::InternetMonitor::Monitor' + AND region = 'us-east-1' + monitor: + name: monitor + id: awscc.internetmonitor.monitor + x-cfn-schema-name: Monitor + x-type: get + x-identifiers: + - MonitorName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.MonitorArn') as monitor_arn, + JSON_EXTRACT(Properties, '$.MonitorName') as monitor_name, + JSON_EXTRACT(Properties, '$.ProcessingStatus') as processing_status, + JSON_EXTRACT(Properties, '$.ProcessingStatusInfo') as processing_status_info, + JSON_EXTRACT(Properties, '$.Resources') as resources, + JSON_EXTRACT(Properties, '$.ResourcesToAdd') as resources_to_add, + JSON_EXTRACT(Properties, '$.ResourcesToRemove') as resources_to_remove, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.MaxCityNetworksToMonitor') as max_city_networks_to_monitor, + JSON_EXTRACT(Properties, '$.TrafficPercentageToMonitor') as traffic_percentage_to_monitor, + JSON_EXTRACT(Properties, '$.InternetMeasurementsLogDelivery') as internet_measurements_log_delivery, + JSON_EXTRACT(Properties, '$.HealthEventsConfig') as health_events_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::InternetMonitor::Monitor' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'MonitorArn') as monitor_arn, + json_extract_path_text(Properties, 'MonitorName') as monitor_name, + json_extract_path_text(Properties, 'ProcessingStatus') as processing_status, + json_extract_path_text(Properties, 'ProcessingStatusInfo') as processing_status_info, + json_extract_path_text(Properties, 'Resources') as resources, + json_extract_path_text(Properties, 'ResourcesToAdd') as resources_to_add, + json_extract_path_text(Properties, 'ResourcesToRemove') as resources_to_remove, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'MaxCityNetworksToMonitor') as max_city_networks_to_monitor, + json_extract_path_text(Properties, 'TrafficPercentageToMonitor') as traffic_percentage_to_monitor, + json_extract_path_text(Properties, 'InternetMeasurementsLogDelivery') as internet_measurements_log_delivery, + json_extract_path_text(Properties, 'HealthEventsConfig') as health_events_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::InternetMonitor::Monitor' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iot.yaml b/providers/src/awscc/v00.00.00000/services/iot.yaml new file mode 100644 index 00000000..ad301c6c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iot.yaml @@ -0,0 +1,4681 @@ +openapi: 3.0.0 +info: + title: IoT + version: 1.0.0 +paths: {} +components: + schemas: + AuditCheckConfigurations: + description: Specifies which audit checks are enabled and disabled for this account. + type: object + properties: + AuthenticatedCognitoRoleOverlyPermissiveCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + CaCertificateExpiringCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + CaCertificateKeyQualityCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + ConflictingClientIdsCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + DeviceCertificateExpiringCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + DeviceCertificateKeyQualityCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + DeviceCertificateSharedCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + IotPolicyOverlyPermissiveCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + IotRoleAliasAllowsAccessToUnusedServicesCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + IotRoleAliasOverlyPermissiveCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + LoggingDisabledCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + RevokedCaCertificateStillActiveCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + RevokedDeviceCertificateStillActiveCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + UnauthenticatedCognitoRoleOverlyPermissiveCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + IntermediateCaRevokedForActiveDeviceCertificatesCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + IoTPolicyPotentialMisConfigurationCheck: + $ref: '#/components/schemas/AuditCheckConfiguration' + additionalProperties: false + AuditNotificationTargetConfigurations: + description: Information about the targets to which audit notifications are sent. + type: object + properties: + Sns: + $ref: '#/components/schemas/AuditNotificationTarget' + additionalProperties: false + AuditCheckConfiguration: + description: The configuration for a specific audit check. + type: object + properties: + Enabled: + description: True if the check is enabled. + type: boolean + additionalProperties: false + AuditNotificationTarget: + type: object + properties: + TargetArn: + description: The ARN of the target (SNS topic) to which audit notifications are sent. + type: string + maxLength: 2048 + RoleArn: + description: The ARN of the role that grants permission to send notifications to the target. + type: string + minLength: 20 + maxLength: 2048 + Enabled: + description: True if notifications to the target are enabled. + type: boolean + additionalProperties: false + AccountAuditConfiguration: + type: object + properties: + AccountId: + description: Your 12-digit account ID (used as the primary identifier for the CloudFormation resource). + type: string + minLength: 12 + maxLength: 12 + AuditCheckConfigurations: + $ref: '#/components/schemas/AuditCheckConfigurations' + AuditNotificationTargetConfigurations: + $ref: '#/components/schemas/AuditNotificationTargetConfigurations' + RoleArn: + description: The ARN of the role that grants permission to AWS IoT to access information about your devices, policies, certificates and other items as required when performing an audit. + type: string + minLength: 20 + maxLength: 2048 + required: + - AccountId + - AuditCheckConfigurations + - RoleArn + x-stackql-resource-name: account_audit_configuration + x-stackql-primaryIdentifier: + - AccountId + x-create-only-properties: + - AccountId + x-required-permissions: + create: + - iot:UpdateAccountAuditConfiguration + - iot:DescribeAccountAuditConfiguration + - iam:PassRole + read: + - iot:DescribeAccountAuditConfiguration + update: + - iot:UpdateAccountAuditConfiguration + - iot:DescribeAccountAuditConfiguration + - iam:PassRole + delete: + - iot:DescribeAccountAuditConfiguration + - iot:DeleteAccountAuditConfiguration + list: + - iot:DescribeAccountAuditConfiguration + Tag: + type: object + properties: + Key: + type: string + Value: + type: string + additionalProperties: false + required: + - Key + - Value + Authorizer: + type: object + properties: + AuthorizerFunctionArn: + type: string + Arn: + type: string + AuthorizerName: + type: string + pattern: '[\w=,@-]+' + minLength: 1 + maxLength: 128 + SigningDisabled: + type: boolean + Status: + type: string + enum: + - ACTIVE + - INACTIVE + TokenKeyName: + type: string + TokenSigningPublicKeys: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9:_-]+': + type: string + maxLength: 5120 + EnableCachingForHttp: + type: boolean + Tags: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Tag' + required: + - AuthorizerFunctionArn + x-stackql-resource-name: authorizer + x-stackql-primaryIdentifier: + - AuthorizerName + x-create-only-properties: + - SigningDisabled + - AuthorizerName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iot:CreateAuthorizer + - iot:DescribeAuthorizer + - iot:TagResource + - iot:ListTagsForResource + read: + - iot:DescribeAuthorizer + - iot:ListTagsForResource + update: + - iot:UpdateAuthorizer + - iot:DescribeAuthorizer + - iot:TagResource + - iot:UntagResource + - iot:ListTagsForResource + delete: + - iot:UpdateAuthorizer + - iot:DeleteAuthorizer + - iot:DescribeAuthorizer + list: + - iot:ListAuthorizers + BillingGroup: + type: object + properties: + Id: + type: string + Arn: + type: string + BillingGroupName: + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + BillingGroupProperties: + type: object + additionalProperties: false + properties: + BillingGroupDescription: + type: string + maxLength: 2028 + pattern: '[\p{Graph}\x20]*' + x-stackql-resource-name: billing_group + x-stackql-primaryIdentifier: + - BillingGroupName + x-create-only-properties: + - BillingGroupName + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - iot:DescribeBillingGroup + - iot:ListTagsForResource + - iot:CreateBillingGroup + - iot:TagResource + delete: + - iot:DescribeBillingGroup + - iot:DeleteBillingGroup + list: + - iot:ListBillingGroups + - iot:ListTagsForResource + read: + - iot:DescribeBillingGroup + - iot:ListTagsForResource + update: + - iot:DescribeBillingGroup + - iot:UpdateBillingGroup + - iot:ListTagsForResource + - iot:TagResource + - iot:UntagResource + RegistrationConfig: + type: object + additionalProperties: false + properties: + TemplateBody: + type: string + pattern: '[\s\S]*' + minLength: 0 + maxLength: 10240 + RoleArn: + type: string + pattern: arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+ + minLength: 20 + maxLength: 2048 + TemplateName: + type: string + pattern: ^[0-9A-Za-z_-]+$ + minLength: 1 + maxLength: 36 + CACertificate: + type: object + properties: + CACertificatePem: + type: string + pattern: '[\s\S]*' + minLength: 1 + maxLength: 65536 + VerificationCertificatePem: + type: string + description: The private key verification certificate. + pattern: '[\s\S]*' + minLength: 1 + maxLength: 65536 + Status: + type: string + enum: + - ACTIVE + - INACTIVE + CertificateMode: + type: string + enum: + - DEFAULT + - SNI_ONLY + AutoRegistrationStatus: + type: string + enum: + - ENABLE + - DISABLE + RemoveAutoRegistration: + type: boolean + RegistrationConfig: + $ref: '#/components/schemas/RegistrationConfig' + Id: + type: string + Arn: + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - CACertificatePem + - Status + x-stackql-resource-name: ca_certificate + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - VerificationCertificatePem + - CertificateMode + - CACertificatePem + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - iam:GetRole + - iam:PassRole + - iot:RegisterCACertificate + - iot:DescribeCACertificate + - iot:TagResource + - iot:ListTagsForResource + read: + - iot:DescribeCACertificate + - iot:ListTagsForResource + update: + - iam:GetRole + - iam:PassRole + - iot:UpdateCACertificate + - iot:DescribeCACertificate + - iot:TagResource + - iot:UntagResource + - iot:ListTagsForResource + delete: + - iot:UpdateCACertificate + - iot:DeleteCACertificate + - iot:DescribeCACertificate + list: + - iot:ListCACertificates + Certificate: + type: object + properties: + CACertificatePem: + type: string + minLength: 1 + maxLength: 65536 + CertificatePem: + type: string + minLength: 1 + maxLength: 65536 + CertificateSigningRequest: + type: string + CertificateMode: + type: string + enum: + - DEFAULT + - SNI_ONLY + Status: + type: string + enum: + - ACTIVE + - INACTIVE + - REVOKED + - PENDING_TRANSFER + - PENDING_ACTIVATION + Id: + type: string + Arn: + type: string + required: + - Status + x-stackql-resource-name: certificate + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - CertificateSigningRequest + - CACertificatePem + - CertificatePem + - CertificateMode + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - iot:CreateCertificateFromCsr + - iot:RegisterCertificate + - iot:RegisterCertificateWithoutCA + - iot:DescribeCertificate + read: + - iot:DescribeCertificate + update: + - iot:UpdateCertificate + - iot:DescribeCertificate + delete: + - iot:DeleteCertificate + - iot:UpdateCertificate + - iot:DescribeCertificate + list: + - iot:ListCertificates + CertificateProviderOperation: + type: string + enum: + - CreateCertificateFromCsr + CertificateProvider: + type: object + properties: + CertificateProviderName: + type: string + pattern: '[\w=,@-]+' + minLength: 1 + maxLength: 128 + LambdaFunctionArn: + type: string + minLength: 1 + maxLength: 170 + AccountDefaultForOperations: + type: array + minItems: 1 + maxItems: 1 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/CertificateProviderOperation' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + x-insertionOrder: true + items: + $ref: '#/components/schemas/Tag' + Arn: + type: string + required: + - LambdaFunctionArn + - AccountDefaultForOperations + x-stackql-resource-name: certificate_provider + x-stackql-primaryIdentifier: + - CertificateProviderName + x-create-only-properties: + - CertificateProviderName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iot:CreateCertificateProvider + - iot:DescribeCertificateProvider + - iot:TagResource + - iot:ListTagsForResource + read: + - iot:DescribeCertificateProvider + - iot:ListTagsForResource + update: + - iot:UpdateCertificateProvider + - iot:DescribeCertificateProvider + - iot:TagResource + - iot:UntagResource + - iot:ListTagsForResource + delete: + - iot:DeleteCertificateProvider + - iot:DescribeCertificateProvider + list: + - iot:ListCertificateProviders + CustomMetric: + type: object + properties: + MetricName: + description: 'The name of the custom metric. This will be used in the metric report submitted from the device/thing. Shouldn''t begin with aws: . Cannot be updated once defined.' + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + DisplayName: + description: Field represents a friendly name in the console for the custom metric; it doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. Can be updated once defined. + type: string + maxLength: 128 + MetricType: + description: The type of the custom metric. Types include string-list, ip-address-list, number-list, and number. + type: string + enum: + - string-list + - ip-address-list + - number-list + - number + MetricArn: + description: The Amazon Resource Number (ARN) of the custom metric. + type: string + minLength: 20 + maxLength: 2048 + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - MetricType + x-stackql-resource-name: custom_metric + x-stackql-primaryIdentifier: + - MetricName + x-create-only-properties: + - MetricName + - MetricType + x-read-only-properties: + - MetricArn + x-required-permissions: + create: + - iot:CreateCustomMetric + - iot:TagResource + read: + - iot:DescribeCustomMetric + - iot:ListTagsForResource + update: + - iot:UpdateCustomMetric + - iot:ListTagsForResource + - iot:UntagResource + - iot:TagResource + delete: + - iot:DescribeCustomMetric + - iot:DeleteCustomMetric + list: + - iot:ListCustomMetrics + Dimension: + type: object + properties: + Name: + description: A unique identifier for the dimension. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + Type: + description: Specifies the type of the dimension. + type: string + enum: + - TOPIC_FILTER + StringValues: + description: Specifies the value or list of values for the dimension. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + minLength: 1 + maxLength: 256 + minItems: 1 + maxItems: 5 + Tags: + description: Metadata that can be used to manage the dimension. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + description: The ARN (Amazon resource name) of the created dimension. + type: string + required: + - Type + - StringValues + x-stackql-resource-name: dimension + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Type + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iot:CreateDimension + - iot:TagResource + read: + - iot:DescribeDimension + - iot:ListTagsForResource + update: + - iot:UpdateDimension + - iot:ListTagsForResource + - iot:UntagResource + - iot:TagResource + delete: + - iot:DescribeDimension + - iot:DeleteDimension + list: + - iot:ListDimensions + AuthorizerConfig: + type: object + properties: + AllowAuthorizerOverride: + type: boolean + DefaultAuthorizerName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[\w=,@-]+$ + additionalProperties: false + ServerCertificateConfig: + type: object + properties: + EnableOCSPCheck: + type: boolean + additionalProperties: false + ServerCertificateSummary: + type: object + properties: + ServerCertificateArn: + type: string + pattern: ^arn:aws(-cn|-us-gov|-iso-b|-iso)?:acm:[a-z]{2}-(gov-|iso-|isob-)?[a-z]{4,9}-\d{1}:\d{12}:certificate/[a-zA-Z0-9/-]+$ + minLength: 1 + maxLength: 2048 + ServerCertificateStatus: + type: string + enum: + - INVALID + - VALID + ServerCertificateStatusDetail: + type: string + additionalProperties: false + TlsConfig: + type: object + properties: + SecurityPolicy: + type: string + maxLength: 128 + additionalProperties: false + DomainConfiguration: + type: object + properties: + DomainConfigurationName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[\w.-]+$ + AuthorizerConfig: + $ref: '#/components/schemas/AuthorizerConfig' + DomainName: + type: string + minLength: 1 + maxLength: 253 + ServerCertificateArns: + type: array + minItems: 0 + maxItems: 1 + x-insertionOrder: true + items: + type: string + pattern: ^arn:aws(-cn|-us-gov|-iso-b|-iso)?:acm:[a-z]{2}-(gov-|iso-|isob-)?[a-z]{4,9}-\d{1}:\d{12}:certificate/[a-zA-Z0-9/-]+$ + minLength: 1 + maxLength: 2048 + ServiceType: + type: string + enum: + - DATA + - CREDENTIAL_PROVIDER + - JOBS + ValidationCertificateArn: + type: string + pattern: ^arn:aws(-cn|-us-gov|-iso-b|-iso)?:acm:[a-z]{2}-(gov-|iso-|isob-)?[a-z]{4,9}-\d{1}:\d{12}:certificate/[a-zA-Z0-9/-]+$ + Arn: + type: string + DomainConfigurationStatus: + type: string + enum: + - ENABLED + - DISABLED + DomainType: + type: string + enum: + - ENDPOINT + - AWS_MANAGED + - CUSTOMER_MANAGED + ServerCertificateConfig: + $ref: '#/components/schemas/ServerCertificateConfig' + ServerCertificates: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/ServerCertificateSummary' + TlsConfig: + $ref: '#/components/schemas/TlsConfig' + Tags: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Tag' + required: [] + x-stackql-resource-name: domain_configuration + x-stackql-primaryIdentifier: + - DomainConfigurationName + x-create-only-properties: + - DomainConfigurationName + - DomainName + - ServiceType + - ValidationCertificateArn + - ServerCertificateArns + x-read-only-properties: + - Arn + - DomainType + - ServerCertificates + x-required-permissions: + create: + - iot:CreateDomainConfiguration + - iot:UpdateDomainConfiguration + - iot:DescribeDomainConfiguration + - iot:TagResource + - iot:ListTagsForResource + - acm:GetCertificate + read: + - iot:DescribeDomainConfiguration + - iot:ListTagsForResource + update: + - iot:UpdateDomainConfiguration + - iot:DescribeDomainConfiguration + - iot:ListTagsForResource + - iot:TagResource + - iot:UntagResource + delete: + - iot:DescribeDomainConfiguration + - iot:DeleteDomainConfiguration + - iot:UpdateDomainConfiguration + list: + - iot:ListDomainConfigurations + AggregationType: + description: Aggregation types supported by Fleet Indexing + type: object + properties: + Name: + description: Fleet Indexing aggregation type names such as Statistics, Percentiles and Cardinality + type: string + Values: + description: Fleet Indexing aggregation type values + type: array + x-insertionOrder: false + items: + type: string + required: + - Name + - Values + additionalProperties: false + iso8601UTC: + description: The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ) + type: string + pattern: ^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$ + FleetMetric: + type: object + properties: + MetricName: + description: The name of the fleet metric + type: string + Description: + description: The description of a fleet metric + type: string + QueryString: + description: The Fleet Indexing query used by a fleet metric + type: string + Period: + description: The period of metric emission in seconds + type: integer + AggregationField: + description: The aggregation field to perform aggregation and metric emission + type: string + QueryVersion: + description: The version of a Fleet Indexing query used by a fleet metric + type: string + IndexName: + description: The index name of a fleet metric + type: string + Unit: + description: The unit of data points emitted by a fleet metric + type: string + AggregationType: + $ref: '#/components/schemas/AggregationType' + MetricArn: + description: The Amazon Resource Number (ARN) of a fleet metric metric + type: string + CreationDate: + description: The creation date of a fleet metric + $ref: '#/components/schemas/iso8601UTC' + LastModifiedDate: + description: The last modified date of a fleet metric + $ref: '#/components/schemas/iso8601UTC' + Version: + description: The version of a fleet metric + type: number + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource + items: + $ref: '#/components/schemas/Tag' + required: + - MetricName + x-stackql-resource-name: fleet_metric + x-stackql-primaryIdentifier: + - MetricName + x-create-only-properties: + - MetricName + x-read-only-properties: + - MetricArn + - CreationDate + - LastModifiedDate + - Version + x-required-permissions: + create: + - iot:CreateFleetMetric + - iot:DescribeFleetMetric + - iot:TagResource + read: + - iot:DescribeFleetMetric + - iot:ListTagsForResource + update: + - iot:UpdateFleetMetric + - iot:DescribeFleetMetric + - iot:ListTagsForResource + - iot:UntagResource + - iot:TagResource + delete: + - iot:DeleteFleetMetric + - iot:DescribeFleetMetric + list: + - iot:ListFleetMetrics + ExponentialRolloutRate: + description: Allows you to create an exponential rate of rollout for a job. + type: object + properties: + BaseRatePerMinute: + description: The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout. + $ref: '#/components/schemas/BaseRatePerMinute' + IncrementFactor: + description: The exponential factor to increase the rate of rollout for a job. + $ref: '#/components/schemas/IncrementFactor' + RateIncreaseCriteria: + description: The criteria to initiate the increase in rate of rollout for a job. + type: object + $ref: '#/components/schemas/RateIncreaseCriteria' + additionalProperties: false + required: + - BaseRatePerMinute + - IncrementFactor + - RateIncreaseCriteria + BaseRatePerMinute: + type: integer + minimum: 1 + IncrementFactor: + type: number + minimum: 1 + maximum: 5 + RateIncreaseCriteria: + type: object + properties: + NumberOfNotifiedThings: + $ref: '#/components/schemas/NumberOfNotifiedThings' + NumberOfSucceededThings: + $ref: '#/components/schemas/NumberOfSucceededThings' + additionalProperties: false + NumberOfNotifiedThings: + type: integer + minimum: 1 + NumberOfSucceededThings: + type: integer + minimum: 1 + MaximumPerMinute: + type: integer + minimum: 1 + AbortCriteria: + description: The criteria that determine when and how a job abort takes place. + type: object + properties: + Action: + description: The type of job action to take to initiate the job abort. + $ref: '#/components/schemas/Action' + FailureType: + description: The type of job execution failures that can initiate a job abort. + $ref: '#/components/schemas/FailureType' + MinNumberOfExecutedThings: + description: The minimum number of things which must receive job execution notifications before the job can be aborted. + $ref: '#/components/schemas/MinNumberOfExecutedThings' + ThresholdPercentage: + description: The minimum percentage of job execution failures that must occur to initiate the job abort. + $ref: '#/components/schemas/ThresholdPercentage' + additionalProperties: false + required: + - Action + - FailureType + - MinNumberOfExecutedThings + - ThresholdPercentage + Action: + type: object + additionalProperties: false + properties: + CloudwatchAlarm: + $ref: '#/components/schemas/CloudwatchAlarmAction' + CloudwatchLogs: + $ref: '#/components/schemas/CloudwatchLogsAction' + CloudwatchMetric: + $ref: '#/components/schemas/CloudwatchMetricAction' + DynamoDB: + $ref: '#/components/schemas/DynamoDBAction' + DynamoDBv2: + $ref: '#/components/schemas/DynamoDBv2Action' + Elasticsearch: + $ref: '#/components/schemas/ElasticsearchAction' + Firehose: + $ref: '#/components/schemas/FirehoseAction' + Http: + $ref: '#/components/schemas/HttpAction' + IotAnalytics: + $ref: '#/components/schemas/IotAnalyticsAction' + IotEvents: + $ref: '#/components/schemas/IotEventsAction' + IotSiteWise: + $ref: '#/components/schemas/IotSiteWiseAction' + Kafka: + $ref: '#/components/schemas/KafkaAction' + Kinesis: + $ref: '#/components/schemas/KinesisAction' + Lambda: + $ref: '#/components/schemas/LambdaAction' + Location: + $ref: '#/components/schemas/LocationAction' + OpenSearch: + $ref: '#/components/schemas/OpenSearchAction' + Republish: + $ref: '#/components/schemas/RepublishAction' + S3: + $ref: '#/components/schemas/S3Action' + Sns: + $ref: '#/components/schemas/SnsAction' + Sqs: + $ref: '#/components/schemas/SqsAction' + StepFunctions: + $ref: '#/components/schemas/StepFunctionsAction' + Timestream: + $ref: '#/components/schemas/TimestreamAction' + FailureType: + type: string + enum: + - FAILED + - REJECTED + - TIMED_OUT + - ALL + MinNumberOfExecutedThings: + type: integer + minimum: 1 + ThresholdPercentage: + type: number + maximum: 100 + InProgressTimeoutInMinutes: + description: Specifies the amount of time, in minutes, this device has to finish execution of this job. + type: integer + minimum: 1 + maximum: 10080 + RoleArn: + type: string + ExpiresInSec: + description: How number (in seconds) pre-signed URLs are valid. + type: integer + minimum: 60 + maximum: 3600 + RetryCriteria: + description: Specifies how many times a failure type should be retried. + type: object + properties: + NumberOfRetries: + type: integer + minimum: 0 + maximum: 10 + FailureType: + $ref: '#/components/schemas/JobRetryFailureType' + additionalProperties: false + JobRetryFailureType: + type: string + enum: + - FAILED + - TIMED_OUT + - ALL + MaintenanceWindow: + description: Specifies a start time and duration for a scheduled Job. + type: object + properties: + StartTime: + type: string + minLength: 1 + maxLength: 256 + DurationInMinutes: + type: integer + minimum: 1 + maximum: 1430 + additionalProperties: false + DestinationPackageVersion: + description: Specifies target package version ARNs for a software update job. + type: string + minLength: 1 + maxLength: 1600 + JobTemplate: + type: object + properties: + Arn: + type: string + JobArn: + description: Optional for copying a JobTemplate from a pre-existing Job configuration. + type: string + JobTemplateId: + type: string + pattern: '[a-zA-Z0-9_-]+' + minLength: 1 + maxLength: 64 + Description: + description: A description of the Job Template. + type: string + pattern: '[^\p{C}]+' + maxLength: 2028 + Document: + description: The job document. Required if you don't specify a value for documentSource. + type: string + maxLength: 32768 + DocumentSource: + description: An S3 link to the job document to use in the template. Required if you don't specify a value for document. + type: string + minLength: 1 + maxLength: 1350 + TimeoutConfig: + description: Specifies the amount of time each device has to finish its execution of the job. + type: object + properties: + InProgressTimeoutInMinutes: + $ref: '#/components/schemas/InProgressTimeoutInMinutes' + required: + - InProgressTimeoutInMinutes + additionalProperties: false + JobExecutionsRolloutConfig: + description: Allows you to create a staged rollout of a job. + type: object + properties: + ExponentialRolloutRate: + description: The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout. + $ref: '#/components/schemas/ExponentialRolloutRate' + MaximumPerMinute: + description: The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout. + $ref: '#/components/schemas/MaximumPerMinute' + additionalProperties: false + AbortConfig: + description: The criteria that determine when and how a job abort takes place. + type: object + properties: + CriteriaList: + type: array + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/AbortCriteria' + required: + - CriteriaList + additionalProperties: false + PresignedUrlConfig: + type: object + description: Configuration for pre-signed S3 URLs. + properties: + RoleArn: + $ref: '#/components/schemas/RoleArn' + ExpiresInSec: + $ref: '#/components/schemas/ExpiresInSec' + required: + - RoleArn + additionalProperties: false + JobExecutionsRetryConfig: + type: object + properties: + RetryCriteriaList: + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 2 + items: + $ref: '#/components/schemas/RetryCriteria' + additionalProperties: false + MaintenanceWindows: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/MaintenanceWindow' + DestinationPackageVersions: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/DestinationPackageVersion' + Tags: + description: Metadata that can be used to manage the JobTemplate. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - JobTemplateId + - Description + x-stackql-resource-name: job_template + x-stackql-primaryIdentifier: + - JobTemplateId + x-create-only-properties: + - JobTemplateId + - JobArn + - Description + - Document + - DocumentSource + - TimeoutConfig + - JobExecutionsRolloutConfig + - AbortConfig + - PresignedUrlConfig + - Tags + - DestinationPackageVersions + - JobExecutionsRetryConfig + - MaintenanceWindows + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iot:CreateJobTemplate + - iam:PassRole + - s3:GetObject + - iot:TagResource + read: + - iot:DescribeJobTemplate + delete: + - iot:DeleteJobTemplate + list: + - iot:ListJobTemplates + Logging: + type: object + properties: + AccountId: + description: Your 12-digit account ID (used as the primary identifier for the CloudFormation resource). + type: string + minLength: 12 + maxLength: 12 + pattern: ^[0-9]{12}$ + RoleArn: + description: The ARN of the role that allows IoT to write to Cloudwatch logs. + type: string + minLength: 20 + maxLength: 2048 + DefaultLogLevel: + description: 'The log level to use. Valid values are: ERROR, WARN, INFO, DEBUG, or DISABLED.' + type: string + enum: + - ERROR + - WARN + - INFO + - DEBUG + - DISABLED + required: + - AccountId + - RoleArn + - DefaultLogLevel + x-stackql-resource-name: logging + x-stackql-primaryIdentifier: + - AccountId + x-create-only-properties: + - AccountId + x-required-permissions: + create: + - iot:SetV2LoggingOptions + - iot:GetV2LoggingOptions + - iam:PassRole + read: + - iot:GetV2LoggingOptions + update: + - iot:SetV2LoggingOptions + - iot:GetV2LoggingOptions + - iam:PassRole + delete: + - iot:SetV2LoggingOptions + - iot:GetV2LoggingOptions + list: + - iot:GetV2LoggingOptions + ActionParams: + type: object + description: The set of parameters for this mitigation action. You can specify only one type of parameter (in other words, you can apply only one action for each defined mitigation action). + properties: + AddThingsToThingGroupParams: + $ref: '#/components/schemas/AddThingsToThingGroupParams' + EnableIoTLoggingParams: + $ref: '#/components/schemas/EnableIoTLoggingParams' + PublishFindingToSnsParams: + $ref: '#/components/schemas/PublishFindingToSnsParams' + ReplaceDefaultPolicyVersionParams: + $ref: '#/components/schemas/ReplaceDefaultPolicyVersionParams' + UpdateCACertificateParams: + $ref: '#/components/schemas/UpdateCACertificateParams' + UpdateDeviceCertificateParams: + $ref: '#/components/schemas/UpdateDeviceCertificateParams' + additionalProperties: false + AddThingsToThingGroupParams: + description: Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine. + type: object + properties: + OverrideDynamicGroups: + type: boolean + description: Specifies if this mitigation action can move the things that triggered the mitigation action out of one or more dynamic thing groups. + ThingGroupNames: + description: The list of groups to which you want to add the things that triggered the mitigation action. + type: array + uniqueItems: true + items: + type: string + minLength: 1 + maxLength: 128 + minItems: 1 + maxItems: 10 + x-insertionOrder: false + required: + - ThingGroupNames + additionalProperties: false + EnableIoTLoggingParams: + description: Parameters to define a mitigation action that enables AWS IoT logging at a specified level of detail. + type: object + properties: + LogLevel: + type: string + enum: + - DEBUG + - INFO + - ERROR + - WARN + - UNSET_VALUE + description: ' Specifies which types of information are logged.' + RoleArnForLogging: + description: ' The ARN of the IAM role used for logging.' + type: string + minLength: 20 + maxLength: 2048 + required: + - LogLevel + - RoleArnForLogging + additionalProperties: false + PublishFindingToSnsParams: + type: object + description: Parameters, to define a mitigation action that publishes findings to Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages. + properties: + TopicArn: + type: string + description: The ARN of the topic to which you want to publish the findings. + minLength: 20 + maxLength: 2048 + required: + - TopicArn + additionalProperties: false + ReplaceDefaultPolicyVersionParams: + type: object + description: Parameters to define a mitigation action that adds a blank policy to restrict permissions. + properties: + TemplateName: + type: string + enum: + - BLANK_POLICY + - UNSET_VALUE + required: + - TemplateName + additionalProperties: false + UpdateCACertificateParams: + type: object + description: Parameters to define a mitigation action that changes the state of the CA certificate to inactive. + properties: + Action: + type: string + enum: + - DEACTIVATE + - UNSET_VALUE + required: + - Action + additionalProperties: false + UpdateDeviceCertificateParams: + type: object + description: Parameters to define a mitigation action that changes the state of the device certificate to inactive. + properties: + Action: + type: string + enum: + - DEACTIVATE + - UNSET_VALUE + required: + - Action + additionalProperties: false + MitigationAction: + type: object + properties: + ActionName: + description: A unique identifier for the mitigation action. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + RoleArn: + type: string + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + ActionParams: + $ref: '#/components/schemas/ActionParams' + MitigationActionArn: + type: string + MitigationActionId: + type: string + required: + - RoleArn + - ActionParams + x-stackql-resource-name: mitigation_action + x-stackql-primaryIdentifier: + - ActionName + x-create-only-properties: + - ActionName + x-read-only-properties: + - MitigationActionArn + - MitigationActionId + x-required-permissions: + create: + - iot:CreateMitigationAction + - iot:DescribeMitigationAction + - iot:TagResource + - iam:PassRole + read: + - iot:DescribeMitigationAction + - iot:ListTagsForResource + update: + - iot:UpdateMitigationAction + - iot:ListTagsForResource + - iot:UntagResource + - iot:TagResource + - iam:PassRole + delete: + - iot:DescribeMitigationAction + - iot:DeleteMitigationAction + list: + - iot:ListMitigationActions + Policy: + type: object + properties: + Id: + type: string + Arn: + type: string + PolicyDocument: + type: object + minLength: 1 + maxLength: 404600 + PolicyName: + type: string + Tags: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Tag' + required: + - PolicyDocument + x-stackql-resource-name: policy + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - PolicyName + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - iot:CreatePolicy + - iot:GetPolicy + - iot:TagResource + - iot:ListTagsForResource + read: + - iot:GetPolicy + - iot:ListTagsForResource + delete: + - iot:DeletePolicy + - iot:GetPolicy + - iot:ListPolicyVersions + - iot:DeletePolicyVersion + update: + - iot:GetPolicy + - iot:ListPolicyVersions + - iot:CreatePolicyVersion + - iot:DeletePolicyVersion + - iot:SetDefaultPolicyVersion + - iot:TagResource + - iot:UntagResource + - iot:ListTagsForResource + list: + - iot:ListPolicies + ProvisioningHook: + type: object + properties: + TargetArn: + type: string + PayloadVersion: + type: string + ProvisioningTemplate: + type: object + properties: + TemplateArn: + type: string + TemplateName: + type: string + pattern: ^[0-9A-Za-z_-]+$ + minLength: 1 + maxLength: 36 + Description: + type: string + maxLength: 500 + Enabled: + type: boolean + ProvisioningRoleArn: + type: string + TemplateBody: + type: string + TemplateType: + type: string + enum: + - FLEET_PROVISIONING + - JITP + PreProvisioningHook: + $ref: '#/components/schemas/ProvisioningHook' + Tags: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Tag' + required: + - ProvisioningRoleArn + - TemplateBody + x-stackql-resource-name: provisioning_template + x-stackql-primaryIdentifier: + - TemplateName + x-create-only-properties: + - TemplateName + - TemplateType + x-read-only-properties: + - TemplateArn + x-required-permissions: + create: + - iam:GetRole + - iam:PassRole + - iot:CreateProvisioningTemplate + - iot:DescribeProvisioningTemplate + - iot:TagResource + - iot:ListTagsForResource + read: + - iot:DescribeProvisioningTemplate + - iot:ListTagsForResource + update: + - iam:GetRole + - iam:PassRole + - iot:UpdateProvisioningTemplate + - iot:CreateProvisioningTemplateVersion + - iot:ListProvisioningTemplateVersions + - iot:DeleteProvisioningTemplateVersion + - iot:DescribeProvisioningTemplate + - iot:TagResource + - iot:UntagResource + - iot:ListTagsForResource + delete: + - iot:DeleteProvisioningTemplate + - iot:DescribeProvisioningTemplate + list: + - iot:ListProvisioningTemplates + ResourceSpecificLogging: + type: object + properties: + TargetType: + description: The target type. Value must be THING_GROUP, CLIENT_ID, SOURCE_IP, PRINCIPAL_ID, or EVENT_TYPE. + type: string + enum: + - THING_GROUP + - CLIENT_ID + - SOURCE_IP + - PRINCIPAL_ID + - EVENT_TYPE + TargetName: + description: The target name. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9.:\s_\-]+' + LogLevel: + description: 'The log level for a specific target. Valid values are: ERROR, WARN, INFO, DEBUG, or DISABLED.' + type: string + enum: + - ERROR + - WARN + - INFO + - DEBUG + - DISABLED + TargetId: + description: Unique Id for a Target (TargetType:TargetName), this will be internally built to serve as primary identifier for a log target. + type: string + minLength: 13 + maxLength: 140 + pattern: '[a-zA-Z0-9.:\s_\-]+' + required: + - TargetName + - TargetType + - LogLevel + x-stackql-resource-name: resource_specific_logging + x-stackql-primaryIdentifier: + - TargetId + x-create-only-properties: + - TargetName + - TargetType + x-read-only-properties: + - TargetId + x-required-permissions: + create: + - iot:ListV2LoggingLevels + - iot:SetV2LoggingLevel + read: + - iot:ListV2LoggingLevels + update: + - iot:ListV2LoggingLevels + - iot:SetV2LoggingLevel + delete: + - iot:ListV2LoggingLevels + - iot:DeleteV2LoggingLevel + list: + - iot:ListV2LoggingLevels + RoleAlias: + type: object + properties: + RoleAlias: + type: string + pattern: '[\w=,@-]+' + minLength: 1 + maxLength: 128 + RoleAliasArn: + type: string + pattern: '[\w=,@-]+' + minLength: 1 + maxLength: 128 + RoleArn: + type: string + pattern: arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+ + minLength: 20 + maxLength: 2048 + CredentialDurationSeconds: + type: integer + minimum: 900 + maximum: 43200 + default: 3600 + Tags: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/Tag' + required: + - RoleArn + x-stackql-resource-name: role_alias + x-stackql-primaryIdentifier: + - RoleAlias + x-create-only-properties: + - RoleAlias + x-read-only-properties: + - RoleAliasArn + x-required-permissions: + create: + - iam:GetRole + - iam:PassRole + - iot:CreateRoleAlias + - iot:DescribeRoleAlias + - iot:TagResource + - iot:ListTagsForResource + read: + - iam:GetRole + - iam:PassRole + - iot:DescribeRoleAlias + - iot:ListTagsForResource + update: + - iam:GetRole + - iam:PassRole + - iot:UpdateRoleAlias + - iot:DescribeRoleAlias + - iot:TagResource + - iot:UntagResource + - iot:ListTagsForResource + delete: + - iot:DeleteRoleAlias + - iot:DescribeRoleAlias + list: + - iot:ListRoleAliases + ScheduledAudit: + type: object + properties: + ScheduledAuditName: + description: The name you want to give to the scheduled audit. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + Frequency: + description: How often the scheduled audit takes place. Can be one of DAILY, WEEKLY, BIWEEKLY, or MONTHLY. + type: string + enum: + - DAILY + - WEEKLY + - BIWEEKLY + - MONTHLY + DayOfMonth: + description: The day of the month on which the scheduled audit takes place. Can be 1 through 31 or LAST. This field is required if the frequency parameter is set to MONTHLY. + type: string + pattern: ^([1-9]|[12][0-9]|3[01])$|^LAST$|^UNSET_VALUE$ + DayOfWeek: + description: The day of the week on which the scheduled audit takes place. Can be one of SUN, MON, TUE,WED, THU, FRI, or SAT. This field is required if the frequency parameter is set to WEEKLY or BIWEEKLY. + type: string + enum: + - SUN + - MON + - TUE + - WED + - THU + - FRI + - SAT + - UNSET_VALUE + TargetCheckNames: + description: Which checks are performed during the scheduled audit. Checks must be enabled for your account. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + ScheduledAuditArn: + description: The ARN (Amazon resource name) of the scheduled audit. + type: string + minLength: 20 + maxLength: 2048 + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - Frequency + - TargetCheckNames + x-stackql-resource-name: scheduled_audit + x-stackql-primaryIdentifier: + - ScheduledAuditName + x-create-only-properties: + - ScheduledAuditName + x-read-only-properties: + - ScheduledAuditArn + x-required-permissions: + create: + - iot:CreateScheduledAudit + - iot:DescribeScheduledAudit + - iot:TagResource + read: + - iot:DescribeScheduledAudit + - iot:ListTagsForResource + update: + - iot:UpdateScheduledAudit + - iot:ListTagsForResource + - iot:UntagResource + - iot:TagResource + delete: + - iot:DescribeScheduledAudit + - iot:DeleteScheduledAudit + list: + - iot:ListScheduledAudits + Behavior: + description: A security profile behavior. + type: object + properties: + Name: + description: The name for the behavior. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + Metric: + description: What is measured by the behavior. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + MetricDimension: + $ref: '#/components/schemas/MetricDimension' + Criteria: + $ref: '#/components/schemas/BehaviorCriteria' + SuppressAlerts: + description: Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification. + type: boolean + ExportMetric: + $ref: '#/components/schemas/ExportMetric' + required: + - Name + additionalProperties: false + ExportMetric: + description: Flag to enable/disable metrics export for metric to be retained. + type: boolean + MetricDimension: + description: The dimension of a metric. + type: object + properties: + DimensionName: + description: A unique identifier for the dimension. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + Operator: + description: Defines how the dimensionValues of a dimension are interpreted. + type: string + enum: + - IN + - NOT_IN + required: + - DimensionName + additionalProperties: false + BehaviorCriteria: + description: The criteria by which the behavior is determined to be normal. + type: object + properties: + ComparisonOperator: + description: The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold). + type: string + enum: + - less-than + - less-than-equals + - greater-than + - greater-than-equals + - in-cidr-set + - not-in-cidr-set + - in-port-set + - not-in-port-set + - in-set + - not-in-set + Value: + $ref: '#/components/schemas/MetricValue' + DurationSeconds: + type: integer + description: Use this to specify the time duration over which the behavior is evaluated. + ConsecutiveDatapointsToAlarm: + description: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. + type: integer + minimum: 1 + maximum: 10 + ConsecutiveDatapointsToClear: + description: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. + type: integer + minimum: 1 + maximum: 10 + StatisticalThreshold: + $ref: '#/components/schemas/StatisticalThreshold' + MlDetectionConfig: + $ref: '#/components/schemas/MachineLearningDetectionConfig' + additionalProperties: false + MetricValue: + description: The value to be compared with the metric. + type: object + properties: + Count: + description: If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric. + type: string + minimum: 0 + Cidrs: + description: If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Ports: + description: If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: integer + minimum: 0 + maximum: 65535 + Number: + description: The numeral value of a metric. + type: number + Numbers: + description: The numeral values of a metric. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: number + Strings: + description: The string values of a metric. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + additionalProperties: false + StatisticalThreshold: + description: A statistical ranking (percentile) which indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. + type: object + properties: + Statistic: + description: The percentile which resolves to a threshold value by which compliance with a behavior is determined + type: string + enum: + - Average + - p0 + - p0.1 + - p0.01 + - p1 + - p10 + - p50 + - p90 + - p99 + - p99.9 + - p99.99 + - p100 + additionalProperties: false + MachineLearningDetectionConfig: + description: The configuration of an ML Detect Security Profile. + type: object + properties: + ConfidenceLevel: + description: The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High. + type: string + enum: + - LOW + - MEDIUM + - HIGH + additionalProperties: false + AlertTarget: + description: A structure containing the alert target ARN and the role ARN. + type: object + properties: + AlertTargetArn: + description: The ARN of the notification target to which alerts are sent. + type: string + maxLength: 2048 + RoleArn: + description: The ARN of the role that grants permission to send alerts to the notification target. + type: string + minLength: 20 + maxLength: 2048 + required: + - AlertTargetArn + - RoleArn + additionalProperties: false + MetricToRetain: + description: The metric you want to retain. Dimensions are optional. + type: object + properties: + Metric: + description: What is measured by the behavior. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + MetricDimension: + $ref: '#/components/schemas/MetricDimension' + ExportMetric: + $ref: '#/components/schemas/ExportMetric' + required: + - Metric + additionalProperties: false + SecurityProfile: + type: object + properties: + SecurityProfileName: + description: A unique identifier for the security profile. + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + SecurityProfileDescription: + description: A description of the security profile. + type: string + maxLength: 1000 + Behaviors: + description: Specifies the behaviors that, when violated by a device (thing), cause an alert. + type: array + maxLength: 100 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Behavior' + AlertTargets: + description: Specifies the destinations to which alerts are sent. + type: object + x-patternProperties: + '[a-zA-Z0-9:_-]+': + $ref: '#/components/schemas/AlertTarget' + additionalProperties: false + AdditionalMetricsToRetainV2: + description: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricToRetain' + MetricsExportConfig: + description: A structure containing the mqtt topic for metrics export. + type: object + properties: + MqttTopic: + description: The topic for metrics export. + type: string + minLength: 1 + maxLength: 512 + RoleArn: + description: The ARN of the role that grants permission to publish to mqtt topic. + type: string + minLength: 20 + maxLength: 2048 + required: + - MqttTopic + - RoleArn + additionalProperties: false + Tags: + description: Metadata that can be used to manage the security profile. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TargetArns: + description: A set of target ARNs that the security profile is attached to. + type: array + uniqueItems: true + x-insertionOrder: false + items: + description: The ARN of the target to which the security profile is attached. + type: string + maxLength: 2048 + SecurityProfileArn: + description: The ARN (Amazon resource name) of the created security profile. + type: string + required: [] + x-stackql-resource-name: security_profile + x-stackql-primaryIdentifier: + - SecurityProfileName + x-create-only-properties: + - SecurityProfileName + x-read-only-properties: + - SecurityProfileArn + x-required-permissions: + create: + - iot:CreateSecurityProfile + - iot:AttachSecurityProfile + - iot:DescribeSecurityProfile + - iot:TagResource + - iam:PassRole + read: + - iot:DescribeSecurityProfile + - iot:ListTagsForResource + - iot:ListTargetsForSecurityProfile + update: + - iot:UpdateSecurityProfile + - iot:ListTargetsForSecurityProfile + - iot:AttachSecurityProfile + - iot:DetachSecurityProfile + - iot:ListTagsForResource + - iot:UntagResource + - iot:TagResource + - iam:PassRole + delete: + - iot:DescribeSecurityProfile + - iot:DeleteSecurityProfile + list: + - iot:ListSecurityProfiles + SoftwarePackage: + type: object + properties: + Description: + type: string + maxLength: 1024 + minLength: 0 + pattern: ^[^\p{C}]+$ + PackageArn: + type: string + PackageName: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[a-zA-Z0-9-_.]+$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: software_package + x-stackql-primaryIdentifier: + - PackageName + x-create-only-properties: + - PackageName + x-read-only-properties: + - PackageArn + x-required-permissions: + create: + - iot:CreatePackage + - iot:GetPackage + - iot:TagResource + - iot:GetIndexingConfiguration + read: + - iot:GetPackage + - iot:ListTagsForResource + update: + - iot:CreatePackage + - iot:UpdatePackage + - iot:GetPackage + - iot:ListTagsForResource + - iot:TagResource + - iot:UntagResource + - iot:GetIndexingConfiguration + delete: + - iot:DeletePackage + - iot:DeletePackageVersion + - iot:GetPackage + - iot:GetPackageVersion + - iot:UpdatePackage + - iot:UpdatePackageVersion + - iot:GetIndexingConfiguration + - iot:ListPackageVersions + list: + - iot:ListPackages + PackageVersionStatus: + type: string + enum: + - DRAFT + - PUBLISHED + - DEPRECATED + ResourceAttributes: + type: object + x-patternProperties: + ^[a-zA-Z0-9:_-]+$: + type: string + minLength: 1 + pattern: ^[^\p{C}]+$ + additionalProperties: false + SoftwarePackageVersion: + type: object + properties: + Attributes: + $ref: '#/components/schemas/ResourceAttributes' + Description: + type: string + maxLength: 1024 + minLength: 0 + pattern: ^[^\p{C}]+$ + ErrorReason: + type: string + PackageName: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[a-zA-Z0-9-_.]+$ + PackageVersionArn: + type: string + Status: + $ref: '#/components/schemas/PackageVersionStatus' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + VersionName: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z0-9-_.]+$ + required: + - PackageName + x-stackql-resource-name: software_package_version + x-stackql-primaryIdentifier: + - PackageName + - VersionName + x-create-only-properties: + - PackageName + - VersionName + x-read-only-properties: + - ErrorReason + - PackageVersionArn + - Status + x-required-permissions: + create: + - iot:CreatePackageVersion + - iot:GetPackageVersion + - iot:TagResource + - iot:GetIndexingConfiguration + read: + - iot:GetPackageVersion + - iot:ListTagsForResource + update: + - iot:UpdatePackageVersion + - iot:GetPackageVersion + - iot:ListTagsForResource + - iot:TagResource + - iot:UntagResource + - iot:GetIndexingConfiguration + delete: + - iot:DeletePackageVersion + - iot:UpdatePackageVersion + - iot:GetPackageVersion + - iot:GetIndexingConfiguration + list: + - iot:ListPackageVersions + AttributePayload: + type: object + additionalProperties: false + properties: + Attributes: + type: object + x-patternProperties: + '[a-zA-Z0-9_.,@/:#-]+': + type: string + additionalProperties: false + Thing: + type: object + properties: + Id: + type: string + Arn: + type: string + AttributePayload: + $ref: '#/components/schemas/AttributePayload' + ThingName: + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + x-stackql-resource-name: thing + x-stackql-primaryIdentifier: + - ThingName + x-create-only-properties: + - ThingName + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - iot:CreateThing + - iot:DescribeThing + delete: + - iot:DeleteThing + - iot:DescribeThing + list: + - iot:ListThings + read: + - iot:DescribeThing + update: + - iot:UpdateThing + - iot:DescribeThing + ThingGroup: + type: object + properties: + Id: + type: string + Arn: + type: string + ThingGroupName: + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + ParentGroupName: + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + QueryString: + type: string + minLength: 1 + maxLength: 1000 + ThingGroupProperties: + type: object + additionalProperties: false + properties: + AttributePayload: + $ref: '#/components/schemas/AttributePayload' + ThingGroupDescription: + type: string + pattern: '[\p{Graph}\x20]*' + maxLength: 2028 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: thing_group + x-stackql-primaryIdentifier: + - ThingGroupName + x-create-only-properties: + - ThingGroupName + - ParentGroupName + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - iot:DescribeThingGroup + - iot:ListTagsForResource + - iot:CreateThingGroup + - iot:CreateDynamicThingGroup + - iot:TagResource + delete: + - iot:DescribeThingGroup + - iot:DeleteThingGroup + - iot:DeleteDynamicThingGroup + list: + - iot:ListThingGroups + - iot:ListTagsForResource + read: + - iot:DescribeThingGroup + - iot:ListTagsForResource + update: + - iot:ListTagsForResource + - iot:DescribeThingGroup + - iot:UpdateThingGroup + - iot:UpdateDynamicThingGroup + - iot:TagResource + - iot:UntagResource + ThingType: + type: object + properties: + Id: + type: string + Arn: + type: string + ThingTypeName: + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 128 + DeprecateThingType: + type: boolean + ThingTypeProperties: + type: object + additionalProperties: false + properties: + SearchableAttributes: + type: array + maxItems: 3 + uniqueItems: true + x-insertionOrder: true + items: + type: string + pattern: '[a-zA-Z0-9_.,@/:#-]+' + maxLength: 128 + ThingTypeDescription: + pattern: '[\p{Graph}\x20]*' + type: string + maxLength: 2028 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: thing_type + x-stackql-primaryIdentifier: + - ThingTypeName + x-create-only-properties: + - ThingTypeName + - ThingTypeProperties + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - iot:DescribeThingType + - iot:ListTagsForResource + - iot:CreateThingType + - iot:DeprecateThingType + - iot:TagResource + delete: + - iot:DescribeThingType + - iot:DeleteThingType + - iot:DeprecateThingType + list: + - iot:ListThingTypes + - iot:ListTagsForResource + read: + - iot:DescribeThingType + - iot:ListTagsForResource + update: + - iot:DescribeThingType + - iot:UpdateThingType + - iot:ListTagsForResource + - iot:TagResource + - iot:UntagResource + - iot:DeprecateThingType + TopicRulePayload: + type: object + additionalProperties: false + properties: + RuleDisabled: + type: boolean + ErrorAction: + $ref: '#/components/schemas/Action' + Description: + type: string + AwsIotSqlVersion: + type: string + Actions: + type: array + items: + $ref: '#/components/schemas/Action' + Sql: + type: string + required: + - Actions + - Sql + CloudwatchAlarmAction: + type: object + additionalProperties: false + properties: + StateValue: + type: string + AlarmName: + type: string + StateReason: + type: string + RoleArn: + type: string + required: + - AlarmName + - StateReason + - StateValue + - RoleArn + CloudwatchLogsAction: + type: object + additionalProperties: false + properties: + LogGroupName: + type: string + RoleArn: + type: string + BatchMode: + type: boolean + required: + - LogGroupName + - RoleArn + CloudwatchMetricAction: + type: object + additionalProperties: false + properties: + MetricName: + type: string + MetricValue: + type: string + MetricNamespace: + type: string + MetricUnit: + type: string + RoleArn: + type: string + MetricTimestamp: + type: string + required: + - MetricName + - MetricValue + - MetricNamespace + - MetricUnit + - RoleArn + DynamoDBAction: + type: object + additionalProperties: false + properties: + TableName: + type: string + PayloadField: + type: string + RangeKeyField: + type: string + HashKeyField: + type: string + RangeKeyValue: + type: string + RangeKeyType: + type: string + HashKeyType: + type: string + HashKeyValue: + type: string + RoleArn: + type: string + required: + - TableName + - HashKeyField + - HashKeyValue + - RoleArn + DynamoDBv2Action: + type: object + additionalProperties: false + properties: + PutItem: + $ref: '#/components/schemas/PutItemInput' + RoleArn: + type: string + PutItemInput: + type: object + additionalProperties: false + properties: + TableName: + type: string + required: + - TableName + ElasticsearchAction: + type: object + additionalProperties: false + properties: + Type: + type: string + Index: + type: string + Id: + type: string + Endpoint: + type: string + RoleArn: + type: string + required: + - Type + - Endpoint + - Index + - Id + - RoleArn + FirehoseAction: + type: object + additionalProperties: false + properties: + DeliveryStreamName: + type: string + RoleArn: + type: string + Separator: + type: string + BatchMode: + type: boolean + required: + - DeliveryStreamName + - RoleArn + HttpAction: + type: object + additionalProperties: false + properties: + ConfirmationUrl: + type: string + Headers: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/HttpActionHeader' + Url: + type: string + Auth: + $ref: '#/components/schemas/HttpAuthorization' + required: + - Url + HttpActionHeader: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + HttpAuthorization: + type: object + additionalProperties: false + properties: + Sigv4: + $ref: '#/components/schemas/SigV4Authorization' + SigV4Authorization: + type: object + additionalProperties: false + properties: + ServiceName: + type: string + SigningRegion: + type: string + RoleArn: + type: string + required: + - ServiceName + - SigningRegion + - RoleArn + IotAnalyticsAction: + type: object + additionalProperties: false + properties: + RoleArn: + type: string + ChannelName: + type: string + BatchMode: + type: boolean + required: + - ChannelName + - RoleArn + IotEventsAction: + type: object + additionalProperties: false + properties: + InputName: + type: string + RoleArn: + type: string + MessageId: + type: string + BatchMode: + type: boolean + required: + - InputName + - RoleArn + IotSiteWiseAction: + type: object + additionalProperties: false + properties: + RoleArn: + type: string + PutAssetPropertyValueEntries: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/PutAssetPropertyValueEntry' + required: + - PutAssetPropertyValueEntries + - RoleArn + PutAssetPropertyValueEntry: + type: object + additionalProperties: false + properties: + PropertyAlias: + type: string + PropertyValues: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/AssetPropertyValue' + AssetId: + type: string + EntryId: + type: string + PropertyId: + type: string + required: + - PropertyValues + AssetPropertyValue: + type: object + additionalProperties: false + properties: + Value: + $ref: '#/components/schemas/AssetPropertyVariant' + Timestamp: + $ref: '#/components/schemas/AssetPropertyTimestamp' + Quality: + type: string + required: + - Value + - Timestamp + AssetPropertyVariant: + type: object + additionalProperties: false + properties: + StringValue: + type: string + DoubleValue: + type: string + BooleanValue: + type: string + IntegerValue: + type: string + AssetPropertyTimestamp: + type: object + additionalProperties: false + properties: + TimeInSeconds: + type: string + OffsetInNanos: + type: string + required: + - TimeInSeconds + KafkaAction: + type: object + additionalProperties: false + properties: + DestinationArn: + type: string + Topic: + type: string + Key: + type: string + Partition: + type: string + ClientProperties: + type: object + additionalProperties: false + x-patternProperties: + .*: + type: string + minProperties: 1 + Headers: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/KafkaActionHeader' + required: + - DestinationArn + - Topic + - ClientProperties + KafkaActionHeader: + type: object + additionalProperties: false + properties: + Value: + type: string + Key: + type: string + required: + - Value + - Key + KinesisAction: + type: object + additionalProperties: false + properties: + PartitionKey: + type: string + StreamName: + type: string + RoleArn: + type: string + required: + - StreamName + - RoleArn + LambdaAction: + type: object + additionalProperties: false + properties: + FunctionArn: + type: string + LocationAction: + type: object + additionalProperties: false + properties: + RoleArn: + type: string + TrackerName: + type: string + DeviceId: + type: string + Latitude: + type: string + Longitude: + type: string + Timestamp: + $ref: '#/components/schemas/Timestamp' + required: + - RoleArn + - TrackerName + - DeviceId + - Latitude + - Longitude + Timestamp: + type: object + properties: + Value: + type: string + Unit: + type: string + additionalProperties: false + required: + - Value + OpenSearchAction: + type: object + additionalProperties: false + properties: + Type: + type: string + Index: + type: string + Id: + type: string + Endpoint: + type: string + RoleArn: + type: string + required: + - Type + - Endpoint + - Index + - Id + - RoleArn + RepublishAction: + type: object + additionalProperties: false + properties: + Qos: + type: integer + Topic: + type: string + RoleArn: + type: string + Headers: + $ref: '#/components/schemas/RepublishActionHeaders' + required: + - Topic + - RoleArn + RepublishActionHeaders: + type: object + additionalProperties: false + properties: + PayloadFormatIndicator: + type: string + minLength: 0 + maxLength: 1024 + ContentType: + type: string + minLength: 0 + maxLength: 1024 + ResponseTopic: + type: string + minLength: 0 + maxLength: 1024 + CorrelationData: + type: string + minLength: 0 + maxLength: 1024 + MessageExpiry: + type: string + minLength: 0 + maxLength: 1024 + UserProperties: + $ref: '#/components/schemas/UserProperties' + UserProperties: + type: array + minItems: 1 + maxItems: 100 + items: + $ref: '#/components/schemas/UserProperty' + UserProperty: + type: object + additionalProperties: false + required: + - Key + - Value + properties: + Key: + type: string + minLength: 0 + maxLength: 1024 + Value: + type: string + minLength: 0 + maxLength: 1024 + S3Action: + type: object + additionalProperties: false + properties: + BucketName: + type: string + Key: + type: string + RoleArn: + type: string + CannedAcl: + $ref: '#/components/schemas/CannedAccessControlList' + required: + - BucketName + - Key + - RoleArn + CannedAccessControlList: + type: string + enum: + - private + - public-read + - public-read-write + - aws-exec-read + - authenticated-read + - bucket-owner-read + - bucket-owner-full-control + - log-delivery-write + SnsAction: + type: object + additionalProperties: false + properties: + TargetArn: + type: string + MessageFormat: + type: string + RoleArn: + type: string + required: + - TargetArn + - RoleArn + StepFunctionsAction: + type: object + additionalProperties: false + properties: + ExecutionNamePrefix: + type: string + StateMachineName: + type: string + RoleArn: + type: string + required: + - StateMachineName + - RoleArn + SqsAction: + type: object + additionalProperties: false + properties: + RoleArn: + type: string + UseBase64: + type: boolean + QueueUrl: + type: string + required: + - RoleArn + - QueueUrl + TimestreamAction: + type: object + additionalProperties: false + properties: + RoleArn: + type: string + DatabaseName: + type: string + TableName: + type: string + Dimensions: + $ref: '#/components/schemas/TimestreamDimensionsList' + Timestamp: + $ref: '#/components/schemas/TimestreamTimestamp' + required: + - RoleArn + - DatabaseName + - TableName + - Dimensions + TimestreamDimensionsList: + type: array + minItems: 1 + maxItems: 128 + items: + $ref: '#/components/schemas/TimestreamDimension' + TimestreamDimension: + type: object + properties: + Name: + type: string + Value: + type: string + additionalProperties: false + required: + - Name + - Value + TimestreamTimestamp: + type: object + properties: + Value: + type: string + Unit: + type: string + additionalProperties: false + required: + - Value + - Unit + TopicRule: + type: object + properties: + Arn: + type: string + RuleName: + type: string + TopicRulePayload: + $ref: '#/components/schemas/TopicRulePayload' + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - TopicRulePayload + x-stackql-resource-name: topic_rule + x-stackql-primaryIdentifier: + - RuleName + x-create-only-properties: + - RuleName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:PassRole + - iot:CreateTopicRule + - iot:GetTopicRule + - iot:TagResource + - iot:ListTagsForResource + read: + - iot:GetTopicRule + - iot:ListTagsForResource + update: + - iam:PassRole + - iot:GetTopicRule + - iot:ListTagsForResource + - iot:ReplaceTopicRule + - iot:TagResource + - iot:UntagResource + delete: + - iot:GetTopicRule + - iot:DeleteTopicRule + list: + - iot:ListTopicRules + TopicRuleDestinationStatus: + type: string + enum: + - ENABLED + - IN_PROGRESS + - DISABLED + HttpUrlDestinationSummary: + type: object + additionalProperties: false + properties: + ConfirmationUrl: + type: string + VpcDestinationProperties: + type: object + additionalProperties: false + properties: + SubnetIds: + type: array + uniqueItems: true + items: + type: string + SecurityGroups: + type: array + uniqueItems: true + items: + type: string + VpcId: + type: string + RoleArn: + type: string + TopicRuleDestination: + type: object + properties: + Arn: + description: Amazon Resource Name (ARN). + type: string + Status: + description: The status of the TopicRuleDestination. + $ref: '#/components/schemas/TopicRuleDestinationStatus' + HttpUrlProperties: + description: HTTP URL destination properties. + $ref: '#/components/schemas/HttpUrlDestinationSummary' + StatusReason: + description: The reasoning for the current status of the TopicRuleDestination. + type: string + VpcProperties: + description: VPC destination properties. + $ref: '#/components/schemas/VpcDestinationProperties' + x-stackql-resource-name: topic_rule_destination + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - HttpUrlProperties + - VpcProperties + x-read-only-properties: + - Arn + - StatusReason + x-required-permissions: + create: + - iam:PassRole + - iot:CreateTopicRuleDestination + - iot:GetTopicRuleDestination + - iot:UpdateTopicRuleDestination + read: + - iot:GetTopicRuleDestination + update: + - iam:PassRole + - iot:GetTopicRuleDestination + - iot:UpdateTopicRuleDestination + delete: + - iot:GetTopicRuleDestination + - iot:DeleteTopicRuleDestination + list: + - iot:ListTopicRuleDestinations + x-stackQL-resources: + account_audit_configurations: + name: account_audit_configurations + id: awscc.iot.account_audit_configurations + x-cfn-schema-name: AccountAuditConfiguration + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::AccountAuditConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::AccountAuditConfiguration' + AND region = 'us-east-1' + account_audit_configuration: + name: account_audit_configuration + id: awscc.iot.account_audit_configuration + x-cfn-schema-name: AccountAuditConfiguration + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.AuditCheckConfigurations') as audit_check_configurations, + JSON_EXTRACT(Properties, '$.AuditNotificationTargetConfigurations') as audit_notification_target_configurations, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::AccountAuditConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'AuditCheckConfigurations') as audit_check_configurations, + json_extract_path_text(Properties, 'AuditNotificationTargetConfigurations') as audit_notification_target_configurations, + json_extract_path_text(Properties, 'RoleArn') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::AccountAuditConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + authorizers: + name: authorizers + id: awscc.iot.authorizers + x-cfn-schema-name: Authorizer + x-type: list + x-identifiers: + - AuthorizerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AuthorizerName') as authorizer_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Authorizer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AuthorizerName') as authorizer_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Authorizer' + AND region = 'us-east-1' + authorizer: + name: authorizer + id: awscc.iot.authorizer + x-cfn-schema-name: Authorizer + x-type: get + x-identifiers: + - AuthorizerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AuthorizerFunctionArn') as authorizer_function_arn, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AuthorizerName') as authorizer_name, + JSON_EXTRACT(Properties, '$.SigningDisabled') as signing_disabled, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.TokenKeyName') as token_key_name, + JSON_EXTRACT(Properties, '$.TokenSigningPublicKeys') as token_signing_public_keys, + JSON_EXTRACT(Properties, '$.EnableCachingForHttp') as enable_caching_for_http, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Authorizer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AuthorizerFunctionArn') as authorizer_function_arn, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AuthorizerName') as authorizer_name, + json_extract_path_text(Properties, 'SigningDisabled') as signing_disabled, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'TokenKeyName') as token_key_name, + json_extract_path_text(Properties, 'TokenSigningPublicKeys') as token_signing_public_keys, + json_extract_path_text(Properties, 'EnableCachingForHttp') as enable_caching_for_http, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Authorizer' + AND data__Identifier = '' + AND region = 'us-east-1' + billing_groups: + name: billing_groups + id: awscc.iot.billing_groups + x-cfn-schema-name: BillingGroup + x-type: list + x-identifiers: + - BillingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BillingGroupName') as billing_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::BillingGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BillingGroupName') as billing_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::BillingGroup' + AND region = 'us-east-1' + billing_group: + name: billing_group + id: awscc.iot.billing_group + x-cfn-schema-name: BillingGroup + x-type: get + x-identifiers: + - BillingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.BillingGroupName') as billing_group_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.BillingGroupProperties') as billing_group_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::BillingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'BillingGroupName') as billing_group_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'BillingGroupProperties') as billing_group_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::BillingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + ca_certificates: + name: ca_certificates + id: awscc.iot.ca_certificates + x-cfn-schema-name: CACertificate + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::CACertificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::CACertificate' + AND region = 'us-east-1' + ca_certificate: + name: ca_certificate + id: awscc.iot.ca_certificate + x-cfn-schema-name: CACertificate + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CACertificatePem') as c_acertificate_pem, + JSON_EXTRACT(Properties, '$.VerificationCertificatePem') as verification_certificate_pem, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.CertificateMode') as certificate_mode, + JSON_EXTRACT(Properties, '$.AutoRegistrationStatus') as auto_registration_status, + JSON_EXTRACT(Properties, '$.RemoveAutoRegistration') as remove_auto_registration, + JSON_EXTRACT(Properties, '$.RegistrationConfig') as registration_config, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::CACertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CACertificatePem') as c_acertificate_pem, + json_extract_path_text(Properties, 'VerificationCertificatePem') as verification_certificate_pem, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'CertificateMode') as certificate_mode, + json_extract_path_text(Properties, 'AutoRegistrationStatus') as auto_registration_status, + json_extract_path_text(Properties, 'RemoveAutoRegistration') as remove_auto_registration, + json_extract_path_text(Properties, 'RegistrationConfig') as registration_config, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::CACertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + certificates: + name: certificates + id: awscc.iot.certificates + x-cfn-schema-name: Certificate + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Certificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Certificate' + AND region = 'us-east-1' + certificate: + name: certificate + id: awscc.iot.certificate + x-cfn-schema-name: Certificate + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CACertificatePem') as c_acertificate_pem, + JSON_EXTRACT(Properties, '$.CertificatePem') as certificate_pem, + JSON_EXTRACT(Properties, '$.CertificateSigningRequest') as certificate_signing_request, + JSON_EXTRACT(Properties, '$.CertificateMode') as certificate_mode, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CACertificatePem') as c_acertificate_pem, + json_extract_path_text(Properties, 'CertificatePem') as certificate_pem, + json_extract_path_text(Properties, 'CertificateSigningRequest') as certificate_signing_request, + json_extract_path_text(Properties, 'CertificateMode') as certificate_mode, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + certificate_providers: + name: certificate_providers + id: awscc.iot.certificate_providers + x-cfn-schema-name: CertificateProvider + x-type: list + x-identifiers: + - CertificateProviderName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateProviderName') as certificate_provider_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::CertificateProvider' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateProviderName') as certificate_provider_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::CertificateProvider' + AND region = 'us-east-1' + certificate_provider: + name: certificate_provider + id: awscc.iot.certificate_provider + x-cfn-schema-name: CertificateProvider + x-type: get + x-identifiers: + - CertificateProviderName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateProviderName') as certificate_provider_name, + JSON_EXTRACT(Properties, '$.LambdaFunctionArn') as lambda_function_arn, + JSON_EXTRACT(Properties, '$.AccountDefaultForOperations') as account_default_for_operations, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::CertificateProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateProviderName') as certificate_provider_name, + json_extract_path_text(Properties, 'LambdaFunctionArn') as lambda_function_arn, + json_extract_path_text(Properties, 'AccountDefaultForOperations') as account_default_for_operations, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::CertificateProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + custom_metrics: + name: custom_metrics + id: awscc.iot.custom_metrics + x-cfn-schema-name: CustomMetric + x-type: list + x-identifiers: + - MetricName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MetricName') as metric_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::CustomMetric' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MetricName') as metric_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::CustomMetric' + AND region = 'us-east-1' + custom_metric: + name: custom_metric + id: awscc.iot.custom_metric + x-cfn-schema-name: CustomMetric + x-type: get + x-identifiers: + - MetricName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MetricName') as metric_name, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.MetricType') as metric_type, + JSON_EXTRACT(Properties, '$.MetricArn') as metric_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::CustomMetric' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MetricName') as metric_name, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'MetricType') as metric_type, + json_extract_path_text(Properties, 'MetricArn') as metric_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::CustomMetric' + AND data__Identifier = '' + AND region = 'us-east-1' + dimensions: + name: dimensions + id: awscc.iot.dimensions + x-cfn-schema-name: Dimension + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Dimension' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Dimension' + AND region = 'us-east-1' + dimension: + name: dimension + id: awscc.iot.dimension + x-cfn-schema-name: Dimension + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.StringValues') as string_values, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Dimension' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'StringValues') as string_values, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Dimension' + AND data__Identifier = '' + AND region = 'us-east-1' + domain_configurations: + name: domain_configurations + id: awscc.iot.domain_configurations + x-cfn-schema-name: DomainConfiguration + x-type: list + x-identifiers: + - DomainConfigurationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainConfigurationName') as domain_configuration_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::DomainConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainConfigurationName') as domain_configuration_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::DomainConfiguration' + AND region = 'us-east-1' + domain_configuration: + name: domain_configuration + id: awscc.iot.domain_configuration + x-cfn-schema-name: DomainConfiguration + x-type: get + x-identifiers: + - DomainConfigurationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainConfigurationName') as domain_configuration_name, + JSON_EXTRACT(Properties, '$.AuthorizerConfig') as authorizer_config, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.ServerCertificateArns') as server_certificate_arns, + JSON_EXTRACT(Properties, '$.ServiceType') as service_type, + JSON_EXTRACT(Properties, '$.ValidationCertificateArn') as validation_certificate_arn, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DomainConfigurationStatus') as domain_configuration_status, + JSON_EXTRACT(Properties, '$.DomainType') as domain_type, + JSON_EXTRACT(Properties, '$.ServerCertificateConfig') as server_certificate_config, + JSON_EXTRACT(Properties, '$.ServerCertificates') as server_certificates, + JSON_EXTRACT(Properties, '$.TlsConfig') as tls_config, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::DomainConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainConfigurationName') as domain_configuration_name, + json_extract_path_text(Properties, 'AuthorizerConfig') as authorizer_config, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'ServerCertificateArns') as server_certificate_arns, + json_extract_path_text(Properties, 'ServiceType') as service_type, + json_extract_path_text(Properties, 'ValidationCertificateArn') as validation_certificate_arn, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DomainConfigurationStatus') as domain_configuration_status, + json_extract_path_text(Properties, 'DomainType') as domain_type, + json_extract_path_text(Properties, 'ServerCertificateConfig') as server_certificate_config, + json_extract_path_text(Properties, 'ServerCertificates') as server_certificates, + json_extract_path_text(Properties, 'TlsConfig') as tls_config, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::DomainConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fleet_metrics: + name: fleet_metrics + id: awscc.iot.fleet_metrics + x-cfn-schema-name: FleetMetric + x-type: list + x-identifiers: + - MetricName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MetricName') as metric_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::FleetMetric' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MetricName') as metric_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::FleetMetric' + AND region = 'us-east-1' + fleet_metric: + name: fleet_metric + id: awscc.iot.fleet_metric + x-cfn-schema-name: FleetMetric + x-type: get + x-identifiers: + - MetricName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MetricName') as metric_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.QueryString') as query_string, + JSON_EXTRACT(Properties, '$.Period') as period, + JSON_EXTRACT(Properties, '$.AggregationField') as aggregation_field, + JSON_EXTRACT(Properties, '$.QueryVersion') as query_version, + JSON_EXTRACT(Properties, '$.IndexName') as index_name, + JSON_EXTRACT(Properties, '$.Unit') as unit, + JSON_EXTRACT(Properties, '$.AggregationType') as aggregation_type, + JSON_EXTRACT(Properties, '$.MetricArn') as metric_arn, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.LastModifiedDate') as last_modified_date, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::FleetMetric' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MetricName') as metric_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'QueryString') as query_string, + json_extract_path_text(Properties, 'Period') as period, + json_extract_path_text(Properties, 'AggregationField') as aggregation_field, + json_extract_path_text(Properties, 'QueryVersion') as query_version, + json_extract_path_text(Properties, 'IndexName') as index_name, + json_extract_path_text(Properties, 'Unit') as unit, + json_extract_path_text(Properties, 'AggregationType') as aggregation_type, + json_extract_path_text(Properties, 'MetricArn') as metric_arn, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'LastModifiedDate') as last_modified_date, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::FleetMetric' + AND data__Identifier = '' + AND region = 'us-east-1' + job_templates: + name: job_templates + id: awscc.iot.job_templates + x-cfn-schema-name: JobTemplate + x-type: list + x-identifiers: + - JobTemplateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobTemplateId') as job_template_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::JobTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobTemplateId') as job_template_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::JobTemplate' + AND region = 'us-east-1' + job_template: + name: job_template + id: awscc.iot.job_template + x-cfn-schema-name: JobTemplate + x-type: get + x-identifiers: + - JobTemplateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.JobArn') as job_arn, + JSON_EXTRACT(Properties, '$.JobTemplateId') as job_template_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Document') as document, + JSON_EXTRACT(Properties, '$.DocumentSource') as document_source, + JSON_EXTRACT(Properties, '$.TimeoutConfig') as timeout_config, + JSON_EXTRACT(Properties, '$.JobExecutionsRolloutConfig') as job_executions_rollout_config, + JSON_EXTRACT(Properties, '$.AbortConfig') as abort_config, + JSON_EXTRACT(Properties, '$.PresignedUrlConfig') as presigned_url_config, + JSON_EXTRACT(Properties, '$.JobExecutionsRetryConfig') as job_executions_retry_config, + JSON_EXTRACT(Properties, '$.MaintenanceWindows') as maintenance_windows, + JSON_EXTRACT(Properties, '$.DestinationPackageVersions') as destination_package_versions, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::JobTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'JobArn') as job_arn, + json_extract_path_text(Properties, 'JobTemplateId') as job_template_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Document') as document, + json_extract_path_text(Properties, 'DocumentSource') as document_source, + json_extract_path_text(Properties, 'TimeoutConfig') as timeout_config, + json_extract_path_text(Properties, 'JobExecutionsRolloutConfig') as job_executions_rollout_config, + json_extract_path_text(Properties, 'AbortConfig') as abort_config, + json_extract_path_text(Properties, 'PresignedUrlConfig') as presigned_url_config, + json_extract_path_text(Properties, 'JobExecutionsRetryConfig') as job_executions_retry_config, + json_extract_path_text(Properties, 'MaintenanceWindows') as maintenance_windows, + json_extract_path_text(Properties, 'DestinationPackageVersions') as destination_package_versions, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::JobTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + loggings: + name: loggings + id: awscc.iot.loggings + x-cfn-schema-name: Logging + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Logging' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Logging' + AND region = 'us-east-1' + logging: + name: logging + id: awscc.iot.logging + x-cfn-schema-name: Logging + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.DefaultLogLevel') as default_log_level + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Logging' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'DefaultLogLevel') as default_log_level + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Logging' + AND data__Identifier = '' + AND region = 'us-east-1' + mitigation_actions: + name: mitigation_actions + id: awscc.iot.mitigation_actions + x-cfn-schema-name: MitigationAction + x-type: list + x-identifiers: + - ActionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ActionName') as action_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::MitigationAction' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ActionName') as action_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::MitigationAction' + AND region = 'us-east-1' + mitigation_action: + name: mitigation_action + id: awscc.iot.mitigation_action + x-cfn-schema-name: MitigationAction + x-type: get + x-identifiers: + - ActionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ActionName') as action_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ActionParams') as action_params, + JSON_EXTRACT(Properties, '$.MitigationActionArn') as mitigation_action_arn, + JSON_EXTRACT(Properties, '$.MitigationActionId') as mitigation_action_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::MitigationAction' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ActionName') as action_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ActionParams') as action_params, + json_extract_path_text(Properties, 'MitigationActionArn') as mitigation_action_arn, + json_extract_path_text(Properties, 'MitigationActionId') as mitigation_action_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::MitigationAction' + AND data__Identifier = '' + AND region = 'us-east-1' + policies: + name: policies + id: awscc.iot.policies + x-cfn-schema-name: Policy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Policy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Policy' + AND region = 'us-east-1' + policy: + name: policy + id: awscc.iot.policy + x-cfn-schema-name: Policy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + provisioning_templates: + name: provisioning_templates + id: awscc.iot.provisioning_templates + x-cfn-schema-name: ProvisioningTemplate + x-type: list + x-identifiers: + - TemplateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TemplateName') as template_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ProvisioningTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TemplateName') as template_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ProvisioningTemplate' + AND region = 'us-east-1' + provisioning_template: + name: provisioning_template + id: awscc.iot.provisioning_template + x-cfn-schema-name: ProvisioningTemplate + x-type: get + x-identifiers: + - TemplateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TemplateArn') as template_arn, + JSON_EXTRACT(Properties, '$.TemplateName') as template_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.ProvisioningRoleArn') as provisioning_role_arn, + JSON_EXTRACT(Properties, '$.TemplateBody') as template_body, + JSON_EXTRACT(Properties, '$.TemplateType') as template_type, + JSON_EXTRACT(Properties, '$.PreProvisioningHook') as pre_provisioning_hook, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ProvisioningTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TemplateArn') as template_arn, + json_extract_path_text(Properties, 'TemplateName') as template_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'ProvisioningRoleArn') as provisioning_role_arn, + json_extract_path_text(Properties, 'TemplateBody') as template_body, + json_extract_path_text(Properties, 'TemplateType') as template_type, + json_extract_path_text(Properties, 'PreProvisioningHook') as pre_provisioning_hook, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ProvisioningTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_specific_loggings: + name: resource_specific_loggings + id: awscc.iot.resource_specific_loggings + x-cfn-schema-name: ResourceSpecificLogging + x-type: list + x-identifiers: + - TargetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetId') as target_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ResourceSpecificLogging' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetId') as target_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ResourceSpecificLogging' + AND region = 'us-east-1' + resource_specific_logging: + name: resource_specific_logging + id: awscc.iot.resource_specific_logging + x-cfn-schema-name: ResourceSpecificLogging + x-type: get + x-identifiers: + - TargetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetType') as target_type, + JSON_EXTRACT(Properties, '$.TargetName') as target_name, + JSON_EXTRACT(Properties, '$.LogLevel') as log_level, + JSON_EXTRACT(Properties, '$.TargetId') as target_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ResourceSpecificLogging' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetType') as target_type, + json_extract_path_text(Properties, 'TargetName') as target_name, + json_extract_path_text(Properties, 'LogLevel') as log_level, + json_extract_path_text(Properties, 'TargetId') as target_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ResourceSpecificLogging' + AND data__Identifier = '' + AND region = 'us-east-1' + role_aliases: + name: role_aliases + id: awscc.iot.role_aliases + x-cfn-schema-name: RoleAlias + x-type: list + x-identifiers: + - RoleAlias + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoleAlias') as role_alias + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::RoleAlias' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoleAlias') as role_alias + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::RoleAlias' + AND region = 'us-east-1' + role_alias: + name: role_alias + id: awscc.iot.role_alias + x-cfn-schema-name: RoleAlias + x-type: get + x-identifiers: + - RoleAlias + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoleAlias') as role_alias, + JSON_EXTRACT(Properties, '$.RoleAliasArn') as role_alias_arn, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.CredentialDurationSeconds') as credential_duration_seconds, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::RoleAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoleAlias') as role_alias, + json_extract_path_text(Properties, 'RoleAliasArn') as role_alias_arn, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'CredentialDurationSeconds') as credential_duration_seconds, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::RoleAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + scheduled_audits: + name: scheduled_audits + id: awscc.iot.scheduled_audits + x-cfn-schema-name: ScheduledAudit + x-type: list + x-identifiers: + - ScheduledAuditName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScheduledAuditName') as scheduled_audit_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ScheduledAudit' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScheduledAuditName') as scheduled_audit_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ScheduledAudit' + AND region = 'us-east-1' + scheduled_audit: + name: scheduled_audit + id: awscc.iot.scheduled_audit + x-cfn-schema-name: ScheduledAudit + x-type: get + x-identifiers: + - ScheduledAuditName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScheduledAuditName') as scheduled_audit_name, + JSON_EXTRACT(Properties, '$.Frequency') as frequency, + JSON_EXTRACT(Properties, '$.DayOfMonth') as day_of_month, + JSON_EXTRACT(Properties, '$.DayOfWeek') as day_of_week, + JSON_EXTRACT(Properties, '$.TargetCheckNames') as target_check_names, + JSON_EXTRACT(Properties, '$.ScheduledAuditArn') as scheduled_audit_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ScheduledAudit' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScheduledAuditName') as scheduled_audit_name, + json_extract_path_text(Properties, 'Frequency') as frequency, + json_extract_path_text(Properties, 'DayOfMonth') as day_of_month, + json_extract_path_text(Properties, 'DayOfWeek') as day_of_week, + json_extract_path_text(Properties, 'TargetCheckNames') as target_check_names, + json_extract_path_text(Properties, 'ScheduledAuditArn') as scheduled_audit_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ScheduledAudit' + AND data__Identifier = '' + AND region = 'us-east-1' + security_profiles: + name: security_profiles + id: awscc.iot.security_profiles + x-cfn-schema-name: SecurityProfile + x-type: list + x-identifiers: + - SecurityProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SecurityProfileName') as security_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::SecurityProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SecurityProfileName') as security_profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::SecurityProfile' + AND region = 'us-east-1' + security_profile: + name: security_profile + id: awscc.iot.security_profile + x-cfn-schema-name: SecurityProfile + x-type: get + x-identifiers: + - SecurityProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SecurityProfileName') as security_profile_name, + JSON_EXTRACT(Properties, '$.SecurityProfileDescription') as security_profile_description, + JSON_EXTRACT(Properties, '$.Behaviors') as behaviors, + JSON_EXTRACT(Properties, '$.AlertTargets') as alert_targets, + JSON_EXTRACT(Properties, '$.AdditionalMetricsToRetainV2') as additional_metrics_to_retain_v2, + JSON_EXTRACT(Properties, '$.MetricsExportConfig') as metrics_export_config, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TargetArns') as target_arns, + JSON_EXTRACT(Properties, '$.SecurityProfileArn') as security_profile_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::SecurityProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SecurityProfileName') as security_profile_name, + json_extract_path_text(Properties, 'SecurityProfileDescription') as security_profile_description, + json_extract_path_text(Properties, 'Behaviors') as behaviors, + json_extract_path_text(Properties, 'AlertTargets') as alert_targets, + json_extract_path_text(Properties, 'AdditionalMetricsToRetainV2') as additional_metrics_to_retain_v2, + json_extract_path_text(Properties, 'MetricsExportConfig') as metrics_export_config, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TargetArns') as target_arns, + json_extract_path_text(Properties, 'SecurityProfileArn') as security_profile_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::SecurityProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + software_packages: + name: software_packages + id: awscc.iot.software_packages + x-cfn-schema-name: SoftwarePackage + x-type: list + x-identifiers: + - PackageName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PackageName') as package_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::SoftwarePackage' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PackageName') as package_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::SoftwarePackage' + AND region = 'us-east-1' + software_package: + name: software_package + id: awscc.iot.software_package + x-cfn-schema-name: SoftwarePackage + x-type: get + x-identifiers: + - PackageName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.PackageArn') as package_arn, + JSON_EXTRACT(Properties, '$.PackageName') as package_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::SoftwarePackage' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'PackageArn') as package_arn, + json_extract_path_text(Properties, 'PackageName') as package_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::SoftwarePackage' + AND data__Identifier = '' + AND region = 'us-east-1' + software_package_versions: + name: software_package_versions + id: awscc.iot.software_package_versions + x-cfn-schema-name: SoftwarePackageVersion + x-type: list + x-identifiers: + - PackageName + - VersionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PackageName') as package_name, + JSON_EXTRACT(Properties, '$.VersionName') as version_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::SoftwarePackageVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PackageName') as package_name, + json_extract_path_text(Properties, 'VersionName') as version_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::SoftwarePackageVersion' + AND region = 'us-east-1' + software_package_version: + name: software_package_version + id: awscc.iot.software_package_version + x-cfn-schema-name: SoftwarePackageVersion + x-type: get + x-identifiers: + - PackageName + - VersionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Attributes') as attributes, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ErrorReason') as error_reason, + JSON_EXTRACT(Properties, '$.PackageName') as package_name, + JSON_EXTRACT(Properties, '$.PackageVersionArn') as package_version_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VersionName') as version_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::SoftwarePackageVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Attributes') as attributes, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ErrorReason') as error_reason, + json_extract_path_text(Properties, 'PackageName') as package_name, + json_extract_path_text(Properties, 'PackageVersionArn') as package_version_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VersionName') as version_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::SoftwarePackageVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + things: + name: things + id: awscc.iot.things + x-cfn-schema-name: Thing + x-type: list + x-identifiers: + - ThingName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ThingName') as thing_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Thing' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ThingName') as thing_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::Thing' + AND region = 'us-east-1' + thing: + name: thing + id: awscc.iot.thing + x-cfn-schema-name: Thing + x-type: get + x-identifiers: + - ThingName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AttributePayload') as attribute_payload, + JSON_EXTRACT(Properties, '$.ThingName') as thing_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Thing' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AttributePayload') as attribute_payload, + json_extract_path_text(Properties, 'ThingName') as thing_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::Thing' + AND data__Identifier = '' + AND region = 'us-east-1' + thing_groups: + name: thing_groups + id: awscc.iot.thing_groups + x-cfn-schema-name: ThingGroup + x-type: list + x-identifiers: + - ThingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ThingGroupName') as thing_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ThingGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ThingGroupName') as thing_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ThingGroup' + AND region = 'us-east-1' + thing_group: + name: thing_group + id: awscc.iot.thing_group + x-cfn-schema-name: ThingGroup + x-type: get + x-identifiers: + - ThingGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ThingGroupName') as thing_group_name, + JSON_EXTRACT(Properties, '$.ParentGroupName') as parent_group_name, + JSON_EXTRACT(Properties, '$.QueryString') as query_string, + JSON_EXTRACT(Properties, '$.ThingGroupProperties') as thing_group_properties, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ThingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ThingGroupName') as thing_group_name, + json_extract_path_text(Properties, 'ParentGroupName') as parent_group_name, + json_extract_path_text(Properties, 'QueryString') as query_string, + json_extract_path_text(Properties, 'ThingGroupProperties') as thing_group_properties, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ThingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + thing_types: + name: thing_types + id: awscc.iot.thing_types + x-cfn-schema-name: ThingType + x-type: list + x-identifiers: + - ThingTypeName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ThingTypeName') as thing_type_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ThingType' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ThingTypeName') as thing_type_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::ThingType' + AND region = 'us-east-1' + thing_type: + name: thing_type + id: awscc.iot.thing_type + x-cfn-schema-name: ThingType + x-type: get + x-identifiers: + - ThingTypeName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ThingTypeName') as thing_type_name, + JSON_EXTRACT(Properties, '$.DeprecateThingType') as deprecate_thing_type, + JSON_EXTRACT(Properties, '$.ThingTypeProperties') as thing_type_properties, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ThingType' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ThingTypeName') as thing_type_name, + json_extract_path_text(Properties, 'DeprecateThingType') as deprecate_thing_type, + json_extract_path_text(Properties, 'ThingTypeProperties') as thing_type_properties, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::ThingType' + AND data__Identifier = '' + AND region = 'us-east-1' + topic_rules: + name: topic_rules + id: awscc.iot.topic_rules + x-cfn-schema-name: TopicRule + x-type: list + x-identifiers: + - RuleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleName') as rule_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::TopicRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleName') as rule_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::TopicRule' + AND region = 'us-east-1' + topic_rule: + name: topic_rule + id: awscc.iot.topic_rule + x-cfn-schema-name: TopicRule + x-type: get + x-identifiers: + - RuleName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.RuleName') as rule_name, + JSON_EXTRACT(Properties, '$.TopicRulePayload') as topic_rule_payload, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::TopicRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'RuleName') as rule_name, + json_extract_path_text(Properties, 'TopicRulePayload') as topic_rule_payload, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::TopicRule' + AND data__Identifier = '' + AND region = 'us-east-1' + topic_rule_destinations: + name: topic_rule_destinations + id: awscc.iot.topic_rule_destinations + x-cfn-schema-name: TopicRuleDestination + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::TopicRuleDestination' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoT::TopicRuleDestination' + AND region = 'us-east-1' + topic_rule_destination: + name: topic_rule_destination + id: awscc.iot.topic_rule_destination + x-cfn-schema-name: TopicRuleDestination + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.HttpUrlProperties') as http_url_properties, + JSON_EXTRACT(Properties, '$.StatusReason') as status_reason, + JSON_EXTRACT(Properties, '$.VpcProperties') as vpc_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::TopicRuleDestination' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'HttpUrlProperties') as http_url_properties, + json_extract_path_text(Properties, 'StatusReason') as status_reason, + json_extract_path_text(Properties, 'VpcProperties') as vpc_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoT::TopicRuleDestination' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iotanalytics.yaml b/providers/src/awscc/v00.00.00000/services/iotanalytics.yaml new file mode 100644 index 00000000..9ef38816 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iotanalytics.yaml @@ -0,0 +1,953 @@ +openapi: 3.0.0 +info: + title: IoTAnalytics + version: 1.0.0 +paths: {} +components: + schemas: + CustomerManagedS3: + type: object + additionalProperties: false + properties: + Bucket: + type: string + pattern: '[a-zA-Z0-9.\-_]*' + minLength: 3 + maxLength: 255 + RoleArn: + type: string + minLength: 20 + maxLength: 2048 + KeyPrefix: + type: string + pattern: '[a-zA-Z0-9!_.*''()/{}:-]*/' + minLength: 1 + maxLength: 255 + required: + - Bucket + - RoleArn + ServiceManagedS3: + type: object + additionalProperties: false + ChannelStorage: + type: object + additionalProperties: false + properties: + ServiceManagedS3: + $ref: '#/components/schemas/ServiceManagedS3' + CustomerManagedS3: + $ref: '#/components/schemas/CustomerManagedS3' + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + required: + - Value + - Key + RetentionPeriod: + type: object + additionalProperties: false + properties: + NumberOfDays: + type: integer + minimum: 1 + maximum: 2147483647 + Unlimited: + type: boolean + Channel: + type: object + additionalProperties: false + properties: + ChannelName: + type: string + pattern: '[a-zA-Z0-9_]+' + minLength: 1 + maxLength: 128 + Next: + type: string + minLength: 1 + maxLength: 128 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - ChannelName + - Name + DatasetContentVersionValue: + type: object + additionalProperties: false + properties: + DatasetName: + type: string + pattern: (^(?!_{2}))(^[a-zA-Z0-9_]+$) + minLength: 1 + maxLength: 128 + required: + - DatasetName + GlueConfiguration: + type: object + additionalProperties: false + properties: + DatabaseName: + type: string + minLength: 1 + maxLength: 150 + TableName: + type: string + minLength: 1 + maxLength: 150 + required: + - TableName + - DatabaseName + Action: + type: object + additionalProperties: false + properties: + ActionName: + type: string + pattern: ^[a-zA-Z0-9_]+$ + minLength: 1 + maxLength: 128 + ContainerAction: + $ref: '#/components/schemas/ContainerAction' + QueryAction: + $ref: '#/components/schemas/QueryAction' + required: + - ActionName + Variable: + type: object + additionalProperties: false + properties: + VariableName: + type: string + minLength: 1 + maxLength: 256 + DatasetContentVersionValue: + $ref: '#/components/schemas/DatasetContentVersionValue' + StringValue: + type: string + minLength: 0 + maxLength: 1024 + DoubleValue: + type: number + OutputFileUriValue: + $ref: '#/components/schemas/OutputFileUriValue' + required: + - VariableName + IotEventsDestinationConfiguration: + type: object + additionalProperties: false + properties: + InputName: + type: string + pattern: ^[a-zA-Z][a-zA-Z0-9_]*$ + minLength: 1 + maxLength: 128 + RoleArn: + type: string + minLength: 20 + maxLength: 2048 + required: + - InputName + - RoleArn + LateDataRule: + type: object + additionalProperties: false + properties: + RuleConfiguration: + $ref: '#/components/schemas/LateDataRuleConfiguration' + RuleName: + type: string + pattern: ^[a-zA-Z0-9_]+$ + minLength: 1 + maxLength: 128 + required: + - RuleConfiguration + DeltaTimeSessionWindowConfiguration: + type: object + additionalProperties: false + properties: + TimeoutInMinutes: + type: integer + minimum: 1 + maximum: 60 + required: + - TimeoutInMinutes + QueryAction: + type: object + additionalProperties: false + properties: + Filters: + type: array + minItems: 0 + maxItems: 1 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Filter' + SqlQuery: + type: string + required: + - SqlQuery + VersioningConfiguration: + type: object + additionalProperties: false + properties: + Unlimited: + type: boolean + MaxVersions: + type: integer + minimum: 1 + maximum: 1000 + ResourceConfiguration: + type: object + additionalProperties: false + properties: + VolumeSizeInGB: + type: integer + minimum: 1 + maximum: 50 + ComputeType: + type: string + enum: + - ACU_1 + - ACU_2 + required: + - VolumeSizeInGB + - ComputeType + DatasetContentDeliveryRule: + type: object + additionalProperties: false + properties: + Destination: + $ref: '#/components/schemas/DatasetContentDeliveryRuleDestination' + EntryName: + type: string + required: + - Destination + Trigger: + type: object + additionalProperties: false + properties: + TriggeringDataset: + $ref: '#/components/schemas/TriggeringDataset' + Schedule: + $ref: '#/components/schemas/Schedule' + DeltaTime: + type: object + additionalProperties: false + properties: + OffsetSeconds: + type: integer + TimeExpression: + type: string + required: + - TimeExpression + - OffsetSeconds + ContainerAction: + type: object + additionalProperties: false + properties: + Variables: + type: array + minItems: 0 + maxItems: 50 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Variable' + ExecutionRoleArn: + type: string + minLength: 20 + maxLength: 2048 + Image: + type: string + maxLength: 255 + ResourceConfiguration: + $ref: '#/components/schemas/ResourceConfiguration' + required: + - ExecutionRoleArn + - Image + - ResourceConfiguration + Filter: + type: object + additionalProperties: false + properties: + Filter: + type: string + minLength: 1 + maxLength: 256 + Next: + type: string + minLength: 1 + maxLength: 128 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - Filter + - Name + OutputFileUriValue: + type: object + additionalProperties: false + properties: + FileName: + type: string + pattern: ^[\w\.-]{1,255}$ + required: + - FileName + Schedule: + type: object + additionalProperties: false + properties: + ScheduleExpression: + type: string + required: + - ScheduleExpression + S3DestinationConfiguration: + type: object + additionalProperties: false + properties: + GlueConfiguration: + $ref: '#/components/schemas/GlueConfiguration' + Bucket: + type: string + pattern: ^[a-zA-Z0-9.\-_]*$ + minLength: 3 + maxLength: 255 + Key: + type: string + pattern: ^[a-zA-Z0-9!_.*'()/{}:-]*$ + minLength: 1 + maxLength: 255 + RoleArn: + type: string + minLength: 20 + maxLength: 2048 + required: + - Bucket + - Key + - RoleArn + LateDataRuleConfiguration: + type: object + additionalProperties: false + properties: + DeltaTimeSessionWindowConfiguration: + $ref: '#/components/schemas/DeltaTimeSessionWindowConfiguration' + DatasetContentDeliveryRuleDestination: + type: object + additionalProperties: false + properties: + IotEventsDestinationConfiguration: + $ref: '#/components/schemas/IotEventsDestinationConfiguration' + S3DestinationConfiguration: + $ref: '#/components/schemas/S3DestinationConfiguration' + TriggeringDataset: + type: object + additionalProperties: false + properties: + DatasetName: + type: string + pattern: (^(?!_{2}))(^[a-zA-Z0-9_]+$) + minLength: 1 + maxLength: 128 + required: + - DatasetName + Dataset: + type: object + properties: + Actions: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/Action' + LateDataRules: + type: array + minItems: 1 + maxItems: 1 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/LateDataRule' + DatasetName: + type: string + pattern: (^(?!_{2}))(^[a-zA-Z0-9_]+$) + minLength: 1 + maxLength: 128 + ContentDeliveryRules: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 0 + maxItems: 20 + items: + $ref: '#/components/schemas/DatasetContentDeliveryRule' + Triggers: + type: array + minItems: 0 + maxItems: 5 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Trigger' + VersioningConfiguration: + $ref: '#/components/schemas/VersioningConfiguration' + Id: + type: string + RetentionPeriod: + $ref: '#/components/schemas/RetentionPeriod' + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - Actions + x-stackql-resource-name: dataset + x-stackql-primaryIdentifier: + - DatasetName + x-create-only-properties: + - DatasetName + x-read-only-properties: + - Id + x-required-permissions: + create: + - iotanalytics:CreateDataset + read: + - iotanalytics:DescribeDataset + - iotanalytics:ListTagsForResource + update: + - iotanalytics:UpdateDataset + - iotanalytics:TagResource + - iotanalytics:UntagResource + delete: + - iotanalytics:DeleteDataset + list: + - iotanalytics:ListDatasets + DatastoreStorage: + type: object + additionalProperties: false + properties: + ServiceManagedS3: + $ref: '#/components/schemas/ServiceManagedS3' + CustomerManagedS3: + $ref: '#/components/schemas/CustomerManagedS3' + IotSiteWiseMultiLayerStorage: + $ref: '#/components/schemas/IotSiteWiseMultiLayerStorage' + SchemaDefinition: + type: object + additionalProperties: false + properties: + Columns: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 100 + items: + $ref: '#/components/schemas/Column' + JsonConfiguration: + type: object + additionalProperties: false + ParquetConfiguration: + type: object + additionalProperties: false + properties: + SchemaDefinition: + $ref: '#/components/schemas/SchemaDefinition' + FileFormatConfiguration: + type: object + additionalProperties: false + properties: + JsonConfiguration: + $ref: '#/components/schemas/JsonConfiguration' + ParquetConfiguration: + $ref: '#/components/schemas/ParquetConfiguration' + Column: + type: object + additionalProperties: false + properties: + Type: + type: string + Name: + type: string + required: + - Type + - Name + IotSiteWiseMultiLayerStorage: + type: object + additionalProperties: false + properties: + CustomerManagedS3Storage: + $ref: '#/components/schemas/CustomerManagedS3Storage' + CustomerManagedS3Storage: + type: object + additionalProperties: false + properties: + Bucket: + type: string + pattern: '[a-zA-Z0-9.\-_]*' + minLength: 3 + maxLength: 255 + KeyPrefix: + type: string + pattern: '[a-zA-Z0-9!_.*''()/{}:-]*/' + minLength: 1 + maxLength: 255 + required: + - Bucket + DatastorePartitions: + type: object + additionalProperties: false + properties: + Partitions: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 0 + maxItems: 25 + items: + $ref: '#/components/schemas/DatastorePartition' + DatastorePartition: + type: object + additionalProperties: false + properties: + Partition: + $ref: '#/components/schemas/Partition' + TimestampPartition: + $ref: '#/components/schemas/TimestampPartition' + Partition: + type: object + additionalProperties: false + properties: + AttributeName: + type: string + pattern: '[a-zA-Z0-9_]+' + required: + - AttributeName + TimestampPartition: + type: object + additionalProperties: false + properties: + AttributeName: + type: string + pattern: '[a-zA-Z0-9_]+' + TimestampFormat: + type: string + pattern: '[a-zA-Z0-9\s\[\]_,.''/:-]*' + required: + - AttributeName + Datastore: + type: object + additionalProperties: false + properties: + DatastoreName: + type: string + pattern: '[a-zA-Z0-9_]+' + minLength: 1 + maxLength: 128 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - DatastoreName + - Name + Activity: + type: object + additionalProperties: false + properties: + SelectAttributes: + $ref: '#/components/schemas/SelectAttributes' + Datastore: + $ref: '#/components/schemas/Datastore' + Filter: + $ref: '#/components/schemas/Filter' + AddAttributes: + $ref: '#/components/schemas/AddAttributes' + Channel: + $ref: '#/components/schemas/Channel' + DeviceShadowEnrich: + $ref: '#/components/schemas/DeviceShadowEnrich' + Math: + $ref: '#/components/schemas/Math' + Lambda: + $ref: '#/components/schemas/Lambda' + DeviceRegistryEnrich: + $ref: '#/components/schemas/DeviceRegistryEnrich' + RemoveAttributes: + $ref: '#/components/schemas/RemoveAttributes' + DeviceShadowEnrich: + type: object + additionalProperties: false + properties: + Attribute: + type: string + minLength: 1 + maxLength: 256 + Next: + type: string + minLength: 1 + maxLength: 128 + ThingName: + type: string + minLength: 1 + maxLength: 256 + RoleArn: + type: string + minLength: 20 + maxLength: 2048 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - Attribute + - ThingName + - RoleArn + - Name + RemoveAttributes: + type: object + additionalProperties: false + properties: + Next: + type: string + minLength: 1 + maxLength: 128 + Attributes: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 50 + items: + type: string + minLength: 1 + maxLength: 256 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - Attributes + - Name + SelectAttributes: + type: object + additionalProperties: false + properties: + Next: + type: string + minLength: 1 + maxLength: 128 + Attributes: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 50 + items: + type: string + minLength: 1 + maxLength: 256 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - Name + - Attributes + Lambda: + type: object + additionalProperties: false + properties: + BatchSize: + type: integer + minimum: 1 + maximum: 1000 + Next: + type: string + minLength: 1 + maxLength: 128 + LambdaName: + type: string + pattern: '[a-zA-Z0-9_-]+' + minLength: 1 + maxLength: 64 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - LambdaName + - Name + - BatchSize + DeviceRegistryEnrich: + type: object + additionalProperties: false + properties: + Attribute: + type: string + minLength: 1 + maxLength: 256 + Next: + type: string + minLength: 1 + maxLength: 128 + ThingName: + type: string + minLength: 1 + maxLength: 256 + RoleArn: + type: string + minLength: 20 + maxLength: 2048 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - Attribute + - ThingName + - RoleArn + - Name + AddAttributes: + type: object + additionalProperties: false + properties: + Next: + type: string + minLength: 1 + maxLength: 128 + Attributes: + type: object + minProperties: 1 + maxProperties: 50 + x-patternProperties: + ^.*$: + type: string + minLength: 1 + maxLength: 256 + additionalProperties: false + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - Attributes + - Name + Math: + type: object + additionalProperties: false + properties: + Attribute: + type: string + minLength: 1 + maxLength: 256 + Next: + type: string + minLength: 1 + maxLength: 128 + Math: + type: string + minLength: 1 + maxLength: 256 + Name: + type: string + minLength: 1 + maxLength: 128 + required: + - Attribute + - Math + - Name + Pipeline: + type: object + properties: + Id: + type: string + PipelineName: + type: string + pattern: '[a-zA-Z0-9_]+' + minLength: 1 + maxLength: 128 + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + PipelineActivities: + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 25 + items: + $ref: '#/components/schemas/Activity' + required: + - PipelineActivities + x-stackql-resource-name: pipeline + x-stackql-primaryIdentifier: + - PipelineName + x-create-only-properties: + - PipelineName + x-read-only-properties: + - Id + x-required-permissions: + create: + - iotanalytics:CreatePipeline + read: + - iotanalytics:DescribePipeline + - iotanalytics:ListTagsForResource + update: + - iotanalytics:UpdatePipeline + - iotanalytics:TagResource + - iotanalytics:UntagResource + delete: + - iotanalytics:DeletePipeline + list: + - iotanalytics:ListPipelines + x-stackQL-resources: + datasets: + name: datasets + id: awscc.iotanalytics.datasets + x-cfn-schema-name: Dataset + x-type: list + x-identifiers: + - DatasetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetName') as dataset_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTAnalytics::Dataset' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetName') as dataset_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTAnalytics::Dataset' + AND region = 'us-east-1' + dataset: + name: dataset + id: awscc.iotanalytics.dataset + x-cfn-schema-name: Dataset + x-type: get + x-identifiers: + - DatasetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.LateDataRules') as late_data_rules, + JSON_EXTRACT(Properties, '$.DatasetName') as dataset_name, + JSON_EXTRACT(Properties, '$.ContentDeliveryRules') as content_delivery_rules, + JSON_EXTRACT(Properties, '$.Triggers') as triggers, + JSON_EXTRACT(Properties, '$.VersioningConfiguration') as versioning_configuration, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.RetentionPeriod') as retention_period, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTAnalytics::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'LateDataRules') as late_data_rules, + json_extract_path_text(Properties, 'DatasetName') as dataset_name, + json_extract_path_text(Properties, 'ContentDeliveryRules') as content_delivery_rules, + json_extract_path_text(Properties, 'Triggers') as triggers, + json_extract_path_text(Properties, 'VersioningConfiguration') as versioning_configuration, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'RetentionPeriod') as retention_period, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTAnalytics::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + pipelines: + name: pipelines + id: awscc.iotanalytics.pipelines + x-cfn-schema-name: Pipeline + x-type: list + x-identifiers: + - PipelineName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PipelineName') as pipeline_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTAnalytics::Pipeline' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PipelineName') as pipeline_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTAnalytics::Pipeline' + AND region = 'us-east-1' + pipeline: + name: pipeline + id: awscc.iotanalytics.pipeline + x-cfn-schema-name: Pipeline + x-type: get + x-identifiers: + - PipelineName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.PipelineName') as pipeline_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.PipelineActivities') as pipeline_activities + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTAnalytics::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'PipelineName') as pipeline_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'PipelineActivities') as pipeline_activities + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTAnalytics::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iotcoredeviceadvisor.yaml b/providers/src/awscc/v00.00.00000/services/iotcoredeviceadvisor.yaml new file mode 100644 index 00000000..cad2f471 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iotcoredeviceadvisor.yaml @@ -0,0 +1,211 @@ +openapi: 3.0.0 +info: + title: IoTCoreDeviceAdvisor + version: 1.0.0 +paths: {} +components: + schemas: + DeviceUnderTest: + type: object + properties: + CertificateArn: + type: string + minLength: 20 + maxLength: 2048 + ThingArn: + type: string + minLength: 20 + maxLength: 2048 + additionalProperties: false + SuiteDefinitionName: + type: string + description: The Name of the suite definition. + minLength: 1 + maxLength: 256 + RootGroup: + type: string + description: The root group of the test suite. + minLength: 1 + maxLength: 2048 + Devices: + type: array + description: The devices being tested in the test suite + minItems: 0 + maxItems: 2 + items: + $ref: '#/components/schemas/DeviceUnderTest' + DevicePermissionRoleArn: + type: string + description: The device permission role arn of the test suite. + minLength: 20 + maxLength: 2048 + IntendedForQualification: + description: Whether the tests are intended for qualification in a suite. + type: boolean + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + SuiteDefinition: + type: object + properties: + SuiteDefinitionConfiguration: + type: object + properties: + DevicePermissionRoleArn: + $ref: '#/components/schemas/DevicePermissionRoleArn' + Devices: + $ref: '#/components/schemas/Devices' + IntendedForQualification: + $ref: '#/components/schemas/IntendedForQualification' + RootGroup: + $ref: '#/components/schemas/RootGroup' + SuiteDefinitionName: + $ref: '#/components/schemas/SuiteDefinitionName' + required: + - DevicePermissionRoleArn + - RootGroup + additionalProperties: false + SuiteDefinitionId: + type: string + maxLength: 36 + minLength: 12 + description: The unique identifier for the suite definition. + SuiteDefinitionArn: + type: string + maxLength: 2048 + minLength: 20 + description: The Amazon Resource name for the suite definition. + SuiteDefinitionVersion: + type: string + maxLength: 255 + minLength: 2 + description: The suite definition version of a test suite. + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - SuiteDefinitionConfiguration + x-stackql-resource-name: suite_definition + x-stackql-primaryIdentifier: + - SuiteDefinitionId + x-read-only-properties: + - SuiteDefinitionId + - SuiteDefinitionArn + - SuiteDefinitionVersion + x-required-permissions: + create: + - iot:DescribeCertificate + - iot:DescribeThing + - iot:GetPolicy + - iot:ListAttachedPolicies + - iot:ListCertificates + - iot:ListPrincipalPolicies + - iot:ListTagsForResource + - iot:ListThingPrincipals + - iot:ListThings + - iotdeviceadvisor:CreateSuiteDefinition + - iotdeviceadvisor:TagResource + - iam:PassRole + read: + - iotdeviceadvisor:GetSuiteDefinition + - iotdeviceadvisor:TagResource + update: + - iot:DescribeCertificate + - iot:DescribeThing + - iot:GetPolicy + - iot:ListAttachedPolicies + - iot:ListCertificates + - iot:ListPrincipalPolicies + - iot:ListTagsForResource + - iot:ListThingPrincipals + - iot:ListThings + - iotdeviceadvisor:UpdateSuiteDefinition + - iotdeviceadvisor:GetSuiteDefinition + - iotdeviceadvisor:UntagResource + - iotdeviceadvisor:TagResource + - iam:PassRole + delete: + - iotdeviceadvisor:GetSuiteDefinition + - iotdeviceadvisor:DeleteSuiteDefinition + list: + - iotdeviceadvisor:ListSuiteDefinitions + x-stackQL-resources: + suite_definitions: + name: suite_definitions + id: awscc.iotcoredeviceadvisor.suite_definitions + x-cfn-schema-name: SuiteDefinition + x-type: list + x-identifiers: + - SuiteDefinitionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SuiteDefinitionId') as suite_definition_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTCoreDeviceAdvisor::SuiteDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SuiteDefinitionId') as suite_definition_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTCoreDeviceAdvisor::SuiteDefinition' + AND region = 'us-east-1' + suite_definition: + name: suite_definition + id: awscc.iotcoredeviceadvisor.suite_definition + x-cfn-schema-name: SuiteDefinition + x-type: get + x-identifiers: + - SuiteDefinitionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SuiteDefinitionConfiguration') as suite_definition_configuration, + JSON_EXTRACT(Properties, '$.SuiteDefinitionId') as suite_definition_id, + JSON_EXTRACT(Properties, '$.SuiteDefinitionArn') as suite_definition_arn, + JSON_EXTRACT(Properties, '$.SuiteDefinitionVersion') as suite_definition_version, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTCoreDeviceAdvisor::SuiteDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SuiteDefinitionConfiguration') as suite_definition_configuration, + json_extract_path_text(Properties, 'SuiteDefinitionId') as suite_definition_id, + json_extract_path_text(Properties, 'SuiteDefinitionArn') as suite_definition_arn, + json_extract_path_text(Properties, 'SuiteDefinitionVersion') as suite_definition_version, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTCoreDeviceAdvisor::SuiteDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iotevents.yaml b/providers/src/awscc/v00.00.00000/services/iotevents.yaml new file mode 100644 index 00000000..f453ea75 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iotevents.yaml @@ -0,0 +1,1039 @@ +openapi: 3.0.0 +info: + title: IoTEvents + version: 1.0.0 +paths: {} +components: + schemas: + AlarmRule: + type: object + description: Defines when your alarm is invoked. + additionalProperties: false + properties: + SimpleRule: + $ref: '#/components/schemas/SimpleRule' + SimpleRule: + type: object + additionalProperties: false + description: A rule that compares an input property value to a threshold value with a comparison operator. + properties: + InputProperty: + type: string + minLength: 1 + maxLength: 512 + description: The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property. + ComparisonOperator: + type: string + enum: + - GREATER + - GREATER_OR_EQUAL + - LESS + - LESS_OR_EQUAL + - EQUAL + - NOT_EQUAL + description: The comparison operator. + Threshold: + type: string + minLength: 1 + maxLength: 512 + description: The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute. + required: + - InputProperty + - ComparisonOperator + - Threshold + AlarmEventActions: + type: object + additionalProperties: false + description: Contains information about one or more alarm actions. + properties: + AlarmActions: + $ref: '#/components/schemas/AlarmActions' + AlarmCapabilities: + type: object + description: Contains the configuration information of alarm state changes + additionalProperties: false + properties: + InitializationConfiguration: + $ref: '#/components/schemas/InitializationConfiguration' + AcknowledgeFlow: + $ref: '#/components/schemas/AcknowledgeFlow' + AlarmActions: + type: array + description: Specifies one or more supported actions to receive notifications when the alarm state changes. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/AlarmAction' + AlarmAction: + type: object + additionalProperties: false + description: The actions to be performed. + properties: + DynamoDB: + $ref: '#/components/schemas/DynamoDB' + DynamoDBv2: + $ref: '#/components/schemas/DynamoDBv2' + Firehose: + $ref: '#/components/schemas/Firehose' + IotEvents: + $ref: '#/components/schemas/IotEvents' + IotSiteWise: + $ref: '#/components/schemas/IotSiteWise' + IotTopicPublish: + $ref: '#/components/schemas/IotTopicPublish' + Lambda: + $ref: '#/components/schemas/Lambda' + Sns: + $ref: '#/components/schemas/Sns' + Sqs: + $ref: '#/components/schemas/Sqs' + DynamoDB: + type: object + additionalProperties: false + description: >- + Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can also customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see + [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide*. + properties: + HashKeyField: + type: string + description: The name of the hash key (also called the partition key). + HashKeyType: + type: string + description: |- + The data type for the hash key (also called the partition key). You can specify the following values: + + * `STRING` - The hash key is a string. + + * `NUMBER` - The hash key is a number. + + If you don't specify `hashKeyType`, the default value is `STRING`. + HashKeyValue: + type: string + description: The value of the hash key (also called the partition key). + Operation: + type: string + description: |- + The type of operation to perform. You can specify the following values: + + * `INSERT` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key. + + * `UPDATE` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key. + + * `DELETE` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key. + + If you don't specify this parameter, AWS IoT Events triggers the `INSERT` operation. + Payload: + $ref: '#/components/schemas/Payload' + PayloadField: + type: string + description: |- + The name of the DynamoDB column that receives the action payload. + + If you don't specify this parameter, the name of the DynamoDB column is `payload`. + RangeKeyField: + type: string + description: The name of the range key (also called the sort key). + RangeKeyType: + type: string + description: |- + The data type for the range key (also called the sort key), You can specify the following values: + + * `STRING` - The range key is a string. + + * `NUMBER` - The range key is number. + + If you don't specify `rangeKeyField`, the default value is `STRING`. + RangeKeyValue: + type: string + description: The value of the range key (also called the sort key). + TableName: + type: string + description: The name of the DynamoDB table. + required: + - HashKeyField + - HashKeyValue + - TableName + DynamoDBv2: + type: object + additionalProperties: false + description: |- + Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can also customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. + + You can use expressions for parameters that are strings. For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide*. + properties: + Payload: + $ref: '#/components/schemas/Payload' + TableName: + type: string + description: The name of the DynamoDB table. + required: + - TableName + Firehose: + type: object + additionalProperties: false + description: Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream. + properties: + DeliveryStreamName: + type: string + description: The name of the Kinesis Data Firehose delivery stream where the data is written. + Payload: + $ref: '#/components/schemas/Payload' + Separator: + type: string + description: 'A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: ''\n'' (newline), ''\t'' (tab), ''\r\n'' (Windows newline), '','' (comma).' + pattern: ([\n\t])|(\r\n)|(,) + required: + - DeliveryStreamName + IotEvents: + type: object + additionalProperties: false + description: Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action. + properties: + InputName: + type: string + description: The name of the AWS IoT Events input where the data is sent. + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z][a-zA-Z0-9_]*$ + Payload: + $ref: '#/components/schemas/Payload' + required: + - InputName + IotSiteWise: + type: object + additionalProperties: false + description: Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise. + properties: + AssetId: + type: string + description: The ID of the asset that has the specified property. You can specify an expression. + EntryId: + type: string + description: A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier. You can also specify an expression. + PropertyAlias: + type: string + description: The alias of the asset property. You can also specify an expression. + PropertyId: + type: string + description: The ID of the asset property. You can specify an expression. + PropertyValue: + $ref: '#/components/schemas/AssetPropertyValue' + required: + - PropertyValue + IotTopicPublish: + type: object + additionalProperties: false + description: Information required to publish the MQTT message through the AWS IoT message broker. + properties: + MqttTopic: + type: string + description: The MQTT topic of the message. You can use a string expression that includes variables (`$variable.`) and input values (`$input..`) as the topic string. + minLength: 1 + maxLength: 128 + Payload: + $ref: '#/components/schemas/Payload' + required: + - MqttTopic + Lambda: + type: object + additionalProperties: false + properties: + FunctionArn: + type: string + description: The ARN of the Lambda function that is executed. + minLength: 1 + maxLength: 2048 + Payload: + $ref: '#/components/schemas/Payload' + required: + - FunctionArn + Sns: + type: object + additionalProperties: false + description: Information required to publish the Amazon SNS message. + properties: + Payload: + $ref: '#/components/schemas/Payload' + TargetArn: + type: string + description: The ARN of the Amazon SNS target where the message is sent. + minLength: 1 + maxLength: 2048 + required: + - TargetArn + Sqs: + type: object + additionalProperties: false + properties: + Payload: + $ref: '#/components/schemas/Payload' + QueueUrl: + type: string + description: The URL of the SQS queue where the data is written. + UseBase64: + type: boolean + description: Set this to `TRUE` if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to `FALSE`. + required: + - QueueUrl + Payload: + type: object + additionalProperties: false + description: |- + Information needed to configure the payload. + + By default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression`. + properties: + ContentExpression: + type: string + description: The content of the payload. You can use a string expression that includes quoted strings (`''`), variables (`$variable.`), input values (`$input..`), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB. + minLength: 1 + Type: + type: string + description: The value of the payload type can be either `STRING` or `JSON`. + required: + - ContentExpression + - Type + InitializationConfiguration: + type: object + description: Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model. + additionalProperties: false + properties: + DisabledOnInitialization: + type: boolean + description: The value must be TRUE or FALSE. If FALSE, all alarm instances created based on the alarm model are activated. The default value is TRUE. + default: 'true' + required: + - DisabledOnInitialization + AcknowledgeFlow: + type: object + description: Specifies whether to get notified for alarm state changes. + additionalProperties: false + properties: + Enabled: + type: boolean + description: The value must be TRUE or FALSE. If TRUE, you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to NORMAL. If FALSE, you won't receive notifications. The alarm automatically changes to the NORMAL state when the input property value returns to the specified range. + default: 'true' + AssetPropertyValue: + type: object + additionalProperties: false + description: A structure that contains value information. For more information, see [AssetPropertyValue](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssetPropertyValue.html) in the *AWS IoT SiteWise API Reference*. + properties: + Quality: + type: string + description: The quality of the asset property value. The value must be `GOOD`, `BAD`, or `UNCERTAIN`. You can also specify an expression. + Timestamp: + $ref: '#/components/schemas/AssetPropertyTimestamp' + Value: + $ref: '#/components/schemas/AssetPropertyVariant' + required: + - Value + AssetPropertyTimestamp: + type: object + additionalProperties: false + description: A structure that contains timestamp information. For more information, see [TimeInNanos](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_TimeInNanos.html) in the *AWS IoT SiteWise API Reference*. + properties: + OffsetInNanos: + type: string + description: The timestamp, in seconds, in the Unix epoch format. The valid range is between `1-31556889864403199`. You can also specify an expression. + TimeInSeconds: + type: string + description: The nanosecond offset converted from `timeInSeconds`. The valid range is between `0-999999999`. You can also specify an expression. + required: + - TimeInSeconds + AssetPropertyVariant: + type: object + additionalProperties: false + description: A structure that contains an asset property value. For more information, see [Variant](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_Variant.html) in the *AWS IoT SiteWise API Reference*. + properties: + BooleanValue: + type: string + description: The asset property value is a Boolean value that must be `TRUE` or `FALSE`. You can also specify an expression. If you use an expression, the evaluated result should be a Boolean value. + DoubleValue: + type: string + description: The asset property value is a double. You can also specify an expression. If you use an expression, the evaluated result should be a double. + IntegerValue: + type: string + description: The asset property value is an integer. You can also specify an expression. If you use an expression, the evaluated result should be an integer. + StringValue: + type: string + description: The asset property value is a string. You can also specify an expression. If you use an expression, the evaluated result should be a string. + Tag: + type: object + additionalProperties: false + description: Tags to be applied to Input. + properties: + Key: + description: Key of the Tag. + type: string + Value: + description: Value of the Tag. + type: string + required: + - Value + - Key + AlarmModel: + type: object + properties: + AlarmModelName: + type: string + description: The name of the alarm model. + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9_-]+$ + AlarmModelDescription: + type: string + description: A brief description of the alarm model. + maxLength: 1024 + RoleArn: + type: string + description: The ARN of the role that grants permission to AWS IoT Events to perform its operations. + minLength: 1 + maxLength: 2048 + Key: + type: string + description: |- + The value used to identify a alarm instance. When a device or system sends input, a new alarm instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding alarm instance based on this identifying information. + + This parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct alarm instance, the device must send a message payload that contains the same attribute-value. + minLength: 1 + maxLength: 128 + pattern: ^((`[\w\- ]+`)|([\w\-]+))(\.((`[\w\- ]+`)|([\w\-]+)))*$ + Severity: + type: integer + description: |+ + A non-negative integer that reflects the severity level of the alarm. + + minimum: 0 + maximum: 2147483647 + AlarmRule: + $ref: '#/components/schemas/AlarmRule' + AlarmEventActions: + $ref: '#/components/schemas/AlarmEventActions' + AlarmCapabilities: + $ref: '#/components/schemas/AlarmCapabilities' + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + description: |- + An array of key-value pairs to apply to this resource. + + For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). + items: + $ref: '#/components/schemas/Tag' + required: + - RoleArn + - AlarmRule + x-stackql-resource-name: alarm_model + x-stackql-primaryIdentifier: + - AlarmModelName + x-create-only-properties: + - AlarmModelName + - Key + x-required-permissions: + create: + - iotevents:CreateAlarmModel + - iotevents:UpdateInputRouting + - iotevents:DescribeAlarmModel + - iotevents:ListTagsForResource + - iotevents:TagResource + - iam:PassRole + read: + - iotevents:DescribeAlarmModel + - iotevents:ListTagsForResource + update: + - iotevents:UpdateAlarmModel + - iotevents:UpdateInputRouting + - iotevents:DescribeAlarmModel + - iotevents:ListTagsForResource + - iotevents:UntagResource + - iotevents:TagResource + - iam:PassRole + delete: + - iotevents:DeleteAlarmModel + - iotevents:DescribeAlarmModel + list: + - iotevents:ListAlarmModels + DetectorModelDefinition: + type: object + additionalProperties: false + description: Information that defines how a detector operates. + properties: + InitialStateName: + type: string + description: The state that is entered at the creation of each detector (instance). + minLength: 1 + maxLength: 128 + States: + type: array + uniqueItems: false + x-insertionOrder: false + description: Information about the states of the detector. + minItems: 1 + items: + $ref: '#/components/schemas/State' + required: + - States + - InitialStateName + State: + type: object + additionalProperties: false + description: Information that defines a state of a detector. + properties: + OnEnter: + $ref: '#/components/schemas/OnEnter' + OnExit: + $ref: '#/components/schemas/OnExit' + OnInput: + $ref: '#/components/schemas/OnInput' + StateName: + type: string + minLength: 1 + maxLength: 128 + description: The name of the state. + required: + - StateName + OnEnter: + type: object + additionalProperties: false + description: When entering this state, perform these `actions` if the `condition` is `TRUE`. + properties: + Events: + type: array + uniqueItems: false + x-insertionOrder: false + description: Specifies the `actions` that are performed when the state is entered and the `condition` is `TRUE`. + items: + $ref: '#/components/schemas/Event' + OnExit: + type: object + additionalProperties: false + description: When exiting this state, perform these `actions` if the specified `condition` is `TRUE`. + properties: + Events: + type: array + uniqueItems: false + x-insertionOrder: false + description: Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE`. + items: + $ref: '#/components/schemas/Event' + OnInput: + type: object + additionalProperties: false + description: When an input is received and the `condition` is `TRUE`, perform the specified `actions`. + properties: + Events: + type: array + uniqueItems: false + x-insertionOrder: false + description: Specifies the `actions` performed when the `condition` evaluates to `TRUE`. + items: + $ref: '#/components/schemas/Event' + TransitionEvents: + type: array + uniqueItems: false + x-insertionOrder: true + description: Specifies the `actions` performed, and the next `state` entered, when a `condition` evaluates to `TRUE`. + items: + $ref: '#/components/schemas/TransitionEvent' + Event: + type: object + additionalProperties: false + description: Specifies the `actions` to be performed when the `condition` evaluates to `TRUE`. + properties: + Actions: + type: array + uniqueItems: false + x-insertionOrder: false + description: The actions to be performed. + items: + $ref: '#/components/schemas/Action' + Condition: + type: string + description: The Boolean expression that, when `TRUE`, causes the `actions` to be performed. If not present, the `actions` are performed (=`TRUE`). If the expression result is not a `Boolean` value, the `actions` are not performed (=`FALSE`). + maxLength: 512 + EventName: + type: string + description: The name of the event. + maxLength: 128 + required: + - EventName + TransitionEvent: + type: object + additionalProperties: false + description: Specifies the `actions `performed and the next `state` entered when a `condition` evaluates to `TRUE`. + properties: + Actions: + type: array + description: The actions to be performed. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Action' + Condition: + type: string + description: A Boolean expression that when `TRUE` causes the `actions` to be performed and the `nextState` to be entered. + maxLength: 512 + EventName: + type: string + description: The name of the event. + minLength: 1 + maxLength: 128 + NextState: + type: string + description: The next state to enter. + minLength: 1 + maxLength: 128 + required: + - Condition + - EventName + - NextState + Action: + type: object + additionalProperties: false + description: The actions to be performed. + properties: + ClearTimer: + $ref: '#/components/schemas/ClearTimer' + DynamoDB: + $ref: '#/components/schemas/DynamoDB' + DynamoDBv2: + $ref: '#/components/schemas/DynamoDBv2' + Firehose: + $ref: '#/components/schemas/Firehose' + IotEvents: + $ref: '#/components/schemas/IotEvents' + IotSiteWise: + $ref: '#/components/schemas/IotSiteWise' + IotTopicPublish: + $ref: '#/components/schemas/IotTopicPublish' + Lambda: + $ref: '#/components/schemas/Lambda' + ResetTimer: + $ref: '#/components/schemas/ResetTimer' + SetTimer: + $ref: '#/components/schemas/SetTimer' + SetVariable: + $ref: '#/components/schemas/SetVariable' + Sns: + $ref: '#/components/schemas/Sns' + Sqs: + $ref: '#/components/schemas/Sqs' + ClearTimer: + type: object + additionalProperties: false + description: Information needed to clear the timer. + properties: + TimerName: + type: string + minLength: 1 + maxLength: 128 + required: + - TimerName + ResetTimer: + type: object + additionalProperties: false + description: Information required to reset the timer. The timer is reset to the previously evaluated result of the duration. The duration expression isn't reevaluated when you reset the timer. + properties: + TimerName: + type: string + description: The name of the timer to reset. + minLength: 1 + maxLength: 128 + required: + - TimerName + SetTimer: + type: object + additionalProperties: false + description: Information needed to set the timer. + properties: + DurationExpression: + type: string + description: The duration of the timer, in seconds. You can use a string expression that includes numbers, variables (`$variable.`), and input values (`$input..`) as the duration. The range of the duration is `1-31622400` seconds. To ensure accuracy, the minimum duration is `60` seconds. The evaluated result of the duration is rounded down to the nearest whole number. + minLength: 1 + maxLength: 1024 + Seconds: + type: integer + description: The number of seconds until the timer expires. The minimum value is `60` seconds to ensure accuracy. The maximum value is `31622400` seconds. + minimum: 60 + maximum: 31622400 + TimerName: + type: string + description: The name of the timer. + minLength: 1 + maxLength: 128 + required: + - TimerName + SetVariable: + type: object + additionalProperties: false + description: Information about the variable and its new value. + properties: + Value: + type: string + description: The new value of the variable. + minLength: 1 + maxLength: 1024 + VariableName: + type: string + description: The name of the variable. + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z][a-zA-Z0-9_]*$ + required: + - Value + - VariableName + DetectorModel: + type: object + properties: + DetectorModelDefinition: + $ref: '#/components/schemas/DetectorModelDefinition' + DetectorModelDescription: + type: string + description: A brief description of the detector model. + maxLength: 1024 + DetectorModelName: + type: string + description: The name of the detector model. + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9_-]+$ + EvaluationMethod: + type: string + description: Information about the order in which events are evaluated and how actions are executed. + enum: + - BATCH + - SERIAL + Key: + type: string + description: |- + The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information. + + This parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value. + minLength: 1 + maxLength: 128 + pattern: ^((`[\w\- ]+`)|([\w\-]+))(\.((`[\w\- ]+`)|([\w\-]+)))*$ + RoleArn: + type: string + description: The ARN of the role that grants permission to AWS IoT Events to perform its operations. + minLength: 1 + maxLength: 2048 + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + description: |- + An array of key-value pairs to apply to this resource. + + For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). + items: + $ref: '#/components/schemas/Tag' + required: + - DetectorModelDefinition + - RoleArn + x-stackql-resource-name: detector_model + x-stackql-primaryIdentifier: + - DetectorModelName + x-create-only-properties: + - DetectorModelName + - Key + x-required-permissions: + create: + - iotevents:CreateDetectorModel + - iotevents:UpdateInputRouting + - iotevents:DescribeDetectorModel + - iotevents:ListTagsForResource + - iotevents:TagResource + - iam:PassRole + read: + - iotevents:DescribeDetectorModel + - iotevents:ListTagsForResource + update: + - iotevents:UpdateDetectorModel + - iotevents:UpdateInputRouting + - iotevents:DescribeDetectorModel + - iotevents:ListTagsForResource + - iotevents:UntagResource + - iotevents:TagResource + - iam:PassRole + delete: + - iotevents:DeleteDetectorModel + - iotevents:DescribeDetectorModel + list: + - iotevents:ListDetectorModels + InputDefinition: + type: object + additionalProperties: false + description: The definition of the input. + properties: + Attributes: + type: array + uniqueItems: true + x-insertionOrder: false + description: The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage`. Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input. + minItems: 1 + maxItems: 200 + items: + $ref: '#/components/schemas/Attribute' + required: + - Attributes + Attribute: + type: object + additionalProperties: false + description: The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage`. Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input. + properties: + JsonPath: + description: |- + An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events (`BatchPutMessage`). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors. + + _Syntax_: `....` + minLength: 1 + maxLength: 128 + pattern: ^((`[a-zA-Z0-9_\- ]+`)|([a-zA-Z0-9_\-]+))(\.((`[a-zA-Z0-9_\- ]+`)|([a-zA-Z0-9_\-]+)))*$ + type: string + required: + - JsonPath + Input: + type: object + properties: + InputDefinition: + $ref: '#/components/schemas/InputDefinition' + InputDescription: + description: A brief description of the input. + minLength: 1 + maxLength: 1024 + type: string + InputName: + description: The name of the input. + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z][a-zA-Z0-9_]*$ + type: string + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + description: |- + An array of key-value pairs to apply to this resource. + + For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). + items: + $ref: '#/components/schemas/Tag' + required: + - InputDefinition + x-stackql-resource-name: input + x-stackql-primaryIdentifier: + - InputName + x-create-only-properties: + - InputName + x-required-permissions: + create: + - iotevents:CreateInput + - iotevents:TagResource + - iotevents:DescribeInput + - iotevents:ListTagsForResource + read: + - iotevents:DescribeInput + - iotevents:ListTagsForResource + update: + - iotevents:UpdateInput + - iotevents:DescribeInput + - iotevents:ListTagsForResource + - iotevents:UntagResource + - iotevents:TagResource + delete: + - iotevents:DeleteInput + - iotevents:DescribeInput + list: + - iotevents:ListInputs + x-stackQL-resources: + alarm_models: + name: alarm_models + id: awscc.iotevents.alarm_models + x-cfn-schema-name: AlarmModel + x-type: list + x-identifiers: + - AlarmModelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlarmModelName') as alarm_model_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTEvents::AlarmModel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlarmModelName') as alarm_model_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTEvents::AlarmModel' + AND region = 'us-east-1' + alarm_model: + name: alarm_model + id: awscc.iotevents.alarm_model + x-cfn-schema-name: AlarmModel + x-type: get + x-identifiers: + - AlarmModelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlarmModelName') as alarm_model_name, + JSON_EXTRACT(Properties, '$.AlarmModelDescription') as alarm_model_description, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Key') as key, + JSON_EXTRACT(Properties, '$.Severity') as severity, + JSON_EXTRACT(Properties, '$.AlarmRule') as alarm_rule, + JSON_EXTRACT(Properties, '$.AlarmEventActions') as alarm_event_actions, + JSON_EXTRACT(Properties, '$.AlarmCapabilities') as alarm_capabilities, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTEvents::AlarmModel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlarmModelName') as alarm_model_name, + json_extract_path_text(Properties, 'AlarmModelDescription') as alarm_model_description, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Key') as key, + json_extract_path_text(Properties, 'Severity') as severity, + json_extract_path_text(Properties, 'AlarmRule') as alarm_rule, + json_extract_path_text(Properties, 'AlarmEventActions') as alarm_event_actions, + json_extract_path_text(Properties, 'AlarmCapabilities') as alarm_capabilities, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTEvents::AlarmModel' + AND data__Identifier = '' + AND region = 'us-east-1' + detector_models: + name: detector_models + id: awscc.iotevents.detector_models + x-cfn-schema-name: DetectorModel + x-type: list + x-identifiers: + - DetectorModelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DetectorModelName') as detector_model_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTEvents::DetectorModel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DetectorModelName') as detector_model_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTEvents::DetectorModel' + AND region = 'us-east-1' + detector_model: + name: detector_model + id: awscc.iotevents.detector_model + x-cfn-schema-name: DetectorModel + x-type: get + x-identifiers: + - DetectorModelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DetectorModelDefinition') as detector_model_definition, + JSON_EXTRACT(Properties, '$.DetectorModelDescription') as detector_model_description, + JSON_EXTRACT(Properties, '$.DetectorModelName') as detector_model_name, + JSON_EXTRACT(Properties, '$.EvaluationMethod') as evaluation_method, + JSON_EXTRACT(Properties, '$.Key') as key, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTEvents::DetectorModel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DetectorModelDefinition') as detector_model_definition, + json_extract_path_text(Properties, 'DetectorModelDescription') as detector_model_description, + json_extract_path_text(Properties, 'DetectorModelName') as detector_model_name, + json_extract_path_text(Properties, 'EvaluationMethod') as evaluation_method, + json_extract_path_text(Properties, 'Key') as key, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTEvents::DetectorModel' + AND data__Identifier = '' + AND region = 'us-east-1' + inputs: + name: inputs + id: awscc.iotevents.inputs + x-cfn-schema-name: Input + x-type: list + x-identifiers: + - InputName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InputName') as input_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTEvents::Input' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InputName') as input_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTEvents::Input' + AND region = 'us-east-1' + input: + name: input + id: awscc.iotevents.input + x-cfn-schema-name: Input + x-type: get + x-identifiers: + - InputName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InputDefinition') as input_definition, + JSON_EXTRACT(Properties, '$.InputDescription') as input_description, + JSON_EXTRACT(Properties, '$.InputName') as input_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTEvents::Input' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InputDefinition') as input_definition, + json_extract_path_text(Properties, 'InputDescription') as input_description, + json_extract_path_text(Properties, 'InputName') as input_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTEvents::Input' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iotfleethub.yaml b/providers/src/awscc/v00.00.00000/services/iotfleethub.yaml new file mode 100644 index 00000000..cc954126 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iotfleethub.yaml @@ -0,0 +1,195 @@ +openapi: 3.0.0 +info: + title: IoTFleetHub + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: To add or update tag, provide both key and value. To delete tag, provide only tag key to be deleted. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Application: + type: object + properties: + ApplicationId: + description: The ID of the application. + type: string + pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$ + minLength: 36 + maxLength: 36 + ApplicationArn: + description: The ARN of the application. + type: string + pattern: ^arn:[!-~]+$ + minLength: 1 + maxLength: 1600 + ApplicationName: + description: Application Name, should be between 1 and 256 characters. + type: string + pattern: ^[ -~]*$ + minLength: 1 + maxLength: 256 + ApplicationDescription: + description: Application Description, should be between 1 and 2048 characters. + type: string + pattern: ^[ -~]*$ + minLength: 1 + maxLength: 2048 + ApplicationUrl: + description: The URL of the application. + type: string + ApplicationState: + description: The current state of the application. + type: string + ApplicationCreationDate: + description: When the Application was created + type: integer + ApplicationLastUpdateDate: + description: When the Application was last updated + type: integer + RoleArn: + description: The ARN of the role that the web application assumes when it interacts with AWS IoT Core. For more info on configuring this attribute, see https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_CreateApplication.html#API_iotfleethub_CreateApplication_RequestSyntax + type: string + pattern: ^arn:[!-~]+$ + minLength: 1 + maxLength: 1600 + SsoClientId: + description: The AWS SSO application generated client ID (used with AWS SSO APIs). + type: string + ErrorMessage: + description: A message indicating why Create or Delete Application failed. + type: string + Tags: + description: A list of key-value pairs that contain metadata for the application. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + required: + - ApplicationName + - RoleArn + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationId + x-read-only-properties: + - ApplicationArn + - ApplicationId + - ApplicationUrl + - ApplicationState + - ApplicationCreationDate + - ApplicationLastUpdateDate + - SsoClientId + - ErrorMessage + x-required-permissions: + create: + - iotfleethub:CreateApplication + - iotfleethub:TagResource + - iam:PassRole + - sso:CreateManagedApplicationInstance + - sso:DescribeRegisteredRegions + read: + - iotfleethub:DescribeApplication + update: + - iotfleethub:UpdateApplication + - iotfleethub:DescribeApplication + - iotfleethub:TagResource + - iotfleethub:UntagResource + delete: + - iotfleethub:DeleteApplication + - iotfleethub:DescribeApplication + - sso:DeleteManagedApplicationInstance + list: + - iotfleethub:ListApplications + x-stackQL-resources: + applications: + name: applications + id: awscc.iotfleethub.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetHub::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetHub::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.iotfleethub.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.ApplicationDescription') as application_description, + JSON_EXTRACT(Properties, '$.ApplicationUrl') as application_url, + JSON_EXTRACT(Properties, '$.ApplicationState') as application_state, + JSON_EXTRACT(Properties, '$.ApplicationCreationDate') as application_creation_date, + JSON_EXTRACT(Properties, '$.ApplicationLastUpdateDate') as application_last_update_date, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.SsoClientId') as sso_client_id, + JSON_EXTRACT(Properties, '$.ErrorMessage') as error_message, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetHub::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'ApplicationDescription') as application_description, + json_extract_path_text(Properties, 'ApplicationUrl') as application_url, + json_extract_path_text(Properties, 'ApplicationState') as application_state, + json_extract_path_text(Properties, 'ApplicationCreationDate') as application_creation_date, + json_extract_path_text(Properties, 'ApplicationLastUpdateDate') as application_last_update_date, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'SsoClientId') as sso_client_id, + json_extract_path_text(Properties, 'ErrorMessage') as error_message, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetHub::Application' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iotfleetwise.yaml b/providers/src/awscc/v00.00.00000/services/iotfleetwise.yaml new file mode 100644 index 00000000..b7e1a65d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iotfleetwise.yaml @@ -0,0 +1,1501 @@ +openapi: 3.0.0 +info: + title: IoTFleetWise + version: 1.0.0 +paths: {} +components: + schemas: + Compression: + type: string + enum: + - 'OFF' + - SNAPPY + default: 'OFF' + DataDestinationConfig: + oneOf: + - additionalProperties: false + type: object + title: S3Config + properties: + S3Config: + $ref: '#/components/schemas/S3Config' + required: + - S3Config + - additionalProperties: false + type: object + title: TimestreamConfig + properties: + TimestreamConfig: + $ref: '#/components/schemas/TimestreamConfig' + required: + - TimestreamConfig + S3Config: + additionalProperties: false + type: object + properties: + BucketArn: + maxLength: 100 + type: string + pattern: ^arn:(aws[a-zA-Z0-9-]*):s3:::.+$ + minLength: 16 + DataFormat: + $ref: '#/components/schemas/DataFormat' + StorageCompressionFormat: + $ref: '#/components/schemas/StorageCompressionFormat' + Prefix: + maxLength: 512 + type: string + pattern: ^[a-zA-Z0-9-_:./!*'()]+$ + minLength: 1 + required: + - BucketArn + TimestreamConfig: + additionalProperties: false + type: object + properties: + TimestreamTableArn: + maxLength: 2048 + type: string + pattern: ^arn:(aws[a-zA-Z0-9-]*):timestream:[a-zA-Z0-9-]+:[0-9]{12}:database\/[a-zA-Z0-9_.-]+\/table\/[a-zA-Z0-9_.-]+$ + minLength: 20 + ExecutionRoleArn: + maxLength: 2048 + type: string + pattern: ^arn:(aws[a-zA-Z0-9-]*):iam::(\d{12})?:(role((\u002F)|(\u002F[\u0021-\u007F]+\u002F))[\w+=,.@-]+)$ + minLength: 20 + required: + - TimestreamTableArn + - ExecutionRoleArn + UpdateCampaignAction: + type: string + enum: + - APPROVE + - SUSPEND + - RESUME + - UPDATE + CampaignStatus: + type: string + enum: + - CREATING + - WAITING_FOR_APPROVAL + - RUNNING + - SUSPENDED + DiagnosticsMode: + type: string + enum: + - 'OFF' + - SEND_ACTIVE_DTCS + default: 'OFF' + SignalInformation: + additionalProperties: false + type: object + properties: + MaxSampleCount: + maximum: 4294967295 + type: number + minimum: 1 + Name: + minLength: 1 + pattern: ^[\w|*|-]+(\.[\w|*|-]+)*$ + type: string + maxLength: 150 + MinimumSamplingIntervalMs: + maximum: 4294967295 + type: number + minimum: 0 + required: + - Name + TimeBasedCollectionScheme: + additionalProperties: false + type: object + properties: + PeriodMs: + maximum: 60000 + type: number + minimum: 10000 + required: + - PeriodMs + SpoolingMode: + type: string + enum: + - 'OFF' + - TO_DISK + default: 'OFF' + TriggerMode: + type: string + enum: + - ALWAYS + - RISING_EDGE + DataFormat: + type: string + enum: + - JSON + - PARQUET + StorageCompressionFormat: + type: string + enum: + - NONE + - GZIP + CollectionScheme: + oneOf: + - additionalProperties: false + type: object + title: TimeBasedCollectionScheme + properties: + TimeBasedCollectionScheme: + $ref: '#/components/schemas/TimeBasedCollectionScheme' + required: + - TimeBasedCollectionScheme + - additionalProperties: false + type: object + title: ConditionBasedCollectionScheme + properties: + ConditionBasedCollectionScheme: + $ref: '#/components/schemas/ConditionBasedCollectionScheme' + required: + - ConditionBasedCollectionScheme + ConditionBasedCollectionScheme: + additionalProperties: false + type: object + properties: + MinimumTriggerIntervalMs: + maximum: 4294967295 + type: number + minimum: 0 + Expression: + minLength: 1 + type: string + maxLength: 2048 + TriggerMode: + $ref: '#/components/schemas/TriggerMode' + ConditionLanguageVersion: + type: integer + minimum: 1 + required: + - Expression + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + Value: + type: string + maxLength: 256 + minLength: 0 + required: + - Key + - Value + additionalProperties: false + Campaign: + type: object + properties: + Status: + $ref: '#/components/schemas/CampaignStatus' + Action: + $ref: '#/components/schemas/UpdateCampaignAction' + CreationTime: + type: string + format: date-time + Compression: + $ref: '#/components/schemas/Compression' + Description: + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + type: string + maxLength: 2048 + Priority: + type: integer + minimum: 0 + default: 0 + SignalsToCollect: + minItems: 0 + maxItems: 1000 + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/SignalInformation' + DataDestinationConfigs: + minItems: 1 + maxItems: 1 + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/DataDestinationConfig' + StartTime: + format: date-time + type: string + default: '0' + Name: + minLength: 1 + pattern: ^[a-zA-Z\d\-_:]+$ + type: string + maxLength: 100 + ExpiryTime: + format: date-time + type: string + default: '253402214400' + LastModificationTime: + type: string + format: date-time + SpoolingMode: + $ref: '#/components/schemas/SpoolingMode' + SignalCatalogArn: + type: string + PostTriggerCollectionDuration: + maximum: 4294967295 + type: number + minimum: 0 + default: 0 + DataExtraDimensions: + minItems: 0 + maxItems: 5 + x-insertionOrder: false + type: array + items: + minLength: 1 + pattern: ^[a-zA-Z0-9_.]+$ + type: string + maxLength: 150 + DiagnosticsMode: + $ref: '#/components/schemas/DiagnosticsMode' + TargetArn: + type: string + Arn: + type: string + CollectionScheme: + $ref: '#/components/schemas/CollectionScheme' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + maxItems: 50 + minItems: 0 + required: + - Name + - Action + - CollectionScheme + - SignalCatalogArn + - TargetArn + x-stackql-resource-name: campaign + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - TargetArn + - SignalCatalogArn + - PostTriggerCollectionDuration + - DiagnosticsMode + - SpoolingMode + - CollectionScheme + - Priority + - Compression + - StartTime + - ExpiryTime + x-read-only-properties: + - Arn + - Status + - CreationTime + - LastModificationTime + x-required-permissions: + read: + - iotfleetwise:GetCampaign + - iotfleetwise:ListTagsForResource + create: + - iotfleetwise:CreateCampaign + - iotfleetwise:GetCampaign + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + - iam:PassRole + - timestream:DescribeEndpoints + - timestream:DescribeTable + update: + - iotfleetwise:GetCampaign + - iotfleetwise:ListTagsForResource + - iotfleetwise:UpdateCampaign + - iotfleetwise:TagResource + - iotfleetwise:UntagResource + list: + - iotfleetwise:ListCampaigns + - iotfleetwise:GetCampaign + delete: + - iotfleetwise:DeleteCampaign + - iotfleetwise:GetCampaign + CanInterface: + type: object + properties: + Name: + type: string + maxLength: 100 + minLength: 1 + ProtocolName: + type: string + maxLength: 50 + minLength: 1 + ProtocolVersion: + type: string + maxLength: 50 + minLength: 1 + required: + - Name + additionalProperties: false + CanSignal: + type: object + properties: + MessageId: + type: integer + IsBigEndian: + type: boolean + IsSigned: + type: boolean + StartBit: + type: integer + Offset: + type: number + Factor: + type: number + Length: + type: integer + Name: + type: string + maxLength: 100 + minLength: 1 + required: + - Factor + - IsBigEndian + - IsSigned + - Length + - MessageId + - Offset + - StartBit + additionalProperties: false + ManifestStatus: + type: string + enum: + - ACTIVE + - DRAFT + default: DRAFT + CanNetworkInterface: + type: object + properties: + InterfaceId: + type: string + maxLength: 50 + minLength: 1 + Type: + type: string + enum: + - CAN_INTERFACE + CanInterface: + $ref: '#/components/schemas/CanInterface' + required: + - InterfaceId + - Type + - CanInterface + additionalProperties: false + ObdNetworkInterface: + type: object + properties: + InterfaceId: + type: string + maxLength: 50 + minLength: 1 + Type: + type: string + enum: + - OBD_INTERFACE + ObdInterface: + $ref: '#/components/schemas/ObdInterface' + required: + - InterfaceId + - Type + - ObdInterface + additionalProperties: false + ObdInterface: + type: object + properties: + Name: + type: string + maxLength: 100 + minLength: 1 + RequestMessageId: + type: integer + ObdStandard: + type: string + maxLength: 50 + minLength: 1 + PidRequestIntervalSeconds: + type: integer + DtcRequestIntervalSeconds: + type: integer + UseExtendedIds: + type: boolean + HasTransmissionEcu: + type: boolean + required: + - Name + - RequestMessageId + additionalProperties: false + ObdSignal: + type: object + properties: + PidResponseLength: + type: integer + ServiceMode: + type: integer + Pid: + type: integer + Scaling: + type: number + Offset: + type: number + StartByte: + type: integer + ByteLength: + type: integer + BitRightShift: + type: integer + BitMaskLength: + type: integer + required: + - ByteLength + - Offset + - Pid + - PidResponseLength + - Scaling + - ServiceMode + - StartByte + additionalProperties: false + CanSignalDecoder: + type: object + properties: + FullyQualifiedName: + type: string + maxLength: 150 + minLength: 1 + Type: + type: string + enum: + - CAN_SIGNAL + InterfaceId: + type: string + maxLength: 50 + minLength: 1 + CanSignal: + $ref: '#/components/schemas/CanSignal' + required: + - FullyQualifiedName + - InterfaceId + - Type + - CanSignal + additionalProperties: false + ObdSignalDecoder: + type: object + properties: + FullyQualifiedName: + type: string + maxLength: 150 + minLength: 1 + Type: + type: string + enum: + - OBD_SIGNAL + InterfaceId: + type: string + maxLength: 50 + minLength: 1 + ObdSignal: + $ref: '#/components/schemas/ObdSignal' + required: + - FullyQualifiedName + - InterfaceId + - Type + - ObdSignal + additionalProperties: false + DecoderManifest: + type: object + properties: + Arn: + type: string + CreationTime: + type: string + format: date-time + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + LastModificationTime: + type: string + format: date-time + ModelManifestArn: + type: string + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[a-zA-Z\d\-_:]+$ + NetworkInterfaces: + x-insertionOrder: false + type: array + items: + oneOf: + - $ref: '#/components/schemas/CanNetworkInterface' + - $ref: '#/components/schemas/ObdNetworkInterface' + maxItems: 500 + minItems: 1 + SignalDecoders: + x-insertionOrder: false + type: array + items: + oneOf: + - $ref: '#/components/schemas/CanSignalDecoder' + - $ref: '#/components/schemas/ObdSignalDecoder' + maxItems: 500 + minItems: 1 + Status: + $ref: '#/components/schemas/ManifestStatus' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + minItems: 0 + x-insertionOrder: false + uniqueItems: true + required: + - Name + - ModelManifestArn + x-stackql-resource-name: decoder_manifest + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - ModelManifestArn + x-read-only-properties: + - Arn + - CreationTime + - LastModificationTime + x-required-permissions: + create: + - iotfleetwise:CreateDecoderManifest + - iotfleetwise:GetDecoderManifest + - iotfleetwise:UpdateDecoderManifest + - iotfleetwise:ListDecoderManifestSignals + - iotfleetwise:ListDecoderManifestNetworkInterfaces + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + read: + - iotfleetwise:GetDecoderManifest + - iotfleetwise:ListDecoderManifestSignals + - iotfleetwise:ListDecoderManifestNetworkInterfaces + - iotfleetwise:ListTagsForResource + update: + - iotfleetwise:UpdateDecoderManifest + - iotfleetwise:GetDecoderManifest + - iotfleetwise:ListDecoderManifestSignals + - iotfleetwise:ListDecoderManifestNetworkInterfaces + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + - iotfleetwise:UntagResource + delete: + - iotfleetwise:DeleteDecoderManifest + - iotfleetwise:GetDecoderManifest + list: + - iotfleetwise:ListDecoderManifests + Fleet: + type: object + properties: + Arn: + type: string + CreationTime: + type: string + format: date-time + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + Id: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[a-zA-Z0-9:_-]+$ + LastModificationTime: + type: string + format: date-time + SignalCatalogArn: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + maxItems: 50 + minItems: 0 + required: + - Id + - SignalCatalogArn + x-stackql-resource-name: fleet + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Id + - SignalCatalogArn + x-read-only-properties: + - Arn + - CreationTime + - LastModificationTime + x-required-permissions: + create: + - iotfleetwise:GetFleet + - iotfleetwise:CreateFleet + - iotfleetwise:ListTagsForResource + - iotfleetwise:ListVehiclesInFleet + - iotfleetwise:TagResource + read: + - iotfleetwise:GetFleet + - iotfleetwise:ListTagsForResource + update: + - iotfleetwise:GetFleet + - iotfleetwise:UpdateFleet + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + - iotfleetwise:UntagResource + delete: + - iotfleetwise:GetFleet + - iotfleetwise:DeleteFleet + list: + - iotfleetwise:ListFleets + ModelManifest: + type: object + properties: + Arn: + type: string + CreationTime: + type: string + format: date-time + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + LastModificationTime: + type: string + format: date-time + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[a-zA-Z\d\-_:]+$ + Nodes: + x-insertionOrder: false + uniqueItems: true + minItems: 1 + type: array + items: + type: string + SignalCatalogArn: + type: string + Status: + $ref: '#/components/schemas/ManifestStatus' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + maxItems: 50 + minItems: 0 + required: + - SignalCatalogArn + - Name + x-stackql-resource-name: model_manifest + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreationTime + - LastModificationTime + x-required-permissions: + create: + - iotfleetwise:CreateModelManifest + - iotfleetwise:GetModelManifest + - iotfleetwise:UpdateModelManifest + - iotfleetwise:ListModelManifestNodes + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + read: + - iotfleetwise:GetModelManifest + - iotfleetwise:ListModelManifestNodes + - iotfleetwise:ListTagsForResource + update: + - iotfleetwise:UpdateModelManifest + - iotfleetwise:GetModelManifest + - iotfleetwise:ListModelManifestNodes + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + - iotfleetwise:UntagResource + delete: + - iotfleetwise:DeleteModelManifest + - iotfleetwise:GetModelManifest + list: + - iotfleetwise:ListModelManifests + Actuator: + type: object + properties: + FullyQualifiedName: + type: string + DataType: + $ref: '#/components/schemas/NodeDataType' + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + Unit: + type: string + AllowedValues: + $ref: '#/components/schemas/AllowedValues' + Min: + type: number + Max: + type: number + AssignedValue: + type: string + required: + - DataType + - FullyQualifiedName + additionalProperties: false + AllowedValues: + type: array + x-insertionOrder: false + items: + type: string + minItems: 1 + Attribute: + type: object + properties: + FullyQualifiedName: + type: string + DataType: + $ref: '#/components/schemas/NodeDataType' + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + Unit: + type: string + AllowedValues: + $ref: '#/components/schemas/AllowedValues' + Min: + type: number + Max: + type: number + AssignedValue: + type: string + DefaultValue: + type: string + required: + - DataType + - FullyQualifiedName + additionalProperties: false + Branch: + type: object + properties: + FullyQualifiedName: + type: string + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + required: + - FullyQualifiedName + additionalProperties: false + Node: + oneOf: + - type: object + title: Branch + properties: + Branch: + $ref: '#/components/schemas/Branch' + additionalProperties: false + - type: object + title: Sensor + properties: + Sensor: + $ref: '#/components/schemas/Sensor' + additionalProperties: false + - type: object + title: Actuator + properties: + Actuator: + $ref: '#/components/schemas/Actuator' + additionalProperties: false + - type: object + title: Attribute + properties: + Attribute: + $ref: '#/components/schemas/Attribute' + additionalProperties: false + NodeCounts: + type: object + properties: + TotalNodes: + type: number + TotalBranches: + type: number + TotalSensors: + type: number + TotalAttributes: + type: number + TotalActuators: + type: number + additionalProperties: false + NodeDataType: + type: string + enum: + - INT8 + - UINT8 + - INT16 + - UINT16 + - INT32 + - UINT32 + - INT64 + - UINT64 + - BOOLEAN + - FLOAT + - DOUBLE + - STRING + - UNIX_TIMESTAMP + - INT8_ARRAY + - UINT8_ARRAY + - INT16_ARRAY + - UINT16_ARRAY + - INT32_ARRAY + - UINT32_ARRAY + - INT64_ARRAY + - UINT64_ARRAY + - BOOLEAN_ARRAY + - FLOAT_ARRAY + - DOUBLE_ARRAY + - STRING_ARRAY + - UNIX_TIMESTAMP_ARRAY + - UNKNOWN + Sensor: + type: object + properties: + FullyQualifiedName: + type: string + DataType: + $ref: '#/components/schemas/NodeDataType' + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + Unit: + type: string + AllowedValues: + $ref: '#/components/schemas/AllowedValues' + Min: + type: number + Max: + type: number + required: + - DataType + - FullyQualifiedName + additionalProperties: false + SignalCatalog: + type: object + properties: + Arn: + type: string + CreationTime: + format: date-time + type: string + Description: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[^\u0000-\u001F\u007F]+$ + LastModificationTime: + format: date-time + type: string + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[a-zA-Z\d\-_:]+$ + NodeCounts: + $ref: '#/components/schemas/NodeCounts' + Nodes: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Node' + maxItems: 500 + minItems: 1 + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + maxItems: 50 + minItems: 0 + x-stackql-resource-name: signal_catalog + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreationTime + - LastModificationTime + - NodeCounts/TotalNodes + - NodeCounts/TotalBranches + - NodeCounts/TotalSensors + - NodeCounts/TotalAttributes + - NodeCounts/TotalActuators + x-required-permissions: + create: + - iotfleetwise:GetSignalCatalog + - iotfleetwise:CreateSignalCatalog + - iotfleetwise:ListSignalCatalogNodes + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + read: + - iotfleetwise:GetSignalCatalog + - iotfleetwise:ListSignalCatalogNodes + - iotfleetwise:ListTagsForResource + update: + - iotfleetwise:GetSignalCatalog + - iotfleetwise:UpdateSignalCatalog + - iotfleetwise:ListSignalCatalogNodes + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + - iotfleetwise:UntagResource + delete: + - iotfleetwise:GetSignalCatalog + - iotfleetwise:DeleteSignalCatalog + list: + - iotfleetwise:ListSignalCatalogs + VehicleAssociationBehavior: + type: string + enum: + - CreateIotThing + - ValidateIotThingExists + attributesMap: + type: object + x-patternProperties: + ^[a-zA-Z0-9_.-]+$: + type: string + minProperties: 1 + additionalProperties: false + Vehicle: + type: object + properties: + Arn: + type: string + AssociationBehavior: + $ref: '#/components/schemas/VehicleAssociationBehavior' + Attributes: + $ref: '#/components/schemas/attributesMap' + CreationTime: + type: string + format: date-time + DecoderManifestArn: + type: string + Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[a-zA-Z\d\-_:]+$ + LastModificationTime: + type: string + format: date-time + ModelManifestArn: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: false + uniqueItems: true + maxItems: 50 + minItems: 0 + required: + - Name + - DecoderManifestArn + - ModelManifestArn + x-stackql-resource-name: vehicle + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreationTime + - LastModificationTime + x-required-permissions: + create: + - iotfleetwise:GetVehicle + - iotfleetwise:CreateVehicle + - iot:CreateThing + - iot:DescribeThing + - iotfleetwise:ListTagsForResource + - iotfleetwise:ListVehicles + - iotfleetwise:TagResource + read: + - iotfleetwise:GetVehicle + - iotfleetwise:ListTagsForResource + update: + - iotfleetwise:GetVehicle + - iotfleetwise:UpdateVehicle + - iotfleetwise:ListTagsForResource + - iotfleetwise:TagResource + - iotfleetwise:UntagResource + delete: + - iotfleetwise:GetVehicle + - iotfleetwise:DeleteVehicle + list: + - iotfleetwise:ListVehicles + x-stackQL-resources: + campaigns: + name: campaigns + id: awscc.iotfleetwise.campaigns + x-cfn-schema-name: Campaign + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::Campaign' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::Campaign' + AND region = 'us-east-1' + campaign: + name: campaign + id: awscc.iotfleetwise.campaign + x-cfn-schema-name: Campaign + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Action') as action, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Compression') as compression, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Priority') as priority, + JSON_EXTRACT(Properties, '$.SignalsToCollect') as signals_to_collect, + JSON_EXTRACT(Properties, '$.DataDestinationConfigs') as data_destination_configs, + JSON_EXTRACT(Properties, '$.StartTime') as start_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ExpiryTime') as expiry_time, + JSON_EXTRACT(Properties, '$.LastModificationTime') as last_modification_time, + JSON_EXTRACT(Properties, '$.SpoolingMode') as spooling_mode, + JSON_EXTRACT(Properties, '$.SignalCatalogArn') as signal_catalog_arn, + JSON_EXTRACT(Properties, '$.PostTriggerCollectionDuration') as post_trigger_collection_duration, + JSON_EXTRACT(Properties, '$.DataExtraDimensions') as data_extra_dimensions, + JSON_EXTRACT(Properties, '$.DiagnosticsMode') as diagnostics_mode, + JSON_EXTRACT(Properties, '$.TargetArn') as target_arn, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CollectionScheme') as collection_scheme, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::Campaign' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Action') as action, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Compression') as compression, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Priority') as priority, + json_extract_path_text(Properties, 'SignalsToCollect') as signals_to_collect, + json_extract_path_text(Properties, 'DataDestinationConfigs') as data_destination_configs, + json_extract_path_text(Properties, 'StartTime') as start_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ExpiryTime') as expiry_time, + json_extract_path_text(Properties, 'LastModificationTime') as last_modification_time, + json_extract_path_text(Properties, 'SpoolingMode') as spooling_mode, + json_extract_path_text(Properties, 'SignalCatalogArn') as signal_catalog_arn, + json_extract_path_text(Properties, 'PostTriggerCollectionDuration') as post_trigger_collection_duration, + json_extract_path_text(Properties, 'DataExtraDimensions') as data_extra_dimensions, + json_extract_path_text(Properties, 'DiagnosticsMode') as diagnostics_mode, + json_extract_path_text(Properties, 'TargetArn') as target_arn, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CollectionScheme') as collection_scheme, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::Campaign' + AND data__Identifier = '' + AND region = 'us-east-1' + decoder_manifests: + name: decoder_manifests + id: awscc.iotfleetwise.decoder_manifests + x-cfn-schema-name: DecoderManifest + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::DecoderManifest' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::DecoderManifest' + AND region = 'us-east-1' + decoder_manifest: + name: decoder_manifest + id: awscc.iotfleetwise.decoder_manifest + x-cfn-schema-name: DecoderManifest + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.LastModificationTime') as last_modification_time, + JSON_EXTRACT(Properties, '$.ModelManifestArn') as model_manifest_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.NetworkInterfaces') as network_interfaces, + JSON_EXTRACT(Properties, '$.SignalDecoders') as signal_decoders, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::DecoderManifest' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'LastModificationTime') as last_modification_time, + json_extract_path_text(Properties, 'ModelManifestArn') as model_manifest_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'NetworkInterfaces') as network_interfaces, + json_extract_path_text(Properties, 'SignalDecoders') as signal_decoders, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::DecoderManifest' + AND data__Identifier = '' + AND region = 'us-east-1' + fleets: + name: fleets + id: awscc.iotfleetwise.fleets + x-cfn-schema-name: Fleet + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::Fleet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::Fleet' + AND region = 'us-east-1' + fleet: + name: fleet + id: awscc.iotfleetwise.fleet + x-cfn-schema-name: Fleet + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastModificationTime') as last_modification_time, + JSON_EXTRACT(Properties, '$.SignalCatalogArn') as signal_catalog_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastModificationTime') as last_modification_time, + json_extract_path_text(Properties, 'SignalCatalogArn') as signal_catalog_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' + model_manifests: + name: model_manifests + id: awscc.iotfleetwise.model_manifests + x-cfn-schema-name: ModelManifest + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::ModelManifest' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::ModelManifest' + AND region = 'us-east-1' + model_manifest: + name: model_manifest + id: awscc.iotfleetwise.model_manifest + x-cfn-schema-name: ModelManifest + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.LastModificationTime') as last_modification_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Nodes') as nodes, + JSON_EXTRACT(Properties, '$.SignalCatalogArn') as signal_catalog_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::ModelManifest' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'LastModificationTime') as last_modification_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Nodes') as nodes, + json_extract_path_text(Properties, 'SignalCatalogArn') as signal_catalog_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::ModelManifest' + AND data__Identifier = '' + AND region = 'us-east-1' + signal_catalogs: + name: signal_catalogs + id: awscc.iotfleetwise.signal_catalogs + x-cfn-schema-name: SignalCatalog + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::SignalCatalog' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::SignalCatalog' + AND region = 'us-east-1' + signal_catalog: + name: signal_catalog + id: awscc.iotfleetwise.signal_catalog + x-cfn-schema-name: SignalCatalog + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.LastModificationTime') as last_modification_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.NodeCounts') as node_counts, + JSON_EXTRACT(Properties, '$.Nodes') as nodes, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::SignalCatalog' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'LastModificationTime') as last_modification_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'NodeCounts') as node_counts, + json_extract_path_text(Properties, 'Nodes') as nodes, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::SignalCatalog' + AND data__Identifier = '' + AND region = 'us-east-1' + vehicles: + name: vehicles + id: awscc.iotfleetwise.vehicles + x-cfn-schema-name: Vehicle + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::Vehicle' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTFleetWise::Vehicle' + AND region = 'us-east-1' + vehicle: + name: vehicle + id: awscc.iotfleetwise.vehicle + x-cfn-schema-name: Vehicle + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AssociationBehavior') as association_behavior, + JSON_EXTRACT(Properties, '$.Attributes') as attributes, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.DecoderManifestArn') as decoder_manifest_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.LastModificationTime') as last_modification_time, + JSON_EXTRACT(Properties, '$.ModelManifestArn') as model_manifest_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::Vehicle' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AssociationBehavior') as association_behavior, + json_extract_path_text(Properties, 'Attributes') as attributes, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'DecoderManifestArn') as decoder_manifest_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'LastModificationTime') as last_modification_time, + json_extract_path_text(Properties, 'ModelManifestArn') as model_manifest_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTFleetWise::Vehicle' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iotsitewise.yaml b/providers/src/awscc/v00.00.00000/services/iotsitewise.yaml new file mode 100644 index 00000000..304a23ef --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iotsitewise.yaml @@ -0,0 +1,1300 @@ +openapi: 3.0.0 +info: + title: IoTSiteWise + version: 1.0.0 +paths: {} +components: + schemas: + User: + description: Contains information for a user identity in an access policy. + type: object + additionalProperties: false + properties: + id: + description: The AWS SSO ID of the user. + type: string + IamUser: + description: Contains information for an IAM user identity in an access policy. + type: object + additionalProperties: false + properties: + arn: + description: The ARN of the IAM user. + type: string + IamRole: + description: Contains information for an IAM role identity in an access policy. + type: object + additionalProperties: false + properties: + arn: + description: The ARN of the IAM role. + type: string + Portal: + type: object + properties: + PortalAuthMode: + description: The service to use to authenticate users to the portal. Choose from SSO or IAM. You can't change this value after you create a portal. + type: string + PortalArn: + description: The ARN of the portal, which has the following format. + type: string + PortalClientId: + description: The AWS SSO application generated client ID (used with AWS SSO APIs). + type: string + PortalContactEmail: + description: The AWS administrator's contact email address. + type: string + PortalDescription: + description: A description for the portal. + type: string + PortalId: + description: The ID of the portal. + type: string + PortalName: + description: A friendly name for the portal. + type: string + PortalStartUrl: + description: The public root URL for the AWS IoT AWS IoT SiteWise Monitor application portal. + type: string + RoleArn: + description: The ARN of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. + type: string + NotificationSenderEmail: + description: The email address that sends alarm notifications. + type: string + Alarms: + type: object + description: Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. + additionalProperties: false + properties: + AlarmRoleArn: + type: string + description: The ARN of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events. + NotificationLambdaArn: + type: string + description: The ARN of the AWS Lambda function that manages alarm notifications. For more information, see Managing alarm notifications in the AWS IoT Events Developer Guide. + Tags: + description: A list of key-value pairs that contain metadata for the portal. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - PortalContactEmail + - PortalName + - RoleArn + x-stackql-resource-name: portal + x-stackql-primaryIdentifier: + - PortalId + x-create-only-properties: + - PortalAuthMode + x-read-only-properties: + - PortalArn + - PortalClientId + - PortalId + - PortalStartUrl + x-required-permissions: + create: + - iotsitewise:CreatePortal + - iotsitewise:DescribePortal + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iam:PassRole + - sso:CreateManagedApplicationInstance + - sso:DescribeRegisteredRegions + read: + - iotsitewise:DescribePortal + - iotsitewise:ListTagsForResource + update: + - iotsitewise:DescribePortal + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iotsitewise:UpdatePortal + - iotsitewise:UntagResource + - iam:PassRole + - sso:GetManagedApplicationInstance + - sso:UpdateApplicationInstanceDisplayData + delete: + - iotsitewise:DescribePortal + - iotsitewise:DeletePortal + - sso:DeleteManagedApplicationInstance + list: + - iotsitewise:ListPortals + Project: + type: object + properties: + PortalId: + description: The ID of the portal in which to create the project. + type: string + ProjectId: + description: The ID of the project. + type: string + ProjectName: + description: A friendly name for the project. + type: string + ProjectDescription: + description: A description for the project. + type: string + ProjectArn: + description: The ARN of the project. + type: string + AssetIds: + description: The IDs of the assets to be associated to the project. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/AssetId' + Tags: + description: A list of key-value pairs that contain metadata for the project. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - PortalId + - ProjectName + x-stackql-resource-name: project + x-stackql-primaryIdentifier: + - ProjectId + x-create-only-properties: + - PortalId + x-read-only-properties: + - ProjectId + - ProjectArn + x-required-permissions: + create: + - iotsitewise:CreateProject + - iotsitewise:DescribeProject + - iotsitewise:ListProjectAssets + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iotsitewise:BatchAssociateProjectAssets + read: + - iotsitewise:DescribeProject + - iotsitewise:ListTagsForResource + - iotsitewise:ListProjectAssets + update: + - iotsitewise:DescribeProject + - iotsitewise:UpdateProject + - iotsitewise:BatchAssociateProjectAssets + - iotsitewise:BatchDisAssociateProjectAssets + - iotsitewise:ListProjectAssets + - iotsitewise:TagResource + - iotsitewise:UntagResource + - iotsitewise:ListTagsForResource + delete: + - iotsitewise:DescribeProject + - iotsitewise:DeleteProject + list: + - iotsitewise:ListProjects + AccessPolicyIdentity: + description: The identity for this access policy. Choose either an SSO user or group or an IAM user or role. + type: object + additionalProperties: false + properties: + User: + $ref: '#/components/schemas/User' + IamUser: + $ref: '#/components/schemas/IamUser' + IamRole: + $ref: '#/components/schemas/IamRole' + AccessPolicyResource: + description: The AWS IoT SiteWise Monitor resource for this access policy. Choose either portal or project but not both. + type: object + additionalProperties: false + properties: + Portal: + $ref: '#/components/schemas/Portal' + Project: + $ref: '#/components/schemas/Project' + AccessPolicy: + type: object + properties: + AccessPolicyId: + description: The ID of the access policy. + type: string + AccessPolicyArn: + description: The ARN of the access policy. + type: string + AccessPolicyIdentity: + description: The identity for this access policy. Choose either a user or a group but not both. + $ref: '#/components/schemas/AccessPolicyIdentity' + AccessPolicyPermission: + description: The permission level for this access policy. Valid values are ADMINISTRATOR or VIEWER. + type: string + AccessPolicyResource: + description: The AWS IoT SiteWise Monitor resource for this access policy. Choose either portal or project but not both. + $ref: '#/components/schemas/AccessPolicyResource' + required: + - AccessPolicyIdentity + - AccessPolicyPermission + - AccessPolicyResource + x-stackql-resource-name: access_policy + x-stackql-primaryIdentifier: + - AccessPolicyId + x-read-only-properties: + - AccessPolicyArn + - AccessPolicyId + x-required-permissions: + create: + - iotsitewise:CreateAccessPolicy + read: + - iotsitewise:DescribeAccessPolicy + update: + - iotsitewise:DescribeAccessPolicy + - iotsitewise:UpdateAccessPolicy + delete: + - iotsitewise:DescribeAccessPolicy + - iotsitewise:DeleteAccessPolicy + list: + - iotsitewise:ListAccessPolicies + AssetProperty: + description: The asset property's definition, alias, unit, and notification state. + type: object + additionalProperties: false + required: + - LogicalId + properties: + LogicalId: + description: Customer provided ID for property. + type: string + minLength: 1 + maxLength: 256 + pattern: '[^\u0000-\u001F\u007F]+' + Alias: + description: The property alias that identifies the property. + type: string + NotificationState: + description: The MQTT notification state (ENABLED or DISABLED) for this asset property. + type: string + enum: + - ENABLED + - DISABLED + Unit: + description: The unit of measure (such as Newtons or RPM) of the asset property. If you don't specify a value for this parameter, the service uses the value of the assetModelProperty in the asset model. + type: string + AssetHierarchy: + description: A hierarchy specifies allowed parent/child asset relationships. + type: object + additionalProperties: false + required: + - LogicalId + - ChildAssetId + properties: + LogicalId: + description: The LogicalID of a hierarchy in the parent asset's model. + type: string + minLength: 1 + maxLength: 256 + pattern: '[^\u0000-\u001F\u007F]+' + ChildAssetId: + description: The ID of the child asset to be associated. + type: string + Tag: + description: To add or update tag, provide both key and value. To delete tag, provide only tag key to be deleted + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + required: + - Key + - Value + Asset: + type: object + properties: + AssetId: + description: The ID of the asset + type: string + AssetModelId: + description: The ID of the asset model from which to create the asset. + type: string + AssetArn: + description: The ARN of the asset + type: string + AssetName: + description: A unique, friendly name for the asset. + type: string + AssetDescription: + description: A description for the asset + type: string + AssetProperties: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AssetProperty' + AssetHierarchies: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AssetHierarchy' + Tags: + description: A list of key-value pairs that contain metadata for the asset. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - AssetName + - AssetModelId + x-stackql-resource-name: asset + x-stackql-primaryIdentifier: + - AssetId + x-read-only-properties: + - AssetArn + - AssetId + x-required-permissions: + create: + - iotsitewise:AssociateAssets + - iotsitewise:CreateAsset + - iotsitewise:DescribeAsset + - iotsitewise:DescribeAssetModel + - iotsitewise:ListAssociatedAssets + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iotsitewise:UpdateAssetProperty + read: + - iotsitewise:DescribeAsset + - iotsitewise:DescribeAssetModel + - iotsitewise:ListAssociatedAssets + - iotsitewise:ListTagsForResource + update: + - iotsitewise:AssociateAssets + - iotsitewise:DescribeAsset + - iotsitewise:DescribeAssetModel + - iotsitewise:DisassociateAssets + - iotsitewise:ListAssociatedAssets + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iotsitewise:UpdateAsset + - iotsitewise:UpdateAssetProperty + - iotsitewise:UntagResource + delete: + - iotsitewise:DeleteAsset + - iotsitewise:DescribeAsset + - iotsitewise:DescribeAssetModel + - iotsitewise:DisassociateAssets + - iotsitewise:ListAssociatedAssets + - iotsitewise:ListTagsForResource + list: + - iotsitewise:ListAssetModels + - iotsitewise:ListAssets + AssetModelCompositeModel: + description: Contains a composite model definition in an asset model. This composite model definition is applied to all assets created from the asset model. + type: object + additionalProperties: false + required: + - Name + - Type + properties: + Description: + description: A description for the asset composite model. + type: string + Name: + description: A unique, friendly name for the asset composite model. + type: string + Type: + description: The type of the composite model. For alarm composite models, this type is AWS/ALARM + type: string + CompositeModelProperties: + description: The property definitions of the asset model. You can specify up to 200 properties per asset model. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AssetModelProperty' + AssetModelProperty: + description: Contains information about an asset model property. + type: object + additionalProperties: false + required: + - LogicalId + - Name + - DataType + - Type + properties: + LogicalId: + description: Customer provided ID for property. + type: string + minLength: 1 + maxLength: 256 + pattern: '[^\u0000-\u001F\u007F]+' + Name: + description: The name of the asset model property. + type: string + DataType: + description: The data type of the asset model property. + $ref: '#/components/schemas/DataType' + DataTypeSpec: + description: The data type of the structure for this property. + $ref: '#/components/schemas/DataTypeSpec' + Unit: + description: The unit of the asset model property, such as Newtons or RPM. + type: string + Type: + description: The property type + $ref: '#/components/schemas/PropertyType' + DataType: + type: string + enum: + - STRING + - INTEGER + - DOUBLE + - BOOLEAN + - STRUCT + DataTypeSpec: + type: string + enum: + - AWS/ALARM_STATE + PropertyType: + description: Contains a property type, which can be one of attribute, measurement, metric, or transform. + type: object + additionalProperties: false + required: + - TypeName + properties: + TypeName: + $ref: '#/components/schemas/TypeName' + Attribute: + $ref: '#/components/schemas/Attribute' + Transform: + $ref: '#/components/schemas/Transform' + Metric: + $ref: '#/components/schemas/Metric' + TypeName: + type: string + enum: + - Measurement + - Attribute + - Transform + - Metric + Attribute: + type: object + additionalProperties: false + properties: + DefaultValue: + type: string + Transform: + type: object + additionalProperties: false + properties: + Expression: + description: The mathematical expression that defines the transformation function. You can specify up to 10 functions per expression. + type: string + Variables: + description: The list of variables used in the expression. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ExpressionVariable' + required: + - Expression + - Variables + Metric: + type: object + additionalProperties: false + properties: + Expression: + description: The mathematical expression that defines the metric aggregation function. You can specify up to 10 functions per expression. + type: string + Variables: + description: The list of variables used in the expression. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/ExpressionVariable' + Window: + description: The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression + $ref: '#/components/schemas/MetricWindow' + required: + - Expression + - Variables + - Window + MetricWindow: + description: Contains a time interval window used for data aggregate computations (for example, average, sum, count, and so on). + type: object + additionalProperties: false + properties: + Tumbling: + $ref: '#/components/schemas/TumblingWindow' + TumblingWindow: + description: Contains a tumbling window, which is a repeating fixed-sized, non-overlapping, and contiguous time interval. This window is used in metric and aggregation computations. + type: object + additionalProperties: false + properties: + Interval: + $ref: '#/components/schemas/Interval' + Offset: + $ref: '#/components/schemas/Offset' + required: + - Interval + Interval: + description: The time interval for the tumbling window. + type: string + Offset: + description: The shift or reference point on timeline for the contiguous time intervals. + type: string + ExpressionVariable: + type: object + additionalProperties: false + properties: + Name: + description: The friendly name of the variable to be used in the expression. + type: string + Value: + description: The variable that identifies an asset property from which to use values. + $ref: '#/components/schemas/VariableValue' + required: + - Name + - Value + VariableValue: + type: object + additionalProperties: false + properties: + PropertyLogicalId: + type: string + minLength: 1 + maxLength: 256 + pattern: '[^\u0000-\u001F\u007F]+' + HierarchyLogicalId: + type: string + minLength: 1 + maxLength: 256 + pattern: '[^\u0000-\u001F\u007F]+' + required: + - PropertyLogicalId + AssetModelHierarchy: + description: Contains information about an asset model hierarchy. + type: object + additionalProperties: false + required: + - LogicalId + - Name + - ChildAssetModelId + properties: + LogicalId: + description: Customer provided ID for hierarchy. + type: string + minLength: 1 + maxLength: 256 + pattern: '[^\u0000-\u001F\u007F]+' + Name: + description: The name of the asset model hierarchy. + type: string + ChildAssetModelId: + description: The ID of the asset model. All assets in this hierarchy must be instances of the child AssetModelId asset model. + type: string + AssetModel: + type: object + properties: + AssetModelId: + description: The ID of the asset model. + type: string + AssetModelArn: + description: The ARN of the asset model, which has the following format. + type: string + AssetModelName: + description: A unique, friendly name for the asset model. + type: string + AssetModelDescription: + description: A description for the asset model. + type: string + AssetModelProperties: + description: The property definitions of the asset model. You can specify up to 200 properties per asset model. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AssetModelProperty' + AssetModelCompositeModels: + description: The composite asset models that are part of this asset model. Composite asset models are asset models that contain specific properties. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AssetModelCompositeModel' + AssetModelHierarchies: + description: The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. You can specify up to 10 hierarchies per asset model. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AssetModelHierarchy' + Tags: + description: A list of key-value pairs that contain metadata for the asset model. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - AssetModelName + x-stackql-resource-name: asset_model + x-stackql-primaryIdentifier: + - AssetModelId + x-read-only-properties: + - AssetModelArn + - AssetModelId + x-required-permissions: + create: + - iotsitewise:CreateAssetModel + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iotsitewise:DescribeAssetModel + read: + - iotsitewise:DescribeAssetModel + - iotsitewise:ListTagsForResource + update: + - iotsitewise:DescribeAssetModel + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iotsitewise:UntagResource + - iotsitewise:UpdateAssetModel + delete: + - iotsitewise:DescribeAssetModel + - iotsitewise:DeleteAssetModel + list: + - iotsitewise:DescribeAssetModel + - iotsitewise:ListAssetModels + - iotsitewise:ListTagsForResource + Dashboard: + type: object + properties: + ProjectId: + description: The ID of the project in which to create the dashboard. + type: string + DashboardId: + description: The ID of the dashboard. + type: string + DashboardName: + description: A friendly name for the dashboard. + type: string + DashboardDescription: + description: A description for the dashboard. + type: string + DashboardDefinition: + description: The dashboard definition specified in a JSON literal. + type: string + DashboardArn: + description: The ARN of the dashboard. + type: string + Tags: + description: A list of key-value pairs that contain metadata for the dashboard. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DashboardDefinition + - DashboardDescription + - DashboardName + x-stackql-resource-name: dashboard + x-stackql-primaryIdentifier: + - DashboardId + x-create-only-properties: + - ProjectId + x-read-only-properties: + - DashboardArn + - DashboardId + x-required-permissions: + create: + - iotsitewise:CreateDashboard + - iotsitewise:DescribeDashboard + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iotsitewise:DescribeAsset + - iotsitewise:DescribeAssetModel + read: + - iotsitewise:DescribeDashboard + - iotsitewise:ListTagsForResource + update: + - iotsitewise:DescribeDashboard + - iotsitewise:UpdateDashboard + - iotsitewise:TagResource + - iotsitewise:UntagResource + - iotsitewise:ListTagsForResource + - iotsitewise:DescribeAsset + - iotsitewise:DescribeAssetModel + delete: + - iotsitewise:DescribeDashboard + - iotsitewise:DeleteDashboard + list: + - iotsitewise:ListDashboards + GatewayPlatform: + description: Contains a gateway's platform information. + type: object + additionalProperties: false + properties: + Greengrass: + description: A gateway that runs on AWS IoT Greengrass V1. + $ref: '#/components/schemas/Greengrass' + GreengrassV2: + description: A gateway that runs on AWS IoT Greengrass V2. + $ref: '#/components/schemas/GreengrassV2' + oneOf: + - required: + - Greengrass + - required: + - GreengrassV2 + Greengrass: + description: Contains the ARN of AWS IoT Greengrass Group V1 that the gateway runs on. + type: object + additionalProperties: false + properties: + GroupArn: + description: The ARN of the Greengrass group. + type: string + required: + - GroupArn + GreengrassV2: + description: Contains the CoreDeviceThingName of AWS IoT Greengrass Group V2 that the gateway runs on. + type: object + additionalProperties: false + properties: + CoreDeviceThingName: + description: The name of the CoreDevice in GreenGrass V2. + type: string + required: + - CoreDeviceThingName + CapabilityNamespace: + description: The namespace of the capability configuration. + type: string + CapabilityConfiguration: + description: The JSON document that defines the gateway capability's configuration. + type: string + GatewayCapabilitySummary: + description: Contains a summary of a gateway capability configuration. + type: object + additionalProperties: false + properties: + CapabilityNamespace: + $ref: '#/components/schemas/CapabilityNamespace' + CapabilityConfiguration: + $ref: '#/components/schemas/CapabilityConfiguration' + required: + - CapabilityNamespace + Gateway: + type: object + properties: + GatewayName: + description: A unique, friendly name for the gateway. + type: string + GatewayPlatform: + description: The gateway's platform. You can only specify one platform in a gateway. + $ref: '#/components/schemas/GatewayPlatform' + Tags: + description: A list of key-value pairs that contain metadata for the gateway. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + GatewayId: + description: The ID of the gateway device. + type: string + GatewayCapabilitySummaries: + description: A list of gateway capability summaries that each contain a namespace and status. + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/GatewayCapabilitySummary' + required: + - GatewayName + - GatewayPlatform + x-stackql-resource-name: gateway + x-stackql-primaryIdentifier: + - GatewayId + x-create-only-properties: + - GatewayPlatform + x-read-only-properties: + - GatewayId + x-required-permissions: + create: + - iotsitewise:CreateGateway + - iotsitewise:DescribeGateway + - iotsitewise:DescribeGatewayCapabilityConfiguration + - iotsitewise:UpdateGatewayCapabilityConfiguration + - iam:PassRole + - iam:GetRole + - greengrass:GetCoreDevice + - iotsitewise:ListTagsForResource + - iotsitewise:TagResource + - iot:DescribeThing + read: + - iotsitewise:DescribeGateway + - iotsitewise:DescribeGatewayCapabilityConfiguration + - iotsitewise:ListTagsForResource + update: + - iotsitewise:UpdateGateway + - iotsitewise:UpdateGatewayCapabilityConfiguration + - iotsitewise:TagResource + - iotsitewise:UntagResource + - iotsitewise:DescribeGateway + - iotsitewise:DescribeGatewayCapabilityConfiguration + - iotsitewise:ListTagsForResource + delete: + - iotsitewise:DescribeGateway + - iotsitewise:DescribeGatewayCapabilityConfiguration + - iotsitewise:DeleteGateway + list: + - iotsitewise:ListGateways + AssetId: + description: The ID of the asset + type: string + x-stackQL-resources: + portals: + name: portals + id: awscc.iotsitewise.portals + x-cfn-schema-name: Portal + x-type: list + x-identifiers: + - PortalId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PortalId') as portal_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Portal' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PortalId') as portal_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Portal' + AND region = 'us-east-1' + portal: + name: portal + id: awscc.iotsitewise.portal + x-cfn-schema-name: Portal + x-type: get + x-identifiers: + - PortalId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PortalAuthMode') as portal_auth_mode, + JSON_EXTRACT(Properties, '$.PortalArn') as portal_arn, + JSON_EXTRACT(Properties, '$.PortalClientId') as portal_client_id, + JSON_EXTRACT(Properties, '$.PortalContactEmail') as portal_contact_email, + JSON_EXTRACT(Properties, '$.PortalDescription') as portal_description, + JSON_EXTRACT(Properties, '$.PortalId') as portal_id, + JSON_EXTRACT(Properties, '$.PortalName') as portal_name, + JSON_EXTRACT(Properties, '$.PortalStartUrl') as portal_start_url, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.NotificationSenderEmail') as notification_sender_email, + JSON_EXTRACT(Properties, '$.Alarms') as alarms, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Portal' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PortalAuthMode') as portal_auth_mode, + json_extract_path_text(Properties, 'PortalArn') as portal_arn, + json_extract_path_text(Properties, 'PortalClientId') as portal_client_id, + json_extract_path_text(Properties, 'PortalContactEmail') as portal_contact_email, + json_extract_path_text(Properties, 'PortalDescription') as portal_description, + json_extract_path_text(Properties, 'PortalId') as portal_id, + json_extract_path_text(Properties, 'PortalName') as portal_name, + json_extract_path_text(Properties, 'PortalStartUrl') as portal_start_url, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'NotificationSenderEmail') as notification_sender_email, + json_extract_path_text(Properties, 'Alarms') as alarms, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Portal' + AND data__Identifier = '' + AND region = 'us-east-1' + projects: + name: projects + id: awscc.iotsitewise.projects + x-cfn-schema-name: Project + x-type: list + x-identifiers: + - ProjectId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Project' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProjectId') as project_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Project' + AND region = 'us-east-1' + project: + name: project + id: awscc.iotsitewise.project + x-cfn-schema-name: Project + x-type: get + x-identifiers: + - ProjectId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PortalId') as portal_id, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id, + JSON_EXTRACT(Properties, '$.ProjectName') as project_name, + JSON_EXTRACT(Properties, '$.ProjectDescription') as project_description, + JSON_EXTRACT(Properties, '$.ProjectArn') as project_arn, + JSON_EXTRACT(Properties, '$.AssetIds') as asset_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PortalId') as portal_id, + json_extract_path_text(Properties, 'ProjectId') as project_id, + json_extract_path_text(Properties, 'ProjectName') as project_name, + json_extract_path_text(Properties, 'ProjectDescription') as project_description, + json_extract_path_text(Properties, 'ProjectArn') as project_arn, + json_extract_path_text(Properties, 'AssetIds') as asset_ids, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + access_policies: + name: access_policies + id: awscc.iotsitewise.access_policies + x-cfn-schema-name: AccessPolicy + x-type: list + x-identifiers: + - AccessPolicyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessPolicyId') as access_policy_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::AccessPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessPolicyId') as access_policy_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::AccessPolicy' + AND region = 'us-east-1' + access_policy: + name: access_policy + id: awscc.iotsitewise.access_policy + x-cfn-schema-name: AccessPolicy + x-type: get + x-identifiers: + - AccessPolicyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessPolicyId') as access_policy_id, + JSON_EXTRACT(Properties, '$.AccessPolicyArn') as access_policy_arn, + JSON_EXTRACT(Properties, '$.AccessPolicyIdentity') as access_policy_identity, + JSON_EXTRACT(Properties, '$.AccessPolicyPermission') as access_policy_permission, + JSON_EXTRACT(Properties, '$.AccessPolicyResource') as access_policy_resource + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::AccessPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessPolicyId') as access_policy_id, + json_extract_path_text(Properties, 'AccessPolicyArn') as access_policy_arn, + json_extract_path_text(Properties, 'AccessPolicyIdentity') as access_policy_identity, + json_extract_path_text(Properties, 'AccessPolicyPermission') as access_policy_permission, + json_extract_path_text(Properties, 'AccessPolicyResource') as access_policy_resource + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::AccessPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + assets: + name: assets + id: awscc.iotsitewise.assets + x-cfn-schema-name: Asset + x-type: list + x-identifiers: + - AssetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssetId') as asset_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Asset' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssetId') as asset_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Asset' + AND region = 'us-east-1' + asset: + name: asset + id: awscc.iotsitewise.asset + x-cfn-schema-name: Asset + x-type: get + x-identifiers: + - AssetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssetId') as asset_id, + JSON_EXTRACT(Properties, '$.AssetModelId') as asset_model_id, + JSON_EXTRACT(Properties, '$.AssetArn') as asset_arn, + JSON_EXTRACT(Properties, '$.AssetName') as asset_name, + JSON_EXTRACT(Properties, '$.AssetDescription') as asset_description, + JSON_EXTRACT(Properties, '$.AssetProperties') as asset_properties, + JSON_EXTRACT(Properties, '$.AssetHierarchies') as asset_hierarchies, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Asset' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssetId') as asset_id, + json_extract_path_text(Properties, 'AssetModelId') as asset_model_id, + json_extract_path_text(Properties, 'AssetArn') as asset_arn, + json_extract_path_text(Properties, 'AssetName') as asset_name, + json_extract_path_text(Properties, 'AssetDescription') as asset_description, + json_extract_path_text(Properties, 'AssetProperties') as asset_properties, + json_extract_path_text(Properties, 'AssetHierarchies') as asset_hierarchies, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Asset' + AND data__Identifier = '' + AND region = 'us-east-1' + asset_models: + name: asset_models + id: awscc.iotsitewise.asset_models + x-cfn-schema-name: AssetModel + x-type: list + x-identifiers: + - AssetModelId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssetModelId') as asset_model_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::AssetModel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssetModelId') as asset_model_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::AssetModel' + AND region = 'us-east-1' + asset_model: + name: asset_model + id: awscc.iotsitewise.asset_model + x-cfn-schema-name: AssetModel + x-type: get + x-identifiers: + - AssetModelId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssetModelId') as asset_model_id, + JSON_EXTRACT(Properties, '$.AssetModelArn') as asset_model_arn, + JSON_EXTRACT(Properties, '$.AssetModelName') as asset_model_name, + JSON_EXTRACT(Properties, '$.AssetModelDescription') as asset_model_description, + JSON_EXTRACT(Properties, '$.AssetModelProperties') as asset_model_properties, + JSON_EXTRACT(Properties, '$.AssetModelCompositeModels') as asset_model_composite_models, + JSON_EXTRACT(Properties, '$.AssetModelHierarchies') as asset_model_hierarchies, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::AssetModel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssetModelId') as asset_model_id, + json_extract_path_text(Properties, 'AssetModelArn') as asset_model_arn, + json_extract_path_text(Properties, 'AssetModelName') as asset_model_name, + json_extract_path_text(Properties, 'AssetModelDescription') as asset_model_description, + json_extract_path_text(Properties, 'AssetModelProperties') as asset_model_properties, + json_extract_path_text(Properties, 'AssetModelCompositeModels') as asset_model_composite_models, + json_extract_path_text(Properties, 'AssetModelHierarchies') as asset_model_hierarchies, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::AssetModel' + AND data__Identifier = '' + AND region = 'us-east-1' + dashboards: + name: dashboards + id: awscc.iotsitewise.dashboards + x-cfn-schema-name: Dashboard + x-type: list + x-identifiers: + - DashboardId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DashboardId') as dashboard_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Dashboard' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DashboardId') as dashboard_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Dashboard' + AND region = 'us-east-1' + dashboard: + name: dashboard + id: awscc.iotsitewise.dashboard + x-cfn-schema-name: Dashboard + x-type: get + x-identifiers: + - DashboardId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id, + JSON_EXTRACT(Properties, '$.DashboardId') as dashboard_id, + JSON_EXTRACT(Properties, '$.DashboardName') as dashboard_name, + JSON_EXTRACT(Properties, '$.DashboardDescription') as dashboard_description, + JSON_EXTRACT(Properties, '$.DashboardDefinition') as dashboard_definition, + JSON_EXTRACT(Properties, '$.DashboardArn') as dashboard_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Dashboard' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProjectId') as project_id, + json_extract_path_text(Properties, 'DashboardId') as dashboard_id, + json_extract_path_text(Properties, 'DashboardName') as dashboard_name, + json_extract_path_text(Properties, 'DashboardDescription') as dashboard_description, + json_extract_path_text(Properties, 'DashboardDefinition') as dashboard_definition, + json_extract_path_text(Properties, 'DashboardArn') as dashboard_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Dashboard' + AND data__Identifier = '' + AND region = 'us-east-1' + gateways: + name: gateways + id: awscc.iotsitewise.gateways + x-cfn-schema-name: Gateway + x-type: list + x-identifiers: + - GatewayId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GatewayId') as gateway_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Gateway' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GatewayId') as gateway_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTSiteWise::Gateway' + AND region = 'us-east-1' + gateway: + name: gateway + id: awscc.iotsitewise.gateway + x-cfn-schema-name: Gateway + x-type: get + x-identifiers: + - GatewayId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GatewayName') as gateway_name, + JSON_EXTRACT(Properties, '$.GatewayPlatform') as gateway_platform, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.GatewayId') as gateway_id, + JSON_EXTRACT(Properties, '$.GatewayCapabilitySummaries') as gateway_capability_summaries + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Gateway' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GatewayName') as gateway_name, + json_extract_path_text(Properties, 'GatewayPlatform') as gateway_platform, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'GatewayId') as gateway_id, + json_extract_path_text(Properties, 'GatewayCapabilitySummaries') as gateway_capability_summaries + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTSiteWise::Gateway' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iottwinmaker.yaml b/providers/src/awscc/v00.00.00000/services/iottwinmaker.yaml new file mode 100644 index 00000000..0e587b94 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iottwinmaker.yaml @@ -0,0 +1,1345 @@ +openapi: 3.0.0 +info: + title: IoTTwinMaker + version: 1.0.0 +paths: {} +components: + schemas: + DateTimeFormat: + type: string + format: date-time + ParentComponentType: + type: string + pattern: '[a-zA-Z_\.\-0-9:]+' + PropertyName: + type: string + pattern: '[a-zA-Z_\-0-9]+' + RequiredProperty: + type: string + pattern: '[a-zA-Z_\-0-9]+' + LambdaFunction: + type: object + properties: + Arn: + type: string + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):lambda:[a-z0-9-]+:[0-9]{12}:function:[\/a-zA-Z0-9_-]+ + minLength: 1 + maxLength: 128 + additionalProperties: false + required: + - Arn + DataConnector: + description: The data connector. + type: object + properties: + IsNative: + description: A Boolean value that specifies whether the data connector is native to IoT TwinMaker. + type: boolean + Lambda: + description: The Lambda function associated with this data connector. + $ref: '#/components/schemas/LambdaFunction' + additionalProperties: false + Function: + description: The function of component type. + type: object + properties: + ImplementedBy: + description: The data connector. + $ref: '#/components/schemas/DataConnector' + RequiredProperties: + description: The required properties of the function. + type: array + minItems: 1 + maxItems: 256 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/RequiredProperty' + Scope: + description: The scope of the function. + type: string + enum: + - ENTITY + - WORKSPACE + additionalProperties: false + DataValue: + description: An object that specifies a value for a property. + type: object + properties: + BooleanValue: + description: A Boolean value. + type: boolean + DoubleValue: + description: A double value. + type: number + Expression: + description: An expression that produces the value. + type: string + pattern: (^\$\{Parameters\.[a-zA-z]+([a-zA-z_0-9]*)}$) + minLength: 1 + maxLength: 316 + IntegerValue: + description: An integer value. + type: integer + ListValue: + description: A list of multiple values. + type: array + minItems: 0 + maxItems: 50 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/DataValue' + LongValue: + description: A long value. + type: number + StringValue: + description: A string value. + type: string + pattern: .* + minLength: 1 + maxLength: 256 + MapValue: + description: An object that maps strings to multiple DataValue objects. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/DataValue' + additionalProperties: false + RelationshipValue: + description: A value that relates a component to another component. + type: object + properties: + TargetComponentName: + type: string + pattern: '[a-zA-Z_\-0-9]+' + minLength: 1 + maxLength: 256 + TargetEntityId: + type: string + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|^[a-zA-Z0-9][a-zA-Z_\-0-9.:]*[a-zA-Z0-9]+' + minLength: 1 + maxLength: 128 + additionalProperties: false + additionalProperties: false + Relationship: + description: The type of the relationship. + type: object + properties: + RelationshipType: + description: The type of the relationship. + type: string + pattern: .* + minLength: 1 + maxLength: 256 + TargetComponentTypeId: + description: The ID of the target component type associated with this relationship. + type: string + pattern: '[a-zA-Z_\.\-0-9:]+' + minLength: 1 + maxLength: 256 + additionalProperties: false + DataType: + description: An object that specifies the data type of a property. + type: object + properties: + AllowedValues: + description: The allowed values for this data type. + type: array + minItems: 0 + maxItems: 50 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/DataValue' + NestedType: + description: The nested type in the data type. + $ref: '#/components/schemas/DataType' + Relationship: + description: A relationship that associates a component with another component. + $ref: '#/components/schemas/Relationship' + Type: + description: The underlying type of the data type. + type: string + enum: + - RELATIONSHIP + - STRING + - LONG + - BOOLEAN + - INTEGER + - DOUBLE + - LIST + - MAP + UnitOfMeasure: + description: The unit of measure used in this data type. + type: string + pattern: .* + minLength: 1 + maxLength: 256 + additionalProperties: false + PropertyDefinition: + description: An object that sets information about a property. + type: object + properties: + Configurations: + description: An object that specifies information about a property. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + type: string + pattern: '[a-zA-Z_\-0-9]+' + minLength: 1 + maxLength: 256 + additionalProperties: false + DataType: + description: An object that contains information about the data type. + $ref: '#/components/schemas/DataType' + DefaultValue: + description: An object that contains the default value. + $ref: '#/components/schemas/DataValue' + IsExternalId: + description: A Boolean value that specifies whether the property ID comes from an external data store. + type: boolean + IsRequiredInEntity: + description: A Boolean value that specifies whether the property is required. + type: boolean + IsStoredExternally: + description: A Boolean value that specifies whether the property is stored externally. + type: boolean + IsTimeSeries: + description: A Boolean value that specifies whether the property consists of time series data. + type: boolean + additionalProperties: false + PropertyGroup: + description: An object that specifies information about a property group. + type: object + properties: + GroupType: + description: The type of property group. + type: string + enum: + - TABULAR + PropertyNames: + description: The list of property names in the property group. + type: array + minItems: 1 + maxItems: 256 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/PropertyName' + additionalProperties: false + CompositeComponentType: + description: An object that sets information about a composite component type. + type: object + properties: + ComponentTypeId: + description: The id of the composite component type. + type: string + pattern: '[a-zA-Z_\.\-0-9:]+' + minLength: 1 + maxLength: 256 + additionalProperties: false + Status: + type: object + properties: + State: + type: string + enum: + - CREATING + - UPDATING + - DELETING + - ACTIVE + - ERROR + Error: + type: object + anyOf: + - description: Empty Error object. + type: object + additionalProperties: false + - description: Error object with Message and Code. + type: object + properties: + Message: + type: string + minLength: 0 + maxLength: 2048 + Code: + type: string + enum: + - VALIDATION_ERROR + - INTERNAL_FAILURE + additionalProperties: false + additionalProperties: false + ComponentType: + type: object + properties: + WorkspaceId: + description: The ID of the workspace that contains the component type. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z_0-9][a-zA-Z_\-0-9]*[a-zA-Z0-9]+' + ComponentTypeId: + description: The ID of the component type. + type: string + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z_\.\-0-9:]+' + Description: + description: The description of the component type. + type: string + minLength: 0 + maxLength: 512 + ExtendsFrom: + description: Specifies the parent component type to extend. + type: array + minItems: 1 + maxItems: 256 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/ParentComponentType' + Functions: + description: a Map of functions in the component type. Each function's key must be unique to this map. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/Function' + IsSingleton: + description: A Boolean value that specifies whether an entity can have more than one component of this type. + type: boolean + PropertyDefinitions: + description: An map of the property definitions in the component type. Each property definition's key must be unique to this map. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/PropertyDefinition' + additionalProperties: false + PropertyGroups: + description: An map of the property groups in the component type. Each property group's key must be unique to this map. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/PropertyGroup' + additionalProperties: false + CompositeComponentTypes: + description: An map of the composite component types in the component type. Each composite component type's key must be unique to this map. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/CompositeComponentType' + additionalProperties: false + Arn: + description: The ARN of the component type. + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):iottwinmaker:[a-z0-9-]+:[0-9]{12}:[\/a-zA-Z0-9_\-\.:]+ + CreationDateTime: + description: The date and time when the component type was created. + $ref: '#/components/schemas/DateTimeFormat' + UpdateDateTime: + description: The last date and time when the component type was updated. + $ref: '#/components/schemas/DateTimeFormat' + Status: + description: The current status of the component type. + $ref: '#/components/schemas/Status' + IsAbstract: + description: A Boolean value that specifies whether the component type is abstract. + type: boolean + IsSchemaInitialized: + description: A Boolean value that specifies whether the component type has a schema initializer and that the schema initializer has run. + type: boolean + Tags: + type: object + description: A map of key-value pairs to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + minLength: 1 + maxLength: 256 + maxProperties: 50 + additionalProperties: false + required: + - WorkspaceId + - ComponentTypeId + x-stackql-resource-name: component_type + x-stackql-primaryIdentifier: + - WorkspaceId + - ComponentTypeId + x-create-only-properties: + - WorkspaceId + - ComponentTypeId + x-read-only-properties: + - Arn + - CreationDateTime + - UpdateDateTime + - Status + - IsAbstract + - IsSchemaInitialized + x-required-permissions: + create: + - iottwinmaker:CreateComponentType + - iottwinmaker:GetComponentType + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + read: + - iottwinmaker:GetComponentType + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + update: + - iottwinmaker:GetComponentType + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + - iottwinmaker:UntagResource + - iottwinmaker:UpdateComponentType + delete: + - iottwinmaker:DeleteComponentType + - iottwinmaker:GetComponentType + - iottwinmaker:GetWorkspace + list: + - iottwinmaker:GetComponentType + - iottwinmaker:GetWorkspace + - iottwinmaker:ListComponentTypes + - iottwinmaker:ListTagsForResource + PropertyDefinitionConfiguration: + description: An object that specifies information about a property configuration. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + type: string + pattern: '[a-zA-Z_\-0-9]+' + minLength: 1 + maxLength: 256 + additionalProperties: false + Definition: + description: An object that specifies information about a property definition. + type: object + properties: + Configuration: + description: An object that specifies information about a property configuration. + $ref: '#/components/schemas/PropertyDefinitionConfiguration' + DataType: + description: An object that contains information about the data type. + $ref: '#/components/schemas/DataType' + DefaultValue: + description: An object that contains the default value. + $ref: '#/components/schemas/DataValue' + IsExternalId: + description: A Boolean value that specifies whether the property ID comes from an external data store. + type: boolean + IsFinal: + description: A Boolean value that specifies whether the property definition can be updated. + type: boolean + IsImported: + description: A Boolean value that specifies whether the property definition is imported from an external data store. + type: boolean + IsInherited: + description: A Boolean value that specifies whether the property definition is inherited from a parent entity. + type: boolean + IsRequiredInEntity: + description: A Boolean value that specifies whether the property is required. + type: boolean + IsStoredExternally: + description: A Boolean value that specifies whether the property is stored externally. + type: boolean + IsTimeSeries: + description: A Boolean value that specifies whether the property consists of time series data. + type: boolean + additionalProperties: false + Property: + description: An object that specifies information about a property. + type: object + properties: + Definition: + description: The definition of the property. + $ref: '#/components/schemas/Definition' + Value: + description: The value of the property. + $ref: '#/components/schemas/DataValue' + additionalProperties: false + Component: + type: object + properties: + ComponentName: + description: The name of the component. + type: string + pattern: '[a-zA-Z_\-0-9]+' + minLength: 1 + maxLength: 256 + ComponentTypeId: + description: The ID of the component type. + type: string + pattern: '[a-zA-Z_\-0-9]+' + minLength: 1 + maxLength: 256 + Description: + description: The description of the component. + type: string + minLength: 0 + maxLength: 512 + DefinedIn: + description: The name of the property definition set in the component. + type: string + minLength: 1 + maxLength: 256 + Properties: + description: An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/Property' + additionalProperties: false + PropertyGroups: + description: An object that maps strings to the property groups to set in the component type. Each string in the mapping must be unique to this object. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/PropertyGroup' + additionalProperties: false + Status: + description: The current status of the entity. + $ref: '#/components/schemas/Status' + additionalProperties: false + CompositeComponent: + type: object + properties: + ComponentName: + description: The name of the component. + type: string + pattern: '[a-zA-Z_\-0-9]+' + minLength: 1 + maxLength: 256 + ComponentPath: + description: The path of the component. + type: string + pattern: '[a-zA-Z_\-0-9/]+' + minLength: 1 + maxLength: 256 + ComponentTypeId: + description: The ID of the component type. + type: string + pattern: '[a-zA-Z_\-0-9]+' + minLength: 1 + maxLength: 256 + Description: + description: The description of the component. + type: string + minLength: 0 + maxLength: 512 + Properties: + description: An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/Property' + additionalProperties: false + PropertyGroups: + description: An object that maps strings to the property groups to set in the component type. Each string in the mapping must be unique to this object. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/PropertyGroup' + additionalProperties: false + Status: + description: The current status of the component. + $ref: '#/components/schemas/Status' + additionalProperties: false + Entity: + type: object + properties: + EntityId: + description: The ID of the entity. + type: string + minLength: 1 + maxLength: 128 + pattern: '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|^[a-zA-Z0-9][a-zA-Z_\-0-9.:]*[a-zA-Z0-9]+' + EntityName: + description: The name of the entity. + type: string + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z_0-9-.][a-zA-Z_0-9-. ]*[a-zA-Z0-9]+' + Status: + description: The current status of the entity. + $ref: '#/components/schemas/Status' + HasChildEntities: + description: A Boolean value that specifies whether the entity has child entities or not. + type: boolean + ParentEntityId: + description: The ID of the parent entity. + type: string + minLength: 1 + maxLength: 128 + pattern: \$ROOT|^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|^[a-zA-Z0-9][a-zA-Z_\-0-9.:]*[a-zA-Z0-9]+ + Arn: + description: The ARN of the entity. + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):iottwinmaker:[a-z0-9-]+:[0-9]{12}:[\/a-zA-Z0-9_\-\.:]+ + Description: + description: The description of the entity. + type: string + minLength: 0 + maxLength: 512 + CreationDateTime: + description: The date and time when the entity was created. + $ref: '#/components/schemas/DateTimeFormat' + UpdateDateTime: + description: The last date and time when the entity was updated. + $ref: '#/components/schemas/DateTimeFormat' + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + minLength: 1 + maxLength: 256 + additionalProperties: false + WorkspaceId: + description: The ID of the workspace. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z_0-9][a-zA-Z_\-0-9]*[a-zA-Z0-9]+' + Components: + description: A map that sets information about a component type. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + $ref: '#/components/schemas/Component' + additionalProperties: false + CompositeComponents: + description: A map that sets information about a composite component. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9/]+': + $ref: '#/components/schemas/CompositeComponent' + additionalProperties: false + required: + - WorkspaceId + - EntityName + x-stackql-resource-name: entity + x-stackql-primaryIdentifier: + - WorkspaceId + - EntityId + x-create-only-properties: + - WorkspaceId + - EntityId + x-read-only-properties: + - Arn + - CreationDateTime + - UpdateDateTime + - Status + - HasChildEntities + x-required-permissions: + create: + - iottwinmaker:GetWorkspace + - iottwinmaker:CreateEntity + - iottwinmaker:GetEntity + - iottwinmaker:ListComponents + - iottwinmaker:ListProperties + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + read: + - iottwinmaker:GetComponentType + - iottwinmaker:GetEntity + - iottwinmaker:ListComponents + - iottwinmaker:ListProperties + - iottwinmaker:GetWorkspace + - iottwinmaker:ListEntities + - iottwinmaker:ListTagsForResource + update: + - iottwinmaker:GetComponentType + - iottwinmaker:GetEntity + - iottwinmaker:ListComponents + - iottwinmaker:ListProperties + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + - iottwinmaker:UntagResource + - iottwinmaker:UpdateEntity + - iottwinmaker:UpdateComponentType + delete: + - iottwinmaker:GetEntity + - iottwinmaker:GetWorkspace + - iottwinmaker:DeleteEntity + list: + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:GetEntity + - iottwinmaker:ListEntities + Scene: + type: object + properties: + SceneId: + description: The ID of the scene. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z_0-9][a-zA-Z_\-0-9]*[a-zA-Z0-9]+' + Arn: + description: The ARN of the scene. + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):iottwinmaker:[a-z0-9-]+:[0-9]{12}:[\/a-zA-Z0-9_\-\.:]+ + Description: + description: The description of the scene. + type: string + minLength: 0 + maxLength: 512 + ContentLocation: + description: The relative path that specifies the location of the content definition file. + type: string + minLength: 0 + maxLength: 256 + pattern: '[sS]3://[A-Za-z0-9._/-]+' + CreationDateTime: + description: The date and time when the scene was created. + $ref: '#/components/schemas/DateTimeFormat' + UpdateDateTime: + description: The date and time of the current update. + $ref: '#/components/schemas/DateTimeFormat' + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + minLength: 1 + maxLength: 256 + additionalProperties: false + WorkspaceId: + description: The ID of the scene. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z_0-9][a-zA-Z_\-0-9]*[a-zA-Z0-9]+' + Capabilities: + description: A list of capabilities that the scene uses to render. + type: array + minItems: 0 + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + type: string + minLength: 0 + maxLength: 256 + pattern: .* + SceneMetadata: + description: A key-value pair of scene metadata for the scene. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + type: string + minLength: 0 + maxLength: 2048 + minLength: 0 + maxLength: 50 + additionalProperties: false + GeneratedSceneMetadata: + description: A key-value pair of generated scene metadata for the scene. + type: object + x-patternProperties: + '[a-zA-Z_\-0-9]+': + type: string + minLength: 0 + maxLength: 2048 + minLength: 0 + maxLength: 50 + additionalProperties: false + required: + - WorkspaceId + - SceneId + - ContentLocation + x-stackql-resource-name: scene + x-stackql-primaryIdentifier: + - WorkspaceId + - SceneId + x-create-only-properties: + - SceneId + - WorkspaceId + x-read-only-properties: + - Arn + - CreationDateTime + - UpdateDateTime + - GeneratedSceneMetadata + x-required-permissions: + create: + - iottwinmaker:CreateScene + - iottwinmaker:GetScene + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + read: + - iottwinmaker:GetWorkspace + - iottwinmaker:GetScene + - iottwinmaker:ListTagsForResource + update: + - iottwinmaker:GetScene + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + - iottwinmaker:UntagResource + - iottwinmaker:UpdateScene + delete: + - iottwinmaker:DeleteScene + - iottwinmaker:GetScene + - iottwinmaker:GetWorkspace + list: + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:ListScenes + SyncJob: + type: object + properties: + WorkspaceId: + description: The ID of the workspace. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z_0-9][a-zA-Z_\-0-9]*[a-zA-Z0-9]+' + SyncSource: + description: The source of the SyncJob. + type: string + minLength: 1 + maxLength: 128 + SyncRole: + description: The IAM Role that execute SyncJob. + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):iam::[0-9]{12}:role/.* + CreationDateTime: + description: The date and time when the sync job was created. + $ref: '#/components/schemas/DateTimeFormat' + UpdateDateTime: + description: The date and time when the sync job was updated. + $ref: '#/components/schemas/DateTimeFormat' + Arn: + description: The ARN of the SyncJob. + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):iottwinmaker:[a-z0-9-]+:[0-9]{12}:[\/a-zA-Z0-9_\-\.:]+ + State: + description: The state of SyncJob. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z_\-0-9]+' + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + minLength: 1 + maxLength: 256 + additionalProperties: false + required: + - WorkspaceId + - SyncSource + - SyncRole + x-stackql-resource-name: sync_job + x-stackql-primaryIdentifier: + - WorkspaceId + - SyncSource + x-create-only-properties: + - WorkspaceId + - SyncSource + - SyncRole + - Tags + x-read-only-properties: + - Arn + - CreationDateTime + - UpdateDateTime + - State + x-required-permissions: + create: + - iam:PassRole + - iottwinmaker:CreateSyncJob + - iottwinmaker:GetSyncJob + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + read: + - iottwinmaker:GetSyncJob + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + delete: + - iottwinmaker:DeleteSyncJob + - iottwinmaker:GetSyncJob + - iottwinmaker:GetWorkspace + list: + - iottwinmaker:GetWorkspace + - iottwinmaker:ListSyncJobs + - iottwinmaker:ListTagsForResource + Workspace: + type: object + properties: + WorkspaceId: + description: The ID of the workspace. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z_0-9][a-zA-Z_\-0-9]*[a-zA-Z0-9]+' + Arn: + description: The ARN of the workspace. + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):iottwinmaker:[a-z0-9-]+:[0-9]{12}:[\/a-zA-Z0-9_\-\.:]+ + Description: + description: The description of the workspace. + type: string + minLength: 0 + maxLength: 512 + Role: + description: The ARN of the execution role associated with the workspace. + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:((aws)|(aws-cn)|(aws-us-gov)):iam::[0-9]{12}:role/.* + S3Location: + description: The ARN of the S3 bucket where resources associated with the workspace are stored. + type: string + CreationDateTime: + description: The date and time when the workspace was created. + $ref: '#/components/schemas/DateTimeFormat' + UpdateDateTime: + description: The date and time of the current update. + $ref: '#/components/schemas/DateTimeFormat' + Tags: + type: object + description: A map of key-value pairs to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + minLength: 1 + maxLength: 256 + maxProperties: 50 + additionalProperties: false + required: + - WorkspaceId + - Role + - S3Location + x-stackql-resource-name: workspace + x-stackql-primaryIdentifier: + - WorkspaceId + x-create-only-properties: + - WorkspaceId + x-read-only-properties: + - Arn + - CreationDateTime + - UpdateDateTime + x-required-permissions: + create: + - iam:PassRole + - iottwinmaker:CreateWorkspace + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + read: + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + update: + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:TagResource + - iottwinmaker:UntagResource + - iottwinmaker:UpdateWorkspace + delete: + - iottwinmaker:DeleteWorkspace + - iottwinmaker:GetWorkspace + list: + - iottwinmaker:GetWorkspace + - iottwinmaker:ListTagsForResource + - iottwinmaker:ListWorkspaces + x-stackQL-resources: + component_types: + name: component_types + id: awscc.iottwinmaker.component_types + x-cfn-schema-name: ComponentType + x-type: list + x-identifiers: + - WorkspaceId + - ComponentTypeId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.ComponentTypeId') as component_type_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::ComponentType' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'ComponentTypeId') as component_type_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::ComponentType' + AND region = 'us-east-1' + component_type: + name: component_type + id: awscc.iottwinmaker.component_type + x-cfn-schema-name: ComponentType + x-type: get + x-identifiers: + - WorkspaceId + - ComponentTypeId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.ComponentTypeId') as component_type_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ExtendsFrom') as extends_from, + JSON_EXTRACT(Properties, '$.Functions') as functions, + JSON_EXTRACT(Properties, '$.IsSingleton') as is_singleton, + JSON_EXTRACT(Properties, '$.PropertyDefinitions') as property_definitions, + JSON_EXTRACT(Properties, '$.PropertyGroups') as property_groups, + JSON_EXTRACT(Properties, '$.CompositeComponentTypes') as composite_component_types, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationDateTime') as creation_date_time, + JSON_EXTRACT(Properties, '$.UpdateDateTime') as update_date_time, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.IsAbstract') as is_abstract, + JSON_EXTRACT(Properties, '$.IsSchemaInitialized') as is_schema_initialized, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::ComponentType' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'ComponentTypeId') as component_type_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ExtendsFrom') as extends_from, + json_extract_path_text(Properties, 'Functions') as functions, + json_extract_path_text(Properties, 'IsSingleton') as is_singleton, + json_extract_path_text(Properties, 'PropertyDefinitions') as property_definitions, + json_extract_path_text(Properties, 'PropertyGroups') as property_groups, + json_extract_path_text(Properties, 'CompositeComponentTypes') as composite_component_types, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationDateTime') as creation_date_time, + json_extract_path_text(Properties, 'UpdateDateTime') as update_date_time, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'IsAbstract') as is_abstract, + json_extract_path_text(Properties, 'IsSchemaInitialized') as is_schema_initialized, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::ComponentType' + AND data__Identifier = '' + AND region = 'us-east-1' + entities: + name: entities + id: awscc.iottwinmaker.entities + x-cfn-schema-name: Entity + x-type: list + x-identifiers: + - WorkspaceId + - EntityId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.EntityId') as entity_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::Entity' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'EntityId') as entity_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::Entity' + AND region = 'us-east-1' + entity: + name: entity + id: awscc.iottwinmaker.entity + x-cfn-schema-name: Entity + x-type: get + x-identifiers: + - WorkspaceId + - EntityId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EntityId') as entity_id, + JSON_EXTRACT(Properties, '$.EntityName') as entity_name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.HasChildEntities') as has_child_entities, + JSON_EXTRACT(Properties, '$.ParentEntityId') as parent_entity_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.CreationDateTime') as creation_date_time, + JSON_EXTRACT(Properties, '$.UpdateDateTime') as update_date_time, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.Components') as components, + JSON_EXTRACT(Properties, '$.CompositeComponents') as composite_components + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::Entity' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EntityId') as entity_id, + json_extract_path_text(Properties, 'EntityName') as entity_name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'HasChildEntities') as has_child_entities, + json_extract_path_text(Properties, 'ParentEntityId') as parent_entity_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'CreationDateTime') as creation_date_time, + json_extract_path_text(Properties, 'UpdateDateTime') as update_date_time, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'Components') as components, + json_extract_path_text(Properties, 'CompositeComponents') as composite_components + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::Entity' + AND data__Identifier = '' + AND region = 'us-east-1' + scenes: + name: scenes + id: awscc.iottwinmaker.scenes + x-cfn-schema-name: Scene + x-type: list + x-identifiers: + - WorkspaceId + - SceneId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.SceneId') as scene_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::Scene' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'SceneId') as scene_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::Scene' + AND region = 'us-east-1' + scene: + name: scene + id: awscc.iottwinmaker.scene + x-cfn-schema-name: Scene + x-type: get + x-identifiers: + - WorkspaceId + - SceneId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SceneId') as scene_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ContentLocation') as content_location, + JSON_EXTRACT(Properties, '$.CreationDateTime') as creation_date_time, + JSON_EXTRACT(Properties, '$.UpdateDateTime') as update_date_time, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.Capabilities') as capabilities, + JSON_EXTRACT(Properties, '$.SceneMetadata') as scene_metadata, + JSON_EXTRACT(Properties, '$.GeneratedSceneMetadata') as generated_scene_metadata + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::Scene' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SceneId') as scene_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ContentLocation') as content_location, + json_extract_path_text(Properties, 'CreationDateTime') as creation_date_time, + json_extract_path_text(Properties, 'UpdateDateTime') as update_date_time, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'Capabilities') as capabilities, + json_extract_path_text(Properties, 'SceneMetadata') as scene_metadata, + json_extract_path_text(Properties, 'GeneratedSceneMetadata') as generated_scene_metadata + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::Scene' + AND data__Identifier = '' + AND region = 'us-east-1' + sync_jobs: + name: sync_jobs + id: awscc.iottwinmaker.sync_jobs + x-cfn-schema-name: SyncJob + x-type: list + x-identifiers: + - WorkspaceId + - SyncSource + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.SyncSource') as sync_source + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::SyncJob' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'SyncSource') as sync_source + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::SyncJob' + AND region = 'us-east-1' + sync_job: + name: sync_job + id: awscc.iottwinmaker.sync_job + x-cfn-schema-name: SyncJob + x-type: get + x-identifiers: + - WorkspaceId + - SyncSource + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.SyncSource') as sync_source, + JSON_EXTRACT(Properties, '$.SyncRole') as sync_role, + JSON_EXTRACT(Properties, '$.CreationDateTime') as creation_date_time, + JSON_EXTRACT(Properties, '$.UpdateDateTime') as update_date_time, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::SyncJob' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'SyncSource') as sync_source, + json_extract_path_text(Properties, 'SyncRole') as sync_role, + json_extract_path_text(Properties, 'CreationDateTime') as creation_date_time, + json_extract_path_text(Properties, 'UpdateDateTime') as update_date_time, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::SyncJob' + AND data__Identifier = '' + AND region = 'us-east-1' + workspaces: + name: workspaces + id: awscc.iottwinmaker.workspaces + x-cfn-schema-name: Workspace + x-type: list + x-identifiers: + - WorkspaceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::Workspace' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTTwinMaker::Workspace' + AND region = 'us-east-1' + workspace: + name: workspace + id: awscc.iottwinmaker.workspace + x-cfn-schema-name: Workspace + x-type: get + x-identifiers: + - WorkspaceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkspaceId') as workspace_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Role') as role, + JSON_EXTRACT(Properties, '$.S3Location') as s3_location, + JSON_EXTRACT(Properties, '$.CreationDateTime') as creation_date_time, + JSON_EXTRACT(Properties, '$.UpdateDateTime') as update_date_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::Workspace' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkspaceId') as workspace_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Role') as role, + json_extract_path_text(Properties, 'S3Location') as s3_location, + json_extract_path_text(Properties, 'CreationDateTime') as creation_date_time, + json_extract_path_text(Properties, 'UpdateDateTime') as update_date_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTTwinMaker::Workspace' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/iotwireless.yaml b/providers/src/awscc/v00.00.00000/services/iotwireless.yaml new file mode 100644 index 00000000..cec56f5a --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/iotwireless.yaml @@ -0,0 +1,1966 @@ +openapi: 3.0.0 +info: + title: IoTWireless + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + additionalProperties: false + Destination: + type: object + properties: + Name: + description: Unique name of destination + type: string + pattern: '[a-zA-Z0-9:_-]+' + maxLength: 128 + Expression: + description: Destination expression + type: string + ExpressionType: + description: Must be RuleName + type: string + enum: + - RuleName + - MqttTopic + - SnsTopic + Description: + description: Destination description + type: string + maxLength: 2048 + Tags: + description: A list of key-value pairs that contain metadata for the destination. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + RoleArn: + description: AWS role ARN that grants access + type: string + minLength: 20 + maxLength: 2048 + Arn: + description: Destination arn. Returned after successful create. + type: string + required: + - Name + - Expression + - ExpressionType + x-stackql-resource-name: destination + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iam:PassRole + - iotwireless:CreateDestination + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetDestination + - iotwireless:ListTagsForResource + update: + - iam:PassRole + - iotwireless:UpdateDestination + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + delete: + - iotwireless:DeleteDestination + list: + - iotwireless:ListDestinations + - iotwireless:ListTagsForResource + LoRaWANDeviceProfile: + type: object + additionalProperties: false + properties: + SupportsClassB: + type: boolean + ClassBTimeout: + type: integer + minimum: 0 + maximum: 1000 + PingSlotPeriod: + type: integer + minimum: 128 + maximum: 4096 + PingSlotDr: + type: integer + minimum: 0 + maximum: 15 + PingSlotFreq: + type: integer + minimum: 1000000 + maximum: 16700000 + SupportsClassC: + type: boolean + ClassCTimeout: + type: integer + minimum: 0 + maximum: 1000 + MacVersion: + type: string + maxLength: 64 + RegParamsRevision: + type: string + maxLength: 64 + RxDelay1: + type: integer + minimum: 0 + maximum: 15 + RxDrOffset1: + type: integer + minimum: 0 + maximum: 7 + RxFreq2: + type: integer + minimum: 1000000 + maximum: 16700000 + RxDataRate2: + type: integer + minimum: 0 + maximum: 15 + FactoryPresetFreqsList: + type: array + maxItems: 20 + items: + $ref: '#/components/schemas/FactoryPresetFreq' + MaxEirp: + type: integer + minimum: 0 + maximum: 15 + MaxDutyCycle: + type: integer + minimum: 0 + maximum: 100 + SupportsJoin: + type: boolean + RfRegion: + type: string + maxLength: 64 + Supports32BitFCnt: + type: boolean + FactoryPresetFreq: + type: integer + minimum: 1000000 + maximum: 16700000 + DeviceProfile: + type: object + properties: + Name: + description: Name of service profile + type: string + maxLength: 256 + LoRaWAN: + description: LoRaWANDeviceProfile supports all LoRa specific attributes for service profile for CreateDeviceProfile operation + $ref: '#/components/schemas/LoRaWANDeviceProfile' + Tags: + description: A list of key-value pairs that contain metadata for the device profile. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + description: Service profile Arn. Returned after successful create. + type: string + Id: + description: Service profile Id. Returned after successful create. + type: string + maxLength: 256 + required: [] + x-stackql-resource-name: device_profile + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - iotwireless:CreateDeviceProfile + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetDeviceProfile + - iotwireless:ListTagsForResource + delete: + - iotwireless:DeleteDeviceProfile + list: + - iotwireless:ListDeviceProfiles + - iotwireless:ListTagsForResource + LoRaWAN: + type: object + properties: + RfRegion: + description: Multicast group LoRaWAN RF region + type: string + minLength: 1 + maxLength: 64 + DlClass: + description: Multicast group LoRaWAN DL Class + type: string + minLength: 1 + maxLength: 64 + NumberOfDevicesRequested: + description: Multicast group number of devices requested. Returned after successful read. + type: integer + NumberOfDevicesInGroup: + description: Multicast group number of devices in group. Returned after successful read. + type: integer + additionalProperties: false + required: + - RfRegion + - DlClass + FuotaTask: + type: object + properties: + Name: + description: Name of FUOTA task + type: string + maxLength: 256 + Description: + description: FUOTA task description + type: string + maxLength: 2048 + LoRaWAN: + description: FUOTA task LoRaWAN + $ref: '#/components/schemas/LoRaWAN' + FirmwareUpdateImage: + description: FUOTA task firmware update image binary S3 link + type: string + minLength: 1 + maxLength: 2048 + FirmwareUpdateRole: + description: FUOTA task firmware IAM role for reading S3 + type: string + minLength: 1 + maxLength: 256 + Arn: + description: FUOTA task arn. Returned after successful create. + type: string + Id: + description: FUOTA task id. Returned after successful create. + type: string + maxLength: 256 + Tags: + description: A list of key-value pairs that contain metadata for the FUOTA task. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + FuotaTaskStatus: + description: FUOTA task status. Returned after successful read. + type: string + AssociateWirelessDevice: + description: Wireless device to associate. Only for update request. + type: string + maxLength: 256 + DisassociateWirelessDevice: + description: Wireless device to disassociate. Only for update request. + type: string + maxLength: 256 + AssociateMulticastGroup: + description: Multicast group to associate. Only for update request. + type: string + maxLength: 256 + DisassociateMulticastGroup: + description: Multicast group to disassociate. Only for update request. + type: string + maxLength: 256 + required: + - LoRaWAN + - FirmwareUpdateImage + - FirmwareUpdateRole + x-stackql-resource-name: fuota_task + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Arn + - Id + - FuotaTaskStatus + - LoRaWAN/StartTime + x-required-permissions: + create: + - iotwireless:CreateFuotaTask + - iotwireless:TagResource + - iotwireless:ListTagsForResource + - iam:GetRole + - iam:PassRole + read: + - iotwireless:GetFuotaTask + - iotwireless:ListTagsForResource + update: + - iam:PassRole + - iotwireless:UpdateFuotaTask + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + - iotwireless:AssociateMulticastGroupWithFuotaTask + - iotwireless:DisassociateMulticastGroupFromFuotaTask + - iotwireless:AssociateWirelessDeviceWithFuotaTask + - iotwireless:DisassociateWirelessDeviceFromFuotaTask + delete: + - iotwireless:DeleteFuotaTask + list: + - iotwireless:ListFuotaTasks + - iotwireless:ListTagsForResource + MulticastGroup: + type: object + properties: + Name: + description: Name of Multicast group + type: string + maxLength: 256 + Description: + description: Multicast group description + type: string + maxLength: 2048 + LoRaWAN: + description: Multicast group LoRaWAN + $ref: '#/components/schemas/LoRaWAN' + Arn: + description: Multicast group arn. Returned after successful create. + type: string + Id: + description: Multicast group id. Returned after successful create. + type: string + maxLength: 256 + Tags: + description: A list of key-value pairs that contain metadata for the Multicast group. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Status: + description: Multicast group status. Returned after successful read. + type: string + AssociateWirelessDevice: + description: Wireless device to associate. Only for update request. + type: string + maxLength: 256 + DisassociateWirelessDevice: + description: Wireless device to disassociate. Only for update request. + type: string + maxLength: 256 + required: + - LoRaWAN + x-stackql-resource-name: multicast_group + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Arn + - Id + - Status + - LoRaWAN/NumberOfDevicesRequested + - LoRaWAN/NumberOfDevicesInGroup + x-required-permissions: + create: + - iotwireless:CreateMulticastGroup + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetMulticastGroup + - iotwireless:ListTagsForResource + update: + - iotwireless:UpdateMulticastGroup + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + - iotwireless:AssociateWirelessDeviceWithMulticastGroup + - iotwireless:DisassociateWirelessDeviceFromMulticastGroup + delete: + - iotwireless:DeleteMulticastGroup + list: + - iotwireless:ListMulticastGroups + - iotwireless:ListTagsForResource + WirelessDeviceFrameInfo: + type: string + enum: + - ENABLED + - DISABLED + LogLevel: + type: string + enum: + - INFO + - ERROR + - DISABLED + NetworkAnalyzerConfiguration: + type: object + properties: + Name: + description: Name of the network analyzer configuration + type: string + pattern: ^[a-zA-Z0-9-_]+$ + maxLength: 1024 + Description: + description: The description of the new resource + type: string + maxLength: 2048 + TraceContent: + description: Trace content for your wireless gateway and wireless device resources + type: object + additionalProperties: false + properties: + WirelessDeviceFrameInfo: + $ref: '#/components/schemas/WirelessDeviceFrameInfo' + LogLevel: + $ref: '#/components/schemas/LogLevel' + WirelessDevices: + description: List of wireless gateway resources that have been added to the network analyzer configuration + type: array + x-insertionOrder: false + items: + type: string + maxItems: 250 + WirelessGateways: + description: List of wireless gateway resources that have been added to the network analyzer configuration + type: array + x-insertionOrder: false + items: + type: string + maxItems: 250 + Arn: + description: Arn for network analyzer configuration, Returned upon successful create. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: network_analyzer_configuration + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Tags + x-read-only-properties: + - Arn + x-required-permissions: + create: + - iotwireless:CreateNetworkAnalyzerConfiguration + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetNetworkAnalyzerConfiguration + - iotwireless:ListTagsForResource + update: + - iotwireless:UpdateNetworkAnalyzerConfiguration + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + delete: + - iotwireless:DeleteNetworkAnalyzerConfiguration + list: + - iotwireless:ListNetworkAnalyzerConfigurations + - iotwireless:ListTagsForResource + SidewalkAccountInfo: + type: object + additionalProperties: false + properties: + AppServerPrivateKey: + type: string + pattern: '[a-fA-F0-9]{64}' + minLength: 1 + maxLength: 4096 + required: + - AppServerPrivateKey + SidewalkAccountInfoWithFingerprint: + type: object + additionalProperties: false + properties: + AmazonId: + type: string + maxLength: 2048 + Fingerprint: + type: string + pattern: '[a-fA-F0-9]{64}' + minLength: 64 + maxLength: 64 + Arn: + type: string + SidewalkUpdateAccount: + type: object + additionalProperties: false + properties: + AppServerPrivateKey: + type: string + pattern: '[a-fA-F0-9]{64}' + minLength: 1 + maxLength: 4096 + PartnerAccount: + type: object + properties: + Sidewalk: + description: The Sidewalk account credentials. + $ref: '#/components/schemas/SidewalkAccountInfo' + PartnerAccountId: + description: The partner account ID to disassociate from the AWS account + type: string + maxLength: 256 + PartnerType: + description: The partner type + type: string + enum: + - Sidewalk + SidewalkResponse: + description: The Sidewalk account credentials. + $ref: '#/components/schemas/SidewalkAccountInfoWithFingerprint' + AccountLinked: + description: Whether the partner account is linked to the AWS account. + type: boolean + SidewalkUpdate: + description: The Sidewalk account credentials. + $ref: '#/components/schemas/SidewalkUpdateAccount' + Fingerprint: + description: The fingerprint of the Sidewalk application server private key. + type: string + Arn: + description: PartnerAccount arn. Returned after successful create. + type: string + Tags: + description: A list of key-value pairs that contain metadata for the destination. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: partner_account + x-stackql-primaryIdentifier: + - PartnerAccountId + x-create-only-properties: + - PartnerAccountId + x-read-only-properties: + - Arn + - Fingerprint + x-required-permissions: + create: + - iotwireless:AssociateAwsAccountWithPartnerAccount + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetPartnerAccount + - iotwireless:ListTagsForResource + list: + - iotwireless:ListPartnerAccounts + - iotwireless:ListTagsForResource + update: + - iotwireless:UpdatePartnerAccount + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + delete: + - iotwireless:DisassociateAwsAccountFromPartnerAccount + LoRaWANServiceProfile: + type: object + additionalProperties: false + properties: + UlRate: + type: integer + UlBucketSize: + type: integer + UlRatePolicy: + type: string + DlRate: + type: integer + DlBucketSize: + type: integer + DlRatePolicy: + type: string + AddGwMetadata: + type: boolean + DevStatusReqFreq: + type: integer + ReportDevStatusBattery: + type: boolean + ReportDevStatusMargin: + type: boolean + DrMin: + type: integer + DrMax: + type: integer + ChannelMask: + type: string + PrAllowed: + type: boolean + HrAllowed: + type: boolean + RaAllowed: + type: boolean + NwkGeoLoc: + type: boolean + TargetPer: + type: integer + MinGwDiversity: + type: integer + ServiceProfile: + type: object + properties: + Name: + description: Name of service profile + type: string + maxLength: 256 + LoRaWAN: + description: LoRaWAN supports all LoRa specific attributes for service profile for CreateServiceProfile operation + $ref: '#/components/schemas/LoRaWANServiceProfile' + Tags: + description: A list of key-value pairs that contain metadata for the service profile. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + description: Service profile Arn. Returned after successful create. + type: string + Id: + description: Service profile Id. Returned after successful create. + type: string + maxLength: 256 + required: [] + x-stackql-resource-name: service_profile + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + - LoRaWAN/UlRate + - LoRaWAN/UlBucketSize + - LoRaWAN/UlRatePolicy + - LoRaWAN/DlRate + - LoRaWAN/DlBucketSize + - LoRaWAN/DlRatePolicy + - LoRaWAN/DevStatusReqFreq + - LoRaWAN/ReportDevStatusBattery + - LoRaWAN/ReportDevStatusMargin + - LoRaWAN/DrMin + - LoRaWAN/DrMax + - LoRaWAN/ChannelMask + - LoRaWAN/HrAllowed + - LoRaWAN/NwkGeoLoc + - LoRaWAN/TargetPer + - LoRaWAN/MinGwDiversity + x-required-permissions: + create: + - iotwireless:CreateServiceProfile + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetServiceProfile + - iotwireless:ListTagsForResource + delete: + - iotwireless:DeleteServiceProfile + list: + - iotwireless:ListServiceProfiles + - iotwireless:ListTagsForResource + LoRaWANGatewayVersion: + type: object + additionalProperties: false + properties: + PackageVersion: + type: string + minLength: 1 + maxLength: 32 + Model: + type: string + minLength: 1 + maxLength: 4096 + Station: + type: string + minLength: 1 + maxLength: 4096 + LoRaWANUpdateGatewayTaskCreate: + type: object + additionalProperties: false + properties: + UpdateSignature: + type: string + minLength: 1 + maxLength: 4096 + SigKeyCrc: + type: integer + format: int64 + CurrentVersion: + $ref: '#/components/schemas/LoRaWANGatewayVersion' + UpdateVersion: + $ref: '#/components/schemas/LoRaWANGatewayVersion' + UpdateWirelessGatewayTaskCreate: + type: object + additionalProperties: false + properties: + UpdateDataSource: + type: string + minLength: 1 + maxLength: 4096 + UpdateDataRole: + type: string + minLength: 1 + maxLength: 2048 + LoRaWAN: + $ref: '#/components/schemas/LoRaWANUpdateGatewayTaskCreate' + LoRaWANUpdateGatewayTaskEntry: + type: object + additionalProperties: false + properties: + CurrentVersion: + $ref: '#/components/schemas/LoRaWANGatewayVersion' + UpdateVersion: + $ref: '#/components/schemas/LoRaWANGatewayVersion' + TaskDefinition: + type: object + properties: + Name: + description: The name of the new resource. + type: string + minLength: 1 + maxLength: 256 + AutoCreateTasks: + description: Whether to automatically create tasks using this task definition for all gateways with the specified current version. If false, the task must me created by calling CreateWirelessGatewayTask. + type: boolean + Update: + description: Information about the gateways to update. + $ref: '#/components/schemas/UpdateWirelessGatewayTaskCreate' + LoRaWANUpdateGatewayTaskEntry: + description: The list of task definitions. + $ref: '#/components/schemas/LoRaWANUpdateGatewayTaskEntry' + Id: + description: The ID of the new wireless gateway task definition + type: string + pattern: '[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}' + TaskDefinitionType: + description: A filter to list only the wireless gateway task definitions that use this task definition type + type: string + enum: + - UPDATE + Arn: + description: TaskDefinition arn. Returned after successful create. + type: string + Tags: + description: A list of key-value pairs that contain metadata for the destination. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - AutoCreateTasks + x-stackql-resource-name: task_definition + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - iotwireless:CreateWirelessGatewayTaskDefinition + - iotwireless:TagResource + - iotwireless:ListTagsForResource + - iam:GetRole + - iam:PassRole + read: + - iotwireless:GetWirelessGatewayTaskDefinition + - iotwireless:ListTagsForResource + delete: + - iotwireless:DeleteWirelessGatewayTaskDefinition + list: + - iotwireless:ListWirelessGatewayTaskDefinitions + - iotwireless:ListTagsForResource + OtaaV10x: + type: object + additionalProperties: false + properties: + AppKey: + type: string + pattern: '[a-fA-F0-9]{32}' + AppEui: + type: string + pattern: '[a-fA-F0-9]{16}' + required: + - AppKey + - AppEui + OtaaV11: + type: object + additionalProperties: false + properties: + AppKey: + type: string + pattern: '[a-fA-F0-9]{32}' + NwkKey: + type: string + pattern: '[a-fA-F0-9]{32}' + JoinEui: + type: string + pattern: '[a-fA-F0-9]{16}' + required: + - AppKey + - NwkKey + - JoinEui + SessionKeysAbpV11: + type: object + additionalProperties: false + properties: + FNwkSIntKey: + type: string + pattern: '[a-fA-F0-9]{32}' + SNwkSIntKey: + type: string + pattern: '[a-fA-F0-9]{32}' + NwkSEncKey: + type: string + pattern: '[a-fA-F0-9]{32}' + AppSKey: + type: string + pattern: '[a-fA-F0-9]{32}' + required: + - FNwkSIntKey + - SNwkSIntKey + - NwkSEncKey + - AppSKey + AbpV11: + type: object + additionalProperties: false + properties: + DevAddr: + type: string + pattern: '[a-fA-F0-9]{8}' + SessionKeys: + $ref: '#/components/schemas/SessionKeysAbpV11' + required: + - DevAddr + - SessionKeys + SessionKeysAbpV10x: + type: object + additionalProperties: false + properties: + NwkSKey: + type: string + pattern: '[a-fA-F0-9]{32}' + AppSKey: + type: string + pattern: '[a-fA-F0-9]{32}' + required: + - NwkSKey + - AppSKey + AbpV10x: + type: object + additionalProperties: false + properties: + DevAddr: + type: string + pattern: '[a-fA-F0-9]{8}' + SessionKeys: + $ref: '#/components/schemas/SessionKeysAbpV10x' + required: + - DevAddr + - SessionKeys + FPorts: + type: object + additionalProperties: false + properties: + Applications: + description: A list of optional LoRaWAN application information, which can be used for geolocation. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Application' + LoRaWANDevice: + type: object + additionalProperties: false + properties: + DevEui: + type: string + pattern: '[a-f0-9]{16}' + DeviceProfileId: + type: string + maxLength: 256 + ServiceProfileId: + type: string + maxLength: 256 + OtaaV11: + $ref: '#/components/schemas/OtaaV11' + OtaaV10x: + $ref: '#/components/schemas/OtaaV10x' + AbpV11: + $ref: '#/components/schemas/AbpV11' + AbpV10x: + $ref: '#/components/schemas/AbpV10x' + FPorts: + $ref: '#/components/schemas/FPorts' + oneOf: + - required: + - OtaaV11 + - required: + - OtaaV10x + - required: + - AbpV11 + - required: + - AbpV10x + Application: + description: LoRaWAN application configuration, which can be used to perform geolocation. + type: object + properties: + DestinationName: + description: The name of the position data destination that describes the AWS IoT rule that processes the device's position data for use by AWS IoT Core for LoRaWAN. + type: string + pattern: '[a-zA-Z0-9-_]+' + maxLength: 128 + FPort: + description: The Fport value. + type: integer + minimum: 1 + maximum: 223 + Type: + description: Application type, which can be specified to obtain real-time position information of your LoRaWAN device. + type: string + enum: + - SemtechGeolocation + additionalProperties: false + WirelessDevice: + type: object + properties: + Type: + description: Wireless device type, currently only Sidewalk and LoRa + type: string + enum: + - Sidewalk + - LoRaWAN + Name: + description: Wireless device name + type: string + maxLength: 256 + Description: + description: Wireless device description + type: string + maxLength: 2048 + DestinationName: + description: Wireless device destination name + type: string + maxLength: 128 + LoRaWAN: + description: The combination of Package, Station and Model which represents the version of the LoRaWAN Wireless Device. + $ref: '#/components/schemas/LoRaWANDevice' + Tags: + description: A list of key-value pairs that contain metadata for the device. Currently not supported, will not create if tags are passed. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + description: Wireless device arn. Returned after successful create. + type: string + Id: + description: Wireless device Id. Returned after successful create. + type: string + maxLength: 256 + ThingArn: + description: Thing arn. Passed into update to associate Thing with Wireless device. + type: string + ThingName: + description: Thing Arn. If there is a Thing created, this can be returned with a Get call. + type: string + LastUplinkReceivedAt: + description: The date and time when the most recent uplink was received. + type: string + Positioning: + description: FPort values for the GNSS, stream, and ClockSync functions of the positioning information. + type: string + enum: + - Enabled + - Disabled + required: + - Type + - DestinationName + x-stackql-resource-name: wireless_device + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - ThingName + - Id + - Arn + x-required-permissions: + create: + - iotwireless:CreateWirelessDevice + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetWirelessDevice + - iotwireless:ListTagsForResource + update: + - iotwireless:UpdateWirelessDevice + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + - iotwireless:AssociateWirelessDeviceWithThing + delete: + - iotwireless:DeleteWirelessDevice + - iotwireless:DisassociateWirelessDeviceFromThing + list: + - iotwireless:ListWirelessDevices + - iotwireless:ListTagsForResource + DeviceCreationFileList: + description: sidewalk create device's file path + type: array + items: + type: string + maxLength: 1024 + Role: + description: sidewalk role + type: string + maxLength: 2048 + WirelessDeviceImportTask: + type: object + properties: + Id: + description: Id for Wireless Device Import Task, Returned upon successful start. + type: string + maxLength: 256 + Arn: + description: Arn for Wireless Device Import Task, Returned upon successful start. + type: string + maxLength: 128 + DestinationName: + description: Destination Name for import task + type: string + pattern: '[a-zA-Z0-9-_]+' + maxLength: 128 + CreationDate: + description: CreationDate for import task + type: string + Sidewalk: + description: sidewalk contain file for created device and role + type: object + additionalProperties: false + properties: + SidewalkManufacturingSn: + type: string + maxLength: 64 + DeviceCreationFile: + type: string + maxLength: 1024 + DeviceCreationFileList: + $ref: '#/components/schemas/DeviceCreationFileList' + Role: + $ref: '#/components/schemas/Role' + oneOf: + - allOf: + - required: + - DeviceCreationFile + - required: + - Role + - required: + - SidewalkManufacturingSn + Status: + description: Status for import task + type: string + enum: + - INITIALIZING + - INITIALIZED + - PENDING + - COMPLETE + - FAILED + - DELETING + StatusReason: + description: StatusReason for import task + type: string + InitializedImportedDevicesCount: + description: Initialized Imported Devices Count + type: integer + PendingImportedDevicesCount: + description: Pending Imported Devices Count + type: integer + OnboardedImportedDevicesCount: + description: Onboarded Imported Devices Count + type: integer + FailedImportedDevicesCount: + description: Failed Imported Devices Count + type: integer + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DestinationName + - Sidewalk + x-stackql-resource-name: wireless_device_import_task + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + - CreationDate + - Status + - StatusReason + - InitializedImportedDevicesCount + - PendingImportedDevicesCount + - OnboardedImportedDevicesCount + - FailedImportedDevicesCount + - Sidewalk/DeviceCreationFileList + x-required-permissions: + create: + - iotwireless:StartWirelessDeviceImportTask + - iotwireless:StartSingleWirelessDeviceImportTask + - iotwireless:TagResource + - iotwireless:ListTagsForResource + - iam:PassRole + read: + - iotwireless:GetWirelessDeviceImportTask + - iotwireless:ListTagsForResource + update: + - iotwireless:UpdateWirelessDeviceImportTask + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + - iam:PassRole + delete: + - iotwireless:DeleteWirelessDeviceImportTask + list: + - iotwireless:ListWirelessDeviceImportTasks + - iotwireless:ListTagsForResource + LoRaWANGateway: + type: object + additionalProperties: false + properties: + GatewayEui: + type: string + pattern: ^(([0-9A-Fa-f]{2}-){7}|([0-9A-Fa-f]{2}:){7}|([0-9A-Fa-f]{2}\s){7}|([0-9A-Fa-f]{2}){7})([0-9A-Fa-f]{2})$ + RfRegion: + type: string + maxLength: 64 + required: + - GatewayEui + - RfRegion + WirelessGateway: + type: object + properties: + Name: + description: Name of Wireless Gateway. + type: string + maxLength: 256 + Description: + description: Description of Wireless Gateway. + type: string + maxLength: 2048 + Tags: + description: A list of key-value pairs that contain metadata for the gateway. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + LoRaWAN: + description: The combination of Package, Station and Model which represents the version of the LoRaWAN Wireless Gateway. + $ref: '#/components/schemas/LoRaWANGateway' + Arn: + description: Arn for Wireless Gateway. Returned upon successful create. + type: string + Id: + description: Id for Wireless Gateway. Returned upon successful create. + type: string + maxLength: 256 + ThingArn: + description: Thing Arn. Passed into Update to associate a Thing with the Wireless Gateway. + type: string + ThingName: + description: Thing Name. If there is a Thing created, this can be returned with a Get call. + type: string + LastUplinkReceivedAt: + description: The date and time when the most recent uplink was received. + type: string + required: + - LoRaWAN + x-stackql-resource-name: wireless_gateway + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - iotwireless:CreateWirelessGateway + - iotwireless:TagResource + - iotwireless:ListTagsForResource + read: + - iotwireless:GetWirelessGateway + - iotwireless:ListTagsForResource + update: + - iotwireless:UpdateWirelessGateway + - iotwireless:UntagResource + - iotwireless:ListTagsForResource + - iotwireless:AssociateWirelessGatewayWithThing + delete: + - iotwireless:DeleteWirelessGateway + - iotwireless:DisassociateWirelessGatewayFromThing + list: + - iotwireless:ListWirelessGateways + - iotwireless:ListTagsForResource + x-stackQL-resources: + destinations: + name: destinations + id: awscc.iotwireless.destinations + x-cfn-schema-name: Destination + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::Destination' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::Destination' + AND region = 'us-east-1' + destination: + name: destination + id: awscc.iotwireless.destination + x-cfn-schema-name: Destination + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Expression') as expression, + JSON_EXTRACT(Properties, '$.ExpressionType') as expression_type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::Destination' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Expression') as expression, + json_extract_path_text(Properties, 'ExpressionType') as expression_type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::Destination' + AND data__Identifier = '' + AND region = 'us-east-1' + device_profiles: + name: device_profiles + id: awscc.iotwireless.device_profiles + x-cfn-schema-name: DeviceProfile + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::DeviceProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::DeviceProfile' + AND region = 'us-east-1' + device_profile: + name: device_profile + id: awscc.iotwireless.device_profile + x-cfn-schema-name: DeviceProfile + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.LoRaWAN') as lo_ra_wa_n, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::DeviceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'LoRaWAN') as lo_ra_wa_n, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::DeviceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fuota_tasks: + name: fuota_tasks + id: awscc.iotwireless.fuota_tasks + x-cfn-schema-name: FuotaTask + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::FuotaTask' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::FuotaTask' + AND region = 'us-east-1' + fuota_task: + name: fuota_task + id: awscc.iotwireless.fuota_task + x-cfn-schema-name: FuotaTask + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.LoRaWAN') as lo_ra_wa_n, + JSON_EXTRACT(Properties, '$.FirmwareUpdateImage') as firmware_update_image, + JSON_EXTRACT(Properties, '$.FirmwareUpdateRole') as firmware_update_role, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.FuotaTaskStatus') as fuota_task_status, + JSON_EXTRACT(Properties, '$.AssociateWirelessDevice') as associate_wireless_device, + JSON_EXTRACT(Properties, '$.DisassociateWirelessDevice') as disassociate_wireless_device, + JSON_EXTRACT(Properties, '$.AssociateMulticastGroup') as associate_multicast_group, + JSON_EXTRACT(Properties, '$.DisassociateMulticastGroup') as disassociate_multicast_group + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::FuotaTask' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'LoRaWAN') as lo_ra_wa_n, + json_extract_path_text(Properties, 'FirmwareUpdateImage') as firmware_update_image, + json_extract_path_text(Properties, 'FirmwareUpdateRole') as firmware_update_role, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'FuotaTaskStatus') as fuota_task_status, + json_extract_path_text(Properties, 'AssociateWirelessDevice') as associate_wireless_device, + json_extract_path_text(Properties, 'DisassociateWirelessDevice') as disassociate_wireless_device, + json_extract_path_text(Properties, 'AssociateMulticastGroup') as associate_multicast_group, + json_extract_path_text(Properties, 'DisassociateMulticastGroup') as disassociate_multicast_group + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::FuotaTask' + AND data__Identifier = '' + AND region = 'us-east-1' + multicast_groups: + name: multicast_groups + id: awscc.iotwireless.multicast_groups + x-cfn-schema-name: MulticastGroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::MulticastGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::MulticastGroup' + AND region = 'us-east-1' + multicast_group: + name: multicast_group + id: awscc.iotwireless.multicast_group + x-cfn-schema-name: MulticastGroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.LoRaWAN') as lo_ra_wa_n, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.AssociateWirelessDevice') as associate_wireless_device, + JSON_EXTRACT(Properties, '$.DisassociateWirelessDevice') as disassociate_wireless_device + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::MulticastGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'LoRaWAN') as lo_ra_wa_n, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'AssociateWirelessDevice') as associate_wireless_device, + json_extract_path_text(Properties, 'DisassociateWirelessDevice') as disassociate_wireless_device + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::MulticastGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + network_analyzer_configurations: + name: network_analyzer_configurations + id: awscc.iotwireless.network_analyzer_configurations + x-cfn-schema-name: NetworkAnalyzerConfiguration + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::NetworkAnalyzerConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::NetworkAnalyzerConfiguration' + AND region = 'us-east-1' + network_analyzer_configuration: + name: network_analyzer_configuration + id: awscc.iotwireless.network_analyzer_configuration + x-cfn-schema-name: NetworkAnalyzerConfiguration + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.TraceContent') as trace_content, + JSON_EXTRACT(Properties, '$.WirelessDevices') as wireless_devices, + JSON_EXTRACT(Properties, '$.WirelessGateways') as wireless_gateways, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::NetworkAnalyzerConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'TraceContent') as trace_content, + json_extract_path_text(Properties, 'WirelessDevices') as wireless_devices, + json_extract_path_text(Properties, 'WirelessGateways') as wireless_gateways, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::NetworkAnalyzerConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + partner_accounts: + name: partner_accounts + id: awscc.iotwireless.partner_accounts + x-cfn-schema-name: PartnerAccount + x-type: list + x-identifiers: + - PartnerAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PartnerAccountId') as partner_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::PartnerAccount' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PartnerAccountId') as partner_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::PartnerAccount' + AND region = 'us-east-1' + partner_account: + name: partner_account + id: awscc.iotwireless.partner_account + x-cfn-schema-name: PartnerAccount + x-type: get + x-identifiers: + - PartnerAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Sidewalk') as sidewalk, + JSON_EXTRACT(Properties, '$.PartnerAccountId') as partner_account_id, + JSON_EXTRACT(Properties, '$.PartnerType') as partner_type, + JSON_EXTRACT(Properties, '$.SidewalkResponse') as sidewalk_response, + JSON_EXTRACT(Properties, '$.AccountLinked') as account_linked, + JSON_EXTRACT(Properties, '$.SidewalkUpdate') as sidewalk_update, + JSON_EXTRACT(Properties, '$.Fingerprint') as fingerprint, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::PartnerAccount' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Sidewalk') as sidewalk, + json_extract_path_text(Properties, 'PartnerAccountId') as partner_account_id, + json_extract_path_text(Properties, 'PartnerType') as partner_type, + json_extract_path_text(Properties, 'SidewalkResponse') as sidewalk_response, + json_extract_path_text(Properties, 'AccountLinked') as account_linked, + json_extract_path_text(Properties, 'SidewalkUpdate') as sidewalk_update, + json_extract_path_text(Properties, 'Fingerprint') as fingerprint, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::PartnerAccount' + AND data__Identifier = '' + AND region = 'us-east-1' + service_profiles: + name: service_profiles + id: awscc.iotwireless.service_profiles + x-cfn-schema-name: ServiceProfile + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::ServiceProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::ServiceProfile' + AND region = 'us-east-1' + service_profile: + name: service_profile + id: awscc.iotwireless.service_profile + x-cfn-schema-name: ServiceProfile + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.LoRaWAN') as lo_ra_wa_n, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::ServiceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'LoRaWAN') as lo_ra_wa_n, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::ServiceProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + task_definitions: + name: task_definitions + id: awscc.iotwireless.task_definitions + x-cfn-schema-name: TaskDefinition + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::TaskDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::TaskDefinition' + AND region = 'us-east-1' + task_definition: + name: task_definition + id: awscc.iotwireless.task_definition + x-cfn-schema-name: TaskDefinition + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.AutoCreateTasks') as auto_create_tasks, + JSON_EXTRACT(Properties, '$.Update') as _update, + JSON_EXTRACT(Properties, '$.LoRaWANUpdateGatewayTaskEntry') as lo_ra_wa_nupdate_gateway_task_entry, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.TaskDefinitionType') as task_definition_type, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::TaskDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'AutoCreateTasks') as auto_create_tasks, + json_extract_path_text(Properties, 'Update') as _update, + json_extract_path_text(Properties, 'LoRaWANUpdateGatewayTaskEntry') as lo_ra_wa_nupdate_gateway_task_entry, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'TaskDefinitionType') as task_definition_type, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::TaskDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + wireless_devices: + name: wireless_devices + id: awscc.iotwireless.wireless_devices + x-cfn-schema-name: WirelessDevice + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::WirelessDevice' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::WirelessDevice' + AND region = 'us-east-1' + wireless_device: + name: wireless_device + id: awscc.iotwireless.wireless_device + x-cfn-schema-name: WirelessDevice + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DestinationName') as destination_name, + JSON_EXTRACT(Properties, '$.LoRaWAN') as lo_ra_wa_n, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ThingArn') as thing_arn, + JSON_EXTRACT(Properties, '$.ThingName') as thing_name, + JSON_EXTRACT(Properties, '$.LastUplinkReceivedAt') as last_uplink_received_at, + JSON_EXTRACT(Properties, '$.Positioning') as positioning + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::WirelessDevice' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DestinationName') as destination_name, + json_extract_path_text(Properties, 'LoRaWAN') as lo_ra_wa_n, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ThingArn') as thing_arn, + json_extract_path_text(Properties, 'ThingName') as thing_name, + json_extract_path_text(Properties, 'LastUplinkReceivedAt') as last_uplink_received_at, + json_extract_path_text(Properties, 'Positioning') as positioning + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::WirelessDevice' + AND data__Identifier = '' + AND region = 'us-east-1' + wireless_device_import_tasks: + name: wireless_device_import_tasks + id: awscc.iotwireless.wireless_device_import_tasks + x-cfn-schema-name: WirelessDeviceImportTask + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::WirelessDeviceImportTask' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::WirelessDeviceImportTask' + AND region = 'us-east-1' + wireless_device_import_task: + name: wireless_device_import_task + id: awscc.iotwireless.wireless_device_import_task + x-cfn-schema-name: WirelessDeviceImportTask + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DestinationName') as destination_name, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.Sidewalk') as sidewalk, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusReason') as status_reason, + JSON_EXTRACT(Properties, '$.InitializedImportedDevicesCount') as initialized_imported_devices_count, + JSON_EXTRACT(Properties, '$.PendingImportedDevicesCount') as pending_imported_devices_count, + JSON_EXTRACT(Properties, '$.OnboardedImportedDevicesCount') as onboarded_imported_devices_count, + JSON_EXTRACT(Properties, '$.FailedImportedDevicesCount') as failed_imported_devices_count, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::WirelessDeviceImportTask' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DestinationName') as destination_name, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'Sidewalk') as sidewalk, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusReason') as status_reason, + json_extract_path_text(Properties, 'InitializedImportedDevicesCount') as initialized_imported_devices_count, + json_extract_path_text(Properties, 'PendingImportedDevicesCount') as pending_imported_devices_count, + json_extract_path_text(Properties, 'OnboardedImportedDevicesCount') as onboarded_imported_devices_count, + json_extract_path_text(Properties, 'FailedImportedDevicesCount') as failed_imported_devices_count, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::WirelessDeviceImportTask' + AND data__Identifier = '' + AND region = 'us-east-1' + wireless_gateways: + name: wireless_gateways + id: awscc.iotwireless.wireless_gateways + x-cfn-schema-name: WirelessGateway + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::WirelessGateway' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IoTWireless::WirelessGateway' + AND region = 'us-east-1' + wireless_gateway: + name: wireless_gateway + id: awscc.iotwireless.wireless_gateway + x-cfn-schema-name: WirelessGateway + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LoRaWAN') as lo_ra_wa_n, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ThingArn') as thing_arn, + JSON_EXTRACT(Properties, '$.ThingName') as thing_name, + JSON_EXTRACT(Properties, '$.LastUplinkReceivedAt') as last_uplink_received_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::WirelessGateway' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LoRaWAN') as lo_ra_wa_n, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ThingArn') as thing_arn, + json_extract_path_text(Properties, 'ThingName') as thing_name, + json_extract_path_text(Properties, 'LastUplinkReceivedAt') as last_uplink_received_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IoTWireless::WirelessGateway' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ivs.yaml b/providers/src/awscc/v00.00.00000/services/ivs.yaml new file mode 100644 index 00000000..5b4a3310 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ivs.yaml @@ -0,0 +1,778 @@ +openapi: 3.0.0 +info: + title: IVS + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + required: + - Value + - Key + Channel: + type: object + properties: + Arn: + description: Channel ARN is automatically generated on creation and assigned as the unique identifier. + type: string + pattern: ^arn:aws:ivs:[a-z0-9-]+:[0-9]+:channel/[a-zA-Z0-9-]+$ + minLength: 1 + maxLength: 128 + Name: + description: Channel + type: string + minLength: 0 + maxLength: 128 + pattern: ^[a-zA-Z0-9-_]*$ + default: '-' + Authorized: + description: Whether the channel is authorized. + type: boolean + default: false + InsecureIngest: + description: Whether the channel allows insecure ingest. + type: boolean + default: false + LatencyMode: + description: Channel latency mode. + type: string + enum: + - NORMAL + - LOW + default: LOW + Type: + description: Channel type, which determines the allowable resolution and bitrate. If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately. + type: string + enum: + - STANDARD + - BASIC + - ADVANCED_SD + - ADVANCED_HD + default: STANDARD + Tags: + description: A list of key-value pairs that contain metadata for the asset model. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + PlaybackUrl: + description: Channel Playback URL. + type: string + IngestEndpoint: + description: Channel ingest endpoint, part of the definition of an ingest server, used when you set up streaming software. + type: string + RecordingConfigurationArn: + description: 'Recording Configuration ARN. A value other than an empty string indicates that recording is enabled. Default: "" (recording is disabled).' + type: string + default: '' + pattern: ^$|arn:aws:ivs:[a-z0-9-]+:[0-9]+:recording-configuration/[a-zA-Z0-9-]+$ + minLength: 0 + maxLength: 128 + Preset: + description: Optional transcode preset for the channel. This is selectable only for ADVANCED_HD and ADVANCED_SD channel types. For those channel types, the default preset is HIGHER_BANDWIDTH_DELIVERY. For other channel types (BASIC and STANDARD), preset is the empty string (""). + type: string + enum: + - HIGHER_BANDWIDTH_DELIVERY + - CONSTRAINED_BANDWIDTH_DELIVERY + required: [] + x-stackql-resource-name: channel + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - PlaybackUrl + - IngestEndpoint + x-required-permissions: + create: + - ivs:CreateChannel + - ivs:TagResource + read: + - ivs:GetChannel + - ivs:ListTagsForResource + update: + - ivs:GetChannel + - ivs:UpdateChannel + - ivs:TagResource + - ivs:UnTagResource + - ivs:ListTagsForResource + delete: + - ivs:DeleteChannel + - ivs:UnTagResource + list: + - ivs:ListChannels + - ivs:ListTagsForResource + PlaybackKeyPair: + type: object + properties: + Name: + description: An arbitrary string (a nickname) assigned to a playback key pair that helps the customer identify that resource. The value does not need to be unique. + type: string + pattern: ^[a-zA-Z0-9-_]*$ + minLength: 0 + maxLength: 128 + PublicKeyMaterial: + description: The public portion of a customer-generated key pair. + type: string + Fingerprint: + description: Key-pair identifier. + type: string + Arn: + description: Key-pair identifier. + type: string + pattern: ^arn:aws:ivs:[a-z0-9-]+:[0-9]+:playback-key/[a-zA-Z0-9-]+$ + minLength: 1 + maxLength: 128 + Tags: + description: A list of key-value pairs that contain metadata for the asset model. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: playback_key_pair + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - PublicKeyMaterial + - Name + x-read-only-properties: + - Arn + - Fingerprint + x-required-permissions: + create: + - ivs:ImportPlaybackKeyPair + - ivs:TagResource + read: + - ivs:GetPlaybackKeyPair + update: + - ivs:GetPlaybackKeyPair + - ivs:ListTagsForResource + - ivs:UntagResource + - ivs:TagResource + delete: + - ivs:DeletePlaybackKeyPair + - ivs:UntagResource + list: + - ivs:ListPlaybackKeyPairs + - ivs:ListTagsForResource + DestinationConfiguration: + description: Recording Destination Configuration. + type: object + additionalProperties: false + properties: + S3: + $ref: '#/components/schemas/S3DestinationConfiguration' + required: [] + S3DestinationConfiguration: + description: Recording S3 Destination Configuration. + type: object + additionalProperties: false + properties: + BucketName: + type: string + minLength: 3 + maxLength: 63 + pattern: ^[a-z0-9-.]+$ + required: + - BucketName + ThumbnailConfiguration: + description: Recording Thumbnail Configuration. + type: object + additionalProperties: false + properties: + RecordingMode: + description: Thumbnail Recording Mode, which determines whether thumbnails are recorded at an interval or are disabled. + type: string + enum: + - INTERVAL + - DISABLED + default: INTERVAL + TargetIntervalSeconds: + description: Target Interval Seconds defines the interval at which thumbnails are recorded. This field is required if RecordingMode is INTERVAL. + type: integer + minimum: 1 + maximum: 60 + default: 60 + Resolution: + description: Resolution indicates the desired resolution of recorded thumbnails. + type: string + enum: + - FULL_HD + - HD + - SD + - LOWEST_RESOLUTION + Storage: + description: Storage indicates the format in which thumbnails are recorded. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 2 + items: + type: string + enum: + - SEQUENTIAL + - LATEST + required: [] + RenditionConfiguration: + description: Rendition Configuration describes which renditions should be recorded for a stream. + type: object + additionalProperties: false + properties: + RenditionSelection: + description: Resolution Selection indicates which set of renditions are recorded for a stream. + type: string + enum: + - ALL + - NONE + - CUSTOM + default: ALL + Renditions: + description: Renditions indicates which renditions are recorded for a stream. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 4 + items: + type: string + enum: + - FULL_HD + - HD + - SD + - LOWEST_RESOLUTION + required: [] + RecordingConfiguration: + type: object + properties: + Arn: + description: Recording Configuration ARN is automatically generated on creation and assigned as the unique identifier. + type: string + pattern: ^arn:aws[-a-z]*:ivs:[a-z0-9-]+:[0-9]+:recording-configuration/[a-zA-Z0-9-]+$ + minLength: 0 + maxLength: 128 + Name: + description: Recording Configuration Name. + type: string + minLength: 0 + maxLength: 128 + pattern: ^[a-zA-Z0-9-_]*$ + State: + description: Recording Configuration State. + type: string + enum: + - CREATING + - CREATE_FAILED + - ACTIVE + RecordingReconnectWindowSeconds: + description: Recording Reconnect Window Seconds. (0 means disabled) + type: integer + default: 0 + minimum: 0 + maximum: 300 + DestinationConfiguration: + $ref: '#/components/schemas/DestinationConfiguration' + Tags: + description: A list of key-value pairs that contain metadata for the asset model. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + ThumbnailConfiguration: + $ref: '#/components/schemas/ThumbnailConfiguration' + RenditionConfiguration: + $ref: '#/components/schemas/RenditionConfiguration' + required: + - DestinationConfiguration + x-stackql-resource-name: recording_configuration + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - DestinationConfiguration + - DestinationConfiguration/S3 + - DestinationConfiguration/S3/BucketName + - RecordingReconnectWindowSeconds + - ThumbnailConfiguration + - ThumbnailConfiguration/RecordingMode + - ThumbnailConfiguration/TargetIntervalSeconds + - ThumbnailConfiguration/Storage + - ThumbnailConfiguration/Resolution + - RenditionConfiguration + - RenditionConfiguration/RenditionSelection + - RenditionConfiguration/Renditions + x-read-only-properties: + - Arn + - State + x-required-permissions: + create: + - ivs:CreateRecordingConfiguration + - ivs:GetRecordingConfiguration + - ivs:TagResource + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + - iam:AttachRolePolicy + - s3:ListBucket + - s3:GetBucketLocation + - cloudformation:ListExports + read: + - ivs:GetRecordingConfiguration + - s3:GetBucketLocation + - ivs:ListTagsForResource + update: + - ivs:GetRecordingConfiguration + - sts:AssumeRole + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + - iam:AttachRolePolicy + - s3:ListBucket + - ivs:TagResource + - ivs:UntagResource + - ivs:ListTagsForResource + delete: + - ivs:DeleteRecordingConfiguration + - ivs:UntagResource + - iam:CreateServiceLinkedRole + list: + - ivs:ListRecordingConfigurations + - s3:GetBucketLocation + - ivs:ListTagsForResource + Stage: + type: object + properties: + Arn: + description: Stage ARN is automatically generated on creation and assigned as the unique identifier. + type: string + pattern: ^arn:aws[-a-z]*:ivs:[a-z0-9-]+:[0-9]+:stage/[a-zA-Z0-9-]+$ + minLength: 0 + maxLength: 128 + Name: + description: Stage name + type: string + minLength: 0 + maxLength: 128 + pattern: ^[a-zA-Z0-9-_]*$ + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + ActiveSessionId: + description: ID of the active session within the stage. + type: string + default: '' + minLength: 0 + maxLength: 128 + x-stackql-resource-name: stage + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - ActiveSessionId + x-required-permissions: + create: + - ivs:CreateStage + - ivs:GetStage + - ivs:TagResource + - ivs:ListTagsForResource + read: + - ivs:GetStage + - ivs:ListTagsForResource + update: + - ivs:GetStage + - ivs:UpdateStage + - ivs:TagResource + - ivs:UnTagResource + - ivs:ListTagsForResource + delete: + - ivs:DeleteStage + - ivs:UnTagResource + list: + - ivs:ListStages + - ivs:ListTagsForResource + StreamKey: + type: object + properties: + Arn: + description: Stream Key ARN is automatically generated on creation and assigned as the unique identifier. + type: string + pattern: ^arn:aws:ivs:[a-z0-9-]+:[0-9]+:stream-key/[a-zA-Z0-9-]+$ + minLength: 1 + maxLength: 128 + ChannelArn: + description: Channel ARN for the stream. + type: string + pattern: ^arn:aws:ivs:[a-z0-9-]+:[0-9]+:channel/[a-zA-Z0-9-]+$ + Tags: + description: A list of key-value pairs that contain metadata for the asset model. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + Value: + description: Stream-key value. + type: string + required: + - ChannelArn + x-stackql-resource-name: stream_key + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ChannelArn + x-read-only-properties: + - Arn + - Value + x-required-permissions: + create: + - ivs:TagResource + - ivs:UntagResource + - ivs:CreateStreamKey + read: + - ivs:GetStreamKey + - ivs:ListTagsForResource + update: + - ivs:GetStreamKey + - ivs:TagResource + - ivs:UntagResource + - ivs:ListTagsForResource + delete: + - ivs:DeleteStreamKey + - ivs:UntagResource + list: + - ivs:ListStreamKeys + - ivs:ListTagsForResource + x-stackQL-resources: + channels: + name: channels + id: awscc.ivs.channels + x-cfn-schema-name: Channel + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::Channel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::Channel' + AND region = 'us-east-1' + channel: + name: channel + id: awscc.ivs.channel + x-cfn-schema-name: Channel + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Authorized') as authorized, + JSON_EXTRACT(Properties, '$.InsecureIngest') as insecure_ingest, + JSON_EXTRACT(Properties, '$.LatencyMode') as latency_mode, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.PlaybackUrl') as playback_url, + JSON_EXTRACT(Properties, '$.IngestEndpoint') as ingest_endpoint, + JSON_EXTRACT(Properties, '$.RecordingConfigurationArn') as recording_configuration_arn, + JSON_EXTRACT(Properties, '$.Preset') as preset + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Authorized') as authorized, + json_extract_path_text(Properties, 'InsecureIngest') as insecure_ingest, + json_extract_path_text(Properties, 'LatencyMode') as latency_mode, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'PlaybackUrl') as playback_url, + json_extract_path_text(Properties, 'IngestEndpoint') as ingest_endpoint, + json_extract_path_text(Properties, 'RecordingConfigurationArn') as recording_configuration_arn, + json_extract_path_text(Properties, 'Preset') as preset + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + playback_key_pairs: + name: playback_key_pairs + id: awscc.ivs.playback_key_pairs + x-cfn-schema-name: PlaybackKeyPair + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::PlaybackKeyPair' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::PlaybackKeyPair' + AND region = 'us-east-1' + playback_key_pair: + name: playback_key_pair + id: awscc.ivs.playback_key_pair + x-cfn-schema-name: PlaybackKeyPair + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PublicKeyMaterial') as public_key_material, + JSON_EXTRACT(Properties, '$.Fingerprint') as fingerprint, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::PlaybackKeyPair' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PublicKeyMaterial') as public_key_material, + json_extract_path_text(Properties, 'Fingerprint') as fingerprint, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::PlaybackKeyPair' + AND data__Identifier = '' + AND region = 'us-east-1' + recording_configurations: + name: recording_configurations + id: awscc.ivs.recording_configurations + x-cfn-schema-name: RecordingConfiguration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::RecordingConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::RecordingConfiguration' + AND region = 'us-east-1' + recording_configuration: + name: recording_configuration + id: awscc.ivs.recording_configuration + x-cfn-schema-name: RecordingConfiguration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.RecordingReconnectWindowSeconds') as recording_reconnect_window_seconds, + JSON_EXTRACT(Properties, '$.DestinationConfiguration') as destination_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ThumbnailConfiguration') as thumbnail_configuration, + JSON_EXTRACT(Properties, '$.RenditionConfiguration') as rendition_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::RecordingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'RecordingReconnectWindowSeconds') as recording_reconnect_window_seconds, + json_extract_path_text(Properties, 'DestinationConfiguration') as destination_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ThumbnailConfiguration') as thumbnail_configuration, + json_extract_path_text(Properties, 'RenditionConfiguration') as rendition_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::RecordingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + stages: + name: stages + id: awscc.ivs.stages + x-cfn-schema-name: Stage + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::Stage' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::Stage' + AND region = 'us-east-1' + stage: + name: stage + id: awscc.ivs.stage + x-cfn-schema-name: Stage + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ActiveSessionId') as active_session_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::Stage' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ActiveSessionId') as active_session_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::Stage' + AND data__Identifier = '' + AND region = 'us-east-1' + stream_keys: + name: stream_keys + id: awscc.ivs.stream_keys + x-cfn-schema-name: StreamKey + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::StreamKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVS::StreamKey' + AND region = 'us-east-1' + stream_key: + name: stream_key + id: awscc.ivs.stream_key + x-cfn-schema-name: StreamKey + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ChannelArn') as channel_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Value') as value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::StreamKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ChannelArn') as channel_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Value') as value + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVS::StreamKey' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ivschat.yaml b/providers/src/awscc/v00.00.00000/services/ivschat.yaml new file mode 100644 index 00000000..7b933f3c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ivschat.yaml @@ -0,0 +1,397 @@ +openapi: 3.0.0 +info: + title: IVSChat + version: 1.0.0 +paths: {} +components: + schemas: + DestinationConfiguration: + description: Destination configuration for IVS Chat logging. + type: object + additionalProperties: false + properties: + CloudWatchLogs: + $ref: '#/components/schemas/CloudWatchLogsDestinationConfiguration' + Firehose: + $ref: '#/components/schemas/FirehoseDestinationConfiguration' + S3: + $ref: '#/components/schemas/S3DestinationConfiguration' + required: [] + CloudWatchLogsDestinationConfiguration: + description: CloudWatch destination configuration for IVS Chat logging. + type: object + additionalProperties: false + properties: + LogGroupName: + description: Name of the Amazon CloudWatch Logs log group where chat activity will be logged. + type: string + pattern: ^[\.\-_/#A-Za-z0-9]+$ + minLength: 1 + maxLength: 512 + required: + - LogGroupName + FirehoseDestinationConfiguration: + description: Kinesis Firehose destination configuration for IVS Chat logging. + type: object + additionalProperties: false + properties: + DeliveryStreamName: + description: Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged. + type: string + pattern: ^[a-zA-Z0-9_.-]+$ + minLength: 1 + maxLength: 64 + required: + - DeliveryStreamName + S3DestinationConfiguration: + description: S3 destination configuration for IVS Chat logging. + type: object + additionalProperties: false + properties: + BucketName: + description: Name of the Amazon S3 bucket where chat activity will be logged. + type: string + pattern: ^[a-z0-9-.]+$ + minLength: 3 + maxLength: 63 + required: + - BucketName + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 256 + required: + - Value + - Key + LoggingConfiguration: + type: object + properties: + Arn: + description: LoggingConfiguration ARN is automatically generated on creation and assigned as the unique identifier. + type: string + pattern: ^arn:aws:ivschat:[a-z0-9-]+:[0-9]+:logging-configuration/[a-zA-Z0-9-]+$ + minLength: 1 + maxLength: 128 + Id: + description: The system-generated ID of the logging configuration. + type: string + pattern: ^[a-zA-Z0-9]+$ + minLength: 12 + maxLength: 12 + DestinationConfiguration: + $ref: '#/components/schemas/DestinationConfiguration' + Name: + description: The name of the logging configuration. The value does not need to be unique. + type: string + pattern: ^[a-zA-Z0-9-_]*$ + minLength: 0 + maxLength: 128 + State: + description: The state of the logging configuration. When the state is ACTIVE, the configuration is ready to log chat content. + type: string + enum: + - CREATING + - CREATE_FAILED + - DELETING + - DELETE_FAILED + - UPDATING + - UPDATING_FAILED + - ACTIVE + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DestinationConfiguration + x-stackql-resource-name: logging_configuration + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - Id + - State + x-required-permissions: + create: + - ivschat:CreateLoggingConfiguration + - ivschat:GetLoggingConfiguration + - logs:CreateLogDelivery + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - iam:CreateServiceLinkedRole + - firehose:TagDeliveryStream + - ivschat:TagResource + read: + - ivschat:GetLoggingConfiguration + - ivschat:ListTagsForResource + update: + - ivschat:UpdateLoggingConfiguration + - ivschat:GetLoggingConfiguration + - ivschat:TagResource + - ivschat:UnTagResource + - ivschat:ListTagsForResource + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - iam:CreateServiceLinkedRole + - firehose:TagDeliveryStream + delete: + - ivschat:DeleteLoggingConfiguration + - ivschat:GetLoggingConfiguration + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - ivschat:UntagResource + - logs:GetLogDelivery + list: + - ivschat:ListLoggingConfigurations + - ivschat:ListTagsForResource + MessageReviewHandler: + description: Configuration information for optional review of messages. + type: object + additionalProperties: false + properties: + FallbackResult: + description: Specifies the fallback behavior if the handler does not return a valid response, encounters an error, or times out. + type: string + enum: + - ALLOW + - DENY + default: ALLOW + Uri: + description: Identifier of the message review handler. + type: string + pattern: ^$|^arn:aws:lambda:[a-z0-9-]+:[0-9]{12}:function:.+ + minLength: 0 + maxLength: 170 + required: [] + Room: + type: object + properties: + Arn: + description: Room ARN is automatically generated on creation and assigned as the unique identifier. + type: string + pattern: ^arn:aws:ivschat:[a-z0-9-]+:[0-9]+:room/[a-zA-Z0-9-]+$ + minLength: 1 + maxLength: 128 + Id: + description: The system-generated ID of the room. + type: string + pattern: ^[a-zA-Z0-9]+$ + minLength: 12 + maxLength: 12 + Name: + description: The name of the room. The value does not need to be unique. + type: string + pattern: ^[a-zA-Z0-9-_]*$ + minLength: 0 + maxLength: 128 + LoggingConfigurationIdentifiers: + description: Array of logging configuration identifiers attached to the room. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 50 + items: + type: string + pattern: ^arn:aws:ivschat:[a-z0-9-]+:[0-9]+:logging-configuration/[a-zA-Z0-9-]+$ + minLength: 1 + maxLength: 128 + MaximumMessageLength: + description: The maximum number of characters in a single message. + type: integer + minimum: 1 + maximum: 500 + default: 500 + MaximumMessageRatePerSecond: + description: The maximum number of messages per second that can be sent to the room. + type: integer + minimum: 1 + maximum: 10 + default: 10 + MessageReviewHandler: + $ref: '#/components/schemas/MessageReviewHandler' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: [] + x-stackql-resource-name: room + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - ivschat:CreateRoom + - ivschat:TagResource + read: + - ivschat:GetRoom + - ivschat:ListTagsForResource + update: + - ivschat:UpdateRoom + - ivschat:TagResource + - ivschat:UnTagResource + - ivschat:ListTagsForResource + delete: + - ivschat:DeleteRoom + - ivschat:UntagResource + list: + - ivschat:ListRooms + - ivschat:ListTagsForResource + x-stackQL-resources: + logging_configurations: + name: logging_configurations + id: awscc.ivschat.logging_configurations + x-cfn-schema-name: LoggingConfiguration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVSChat::LoggingConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVSChat::LoggingConfiguration' + AND region = 'us-east-1' + logging_configuration: + name: logging_configuration + id: awscc.ivschat.logging_configuration + x-cfn-schema-name: LoggingConfiguration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.DestinationConfiguration') as destination_configuration, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVSChat::LoggingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'DestinationConfiguration') as destination_configuration, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVSChat::LoggingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + rooms: + name: rooms + id: awscc.ivschat.rooms + x-cfn-schema-name: Room + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVSChat::Room' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::IVSChat::Room' + AND region = 'us-east-1' + room: + name: room + id: awscc.ivschat.room + x-cfn-schema-name: Room + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.LoggingConfigurationIdentifiers') as logging_configuration_identifiers, + JSON_EXTRACT(Properties, '$.MaximumMessageLength') as maximum_message_length, + JSON_EXTRACT(Properties, '$.MaximumMessageRatePerSecond') as maximum_message_rate_per_second, + JSON_EXTRACT(Properties, '$.MessageReviewHandler') as message_review_handler, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVSChat::Room' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'LoggingConfigurationIdentifiers') as logging_configuration_identifiers, + json_extract_path_text(Properties, 'MaximumMessageLength') as maximum_message_length, + json_extract_path_text(Properties, 'MaximumMessageRatePerSecond') as maximum_message_rate_per_second, + json_extract_path_text(Properties, 'MessageReviewHandler') as message_review_handler, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::IVSChat::Room' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kafkaconnect.yaml b/providers/src/awscc/v00.00.00000/services/kafkaconnect.yaml new file mode 100644 index 00000000..ebd6e4a5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kafkaconnect.yaml @@ -0,0 +1,468 @@ +openapi: 3.0.0 +info: + title: KafkaConnect + version: 1.0.0 +paths: {} +components: + schemas: + ApacheKafkaCluster: + description: Details of how to connect to an Apache Kafka cluster. + type: object + additionalProperties: false + properties: + BootstrapServers: + description: The bootstrap servers string of the Apache Kafka cluster. + type: string + Vpc: + $ref: '#/components/schemas/Vpc' + required: + - BootstrapServers + - Vpc + AutoScaling: + description: Details about auto scaling of a connector. + type: object + additionalProperties: false + properties: + MaxWorkerCount: + description: The maximum number of workers for a connector. + type: integer + MinWorkerCount: + description: The minimum number of workers for a connector. + type: integer + ScaleInPolicy: + $ref: '#/components/schemas/ScaleInPolicy' + ScaleOutPolicy: + $ref: '#/components/schemas/ScaleOutPolicy' + McuCount: + description: Specifies how many MSK Connect Units (MCU) as the minimum scaling unit. + type: integer + enum: + - 1 + - 2 + - 4 + - 8 + required: + - MaxWorkerCount + - MinWorkerCount + - ScaleInPolicy + - ScaleOutPolicy + - McuCount + Capacity: + description: Information about the capacity allocated to the connector. + type: object + additionalProperties: false + properties: + AutoScaling: + $ref: '#/components/schemas/AutoScaling' + ProvisionedCapacity: + $ref: '#/components/schemas/ProvisionedCapacity' + oneOf: + - required: + - AutoScaling + - required: + - ProvisionedCapacity + CloudWatchLogsLogDelivery: + description: Details about delivering logs to Amazon CloudWatch Logs. + type: object + additionalProperties: false + properties: + Enabled: + description: Specifies whether the logs get sent to the specified CloudWatch Logs destination. + type: boolean + LogGroup: + description: The CloudWatch log group that is the destination for log delivery. + type: string + required: + - Enabled + CustomPlugin: + description: Details about a custom plugin. + type: object + additionalProperties: false + properties: + CustomPluginArn: + description: The Amazon Resource Name (ARN) of the custom plugin to use. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):kafkaconnect:.* + Revision: + description: The revision of the custom plugin to use. + type: integer + format: int64 + minimum: 1 + required: + - CustomPluginArn + - Revision + FirehoseLogDelivery: + description: Details about delivering logs to Amazon Kinesis Data Firehose. + type: object + additionalProperties: false + properties: + DeliveryStream: + description: The Kinesis Data Firehose delivery stream that is the destination for log delivery. + type: string + Enabled: + description: Specifies whether the logs get sent to the specified Kinesis Data Firehose delivery stream. + type: boolean + required: + - Enabled + KafkaCluster: + description: Details of how to connect to the Kafka cluster. + type: object + additionalProperties: false + properties: + ApacheKafkaCluster: + $ref: '#/components/schemas/ApacheKafkaCluster' + required: + - ApacheKafkaCluster + KafkaClusterClientAuthentication: + description: Details of the client authentication used by the Kafka cluster. + type: object + additionalProperties: false + properties: + AuthenticationType: + $ref: '#/components/schemas/KafkaClusterClientAuthenticationType' + required: + - AuthenticationType + KafkaClusterClientAuthenticationType: + description: The type of client authentication used to connect to the Kafka cluster. Value NONE means that no client authentication is used. + type: string + enum: + - NONE + - IAM + KafkaClusterEncryptionInTransit: + description: Details of encryption in transit to the Kafka cluster. + type: object + additionalProperties: false + properties: + EncryptionType: + $ref: '#/components/schemas/KafkaClusterEncryptionInTransitType' + required: + - EncryptionType + KafkaClusterEncryptionInTransitType: + description: The type of encryption in transit to the Kafka cluster. + type: string + enum: + - PLAINTEXT + - TLS + LogDelivery: + description: Details of what logs are delivered and where they are delivered. + type: object + additionalProperties: false + properties: + WorkerLogDelivery: + $ref: '#/components/schemas/WorkerLogDelivery' + required: + - WorkerLogDelivery + Plugin: + description: Details about a Kafka Connect plugin which will be used with the connector. + type: object + additionalProperties: false + properties: + CustomPlugin: + $ref: '#/components/schemas/CustomPlugin' + required: + - CustomPlugin + ProvisionedCapacity: + description: Details about a fixed capacity allocated to a connector. + type: object + additionalProperties: false + properties: + McuCount: + description: Specifies how many MSK Connect Units (MCU) are allocated to the connector. + type: integer + enum: + - 1 + - 2 + - 4 + - 8 + WorkerCount: + description: Number of workers for a connector. + type: integer + required: + - WorkerCount + S3LogDelivery: + description: Details about delivering logs to Amazon S3. + type: object + additionalProperties: false + properties: + Bucket: + description: The name of the S3 bucket that is the destination for log delivery. + type: string + Enabled: + description: Specifies whether the logs get sent to the specified Amazon S3 destination. + type: boolean + Prefix: + description: The S3 prefix that is the destination for log delivery. + type: string + required: + - Enabled + ScaleInPolicy: + description: Information about the scale in policy of the connector. + type: object + additionalProperties: false + properties: + CpuUtilizationPercentage: + description: Specifies the CPU utilization percentage threshold at which connector scale in should trigger. + type: integer + minimum: 1 + maximum: 100 + required: + - CpuUtilizationPercentage + ScaleOutPolicy: + description: Information about the scale out policy of the connector. + type: object + additionalProperties: false + properties: + CpuUtilizationPercentage: + description: Specifies the CPU utilization percentage threshold at which connector scale out should trigger. + type: integer + minimum: 1 + maximum: 100 + required: + - CpuUtilizationPercentage + Vpc: + description: Information about a VPC used with the connector. + type: object + additionalProperties: false + properties: + SecurityGroups: + description: The AWS security groups to associate with the elastic network interfaces in order to specify what the connector has access to. + type: array + uniqueItems: true + items: + type: string + x-insertionOrder: false + Subnets: + description: The list of subnets to connect to in the virtual private cloud (VPC). AWS creates elastic network interfaces inside these subnets. + type: array + uniqueItems: true + minItems: 1 + items: + type: string + x-insertionOrder: false + required: + - SecurityGroups + - Subnets + WorkerConfiguration: + description: Specifies the worker configuration to use with the connector. + type: object + additionalProperties: false + properties: + Revision: + description: The revision of the worker configuration to use. + type: integer + minimum: 1 + format: int64 + WorkerConfigurationArn: + description: The Amazon Resource Name (ARN) of the worker configuration to use. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):kafkaconnect:.* + required: + - Revision + - WorkerConfigurationArn + WorkerLogDelivery: + description: Specifies where worker logs are delivered. + type: object + additionalProperties: false + properties: + CloudWatchLogs: + $ref: '#/components/schemas/CloudWatchLogsLogDelivery' + Firehose: + $ref: '#/components/schemas/FirehoseLogDelivery' + S3: + $ref: '#/components/schemas/S3LogDelivery' + Connector: + type: object + properties: + Capacity: + $ref: '#/components/schemas/Capacity' + ConnectorArn: + description: Amazon Resource Name for the created Connector. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):kafkaconnect:.* + ConnectorConfiguration: + description: The configuration for the connector. + type: object + additionalProperties: false + x-patternProperties: + .*: + type: string + ConnectorDescription: + description: A summary description of the connector. + type: string + maxLength: 1024 + ConnectorName: + description: The name of the connector. + type: string + minLength: 1 + maxLength: 128 + KafkaCluster: + $ref: '#/components/schemas/KafkaCluster' + KafkaClusterClientAuthentication: + $ref: '#/components/schemas/KafkaClusterClientAuthentication' + KafkaClusterEncryptionInTransit: + $ref: '#/components/schemas/KafkaClusterEncryptionInTransit' + KafkaConnectVersion: + description: The version of Kafka Connect. It has to be compatible with both the Kafka cluster's version and the plugins. + type: string + LogDelivery: + $ref: '#/components/schemas/LogDelivery' + Plugins: + description: List of plugins to use with the connector. + type: array + uniqueItems: true + minItems: 1 + items: + $ref: '#/components/schemas/Plugin' + x-insertionOrder: false + ServiceExecutionRoleArn: + description: The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon S3 objects and other external resources. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):iam:.* + WorkerConfiguration: + $ref: '#/components/schemas/WorkerConfiguration' + required: + - Capacity + - ConnectorConfiguration + - ConnectorName + - KafkaConnectVersion + - KafkaCluster + - KafkaClusterClientAuthentication + - KafkaClusterEncryptionInTransit + - Plugins + - ServiceExecutionRoleArn + x-stackql-resource-name: connector + x-stackql-primaryIdentifier: + - ConnectorArn + x-create-only-properties: + - ConnectorConfiguration + - ConnectorDescription + - ConnectorName + - KafkaCluster + - KafkaClusterClientAuthentication + - KafkaClusterEncryptionInTransit + - KafkaConnectVersion + - LogDelivery + - Plugins + - ServiceExecutionRoleArn + - WorkerConfiguration + x-read-only-properties: + - ConnectorArn + x-required-permissions: + create: + - kafkaconnect:CreateConnector + - kafkaconnect:DescribeConnector + - iam:CreateServiceLinkedRole + - iam:PassRole + - ec2:CreateNetworkInterface + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - firehose:TagDeliveryStream + read: + - kafkaconnect:DescribeConnector + delete: + - kafkaconnect:DeleteConnector + - kafkaconnect:DescribeConnector + - logs:DeleteLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + update: + - kafkaconnect:UpdateConnector + - kafkaconnect:DescribeConnector + - iam:CreateServiceLinkedRole + - logs:UpdateLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - firehose:TagDeliveryStream + list: + - kafkaconnect:ListConnectors + x-stackQL-resources: + connectors: + name: connectors + id: awscc.kafkaconnect.connectors + x-cfn-schema-name: Connector + x-type: list + x-identifiers: + - ConnectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KafkaConnect::Connector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KafkaConnect::Connector' + AND region = 'us-east-1' + connector: + name: connector + id: awscc.kafkaconnect.connector + x-cfn-schema-name: Connector + x-type: get + x-identifiers: + - ConnectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Capacity') as capacity, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn, + JSON_EXTRACT(Properties, '$.ConnectorConfiguration') as connector_configuration, + JSON_EXTRACT(Properties, '$.ConnectorDescription') as connector_description, + JSON_EXTRACT(Properties, '$.ConnectorName') as connector_name, + JSON_EXTRACT(Properties, '$.KafkaCluster') as kafka_cluster, + JSON_EXTRACT(Properties, '$.KafkaClusterClientAuthentication') as kafka_cluster_client_authentication, + JSON_EXTRACT(Properties, '$.KafkaClusterEncryptionInTransit') as kafka_cluster_encryption_in_transit, + JSON_EXTRACT(Properties, '$.KafkaConnectVersion') as kafka_connect_version, + JSON_EXTRACT(Properties, '$.LogDelivery') as log_delivery, + JSON_EXTRACT(Properties, '$.Plugins') as plugins, + JSON_EXTRACT(Properties, '$.ServiceExecutionRoleArn') as service_execution_role_arn, + JSON_EXTRACT(Properties, '$.WorkerConfiguration') as worker_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KafkaConnect::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Capacity') as capacity, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn, + json_extract_path_text(Properties, 'ConnectorConfiguration') as connector_configuration, + json_extract_path_text(Properties, 'ConnectorDescription') as connector_description, + json_extract_path_text(Properties, 'ConnectorName') as connector_name, + json_extract_path_text(Properties, 'KafkaCluster') as kafka_cluster, + json_extract_path_text(Properties, 'KafkaClusterClientAuthentication') as kafka_cluster_client_authentication, + json_extract_path_text(Properties, 'KafkaClusterEncryptionInTransit') as kafka_cluster_encryption_in_transit, + json_extract_path_text(Properties, 'KafkaConnectVersion') as kafka_connect_version, + json_extract_path_text(Properties, 'LogDelivery') as log_delivery, + json_extract_path_text(Properties, 'Plugins') as plugins, + json_extract_path_text(Properties, 'ServiceExecutionRoleArn') as service_execution_role_arn, + json_extract_path_text(Properties, 'WorkerConfiguration') as worker_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KafkaConnect::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kendra.yaml b/providers/src/awscc/v00.00.00000/services/kendra.yaml new file mode 100644 index 00000000..374b6622 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kendra.yaml @@ -0,0 +1,1828 @@ +openapi: 3.0.0 +info: + title: Kendra + version: 1.0.0 +paths: {} +components: + schemas: + IndexId: + description: Unique ID of Index + type: string + minLength: 36 + maxLength: 36 + Tag: + description: A label for tagging Kendra resources + type: object + properties: + Key: + description: A string used to identify this tag + type: string + minLength: 1 + maxLength: 128 + Value: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + TagList: + description: List of tags + type: array + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + DataSourceInclusionsExclusionsStrings: + type: array + maxItems: 100 + items: + type: string + minLength: 1 + maxLength: 50 + S3Path: + type: object + properties: + Bucket: + $ref: '#/components/schemas/S3BucketName' + Key: + $ref: '#/components/schemas/S3ObjectKey' + additionalProperties: false + required: + - Bucket + - Key + S3BucketName: + type: string + minLength: 3 + maxLength: 63 + pattern: '[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9]' + S3ObjectKey: + type: string + minLength: 1 + maxLength: 1024 + DocumentsMetadataConfiguration: + type: object + properties: + S3Prefix: + $ref: '#/components/schemas/S3ObjectKey' + additionalProperties: false + AccessControlListConfiguration: + type: object + properties: + KeyPath: + $ref: '#/components/schemas/S3ObjectKey' + additionalProperties: false + S3DataSourceConfiguration: + description: S3 data source configuration + type: object + properties: + BucketName: + $ref: '#/components/schemas/S3BucketName' + InclusionPrefixes: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + InclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + DocumentsMetadataConfiguration: + $ref: '#/components/schemas/DocumentsMetadataConfiguration' + AccessControlListConfiguration: + $ref: '#/components/schemas/AccessControlListConfiguration' + additionalProperties: false + required: + - BucketName + Url: + type: string + minLength: 1 + maxLength: 2048 + pattern: ^(https?|ftp|file):\/\/([^\s]*) + SecretArn: + type: string + minLength: 1 + maxLength: 1284 + pattern: arn:[a-z0-9-\.]{1,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[^/].{0,1023} + DataSourceVpcConfiguration: + type: object + properties: + SubnetIds: + type: array + maxItems: 6 + items: + type: string + minLength: 1 + maxLength: 200 + pattern: '[\-0-9a-zA-Z]+' + SecurityGroupIds: + type: array + maxItems: 10 + items: + type: string + minLength: 1 + maxLength: 200 + pattern: '[\-0-9a-zA-Z]+' + additionalProperties: false + required: + - SubnetIds + - SecurityGroupIds + DataSourceFieldName: + type: string + minLength: 1 + maxLength: 100 + DataSourceToIndexFieldMapping: + type: object + properties: + DataSourceFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DateFieldFormat: + $ref: '#/components/schemas/DateFieldFormat' + IndexFieldName: + $ref: '#/components/schemas/IndexFieldName' + additionalProperties: false + required: + - DataSourceFieldName + - IndexFieldName + DateFieldFormat: + type: string + minLength: 4 + maxLength: 40 + IndexFieldName: + type: string + minLength: 1 + maxLength: 30 + DataSourceToIndexFieldMappingList: + type: array + maxItems: 100 + items: + $ref: '#/components/schemas/DataSourceToIndexFieldMapping' + DisableLocalGroups: + type: boolean + SharePointConfiguration: + description: SharePoint configuration + type: object + properties: + SharePointVersion: + type: string + enum: + - SHAREPOINT_ONLINE + - SHAREPOINT_2013 + - SHAREPOINT_2016 + Urls: + type: array + maxItems: 100 + items: + $ref: '#/components/schemas/Url' + SecretArn: + $ref: '#/components/schemas/SecretArn' + CrawlAttachments: + type: boolean + UseChangeLog: + type: boolean + InclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + VpcConfiguration: + $ref: '#/components/schemas/DataSourceVpcConfiguration' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DisableLocalGroups: + $ref: '#/components/schemas/DisableLocalGroups' + SslCertificateS3Path: + $ref: '#/components/schemas/S3Path' + additionalProperties: false + required: + - Urls + - SecretArn + - SharePointVersion + SalesforceConfiguration: + type: object + properties: + ServerUrl: + $ref: '#/components/schemas/Url' + SecretArn: + $ref: '#/components/schemas/SecretArn' + StandardObjectConfigurations: + $ref: '#/components/schemas/SalesforceStandardObjectConfigurationList' + KnowledgeArticleConfiguration: + $ref: '#/components/schemas/SalesforceKnowledgeArticleConfiguration' + ChatterFeedConfiguration: + $ref: '#/components/schemas/SalesforceChatterFeedConfiguration' + CrawlAttachments: + type: boolean + StandardObjectAttachmentConfiguration: + $ref: '#/components/schemas/SalesforceStandardObjectAttachmentConfiguration' + IncludeAttachmentFilePatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExcludeAttachmentFilePatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + additionalProperties: false + required: + - ServerUrl + - SecretArn + SalesforceStandardObjectConfigurationList: + type: array + minItems: 1 + maxItems: 17 + items: + $ref: '#/components/schemas/SalesforceStandardObjectConfiguration' + SalesforceStandardObjectConfiguration: + type: object + properties: + Name: + $ref: '#/components/schemas/SalesforceStandardObjectName' + DocumentDataFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + additionalProperties: false + required: + - Name + - DocumentDataFieldName + SalesforceStandardObjectName: + type: string + enum: + - ACCOUNT + - CAMPAIGN + - CASE + - CONTACT + - CONTRACT + - DOCUMENT + - GROUP + - IDEA + - LEAD + - OPPORTUNITY + - PARTNER + - PRICEBOOK + - PRODUCT + - PROFILE + - SOLUTION + - TASK + - USER + SalesforceKnowledgeArticleConfiguration: + type: object + properties: + IncludedStates: + $ref: '#/components/schemas/SalesforceKnowledgeArticleStateList' + StandardKnowledgeArticleTypeConfiguration: + $ref: '#/components/schemas/SalesforceStandardKnowledgeArticleTypeConfiguration' + CustomKnowledgeArticleTypeConfigurations: + $ref: '#/components/schemas/SalesforceCustomKnowledgeArticleTypeConfigurationList' + additionalProperties: false + required: + - IncludedStates + SalesforceKnowledgeArticleStateList: + type: array + minItems: 1 + maxItems: 3 + items: + $ref: '#/components/schemas/SalesforceKnowledgeArticleState' + SalesforceKnowledgeArticleState: + type: string + enum: + - DRAFT + - PUBLISHED + - ARCHIVED + SalesforceStandardKnowledgeArticleTypeConfiguration: + type: object + properties: + DocumentDataFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + additionalProperties: false + required: + - DocumentDataFieldName + SalesforceCustomKnowledgeArticleTypeConfigurationList: + type: array + minItems: 1 + maxItems: 10 + items: + $ref: '#/components/schemas/SalesforceCustomKnowledgeArticleTypeConfiguration' + SalesforceCustomKnowledgeArticleTypeConfiguration: + type: object + properties: + Name: + $ref: '#/components/schemas/SalesforceCustomKnowledgeArticleTypeName' + DocumentDataFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + additionalProperties: false + required: + - Name + - DocumentDataFieldName + SalesforceCustomKnowledgeArticleTypeName: + type: string + minLength: 1 + maxLength: 100 + SalesforceChatterFeedConfiguration: + type: object + properties: + DocumentDataFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + IncludeFilterTypes: + $ref: '#/components/schemas/SalesforceChatterFeedIncludeFilterTypes' + additionalProperties: false + required: + - DocumentDataFieldName + SalesforceChatterFeedIncludeFilterTypes: + type: array + minItems: 1 + maxItems: 2 + items: + $ref: '#/components/schemas/SalesforceChatterFeedIncludeFilterType' + SalesforceChatterFeedIncludeFilterType: + type: string + enum: + - ACTIVE_USER + - STANDARD_USER + SalesforceStandardObjectAttachmentConfiguration: + type: object + properties: + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + additionalProperties: false + DatabaseConfiguration: + type: object + properties: + DatabaseEngineType: + $ref: '#/components/schemas/DatabaseEngineType' + ConnectionConfiguration: + $ref: '#/components/schemas/ConnectionConfiguration' + VpcConfiguration: + $ref: '#/components/schemas/DataSourceVpcConfiguration' + ColumnConfiguration: + $ref: '#/components/schemas/ColumnConfiguration' + AclConfiguration: + $ref: '#/components/schemas/AclConfiguration' + SqlConfiguration: + $ref: '#/components/schemas/SqlConfiguration' + additionalProperties: false + required: + - ConnectionConfiguration + - ColumnConfiguration + - DatabaseEngineType + DatabaseEngineType: + type: string + enum: + - RDS_AURORA_MYSQL + - RDS_AURORA_POSTGRESQL + - RDS_MYSQL + - RDS_POSTGRESQL + ConnectionConfiguration: + type: object + properties: + DatabaseHost: + $ref: '#/components/schemas/DatabaseHost' + DatabasePort: + $ref: '#/components/schemas/DatabasePort' + DatabaseName: + $ref: '#/components/schemas/DatabaseName' + TableName: + $ref: '#/components/schemas/TableName' + SecretArn: + $ref: '#/components/schemas/SecretArn' + additionalProperties: false + required: + - DatabaseHost + - DatabasePort + - DatabaseName + - TableName + - SecretArn + DatabaseHost: + type: string + minLength: 1 + maxLength: 253 + DatabasePort: + type: integer + minimum: 1 + maximum: 65535 + DatabaseName: + type: string + minLength: 1 + maxLength: 100 + TableName: + type: string + minLength: 1 + maxLength: 100 + ColumnConfiguration: + type: object + properties: + DocumentIdColumnName: + $ref: '#/components/schemas/ColumnName' + DocumentDataColumnName: + $ref: '#/components/schemas/ColumnName' + DocumentTitleColumnName: + $ref: '#/components/schemas/ColumnName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + ChangeDetectingColumns: + $ref: '#/components/schemas/ChangeDetectingColumns' + additionalProperties: false + required: + - DocumentIdColumnName + - DocumentDataColumnName + - ChangeDetectingColumns + ChangeDetectingColumns: + type: array + minItems: 1 + maxItems: 5 + items: + $ref: '#/components/schemas/ColumnName' + ColumnName: + type: string + minLength: 1 + maxLength: 100 + SqlConfiguration: + type: object + properties: + QueryIdentifiersEnclosingOption: + $ref: '#/components/schemas/QueryIdentifiersEnclosingOption' + additionalProperties: false + QueryIdentifiersEnclosingOption: + type: string + enum: + - DOUBLE_QUOTES + - NONE + AclConfiguration: + type: object + properties: + AllowedGroupsColumnName: + $ref: '#/components/schemas/ColumnName' + additionalProperties: false + required: + - AllowedGroupsColumnName + OneDriveConfiguration: + type: object + properties: + TenantDomain: + $ref: '#/components/schemas/TenantDomain' + SecretArn: + $ref: '#/components/schemas/SecretArn' + OneDriveUsers: + $ref: '#/components/schemas/OneDriveUsers' + InclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + DisableLocalGroups: + $ref: '#/components/schemas/DisableLocalGroups' + additionalProperties: false + required: + - TenantDomain + - SecretArn + - OneDriveUsers + TenantDomain: + type: string + minLength: 1 + maxLength: 256 + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ + OneDriveUsers: + type: object + properties: + OneDriveUserList: + $ref: '#/components/schemas/OneDriveUserList' + OneDriveUserS3Path: + $ref: '#/components/schemas/S3Path' + additionalProperties: false + oneOf: + - required: + - OneDriveUserList + - required: + - OneDriveUserS3Path + OneDriveUserList: + type: array + minItems: 1 + maxItems: 100 + items: + $ref: '#/components/schemas/OneDriveUser' + OneDriveUser: + type: string + minLength: 1 + maxLength: 256 + pattern: ^(?!\s).+@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})$ + ServiceNowConfiguration: + type: object + properties: + HostUrl: + $ref: '#/components/schemas/ServiceNowHostUrl' + SecretArn: + $ref: '#/components/schemas/SecretArn' + ServiceNowBuildVersion: + $ref: '#/components/schemas/ServiceNowBuildVersionType' + AuthenticationType: + $ref: '#/components/schemas/ServiceNowAuthenticationType' + KnowledgeArticleConfiguration: + $ref: '#/components/schemas/ServiceNowKnowledgeArticleConfiguration' + ServiceCatalogConfiguration: + $ref: '#/components/schemas/ServiceNowServiceCatalogConfiguration' + additionalProperties: false + required: + - HostUrl + - SecretArn + - ServiceNowBuildVersion + ServiceNowBuildVersionType: + type: string + enum: + - LONDON + - OTHERS + ServiceNowAuthenticationType: + type: string + enum: + - HTTP_BASIC + - OAUTH2 + ServiceNowServiceCatalogConfiguration: + type: object + properties: + CrawlAttachments: + type: boolean + IncludeAttachmentFilePatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExcludeAttachmentFilePatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + DocumentDataFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + additionalProperties: false + required: + - DocumentDataFieldName + ServiceNowHostUrl: + type: string + minLength: 1 + maxLength: 2048 + pattern: ^(?!(^(https?|ftp|file):\/\/))[a-z0-9-]+(\.service-now\.com)$ + ServiceNowKnowledgeArticleConfiguration: + type: object + properties: + CrawlAttachments: + type: boolean + IncludeAttachmentFilePatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExcludeAttachmentFilePatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + DocumentDataFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + DocumentTitleFieldName: + $ref: '#/components/schemas/DataSourceFieldName' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + FilterQuery: + $ref: '#/components/schemas/ServiceNowKnowledgeArticleFilterQuery' + additionalProperties: false + required: + - DocumentDataFieldName + ServiceNowKnowledgeArticleFilterQuery: + type: string + minLength: 1 + maxLength: 2048 + ConfluenceConfiguration: + type: object + properties: + ServerUrl: + $ref: '#/components/schemas/Url' + SecretArn: + $ref: '#/components/schemas/SecretArn' + Version: + $ref: '#/components/schemas/ConfluenceVersion' + SpaceConfiguration: + $ref: '#/components/schemas/ConfluenceSpaceConfiguration' + PageConfiguration: + $ref: '#/components/schemas/ConfluencePageConfiguration' + BlogConfiguration: + $ref: '#/components/schemas/ConfluenceBlogConfiguration' + AttachmentConfiguration: + $ref: '#/components/schemas/ConfluenceAttachmentConfiguration' + VpcConfiguration: + $ref: '#/components/schemas/DataSourceVpcConfiguration' + InclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + additionalProperties: false + required: + - ServerUrl + - SecretArn + - Version + ConfluenceVersion: + type: string + enum: + - CLOUD + - SERVER + ConfluenceSpaceConfiguration: + type: object + properties: + CrawlPersonalSpaces: + type: boolean + CrawlArchivedSpaces: + type: boolean + IncludeSpaces: + $ref: '#/components/schemas/ConfluenceSpaceList' + ExcludeSpaces: + $ref: '#/components/schemas/ConfluenceSpaceList' + SpaceFieldMappings: + $ref: '#/components/schemas/ConfluenceSpaceFieldMappingsList' + additionalProperties: false + ConfluenceSpaceFieldMappingsList: + type: array + minItems: 1 + maxItems: 4 + items: + $ref: '#/components/schemas/ConfluenceSpaceToIndexFieldMapping' + ConfluenceSpaceToIndexFieldMapping: + type: object + properties: + DataSourceFieldName: + $ref: '#/components/schemas/ConfluenceSpaceFieldName' + DateFieldFormat: + $ref: '#/components/schemas/DateFieldFormat' + IndexFieldName: + $ref: '#/components/schemas/IndexFieldName' + additionalProperties: false + required: + - DataSourceFieldName + - IndexFieldName + ConfluenceSpaceFieldName: + type: string + enum: + - DISPLAY_URL + - ITEM_TYPE + - SPACE_KEY + - URL + ConfluenceSpaceList: + type: array + minItems: 1 + items: + $ref: '#/components/schemas/ConfluenceSpaceIdentifier' + ConfluenceSpaceIdentifier: + type: string + minLength: 1 + maxLength: 255 + ConfluencePageConfiguration: + type: object + properties: + PageFieldMappings: + $ref: '#/components/schemas/ConfluencePageFieldMappingsList' + additionalProperties: false + ConfluencePageFieldMappingsList: + type: array + minItems: 1 + maxItems: 12 + items: + $ref: '#/components/schemas/ConfluencePageToIndexFieldMapping' + ConfluencePageToIndexFieldMapping: + type: object + properties: + DataSourceFieldName: + $ref: '#/components/schemas/ConfluencePageFieldName' + DateFieldFormat: + $ref: '#/components/schemas/DateFieldFormat' + IndexFieldName: + $ref: '#/components/schemas/IndexFieldName' + additionalProperties: false + required: + - DataSourceFieldName + - IndexFieldName + ConfluencePageFieldName: + type: string + enum: + - AUTHOR + - CONTENT_STATUS + - CREATED_DATE + - DISPLAY_URL + - ITEM_TYPE + - LABELS + - MODIFIED_DATE + - PARENT_ID + - SPACE_KEY + - SPACE_NAME + - URL + - VERSION + ConfluenceBlogConfiguration: + type: object + properties: + BlogFieldMappings: + $ref: '#/components/schemas/ConfluenceBlogFieldMappingsList' + additionalProperties: false + ConfluenceBlogFieldMappingsList: + type: array + minItems: 1 + maxItems: 9 + items: + $ref: '#/components/schemas/ConfluenceBlogToIndexFieldMapping' + ConfluenceBlogToIndexFieldMapping: + type: object + properties: + DataSourceFieldName: + $ref: '#/components/schemas/ConfluenceBlogFieldName' + DateFieldFormat: + $ref: '#/components/schemas/DateFieldFormat' + IndexFieldName: + $ref: '#/components/schemas/IndexFieldName' + additionalProperties: false + required: + - DataSourceFieldName + - IndexFieldName + ConfluenceBlogFieldName: + type: string + enum: + - AUTHOR + - DISPLAY_URL + - ITEM_TYPE + - LABELS + - PUBLISH_DATE + - SPACE_KEY + - SPACE_NAME + - URL + - VERSION + ConfluenceAttachmentConfiguration: + type: object + properties: + CrawlAttachments: + type: boolean + AttachmentFieldMappings: + $ref: '#/components/schemas/ConfluenceAttachmentFieldMappingsList' + additionalProperties: false + ConfluenceAttachmentFieldMappingsList: + type: array + minItems: 1 + maxItems: 11 + items: + $ref: '#/components/schemas/ConfluenceAttachmentToIndexFieldMapping' + ConfluenceAttachmentToIndexFieldMapping: + type: object + properties: + DataSourceFieldName: + $ref: '#/components/schemas/ConfluenceAttachmentFieldName' + DateFieldFormat: + $ref: '#/components/schemas/DateFieldFormat' + IndexFieldName: + $ref: '#/components/schemas/IndexFieldName' + additionalProperties: false + required: + - DataSourceFieldName + - IndexFieldName + GoogleDriveConfiguration: + type: object + properties: + SecretArn: + $ref: '#/components/schemas/SecretArn' + InclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + ExcludeMimeTypes: + $ref: '#/components/schemas/ExcludeMimeTypesList' + ExcludeUserAccounts: + $ref: '#/components/schemas/ExcludeUserAccountsList' + ExcludeSharedDrives: + $ref: '#/components/schemas/ExcludeSharedDrivesList' + additionalProperties: false + required: + - SecretArn + ExcludeMimeTypesList: + type: array + minItems: 0 + maxItems: 30 + items: + $ref: '#/components/schemas/MimeType' + MimeType: + type: string + minLength: 1 + maxLength: 256 + ExcludeUserAccountsList: + type: array + minItems: 0 + maxItems: 100 + items: + $ref: '#/components/schemas/UserAccount' + UserAccount: + type: string + minLength: 1 + maxLength: 256 + ExcludeSharedDrivesList: + type: array + minItems: 0 + maxItems: 100 + items: + $ref: '#/components/schemas/SharedDriveId' + SharedDriveId: + type: string + minLength: 1 + maxLength: 256 + ConfluenceAttachmentFieldName: + type: string + enum: + - AUTHOR + - CONTENT_TYPE + - CREATED_DATE + - DISPLAY_URL + - FILE_SIZE + - ITEM_TYPE + - PARENT_ID + - SPACE_KEY + - SPACE_NAME + - URL + - VERSION + WebCrawlerSiteMap: + type: string + pattern: ^(https?):\/\/([^\s]*) + minLength: 1 + maxLength: 2048 + WebCrawlerSiteMaps: + type: array + minItems: 0 + maxItems: 3 + items: + $ref: '#/components/schemas/WebCrawlerSiteMap' + WebCrawlerSiteMapsConfiguration: + type: object + properties: + SiteMaps: + $ref: '#/components/schemas/WebCrawlerSiteMaps' + additionalProperties: false + required: + - SiteMaps + WebCrawlerSeedUrl: + type: string + pattern: ^(https?)://([^\s]*) + minLength: 1 + maxLength: 2048 + WebCrawlerSeedUrlList: + type: array + minItems: 0 + maxItems: 100 + items: + $ref: '#/components/schemas/WebCrawlerSeedUrl' + WebCrawlerSeedUrlConfiguration: + type: object + properties: + SeedUrls: + $ref: '#/components/schemas/WebCrawlerSeedUrlList' + WebCrawlerMode: + type: string + enum: + - HOST_ONLY + - SUBDOMAINS + - EVERYTHING + additionalProperties: false + required: + - SeedUrls + WebCrawlerUrls: + type: object + properties: + SeedUrlConfiguration: + $ref: '#/components/schemas/WebCrawlerSeedUrlConfiguration' + SiteMapsConfiguration: + $ref: '#/components/schemas/WebCrawlerSiteMapsConfiguration' + additionalProperties: false + ProxyConfiguration: + type: object + properties: + Host: + type: string + pattern: ([^\s]*) + minLength: 1 + maxLength: 253 + Port: + type: integer + minimum: 1 + maximum: 65535 + Credentials: + $ref: '#/components/schemas/SecretArn' + additionalProperties: false + required: + - Host + - Port + WebCrawlerBasicAuthentication: + type: object + properties: + Host: + type: string + pattern: ([^\s]*) + minLength: 1 + maxLength: 253 + Port: + type: integer + minimum: 1 + maximum: 65535 + Credentials: + $ref: '#/components/schemas/SecretArn' + additionalProperties: false + required: + - Host + - Port + - Credentials + WebCrawlerBasicAuthenticationList: + type: array + maxItems: 10 + items: + $ref: '#/components/schemas/WebCrawlerBasicAuthentication' + WebCrawlerAuthenticationConfiguration: + type: object + properties: + BasicAuthentication: + $ref: '#/components/schemas/WebCrawlerBasicAuthenticationList' + additionalProperties: false + WebCrawlerConfiguration: + type: object + properties: + Urls: + $ref: '#/components/schemas/WebCrawlerUrls' + CrawlDepth: + type: integer + minimum: 1 + maximum: 10 + MaxLinksPerPage: + type: integer + minimum: 1 + maximum: 1000 + MaxContentSizePerPageInMegaBytes: + type: number + minimum: 0 + maximum: 50 + MaxUrlsPerMinuteCrawlRate: + type: integer + minimum: 1 + maximum: 300 + UrlInclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + UrlExclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ProxyConfiguration: + $ref: '#/components/schemas/ProxyConfiguration' + AuthenticationConfiguration: + $ref: '#/components/schemas/WebCrawlerAuthenticationConfiguration' + additionalProperties: false + required: + - Urls + WorkDocsConfiguration: + type: object + properties: + OrganizationId: + type: string + minLength: 12 + maxLength: 12 + pattern: d-[0-9a-fA-F]{10} + CrawlComments: + type: boolean + UseChangeLog: + type: boolean + InclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + ExclusionPatterns: + $ref: '#/components/schemas/DataSourceInclusionsExclusionsStrings' + FieldMappings: + $ref: '#/components/schemas/DataSourceToIndexFieldMappingList' + additionalProperties: false + required: + - OrganizationId + DataSourceConfiguration: + type: object + properties: + S3Configuration: + $ref: '#/components/schemas/S3DataSourceConfiguration' + SharePointConfiguration: + $ref: '#/components/schemas/SharePointConfiguration' + SalesforceConfiguration: + $ref: '#/components/schemas/SalesforceConfiguration' + OneDriveConfiguration: + $ref: '#/components/schemas/OneDriveConfiguration' + ServiceNowConfiguration: + $ref: '#/components/schemas/ServiceNowConfiguration' + DatabaseConfiguration: + $ref: '#/components/schemas/DatabaseConfiguration' + ConfluenceConfiguration: + $ref: '#/components/schemas/ConfluenceConfiguration' + GoogleDriveConfiguration: + $ref: '#/components/schemas/GoogleDriveConfiguration' + WebCrawlerConfiguration: + $ref: '#/components/schemas/WebCrawlerConfiguration' + WorkDocsConfiguration: + $ref: '#/components/schemas/WorkDocsConfiguration' + additionalProperties: false + oneOf: + - required: + - S3Configuration + - required: + - SharePointConfiguration + - required: + - SalesforceConfiguration + - required: + - OneDriveConfiguration + - required: + - ServiceNowConfiguration + - required: + - DatabaseConfiguration + - required: + - ConfluenceConfiguration + - required: + - GoogleDriveConfiguration + - required: + - WebCrawlerConfiguration + - required: + - WorkDocsConfiguration + Name: + description: Name of index + type: string + minLength: 1 + maxLength: 1000 + Type: + description: Data source type + type: string + enum: + - S3 + - SHAREPOINT + - SALESFORCE + - ONEDRIVE + - SERVICENOW + - DATABASE + - CUSTOM + - CONFLUENCE + - GOOGLEDRIVE + - WEBCRAWLER + - WORKDOCS + Description: + type: string + maxLength: 1000 + LanguageCode: + description: The code for a language. + type: string + minLength: 2 + maxLength: 10 + pattern: '[a-zA-Z-]*' + RoleArn: + description: Role Arn + type: string + minLength: 1 + maxLength: 1284 + pattern: arn:[a-z0-9-\.]{1,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[a-z0-9-\.]{0,63}:[^/].{0,1023} + Schedule: + description: Schedule + type: string + maxLength: 1000 + Id: + description: Unique ID of index + type: string + minLength: 36 + maxLength: 36 + Arn: + type: string + maxLength: 1000 + CustomDocumentEnrichmentConfiguration: + type: object + properties: + InlineConfigurations: + $ref: '#/components/schemas/InlineConfigurations' + PreExtractionHookConfiguration: + $ref: '#/components/schemas/HookConfiguration' + PostExtractionHookConfiguration: + $ref: '#/components/schemas/HookConfiguration' + RoleArn: + $ref: '#/components/schemas/RoleArn' + additionalProperties: false + InlineConfigurations: + description: List of InlineCustomDocumentEnrichmentConfigurations + type: array + maxItems: 100 + items: + $ref: '#/components/schemas/InlineCustomDocumentEnrichmentConfiguration' + InlineCustomDocumentEnrichmentConfiguration: + type: object + properties: + Condition: + $ref: '#/components/schemas/DocumentAttributeCondition' + Target: + $ref: '#/components/schemas/DocumentAttributeTarget' + DocumentContentDeletion: + type: boolean + additionalProperties: false + DocumentAttributeCondition: + type: object + properties: + ConditionDocumentAttributeKey: + $ref: '#/components/schemas/DocumentAttributeKey' + Operator: + $ref: '#/components/schemas/ConditionOperator' + ConditionOnValue: + $ref: '#/components/schemas/DocumentAttributeValue' + required: + - ConditionDocumentAttributeKey + - Operator + additionalProperties: false + DocumentAttributeTarget: + type: object + properties: + TargetDocumentAttributeKey: + $ref: '#/components/schemas/DocumentAttributeKey' + TargetDocumentAttributeValueDeletion: + type: boolean + TargetDocumentAttributeValue: + $ref: '#/components/schemas/DocumentAttributeValue' + required: + - TargetDocumentAttributeKey + additionalProperties: false + ConditionOperator: + type: string + enum: + - GreaterThan + - GreaterThanOrEquals + - LessThan + - LessThanOrEquals + - Equals + - NotEquals + - Contains + - NotContains + - Exists + - NotExists + - BeginsWith + DocumentAttributeKey: + type: string + minLength: 1 + maxLength: 200 + pattern: '[a-zA-Z0-9_][a-zA-Z0-9_-]*' + DocumentAttributeValue: + type: object + properties: + StringValue: + type: string + minLength: 1 + maxLength: 2048 + StringListValue: + type: array + items: + type: string + LongValue: + $ref: '#/components/schemas/Long' + DateValue: + $ref: '#/components/schemas/Timestamp' + additionalProperties: false + Long: + type: integer + format: int64 + Timestamp: + type: string + HookConfiguration: + type: object + properties: + InvocationCondition: + $ref: '#/components/schemas/DocumentAttributeCondition' + LambdaArn: + $ref: '#/components/schemas/LambdaArn' + S3Bucket: + $ref: '#/components/schemas/S3BucketName' + required: + - LambdaArn + - S3Bucket + additionalProperties: false + LambdaArn: + type: string + minLength: 1 + maxLength: 2048 + DataSource: + type: object + properties: + Id: + $ref: '#/components/schemas/Id' + Arn: + $ref: '#/components/schemas/Arn' + Name: + $ref: '#/components/schemas/Name' + IndexId: + $ref: '#/components/schemas/IndexId' + Type: + $ref: '#/components/schemas/Type' + DataSourceConfiguration: + $ref: '#/components/schemas/DataSourceConfiguration' + Description: + $ref: '#/components/schemas/Description' + Schedule: + $ref: '#/components/schemas/Schedule' + RoleArn: + $ref: '#/components/schemas/RoleArn' + Tags: + description: Tags for labeling the data source + $ref: '#/components/schemas/TagList' + CustomDocumentEnrichmentConfiguration: + $ref: '#/components/schemas/CustomDocumentEnrichmentConfiguration' + LanguageCode: + $ref: '#/components/schemas/LanguageCode' + required: + - Name + - IndexId + - Type + x-stackql-resource-name: data_source + x-stackql-primaryIdentifier: + - Id + - IndexId + x-create-only-properties: + - Type + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - kendra:CreateDataSource + - kendra:DescribeDataSource + - kendra:ListTagsForResource + - iam:PassRole + - kendra:TagResource + read: + - kendra:DescribeDataSource + - kendra:ListTagsForResource + delete: + - kendra:DescribeDataSource + - kendra:DeleteDataSource + list: + - kendra:ListDataSources + update: + - kendra:DescribeDataSource + - kendra:UpdateDataSource + - kendra:ListTagsForResource + - kendra:TagResource + - kendra:UntagResource + - iam:PassRole + FileFormat: + description: Format of the input file + enum: + - CSV + - CSV_WITH_HEADER + - JSON + type: string + FaqName: + type: string + minLength: 1 + maxLength: 100 + Faq: + type: object + properties: + Id: + $ref: '#/components/schemas/Id' + IndexId: + description: Index ID + $ref: '#/components/schemas/IndexId' + Name: + description: FAQ name + $ref: '#/components/schemas/FaqName' + Description: + description: FAQ description + $ref: '#/components/schemas/Description' + FileFormat: + description: FAQ file format + $ref: '#/components/schemas/FileFormat' + S3Path: + description: FAQ S3 path + $ref: '#/components/schemas/S3Path' + RoleArn: + description: FAQ role ARN + $ref: '#/components/schemas/RoleArn' + Tags: + description: Tags for labeling the FAQ + $ref: '#/components/schemas/TagList' + Arn: + type: string + maxLength: 1000 + required: + - IndexId + - Name + - S3Path + - RoleArn + x-stackql-resource-name: faq + x-stackql-primaryIdentifier: + - Id + - IndexId + x-create-only-properties: + - IndexId + - Name + - S3Path + - RoleArn + - Description + - FileFormat + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - kendra:CreateFaq + - kendra:DescribeFaq + - iam:PassRole + - kendra:ListTagsForResource + - kendra:TagResource + update: + - kendra:ListTagsForResource + - kendra:UntagResource + - kendra:TagResource + read: + - kendra:DescribeFaq + - kendra:ListTagsForResource + delete: + - kendra:DeleteFaq + - kendra:DescribeFaq + list: + - kendra:ListFaqs + ServerSideEncryptionConfiguration: + type: object + properties: + KmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + additionalProperties: false + KmsKeyId: + type: string + minLength: 1 + maxLength: 2048 + Importance: + type: integer + minimum: 1 + maximum: 10 + Freshness: + type: boolean + Duration: + type: string + minLength: 1 + maxLength: 10 + pattern: '[0-9]+[s]' + Order: + type: string + enum: + - ASCENDING + - DESCENDING + Relevance: + type: object + properties: + Freshness: + $ref: '#/components/schemas/Freshness' + Importance: + $ref: '#/components/schemas/Importance' + Duration: + $ref: '#/components/schemas/Duration' + RankOrder: + $ref: '#/components/schemas/Order' + ValueImportanceItems: + $ref: '#/components/schemas/ValueImportanceItems' + additionalProperties: false + ValueImportanceItems: + type: array + items: + $ref: '#/components/schemas/ValueImportanceItem' + ValueImportanceItem: + type: object + properties: + Key: + $ref: '#/components/schemas/ValueImportanceItemKey' + Value: + $ref: '#/components/schemas/Importance' + additionalProperties: false + ValueImportanceItemKey: + type: string + minLength: 1 + maxLength: 50 + Search: + type: object + properties: + Facetable: + type: boolean + Searchable: + type: boolean + Displayable: + type: boolean + Sortable: + type: boolean + additionalProperties: false + DocumentMetadataConfigurationName: + type: string + minLength: 1 + maxLength: 30 + DocumentAttributeValueType: + type: string + enum: + - STRING_VALUE + - STRING_LIST_VALUE + - LONG_VALUE + - DATE_VALUE + DocumentMetadataConfiguration: + type: object + properties: + Name: + $ref: '#/components/schemas/DocumentMetadataConfigurationName' + Type: + $ref: '#/components/schemas/DocumentAttributeValueType' + Relevance: + $ref: '#/components/schemas/Relevance' + Search: + $ref: '#/components/schemas/Search' + additionalProperties: false + required: + - Name + - Type + DocumentMetadataConfigurationList: + type: array + maxItems: 500 + items: + $ref: '#/components/schemas/DocumentMetadataConfiguration' + StorageCapacityUnits: + type: integer + minimum: 0 + QueryCapacityUnits: + type: integer + minimum: 0 + CapacityUnitsConfiguration: + type: object + properties: + StorageCapacityUnits: + $ref: '#/components/schemas/StorageCapacityUnits' + QueryCapacityUnits: + $ref: '#/components/schemas/QueryCapacityUnits' + additionalProperties: false + required: + - StorageCapacityUnits + - QueryCapacityUnits + Edition: + description: Edition of index + type: string + enum: + - DEVELOPER_EDITION + - ENTERPRISE_EDITION + UserContextPolicy: + type: string + enum: + - ATTRIBUTE_FILTER + - USER_TOKEN + UserNameAttributeField: + type: string + minLength: 1 + maxLength: 100 + GroupAttributeField: + type: string + minLength: 1 + maxLength: 100 + KeyLocation: + type: string + enum: + - URL + - SECRET_MANAGER + Issuer: + type: string + minLength: 1 + maxLength: 65 + ClaimRegex: + type: string + minLength: 1 + maxLength: 100 + JsonTokenTypeConfiguration: + type: object + properties: + UserNameAttributeField: + $ref: '#/components/schemas/UserNameAttributeField' + GroupAttributeField: + $ref: '#/components/schemas/GroupAttributeField' + additionalProperties: false + required: + - UserNameAttributeField + - GroupAttributeField + JwtTokenTypeConfiguration: + type: object + properties: + KeyLocation: + $ref: '#/components/schemas/KeyLocation' + URL: + $ref: '#/components/schemas/Url' + SecretManagerArn: + $ref: '#/components/schemas/RoleArn' + UserNameAttributeField: + $ref: '#/components/schemas/UserNameAttributeField' + GroupAttributeField: + $ref: '#/components/schemas/GroupAttributeField' + Issuer: + $ref: '#/components/schemas/Issuer' + ClaimRegex: + $ref: '#/components/schemas/ClaimRegex' + additionalProperties: false + required: + - KeyLocation + UserTokenConfiguration: + type: object + properties: + JwtTokenTypeConfiguration: + $ref: '#/components/schemas/JwtTokenTypeConfiguration' + JsonTokenTypeConfiguration: + $ref: '#/components/schemas/JsonTokenTypeConfiguration' + additionalProperties: false + UserTokenConfigurationList: + type: array + maxItems: 1 + items: + $ref: '#/components/schemas/UserTokenConfiguration' + Index: + type: object + properties: + Id: + $ref: '#/components/schemas/Id' + Arn: + $ref: '#/components/schemas/Arn' + Description: + description: A description for the index + $ref: '#/components/schemas/Description' + ServerSideEncryptionConfiguration: + description: Server side encryption configuration + $ref: '#/components/schemas/ServerSideEncryptionConfiguration' + Tags: + description: Tags for labeling the index + $ref: '#/components/schemas/TagList' + Name: + $ref: '#/components/schemas/Name' + RoleArn: + $ref: '#/components/schemas/RoleArn' + Edition: + $ref: '#/components/schemas/Edition' + DocumentMetadataConfigurations: + description: Document metadata configurations + $ref: '#/components/schemas/DocumentMetadataConfigurationList' + CapacityUnits: + description: Capacity units + $ref: '#/components/schemas/CapacityUnitsConfiguration' + UserContextPolicy: + $ref: '#/components/schemas/UserContextPolicy' + UserTokenConfigurations: + $ref: '#/components/schemas/UserTokenConfigurationList' + required: + - Name + - RoleArn + - Edition + x-stackql-resource-name: index + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Edition + - ServerSideEncryptionConfiguration + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - kendra:CreateIndex + - kendra:DescribeIndex + - kendra:UpdateIndex + - kendra:ListTagsForResource + - iam:PassRole + - kendra:TagResource + read: + - kendra:DescribeIndex + - kendra:ListTagsForResource + update: + - kendra:DescribeIndex + - kendra:UpdateIndex + - kendra:ListTagsForResource + - kendra:TagResource + - kendra:UntagResource + - iam:PassRole + delete: + - kendra:DescribeIndex + - kendra:DeleteIndex + list: + - kendra:ListIndices + x-stackQL-resources: + data_sources: + name: data_sources + id: awscc.kendra.data_sources + x-cfn-schema-name: DataSource + x-type: list + x-identifiers: + - Id + - IndexId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.IndexId') as index_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kendra::DataSource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'IndexId') as index_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kendra::DataSource' + AND region = 'us-east-1' + data_source: + name: data_source + id: awscc.kendra.data_source + x-cfn-schema-name: DataSource + x-type: get + x-identifiers: + - Id + - IndexId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.IndexId') as index_id, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.DataSourceConfiguration') as data_source_configuration, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CustomDocumentEnrichmentConfiguration') as custom_document_enrichment_configuration, + JSON_EXTRACT(Properties, '$.LanguageCode') as language_code + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kendra::DataSource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'IndexId') as index_id, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'DataSourceConfiguration') as data_source_configuration, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CustomDocumentEnrichmentConfiguration') as custom_document_enrichment_configuration, + json_extract_path_text(Properties, 'LanguageCode') as language_code + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kendra::DataSource' + AND data__Identifier = '' + AND region = 'us-east-1' + faqs: + name: faqs + id: awscc.kendra.faqs + x-cfn-schema-name: Faq + x-type: list + x-identifiers: + - Id + - IndexId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.IndexId') as index_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kendra::Faq' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'IndexId') as index_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kendra::Faq' + AND region = 'us-east-1' + faq: + name: faq + id: awscc.kendra.faq + x-cfn-schema-name: Faq + x-type: get + x-identifiers: + - Id + - IndexId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.IndexId') as index_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.FileFormat') as file_format, + JSON_EXTRACT(Properties, '$.S3Path') as s3_path, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kendra::Faq' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'IndexId') as index_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'FileFormat') as file_format, + json_extract_path_text(Properties, 'S3Path') as s3_path, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kendra::Faq' + AND data__Identifier = '' + AND region = 'us-east-1' + indices: + name: indices + id: awscc.kendra.indices + x-cfn-schema-name: Index + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kendra::Index' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kendra::Index' + AND region = 'us-east-1' + index: + name: index + id: awscc.kendra.index + x-cfn-schema-name: Index + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Edition') as edition, + JSON_EXTRACT(Properties, '$.DocumentMetadataConfigurations') as document_metadata_configurations, + JSON_EXTRACT(Properties, '$.CapacityUnits') as capacity_units, + JSON_EXTRACT(Properties, '$.UserContextPolicy') as user_context_policy, + JSON_EXTRACT(Properties, '$.UserTokenConfigurations') as user_token_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kendra::Index' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Edition') as edition, + json_extract_path_text(Properties, 'DocumentMetadataConfigurations') as document_metadata_configurations, + json_extract_path_text(Properties, 'CapacityUnits') as capacity_units, + json_extract_path_text(Properties, 'UserContextPolicy') as user_context_policy, + json_extract_path_text(Properties, 'UserTokenConfigurations') as user_token_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kendra::Index' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kendraranking.yaml b/providers/src/awscc/v00.00.00000/services/kendraranking.yaml new file mode 100644 index 00000000..10445df4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kendraranking.yaml @@ -0,0 +1,169 @@ +openapi: 3.0.0 +info: + title: KendraRanking + version: 1.0.0 +paths: {} +components: + schemas: + Description: + type: string + maxLength: 1000 + Tag: + description: A label for tagging KendraRanking resources + type: object + properties: + Key: + description: A string used to identify this tag + type: string + minLength: 1 + maxLength: 128 + Value: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Tags: + description: List of tags + type: array + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + RescoreCapacityUnits: + type: integer + minimum: 0 + CapacityUnitsConfiguration: + type: object + properties: + RescoreCapacityUnits: + $ref: '#/components/schemas/RescoreCapacityUnits' + additionalProperties: false + required: + - RescoreCapacityUnits + Name: + description: Name of kendra ranking rescore execution plan + type: string + minLength: 1 + maxLength: 1000 + Id: + description: Unique ID of rescore execution plan + type: string + minLength: 36 + maxLength: 36 + Arn: + type: string + maxLength: 1000 + ExecutionPlan: + type: object + properties: + Id: + $ref: '#/components/schemas/Id' + Arn: + $ref: '#/components/schemas/Arn' + Description: + description: A description for the execution plan + $ref: '#/components/schemas/Description' + Tags: + description: Tags for labeling the execution plan + $ref: '#/components/schemas/Tags' + Name: + $ref: '#/components/schemas/Name' + CapacityUnits: + description: Capacity units + $ref: '#/components/schemas/CapacityUnitsConfiguration' + required: + - Name + x-stackql-resource-name: execution_plan + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - kendra-ranking:CreateRescoreExecutionPlan + - kendra-ranking:DescribeRescoreExecutionPlan + - kendra-ranking:UpdateRescoreExecutionPlan + - kendra-ranking:ListTagsForResource + - kendra-ranking:TagResource + read: + - kendra-ranking:DescribeRescoreExecutionPlan + - kendra-ranking:ListTagsForResource + update: + - kendra-ranking:DescribeRescoreExecutionPlan + - kendra-ranking:UpdateRescoreExecutionPlan + - kendra-ranking:ListTagsForResource + - kendra-ranking:TagResource + - kendra-ranking:UntagResource + delete: + - kendra-ranking:DescribeRescoreExecutionPlan + - kendra-ranking:DeleteRescoreExecutionPlan + list: + - kendra-ranking:ListRescoreExecutionPlans + x-stackQL-resources: + execution_plans: + name: execution_plans + id: awscc.kendraranking.execution_plans + x-cfn-schema-name: ExecutionPlan + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KendraRanking::ExecutionPlan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KendraRanking::ExecutionPlan' + AND region = 'us-east-1' + execution_plan: + name: execution_plan + id: awscc.kendraranking.execution_plan + x-cfn-schema-name: ExecutionPlan + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.CapacityUnits') as capacity_units + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KendraRanking::ExecutionPlan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'CapacityUnits') as capacity_units + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KendraRanking::ExecutionPlan' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kinesis.yaml b/providers/src/awscc/v00.00.00000/services/kinesis.yaml new file mode 100644 index 00000000..e089ba91 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kinesis.yaml @@ -0,0 +1,202 @@ +openapi: 3.0.0 +info: + title: Kinesis + version: 1.0.0 +paths: {} +components: + schemas: + StreamModeDetails: + description: When specified, enables or updates the mode of stream. Default is PROVISIONED. + additionalProperties: false + type: object + properties: + StreamMode: + description: The mode of the stream + type: string + enum: + - ON_DEMAND + - PROVISIONED + required: + - StreamMode + StreamEncryption: + description: When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption. + additionalProperties: false + type: object + properties: + EncryptionType: + description: 'The encryption type to use. The only valid value is KMS. ' + type: string + enum: + - KMS + KeyId: + minLength: 1 + description: The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by "alias/".You can also use a master key owned by Kinesis Data Streams by specifying the alias aws/kinesis. + anyOf: + - relationshipRef: + typeName: AWS::KMS::Key + propertyPath: /properties/Arn + - relationshipRef: + typeName: AWS::KMS::Key + propertyPath: /properties/KeyId + type: string + maxLength: 2048 + required: + - EncryptionType + - KeyId + Tag: + description: An arbitrary set of tags (key-value pairs) to associate with the Kinesis stream. + additionalProperties: false + type: object + properties: + Value: + minLength: 0 + description: 'The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + maxLength: 255 + Key: + minLength: 1 + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + maxLength: 128 + required: + - Key + - Value + Stream: + type: object + properties: + StreamModeDetails: + default: + StreamMode: PROVISIONED + description: The mode in which the stream is running. + $ref: '#/components/schemas/StreamModeDetails' + StreamEncryption: + description: When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. + $ref: '#/components/schemas/StreamEncryption' + Arn: + description: The Amazon resource name (ARN) of the Kinesis stream + type: string + RetentionPeriodHours: + description: The number of hours for the data records that are stored in shards to remain accessible. + type: integer + minimum: 24 + Tags: + maxItems: 50 + uniqueItems: false + description: An arbitrary set of tags (key–value pairs) to associate with the Kinesis stream. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/Tag' + Name: + minLength: 1 + pattern: ^[a-zA-Z0-9_.-]+$ + description: The name of the Kinesis stream. + type: string + maxLength: 128 + ShardCount: + description: The number of shards that the stream uses. Required when StreamMode = PROVISIONED is passed. + type: integer + minimum: 1 + x-stackql-resource-name: stream + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + read: + - kinesis:DescribeStreamSummary + - kinesis:ListTagsForStream + create: + - kinesis:EnableEnhancedMonitoring + - kinesis:DescribeStreamSummary + - kinesis:CreateStream + - kinesis:IncreaseStreamRetentionPeriod + - kinesis:StartStreamEncryption + - kinesis:AddTagsToStream + - kinesis:ListTagsForStream + update: + - kinesis:EnableEnhancedMonitoring + - kinesis:DisableEnhancedMonitoring + - kinesis:DescribeStreamSummary + - kinesis:UpdateShardCount + - kinesis:UpdateStreamMode + - kinesis:IncreaseStreamRetentionPeriod + - kinesis:DecreaseStreamRetentionPeriod + - kinesis:StartStreamEncryption + - kinesis:StopStreamEncryption + - kinesis:AddTagsToStream + - kinesis:RemoveTagsFromStream + - kinesis:ListTagsForStream + list: + - kinesis:ListStreams + delete: + - kinesis:DescribeStreamSummary + - kinesis:DeleteStream + - kinesis:RemoveTagsFromStream + x-stackQL-resources: + streams: + name: streams + id: awscc.kinesis.streams + x-cfn-schema-name: Stream + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kinesis::Stream' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Kinesis::Stream' + AND region = 'us-east-1' + kinesis_stream: + name: kinesis_stream + id: awscc.kinesis.kinesis_stream + x-cfn-schema-name: Stream + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StreamModeDetails') as stream_mode_details, + JSON_EXTRACT(Properties, '$.StreamEncryption') as stream_encryption, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.RetentionPeriodHours') as retention_period_hours, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ShardCount') as shard_count + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kinesis::Stream' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StreamModeDetails') as stream_mode_details, + json_extract_path_text(Properties, 'StreamEncryption') as stream_encryption, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'RetentionPeriodHours') as retention_period_hours, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ShardCount') as shard_count + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Kinesis::Stream' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kinesisanalyticsv2.yaml b/providers/src/awscc/v00.00.00000/services/kinesisanalyticsv2.yaml new file mode 100644 index 00000000..ae131ad5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kinesisanalyticsv2.yaml @@ -0,0 +1,811 @@ +openapi: 3.0.0 +info: + title: KinesisAnalyticsV2 + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + description: The Amazon Resource Name + type: string + minLength: 1 + maxLength: 2048 + pattern: ^arn:.*$ + ApplicationConfiguration: + description: Specifies the creation parameters for a Kinesis Data Analytics application. + type: object + additionalProperties: false + properties: + ApplicationCodeConfiguration: + description: The code location and type parameters for a Flink-based Kinesis Data Analytics application. + $ref: '#/components/schemas/ApplicationCodeConfiguration' + ApplicationSnapshotConfiguration: + description: Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application. + $ref: '#/components/schemas/ApplicationSnapshotConfiguration' + EnvironmentProperties: + description: Describes execution properties for a Flink-based Kinesis Data Analytics application. + $ref: '#/components/schemas/EnvironmentProperties' + FlinkApplicationConfiguration: + description: The creation and update parameters for a Flink-based Kinesis Data Analytics application. + $ref: '#/components/schemas/FlinkApplicationConfiguration' + SqlApplicationConfiguration: + description: The creation and update parameters for a SQL-based Kinesis Data Analytics application. + $ref: '#/components/schemas/SqlApplicationConfiguration' + ZeppelinApplicationConfiguration: + description: The configuration parameters for a Kinesis Data Analytics Studio notebook. + $ref: '#/components/schemas/ZeppelinApplicationConfiguration' + VpcConfigurations: + description: The array of descriptions of VPC configurations available to the application. + $ref: '#/components/schemas/VpcConfigurations' + RunConfiguration: + description: Identifies the run configuration (start parameters) of a Kinesis Data Analytics application. This section is evaluated only on stack updates for applications in running RUNNING state and has no effect during manual application start. + type: object + additionalProperties: false + properties: + ApplicationRestoreConfiguration: + description: Describes the restore behavior of a restarting application. + $ref: '#/components/schemas/ApplicationRestoreConfiguration' + FlinkRunConfiguration: + description: Describes the starting parameters for a Flink-based Kinesis Data Analytics application. + $ref: '#/components/schemas/FlinkRunConfiguration' + ApplicationRestoreConfiguration: + description: Describes the restore behavior of a restarting application. + type: object + additionalProperties: false + properties: + ApplicationRestoreType: + description: Specifies how the application should be restored. + type: string + enum: + - SKIP_RESTORE_FROM_SNAPSHOT + - RESTORE_FROM_LATEST_SNAPSHOT + - RESTORE_FROM_CUSTOM_SNAPSHOT + SnapshotName: + description: The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if RESTORE_FROM_CUSTOM_SNAPSHOT is specified for the ApplicationRestoreType. + type: string + minLength: 1 + maxLength: 256 + pattern: ^[a-zA-Z0-9_.-]+$ + required: + - ApplicationRestoreType + FlinkRunConfiguration: + description: Describes the starting parameters for a Flink-based Kinesis Data Analytics application. + type: object + additionalProperties: false + properties: + AllowNonRestoredState: + description: When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. Defaults to false. If you update your application without specifying this parameter, AllowNonRestoredState will be set to false, even if it was previously set to true. + type: boolean + ApplicationCodeConfiguration: + description: Describes code configuration for an application. + type: object + additionalProperties: false + properties: + CodeContent: + description: The location and type of the application code. + $ref: '#/components/schemas/CodeContent' + CodeContentType: + description: Specifies whether the code content is in text or zip format. + type: string + enum: + - PLAINTEXT + - ZIPFILE + required: + - CodeContentType + - CodeContent + CodeContent: + description: Specifies either the application code, or the location of the application code, for a Flink-based Kinesis Data Analytics application. + type: object + additionalProperties: false + properties: + ZipFileContent: + description: The zip-format code for a Flink-based Kinesis Data Analytics application. + type: string + S3ContentLocation: + description: Information about the Amazon S3 bucket that contains the application code. + $ref: '#/components/schemas/S3ContentLocation' + TextContent: + description: The text-format code for a Flink-based Kinesis Data Analytics application. + type: string + minLength: 1 + maxLength: 102400 + S3ContentLocation: + description: The location of an application or a custom artifact. + type: object + additionalProperties: false + properties: + BucketARN: + description: The Amazon Resource Name (ARN) for the S3 bucket containing the application code. + $ref: '#/components/schemas/Arn' + FileKey: + description: The file key for the object containing the application code. + type: string + minLength: 1 + maxLength: 1024 + ObjectVersion: + description: The version of the object containing the application code. + type: string + minLength: 1 + maxLength: 1024 + required: + - BucketARN + - FileKey + ApplicationSnapshotConfiguration: + description: Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application. + type: object + additionalProperties: false + properties: + SnapshotsEnabled: + description: Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application. + type: boolean + required: + - SnapshotsEnabled + EnvironmentProperties: + description: Describes execution properties for a Flink-based Kinesis Data Analytics application. + type: object + additionalProperties: false + properties: + PropertyGroups: + description: Describes the execution property groups. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/PropertyGroup' + PropertyGroup: + description: Property key-value pairs passed into an application. + type: object + additionalProperties: false + properties: + PropertyGroupId: + description: Describes the key of an application execution property key-value pair. + type: string + minLength: 1 + maxLength: 50 + pattern: ^[a-zA-Z0-9_.-]+$ + PropertyMap: + description: Describes the value of an application execution property key-value pair. + type: object + additionalProperties: false + maxProperties: 50 + x-patternProperties: + ^.{1,2048}$: + type: string + minLength: 1 + maxLength: 2048 + FlinkApplicationConfiguration: + description: Describes configuration parameters for a Flink-based Kinesis Data Analytics application or a Studio notebook. + type: object + additionalProperties: false + properties: + CheckpointConfiguration: + description: Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see Checkpoints for Fault Tolerance in the Apache Flink Documentation. + $ref: '#/components/schemas/CheckpointConfiguration' + MonitoringConfiguration: + description: Describes configuration parameters for Amazon CloudWatch logging for an application. + $ref: '#/components/schemas/MonitoringConfiguration' + ParallelismConfiguration: + description: Describes parameters for how an application executes multiple tasks simultaneously. + $ref: '#/components/schemas/ParallelismConfiguration' + CheckpointConfiguration: + description: Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see Checkpoints for Fault Tolerance in the Apache Flink Documentation. + type: object + additionalProperties: false + properties: + ConfigurationType: + description: Describes whether the application uses Kinesis Data Analytics' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled`, `CheckpointInterval`, or `MinPauseBetweenCheckpoints` parameters. + type: string + enum: + - DEFAULT + - CUSTOM + CheckpointingEnabled: + description: Describes whether checkpointing is enabled for a Flink-based Kinesis Data Analytics application. + type: boolean + CheckpointInterval: + description: Describes the interval in milliseconds between checkpoint operations. + type: integer + format: int64 + minimum: 1 + maximum: 9223372036854776000 + MinPauseBetweenCheckpoints: + description: Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the CheckpointInterval, the application otherwise performs continual checkpoint operations. For more information, see Tuning Checkpointing in the Apache Flink Documentation. + type: integer + format: int64 + minimum: 0 + maximum: 9223372036854776000 + required: + - ConfigurationType + MonitoringConfiguration: + description: Describes configuration parameters for Amazon CloudWatch logging for a Java-based Kinesis Data Analytics application. For more information about CloudWatch logging, see Monitoring. + type: object + additionalProperties: false + properties: + ConfigurationType: + description: Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to CUSTOM in order to set the LogLevel or MetricsLevel parameters. + type: string + enum: + - DEFAULT + - CUSTOM + MetricsLevel: + description: Describes the granularity of the CloudWatch Logs for an application. The Parallelism level is not recommended for applications with a Parallelism over 64 due to excessive costs. + type: string + enum: + - APPLICATION + - OPERATOR + - PARALLELISM + - TASK + LogLevel: + description: Describes the verbosity of the CloudWatch Logs for an application. + type: string + enum: + - DEBUG + - INFO + - WARN + - ERROR + required: + - ConfigurationType + ParallelismConfiguration: + description: Describes parameters for how a Flink-based Kinesis Data Analytics application executes multiple tasks simultaneously. For more information about parallelism, see Parallel Execution in the Apache Flink Documentation + type: object + additionalProperties: false + properties: + ConfigurationType: + description: Describes whether the application uses the default parallelism for the Kinesis Data Analytics service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled`, `Parallelism`, or `ParallelismPerKPU` properties. + type: string + enum: + - CUSTOM + - DEFAULT + ParallelismPerKPU: + description: Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see Amazon Kinesis Data Analytics Pricing. + type: integer + minimum: 1 + Parallelism: + description: Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if ParallelismConfiguration:AutoScalingEnabled is set to true. + type: integer + minimum: 1 + AutoScalingEnabled: + description: Describes whether the Kinesis Data Analytics service can increase the parallelism of the application in response to increased throughput. + type: boolean + required: + - ConfigurationType + SqlApplicationConfiguration: + description: Describes the inputs, outputs, and reference data sources for a SQL-based Kinesis Data Analytics application. + type: object + additionalProperties: false + properties: + Inputs: + description: The array of Input objects describing the input streams used by the application. + type: array + maxItems: 1 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Input' + Input: + description: When you configure the application input for a SQL-based Kinesis Data Analytics application, you specify the streaming source, the in-application stream name that is created, and the mapping between the two. + type: object + additionalProperties: false + properties: + NamePrefix: + description: The name prefix to use when creating an in-application stream. Suppose that you specify a prefix `"MyInApplicationStream"`. Kinesis Data Analytics then creates one or more (as per the InputParallelism count you specified) in-application streams with the names `"MyInApplicationStream_001"`, `"MyInApplicationStream_002"`, and so on. + type: string + minLength: 1 + maxLength: 32 + pattern: ^[^-\s<>&]*$ + InputSchema: + description: Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created. + $ref: '#/components/schemas/InputSchema' + KinesisStreamsInput: + description: If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN). + $ref: '#/components/schemas/KinesisStreamsInput' + KinesisFirehoseInput: + description: If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN. + $ref: '#/components/schemas/KinesisFirehoseInput' + InputProcessingConfiguration: + description: The InputProcessingConfiguration for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is InputLambdaProcessor. + $ref: '#/components/schemas/InputProcessingConfiguration' + InputParallelism: + description: Describes the number of in-application streams to create. + $ref: '#/components/schemas/InputParallelism' + required: + - NamePrefix + - InputSchema + InputSchema: + description: For a SQL-based Kinesis Data Analytics application, describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream. + type: object + additionalProperties: false + properties: + RecordEncoding: + description: Specifies the encoding of the records in the streaming source. For example, UTF-8. + type: string + enum: + - UTF-8 + RecordColumns: + description: A list of `RecordColumn` objects. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 1000 + items: + $ref: '#/components/schemas/RecordColumn' + RecordFormat: + description: Specifies the format of the records on the streaming source. + $ref: '#/components/schemas/RecordFormat' + required: + - RecordColumns + - RecordFormat + RecordColumn: + description: |- + For a SQL-based Kinesis Data Analytics application, describes the mapping of each data element in the streaming source to the corresponding column in the in-application stream. + Also used to describe the format of the reference data source. + type: object + additionalProperties: false + properties: + Mapping: + description: A reference to the data element in the streaming input or the reference data source. + type: string + minLength: 1 + maxLength: 65535 + Name: + description: The name of the column that is created in the in-application input stream or reference table. + type: string + minLength: 1 + maxLength: 256 + pattern: ^[^-\s<>&]*$ + SqlType: + description: The type of column created in the in-application input stream or reference table. + type: string + minLength: 1 + maxLength: 100 + required: + - SqlType + - Name + RecordFormat: + description: For a SQL-based Kinesis Data Analytics application, describes the record format and relevant mapping information that should be applied to schematize the records on the stream. + type: object + additionalProperties: false + properties: + RecordFormatType: + description: The type of record format. + type: string + enum: + - CSV + - JSON + MappingParameters: + description: When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source. + $ref: '#/components/schemas/MappingParameters' + required: + - RecordFormatType + MappingParameters: + description: When you configure a SQL-based Kinesis Data Analytics application's input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source. + type: object + additionalProperties: false + properties: + CSVMappingParameters: + description: Provides additional mapping information when the record format uses delimiters (for example, CSV). + $ref: '#/components/schemas/CSVMappingParameters' + JSONMappingParameters: + description: Provides additional mapping information when JSON is the record format on the streaming source. + $ref: '#/components/schemas/JSONMappingParameters' + CSVMappingParameters: + description: |- + For a SQL-based Kinesis Data Analytics application, provides additional mapping information when the record format uses delimiters, such as CSV. For example, the following sample records use CSV format, where the records use the '\n' as the row delimiter and a comma (",") as the column delimiter: + `"name1", "address1"` + `"name2", "address2"` + type: object + additionalProperties: false + properties: + RecordColumnDelimiter: + description: The column delimiter. For example, in a CSV format, a comma (",") is the typical column delimiter. + type: string + minLength: 1 + maxLength: 1024 + RecordRowDelimiter: + description: The row delimiter. For example, in a CSV format, '\n' is the typical row delimiter. + type: string + minLength: 1 + maxLength: 1024 + required: + - RecordRowDelimiter + - RecordColumnDelimiter + JSONMappingParameters: + description: For a SQL-based Kinesis Data Analytics application, provides additional mapping information when JSON is the record format on the streaming source. + type: object + additionalProperties: false + properties: + RecordRowPath: + description: The path to the top-level parent that contains the records. + type: string + minLength: 1 + maxLength: 65535 + pattern: ^(?=^\$)(?=^\S+$).*$ + required: + - RecordRowPath + KinesisStreamsInput: + description: Identifies a Kinesis data stream as the streaming source. You provide the stream's Amazon Resource Name (ARN). + type: object + additionalProperties: false + properties: + ResourceARN: + description: The ARN of the input Kinesis data stream to read. + $ref: '#/components/schemas/Arn' + required: + - ResourceARN + KinesisFirehoseInput: + description: For a SQL-based Kinesis Data Analytics application, identifies a Kinesis Data Firehose delivery stream as the streaming source. You provide the delivery stream's Amazon Resource Name (ARN). + type: object + additionalProperties: false + properties: + ResourceARN: + description: The Amazon Resource Name (ARN) of the delivery stream. + $ref: '#/components/schemas/Arn' + required: + - ResourceARN + InputProcessingConfiguration: + description: For an SQL-based Amazon Kinesis Data Analytics application, describes a processor that is used to preprocess the records in the stream before being processed by your application code. Currently, the only input processor available is Amazon Lambda. + type: object + additionalProperties: false + properties: + InputLambdaProcessor: + description: The InputLambdaProcessor that is used to preprocess the records in the stream before being processed by your application code. + $ref: '#/components/schemas/InputLambdaProcessor' + InputLambdaProcessor: + description: An object that contains the Amazon Resource Name (ARN) of the Amazon Lambda function that is used to preprocess records in the stream in a SQL-based Kinesis Data Analytics application. + type: object + additionalProperties: false + properties: + ResourceARN: + description: The ARN of the Amazon Lambda function that operates on records in the stream. + $ref: '#/components/schemas/Arn' + required: + - ResourceARN + InputParallelism: + description: For a SQL-based Kinesis Data Analytics application, describes the number of in-application streams to create for a given streaming source. + type: object + additionalProperties: false + properties: + Count: + description: The number of in-application streams to create. + type: integer + minimum: 1 + maximum: 64 + ZeppelinApplicationConfiguration: + description: The configuration of a Kinesis Data Analytics Studio notebook. + type: object + additionalProperties: false + properties: + CatalogConfiguration: + description: The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook. + $ref: '#/components/schemas/CatalogConfiguration' + MonitoringConfiguration: + description: The monitoring configuration of a Kinesis Data Analytics Studio notebook. + $ref: '#/components/schemas/ZeppelinMonitoringConfiguration' + DeployAsApplicationConfiguration: + description: The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state. + $ref: '#/components/schemas/DeployAsApplicationConfiguration' + CustomArtifactsConfiguration: + description: A list of CustomArtifactConfiguration objects. + $ref: '#/components/schemas/CustomArtifactsConfiguration' + CatalogConfiguration: + description: The configuration parameters for the default Amazon Glue database. You use this database for SQL queries that you write in a Kinesis Data Analytics Studio notebook. + type: object + additionalProperties: false + properties: + GlueDataCatalogConfiguration: + description: The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook. + $ref: '#/components/schemas/GlueDataCatalogConfiguration' + GlueDataCatalogConfiguration: + description: The configuration of the Glue Data Catalog that you use for Apache Flink SQL queries and table API transforms that you write in an application. + type: object + additionalProperties: false + properties: + DatabaseARN: + description: The Amazon Resource Name (ARN) of the database. + $ref: '#/components/schemas/Arn' + ZeppelinMonitoringConfiguration: + description: Describes configuration parameters for Amazon CloudWatch logging for a Kinesis Data Analytics Studio notebook. For more information about CloudWatch logging, see Monitoring. + type: object + additionalProperties: false + properties: + LogLevel: + description: The verbosity of the CloudWatch Logs for an application. You can set it to `INFO`, `WARN`, `ERROR`, or `DEBUG`. + type: string + enum: + - DEBUG + - INFO + - WARN + - ERROR + DeployAsApplicationConfiguration: + description: The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state. + type: object + additionalProperties: false + properties: + S3ContentLocation: + description: The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data. + $ref: '#/components/schemas/S3ContentBaseLocation' + required: + - S3ContentLocation + S3ContentBaseLocation: + description: The base location of the Amazon Data Analytics application. + type: object + additionalProperties: false + properties: + BucketARN: + description: The Amazon Resource Name (ARN) of the S3 bucket. + $ref: '#/components/schemas/Arn' + BasePath: + description: The base path for the S3 bucket. + type: string + minLength: 1 + maxLength: 1024 + pattern: ^[a-zA-Z0-9/!-_.*'()]+$ + required: + - BucketARN + CustomArtifactsConfiguration: + description: A list of CustomArtifactConfiguration objects. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 50 + items: + description: The configuration of connectors and user-defined functions. + $ref: '#/components/schemas/CustomArtifactConfiguration' + CustomArtifactConfiguration: + description: The configuration of connectors and user-defined functions. + type: object + additionalProperties: false + properties: + ArtifactType: + description: Set this to either `UDF` or `DEPENDENCY_JAR`. `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket. + type: string + enum: + - DEPENDENCY_JAR + - UDF + MavenReference: + description: The parameters required to fully specify a Maven reference. + $ref: '#/components/schemas/MavenReference' + S3ContentLocation: + description: The location of the custom artifacts. + $ref: '#/components/schemas/S3ContentLocation' + required: + - ArtifactType + MavenReference: + description: The information required to specify a Maven reference. You can use Maven references to specify dependency JAR files. + type: object + additionalProperties: false + properties: + ArtifactId: + description: The artifact ID of the Maven reference. + type: string + minLength: 1 + maxLength: 256 + pattern: ^[a-zA-Z0-9_.-]+$ + GroupId: + description: The group ID of the Maven reference. + type: string + minLength: 1 + maxLength: 256 + pattern: ^[a-zA-Z0-9_.-]+$ + Version: + description: The version of the Maven reference. + type: string + minLength: 1 + maxLength: 256 + pattern: ^[a-zA-Z0-9_.-]+$ + required: + - ArtifactId + - GroupId + - Version + VpcConfigurations: + description: The array of descriptions of VPC configurations available to the application. + type: array + uniqueItems: false + x-insertionOrder: false + maxItems: 1 + items: + description: Describes the parameters of a VPC used by the application. + $ref: '#/components/schemas/VpcConfiguration' + VpcConfiguration: + description: Describes the parameters of a VPC used by the application. + type: object + additionalProperties: false + properties: + SecurityGroupIds: + description: The array of SecurityGroup IDs used by the VPC configuration. + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 5 + items: + type: string + SubnetIds: + description: The array of Subnet IDs used by the VPC configuration. + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 16 + items: + type: string + required: + - SecurityGroupIds + - SubnetIds + ApplicationMaintenanceConfiguration: + description: Describes the maintenance configuration for the application. + type: object + additionalProperties: false + properties: + ApplicationMaintenanceWindowStartTime: + description: The start time for the maintenance window. + type: string + pattern: ^([01][0-9]|2[0-3]):[0-5][0-9]$ + required: + - ApplicationMaintenanceWindowStartTime + Tag: + description: A key-value pair that identifies an application. + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that''s 1 to 128 Unicode characters in length and can''t be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + minLength: 1 + maxLength: 128 + Value: + description: The value for the tag. You can specify a value that's 0 to 256 characters in length. + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + Application: + type: object + properties: + ApplicationConfiguration: + description: Use this parameter to configure the application. + $ref: '#/components/schemas/ApplicationConfiguration' + ApplicationDescription: + description: The description of the application. + type: string + default: '' + minLength: 0 + maxLength: 1024 + ApplicationMode: + description: To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE`. However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional. + type: string + enum: + - INTERACTIVE + - STREAMING + ApplicationName: + description: The name of the application. + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9_.-]+$ + RuntimeEnvironment: + description: The runtime environment for the application. + type: string + ServiceExecutionRole: + description: Specifies the IAM role that the application uses to access external resources. + $ref: '#/components/schemas/Arn' + RunConfiguration: + description: Specifies run configuration (start parameters) of a Kinesis Data Analytics application. Evaluated on update for RUNNING applications an only. + $ref: '#/components/schemas/RunConfiguration' + ApplicationMaintenanceConfiguration: + description: Used to configure start of maintenance window. + $ref: '#/components/schemas/ApplicationMaintenanceConfiguration' + Tags: + description: A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50. + type: array + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - RuntimeEnvironment + - ServiceExecutionRole + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationName + x-create-only-properties: + - ApplicationName + - ApplicationMode + - RuntimeEnvironment + x-required-permissions: + create: + - iam:PassRole + - kinesisanalytics:CreateApplication + - kinesisanalytics:DescribeApplication + - kinesisanalytics:ListTagsForResource + - kinesisanalytics:UpdateApplicationMaintenanceConfiguration + read: + - kinesisanalytics:DescribeApplication + - kinesisanalytics:ListTagsForResource + update: + - kinesisanalytics:UpdateApplication + - kinesisanalytics:DescribeApplication + - kinesisanalytics:TagResource + - kinesisanalytics:UntagResource + - kinesisanalytics:AddApplicationVpcConfiguration + - kinesisanalytics:DeleteApplicationVpcConfiguration + - kinesisanalytics:UpdateApplicationMaintenanceConfiguration + - kinesisanalytics:ListTagsForResource + delete: + - kinesisanalytics:DescribeApplication + - kinesisanalytics:DeleteApplication + list: + - kinesisanalytics:ListApplications + x-stackQL-resources: + applications: + name: applications + id: awscc.kinesisanalyticsv2.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisAnalyticsV2::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationName') as application_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisAnalyticsV2::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.kinesisanalyticsv2.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationConfiguration') as application_configuration, + JSON_EXTRACT(Properties, '$.ApplicationDescription') as application_description, + JSON_EXTRACT(Properties, '$.ApplicationMode') as application_mode, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name, + JSON_EXTRACT(Properties, '$.RuntimeEnvironment') as runtime_environment, + JSON_EXTRACT(Properties, '$.ServiceExecutionRole') as service_execution_role, + JSON_EXTRACT(Properties, '$.RunConfiguration') as run_configuration, + JSON_EXTRACT(Properties, '$.ApplicationMaintenanceConfiguration') as application_maintenance_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisAnalyticsV2::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationConfiguration') as application_configuration, + json_extract_path_text(Properties, 'ApplicationDescription') as application_description, + json_extract_path_text(Properties, 'ApplicationMode') as application_mode, + json_extract_path_text(Properties, 'ApplicationName') as application_name, + json_extract_path_text(Properties, 'RuntimeEnvironment') as runtime_environment, + json_extract_path_text(Properties, 'ServiceExecutionRole') as service_execution_role, + json_extract_path_text(Properties, 'RunConfiguration') as run_configuration, + json_extract_path_text(Properties, 'ApplicationMaintenanceConfiguration') as application_maintenance_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisAnalyticsV2::Application' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kinesisfirehose.yaml b/providers/src/awscc/v00.00.00000/services/kinesisfirehose.yaml new file mode 100644 index 00000000..17ecb54c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kinesisfirehose.yaml @@ -0,0 +1,1125 @@ +openapi: 3.0.0 +info: + title: KinesisFirehose + version: 1.0.0 +paths: {} +components: + schemas: + DeliveryStreamEncryptionConfigurationInput: + type: object + additionalProperties: false + properties: + KeyARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + KeyType: + type: string + enum: + - AWS_OWNED_CMK + - CUSTOMER_MANAGED_CMK + required: + - KeyType + SplunkDestinationConfiguration: + type: object + additionalProperties: false + properties: + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + HECAcknowledgmentTimeoutInSeconds: + type: integer + minimum: 180 + maximum: 600 + HECEndpoint: + type: string + minLength: 0 + maxLength: 2048 + HECEndpointType: + type: string + enum: + - Raw + - Event + HECToken: + type: string + minLength: 0 + maxLength: 2048 + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RetryOptions: + $ref: '#/components/schemas/SplunkRetryOptions' + S3BackupMode: + type: string + S3Configuration: + $ref: '#/components/schemas/S3DestinationConfiguration' + BufferingHints: + $ref: '#/components/schemas/SplunkBufferingHints' + required: + - HECEndpoint + - S3Configuration + - HECToken + - HECEndpointType + HttpEndpointDestinationConfiguration: + type: object + additionalProperties: false + properties: + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + EndpointConfiguration: + $ref: '#/components/schemas/HttpEndpointConfiguration' + RequestConfiguration: + $ref: '#/components/schemas/HttpEndpointRequestConfiguration' + BufferingHints: + $ref: '#/components/schemas/BufferingHints' + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RetryOptions: + $ref: '#/components/schemas/RetryOptions' + S3BackupMode: + type: string + S3Configuration: + $ref: '#/components/schemas/S3DestinationConfiguration' + required: + - EndpointConfiguration + - S3Configuration + KinesisStreamSourceConfiguration: + type: object + additionalProperties: false + properties: + KinesisStreamARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + required: + - RoleARN + - KinesisStreamARN + MSKSourceConfiguration: + type: object + additionalProperties: false + properties: + MSKClusterARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + TopicName: + type: string + minLength: 1 + maxLength: 255 + pattern: '[a-zA-Z0-9\._\-]+' + AuthenticationConfiguration: + $ref: '#/components/schemas/AuthenticationConfiguration' + required: + - MSKClusterARN + - TopicName + - AuthenticationConfiguration + AuthenticationConfiguration: + type: object + additionalProperties: false + properties: + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + Connectivity: + type: string + enum: + - PUBLIC + - PRIVATE + required: + - RoleARN + - Connectivity + VpcConfiguration: + type: object + additionalProperties: false + properties: + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + SubnetIds: + type: array + uniqueItems: true + items: + type: string + minLength: 1 + maxLength: 1024 + minItems: 1 + maxItems: 16 + SecurityGroupIds: + type: array + uniqueItems: true + items: + type: string + minLength: 1 + maxLength: 1024 + minItems: 1 + maxItems: 5 + required: + - RoleARN + - SubnetIds + - SecurityGroupIds + DocumentIdOptions: + type: object + additionalProperties: false + properties: + DefaultDocumentIdFormat: + type: string + enum: + - FIREHOSE_DEFAULT + - NO_DOCUMENT_ID + required: + - DefaultDocumentIdFormat + ExtendedS3DestinationConfiguration: + type: object + additionalProperties: false + properties: + BucketARN: + type: string + minLength: 1 + maxLength: 2048 + pattern: arn:.* + BufferingHints: + $ref: '#/components/schemas/BufferingHints' + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + CompressionFormat: + type: string + enum: + - UNCOMPRESSED + - GZIP + - ZIP + - Snappy + - HADOOP_SNAPPY + CustomTimeZone: + type: string + minLength: 0 + maxLength: 50 + DataFormatConversionConfiguration: + $ref: '#/components/schemas/DataFormatConversionConfiguration' + DynamicPartitioningConfiguration: + $ref: '#/components/schemas/DynamicPartitioningConfiguration' + EncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + ErrorOutputPrefix: + type: string + minLength: 0 + maxLength: 1024 + FileExtension: + type: string + minLength: 0 + maxLength: 128 + pattern: ^$|\.[0-9a-z!\-_.*'()]+ + Prefix: + type: string + minLength: 0 + maxLength: 1024 + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + S3BackupConfiguration: + $ref: '#/components/schemas/S3DestinationConfiguration' + S3BackupMode: + type: string + enum: + - Disabled + - Enabled + required: + - BucketARN + - RoleARN + S3DestinationConfiguration: + type: object + additionalProperties: false + properties: + BucketARN: + type: string + minLength: 1 + maxLength: 2048 + pattern: arn:.* + BufferingHints: + $ref: '#/components/schemas/BufferingHints' + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + CompressionFormat: + type: string + enum: + - UNCOMPRESSED + - GZIP + - ZIP + - Snappy + - HADOOP_SNAPPY + EncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + ErrorOutputPrefix: + type: string + minLength: 0 + maxLength: 1024 + Prefix: + type: string + minLength: 0 + maxLength: 1024 + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + required: + - BucketARN + - RoleARN + RedshiftDestinationConfiguration: + type: object + additionalProperties: false + properties: + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + ClusterJDBCURL: + type: string + minLength: 1 + maxLength: 512 + CopyCommand: + $ref: '#/components/schemas/CopyCommand' + Password: + type: string + minLength: 6 + maxLength: 512 + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RetryOptions: + $ref: '#/components/schemas/RedshiftRetryOptions' + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + S3BackupConfiguration: + $ref: '#/components/schemas/S3DestinationConfiguration' + S3BackupMode: + type: string + enum: + - Disabled + - Enabled + S3Configuration: + $ref: '#/components/schemas/S3DestinationConfiguration' + Username: + type: string + minLength: 1 + maxLength: 512 + required: + - S3Configuration + - Username + - ClusterJDBCURL + - CopyCommand + - RoleARN + - Password + ElasticsearchDestinationConfiguration: + type: object + additionalProperties: false + properties: + BufferingHints: + $ref: '#/components/schemas/ElasticsearchBufferingHints' + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + DomainARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + IndexName: + type: string + minLength: 1 + maxLength: 80 + IndexRotationPeriod: + type: string + enum: + - NoRotation + - OneHour + - OneDay + - OneWeek + - OneMonth + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RetryOptions: + $ref: '#/components/schemas/ElasticsearchRetryOptions' + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + S3BackupMode: + type: string + enum: + - FailedDocumentsOnly + - AllDocuments + S3Configuration: + $ref: '#/components/schemas/S3DestinationConfiguration' + ClusterEndpoint: + type: string + minLength: 1 + maxLength: 512 + pattern: https:.* + TypeName: + type: string + minLength: 0 + maxLength: 100 + VpcConfiguration: + $ref: '#/components/schemas/VpcConfiguration' + DocumentIdOptions: + $ref: '#/components/schemas/DocumentIdOptions' + required: + - IndexName + - S3Configuration + - RoleARN + AmazonopensearchserviceDestinationConfiguration: + type: object + additionalProperties: false + properties: + BufferingHints: + $ref: '#/components/schemas/AmazonopensearchserviceBufferingHints' + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + DomainARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + IndexName: + type: string + minLength: 1 + maxLength: 80 + IndexRotationPeriod: + type: string + enum: + - NoRotation + - OneHour + - OneDay + - OneWeek + - OneMonth + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RetryOptions: + $ref: '#/components/schemas/AmazonopensearchserviceRetryOptions' + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + S3BackupMode: + type: string + enum: + - FailedDocumentsOnly + - AllDocuments + S3Configuration: + $ref: '#/components/schemas/S3DestinationConfiguration' + ClusterEndpoint: + type: string + minLength: 1 + maxLength: 512 + pattern: https:.* + TypeName: + type: string + minLength: 0 + maxLength: 100 + VpcConfiguration: + $ref: '#/components/schemas/VpcConfiguration' + DocumentIdOptions: + $ref: '#/components/schemas/DocumentIdOptions' + required: + - IndexName + - S3Configuration + - RoleARN + AmazonOpenSearchServerlessDestinationConfiguration: + type: object + additionalProperties: false + properties: + BufferingHints: + $ref: '#/components/schemas/AmazonOpenSearchServerlessBufferingHints' + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + IndexName: + type: string + minLength: 1 + maxLength: 80 + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RetryOptions: + $ref: '#/components/schemas/AmazonOpenSearchServerlessRetryOptions' + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + S3BackupMode: + type: string + enum: + - FailedDocumentsOnly + - AllDocuments + S3Configuration: + $ref: '#/components/schemas/S3DestinationConfiguration' + CollectionEndpoint: + type: string + minLength: 1 + maxLength: 512 + pattern: https:.* + VpcConfiguration: + $ref: '#/components/schemas/VpcConfiguration' + required: + - IndexName + - S3Configuration + - RoleARN + SnowflakeDestinationConfiguration: + type: object + additionalProperties: false + properties: + AccountUrl: + type: string + minLength: 24 + maxLength: 2048 + pattern: .+?\.snowflakecomputing\.com + PrivateKey: + type: string + minLength: 256 + maxLength: 4096 + pattern: ^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$ + KeyPassphrase: + type: string + minLength: 7 + maxLength: 255 + User: + type: string + minLength: 1 + maxLength: 255 + Database: + type: string + minLength: 1 + maxLength: 255 + Schema: + type: string + minLength: 1 + maxLength: 255 + Table: + type: string + minLength: 1 + maxLength: 255 + SnowflakeRoleConfiguration: + $ref: '#/components/schemas/SnowflakeRoleConfiguration' + DataLoadingOption: + type: string + enum: + - JSON_MAPPING + - VARIANT_CONTENT_MAPPING + - VARIANT_CONTENT_AND_METADATA_MAPPING + MetaDataColumnName: + type: string + minLength: 1 + maxLength: 255 + ContentColumnName: + type: string + minLength: 1 + maxLength: 255 + SnowflakeVpcConfiguration: + $ref: '#/components/schemas/SnowflakeVpcConfiguration' + CloudWatchLoggingOptions: + $ref: '#/components/schemas/CloudWatchLoggingOptions' + ProcessingConfiguration: + $ref: '#/components/schemas/ProcessingConfiguration' + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + RetryOptions: + $ref: '#/components/schemas/SnowflakeRetryOptions' + S3BackupMode: + type: string + enum: + - FailedDataOnly + - AllData + S3Configuration: + $ref: '#/components/schemas/S3DestinationConfiguration' + required: + - AccountUrl + - PrivateKey + - User + - Database + - Schema + - Table + - RoleARN + - S3Configuration + BufferingHints: + type: object + additionalProperties: false + properties: + IntervalInSeconds: + type: integer + SizeInMBs: + type: integer + ProcessingConfiguration: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + Processors: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Processor' + SplunkRetryOptions: + type: object + additionalProperties: false + properties: + DurationInSeconds: + type: integer + ElasticsearchRetryOptions: + type: object + additionalProperties: false + properties: + DurationInSeconds: + type: integer + AmazonopensearchserviceRetryOptions: + type: object + additionalProperties: false + properties: + DurationInSeconds: + type: integer + AmazonOpenSearchServerlessRetryOptions: + type: object + additionalProperties: false + properties: + DurationInSeconds: + type: integer + SnowflakeRetryOptions: + type: object + additionalProperties: false + properties: + DurationInSeconds: + type: integer + RedshiftRetryOptions: + type: object + additionalProperties: false + properties: + DurationInSeconds: + type: integer + RetryOptions: + type: object + additionalProperties: false + properties: + DurationInSeconds: + type: integer + DataFormatConversionConfiguration: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + InputFormatConfiguration: + $ref: '#/components/schemas/InputFormatConfiguration' + OutputFormatConfiguration: + $ref: '#/components/schemas/OutputFormatConfiguration' + SchemaConfiguration: + $ref: '#/components/schemas/SchemaConfiguration' + DynamicPartitioningConfiguration: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + RetryOptions: + $ref: '#/components/schemas/RetryOptions' + CopyCommand: + type: object + additionalProperties: false + properties: + CopyOptions: + type: string + minLength: 0 + maxLength: 204800 + DataTableColumns: + type: string + minLength: 0 + maxLength: 204800 + DataTableName: + type: string + minLength: 1 + maxLength: 512 + required: + - DataTableName + EncryptionConfiguration: + type: object + additionalProperties: false + properties: + KMSEncryptionConfig: + $ref: '#/components/schemas/KMSEncryptionConfig' + NoEncryptionConfig: + type: string + enum: + - NoEncryption + ElasticsearchBufferingHints: + type: object + additionalProperties: false + properties: + IntervalInSeconds: + type: integer + SizeInMBs: + type: integer + AmazonopensearchserviceBufferingHints: + type: object + additionalProperties: false + properties: + IntervalInSeconds: + type: integer + SizeInMBs: + type: integer + AmazonOpenSearchServerlessBufferingHints: + type: object + additionalProperties: false + properties: + IntervalInSeconds: + type: integer + SizeInMBs: + type: integer + SplunkBufferingHints: + type: object + additionalProperties: false + properties: + IntervalInSeconds: + type: integer + SizeInMBs: + type: integer + CloudWatchLoggingOptions: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + LogGroupName: + type: string + LogStreamName: + type: string + OutputFormatConfiguration: + type: object + additionalProperties: false + properties: + Serializer: + $ref: '#/components/schemas/Serializer' + Processor: + type: object + additionalProperties: false + properties: + Parameters: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/ProcessorParameter' + Type: + type: string + enum: + - RecordDeAggregation + - Decompression + - CloudWatchLogProcessing + - Lambda + - MetadataExtraction + - AppendDelimiterToRecord + required: + - Type + KMSEncryptionConfig: + type: object + additionalProperties: false + properties: + AWSKMSKeyARN: + type: string + required: + - AWSKMSKeyARN + InputFormatConfiguration: + type: object + additionalProperties: false + properties: + Deserializer: + $ref: '#/components/schemas/Deserializer' + SchemaConfiguration: + type: object + additionalProperties: false + properties: + CatalogId: + type: string + DatabaseName: + type: string + Region: + type: string + RoleARN: + type: string + minLength: 1 + maxLength: 512 + pattern: arn:.* + TableName: + type: string + VersionId: + type: string + Serializer: + type: object + additionalProperties: false + properties: + OrcSerDe: + $ref: '#/components/schemas/OrcSerDe' + ParquetSerDe: + $ref: '#/components/schemas/ParquetSerDe' + ProcessorParameter: + type: object + additionalProperties: false + properties: + ParameterName: + type: string + ParameterValue: + type: string + required: + - ParameterValue + - ParameterName + Deserializer: + type: object + additionalProperties: false + properties: + HiveJsonSerDe: + $ref: '#/components/schemas/HiveJsonSerDe' + OpenXJsonSerDe: + $ref: '#/components/schemas/OpenXJsonSerDe' + HiveJsonSerDe: + type: object + additionalProperties: false + properties: + TimestampFormats: + type: array + uniqueItems: true + items: + type: string + OrcSerDe: + type: object + additionalProperties: false + properties: + BlockSizeBytes: + type: integer + BloomFilterColumns: + type: array + uniqueItems: true + items: + type: string + BloomFilterFalsePositiveProbability: + type: number + Compression: + type: string + DictionaryKeyThreshold: + type: number + EnablePadding: + type: boolean + FormatVersion: + type: string + PaddingTolerance: + type: number + RowIndexStride: + type: integer + StripeSizeBytes: + type: integer + ParquetSerDe: + type: object + additionalProperties: false + properties: + BlockSizeBytes: + type: integer + Compression: + type: string + EnableDictionaryCompression: + type: boolean + MaxPaddingBytes: + type: integer + PageSizeBytes: + type: integer + WriterVersion: + type: string + OpenXJsonSerDe: + type: object + additionalProperties: false + properties: + CaseInsensitive: + type: boolean + ColumnToJsonKeyMappings: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + ConvertDotsInJsonKeysToUnderscores: + type: boolean + HttpEndpointRequestConfiguration: + type: object + additionalProperties: false + properties: + ContentEncoding: + type: string + enum: + - NONE + - GZIP + CommonAttributes: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/HttpEndpointCommonAttribute' + minItems: 0 + maxItems: 50 + HttpEndpointCommonAttribute: + type: object + additionalProperties: false + properties: + AttributeName: + type: string + minLength: 1 + maxLength: 256 + AttributeValue: + type: string + minLength: 0 + maxLength: 1024 + required: + - AttributeName + - AttributeValue + HttpEndpointConfiguration: + type: object + additionalProperties: false + properties: + Url: + type: string + minLength: 1 + maxLength: 1000 + AccessKey: + type: string + minLength: 0 + maxLength: 4096 + Name: + type: string + minLength: 1 + maxLength: 256 + required: + - Url + SnowflakeRoleConfiguration: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + SnowflakeRole: + type: string + minLength: 1 + maxLength: 255 + SnowflakeVpcConfiguration: + type: object + additionalProperties: false + properties: + PrivateLinkVpceId: + type: string + minLength: 47 + maxLength: 255 + pattern: ([a-zA-Z0-9\-\_]+\.){2,3}vpce\.[a-zA-Z0-9\-]*\.vpce-svc\-[a-zA-Z0-9\-]{17}$ + required: + - PrivateLinkVpceId + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + pattern: ^(?!aws:)[\p{L}\p{Z}\p{N}_.:\/=+\-@%]*$ + minLength: 1 + maxLength: 128 + Value: + type: string + pattern: ^[\p{L}\p{Z}\p{N}_.:\/=+\-@%]*$ + minLength: 0 + maxLength: 256 + required: + - Key + DeliveryStream: + type: object + properties: + Arn: + type: string + DeliveryStreamEncryptionConfigurationInput: + $ref: '#/components/schemas/DeliveryStreamEncryptionConfigurationInput' + DeliveryStreamName: + type: string + minLength: 1 + maxLength: 64 + pattern: '[a-zA-Z0-9._-]+' + DeliveryStreamType: + type: string + enum: + - DirectPut + - KinesisStreamAsSource + - MSKAsSource + ElasticsearchDestinationConfiguration: + $ref: '#/components/schemas/ElasticsearchDestinationConfiguration' + AmazonopensearchserviceDestinationConfiguration: + $ref: '#/components/schemas/AmazonopensearchserviceDestinationConfiguration' + AmazonOpenSearchServerlessDestinationConfiguration: + $ref: '#/components/schemas/AmazonOpenSearchServerlessDestinationConfiguration' + ExtendedS3DestinationConfiguration: + $ref: '#/components/schemas/ExtendedS3DestinationConfiguration' + KinesisStreamSourceConfiguration: + $ref: '#/components/schemas/KinesisStreamSourceConfiguration' + MSKSourceConfiguration: + $ref: '#/components/schemas/MSKSourceConfiguration' + RedshiftDestinationConfiguration: + $ref: '#/components/schemas/RedshiftDestinationConfiguration' + S3DestinationConfiguration: + $ref: '#/components/schemas/S3DestinationConfiguration' + SplunkDestinationConfiguration: + $ref: '#/components/schemas/SplunkDestinationConfiguration' + HttpEndpointDestinationConfiguration: + $ref: '#/components/schemas/HttpEndpointDestinationConfiguration' + SnowflakeDestinationConfiguration: + $ref: '#/components/schemas/SnowflakeDestinationConfiguration' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + maxItems: 50 + x-stackql-resource-name: delivery_stream + x-stackql-primaryIdentifier: + - DeliveryStreamName + x-create-only-properties: + - DeliveryStreamName + - DeliveryStreamType + - ElasticsearchDestinationConfiguration/VpcConfiguration + - AmazonopensearchserviceDestinationConfiguration/VpcConfiguration + - AmazonOpenSearchServerlessDestinationConfiguration/VpcConfiguration + - KinesisStreamSourceConfiguration + - MSKSourceConfiguration + - SnowflakeDestinationConfiguration/SnowflakeVpcConfiguration + x-read-only-properties: + - Arn + x-required-permissions: + create: + - firehose:CreateDeliveryStream + - firehose:DescribeDeliveryStream + - iam:GetRole + - iam:PassRole + - kms:CreateGrant + - kms:DescribeKey + read: + - firehose:DescribeDeliveryStream + - firehose:ListTagsForDeliveryStream + update: + - firehose:UpdateDestination + - firehose:DescribeDeliveryStream + - firehose:StartDeliveryStreamEncryption + - firehose:StopDeliveryStreamEncryption + - firehose:ListTagsForDeliveryStream + - firehose:TagDeliveryStream + - firehose:UntagDeliveryStream + - kms:CreateGrant + - kms:RevokeGrant + - kms:DescribeKey + delete: + - firehose:DeleteDeliveryStream + - firehose:DescribeDeliveryStream + - kms:RevokeGrant + - kms:DescribeKey + list: + - firehose:ListDeliveryStreams + x-stackQL-resources: + delivery_streams: + name: delivery_streams + id: awscc.kinesisfirehose.delivery_streams + x-cfn-schema-name: DeliveryStream + x-type: list + x-identifiers: + - DeliveryStreamName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeliveryStreamName') as delivery_stream_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisFirehose::DeliveryStream' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeliveryStreamName') as delivery_stream_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisFirehose::DeliveryStream' + AND region = 'us-east-1' + delivery_stream: + name: delivery_stream + id: awscc.kinesisfirehose.delivery_stream + x-cfn-schema-name: DeliveryStream + x-type: get + x-identifiers: + - DeliveryStreamName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DeliveryStreamEncryptionConfigurationInput') as delivery_stream_encryption_configuration_input, + JSON_EXTRACT(Properties, '$.DeliveryStreamName') as delivery_stream_name, + JSON_EXTRACT(Properties, '$.DeliveryStreamType') as delivery_stream_type, + JSON_EXTRACT(Properties, '$.ElasticsearchDestinationConfiguration') as elasticsearch_destination_configuration, + JSON_EXTRACT(Properties, '$.AmazonopensearchserviceDestinationConfiguration') as amazonopensearchservice_destination_configuration, + JSON_EXTRACT(Properties, '$.AmazonOpenSearchServerlessDestinationConfiguration') as amazon_open_search_serverless_destination_configuration, + JSON_EXTRACT(Properties, '$.ExtendedS3DestinationConfiguration') as extended_s3_destination_configuration, + JSON_EXTRACT(Properties, '$.KinesisStreamSourceConfiguration') as kinesis_stream_source_configuration, + JSON_EXTRACT(Properties, '$.MSKSourceConfiguration') as m_sk_source_configuration, + JSON_EXTRACT(Properties, '$.RedshiftDestinationConfiguration') as redshift_destination_configuration, + JSON_EXTRACT(Properties, '$.S3DestinationConfiguration') as s3_destination_configuration, + JSON_EXTRACT(Properties, '$.SplunkDestinationConfiguration') as splunk_destination_configuration, + JSON_EXTRACT(Properties, '$.HttpEndpointDestinationConfiguration') as http_endpoint_destination_configuration, + JSON_EXTRACT(Properties, '$.SnowflakeDestinationConfiguration') as snowflake_destination_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisFirehose::DeliveryStream' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DeliveryStreamEncryptionConfigurationInput') as delivery_stream_encryption_configuration_input, + json_extract_path_text(Properties, 'DeliveryStreamName') as delivery_stream_name, + json_extract_path_text(Properties, 'DeliveryStreamType') as delivery_stream_type, + json_extract_path_text(Properties, 'ElasticsearchDestinationConfiguration') as elasticsearch_destination_configuration, + json_extract_path_text(Properties, 'AmazonopensearchserviceDestinationConfiguration') as amazonopensearchservice_destination_configuration, + json_extract_path_text(Properties, 'AmazonOpenSearchServerlessDestinationConfiguration') as amazon_open_search_serverless_destination_configuration, + json_extract_path_text(Properties, 'ExtendedS3DestinationConfiguration') as extended_s3_destination_configuration, + json_extract_path_text(Properties, 'KinesisStreamSourceConfiguration') as kinesis_stream_source_configuration, + json_extract_path_text(Properties, 'MSKSourceConfiguration') as m_sk_source_configuration, + json_extract_path_text(Properties, 'RedshiftDestinationConfiguration') as redshift_destination_configuration, + json_extract_path_text(Properties, 'S3DestinationConfiguration') as s3_destination_configuration, + json_extract_path_text(Properties, 'SplunkDestinationConfiguration') as splunk_destination_configuration, + json_extract_path_text(Properties, 'HttpEndpointDestinationConfiguration') as http_endpoint_destination_configuration, + json_extract_path_text(Properties, 'SnowflakeDestinationConfiguration') as snowflake_destination_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisFirehose::DeliveryStream' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kinesisvideo.yaml b/providers/src/awscc/v00.00.00000/services/kinesisvideo.yaml new file mode 100644 index 00000000..58e6dd39 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kinesisvideo.yaml @@ -0,0 +1,266 @@ +openapi: 3.0.0 +info: + title: KinesisVideo + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associated with the Kinesis Video Stream. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. Specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The following characters can be used: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. Specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. The following characters can be used: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + SignalingChannel: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the Kinesis Video Signaling Channel. + type: string + Name: + description: The name of the Kinesis Video Signaling Channel. + type: string + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z0-9_.-]+' + Type: + description: The type of the Kinesis Video Signaling Channel to create. Currently, SINGLE_MASTER is the only supported channel type. + type: string + enum: + - SINGLE_MASTER + MessageTtlSeconds: + description: The period of time a signaling channel retains undelivered messages before they are discarded. + type: integer + minimum: 5 + maximum: 120 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + maxItems: 50 + required: [] + x-stackql-resource-name: signaling_channel + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - kinesisvideo:CreateSignalingChannel + - kinesisvideo:DescribeSignalingChannel + read: + - kinesisvideo:DescribeSignalingChannel + update: + - kinesisvideo:UpdateSignalingChannel + - kinesisvideo:DescribeSignalingChannel + delete: + - kinesisvideo:DeleteSignalingChannel + - kinesisvideo:DescribeSignalingChannel + Stream: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the Kinesis Video stream. + type: string + Name: + description: The name of the Kinesis Video stream. + type: string + minLength: 1 + maxLength: 256 + pattern: '[a-zA-Z0-9_.-]+' + DataRetentionInHours: + description: The number of hours till which Kinesis Video will retain the data in the stream + type: integer + minimum: 0 + maximum: 87600 + DeviceName: + description: The name of the device that is writing to the stream. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9_.-]+' + KmsKeyId: + description: AWS KMS key ID that Kinesis Video Streams uses to encrypt stream data. + type: string + minLength: 1 + maxLength: 2048 + pattern: .+ + MediaType: + description: The media type of the stream. Consumers of the stream can use this information when processing the stream. + type: string + minLength: 1 + maxLength: 128 + pattern: '[\w\-\.\+]+/[\w\-\.\+]+(,[\w\-\.\+]+/[\w\-\.\+]+)*' + Tags: + description: An array of key-value pairs associated with the Kinesis Video Stream. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + maxItems: 50 + required: [] + x-stackql-resource-name: stream + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - kinesisvideo:DescribeStream + - kinesisvideo:CreateStream + read: + - kinesisvideo:DescribeStream + update: + - kinesisvideo:DescribeStream + - kinesisvideo:UpdateStream + - kinesisvideo:UpdateDataRetention + delete: + - kinesisvideo:DescribeStream + - kinesisvideo:DeleteStream + x-stackQL-resources: + signaling_channels: + name: signaling_channels + id: awscc.kinesisvideo.signaling_channels + x-cfn-schema-name: SignalingChannel + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisVideo::SignalingChannel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisVideo::SignalingChannel' + AND region = 'us-east-1' + signaling_channel: + name: signaling_channel + id: awscc.kinesisvideo.signaling_channel + x-cfn-schema-name: SignalingChannel + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.MessageTtlSeconds') as message_ttl_seconds, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisVideo::SignalingChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'MessageTtlSeconds') as message_ttl_seconds, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisVideo::SignalingChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + streams: + name: streams + id: awscc.kinesisvideo.streams + x-cfn-schema-name: Stream + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisVideo::Stream' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KinesisVideo::Stream' + AND region = 'us-east-1' + kinesisvideo_stream: + name: kinesisvideo_stream + id: awscc.kinesisvideo.kinesisvideo_stream + x-cfn-schema-name: Stream + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DataRetentionInHours') as data_retention_in_hours, + JSON_EXTRACT(Properties, '$.DeviceName') as device_name, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.MediaType') as media_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisVideo::Stream' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DataRetentionInHours') as data_retention_in_hours, + json_extract_path_text(Properties, 'DeviceName') as device_name, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'MediaType') as media_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KinesisVideo::Stream' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/kms.yaml b/providers/src/awscc/v00.00.00000/services/kms.yaml new file mode 100644 index 00000000..e244e9c7 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/kms.yaml @@ -0,0 +1,506 @@ +openapi: 3.0.0 +info: + title: KMS + version: 1.0.0 +paths: {} +components: + schemas: + Alias: + type: object + properties: + TargetKeyId: + minLength: 1 + description: |- + Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region. + A valid key ID is required. If you supply a null or empty string value, this operation returns an error. + For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*. + Specify the key ID or the key ARN of the KMS key. + For example: + + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` + + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` + + To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html). + type: string + maxLength: 256 + AliasName: + minLength: 1 + pattern: ^(alias/)[a-zA-Z0-9:/_-]+$ + description: |- + Specifies the alias name. This value must begin with ``alias/`` followed by a name, such as ``alias/ExampleAlias``. + If you change the value of the ``AliasName`` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). + The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with ``alias/aws/``. The ``alias/aws/`` prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). + type: string + maxLength: 256 + required: + - AliasName + - TargetKeyId + x-stackql-resource-name: alias + x-stackql-primaryIdentifier: + - AliasName + x-create-only-properties: + - AliasName + x-required-permissions: + read: + - kms:ListAliases + create: + - kms:CreateAlias + update: + - kms:UpdateAlias + list: + - kms:ListAliases + delete: + - kms:DeleteAlias + Tag: + description: A key-value pair to associate with a resource. + additionalProperties: false + type: object + properties: + Value: + minLength: 0 + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + maxLength: 256 + Key: + minLength: 1 + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + maxLength: 128 + required: + - Key + - Value + Key: + type: object + properties: + Description: + description: A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use. + type: string + minLength: 0 + maxLength: 8192 + Enabled: + description: |- + Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations. + When ``Enabled`` is ``true``, the *key state* of the KMS key is ``Enabled``. When ``Enabled`` is ``false``, the key state of the KMS key is ``Disabled``. The default value is ``true``. + The actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html), [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html), or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. + For information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*. + type: boolean + EnableKeyRotation: + description: |- + Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled. + KMS supports automatic rotation only for symmetric encryption KMS keys (``KeySpec`` = ``SYMMETRIC_DEFAULT``). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin ``EXTERNAL``, omit the ``EnableKeyRotation`` property or set it to ``false``. + To enable automatic key rotation of the key material for a multi-Region KMS key, set ``EnableKeyRotation`` to ``true`` on the primary key (created by using ``AWS::KMS::Key``). KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *Developer Guide*. + When you enable automatic rotation, KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. KMS retains all key material until you delete the KMS key. Fo + type: boolean + KeyPolicy: + description: |- + The key policy to attach to the KMS key. + If you provide a key policy, it must meet the following criteria: + + The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *Developer Guide*. (To omit this condition, set ``BypassPolicyLockoutSafetyCheck`` to true.) + + Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see [ + type: object + default: |- + { + "Version": "2012-10-17", + "Id": "key-default", + "Statement": [ + { + "Sid": "Enable IAM User Permissions", + "Effect": "Allow", + "Principal": { + "AWS": "arn::iam:::root" + }, + "Action": "kms:*", + "Resource": "*" + } + ] + } + KeyUsage: + description: |- + Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is ``ENCRYPT_DECRYPT``. This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the ``KeyUsage`` value after the KMS key is created. + If you change the value of the ``KeyUsage`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value. + Select only one valid value. + + For symmetric encryption KMS keys, omit the property or specify ``ENCRYPT_DECRYPT``. + + For asymmetric KMS keys with RSA key material, specify ``ENCRYPT_DECRYPT`` or ``SIGN_VERIFY``. + + For asymmetric KMS keys with ECC key material, specify + type: string + default: ENCRYPT_DECRYPT + enum: + - ENCRYPT_DECRYPT + - SIGN_VERIFY + - GENERATE_VERIFY_MAC + Origin: + description: |- + The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is ``AWS_KMS``, which means that KMS creates the key material. + To [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to ``EXTERNAL``. For more information about importing key material into KMS, see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *Developer Guide*. + You can ignore ``ENABLED`` when Origin is ``EXTERNAL``. When a KMS key with Origin ``EXTERNAL`` is created, the key state is ``PENDING_IMPORT`` and ``ENABLED`` is ``false``. After you import the key material, ``ENABLED`` updated to ``true``. The KMS key can then be used for Cryptographic Operations. + CFN doesn't support creating an ``Origin`` parameter of the ``AWS_CLOUDHSM`` or ``EXTERNAL_KEY_STORE`` values. + type: string + default: AWS_KMS + enum: + - AWS_KMS + - EXTERNAL + KeySpec: + description: >- + Specifies the type of KMS key to create. The default value, ``SYMMETRIC_DEFAULT``, creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, ``SYMMETRIC_DEFAULT`` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the ``KeySpec`` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in + the *Developer Guide*. + The ``KeySpec`` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *Developer Guide*. + If you change the value of the ``KeySpec`` property on an existing KMS key, the u + type: string + default: SYMMETRIC_DEFAULT + enum: + - SYMMETRIC_DEFAULT + - RSA_2048 + - RSA_3072 + - RSA_4096 + - ECC_NIST_P256 + - ECC_NIST_P384 + - ECC_NIST_P521 + - ECC_SECG_P256K1 + - HMAC_224 + - HMAC_256 + - HMAC_384 + - HMAC_512 + - SM2 + MultiRegion: + description: |- + Creates a multi-Region primary key that you can replicate in other AWS-Regions. You can't change the ``MultiRegion`` value after the KMS key is created. + For a list of AWS-Regions in which multi-Region keys are supported, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the **. + If you change the value of the ``MultiRegion`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value. + For a multi-Region key, set to this property to ``true``. For a single-Region key, omit this property or set it to ``false``. The default value is ``false``. + *Multi-Region keys* are an KMS feature that lets you create multiple interoperable KMS keys in different AWS-Regions. Bec + type: boolean + default: false + PendingWindowInDays: + description: |- + Specifies the number of days in the waiting period before KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days. + When you remove a KMS key from a CloudFormation stack, KMS schedules the KMS key for deletion and starts the mandatory waiting period. The ``PendingWindowInDays`` property determines the length of waiting period. During the waiting period, the key state of KMS key is ``Pending Deletion`` or ``Pending Replica Deletion``, which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, KMS permanently deletes the KMS key. + KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to ``PendingReplicaDeletion`` so it cannot be replicated or used in cryptographic ope + type: integer + minimum: 7 + maximum: 30 + Tags: + description: |- + Assigns one or more tags to the replica key. + Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *Developer Guide*. + For information about tags in KMS, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *Developer Guide*. For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + type: string + description: '' + KeyId: + type: string + description: '' + BypassPolicyLockoutSafetyCheck: + description: |- + Skips ("bypasses") the key policy lockout safety check. The default value is false. + Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately. + For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *Developer Guide*. + Use this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. + type: boolean + default: false + x-stackql-resource-name: key + x-stackql-primaryIdentifier: + - KeyId + x-read-only-properties: + - Arn + - KeyId + x-required-permissions: + create: + - kms:CreateKey + - kms:EnableKeyRotation + - kms:DisableKey + - kms:TagResource + - kms:PutKeyPolicy + read: + - kms:DescribeKey + - kms:GetKeyPolicy + - kms:GetKeyRotationStatus + - kms:ListResourceTags + update: + - kms:DescribeKey + - kms:DisableKey + - kms:DisableKeyRotation + - kms:EnableKey + - kms:EnableKeyRotation + - kms:PutKeyPolicy + - kms:TagResource + - kms:UntagResource + - kms:UpdateKeyDescription + - kms:ListResourceTags + delete: + - kms:DescribeKey + - kms:ScheduleKeyDeletion + list: + - kms:ListKeys + - kms:DescribeKey + ReplicaKey: + type: object + properties: + Description: + minLength: 0 + description: A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use. + type: string + maxLength: 8192 + PendingWindowInDays: + description: Specifies the number of days in the waiting period before AWS KMS deletes an AWS KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days. + maximum: 30 + type: integer + minimum: 7 + KeyPolicy: + description: The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules. + type: object + PrimaryKeyArn: + minLength: 1 + description: Identifies the primary AWS KMS key to create a replica of. Specify the Amazon Resource Name (ARN) of the AWS KMS key. You cannot specify an alias or key ID. For help finding the ARN, see Finding the Key ID and ARN in the AWS Key Management Service Developer Guide. + type: string + maxLength: 256 + Enabled: + description: Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations. + type: boolean + KeyId: + type: string + Arn: + type: string + Tags: + uniqueItems: true + description: An array of key-value pairs to apply to this resource. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - PrimaryKeyArn + - KeyPolicy + x-stackql-resource-name: replica_key + x-stackql-primaryIdentifier: + - KeyId + x-create-only-properties: + - PrimaryKeyArn + x-read-only-properties: + - Arn + - KeyId + x-required-permissions: + read: + - kms:DescribeKey + - kms:GetKeyPolicy + - kms:ListResourceTags + create: + - kms:ReplicateKey + - kms:CreateKey + - kms:DescribeKey + - kms:DisableKey + - kms:TagResource + update: + - kms:DescribeKey + - kms:DisableKey + - kms:EnableKey + - kms:PutKeyPolicy + - kms:TagResource + - kms:UntagResource + - kms:UpdateKeyDescription + list: + - kms:ListKeys + - kms:DescribeKey + delete: + - kms:DescribeKey + - kms:ScheduleKeyDeletion + x-stackQL-resources: + aliases: + name: aliases + id: awscc.kms.aliases + x-cfn-schema-name: Alias + x-type: list + x-identifiers: + - AliasName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AliasName') as alias_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KMS::Alias' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AliasName') as alias_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KMS::Alias' + AND region = 'us-east-1' + alias: + name: alias + id: awscc.kms.alias + x-cfn-schema-name: Alias + x-type: get + x-identifiers: + - AliasName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetKeyId') as target_key_id, + JSON_EXTRACT(Properties, '$.AliasName') as alias_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KMS::Alias' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetKeyId') as target_key_id, + json_extract_path_text(Properties, 'AliasName') as alias_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KMS::Alias' + AND data__Identifier = '' + AND region = 'us-east-1' + keys: + name: keys + id: awscc.kms.keys + x-cfn-schema-name: Key + x-type: list + x-identifiers: + - KeyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyId') as key_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KMS::Key' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyId') as key_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KMS::Key' + AND region = 'us-east-1' + key: + name: key + id: awscc.kms.key + x-cfn-schema-name: Key + x-type: get + x-identifiers: + - KeyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.EnableKeyRotation') as enable_key_rotation, + JSON_EXTRACT(Properties, '$.KeyPolicy') as key_policy, + JSON_EXTRACT(Properties, '$.KeyUsage') as key_usage, + JSON_EXTRACT(Properties, '$.Origin') as origin, + JSON_EXTRACT(Properties, '$.KeySpec') as key_spec, + JSON_EXTRACT(Properties, '$.MultiRegion') as multi_region, + JSON_EXTRACT(Properties, '$.PendingWindowInDays') as pending_window_in_days, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.KeyId') as key_id, + JSON_EXTRACT(Properties, '$.BypassPolicyLockoutSafetyCheck') as bypass_policy_lockout_safety_check + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KMS::Key' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'EnableKeyRotation') as enable_key_rotation, + json_extract_path_text(Properties, 'KeyPolicy') as key_policy, + json_extract_path_text(Properties, 'KeyUsage') as key_usage, + json_extract_path_text(Properties, 'Origin') as origin, + json_extract_path_text(Properties, 'KeySpec') as key_spec, + json_extract_path_text(Properties, 'MultiRegion') as multi_region, + json_extract_path_text(Properties, 'PendingWindowInDays') as pending_window_in_days, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'KeyId') as key_id, + json_extract_path_text(Properties, 'BypassPolicyLockoutSafetyCheck') as bypass_policy_lockout_safety_check + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KMS::Key' + AND data__Identifier = '' + AND region = 'us-east-1' + replica_keys: + name: replica_keys + id: awscc.kms.replica_keys + x-cfn-schema-name: ReplicaKey + x-type: list + x-identifiers: + - KeyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyId') as key_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KMS::ReplicaKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyId') as key_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::KMS::ReplicaKey' + AND region = 'us-east-1' + replica_key: + name: replica_key + id: awscc.kms.replica_key + x-cfn-schema-name: ReplicaKey + x-type: get + x-identifiers: + - KeyId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.PendingWindowInDays') as pending_window_in_days, + JSON_EXTRACT(Properties, '$.KeyPolicy') as key_policy, + JSON_EXTRACT(Properties, '$.PrimaryKeyArn') as primary_key_arn, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.KeyId') as key_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KMS::ReplicaKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'PendingWindowInDays') as pending_window_in_days, + json_extract_path_text(Properties, 'KeyPolicy') as key_policy, + json_extract_path_text(Properties, 'PrimaryKeyArn') as primary_key_arn, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'KeyId') as key_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::KMS::ReplicaKey' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/lakeformation.yaml b/providers/src/awscc/v00.00.00000/services/lakeformation.yaml new file mode 100644 index 00000000..57662075 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/lakeformation.yaml @@ -0,0 +1,680 @@ +openapi: 3.0.0 +info: + title: LakeFormation + version: 1.0.0 +paths: {} +components: + schemas: + CatalogIdString: + type: string + minLength: 12 + maxLength: 12 + NameString: + type: string + minLength: 1 + maxLength: 255 + RowFilter: + description: An object representing the Data Cells Filter's Row Filter. Either a Filter Expression or a Wildcard is required. + type: object + properties: + FilterExpression: + description: A PartiQL predicate. + type: string + AllRowsWildcard: + description: An empty object representing a row wildcard. + type: object + additionalProperties: false + additionalProperties: false + ColumnNames: + type: array + items: + $ref: '#/components/schemas/NameString' + x-insertionOrder: false + ColumnWildcard: + type: object + properties: + ExcludedColumnNames: + $ref: '#/components/schemas/ColumnNames' + additionalProperties: false + DataCellsFilter: + type: object + properties: + TableCatalogId: + description: The Catalog Id of the Table on which to create a Data Cells Filter. + $ref: '#/components/schemas/CatalogIdString' + DatabaseName: + description: The name of the Database that the Table resides in. + $ref: '#/components/schemas/NameString' + TableName: + description: The name of the Table to create a Data Cells Filter for. + $ref: '#/components/schemas/NameString' + Name: + description: The desired name of the Data Cells Filter. + $ref: '#/components/schemas/NameString' + RowFilter: + description: An object representing the Data Cells Filter's Row Filter. Either a Filter Expression or a Wildcard is required + $ref: '#/components/schemas/RowFilter' + ColumnNames: + description: A list of columns to be included in this Data Cells Filter. + $ref: '#/components/schemas/ColumnNames' + ColumnWildcard: + description: An object representing the Data Cells Filter's Columns. Either Column Names or a Wildcard is required + $ref: '#/components/schemas/ColumnWildcard' + required: + - TableCatalogId + - DatabaseName + - TableName + - Name + x-stackql-resource-name: data_cells_filter + x-stackql-primaryIdentifier: + - TableCatalogId + - DatabaseName + - TableName + - Name + x-create-only-properties: + - TableCatalogId + - DatabaseName + - TableName + - Name + - RowFilter + - ColumnNames + - ColumnWildcard + x-required-permissions: + create: + - lakeformation:CreateDataCellsFilter + - glue:GetTable + delete: + - lakeformation:DeleteDataCellsFilter + read: + - lakeformation:ListDataCellsFilter + list: + - lakeformation:ListDataCellsFilter + PathString: + type: string + ResourceArnString: + type: string + IAMRoleArn: + type: string + pattern: arn:*:iam::[0-9]*:role/.* + LFTag: + type: object + properties: + TagKey: + $ref: '#/components/schemas/LFTagKey' + TagValues: + $ref: '#/components/schemas/TagValueList' + additionalProperties: false + LFTagPair: + type: object + properties: + CatalogId: + $ref: '#/components/schemas/CatalogIdString' + TagKey: + $ref: '#/components/schemas/LFTagKey' + TagValues: + $ref: '#/components/schemas/TagValueList' + required: + - CatalogId + - TagKey + - TagValues + additionalProperties: false + LFTagsList: + type: array + items: + $ref: '#/components/schemas/LFTagPair' + x-insertionOrder: false + Expression: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/LFTag' + minItems: 1 + maxItems: 5 + DataLakePrincipalString: + type: string + minLength: 1 + maxLength: 255 + DataLakePrincipal: + type: object + properties: + DataLakePrincipalIdentifier: + $ref: '#/components/schemas/DataLakePrincipalString' + additionalProperties: false + ResourceType: + type: string + enum: + - DATABASE + - TABLE + CatalogResource: + type: object + additionalProperties: false + DatabaseResource: + type: object + properties: + CatalogId: + $ref: '#/components/schemas/CatalogIdString' + Name: + $ref: '#/components/schemas/NameString' + required: + - CatalogId + - Name + additionalProperties: false + TableWildcard: + type: object + additionalProperties: false + TableResource: + type: object + properties: + CatalogId: + $ref: '#/components/schemas/CatalogIdString' + DatabaseName: + $ref: '#/components/schemas/NameString' + Name: + $ref: '#/components/schemas/NameString' + TableWildcard: + $ref: '#/components/schemas/TableWildcard' + required: + - CatalogId + - DatabaseName + additionalProperties: false + TableWithColumnsResource: + type: object + properties: + CatalogId: + $ref: '#/components/schemas/CatalogIdString' + DatabaseName: + $ref: '#/components/schemas/NameString' + Name: + $ref: '#/components/schemas/NameString' + ColumnNames: + $ref: '#/components/schemas/ColumnNames' + required: + - CatalogId + - DatabaseName + - Name + - ColumnNames + additionalProperties: false + DataLocationResource: + type: object + properties: + CatalogId: + $ref: '#/components/schemas/CatalogIdString' + ResourceArn: + $ref: '#/components/schemas/ResourceArnString' + additionalProperties: false + required: + - CatalogId + - ResourceArn + DataCellsFilterResource: + type: object + properties: + TableCatalogId: + $ref: '#/components/schemas/CatalogIdString' + DatabaseName: + $ref: '#/components/schemas/NameString' + TableName: + $ref: '#/components/schemas/NameString' + Name: + $ref: '#/components/schemas/NameString' + additionalProperties: false + required: + - TableCatalogId + - DatabaseName + - TableName + - Name + LFTagKeyResource: + type: object + properties: + CatalogId: + $ref: '#/components/schemas/CatalogIdString' + TagKey: + $ref: '#/components/schemas/NameString' + TagValues: + $ref: '#/components/schemas/TagValueList' + additionalProperties: false + required: + - CatalogId + - TagKey + - TagValues + LFTagPolicyResource: + type: object + properties: + CatalogId: + $ref: '#/components/schemas/CatalogIdString' + ResourceType: + $ref: '#/components/schemas/ResourceType' + Expression: + $ref: '#/components/schemas/Expression' + additionalProperties: false + required: + - CatalogId + - ResourceType + - Expression + Resource: + type: object + properties: + Catalog: + $ref: '#/components/schemas/CatalogResource' + Database: + $ref: '#/components/schemas/DatabaseResource' + Table: + $ref: '#/components/schemas/TableResource' + TableWithColumns: + $ref: '#/components/schemas/TableWithColumnsResource' + additionalProperties: false + NullableBoolean: + type: boolean + Permission: + type: string + enum: + - ALL + - SELECT + - ALTER + - DROP + - DELETE + - INSERT + - DESCRIBE + - CREATE_DATABASE + - CREATE_TABLE + - DATA_LOCATION_ACCESS + - CREATE_TAG + - ASSOCIATE + LFTagKey: + type: string + minLength: 1 + maxLength: 128 + LFTagValue: + type: string + minLength: 0 + maxLength: 256 + DataLakePrincipalList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/DataLakePrincipal' + PermissionList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Permission' + TagValueList: + type: array + items: + $ref: '#/components/schemas/LFTagValue' + x-insertionOrder: false + minItems: 1 + maxItems: 50 + PrincipalResourcePair: + type: object + properties: + Principal: + $ref: '#/components/schemas/DataLakePrincipal' + Resource: + $ref: '#/components/schemas/Resource' + additionalProperties: false + required: + - Principal + - Resource + PrincipalPermissions: + type: object + properties: + Catalog: + $ref: '#/components/schemas/CatalogIdString' + Principal: + $ref: '#/components/schemas/DataLakePrincipal' + Resource: + $ref: '#/components/schemas/Resource' + Permissions: + $ref: '#/components/schemas/PermissionList' + PermissionsWithGrantOption: + $ref: '#/components/schemas/PermissionList' + PrincipalIdentifier: + type: string + ResourceIdentifier: + type: string + required: + - Principal + - Resource + - Permissions + - PermissionsWithGrantOption + x-stackql-resource-name: principal_permissions + x-stackql-primaryIdentifier: + - PrincipalIdentifier + - ResourceIdentifier + x-create-only-properties: + - Catalog + - Principal + - Resource + - Permissions + - PermissionsWithGrantOption + x-read-only-properties: + - PrincipalIdentifier + - ResourceIdentifier + x-required-permissions: + create: + - lakeformation:GrantPermissions + - lakeformation:ListPermissions + - glue:GetTable + - glue:GetDatabase + read: + - lakeformation:ListPermissions + - glue:GetTable + - glue:GetDatabase + delete: + - lakeformation:RevokePermissions + - lakeformation:ListPermissions + - glue:GetTable + - glue:GetDatabase + PrincipalPermissionsList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/PrincipalPermissions' + Tag: + type: object + properties: + CatalogId: + description: The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment. + $ref: '#/components/schemas/CatalogIdString' + TagKey: + description: The key-name for the LF-tag. + $ref: '#/components/schemas/LFTagKey' + TagValues: + description: A list of possible values an attribute can take. + $ref: '#/components/schemas/TagValueList' + required: + - TagKey + - TagValues + x-stackql-resource-name: tag + x-stackql-primaryIdentifier: + - TagKey + x-create-only-properties: + - CatalogId + - TagKey + x-required-permissions: + create: + - lakeformation:CreateLFTag + read: + - lakeformation:GetLFTag + update: + - lakeformation:UpdateLFTag + delete: + - lakeformation:DeleteLFTag + list: + - lakeformation:ListLFTags + TagAssociation: + type: object + properties: + Resource: + description: Resource to tag with the Lake Formation Tags + $ref: '#/components/schemas/Resource' + LFTags: + description: List of Lake Formation Tags to associate with the Lake Formation Resource + $ref: '#/components/schemas/LFTagsList' + ResourceIdentifier: + description: Unique string identifying the resource. Used as primary identifier, which ideally should be a string + type: string + TagsIdentifier: + description: Unique string identifying the resource's tags. Used as primary identifier, which ideally should be a string + type: string + required: + - Resource + - LFTags + x-stackql-resource-name: tag_association + x-stackql-primaryIdentifier: + - ResourceIdentifier + - TagsIdentifier + x-create-only-properties: + - Resource + - LFTags + x-read-only-properties: + - ResourceIdentifier + - TagsIdentifier + x-required-permissions: + create: + - lakeformation:AddLFTagsToResource + - glue:GetDatabase + - glue:GetTable + read: + - lakeformation:GetResourceLFTags + - glue:GetDatabase + - glue:GetTable + delete: + - lakeformation:RemoveLFTagsFromResource + - glue:GetDatabase + - glue:GetTable + x-stackQL-resources: + data_cells_filters: + name: data_cells_filters + id: awscc.lakeformation.data_cells_filters + x-cfn-schema-name: DataCellsFilter + x-type: list + x-identifiers: + - TableCatalogId + - DatabaseName + - TableName + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TableCatalogId') as table_catalog_id, + JSON_EXTRACT(Properties, '$.DatabaseName') as database_name, + JSON_EXTRACT(Properties, '$.TableName') as table_name, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LakeFormation::DataCellsFilter' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TableCatalogId') as table_catalog_id, + json_extract_path_text(Properties, 'DatabaseName') as database_name, + json_extract_path_text(Properties, 'TableName') as table_name, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LakeFormation::DataCellsFilter' + AND region = 'us-east-1' + data_cells_filter: + name: data_cells_filter + id: awscc.lakeformation.data_cells_filter + x-cfn-schema-name: DataCellsFilter + x-type: get + x-identifiers: + - TableCatalogId + - DatabaseName + - TableName + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TableCatalogId') as table_catalog_id, + JSON_EXTRACT(Properties, '$.DatabaseName') as database_name, + JSON_EXTRACT(Properties, '$.TableName') as table_name, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RowFilter') as row_filter, + JSON_EXTRACT(Properties, '$.ColumnNames') as column_names, + JSON_EXTRACT(Properties, '$.ColumnWildcard') as column_wildcard + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::DataCellsFilter' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TableCatalogId') as table_catalog_id, + json_extract_path_text(Properties, 'DatabaseName') as database_name, + json_extract_path_text(Properties, 'TableName') as table_name, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RowFilter') as row_filter, + json_extract_path_text(Properties, 'ColumnNames') as column_names, + json_extract_path_text(Properties, 'ColumnWildcard') as column_wildcard + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::DataCellsFilter' + AND data__Identifier = '' + AND region = 'us-east-1' + principal_permissions: + name: principal_permissions + id: awscc.lakeformation.principal_permissions + x-cfn-schema-name: PrincipalPermissions + x-type: get + x-identifiers: + - PrincipalIdentifier + - ResourceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Catalog') as catalog, + JSON_EXTRACT(Properties, '$.Principal') as principal, + JSON_EXTRACT(Properties, '$.Resource') as resource, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.PermissionsWithGrantOption') as permissions_with_grant_option, + JSON_EXTRACT(Properties, '$.PrincipalIdentifier') as principal_identifier, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::PrincipalPermissions' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Catalog') as catalog, + json_extract_path_text(Properties, 'Principal') as principal, + json_extract_path_text(Properties, 'Resource') as resource, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'PermissionsWithGrantOption') as permissions_with_grant_option, + json_extract_path_text(Properties, 'PrincipalIdentifier') as principal_identifier, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::PrincipalPermissions' + AND data__Identifier = '' + AND region = 'us-east-1' + tags: + name: tags + id: awscc.lakeformation.tags + x-cfn-schema-name: Tag + x-type: list + x-identifiers: + - TagKey + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TagKey') as tag_key + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LakeFormation::Tag' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TagKey') as tag_key + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LakeFormation::Tag' + AND region = 'us-east-1' + tag: + name: tag + id: awscc.lakeformation.tag + x-cfn-schema-name: Tag + x-type: get + x-identifiers: + - TagKey + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CatalogId') as catalog_id, + JSON_EXTRACT(Properties, '$.TagKey') as tag_key, + JSON_EXTRACT(Properties, '$.TagValues') as tag_values + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::Tag' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CatalogId') as catalog_id, + json_extract_path_text(Properties, 'TagKey') as tag_key, + json_extract_path_text(Properties, 'TagValues') as tag_values + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::Tag' + AND data__Identifier = '' + AND region = 'us-east-1' + tag_associations: + name: tag_associations + id: awscc.lakeformation.tag_associations + x-cfn-schema-name: TagAssociation + x-type: list + x-identifiers: + - ResourceIdentifier + - TagsIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier, + JSON_EXTRACT(Properties, '$.TagsIdentifier') as tags_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LakeFormation::TagAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier, + json_extract_path_text(Properties, 'TagsIdentifier') as tags_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LakeFormation::TagAssociation' + AND region = 'us-east-1' + tag_association: + name: tag_association + id: awscc.lakeformation.tag_association + x-cfn-schema-name: TagAssociation + x-type: get + x-identifiers: + - ResourceIdentifier + - TagsIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Resource') as resource, + JSON_EXTRACT(Properties, '$.LFTags') as l_ftags, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier, + JSON_EXTRACT(Properties, '$.TagsIdentifier') as tags_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::TagAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Resource') as resource, + json_extract_path_text(Properties, 'LFTags') as l_ftags, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier, + json_extract_path_text(Properties, 'TagsIdentifier') as tags_identifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LakeFormation::TagAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/lambda.yaml b/providers/src/awscc/v00.00.00000/services/lambda.yaml new file mode 100644 index 00000000..415d21f8 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/lambda.yaml @@ -0,0 +1,1954 @@ +openapi: 3.0.0 +info: + title: Lambda + version: 1.0.0 +paths: {} +components: + schemas: + AllowedPublishers: + type: object + description: When the CodeSigningConfig is later on attached to a function, the function code will be expected to be signed by profiles from this list + additionalProperties: false + properties: + SigningProfileVersionArns: + type: array + description: List of Signing profile version Arns + minItems: 1 + maxItems: 20 + items: + type: string + pattern: arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]{2}(-gov)?-[a-z]+-\d{1})?:(\d{12})?:(.*) + minLength: 12 + maxLength: 1024 + required: + - SigningProfileVersionArns + CodeSigningPolicies: + type: object + description: Policies to control how to act if a signature is invalid + additionalProperties: false + properties: + UntrustedArtifactOnDeployment: + type: string + description: Indicates how Lambda operations involve updating the code artifact will operate. Default to Warn if not provided + default: Warn + enum: + - Warn + - Enforce + required: + - UntrustedArtifactOnDeployment + CodeSigningConfig: + type: object + properties: + Description: + description: A description of the CodeSigningConfig + type: string + minLength: 0 + maxLength: 256 + AllowedPublishers: + description: When the CodeSigningConfig is later on attached to a function, the function code will be expected to be signed by profiles from this list + $ref: '#/components/schemas/AllowedPublishers' + CodeSigningPolicies: + description: Policies to control how to act if a signature is invalid + $ref: '#/components/schemas/CodeSigningPolicies' + CodeSigningConfigId: + description: A unique identifier for CodeSigningConfig resource + type: string + pattern: csc-[a-zA-Z0-9-_\.]{17} + CodeSigningConfigArn: + description: A unique Arn for CodeSigningConfig resource + type: string + pattern: arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:code-signing-config:csc-[a-z0-9]{17} + required: + - AllowedPublishers + x-stackql-resource-name: code_signing_config + x-stackql-primaryIdentifier: + - CodeSigningConfigArn + x-read-only-properties: + - CodeSigningConfigId + - CodeSigningConfigArn + x-required-permissions: + create: + - lambda:CreateCodeSigningConfig + read: + - lambda:GetCodeSigningConfig + update: + - lambda:UpdateCodeSigningConfig + delete: + - lambda:DeleteCodeSigningConfig + list: + - lambda:ListCodeSigningConfigs + DestinationConfig: + type: object + additionalProperties: false + description: (Streams) An Amazon SQS queue or Amazon SNS topic destination for discarded records. + properties: + OnFailure: + description: The destination configuration for failed invocations. + $ref: '#/components/schemas/OnFailure' + OnFailure: + type: object + description: A destination for events that failed processing. + additionalProperties: false + properties: + Destination: + description: The Amazon Resource Name (ARN) of the destination resource. + type: string + pattern: arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]{2}(-gov)?-[a-z]+-\d{1})?:(\d{12})?:(.*) + minLength: 12 + maxLength: 1024 + OnSuccess: + description: The destination configuration for successful invocations. + type: object + properties: + Destination: + description: The Amazon Resource Name (ARN) of the destination resource. + type: string + pattern: ^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]{2}(-gov)?-[a-z]+-\d{1})?:(\d{12})?:(.*) + minLength: 0 + maxLength: 350 + required: + - Destination + additionalProperties: false + EventInvokeConfig: + type: object + properties: + DestinationConfig: + $ref: '#/components/schemas/DestinationConfig' + FunctionName: + description: The name of the Lambda function. + type: string + pattern: ^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$ + MaximumEventAgeInSeconds: + description: The maximum age of a request that Lambda sends to a function for processing. + type: integer + minimum: 60 + maximum: 21600 + MaximumRetryAttempts: + description: The maximum number of times to retry when the function returns an error. + type: integer + minimum: 0 + maximum: 2 + Qualifier: + description: The identifier of a version or alias. + type: string + pattern: ^(|[a-zA-Z0-9$_-]{1,129})$ + required: + - FunctionName + - Qualifier + x-stackql-resource-name: event_invoke_config + x-stackql-primaryIdentifier: + - FunctionName + - Qualifier + x-create-only-properties: + - FunctionName + - Qualifier + x-required-permissions: + create: + - lambda:PutFunctionEventInvokeConfig + read: + - lambda:GetFunctionEventInvokeConfig + update: + - lambda:UpdateFunctionEventInvokeConfig + delete: + - lambda:DeleteFunctionEventInvokeConfig + list: + - lambda:ListFunctionEventInvokeConfigs + FilterCriteria: + type: object + description: The filter criteria to control event filtering. + additionalProperties: false + properties: + Filters: + description: List of filters of this FilterCriteria + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Filter' + minItems: 1 + maxItems: 20 + Filter: + type: object + description: The filter object that defines parameters for ESM filtering. + additionalProperties: false + properties: + Pattern: + type: string + description: The filter pattern that defines which events should be passed for invocations. + pattern: .* + minLength: 0 + maxLength: 4096 + SourceAccessConfiguration: + type: object + additionalProperties: false + description: The configuration used by AWS Lambda to access event source + properties: + Type: + description: The type of source access configuration. + enum: + - BASIC_AUTH + - VPC_SUBNET + - VPC_SECURITY_GROUP + - SASL_SCRAM_512_AUTH + - SASL_SCRAM_256_AUTH + - VIRTUAL_HOST + - CLIENT_CERTIFICATE_TLS_AUTH + - SERVER_ROOT_CA_CERTIFICATE + type: string + URI: + description: The URI for the source access configuration resource. + type: string + pattern: '[a-zA-Z0-9-\/*:_+=.@-]*' + minLength: 1 + maxLength: 200 + SelfManagedEventSource: + type: object + additionalProperties: false + description: The configuration used by AWS Lambda to access a self-managed event source. + properties: + Endpoints: + description: The endpoints for a self-managed event source. + $ref: '#/components/schemas/Endpoints' + Endpoints: + type: object + additionalProperties: false + description: The endpoints used by AWS Lambda to access a self-managed event source. + properties: + KafkaBootstrapServers: + type: array + description: A list of Kafka server endpoints. + uniqueItems: true + items: + type: string + description: The URL of a Kafka server. + pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9]):[0-9]{1,5} + minLength: 1 + maxLength: 300 + minItems: 1 + maxItems: 10 + ConsumerGroupId: + description: The identifier for the Kafka Consumer Group to join. + type: string + pattern: '[a-zA-Z0-9-\/*:_+=.@-]*' + minLength: 1 + maxLength: 200 + AmazonManagedKafkaEventSourceConfig: + description: Specific configuration settings for an MSK event source. + type: object + additionalProperties: false + properties: + ConsumerGroupId: + description: The identifier for the Kafka Consumer Group to join. + $ref: '#/components/schemas/ConsumerGroupId' + SelfManagedKafkaEventSourceConfig: + description: Specific configuration settings for a Self-Managed Apache Kafka event source. + type: object + additionalProperties: false + properties: + ConsumerGroupId: + description: The identifier for the Kafka Consumer Group to join. + $ref: '#/components/schemas/ConsumerGroupId' + MaximumConcurrency: + description: The maximum number of concurrent functions that an event source can invoke. + type: integer + minimum: 2 + maximum: 1000 + ScalingConfig: + description: The scaling configuration for the event source. + type: object + additionalProperties: false + properties: + MaximumConcurrency: + description: The maximum number of concurrent functions that the event source can invoke. + $ref: '#/components/schemas/MaximumConcurrency' + DocumentDBEventSourceConfig: + description: Document db event source config. + type: object + additionalProperties: false + properties: + DatabaseName: + description: The database name to connect to. + type: string + minLength: 1 + maxLength: 63 + CollectionName: + description: The collection name to connect to. + type: string + minLength: 1 + maxLength: 57 + FullDocument: + description: Include full document in change stream response. The default option will only send the changes made to documents to Lambda. If you want the complete document sent to Lambda, set this to UpdateLookup. + type: string + enum: + - UpdateLookup + - Default + EventSourceMapping: + type: object + properties: + Id: + description: Event Source Mapping Identifier UUID. + type: string + pattern: '[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}' + minLength: 36 + maxLength: 36 + BatchSize: + description: The maximum number of items to retrieve in a single batch. + type: integer + minimum: 1 + maximum: 10000 + BisectBatchOnFunctionError: + description: (Streams) If the function returns an error, split the batch in two and retry. + type: boolean + DestinationConfig: + description: (Streams) An Amazon SQS queue or Amazon SNS topic destination for discarded records. + $ref: '#/components/schemas/DestinationConfig' + Enabled: + description: Disables the event source mapping to pause polling and invocation. + type: boolean + EventSourceArn: + description: The Amazon Resource Name (ARN) of the event source. + type: string + pattern: arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]{2}(-gov)?-[a-z]+-\d{1})?:(\d{12})?:(.*) + minLength: 12 + maxLength: 1024 + FilterCriteria: + description: The filter criteria to control event filtering. + $ref: '#/components/schemas/FilterCriteria' + FunctionName: + description: The name of the Lambda function. + type: string + pattern: (arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))? + minLength: 1 + maxLength: 140 + MaximumBatchingWindowInSeconds: + description: (Streams) The maximum amount of time to gather records before invoking the function, in seconds. + type: integer + minimum: 0 + maximum: 300 + MaximumRecordAgeInSeconds: + description: (Streams) The maximum age of a record that Lambda sends to a function for processing. + type: integer + minimum: -1 + maximum: 604800 + MaximumRetryAttempts: + description: (Streams) The maximum number of times to retry when the function returns an error. + type: integer + minimum: -1 + maximum: 10000 + ParallelizationFactor: + description: (Streams) The number of batches to process from each shard concurrently. + type: integer + minimum: 1 + maximum: 10 + StartingPosition: + description: The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB Streams sources. + type: string + pattern: (LATEST|TRIM_HORIZON|AT_TIMESTAMP)+ + minLength: 6 + maxLength: 12 + StartingPositionTimestamp: + description: With StartingPosition set to AT_TIMESTAMP, the time from which to start reading, in Unix time seconds. + type: number + Topics: + description: (Kafka) A list of Kafka topics. + type: array + uniqueItems: true + items: + type: string + pattern: ^[^.]([a-zA-Z0-9\-_.]+) + minLength: 1 + maxLength: 249 + minItems: 1 + maxItems: 1 + Queues: + description: (ActiveMQ) A list of ActiveMQ queues. + type: array + uniqueItems: true + items: + type: string + pattern: '[\s\S]*' + minLength: 1 + maxLength: 1000 + minItems: 1 + maxItems: 1 + SourceAccessConfigurations: + description: A list of SourceAccessConfiguration. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/SourceAccessConfiguration' + minItems: 1 + maxItems: 22 + TumblingWindowInSeconds: + description: (Streams) Tumbling window (non-overlapping time window) duration to perform aggregations. + type: integer + minimum: 0 + maximum: 900 + FunctionResponseTypes: + description: (Streams) A list of response types supported by the function. + type: array + uniqueItems: true + items: + type: string + enum: + - ReportBatchItemFailures + minLength: 0 + maxLength: 1 + SelfManagedEventSource: + description: Self-managed event source endpoints. + $ref: '#/components/schemas/SelfManagedEventSource' + AmazonManagedKafkaEventSourceConfig: + description: Specific configuration settings for an MSK event source. + $ref: '#/components/schemas/AmazonManagedKafkaEventSourceConfig' + SelfManagedKafkaEventSourceConfig: + description: Specific configuration settings for a Self-Managed Apache Kafka event source. + $ref: '#/components/schemas/SelfManagedKafkaEventSourceConfig' + ScalingConfig: + description: The scaling configuration for the event source. + $ref: '#/components/schemas/ScalingConfig' + DocumentDBEventSourceConfig: + description: Document db event source config. + $ref: '#/components/schemas/DocumentDBEventSourceConfig' + required: + - FunctionName + x-stackql-resource-name: event_source_mapping + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - EventSourceArn + - StartingPosition + - StartingPositionTimestamp + - SelfManagedEventSource + - AmazonManagedKafkaEventSourceConfig + - SelfManagedKafkaEventSourceConfig + x-read-only-properties: + - Id + x-required-permissions: + create: + - lambda:CreateEventSourceMapping + - lambda:GetEventSourceMapping + delete: + - lambda:DeleteEventSourceMapping + - lambda:GetEventSourceMapping + list: + - lambda:ListEventSourceMappings + read: + - lambda:GetEventSourceMapping + update: + - lambda:UpdateEventSourceMapping + - lambda:GetEventSourceMapping + ImageConfig: + description: Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms). + additionalProperties: false + type: object + properties: + WorkingDirectory: + description: Specifies the working directory. The length of the directory string cannot exceed 1,000 characters. + type: string + Command: + maxItems: 1500 + uniqueItems: true + description: Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list. + type: array + items: + type: string + EntryPoint: + maxItems: 1500 + uniqueItems: true + description: Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list. + type: array + items: + type: string + TracingConfig: + description: The function's [](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) tracing configuration. To sample and record incoming requests, set ``Mode`` to ``Active``. + additionalProperties: false + type: object + properties: + Mode: + description: The tracing mode. + type: string + enum: + - Active + - PassThrough + VpcConfig: + description: |- + The VPC security groups and subnets that are attached to a Lambda function. When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of security group and subnet in the function's VPC configuration. The function can only access resources and the internet through that VPC. For more information, see [VPC Settings](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html). + When you delete a function, CFN monitors the state of its network interfaces and waits for Lambda to delete them before proceeding. If the VPC is defined in the same stack, the network interfaces need to be deleted by Lambda before CFN can delete the VPC's resources. + To monitor network interfaces, CFN needs the ``ec2:DescribeNetworkInterfaces`` permission. It obtains this from the user or role that modifies the stack. If you don't provide this permission, CFN does not wait for network interfaces to be deleted. + additionalProperties: false + type: object + properties: + Ipv6AllowedForDualStack: + description: Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. + type: boolean + SecurityGroupIds: + maxItems: 5 + uniqueItems: false + description: A list of VPC security group IDs. + type: array + items: + type: string + SubnetIds: + maxItems: 16 + uniqueItems: false + description: A list of VPC subnet IDs. + type: array + items: + type: string + DeadLetterConfig: + description: The [dead-letter queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) for failed asynchronous invocations. + additionalProperties: false + type: object + properties: + TargetArn: + pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$ + description: The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic. + type: string + RuntimeManagementConfig: + description: Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html). + additionalProperties: false + type: object + properties: + UpdateRuntimeOn: + description: |- + Specify the runtime update mode. + + *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase). This is the best choice for most customers to ensure they always benefit from runtime updates. + + *FunctionUpdate* - LAM updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date. + + *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incomp + type: string + enum: + - Auto + - FunctionUpdate + - Manual + RuntimeVersionArn: + description: |- + The ARN of the runtime version you want the function to use. + This is only required if you're using the *Manual* runtime update mode. + type: string + required: + - UpdateRuntimeOn + SnapStart: + description: The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting. + additionalProperties: false + type: object + properties: + ApplyOn: + description: Set ``ApplyOn`` to ``PublishedVersions`` to create a snapshot of the initialized execution environment when you publish a function version. + type: string + enum: + - PublishedVersions + - None + required: + - ApplyOn + SnapStartResponse: + description: The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting. + additionalProperties: false + type: object + properties: + OptimizationStatus: + description: When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using), this response element indicates whether SnapStart is activated for the specified function version. + type: string + enum: + - 'On' + - 'Off' + ApplyOn: + description: When set to ``PublishedVersions``, Lambda creates a snapshot of the execution environment when you publish a function version. + type: string + enum: + - PublishedVersions + - None + Code: + description: |- + The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template. + Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template. + additionalProperties: false + type: object + properties: + S3ObjectVersion: + minLength: 1 + description: For versioned objects, the version of the deployment package object to use. + type: string + maxLength: 1024 + S3Bucket: + minLength: 3 + pattern: ^[0-9A-Za-z\.\-_]*(?``. To use a different log group, enter an existing log group or enter a new log group name. + type: string + maxLength: 512 + SystemLogLevel: + description: Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where ``DEBUG`` is the highest level and ``WARN`` is the lowest. + type: string + enum: + - DEBUG + - INFO + - WARN + Environment: + description: A function's environment variable settings. You can use environment variables to adjust your function's behavior without updating code. An environment variable is a pair of strings that are stored in a function's version-specific configuration. + additionalProperties: false + type: object + properties: + Variables: + x-patternProperties: + '[a-zA-Z][a-zA-Z0-9_]+': + type: string + description: Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html). + additionalProperties: false + type: object + FileSystemConfig: + description: Details about the connection between a Lambda function and an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html). + additionalProperties: false + type: object + properties: + Arn: + pattern: ^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:access-point/fsap-[a-f0-9]{17}$ + description: The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system. + type: string + maxLength: 200 + LocalMountPath: + pattern: ^/mnt/[a-zA-Z0-9-_.]+$ + description: The path where the function can access the file system, starting with ``/mnt/``. + type: string + maxLength: 160 + required: + - Arn + - LocalMountPath + Tag: + description: '' + additionalProperties: false + type: object + properties: + Value: + minLength: 0 + description: '' + type: string + maxLength: 256 + Key: + minLength: 1 + description: '' + type: string + maxLength: 128 + required: + - Key + EphemeralStorage: + description: The size of the function's ``/tmp`` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB. + additionalProperties: false + type: object + properties: + Size: + description: The size of the function's ``/tmp`` directory. + maximum: 10240 + type: integer + minimum: 512 + required: + - Size + Function: + type: object + properties: + Description: + description: A description of the function. + type: string + maxLength: 256 + TracingConfig: + description: Set ``Mode`` to ``Active`` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html). + $ref: '#/components/schemas/TracingConfig' + VpcConfig: + description: For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html). + $ref: '#/components/schemas/VpcConfig' + RuntimeManagementConfig: + description: Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html). + $ref: '#/components/schemas/RuntimeManagementConfig' + ReservedConcurrentExecutions: + description: The number of simultaneous executions to reserve for the function. + type: integer + minimum: 0 + SnapStart: + description: The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting. + $ref: '#/components/schemas/SnapStart' + FileSystemConfigs: + maxItems: 1 + description: |- + Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a ``DependsOn`` attribute to ensure that the mount target is created or updated before the function. + For more information about using the ``DependsOn`` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html). + type: array + items: + $ref: '#/components/schemas/FileSystemConfig' + FunctionName: + minLength: 1 + description: |- + The name of the Lambda function, up to 64 characters in length. If you don't specify a name, CFN generates one. + If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. + type: string + Runtime: + description: |- + The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive. + The following list includes deprecated runtimes. For more information, see [Runtime deprecation policy](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy). + type: string + KmsKeyArn: + pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$ + description: >- + The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your + function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key. + type: string + PackageType: + description: The type of deployment package. Set to ``Image`` for container image and set ``Zip`` for .zip file archive. + type: string + enum: + - Image + - Zip + CodeSigningConfigArn: + pattern: arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:code-signing-config:csc-[a-z0-9]{17} + description: To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function. + type: string + Layers: + uniqueItems: false + description: A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version. + type: array + items: + type: string + Tags: + uniqueItems: true + description: A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function. + x-insertionOrder: false + type: array + items: + $ref: '#/components/schemas/Tag' + ImageConfig: + description: Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms). + $ref: '#/components/schemas/ImageConfig' + MemorySize: + description: The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase. + type: integer + DeadLetterConfig: + description: A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq). + $ref: '#/components/schemas/DeadLetterConfig' + Timeout: + description: The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html). + type: integer + minimum: 1 + Handler: + pattern: ^[^\s]+$ + description: The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html). + type: string + maxLength: 128 + SnapStartResponse: + description: '' + $ref: '#/components/schemas/SnapStartResponse' + Code: + description: The code for the function. + $ref: '#/components/schemas/Code' + Role: + pattern: ^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + description: The Amazon Resource Name (ARN) of the function's execution role. + type: string + LoggingConfig: + description: The function's Amazon CloudWatch Logs configuration settings. + $ref: '#/components/schemas/LoggingConfig' + Environment: + description: Environment variables that are accessible from function code during execution. + $ref: '#/components/schemas/Environment' + Arn: + description: '' + type: string + EphemeralStorage: + description: The size of the function's ``/tmp`` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB. + $ref: '#/components/schemas/EphemeralStorage' + Architectures: + minItems: 1 + maxItems: 1 + uniqueItems: true + description: The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is ``x86_64``. + type: array + items: + type: string + enum: + - x86_64 + - arm64 + required: + - Code + - Role + x-stackql-resource-name: function + x-stackql-primaryIdentifier: + - FunctionName + x-create-only-properties: + - FunctionName + x-read-only-properties: + - SnapStartResponse + - SnapStartResponse/ApplyOn + - SnapStartResponse/OptimizationStatus + - Arn + x-required-permissions: + read: + - lambda:GetFunction + - lambda:GetFunctionCodeSigningConfig + create: + - lambda:CreateFunction + - lambda:GetFunction + - lambda:PutFunctionConcurrency + - iam:PassRole + - s3:GetObject + - s3:GetObjectVersion + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - elasticfilesystem:DescribeMountTargets + - kms:CreateGrant + - kms:Decrypt + - kms:Encrypt + - kms:GenerateDataKey + - lambda:GetCodeSigningConfig + - lambda:GetFunctionCodeSigningConfig + - lambda:GetLayerVersion + - lambda:GetRuntimeManagementConfig + - lambda:PutRuntimeManagementConfig + - lambda:TagResource + - lambda:GetPolicy + - lambda:AddPermission + - lambda:RemovePermission + - lambda:GetResourcePolicy + - lambda:PutResourcePolicy + update: + - lambda:DeleteFunctionConcurrency + - lambda:GetFunction + - lambda:PutFunctionConcurrency + - lambda:ListTags + - lambda:TagResource + - lambda:UntagResource + - lambda:UpdateFunctionConfiguration + - lambda:UpdateFunctionCode + - iam:PassRole + - s3:GetObject + - s3:GetObjectVersion + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - elasticfilesystem:DescribeMountTargets + - kms:CreateGrant + - kms:Decrypt + - kms:GenerateDataKey + - lambda:GetRuntimeManagementConfig + - lambda:PutRuntimeManagementConfig + - lambda:PutFunctionCodeSigningConfig + - lambda:DeleteFunctionCodeSigningConfig + - lambda:GetCodeSigningConfig + - lambda:GetFunctionCodeSigningConfig + - lambda:GetPolicy + - lambda:AddPermission + - lambda:RemovePermission + - lambda:GetResourcePolicy + - lambda:PutResourcePolicy + - lambda:DeleteResourcePolicy + list: + - lambda:ListFunctions + delete: + - lambda:DeleteFunction + - lambda:GetFunction + - ec2:DescribeNetworkInterfaces + Content: + type: object + additionalProperties: false + properties: + S3ObjectVersion: + description: For versioned objects, the version of the layer archive object to use. + type: string + S3Bucket: + description: The Amazon S3 bucket of the layer archive. + type: string + S3Key: + description: The Amazon S3 key of the layer archive. + type: string + required: + - S3Bucket + - S3Key + LayerVersion: + type: object + properties: + CompatibleRuntimes: + description: A list of compatible function runtimes. Used for filtering with ListLayers and ListLayerVersions. + type: array + x-insertionOrder: false + uniqueItems: false + items: + type: string + LicenseInfo: + description: The layer's software license. + type: string + Description: + description: The description of the version. + type: string + LayerName: + description: The name or Amazon Resource Name (ARN) of the layer. + type: string + Content: + description: The function layer archive. + $ref: '#/components/schemas/Content' + LayerVersionArn: + type: string + CompatibleArchitectures: + description: A list of compatible instruction set architectures. + type: array + x-insertionOrder: false + uniqueItems: false + items: + type: string + required: + - Content + x-stackql-resource-name: layer_version + x-stackql-primaryIdentifier: + - LayerVersionArn + x-create-only-properties: + - CompatibleRuntimes + - LicenseInfo + - CompatibleArchitectures + - LayerName + - Description + - Content + x-read-only-properties: + - LayerVersionArn + x-required-permissions: + create: + - lambda:PublishLayerVersion + - s3:GetObject + - s3:GetObjectVersion + read: + - lambda:GetLayerVersion + delete: + - lambda:GetLayerVersion + - lambda:DeleteLayerVersion + list: + - lambda:ListLayerVersions + LayerVersionPermission: + type: object + properties: + Id: + description: ID generated by service + type: string + Action: + description: The API action that grants access to the layer. + type: string + LayerVersionArn: + description: The name or Amazon Resource Name (ARN) of the layer. + type: string + OrganizationId: + description: With the principal set to *, grant permission to all accounts in the specified organization. + type: string + Principal: + description: An account ID, or * to grant layer usage permission to all accounts in an organization, or all AWS accounts (if organizationId is not specified). + type: string + required: + - LayerVersionArn + - Action + - Principal + x-stackql-resource-name: layer_version_permission + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - OrganizationId + - Principal + - Action + - LayerVersionArn + x-read-only-properties: + - Id + x-required-permissions: + create: + - lambda:AddLayerVersionPermission + read: + - lambda:GetLayerVersionPolicy + delete: + - lambda:GetLayerVersionPolicy + - lambda:RemoveLayerVersionPermission + list: + - lambda:GetLayerVersionPolicy + Permission: + type: object + properties: + Id: + description: '' + type: string + pattern: ^.*$ + minLength: 1 + maxLength: 256 + Action: + description: The action that the principal can use on the function. For example, ``lambda:InvokeFunction`` or ``lambda:GetFunction``. + type: string + pattern: ^(lambda:[*]|lambda:[a-zA-Z]+|[*])$ + minLength: 1 + maxLength: 256 + EventSourceToken: + description: For Alexa Smart Home functions, a token that the invoker must supply. + type: string + pattern: ^[a-zA-Z0-9._\-]+$ + minLength: 1 + maxLength: 256 + FunctionName: + description: |- + The name of the Lambda function, version, or alias. + **Name formats** + + *Function name* – ``my-function`` (name-only), ``my-function:v1`` (with alias). + + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:my-function``. + + *Partial ARN* – ``123456789012:function:my-function``. + + You can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. + type: string + pattern: ^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$ + minLength: 1 + maxLength: 140 + FunctionUrlAuthType: + description: The type of authentication that your function URL uses. Set to ``AWS_IAM`` if you want to restrict access to authenticated users only. Set to ``NONE`` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). + type: string + enum: + - AWS_IAM + - NONE + Principal: + description: The AWS-service or AWS-account that invokes the function. If you specify a service, use ``SourceArn`` or ``SourceAccount`` to limit who can invoke the function through that service. + type: string + pattern: ^.*$ + minLength: 1 + maxLength: 256 + PrincipalOrgID: + description: The identifier for your organization in AOlong. Use this to grant permissions to all the AWS-accounts under this organization. + type: string + pattern: ^o-[a-z0-9]{10,32}$ + minLength: 12 + maxLength: 34 + SourceAccount: + description: For AWS-service, the ID of the AWS-account that owns the resource. Use this together with ``SourceArn`` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account. + type: string + pattern: ^\d{12}$ + minLength: 12 + maxLength: 12 + SourceArn: + description: |- + For AWS-services, the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic. + Note that Lambda configures the comparison using the ``StringLike`` operator. + type: string + pattern: ^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1})?:(\d{12})?:(.*)$ + minLength: 12 + maxLength: 1024 + required: + - FunctionName + - Action + - Principal + x-stackql-resource-name: permission + x-stackql-primaryIdentifier: + - FunctionName + - Id + x-create-only-properties: + - FunctionName + - FunctionUrlAuthType + - SourceAccount + - SourceArn + - Principal + - PrincipalOrgID + - Action + - EventSourceToken + x-read-only-properties: + - Id + x-required-permissions: + create: + - lambda:AddPermission + read: + - lambda:GetPolicy + delete: + - lambda:RemovePermission + list: + - lambda:GetPolicy + AllowHeaders: + items: + type: string + minLength: 1 + maxLength: 1024 + type: array + minItems: 1 + maxItems: 100 + x-insertionOrder: true + AllowMethods: + items: + type: string + enum: + - GET + - PUT + - HEAD + - POST + - PATCH + - DELETE + - '*' + type: array + minItems: 1 + maxItems: 6 + x-insertionOrder: true + AllowOrigins: + items: + type: string + minLength: 1 + maxLength: 253 + type: array + minItems: 1 + maxItems: 100 + x-insertionOrder: true + ExposeHeaders: + items: + type: string + minLength: 1 + maxLength: 1024 + type: array + minItems: 1 + maxItems: 100 + x-insertionOrder: true + Cors: + additionalProperties: false + properties: + AllowCredentials: + description: Specifies whether credentials are included in the CORS request. + type: boolean + AllowHeaders: + description: Represents a collection of allowed headers. + $ref: '#/components/schemas/AllowHeaders' + AllowMethods: + description: Represents a collection of allowed HTTP methods. + $ref: '#/components/schemas/AllowMethods' + AllowOrigins: + description: Represents a collection of allowed origins. + $ref: '#/components/schemas/AllowOrigins' + ExposeHeaders: + description: Represents a collection of exposed headers. + $ref: '#/components/schemas/ExposeHeaders' + MaxAge: + type: integer + minimum: 0 + maximum: 86400 + type: object + Url: + type: object + properties: + TargetFunctionArn: + description: The Amazon Resource Name (ARN) of the function associated with the Function URL. + type: string + pattern: ^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:((?!\d+)[0-9a-zA-Z-_]+))?$ + Qualifier: + description: The alias qualifier for the target function. If TargetFunctionArn is unqualified then Qualifier must be passed. + type: string + minLength: 1 + maxLength: 128 + pattern: ((?!^[0-9]+$)([a-zA-Z0-9-_]+)) + AuthType: + description: Can be either AWS_IAM if the requests are authorized via IAM, or NONE if no authorization is configured on the Function URL. + type: string + enum: + - AWS_IAM + - NONE + InvokeMode: + description: The invocation mode for the function’s URL. Set to BUFFERED if you want to buffer responses before returning them to the client. Set to RESPONSE_STREAM if you want to stream responses, allowing faster time to first byte and larger response payload sizes. If not set, defaults to BUFFERED. + type: string + enum: + - BUFFERED + - RESPONSE_STREAM + FunctionArn: + description: The full Amazon Resource Name (ARN) of the function associated with the Function URL. + type: string + pattern: ^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:((?!\d+)[0-9a-zA-Z-_]+))?$ + FunctionUrl: + description: The generated url for this resource. + type: string + Cors: + $ref: '#/components/schemas/Cors' + required: + - TargetFunctionArn + - AuthType + x-stackql-resource-name: url + x-stackql-primaryIdentifier: + - FunctionArn + x-create-only-properties: + - TargetFunctionArn + - Qualifier + x-read-only-properties: + - FunctionUrl + - FunctionArn + x-required-permissions: + create: + - lambda:CreateFunctionUrlConfig + read: + - lambda:GetFunctionUrlConfig + update: + - lambda:UpdateFunctionUrlConfig + list: + - lambda:ListFunctionUrlConfigs + delete: + - lambda:DeleteFunctionUrlConfig + ProvisionedConcurrencyConfiguration: + type: object + description: A provisioned concurrency configuration for a function's version. + additionalProperties: false + properties: + ProvisionedConcurrentExecutions: + type: integer + description: The amount of provisioned concurrency to allocate for the version. + required: + - ProvisionedConcurrentExecutions + RuntimePolicy: + type: object + description: Runtime Management Config of a function. + additionalProperties: false + properties: + RuntimeVersionArn: + type: string + description: The ARN of the runtime the function is configured to use. If the runtime update mode is manual, the ARN is returned, otherwise null is returned. + minLength: 26 + maxLength: 2048 + pattern: ^arn:(aws[a-zA-Z-]*):lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}::runtime:.+$ + UpdateRuntimeOn: + type: string + description: The runtime update mode. + required: + - UpdateRuntimeOn + Version: + type: object + properties: + FunctionArn: + type: string + description: The ARN of the version. + Version: + type: string + description: The version number. + CodeSha256: + type: string + description: Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property. + Description: + type: string + description: A description for the version to override the description in the function configuration. Updates are not supported for this property. + minLength: 0 + maxLength: 256 + FunctionName: + type: string + description: The name of the Lambda function. + minLength: 1 + maxLength: 140 + pattern: ^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$ + ProvisionedConcurrencyConfig: + description: Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property. + $ref: '#/components/schemas/ProvisionedConcurrencyConfiguration' + RuntimePolicy: + description: Specifies the runtime management configuration of a function. Displays runtimeVersionArn only for Manual. + $ref: '#/components/schemas/RuntimePolicy' + required: + - FunctionName + x-stackql-resource-name: version + x-stackql-primaryIdentifier: + - FunctionArn + x-create-only-properties: + - FunctionName + - Description + - CodeSha256 + - ProvisionedConcurrencyConfig + - RuntimePolicy + x-read-only-properties: + - Version + - FunctionArn + x-required-permissions: + create: + - lambda:PublishVersion + - lambda:GetFunctionConfiguration + - lambda:PutProvisionedConcurrencyConfig + - lambda:GetProvisionedConcurrencyConfig + - lambda:PutRuntimeManagementConfig + - lambda:GetRuntimeManagementConfig + read: + - lambda:GetFunctionConfiguration + - lambda:GetProvisionedConcurrencyConfig + - lambda:GetRuntimeManagementConfig + delete: + - lambda:GetFunctionConfiguration + - lambda:DeleteFunction + list: + - lambda:ListVersionsByFunction + update: [] + x-stackQL-resources: + code_signing_configs: + name: code_signing_configs + id: awscc.lambda.code_signing_configs + x-cfn-schema-name: CodeSigningConfig + x-type: list + x-identifiers: + - CodeSigningConfigArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CodeSigningConfigArn') as code_signing_config_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::CodeSigningConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CodeSigningConfigArn') as code_signing_config_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::CodeSigningConfig' + AND region = 'us-east-1' + code_signing_config: + name: code_signing_config + id: awscc.lambda.code_signing_config + x-cfn-schema-name: CodeSigningConfig + x-type: get + x-identifiers: + - CodeSigningConfigArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.AllowedPublishers') as allowed_publishers, + JSON_EXTRACT(Properties, '$.CodeSigningPolicies') as code_signing_policies, + JSON_EXTRACT(Properties, '$.CodeSigningConfigId') as code_signing_config_id, + JSON_EXTRACT(Properties, '$.CodeSigningConfigArn') as code_signing_config_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::CodeSigningConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'AllowedPublishers') as allowed_publishers, + json_extract_path_text(Properties, 'CodeSigningPolicies') as code_signing_policies, + json_extract_path_text(Properties, 'CodeSigningConfigId') as code_signing_config_id, + json_extract_path_text(Properties, 'CodeSigningConfigArn') as code_signing_config_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::CodeSigningConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + event_invoke_configs: + name: event_invoke_configs + id: awscc.lambda.event_invoke_configs + x-cfn-schema-name: EventInvokeConfig + x-type: list + x-identifiers: + - FunctionName + - Qualifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name, + JSON_EXTRACT(Properties, '$.Qualifier') as qualifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::EventInvokeConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionName') as function_name, + json_extract_path_text(Properties, 'Qualifier') as qualifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::EventInvokeConfig' + AND region = 'us-east-1' + event_invoke_config: + name: event_invoke_config + id: awscc.lambda.event_invoke_config + x-cfn-schema-name: EventInvokeConfig + x-type: get + x-identifiers: + - FunctionName + - Qualifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DestinationConfig') as destination_config, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name, + JSON_EXTRACT(Properties, '$.MaximumEventAgeInSeconds') as maximum_event_age_in_seconds, + JSON_EXTRACT(Properties, '$.MaximumRetryAttempts') as maximum_retry_attempts, + JSON_EXTRACT(Properties, '$.Qualifier') as qualifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::EventInvokeConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DestinationConfig') as destination_config, + json_extract_path_text(Properties, 'FunctionName') as function_name, + json_extract_path_text(Properties, 'MaximumEventAgeInSeconds') as maximum_event_age_in_seconds, + json_extract_path_text(Properties, 'MaximumRetryAttempts') as maximum_retry_attempts, + json_extract_path_text(Properties, 'Qualifier') as qualifier + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::EventInvokeConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + event_source_mappings: + name: event_source_mappings + id: awscc.lambda.event_source_mappings + x-cfn-schema-name: EventSourceMapping + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::EventSourceMapping' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::EventSourceMapping' + AND region = 'us-east-1' + event_source_mapping: + name: event_source_mapping + id: awscc.lambda.event_source_mapping + x-cfn-schema-name: EventSourceMapping + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.BatchSize') as batch_size, + JSON_EXTRACT(Properties, '$.BisectBatchOnFunctionError') as bisect_batch_on_function_error, + JSON_EXTRACT(Properties, '$.DestinationConfig') as destination_config, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.EventSourceArn') as event_source_arn, + JSON_EXTRACT(Properties, '$.FilterCriteria') as filter_criteria, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name, + JSON_EXTRACT(Properties, '$.MaximumBatchingWindowInSeconds') as maximum_batching_window_in_seconds, + JSON_EXTRACT(Properties, '$.MaximumRecordAgeInSeconds') as maximum_record_age_in_seconds, + JSON_EXTRACT(Properties, '$.MaximumRetryAttempts') as maximum_retry_attempts, + JSON_EXTRACT(Properties, '$.ParallelizationFactor') as parallelization_factor, + JSON_EXTRACT(Properties, '$.StartingPosition') as starting_position, + JSON_EXTRACT(Properties, '$.StartingPositionTimestamp') as starting_position_timestamp, + JSON_EXTRACT(Properties, '$.Topics') as topics, + JSON_EXTRACT(Properties, '$.Queues') as queues, + JSON_EXTRACT(Properties, '$.SourceAccessConfigurations') as source_access_configurations, + JSON_EXTRACT(Properties, '$.TumblingWindowInSeconds') as tumbling_window_in_seconds, + JSON_EXTRACT(Properties, '$.FunctionResponseTypes') as function_response_types, + JSON_EXTRACT(Properties, '$.SelfManagedEventSource') as self_managed_event_source, + JSON_EXTRACT(Properties, '$.AmazonManagedKafkaEventSourceConfig') as amazon_managed_kafka_event_source_config, + JSON_EXTRACT(Properties, '$.SelfManagedKafkaEventSourceConfig') as self_managed_kafka_event_source_config, + JSON_EXTRACT(Properties, '$.ScalingConfig') as scaling_config, + JSON_EXTRACT(Properties, '$.DocumentDBEventSourceConfig') as document_db_event_source_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::EventSourceMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'BatchSize') as batch_size, + json_extract_path_text(Properties, 'BisectBatchOnFunctionError') as bisect_batch_on_function_error, + json_extract_path_text(Properties, 'DestinationConfig') as destination_config, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'EventSourceArn') as event_source_arn, + json_extract_path_text(Properties, 'FilterCriteria') as filter_criteria, + json_extract_path_text(Properties, 'FunctionName') as function_name, + json_extract_path_text(Properties, 'MaximumBatchingWindowInSeconds') as maximum_batching_window_in_seconds, + json_extract_path_text(Properties, 'MaximumRecordAgeInSeconds') as maximum_record_age_in_seconds, + json_extract_path_text(Properties, 'MaximumRetryAttempts') as maximum_retry_attempts, + json_extract_path_text(Properties, 'ParallelizationFactor') as parallelization_factor, + json_extract_path_text(Properties, 'StartingPosition') as starting_position, + json_extract_path_text(Properties, 'StartingPositionTimestamp') as starting_position_timestamp, + json_extract_path_text(Properties, 'Topics') as topics, + json_extract_path_text(Properties, 'Queues') as queues, + json_extract_path_text(Properties, 'SourceAccessConfigurations') as source_access_configurations, + json_extract_path_text(Properties, 'TumblingWindowInSeconds') as tumbling_window_in_seconds, + json_extract_path_text(Properties, 'FunctionResponseTypes') as function_response_types, + json_extract_path_text(Properties, 'SelfManagedEventSource') as self_managed_event_source, + json_extract_path_text(Properties, 'AmazonManagedKafkaEventSourceConfig') as amazon_managed_kafka_event_source_config, + json_extract_path_text(Properties, 'SelfManagedKafkaEventSourceConfig') as self_managed_kafka_event_source_config, + json_extract_path_text(Properties, 'ScalingConfig') as scaling_config, + json_extract_path_text(Properties, 'DocumentDBEventSourceConfig') as document_db_event_source_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::EventSourceMapping' + AND data__Identifier = '' + AND region = 'us-east-1' + functions: + name: functions + id: awscc.lambda.functions + x-cfn-schema-name: Function + x-type: list + x-identifiers: + - FunctionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Function' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionName') as function_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Function' + AND region = 'us-east-1' + function: + name: function + id: awscc.lambda.function + x-cfn-schema-name: Function + x-type: get + x-identifiers: + - FunctionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.TracingConfig') as tracing_config, + JSON_EXTRACT(Properties, '$.VpcConfig') as vpc_config, + JSON_EXTRACT(Properties, '$.RuntimeManagementConfig') as runtime_management_config, + JSON_EXTRACT(Properties, '$.ReservedConcurrentExecutions') as reserved_concurrent_executions, + JSON_EXTRACT(Properties, '$.SnapStart') as snap_start, + JSON_EXTRACT(Properties, '$.FileSystemConfigs') as file_system_configs, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name, + JSON_EXTRACT(Properties, '$.Runtime') as runtime, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.PackageType') as package_type, + JSON_EXTRACT(Properties, '$.CodeSigningConfigArn') as code_signing_config_arn, + JSON_EXTRACT(Properties, '$.Layers') as layers, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ImageConfig') as image_config, + JSON_EXTRACT(Properties, '$.MemorySize') as memory_size, + JSON_EXTRACT(Properties, '$.DeadLetterConfig') as dead_letter_config, + JSON_EXTRACT(Properties, '$.Timeout') as timeout, + JSON_EXTRACT(Properties, '$.Handler') as handler, + JSON_EXTRACT(Properties, '$.SnapStartResponse') as snap_start_response, + JSON_EXTRACT(Properties, '$.Code') as code, + JSON_EXTRACT(Properties, '$.Role') as role, + JSON_EXTRACT(Properties, '$.LoggingConfig') as logging_config, + JSON_EXTRACT(Properties, '$.Environment') as environment, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.EphemeralStorage') as ephemeral_storage, + JSON_EXTRACT(Properties, '$.Architectures') as architectures + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Function' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'TracingConfig') as tracing_config, + json_extract_path_text(Properties, 'VpcConfig') as vpc_config, + json_extract_path_text(Properties, 'RuntimeManagementConfig') as runtime_management_config, + json_extract_path_text(Properties, 'ReservedConcurrentExecutions') as reserved_concurrent_executions, + json_extract_path_text(Properties, 'SnapStart') as snap_start, + json_extract_path_text(Properties, 'FileSystemConfigs') as file_system_configs, + json_extract_path_text(Properties, 'FunctionName') as function_name, + json_extract_path_text(Properties, 'Runtime') as runtime, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'PackageType') as package_type, + json_extract_path_text(Properties, 'CodeSigningConfigArn') as code_signing_config_arn, + json_extract_path_text(Properties, 'Layers') as layers, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ImageConfig') as image_config, + json_extract_path_text(Properties, 'MemorySize') as memory_size, + json_extract_path_text(Properties, 'DeadLetterConfig') as dead_letter_config, + json_extract_path_text(Properties, 'Timeout') as timeout, + json_extract_path_text(Properties, 'Handler') as handler, + json_extract_path_text(Properties, 'SnapStartResponse') as snap_start_response, + json_extract_path_text(Properties, 'Code') as code, + json_extract_path_text(Properties, 'Role') as role, + json_extract_path_text(Properties, 'LoggingConfig') as logging_config, + json_extract_path_text(Properties, 'Environment') as environment, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'EphemeralStorage') as ephemeral_storage, + json_extract_path_text(Properties, 'Architectures') as architectures + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Function' + AND data__Identifier = '' + AND region = 'us-east-1' + layer_versions: + name: layer_versions + id: awscc.lambda.layer_versions + x-cfn-schema-name: LayerVersion + x-type: list + x-identifiers: + - LayerVersionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LayerVersionArn') as layer_version_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::LayerVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LayerVersionArn') as layer_version_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::LayerVersion' + AND region = 'us-east-1' + layer_version: + name: layer_version + id: awscc.lambda.layer_version + x-cfn-schema-name: LayerVersion + x-type: get + x-identifiers: + - LayerVersionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CompatibleRuntimes') as compatible_runtimes, + JSON_EXTRACT(Properties, '$.LicenseInfo') as license_info, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.LayerName') as layer_name, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.LayerVersionArn') as layer_version_arn, + JSON_EXTRACT(Properties, '$.CompatibleArchitectures') as compatible_architectures + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::LayerVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CompatibleRuntimes') as compatible_runtimes, + json_extract_path_text(Properties, 'LicenseInfo') as license_info, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'LayerName') as layer_name, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'LayerVersionArn') as layer_version_arn, + json_extract_path_text(Properties, 'CompatibleArchitectures') as compatible_architectures + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::LayerVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + layer_version_permissions: + name: layer_version_permissions + id: awscc.lambda.layer_version_permissions + x-cfn-schema-name: LayerVersionPermission + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::LayerVersionPermission' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::LayerVersionPermission' + AND region = 'us-east-1' + layer_version_permission: + name: layer_version_permission + id: awscc.lambda.layer_version_permission + x-cfn-schema-name: LayerVersionPermission + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Action') as action, + JSON_EXTRACT(Properties, '$.LayerVersionArn') as layer_version_arn, + JSON_EXTRACT(Properties, '$.OrganizationId') as organization_id, + JSON_EXTRACT(Properties, '$.Principal') as principal + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::LayerVersionPermission' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Action') as action, + json_extract_path_text(Properties, 'LayerVersionArn') as layer_version_arn, + json_extract_path_text(Properties, 'OrganizationId') as organization_id, + json_extract_path_text(Properties, 'Principal') as principal + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::LayerVersionPermission' + AND data__Identifier = '' + AND region = 'us-east-1' + permissions: + name: permissions + id: awscc.lambda.permissions + x-cfn-schema-name: Permission + x-type: list + x-identifiers: + - FunctionName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Permission' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionName') as function_name, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Permission' + AND region = 'us-east-1' + permission: + name: permission + id: awscc.lambda.permission + x-cfn-schema-name: Permission + x-type: get + x-identifiers: + - FunctionName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Action') as action, + JSON_EXTRACT(Properties, '$.EventSourceToken') as event_source_token, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name, + JSON_EXTRACT(Properties, '$.FunctionUrlAuthType') as function_url_auth_type, + JSON_EXTRACT(Properties, '$.Principal') as principal, + JSON_EXTRACT(Properties, '$.PrincipalOrgID') as principal_org_id, + JSON_EXTRACT(Properties, '$.SourceAccount') as source_account, + JSON_EXTRACT(Properties, '$.SourceArn') as source_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Permission' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Action') as action, + json_extract_path_text(Properties, 'EventSourceToken') as event_source_token, + json_extract_path_text(Properties, 'FunctionName') as function_name, + json_extract_path_text(Properties, 'FunctionUrlAuthType') as function_url_auth_type, + json_extract_path_text(Properties, 'Principal') as principal, + json_extract_path_text(Properties, 'PrincipalOrgID') as principal_org_id, + json_extract_path_text(Properties, 'SourceAccount') as source_account, + json_extract_path_text(Properties, 'SourceArn') as source_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Permission' + AND data__Identifier = '' + AND region = 'us-east-1' + urls: + name: urls + id: awscc.lambda.urls + x-cfn-schema-name: Url + x-type: list + x-identifiers: + - FunctionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionArn') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Url' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionArn') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Url' + AND region = 'us-east-1' + url: + name: url + id: awscc.lambda.url + x-cfn-schema-name: Url + x-type: get + x-identifiers: + - FunctionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetFunctionArn') as target_function_arn, + JSON_EXTRACT(Properties, '$.Qualifier') as qualifier, + JSON_EXTRACT(Properties, '$.AuthType') as auth_type, + JSON_EXTRACT(Properties, '$.InvokeMode') as invoke_mode, + JSON_EXTRACT(Properties, '$.FunctionArn') as function_arn, + JSON_EXTRACT(Properties, '$.FunctionUrl') as function_url, + JSON_EXTRACT(Properties, '$.Cors') as cors + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Url' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetFunctionArn') as target_function_arn, + json_extract_path_text(Properties, 'Qualifier') as qualifier, + json_extract_path_text(Properties, 'AuthType') as auth_type, + json_extract_path_text(Properties, 'InvokeMode') as invoke_mode, + json_extract_path_text(Properties, 'FunctionArn') as function_arn, + json_extract_path_text(Properties, 'FunctionUrl') as function_url, + json_extract_path_text(Properties, 'Cors') as cors + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Url' + AND data__Identifier = '' + AND region = 'us-east-1' + versions: + name: versions + id: awscc.lambda.versions + x-cfn-schema-name: Version + x-type: list + x-identifiers: + - FunctionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionArn') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Version' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionArn') as function_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lambda::Version' + AND region = 'us-east-1' + version: + name: version + id: awscc.lambda.version + x-cfn-schema-name: Version + x-type: get + x-identifiers: + - FunctionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FunctionArn') as function_arn, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.CodeSha256') as code_sha256, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.FunctionName') as function_name, + JSON_EXTRACT(Properties, '$.ProvisionedConcurrencyConfig') as provisioned_concurrency_config, + JSON_EXTRACT(Properties, '$.RuntimePolicy') as runtime_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Version' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FunctionArn') as function_arn, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'CodeSha256') as code_sha256, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'FunctionName') as function_name, + json_extract_path_text(Properties, 'ProvisionedConcurrencyConfig') as provisioned_concurrency_config, + json_extract_path_text(Properties, 'RuntimePolicy') as runtime_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lambda::Version' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/lex.yaml b/providers/src/awscc/v00.00.00000/services/lex.yaml new file mode 100644 index 00000000..e4a28b19 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/lex.yaml @@ -0,0 +1,2209 @@ +openapi: 3.0.0 +info: + title: Lex + version: 1.0.0 +paths: {} +components: + schemas: + BotAliasLocaleSettingsList: + description: A list of bot alias locale settings to add to the bot alias. + type: array + uniqueItems: true + maxItems: 50 + x-insertionOrder: false + items: + $ref: '#/components/schemas/BotAliasLocaleSettingsItem' + BotAliasLocaleSettingsItem: + description: A locale setting in alias + type: object + properties: + LocaleId: + description: A string used to identify the locale + type: string + minLength: 1 + maxLength: 128 + BotAliasLocaleSetting: + $ref: '#/components/schemas/BotAliasLocaleSettings' + required: + - LocaleId + - BotAliasLocaleSetting + additionalProperties: false + BotAliasLocaleSettings: + description: You can use this parameter to specify a specific Lambda function to run different functions in different locales. + type: object + properties: + CodeHookSpecification: + $ref: '#/components/schemas/CodeHookSpecification' + Enabled: + type: boolean + description: Whether the Lambda code hook is enabled + required: + - Enabled + additionalProperties: false + CodeHookSpecification: + description: Contains information about code hooks that Amazon Lex calls during a conversation. + type: object + properties: + LambdaCodeHook: + $ref: '#/components/schemas/LambdaCodeHook' + required: + - LambdaCodeHook + additionalProperties: false + LambdaCodeHook: + description: Contains information about code hooks that Amazon Lex calls during a conversation. + type: object + properties: + CodeHookInterfaceVersion: + description: The version of the request-response that you want Amazon Lex to use to invoke your Lambda function. + type: string + minLength: 1 + maxLength: 5 + LambdaArn: + description: The Amazon Resource Name (ARN) of the Lambda function. + type: string + minLength: 20 + maxLength: 2048 + required: + - CodeHookInterfaceVersion + - LambdaArn + additionalProperties: false + ConversationLogSettings: + description: Contains information about code hooks that Amazon Lex calls during a conversation. + type: object + properties: + AudioLogSettings: + $ref: '#/components/schemas/AudioLogSettings' + TextLogSettings: + $ref: '#/components/schemas/TextLogSettings' + additionalProperties: false + AudioLogSettings: + description: List of audio log settings + type: array + maxItems: 1 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/AudioLogSetting' + TextLogSettings: + description: List of text log settings + type: array + maxItems: 1 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/TextLogSetting' + AudioLogSetting: + description: Settings for logging audio of conversations between Amazon Lex and a user. You specify whether to log audio and the Amazon S3 bucket where the audio file is stored. + type: object + properties: + Destination: + $ref: '#/components/schemas/AudioLogDestination' + Enabled: + type: boolean + description: '' + required: + - Destination + - Enabled + additionalProperties: false + TextLogSetting: + description: Contains information about code hooks that Amazon Lex calls during a conversation. + type: object + properties: + Destination: + $ref: '#/components/schemas/TextLogDestination' + Enabled: + type: boolean + description: '' + required: + - Destination + - Enabled + additionalProperties: false + AudioLogDestination: + description: The location of audio log files collected when conversation logging is enabled for a bot. + type: object + properties: + S3Bucket: + $ref: '#/components/schemas/S3BucketLogDestination' + required: + - S3Bucket + additionalProperties: false + TextLogDestination: + description: Defines the Amazon CloudWatch Logs destination log group for conversation text logs. + type: object + properties: + CloudWatch: + $ref: '#/components/schemas/CloudWatchLogGroupLogDestination' + required: + - CloudWatch + additionalProperties: false + CloudWatchLogGroupLogDestination: + type: object + properties: + CloudWatchLogGroupArn: + description: A string used to identify the groupArn for the Cloudwatch Log Group + type: string + minLength: 1 + maxLength: 2048 + LogPrefix: + description: A string containing the value for the Log Prefix + type: string + minLength: 0 + maxLength: 1024 + required: + - CloudWatchLogGroupArn + - LogPrefix + additionalProperties: false + S3BucketLogDestination: + description: Specifies an Amazon S3 bucket for logging audio conversations + type: object + properties: + S3BucketArn: + type: string + description: The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored. + minLength: 1 + maxLength: 2048 + pattern: ^arn:[\w\-]+:s3:::[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9]$ + LogPrefix: + type: string + description: The Amazon S3 key of the deployment package. + minLength: 0 + maxLength: 1024 + KmsKeyArn: + type: string + description: The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an S3 bucket. + minLength: 20 + maxLength: 2048 + pattern: ^arn:[\w\-]+:kms:[\w\-]+:[\d]{12}:(?:key\/[\w\-]+|alias\/[a-zA-Z0-9:\/_\-]{1,256})$ + required: + - LogPrefix + - S3BucketArn + additionalProperties: false + TestBotAliasSettings: + description: Configuring the test bot alias settings for a given bot + type: object + properties: + BotAliasLocaleSettings: + $ref: '#/components/schemas/BotAliasLocaleSettingsList' + ConversationLogSettings: + $ref: '#/components/schemas/ConversationLogSettings' + Description: + $ref: '#/components/schemas/Description' + SentimentAnalysisSettings: + description: Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances. + type: object + properties: + DetectSentiment: + type: boolean + description: Enable to call Amazon Comprehend for Sentiment natively within Lex + required: + - DetectSentiment + additionalProperties: false + additionalProperties: false + RoleArn: + description: The Amazon Resource Name (ARN) of an IAM role that has permission to access the bot. + type: string + minLength: 32 + maxLength: 2048 + pattern: ^arn:aws[a-zA-Z-]*:iam::[0-9]{12}:role/.*$ + Id: + description: Unique ID of resource + type: string + minLength: 10 + maxLength: 10 + pattern: ^[0-9a-zA-Z]+$ + BotArn: + type: string + minLength: 1 + maxLength: 1011 + pattern: ^arn:aws[a-zA-Z-]*:lex:[a-z]+-[a-z]+-[0-9]:[0-9]{12}:bot/[0-9a-zA-Z]+$ + Name: + description: A unique identifier for a resource. + type: string + minLength: 1 + maxLength: 100 + pattern: ^([0-9a-zA-Z][_-]?)+$ + Description: + description: A description of the version. Use the description to help identify the version in lists. + type: string + maxLength: 200 + DataPrivacy: + description: Provides information on additional privacy protections Amazon Lex should use with the bot's data. + type: object + properties: + ChildDirected: + type: boolean + description: Specify whether your use of Amazon Lex is related to application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA). + required: + - ChildDirected + additionalProperties: false + IdleSessionTTLInSeconds: + description: The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot. + type: integer + minimum: 60 + maximum: 86400 + Utterance: + description: The sample utterance that Amazon Lex uses to build its machine-learning model to recognize intents/slots. + type: string + SampleUtterance: + description: A sample utterance that invokes an intent or respond to a slot elicitation prompt. + type: object + properties: + Utterance: + $ref: '#/components/schemas/Utterance' + required: + - Utterance + additionalProperties: false + SampleUtterancesList: + description: An array of sample utterances + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SampleUtterance' + Tag: + description: A label for tagging Lex resources + type: object + properties: + Key: + description: A string used to identify this tag + type: string + minLength: 1 + maxLength: 128 + Value: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + LocaleId: + description: The identifier of the language and locale that the bot will be used in. + type: string + VoiceSettings: + description: Settings for using an Amazon Polly voice to communicate with a user. + type: object + properties: + VoiceId: + type: string + description: The Amazon Polly voice ID that Amazon Lex uses for voice interaction with the user. + Engine: + type: string + description: Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the engine parameter of the SynthesizeSpeech operation in the Amazon Polly developer guide. + enum: + - standard + - neural + required: + - VoiceId + additionalProperties: false + ConfidenceThreshold: + description: The specified confidence threshold for inserting the AMAZON.FallbackIntent and AMAZON.KendraSearchIntent intents. + type: number + minimum: 0 + maximum: 1 + ParentIntentSignature: + description: A unique identifier for the built-in intent to base this intent on. + type: string + DialogCodeHookSetting: + description: Settings that determine the Lambda function that Amazon Lex uses for processing user responses. + type: object + properties: + Enabled: + type: boolean + required: + - Enabled + additionalProperties: false + FulfillmentStartResponseSpecification: + description: Provides settings for a message that is sent to the user when a fulfillment Lambda function starts running. + type: object + properties: + MessageGroups: + $ref: '#/components/schemas/MessageGroupsList' + DelayInSeconds: + description: The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played. + type: integer + minimum: 1 + maximum: 900 + AllowInterrupt: + description: Determines whether the user can interrupt the start message while it is playing. + type: boolean + required: + - DelayInSeconds + - MessageGroups + additionalProperties: false + FulfillmentUpdateResponseSpecification: + description: Provides settings for a message that is sent periodically to the user while a fulfillment Lambda function is running. + type: object + properties: + MessageGroups: + $ref: '#/components/schemas/MessageGroupsList' + FrequencyInSeconds: + description: The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user. + type: integer + minimum: 1 + maximum: 900 + AllowInterrupt: + description: Determines whether the user can interrupt an update message while it is playing. + type: boolean + required: + - FrequencyInSeconds + - MessageGroups + additionalProperties: false + FulfillmentUpdatesSpecification: + description: Provides information for updating the user on the progress of fulfilling an intent. + type: object + properties: + StartResponse: + $ref: '#/components/schemas/FulfillmentStartResponseSpecification' + UpdateResponse: + $ref: '#/components/schemas/FulfillmentUpdateResponseSpecification' + TimeoutInSeconds: + description: The length of time that the fulfillment Lambda function should run before it times out. + type: integer + minimum: 1 + maximum: 900 + Active: + description: Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent. + type: boolean + required: + - Active + additionalProperties: false + PostFulfillmentStatusSpecification: + description: Provides a setting that determines whether the post-fulfillment response is sent to the user. + type: object + properties: + SuccessResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + SuccessNextStep: + description: Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully. + $ref: '#/components/schemas/DialogState' + SuccessConditional: + description: A list of conditional branches to evaluate after the fulfillment code hook finishes successfully. + $ref: '#/components/schemas/ConditionalSpecification' + FailureResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + FailureNextStep: + description: Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed. + $ref: '#/components/schemas/DialogState' + FailureConditional: + description: A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed. + $ref: '#/components/schemas/ConditionalSpecification' + TimeoutResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + TimeoutNextStep: + description: Specifies the next step that the bot runs when the fulfillment code hook times out. + $ref: '#/components/schemas/DialogState' + TimeoutConditional: + description: A list of conditional branches to evaluate if the fulfillment code hook times out. + $ref: '#/components/schemas/ConditionalSpecification' + required: [] + additionalProperties: false + FulfillmentCodeHookSetting: + description: Settings that determine if a Lambda function should be invoked to fulfill a specific intent. + type: object + properties: + FulfillmentUpdatesSpecification: + $ref: '#/components/schemas/FulfillmentUpdatesSpecification' + PostFulfillmentStatusSpecification: + $ref: '#/components/schemas/PostFulfillmentStatusSpecification' + Enabled: + type: boolean + IsActive: + description: Determines whether the fulfillment code hook is used. When active is false, the code hook doesn't run. + type: boolean + required: + - Enabled + additionalProperties: false + Button: + description: A button to use on a response card used to gather slot values from a user. + type: object + properties: + Text: + description: The text that appears on the button. + type: string + minLength: 1 + maxLength: 50 + Value: + description: The value returned to Amazon Lex when the user chooses this button. + type: string + minLength: 1 + maxLength: 50 + required: + - Text + - Value + additionalProperties: false + AttachmentTitle: + type: string + minLength: 1 + maxLength: 250 + AttachmentUrl: + type: string + minLength: 1 + maxLength: 250 + ImageResponseCard: + description: A message that defines a response card that the client application can show to the user. + type: object + properties: + Title: + description: The title to display on the response card. + $ref: '#/components/schemas/AttachmentTitle' + Subtitle: + description: The subtitle to display on the response card. + $ref: '#/components/schemas/AttachmentTitle' + ImageUrl: + description: The URL of an image to display on the response card. + $ref: '#/components/schemas/AttachmentUrl' + Buttons: + description: A list of buttons that should be displayed on the response card. + type: array + maxItems: 5 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Button' + required: + - Title + additionalProperties: false + PlainTextMessage: + description: A message in plain text format. + type: object + properties: + Value: + description: The message to send to the user. + type: string + minLength: 1 + maxLength: 1000 + required: + - Value + additionalProperties: false + CustomPayload: + description: A message in a custom format defined by the client application. + type: object + properties: + Value: + description: The string that is sent to your application. + type: string + minLength: 1 + maxLength: 1000 + required: + - Value + additionalProperties: false + SSMLMessage: + description: A message in Speech Synthesis Markup Language (SSML). + type: object + properties: + Value: + description: The SSML text that defines the prompt. + type: string + minLength: 1 + maxLength: 1000 + required: + - Value + additionalProperties: false + Message: + description: The primary message that Amazon Lex should send to the user. + type: object + properties: + PlainTextMessage: + $ref: '#/components/schemas/PlainTextMessage' + CustomPayload: + $ref: '#/components/schemas/CustomPayload' + SSMLMessage: + $ref: '#/components/schemas/SSMLMessage' + ImageResponseCard: + $ref: '#/components/schemas/ImageResponseCard' + required: [] + additionalProperties: false + MessageGroup: + description: One or more messages that Amazon Lex can send to the user. + type: object + properties: + Message: + $ref: '#/components/schemas/Message' + Variations: + description: Message variations to send to the user. + type: array + maxItems: 2 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Message' + required: + - Message + additionalProperties: false + MessageGroupsList: + description: One to 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user. + type: array + minItems: 1 + maxItems: 5 + x-insertionOrder: false + items: + $ref: '#/components/schemas/MessageGroup' + PromptMaxRetries: + description: The maximum number of times the bot tries to elicit a response from the user using this prompt. + type: integer + minimum: 0 + maximum: 5 + MessageSelectionStrategy: + description: Indicates how a message is selected from a message group among retries. + type: string + enum: + - Random + - Ordered + AllowedInputTypes: + description: Specifies the allowed input types. + type: object + properties: + AllowAudioInput: + description: Indicates whether audio input is allowed. + type: boolean + AllowDTMFInput: + description: Indicates whether DTMF input is allowed. + type: boolean + required: + - AllowAudioInput + - AllowDTMFInput + additionalProperties: false + DTMFSpecification: + description: Specifies the settings on DTMF input. + type: object + properties: + DeletionCharacter: + description: The DTMF character that clears the accumulated DTMF digits and immediately ends the input. + type: string + pattern: ^[A-D0-9#*]{1}$ + EndCharacter: + description: The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout. + type: string + pattern: ^[A-D0-9#*]{1}$ + EndTimeoutMs: + description: How long the bot should wait after the last DTMF character input before assuming that the input has concluded. + type: integer + minimum: 1 + MaxLength: + description: The maximum number of DTMF digits allowed in an utterance. + type: integer + minimum: 1 + maximum: 1024 + required: + - DeletionCharacter + - EndCharacter + - EndTimeoutMs + - MaxLength + additionalProperties: false + AudioSpecification: + description: Specifies the audio input specifications. + type: object + properties: + EndTimeoutMs: + description: Time for which a bot waits after the customer stops speaking to assume the utterance is finished. + type: integer + minimum: 1 + MaxLengthMs: + description: Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application. + type: integer + minimum: 1 + required: + - EndTimeoutMs + - MaxLengthMs + additionalProperties: false + AudioAndDTMFInputSpecification: + description: Specifies the audio and DTMF input specification. + type: object + properties: + StartTimeoutMs: + description: Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs. + type: integer + minimum: 1 + DTMFSpecification: + $ref: '#/components/schemas/DTMFSpecification' + AudioSpecification: + $ref: '#/components/schemas/AudioSpecification' + required: + - StartTimeoutMs + additionalProperties: false + TextInputSpecification: + description: Specifies the text input specifications. + type: object + properties: + StartTimeoutMs: + description: Time for which a bot waits before re-prompting a customer for text input. + type: integer + minimum: 1 + required: + - StartTimeoutMs + additionalProperties: false + PromptAttemptSpecification: + description: Specifies the settings on a prompt attempt. + type: object + properties: + AllowedInputTypes: + $ref: '#/components/schemas/AllowedInputTypes' + AllowInterrupt: + description: Indicates whether the user can interrupt a speech prompt attempt from the bot. + type: boolean + AudioAndDTMFInputSpecification: + $ref: '#/components/schemas/AudioAndDTMFInputSpecification' + TextInputSpecification: + $ref: '#/components/schemas/TextInputSpecification' + required: + - AllowedInputTypes + additionalProperties: false + PromptSpecification: + description: Prompts the user to confirm the intent. + type: object + properties: + MessageGroupsList: + $ref: '#/components/schemas/MessageGroupsList' + MaxRetries: + $ref: '#/components/schemas/PromptMaxRetries' + AllowInterrupt: + description: Indicates whether the user can interrupt a speech prompt from the bot. + type: boolean + MessageSelectionStrategy: + $ref: '#/components/schemas/MessageSelectionStrategy' + PromptAttemptsSpecification: + description: Specifies the advanced settings on each attempt of the prompt. + type: object + x-patternProperties: + ^(Initial|Retry1|Retry2|Retry3|Retry4|Retry5)$: + $ref: '#/components/schemas/PromptAttemptSpecification' + additionalProperties: false + required: + - MessageGroupsList + - MaxRetries + additionalProperties: false + ResponseSpecification: + description: A list of message groups that Amazon Lex uses to respond the user input. + type: object + properties: + MessageGroupsList: + $ref: '#/components/schemas/MessageGroupsList' + AllowInterrupt: + description: Indicates whether the user can interrupt a speech prompt from the bot. + type: boolean + required: + - MessageGroupsList + additionalProperties: false + StillWaitingResponseFrequency: + description: How often a message should be sent to the user in seconds. + type: integer + minimum: 1 + maximum: 300 + StillWaitingResponseTimeout: + description: If Amazon Lex waits longer than this length of time in seconds for a response, it will stop sending messages. + type: integer + minimum: 1 + maximum: 900 + StillWaitingResponseSpecification: + description: StillWaitingResponseSpecification. + type: object + properties: + MessageGroupsList: + $ref: '#/components/schemas/MessageGroupsList' + FrequencyInSeconds: + $ref: '#/components/schemas/StillWaitingResponseFrequency' + TimeoutInSeconds: + $ref: '#/components/schemas/StillWaitingResponseTimeout' + AllowInterrupt: + description: Indicates whether the user can interrupt a speech prompt from the bot. + type: boolean + required: + - MessageGroupsList + - FrequencyInSeconds + - TimeoutInSeconds + additionalProperties: false + IntentConfirmationSetting: + description: Provides a prompt for making sure that the user is ready for the intent to be fulfilled. + type: object + properties: + PromptSpecification: + description: Prompts the user to confirm the intent. This question should have a yes or no answer. + $ref: '#/components/schemas/PromptSpecification' + IsActive: + description: Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the active field isn't specified, the default is true. + type: boolean + ConfirmationResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + ConfirmationNextStep: + description: Specifies the next step that the bot executes when the customer confirms the intent. + $ref: '#/components/schemas/DialogState' + ConfirmationConditional: + description: A list of conditional branches to evaluate after the intent is closed. + $ref: '#/components/schemas/ConditionalSpecification' + DeclinationResponse: + description: When the user answers "no" to the question defined in promptSpecification, Amazon Lex responds with this response to acknowledge that the intent was canceled. + $ref: '#/components/schemas/ResponseSpecification' + DeclinationNextStep: + description: Specifies the next step that the bot executes when the customer declines the intent. + $ref: '#/components/schemas/DialogState' + DeclinationConditional: + description: A list of conditional branches to evaluate after the intent is declined. + $ref: '#/components/schemas/ConditionalSpecification' + FailureResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + FailureNextStep: + description: The next step to take in the conversation if the confirmation step fails. + $ref: '#/components/schemas/DialogState' + FailureConditional: + description: Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition. + $ref: '#/components/schemas/ConditionalSpecification' + CodeHook: + description: The DialogCodeHookInvocationSetting object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is InvokeDialogCodeHook. + $ref: '#/components/schemas/DialogCodeHookInvocationSetting' + ElicitationCodeHook: + description: The DialogCodeHookInvocationSetting used when the code hook is invoked during confirmation prompt retries. + $ref: '#/components/schemas/ElicitationCodeHookInvocationSetting' + required: + - PromptSpecification + additionalProperties: false + IntentClosingSetting: + description: Provides a statement the Amazon Lex conveys to the user when the intent is successfully fulfilled. + type: object + properties: + ClosingResponse: + description: The response that Amazon Lex sends to the user when the intent is complete. + $ref: '#/components/schemas/ResponseSpecification' + IsActive: + description: Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the active field isn't specified, the default is true. + type: boolean + Conditional: + description: A list of conditional branches associated with the intent's closing response. These branches are executed when the nextStep attribute is set to EvalutateConditional. + $ref: '#/components/schemas/ConditionalSpecification' + NextStep: + description: Specifies the next step that the bot executes after playing the intent's closing response. + $ref: '#/components/schemas/DialogState' + additionalProperties: false + InputContext: + description: InputContext specified for the intent. + type: object + properties: + Name: + description: The name of the context. + $ref: '#/components/schemas/Name' + required: + - Name + additionalProperties: false + InputContextsList: + description: The list of input contexts specified for the intent. + type: array + maxItems: 5 + x-insertionOrder: false + items: + $ref: '#/components/schemas/InputContext' + ContextTimeToLiveInSeconds: + description: The amount of time, in seconds, that the output context should remain active. + type: integer + minimum: 5 + maximum: 86400 + ContextTurnsToLive: + description: The number of conversation turns that the output context should remain active. + type: integer + minimum: 1 + maximum: 20 + OutputContext: + description: A session context that is activated when an intent is fulfilled. + type: object + properties: + Name: + $ref: '#/components/schemas/Name' + TimeToLiveInSeconds: + $ref: '#/components/schemas/ContextTimeToLiveInSeconds' + TurnsToLive: + $ref: '#/components/schemas/ContextTurnsToLive' + required: + - Name + - TimeToLiveInSeconds + - TurnsToLive + additionalProperties: false + OutputContextsList: + description: A list of contexts that the intent activates when it is fulfilled. + type: array + maxItems: 10 + x-insertionOrder: false + items: + $ref: '#/components/schemas/OutputContext' + KendraIndexArn: + description: The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the AMAZON.KendraSearchIntent intent to search. + type: string + minLength: 32 + maxLength: 2048 + pattern: ^arn:aws[a-zA-Z-]*:kendra:[a-z]+-[a-z]+-[0-9]:[0-9]{12}:index/[a-zA-Z0-9][a-zA-Z0-9_-]*$ + QueryFilterString: + description: A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. + type: string + minLength: 1 + maxLength: 5000 + KendraConfiguration: + description: Configuration for searching a Amazon Kendra index specified for the intent. + type: object + properties: + KendraIndex: + $ref: '#/components/schemas/KendraIndexArn' + QueryFilterStringEnabled: + description: Determines whether the AMAZON.KendraSearchIntent intent uses a custom query string to query the Amazon Kendra index. + type: boolean + QueryFilterString: + $ref: '#/components/schemas/QueryFilterString' + required: + - KendraIndex + additionalProperties: false + PriorityValue: + description: The priority that a slot should be elicited. + type: integer + minimum: 0 + maximum: 100 + SlotPriority: + description: The priority that Amazon Lex should use when eliciting slot values from a user. + type: object + properties: + Priority: + $ref: '#/components/schemas/PriorityValue' + SlotName: + description: The name of the slot. + $ref: '#/components/schemas/Name' + required: + - SlotName + - Priority + additionalProperties: false + SlotPrioritiesList: + description: List for slot priorities + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SlotPriority' + Intent: + description: Represents an action that the user wants to perform. + type: object + properties: + Name: + description: The name of the intent. + $ref: '#/components/schemas/Name' + Description: + description: Description of thr intent. + $ref: '#/components/schemas/Description' + ParentIntentSignature: + $ref: '#/components/schemas/ParentIntentSignature' + SampleUtterances: + description: A sample utterance that invokes an intent or respond to a slot elicitation prompt. + $ref: '#/components/schemas/SampleUtterancesList' + DialogCodeHook: + $ref: '#/components/schemas/DialogCodeHookSetting' + FulfillmentCodeHook: + $ref: '#/components/schemas/FulfillmentCodeHookSetting' + IntentConfirmationSetting: + $ref: '#/components/schemas/IntentConfirmationSetting' + IntentClosingSetting: + $ref: '#/components/schemas/IntentClosingSetting' + InitialResponseSetting: + description: Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots. + $ref: '#/components/schemas/InitialResponseSetting' + InputContexts: + $ref: '#/components/schemas/InputContextsList' + OutputContexts: + $ref: '#/components/schemas/OutputContextsList' + KendraConfiguration: + $ref: '#/components/schemas/KendraConfiguration' + SlotPriorities: + $ref: '#/components/schemas/SlotPrioritiesList' + Slots: + description: List of slots + type: array + maxItems: 100 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Slot' + required: + - Name + additionalProperties: false + ParentSlotTypeSignature: + description: The built-in slot type used as a parent of this slot type. + type: string + SlotTypeName: + description: The slot type name that is used in the slot. Allows for custom and built-in slot type names + type: string + SampleValue: + description: Defines one of the values for a slot type. + type: object + properties: + Value: + description: The value that can be used for a slot type. + type: string + minLength: 1 + maxLength: 140 + required: + - Value + additionalProperties: false + SynonymList: + description: Additional values related to the slot type entry. + type: array + maxItems: 10000 + x-insertionOrder: false + items: + $ref: '#/components/schemas/SampleValue' + SlotTypeValue: + description: Value that the slot type can take. + type: object + properties: + SampleValue: + $ref: '#/components/schemas/SampleValue' + Synonyms: + $ref: '#/components/schemas/SynonymList' + required: + - SampleValue + additionalProperties: false + SlotTypeValues: + description: A List of slot type values + type: array + maxItems: 10000 + x-insertionOrder: false + items: + $ref: '#/components/schemas/SlotTypeValue' + SlotValueResolutionStrategy: + type: string + enum: + - ORIGINAL_VALUE + - TOP_RESOLUTION + SlotValueRegexFilter: + description: A regular expression used to validate the value of a slot. + type: object + properties: + Pattern: + description: Regex pattern + type: string + minLength: 1 + maxLength: 300 + required: + - Pattern + additionalProperties: false + AudioRecognitionStrategy: + description: Enables using slot values as a custom vocabulary when recognizing user utterances. + type: string + enum: + - UseSlotValuesAsCustomVocabulary + AdvancedRecognitionSetting: + description: Provides settings that enable advanced recognition settings for slot values. + type: object + properties: + AudioRecognitionStrategy: + $ref: '#/components/schemas/AudioRecognitionStrategy' + additionalProperties: false + SlotValueSelectionSetting: + description: Contains settings used by Amazon Lex to select a slot value. + type: object + properties: + ResolutionStrategy: + $ref: '#/components/schemas/SlotValueResolutionStrategy' + RegexFilter: + $ref: '#/components/schemas/SlotValueRegexFilter' + AdvancedRecognitionSetting: + $ref: '#/components/schemas/AdvancedRecognitionSetting' + required: + - ResolutionStrategy + additionalProperties: false + S3BucketName: + type: string + minLength: 3 + maxLength: 63 + pattern: ^[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9]$ + S3ObjectKey: + type: string + minLength: 1 + maxLength: 1024 + pattern: '[\.\-\!\*\_\''\(\)a-zA-Z0-9][\.\-\!\*\_\''\(\)\/a-zA-Z0-9]*$' + GrammarSlotTypeSource: + description: Describes the Amazon S3 bucket name and location for the grammar that is the source for the slot type. + type: object + properties: + S3BucketName: + description: The name of the S3 bucket that contains the grammar source. + $ref: '#/components/schemas/S3BucketName' + S3ObjectKey: + description: The path to the grammar in the S3 bucket. + $ref: '#/components/schemas/S3ObjectKey' + KmsKeyArn: + description: The Amazon KMS key required to decrypt the contents of the grammar, if any. + type: string + minLength: 20 + maxLength: 2048 + pattern: ^arn:[\w\-]+:kms:[\w\-]+:[\d]{12}:(?:key\/[\w\-]+|alias\/[a-zA-Z0-9:\/_\-]{1,256})$ + required: + - S3BucketName + - S3ObjectKey + additionalProperties: false + GrammarSlotTypeSetting: + description: Settings required for a slot type based on a grammar that you provide. + type: object + properties: + Source: + $ref: '#/components/schemas/GrammarSlotTypeSource' + additionalProperties: false + ExternalSourceSetting: + description: Provides information about the external source of the slot type's definition. + type: object + properties: + GrammarSlotTypeSetting: + $ref: '#/components/schemas/GrammarSlotTypeSetting' + additionalProperties: false + SlotType: + description: A custom, extended built-in or a grammar slot type. + type: object + properties: + Name: + $ref: '#/components/schemas/Name' + Description: + $ref: '#/components/schemas/Description' + ParentSlotTypeSignature: + $ref: '#/components/schemas/ParentSlotTypeSignature' + SlotTypeValues: + $ref: '#/components/schemas/SlotTypeValues' + ValueSelectionSetting: + $ref: '#/components/schemas/SlotValueSelectionSetting' + ExternalSourceSetting: + $ref: '#/components/schemas/ExternalSourceSetting' + required: + - Name + additionalProperties: false + CustomVocabularyItem: + description: A custom vocabulary item that contains the phrase to recognize and a weight to give the boost. + type: object + properties: + Phrase: + description: Phrase that should be recognized. + type: string + minLength: 1 + maxLength: 100 + Weight: + description: The degree to which the phrase recognition is boosted. The weight 0 means that no boosting will be applied and the entry will only be used for performing replacements using the displayAs field. + type: integer + minimum: 0 + maximum: 3 + DisplayAs: + description: Defines how you want your phrase to look in your transcription output. + type: string + minLength: 1 + maxLength: 100 + required: + - Phrase + additionalProperties: false + CustomVocabularyItems: + type: array + maxItems: 500 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/CustomVocabularyItem' + CustomVocabulary: + description: A custom vocabulary is a list of specific phrases that you want Amazon Lex V2 to recognize in the audio input. + type: object + properties: + CustomVocabularyItems: + $ref: '#/components/schemas/CustomVocabularyItems' + required: + - CustomVocabularyItems + additionalProperties: false + SlotDefaultValue: + description: The default value to use when a user doesn't provide a value for a slot. + type: object + properties: + DefaultValue: + description: The default value to use when a user doesn't provide a value for a slot. + type: string + minLength: 1 + maxLength: 202 + required: + - DefaultValue + additionalProperties: false + SlotDefaultValueSpecification: + description: A list of values that Amazon Lex should use as the default value for a slot. + type: object + properties: + DefaultValueList: + description: A list of slot default values + type: array + maxItems: 10 + x-insertionOrder: false + items: + $ref: '#/components/schemas/SlotDefaultValue' + required: + - DefaultValueList + additionalProperties: false + SlotConstraint: + type: string + enum: + - Required + - Optional + WaitAndContinueSpecification: + description: The prompts that Amazon Lex uses while a bot is waiting for customer input. + type: object + properties: + WaitingResponse: + description: The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue. + $ref: '#/components/schemas/ResponseSpecification' + ContinueResponse: + description: The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation. + $ref: '#/components/schemas/ResponseSpecification' + StillWaitingResponse: + description: The response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user. + $ref: '#/components/schemas/StillWaitingResponseSpecification' + IsActive: + description: Specifies whether the bot will wait for a user to respond. + type: boolean + required: + - WaitingResponse + - ContinueResponse + additionalProperties: false + SlotValueElicitationSetting: + description: Settings that you can use for eliciting a slot value. + type: object + properties: + DefaultValueSpecification: + description: A list of default values for a slot. + $ref: '#/components/schemas/SlotDefaultValueSpecification' + SlotConstraint: + description: Specifies whether the slot is required or optional. + $ref: '#/components/schemas/SlotConstraint' + PromptSpecification: + description: The prompt that Amazon Lex uses to elicit the slot value from the user. + $ref: '#/components/schemas/PromptSpecification' + SampleUtterances: + description: If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. + $ref: '#/components/schemas/SampleUtterancesList' + WaitAndContinueSpecification: + description: Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input. + $ref: '#/components/schemas/WaitAndContinueSpecification' + SlotCaptureSetting: + description: Specifies the next stage in the conversation after capturing the slot. + $ref: '#/components/schemas/SlotCaptureSetting' + required: + - SlotConstraint + additionalProperties: false + ObfuscationSetting: + description: Determines whether Amazon Lex obscures slot values in conversation logs. + type: object + properties: + ObfuscationSettingType: + description: Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values. + type: string + enum: + - None + - DefaultObfuscation + required: + - ObfuscationSettingType + additionalProperties: false + MultipleValuesSetting: + description: Indicates whether a slot can return multiple values. + type: object + properties: + AllowMultipleValues: + type: boolean + required: [] + additionalProperties: false + Slot: + description: A slot is a variable needed to fulfill an intent, where an intent can require zero or more slots. + type: object + properties: + Name: + $ref: '#/components/schemas/Name' + Description: + $ref: '#/components/schemas/Description' + SlotTypeName: + $ref: '#/components/schemas/SlotTypeName' + ValueElicitationSetting: + $ref: '#/components/schemas/SlotValueElicitationSetting' + ObfuscationSetting: + $ref: '#/components/schemas/ObfuscationSetting' + MultipleValuesSetting: + $ref: '#/components/schemas/MultipleValuesSetting' + required: + - Name + - SlotTypeName + - ValueElicitationSetting + additionalProperties: false + BotLocale: + description: A locale in the bot, which contains the intents and slot types that the bot uses in conversations with users in the specified language and locale. + type: object + properties: + LocaleId: + $ref: '#/components/schemas/LocaleId' + Description: + $ref: '#/components/schemas/Description' + VoiceSettings: + $ref: '#/components/schemas/VoiceSettings' + NluConfidenceThreshold: + $ref: '#/components/schemas/ConfidenceThreshold' + Intents: + description: List of intents + type: array + maxItems: 1000 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Intent' + SlotTypes: + description: List of SlotTypes + type: array + maxItems: 250 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/SlotType' + CustomVocabulary: + $ref: '#/components/schemas/CustomVocabulary' + required: + - LocaleId + - NluConfidenceThreshold + additionalProperties: false + S3Location: + description: S3 location of bot definitions zip file, if it's not defined inline in CloudFormation. + type: object + properties: + S3Bucket: + description: An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account. + $ref: '#/components/schemas/S3BucketName' + S3ObjectKey: + description: The Amazon S3 key of the deployment package. + $ref: '#/components/schemas/S3ObjectKey' + S3ObjectVersion: + type: string + description: For versioned objects, the version of the deployment package object to use. If not specified, the current object version will be used. + minLength: 1 + maxLength: 1024 + required: + - S3Bucket + - S3ObjectKey + additionalProperties: false + Condition: + description: Provides an expression that evaluates to true or false. + type: object + properties: + ExpressionString: + description: The expression string that is evaluated. + $ref: '#/components/schemas/ConditionExpression' + required: + - ExpressionString + additionalProperties: false + Conditional: + description: Contains conditional branches to fork the conversation flow. + type: object + properties: + IsActive: + type: boolean + ConditionalBranches: + $ref: '#/components/schemas/ConditionalBranches' + required: + - IsActive + - ConditionalBranches + additionalProperties: false + ConditionalSpecification: + description: Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition. + type: object + properties: + IsActive: + description: Determines whether a conditional branch is active. When active is false, the conditions are not evaluated. + type: boolean + ConditionalBranches: + description: A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. + $ref: '#/components/schemas/ConditionalBranches' + DefaultBranch: + description: The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step. + $ref: '#/components/schemas/DefaultConditionalBranch' + required: + - IsActive + - ConditionalBranches + - DefaultBranch + additionalProperties: false + DefaultConditionalBranch: + description: A set of actions that Amazon Lex should run if none of the other conditions are met. + type: object + properties: + NextStep: + description: The next step in the conversation. + $ref: '#/components/schemas/DialogState' + Response: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + additionalProperties: false + ConditionalBranch: + description: A set of actions that Amazon Lex should run if the condition is matched. + type: object + properties: + Name: + description: The name of the branch. + $ref: '#/components/schemas/Name' + Condition: + description: Contains the expression to evaluate. If the condition is true, the branch's actions are taken. + $ref: '#/components/schemas/Condition' + NextStep: + description: The next step in the conversation. + $ref: '#/components/schemas/DialogState' + Response: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + required: + - Name + - Condition + - NextStep + additionalProperties: false + ConditionalBranches: + description: A list of 1 to 4 conditional branches to fork the conversation flow. + type: array + minItems: 1 + maxItems: 4 + x-insertionOrder: true + items: + $ref: '#/components/schemas/ConditionalBranch' + InitialResponseSetting: + description: Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots. + type: object + properties: + InitialResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + NextStep: + description: The next step in the conversation. + $ref: '#/components/schemas/DialogState' + Conditional: + description: Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition. + $ref: '#/components/schemas/ConditionalSpecification' + CodeHook: + description: Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation. + $ref: '#/components/schemas/DialogCodeHookInvocationSetting' + additionalProperties: false + ConditionExpression: + description: Expression that is evaluated to true or false at runtime. + type: string + minLength: 1 + maxLength: 1024 + DialogCodeHookInvocationSetting: + description: Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation. + type: object + properties: + EnableCodeHookInvocation: + description: Indicates whether a Lambda function should be invoked for the dialog. + type: boolean + IsActive: + description: Determines whether a dialog code hook is used when the intent is activated. + type: boolean + InvocationLabel: + description: A label that indicates the dialog step from which the dialog code hook is happening. + $ref: '#/components/schemas/Name' + PostCodeHookSpecification: + description: Contains the responses and actions that Amazon Lex takes after the Lambda function is complete. + $ref: '#/components/schemas/PostDialogCodeHookInvocationSpecification' + required: + - IsActive + - EnableCodeHookInvocation + - PostCodeHookSpecification + additionalProperties: false + ElicitationCodeHookInvocationSetting: + description: Settings that specify the dialog code hook that is called by Amazon Lex between eliciting slot values. + type: object + properties: + EnableCodeHookInvocation: + description: Indicates whether a Lambda function should be invoked for the dialog. + type: boolean + InvocationLabel: + description: A label that indicates the dialog step from which the dialog code hook is happening. + $ref: '#/components/schemas/Name' + required: + - EnableCodeHookInvocation + additionalProperties: false + PostDialogCodeHookInvocationSpecification: + description: Specifies next steps to run after the dialog code hook finishes. + type: object + properties: + SuccessResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + SuccessNextStep: + description: Specifics the next step the bot runs after the dialog code hook finishes successfully. + $ref: '#/components/schemas/DialogState' + SuccessConditional: + description: A list of conditional branches to evaluate after the dialog code hook finishes successfully. + $ref: '#/components/schemas/ConditionalSpecification' + FailureResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + FailureNextStep: + description: Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed. + $ref: '#/components/schemas/DialogState' + FailureConditional: + description: A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed. + $ref: '#/components/schemas/ConditionalSpecification' + TimeoutResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + TimeoutNextStep: + description: Specifies the next step that the bot runs when the code hook times out. + $ref: '#/components/schemas/DialogState' + TimeoutConditional: + description: A list of conditional branches to evaluate if the code hook times out. + $ref: '#/components/schemas/ConditionalSpecification' + additionalProperties: false + DialogState: + description: The current state of the conversation with the user. + type: object + properties: + DialogAction: + description: Defines the action that the bot executes at runtime when the conversation reaches this step. + $ref: '#/components/schemas/DialogAction' + Intent: + description: Override settings to configure the intent state. + $ref: '#/components/schemas/IntentOverride' + SessionAttributes: + description: List of session attributes to be applied when the conversation reaches this step. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SessionAttribute' + additionalProperties: false + DialogAction: + description: Defines the action that the bot executes at runtime when the conversation reaches this step. + type: object + properties: + Type: + description: The action that the bot should execute. + $ref: '#/components/schemas/DialogActionType' + SlotToElicit: + description: If the dialog action is ElicitSlot, defines the slot to elicit from the user. + $ref: '#/components/schemas/Name' + SuppressNextMessage: + description: When true the next message for the intent is not used. + type: boolean + required: + - Type + additionalProperties: false + DialogActionType: + description: The possible values of actions that the conversation can take. + type: string + enum: + - CloseIntent + - ConfirmIntent + - ElicitIntent + - ElicitSlot + - StartIntent + - FulfillIntent + - EndConversation + - EvaluateConditional + - InvokeDialogCodeHook + SessionAttribute: + description: Key/value pair representing session-specific context information. It contains application information passed between Amazon Lex and a client application. + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 1024 + Value: + type: string + minLength: 0 + maxLength: 1024 + required: + - Key + additionalProperties: false + IntentOverride: + description: Override settings to configure the intent state. + type: object + properties: + Name: + description: The name of the intent. Only required when you're switching intents. + $ref: '#/components/schemas/Name' + Slots: + description: A map of all of the slot value overrides for the intent. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SlotValueOverrideMap' + additionalProperties: false + SlotValueOverrideMap: + description: A map of slot names and their overridden values. + type: object + properties: + SlotName: + $ref: '#/components/schemas/Name' + SlotValueOverride: + $ref: '#/components/schemas/SlotValueOverride' + additionalProperties: false + SlotValueOverride: + description: The slot values that Amazon Lex uses when it sets slot values in a dialog step. + type: object + properties: + Shape: + description: When the shape value is List, it indicates that the values field contains a list of slot values. When the value is Scalar, it indicates that the value field contains a single value. + $ref: '#/components/schemas/SlotShape' + Value: + description: The current value of the slot. + $ref: '#/components/schemas/SlotValue' + Values: + description: A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be "pepperoni" and "pineapple." + $ref: '#/components/schemas/SlotValues' + additionalProperties: false + SlotValue: + description: The value to set in a slot. + type: object + properties: + InterpretedValue: + description: The value that Amazon Lex determines for the slot. + type: string + minLength: 1 + maxLength: 202 + additionalProperties: false + SlotValues: + description: An array of values that slots should be set to + type: array + items: + $ref: '#/components/schemas/SlotValueOverride' + SlotShape: + description: The different shapes that a slot can be in during a conversation. + type: string + enum: + - Scalar + - List + SlotCaptureSetting: + description: Settings used when Amazon Lex successfully captures a slot value from a user. + type: object + properties: + CaptureResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + CaptureNextStep: + description: Specifies the next step that the bot runs when the slot value is captured before the code hook times out. + $ref: '#/components/schemas/DialogState' + CaptureConditional: + description: A list of conditional branches to evaluate after the slot value is captured. + $ref: '#/components/schemas/ConditionalSpecification' + FailureResponse: + description: Specifies a list of message groups that Amazon Lex uses to respond the user input. + $ref: '#/components/schemas/ResponseSpecification' + FailureNextStep: + description: Specifies the next step that the bot runs when the slot value code is not recognized. + $ref: '#/components/schemas/DialogState' + FailureConditional: + description: A list of conditional branches to evaluate when the slot value isn't captured. + $ref: '#/components/schemas/ConditionalSpecification' + CodeHook: + description: Code hook called after Amazon Lex successfully captures a slot value. + $ref: '#/components/schemas/DialogCodeHookInvocationSetting' + ElicitationCodeHook: + description: Code hook called when Amazon Lex doesn't capture a slot value. + $ref: '#/components/schemas/ElicitationCodeHookInvocationSetting' + additionalProperties: false + Bot: + type: object + properties: + Id: + $ref: '#/components/schemas/Id' + Arn: + $ref: '#/components/schemas/BotArn' + Name: + $ref: '#/components/schemas/Name' + Description: + $ref: '#/components/schemas/Description' + RoleArn: + $ref: '#/components/schemas/RoleArn' + DataPrivacy: + description: Data privacy setting of the Bot. + type: object + properties: + ChildDirected: + type: boolean + description: '' + required: + - ChildDirected + additionalProperties: false + IdleSessionTTLInSeconds: + description: IdleSessionTTLInSeconds of the resource + type: integer + minimum: 60 + maximum: 86400 + BotLocales: + description: List of bot locales + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/BotLocale' + BotFileS3Location: + $ref: '#/components/schemas/S3Location' + BotTags: + description: A list of tags to add to the bot, which can only be added at bot creation. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TestBotAliasTags: + description: A list of tags to add to the test alias for a bot, , which can only be added at bot/bot alias creation. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AutoBuildBotLocales: + description: Specifies whether to build the bot locales after bot creation completes. + type: boolean + TestBotAliasSettings: + $ref: '#/components/schemas/TestBotAliasSettings' + required: + - Name + - RoleArn + - DataPrivacy + - IdleSessionTTLInSeconds + x-stackql-resource-name: bot + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - iam:PassRole + - lex:DescribeBot + - lex:CreateUploadUrl + - lex:StartImport + - lex:DescribeImport + - lex:ListTagsForResource + - lex:TagResource + - lex:CreateBot + - lex:CreateBotLocale + - lex:CreateIntent + - lex:CreateSlot + - lex:CreateSlotType + - lex:UpdateBot + - lex:UpdateBotLocale + - lex:UpdateIntent + - lex:UpdateSlot + - lex:UpdateSlotType + - lex:DeleteBotLocale + - lex:DeleteIntent + - lex:DeleteSlot + - lex:DeleteSlotType + - lex:DescribeBotLocale + - lex:BuildBotLocale + - lex:ListBots + - lex:ListBotLocales + - lex:CreateCustomVocabulary + - lex:UpdateCustomVocabulary + - lex:DeleteCustomVocabulary + - s3:GetObject + - lex:UpdateBotAlias + read: + - lex:DescribeBot + - lex:ListTagsForResource + update: + - iam:PassRole + - lex:DescribeBot + - lex:CreateUploadUrl + - lex:StartImport + - lex:DescribeImport + - lex:ListTagsForResource + - lex:TagResource + - lex:UntagResource + - lex:CreateBot + - lex:CreateBotLocale + - lex:CreateIntent + - lex:CreateSlot + - lex:CreateSlotType + - lex:UpdateBot + - lex:UpdateBotLocale + - lex:UpdateIntent + - lex:UpdateSlot + - lex:UpdateSlotType + - lex:DeleteBotLocale + - lex:DeleteIntent + - lex:DeleteSlot + - lex:DeleteSlotType + - lex:DescribeBotLocale + - lex:BuildBotLocale + - lex:ListBots + - lex:ListBotLocales + - lex:CreateCustomVocabulary + - lex:UpdateCustomVocabulary + - lex:DeleteCustomVocabulary + - s3:GetObject + - lex:UpdateBotAlias + delete: + - lex:DeleteBot + - lex:DescribeBot + - lex:DeleteBotLocale + - lex:DeleteIntent + - lex:DeleteSlotType + - lex:DeleteSlot + - lex:DeleteBotVersion + - lex:DeleteBotChannel + - lex:DeleteBotAlias + - lex:DeleteCustomVocabulary + list: + - lex:ListBots + BotAliasStatus: + type: string + enum: + - Creating + - Available + - Deleting + - Failed + BotVersion: + type: object + properties: + BotId: + $ref: '#/components/schemas/Id' + BotVersion: + $ref: '#/components/schemas/BotVersion' + Description: + $ref: '#/components/schemas/Description' + BotVersionLocaleSpecification: + $ref: '#/components/schemas/BotVersionLocaleSpecificationList' + required: + - BotId + - BotVersionLocaleSpecification + x-stackql-resource-name: bot_version + x-stackql-primaryIdentifier: + - BotId + - BotVersion + x-create-only-properties: + - BotId + x-read-only-properties: + - BotVersion + x-required-permissions: + create: + - lex:CreateBotVersion + - lex:DescribeBotVersion + - lex:DescribeBot + - lex:DescribeBotLocale + - lex:BuildBotLocale + read: + - lex:DescribeBotVersion + delete: + - lex:DeleteBotVersion + - lex:DescribeBotVersion + list: + - lex:ListBotVersions + Arn: + type: string + maxLength: 1000 + BotAlias: + type: object + properties: + BotAliasId: + $ref: '#/components/schemas/Id' + BotId: + $ref: '#/components/schemas/Id' + Arn: + $ref: '#/components/schemas/Arn' + BotAliasStatus: + $ref: '#/components/schemas/BotAliasStatus' + BotAliasLocaleSettings: + $ref: '#/components/schemas/BotAliasLocaleSettingsList' + BotAliasName: + $ref: '#/components/schemas/Name' + BotVersion: + $ref: '#/components/schemas/BotVersion' + ConversationLogSettings: + $ref: '#/components/schemas/ConversationLogSettings' + Description: + $ref: '#/components/schemas/Description' + SentimentAnalysisSettings: + description: Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances. + type: object + properties: + DetectSentiment: + type: boolean + description: Enable to call Amazon Comprehend for Sentiment natively within Lex + required: + - DetectSentiment + additionalProperties: false + BotAliasTags: + description: A list of tags to add to the bot alias. + type: array + uniqueItems: true + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - BotId + - BotAliasName + x-stackql-resource-name: bot_alias + x-stackql-primaryIdentifier: + - BotAliasId + - BotId + x-create-only-properties: + - BotId + x-read-only-properties: + - BotAliasId + - Arn + - BotAliasStatus + x-required-permissions: + create: + - lex:CreateBotAlias + - lex:DescribeBot + update: + - lex:UpdateBotAlias + - lex:DescribeBotAlias + - lex:ListTagsForResource + - lex:TagResource + - lex:UntagResource + read: + - lex:DescribeBotAlias + delete: + - lex:DeleteBotAlias + list: + - lex:ListBotAliases + BotVersionLocaleDetails: + description: The version of a bot used for a bot locale. + type: object + properties: + SourceBotVersion: + $ref: '#/components/schemas/BotVersion' + required: + - SourceBotVersion + additionalProperties: false + BotVersionLocaleSpecification: + type: object + properties: + LocaleId: + $ref: '#/components/schemas/LocaleId' + BotVersionLocaleDetails: + $ref: '#/components/schemas/BotVersionLocaleDetails' + required: + - LocaleId + - BotVersionLocaleDetails + additionalProperties: false + BotVersionLocaleSpecificationList: + description: Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. + type: array + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/BotVersionLocaleSpecification' + ResourceArn: + description: The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to. + type: string + minLength: 1 + maxLength: 1011 + Policy: + description: A resource policy to add to the resource. The policy is a JSON structure following the IAM syntax that contains one or more statements that define the policy. + type: object + RevisionId: + description: The current revision of the resource policy. Use the revision ID to make sure that you are updating the most current version of a resource policy when you add a policy statement to a resource, delete a resource, or update a resource. + type: string + minLength: 1 + maxLength: 5 + pattern: ^[0-9]+$ + PhysicalId: + description: The Physical ID of the resource policy. + type: string + ResourcePolicy: + type: object + properties: + ResourceArn: + $ref: '#/components/schemas/ResourceArn' + RevisionId: + $ref: '#/components/schemas/RevisionId' + Policy: + $ref: '#/components/schemas/Policy' + Id: + $ref: '#/components/schemas/PhysicalId' + required: + - ResourceArn + - Policy + x-stackql-resource-name: resource_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - RevisionId + x-required-permissions: + create: + - lex:CreateResourcePolicy + - lex:DescribeResourcePolicy + read: + - lex:DescribeResourcePolicy + update: + - lex:UpdateResourcePolicy + - lex:DescribeResourcePolicy + delete: + - lex:DeleteResourcePolicy + - lex:DescribeResourcePolicy + list: + - lex:DescribeResourcePolicy + x-stackQL-resources: + bots: + name: bots + id: awscc.lex.bots + x-cfn-schema-name: Bot + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::Bot' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::Bot' + AND region = 'us-east-1' + bot: + name: bot + id: awscc.lex.bot + x-cfn-schema-name: Bot + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.DataPrivacy') as data_privacy, + JSON_EXTRACT(Properties, '$.IdleSessionTTLInSeconds') as idle_session_tt_lin_seconds, + JSON_EXTRACT(Properties, '$.BotLocales') as bot_locales, + JSON_EXTRACT(Properties, '$.BotFileS3Location') as bot_file_s3_location, + JSON_EXTRACT(Properties, '$.BotTags') as bot_tags, + JSON_EXTRACT(Properties, '$.TestBotAliasTags') as test_bot_alias_tags, + JSON_EXTRACT(Properties, '$.AutoBuildBotLocales') as auto_build_bot_locales, + JSON_EXTRACT(Properties, '$.TestBotAliasSettings') as test_bot_alias_settings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::Bot' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'DataPrivacy') as data_privacy, + json_extract_path_text(Properties, 'IdleSessionTTLInSeconds') as idle_session_tt_lin_seconds, + json_extract_path_text(Properties, 'BotLocales') as bot_locales, + json_extract_path_text(Properties, 'BotFileS3Location') as bot_file_s3_location, + json_extract_path_text(Properties, 'BotTags') as bot_tags, + json_extract_path_text(Properties, 'TestBotAliasTags') as test_bot_alias_tags, + json_extract_path_text(Properties, 'AutoBuildBotLocales') as auto_build_bot_locales, + json_extract_path_text(Properties, 'TestBotAliasSettings') as test_bot_alias_settings + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::Bot' + AND data__Identifier = '' + AND region = 'us-east-1' + bot_versions: + name: bot_versions + id: awscc.lex.bot_versions + x-cfn-schema-name: BotVersion + x-type: list + x-identifiers: + - BotId + - BotVersion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BotId') as bot_id, + JSON_EXTRACT(Properties, '$.BotVersion') as bot_version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::BotVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BotId') as bot_id, + json_extract_path_text(Properties, 'BotVersion') as bot_version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::BotVersion' + AND region = 'us-east-1' + bot_version: + name: bot_version + id: awscc.lex.bot_version + x-cfn-schema-name: BotVersion + x-type: get + x-identifiers: + - BotId + - BotVersion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BotId') as bot_id, + JSON_EXTRACT(Properties, '$.BotVersion') as bot_version, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.BotVersionLocaleSpecification') as bot_version_locale_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::BotVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BotId') as bot_id, + json_extract_path_text(Properties, 'BotVersion') as bot_version, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'BotVersionLocaleSpecification') as bot_version_locale_specification + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::BotVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + bot_aliases: + name: bot_aliases + id: awscc.lex.bot_aliases + x-cfn-schema-name: BotAlias + x-type: list + x-identifiers: + - BotAliasId + - BotId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BotAliasId') as bot_alias_id, + JSON_EXTRACT(Properties, '$.BotId') as bot_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::BotAlias' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BotAliasId') as bot_alias_id, + json_extract_path_text(Properties, 'BotId') as bot_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::BotAlias' + AND region = 'us-east-1' + bot_alias: + name: bot_alias + id: awscc.lex.bot_alias + x-cfn-schema-name: BotAlias + x-type: get + x-identifiers: + - BotAliasId + - BotId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BotAliasId') as bot_alias_id, + JSON_EXTRACT(Properties, '$.BotId') as bot_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.BotAliasStatus') as bot_alias_status, + JSON_EXTRACT(Properties, '$.BotAliasLocaleSettings') as bot_alias_locale_settings, + JSON_EXTRACT(Properties, '$.BotAliasName') as bot_alias_name, + JSON_EXTRACT(Properties, '$.BotVersion') as bot_version, + JSON_EXTRACT(Properties, '$.ConversationLogSettings') as conversation_log_settings, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SentimentAnalysisSettings') as sentiment_analysis_settings, + JSON_EXTRACT(Properties, '$.BotAliasTags') as bot_alias_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::BotAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BotAliasId') as bot_alias_id, + json_extract_path_text(Properties, 'BotId') as bot_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'BotAliasStatus') as bot_alias_status, + json_extract_path_text(Properties, 'BotAliasLocaleSettings') as bot_alias_locale_settings, + json_extract_path_text(Properties, 'BotAliasName') as bot_alias_name, + json_extract_path_text(Properties, 'BotVersion') as bot_version, + json_extract_path_text(Properties, 'ConversationLogSettings') as conversation_log_settings, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SentimentAnalysisSettings') as sentiment_analysis_settings, + json_extract_path_text(Properties, 'BotAliasTags') as bot_alias_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::BotAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_policies: + name: resource_policies + id: awscc.lex.resource_policies + x-cfn-schema-name: ResourcePolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::ResourcePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lex::ResourcePolicy' + AND region = 'us-east-1' + resource_policy: + name: resource_policy + id: awscc.lex.resource_policy + x-cfn-schema-name: ResourcePolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.RevisionId') as revision_id, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'RevisionId') as revision_id, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lex::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/licensemanager.yaml b/providers/src/awscc/v00.00.00000/services/licensemanager.yaml new file mode 100644 index 00000000..c45eea8f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/licensemanager.yaml @@ -0,0 +1,356 @@ +openapi: 3.0.0 +info: + title: LicenseManager + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + type: string + maxLength: 2048 + Grant: + type: object + properties: + GrantArn: + description: Arn of the grant. + $ref: '#/components/schemas/Arn' + GrantName: + description: Name for the created Grant. + type: string + LicenseArn: + description: License Arn for the grant. + $ref: '#/components/schemas/Arn' + HomeRegion: + description: Home region for the created grant. + type: string + Version: + description: The version of the grant. + type: string + AllowedOperations: + type: array + uniqueItems: true + items: + type: string + Principals: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Arn' + Status: + type: string + required: [] + x-stackql-resource-name: grant + x-stackql-primaryIdentifier: + - GrantArn + x-read-only-properties: + - GrantArn + - Version + x-required-permissions: + create: + - license-manager:CreateGrant + read: + - license-manager:GetGrant + update: + - license-manager:CreateGrantVersion + delete: + - license-manager:DeleteGrant + list: + - license-manager:ListDistributedGrants + ValidityDateFormat: + type: object + additionalProperties: false + properties: + Begin: + description: Validity begin date for the license. + type: string + format: date-time + End: + description: Validity begin date for the license. + type: string + format: date-time + required: + - Begin + - End + IssuerData: + type: object + properties: + Name: + type: string + SignKey: + type: string + required: + - Name + additionalProperties: false + Entitlement: + type: object + properties: + Name: + type: string + Value: + type: string + MaxCount: + type: integer + Overage: + type: boolean + Unit: + type: string + AllowCheckIn: + type: boolean + required: + - Name + - Unit + additionalProperties: false + ConsumptionConfiguration: + type: object + properties: + RenewType: + type: string + ProvisionalConfiguration: + $ref: '#/components/schemas/ProvisionalConfiguration' + BorrowConfiguration: + $ref: '#/components/schemas/BorrowConfiguration' + additionalProperties: false + ProvisionalConfiguration: + type: object + properties: + MaxTimeToLiveInMinutes: + type: integer + required: + - MaxTimeToLiveInMinutes + additionalProperties: false + BorrowConfiguration: + type: object + properties: + MaxTimeToLiveInMinutes: + type: integer + AllowEarlyCheckIn: + type: boolean + required: + - MaxTimeToLiveInMinutes + - AllowEarlyCheckIn + additionalProperties: false + Metadata: + type: object + properties: + Name: + type: string + Value: + type: string + required: + - Name + - Value + additionalProperties: false + LicenseStatus: + type: string + License: + type: object + properties: + ProductSKU: + description: ProductSKU of the license. + type: string + minLength: 1 + maxLength: 1024 + Issuer: + $ref: '#/components/schemas/IssuerData' + LicenseName: + description: Name for the created license. + type: string + ProductName: + description: Product name for the created license. + type: string + HomeRegion: + description: Home region for the created license. + type: string + Validity: + $ref: '#/components/schemas/ValidityDateFormat' + Entitlements: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Entitlement' + Beneficiary: + description: Beneficiary of the license. + type: string + ConsumptionConfiguration: + $ref: '#/components/schemas/ConsumptionConfiguration' + LicenseMetadata: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Metadata' + LicenseArn: + description: Amazon Resource Name is a unique name for each resource. + $ref: '#/components/schemas/Arn' + Status: + $ref: '#/components/schemas/LicenseStatus' + Version: + description: The version of the license. + type: string + required: + - LicenseName + - ProductName + - Issuer + - HomeRegion + - Validity + - ConsumptionConfiguration + - Entitlements + x-stackql-resource-name: license + x-stackql-primaryIdentifier: + - LicenseArn + x-read-only-properties: + - LicenseArn + - Version + x-required-permissions: + create: + - license-manager:CreateLicense + read: + - license-manager:GetLicense + update: + - license-manager:CreateLicenseVersion + delete: + - license-manager:DeleteLicense + list: + - license-manager:ListLicenses + x-stackQL-resources: + grants: + name: grants + id: awscc.licensemanager.grants + x-cfn-schema-name: Grant + x-type: list + x-identifiers: + - GrantArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GrantArn') as grant_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LicenseManager::Grant' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GrantArn') as grant_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LicenseManager::Grant' + AND region = 'us-east-1' + grant: + name: grant + id: awscc.licensemanager.grant + x-cfn-schema-name: Grant + x-type: get + x-identifiers: + - GrantArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GrantArn') as grant_arn, + JSON_EXTRACT(Properties, '$.GrantName') as grant_name, + JSON_EXTRACT(Properties, '$.LicenseArn') as license_arn, + JSON_EXTRACT(Properties, '$.HomeRegion') as home_region, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.AllowedOperations') as allowed_operations, + JSON_EXTRACT(Properties, '$.Principals') as principals, + JSON_EXTRACT(Properties, '$.Status') as status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LicenseManager::Grant' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GrantArn') as grant_arn, + json_extract_path_text(Properties, 'GrantName') as grant_name, + json_extract_path_text(Properties, 'LicenseArn') as license_arn, + json_extract_path_text(Properties, 'HomeRegion') as home_region, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'AllowedOperations') as allowed_operations, + json_extract_path_text(Properties, 'Principals') as principals, + json_extract_path_text(Properties, 'Status') as status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LicenseManager::Grant' + AND data__Identifier = '' + AND region = 'us-east-1' + licenses: + name: licenses + id: awscc.licensemanager.licenses + x-cfn-schema-name: License + x-type: list + x-identifiers: + - LicenseArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LicenseArn') as license_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LicenseManager::License' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LicenseArn') as license_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LicenseManager::License' + AND region = 'us-east-1' + license: + name: license + id: awscc.licensemanager.license + x-cfn-schema-name: License + x-type: get + x-identifiers: + - LicenseArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProductSKU') as product_sk_u, + JSON_EXTRACT(Properties, '$.Issuer') as issuer, + JSON_EXTRACT(Properties, '$.LicenseName') as license_name, + JSON_EXTRACT(Properties, '$.ProductName') as product_name, + JSON_EXTRACT(Properties, '$.HomeRegion') as home_region, + JSON_EXTRACT(Properties, '$.Validity') as validity, + JSON_EXTRACT(Properties, '$.Entitlements') as entitlements, + JSON_EXTRACT(Properties, '$.Beneficiary') as beneficiary, + JSON_EXTRACT(Properties, '$.ConsumptionConfiguration') as consumption_configuration, + JSON_EXTRACT(Properties, '$.LicenseMetadata') as license_metadata, + JSON_EXTRACT(Properties, '$.LicenseArn') as license_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Version') as version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LicenseManager::License' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProductSKU') as product_sk_u, + json_extract_path_text(Properties, 'Issuer') as issuer, + json_extract_path_text(Properties, 'LicenseName') as license_name, + json_extract_path_text(Properties, 'ProductName') as product_name, + json_extract_path_text(Properties, 'HomeRegion') as home_region, + json_extract_path_text(Properties, 'Validity') as validity, + json_extract_path_text(Properties, 'Entitlements') as entitlements, + json_extract_path_text(Properties, 'Beneficiary') as beneficiary, + json_extract_path_text(Properties, 'ConsumptionConfiguration') as consumption_configuration, + json_extract_path_text(Properties, 'LicenseMetadata') as license_metadata, + json_extract_path_text(Properties, 'LicenseArn') as license_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Version') as version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LicenseManager::License' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/lightsail.yaml b/providers/src/awscc/v00.00.00000/services/lightsail.yaml new file mode 100644 index 00000000..412c2e57 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/lightsail.yaml @@ -0,0 +1,2040 @@ +openapi: 3.0.0 +info: + title: Lightsail + version: 1.0.0 +paths: {} +components: + schemas: + Alarm: + type: object + properties: + AlarmName: + description: The name for the alarm. Specify the name of an existing alarm to update, and overwrite the previous configuration of the alarm. + type: string + pattern: \w[\w\-]*\w + MonitoredResourceName: + description: The validation status of the SSL/TLS certificate. + type: string + MetricName: + description: The name of the metric to associate with the alarm. + type: string + ComparisonOperator: + description: The arithmetic operation to use when comparing the specified statistic to the threshold. The specified statistic value is used as the first operand. + type: string + ContactProtocols: + description: The contact protocols to use for the alarm, such as Email, SMS (text messaging), or both. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + AlarmArn: + type: string + DatapointsToAlarm: + description: The number of data points that must be not within the specified threshold to trigger the alarm. If you are setting an "M out of N" alarm, this value (datapointsToAlarm) is the M. + type: integer + EvaluationPeriods: + description: The number of most recent periods over which data is compared to the specified threshold. If you are setting an "M out of N" alarm, this value (evaluationPeriods) is the N. + type: integer + NotificationEnabled: + description: Indicates whether the alarm is enabled. Notifications are enabled by default if you don't specify this parameter. + type: boolean + NotificationTriggers: + description: The alarm states that trigger a notification. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Threshold: + description: The value against which the specified statistic is compared. + type: number + TreatMissingData: + description: Sets how this alarm will handle missing data points. + type: string + State: + description: The current state of the alarm. + type: string + required: + - AlarmName + - MonitoredResourceName + - MetricName + - ComparisonOperator + - EvaluationPeriods + - Threshold + x-stackql-resource-name: alarm + x-stackql-primaryIdentifier: + - AlarmName + x-create-only-properties: + - AlarmName + - MonitoredResourceName + - MetricName + x-read-only-properties: + - AlarmArn + - State + x-required-permissions: + create: + - lightsail:PutAlarm + - lightsail:GetAlarms + read: + - lightsail:GetAlarms + update: + - lightsail:PutAlarm + - lightsail:GetAlarms + delete: + - lightsail:DeleteAlarm + - lightsail:GetAlarms + list: + - lightsail:GetAlarms + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + additionalProperties: false + AccessRules: + description: An object that sets the public accessibility of objects in the specified bucket. + type: object + properties: + GetObject: + type: string + description: Specifies the anonymous access to all objects in a bucket. + AllowPublicOverrides: + type: boolean + description: A Boolean value that indicates whether the access control list (ACL) permissions that are applied to individual objects override the getObject option that is currently specified. + additionalProperties: false + Bucket: + type: object + properties: + BucketName: + description: The name for the bucket. + type: string + pattern: ^[a-z0-9][a-z0-9-]{1,52}[a-z0-9]$ + minLength: 3 + maxLength: 54 + BundleId: + description: The ID of the bundle to use for the bucket. + type: string + BucketArn: + type: string + ObjectVersioning: + description: Specifies whether to enable or disable versioning of objects in the bucket. + type: boolean + AccessRules: + $ref: '#/components/schemas/AccessRules' + ResourcesReceivingAccess: + description: The names of the Lightsail resources for which to set bucket access. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + ReadOnlyAccessAccounts: + description: An array of strings to specify the AWS account IDs that can access the bucket. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Url: + description: The URL of the bucket. + type: string + AbleToUpdateBundle: + description: Indicates whether the bundle that is currently applied to a bucket can be changed to another bundle. You can update a bucket's bundle only one time within a monthly AWS billing cycle. + type: boolean + required: + - BucketName + - BundleId + x-stackql-resource-name: bucket + x-stackql-primaryIdentifier: + - BucketName + x-create-only-properties: + - BucketName + x-read-only-properties: + - BucketArn + - Url + - AbleToUpdateBundle + x-required-permissions: + create: + - lightsail:CreateBucket + - lightsail:GetBuckets + - lightsail:GetInstance + - lightsail:UpdateBucket + - lightsail:UpdateBucketBundle + - lightsail:SetResourceAccessForBucket + - lightsail:TagResource + - lightsail:UntagResource + read: + - lightsail:GetBuckets + delete: + - lightsail:DeleteBucket + - lightsail:GetBuckets + list: + - lightsail:GetBuckets + update: + - lightsail:GetBuckets + - lightsail:GetInstance + - lightsail:UpdateBucket + - lightsail:UpdateBucketBundle + - lightsail:SetResourceAccessForBucket + - lightsail:TagResource + - lightsail:UntagResource + Certificate: + type: object + properties: + CertificateName: + description: The name for the certificate. + type: string + DomainName: + description: The domain name (e.g., example.com ) for the certificate. + type: string + SubjectAlternativeNames: + description: An array of strings that specify the alternate domains (e.g., example2.com) and subdomains (e.g., blog.example.com) for the certificate. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + CertificateArn: + type: string + Status: + description: The validation status of the certificate. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - CertificateName + - DomainName + x-stackql-resource-name: certificate + x-stackql-primaryIdentifier: + - CertificateName + x-create-only-properties: + - CertificateName + - DomainName + - SubjectAlternativeNames + x-read-only-properties: + - CertificateArn + - Status + x-required-permissions: + create: + - lightsail:CreateCertificate + - lightsail:GetCertificates + - lightsail:TagResource + - lightsail:UntagResource + read: + - lightsail:GetCertificates + update: + - lightsail:GetCertificates + - lightsail:TagResource + - lightsail:UntagResource + delete: + - lightsail:DeleteCertificate + - lightsail:GetCertificates + list: + - lightsail:GetCertificates + HealthCheckConfig: + description: Describes the health check configuration of an Amazon Lightsail container service. + type: object + properties: + HealthyThreshold: + type: integer + description: The number of consecutive health checks successes required before moving the container to the Healthy state. The default value is 2. + IntervalSeconds: + type: integer + description: The approximate interval, in seconds, between health checks of an individual container. You can specify between 5 and 300 seconds. The default value is 5. + Path: + type: string + description: The path on the container on which to perform the health check. The default value is /. + SuccessCodes: + type: string + description: The HTTP codes to use when checking for a successful response from a container. You can specify values between 200 and 499. You can specify multiple values (for example, 200,202) or a range of values (for example, 200-299). + TimeoutSeconds: + type: integer + description: The amount of time, in seconds, during which no response means a failed health check. You can specify between 2 and 60 seconds. The default value is 2. + UnhealthyThreshold: + type: integer + description: The number of consecutive health check failures required before moving the container to the Unhealthy state. The default value is 2. + additionalProperties: false + PublicEndpoint: + description: Describes the settings of a public endpoint for an Amazon Lightsail container service. + type: object + properties: + ContainerName: + type: string + description: The name of the container for the endpoint. + ContainerPort: + type: integer + description: The port of the container to which traffic is forwarded to. + HealthCheckConfig: + $ref: '#/components/schemas/HealthCheckConfig' + description: An object that describes the health check configuration of the container. + additionalProperties: false + EnvironmentVariable: + type: object + properties: + Variable: + type: string + Value: + type: string + additionalProperties: false + PortInfo: + type: object + properties: + Port: + type: string + Protocol: + type: string + additionalProperties: false + Container: + type: object + properties: + ServiceName: + description: The name for the container service. + type: string + pattern: ^[a-z0-9]{1,2}|[a-z0-9][a-z0-9-]+[a-z0-9]$ + minLength: 1 + maxLength: 63 + Power: + description: The power specification for the container service. + type: string + ContainerArn: + type: string + Scale: + description: The scale specification for the container service. + type: integer + minimum: 1 + maximum: 20 + PublicDomainNames: + description: The public domain names to use with the container service, such as example.com and www.example.com. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/PublicDomainName' + ContainerServiceDeployment: + $ref: '#/components/schemas/ContainerServiceDeployment' + description: Describes a container deployment configuration of an Amazon Lightsail container service. + IsDisabled: + description: A Boolean value to indicate whether the container service is disabled. + type: boolean + PrivateRegistryAccess: + $ref: '#/components/schemas/PrivateRegistryAccess' + description: A Boolean value to indicate whether the container service has access to private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. + Url: + description: The publicly accessible URL of the container service. + type: string + PrincipalArn: + description: The principal ARN of the container service. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ServiceName + - Power + - Scale + x-stackql-resource-name: container + x-stackql-primaryIdentifier: + - ServiceName + x-create-only-properties: + - ServiceName + x-read-only-properties: + - ContainerArn + - Url + - PrincipalArn + - PrivateRegistryAccess/EcrImagePullerRole/PrincipalArn + x-required-permissions: + create: + - lightsail:CreateContainerService + - lightsail:CreateContainerServiceDeployment + - lightsail:GetContainerServices + - lightsail:TagResource + - lightsail:UntagResource + - lightsail:UpdateContainerService + read: + - lightsail:GetContainerServices + delete: + - lightsail:DeleteContainerService + - lightsail:GetContainerServices + list: + - lightsail:GetContainerServices + update: + - lightsail:CreateContainerServiceDeployment + - lightsail:GetContainerServices + - lightsail:TagResource + - lightsail:UntagResource + - lightsail:UpdateContainerService + ContainerServiceDeployment: + description: Describes a container deployment configuration of an Amazon Lightsail container service. + type: object + properties: + Containers: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Container' + description: An object that describes the configuration for the containers of the deployment. + PublicEndpoint: + $ref: '#/components/schemas/PublicEndpoint' + description: An object that describes the endpoint of the deployment. + additionalProperties: false + PublicDomainName: + description: The public domain name to use with the container service, such as example.com and www.example.com. + type: object + properties: + CertificateName: + type: string + DomainNames: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + description: An object that describes the configuration for the containers of the deployment. + additionalProperties: false + PrivateRegistryAccess: + description: An object to describe the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. + type: object + properties: + EcrImagePullerRole: + description: An object to describe a request to activate or deactivate the role that you can use to grant an Amazon Lightsail container service access to Amazon Elastic Container Registry (Amazon ECR) private repositories. + type: object + properties: + IsActive: + type: boolean + description: A Boolean value that indicates whether to activate the role. + PrincipalArn: + type: string + description: The Amazon Resource Name (ARN) of the role, if it is activated. + additionalProperties: false + additionalProperties: false + RelationalDatabaseParameter: + description: Describes the parameters of the database. + type: object + properties: + AllowedValues: + type: string + description: Specifies the valid range of values for the parameter. + ApplyMethod: + type: string + description: Indicates when parameter updates are applied. Can be immediate or pending-reboot. + ApplyType: + type: string + description: Specifies the engine-specific parameter type. + DataType: + type: string + description: Specifies the valid data type for the parameter. + Description: + type: string + description: Provides a description of the parameter. + IsModifiable: + type: boolean + description: A Boolean value indicating whether the parameter can be modified. + ParameterName: + type: string + description: Specifies the name of the parameter. + ParameterValue: + type: string + description: Specifies the value of the parameter. + additionalProperties: false + Database: + type: object + properties: + RelationalDatabaseName: + description: The name to use for your new Lightsail database resource. + type: string + pattern: \w[\w\-]*\w + minLength: 2 + maxLength: 255 + DatabaseArn: + type: string + AvailabilityZone: + description: The Availability Zone in which to create your new database. Use the us-east-2a case-sensitive format. + type: string + minLength: 1 + maxLength: 255 + RelationalDatabaseBlueprintId: + description: The blueprint ID for your new database. A blueprint describes the major engine version of a database. + type: string + minLength: 1 + maxLength: 255 + RelationalDatabaseBundleId: + description: The bundle ID for your new database. A bundle describes the performance specifications for your database. + type: string + minLength: 1 + maxLength: 255 + MasterDatabaseName: + description: The name of the database to create when the Lightsail database resource is created. For MySQL, if this parameter isn't specified, no database is created in the database resource. For PostgreSQL, if this parameter isn't specified, a database named postgres is created in the database resource. + type: string + minLength: 1 + maxLength: 255 + MasterUsername: + description: The name for the master user. + type: string + minLength: 1 + maxLength: 63 + MasterUserPassword: + description: The password for the master user. The password can include any printable ASCII character except "/", """, or "@". It cannot contain spaces. + type: string + minLength: 1 + maxLength: 63 + PreferredBackupWindow: + description: The daily time range during which automated backups are created for your new database if automated backups are enabled. + type: string + PreferredMaintenanceWindow: + description: The weekly time range during which system maintenance can occur on your new database. + type: string + PubliclyAccessible: + description: Specifies the accessibility options for your new database. A value of true specifies a database that is available to resources outside of your Lightsail account. A value of false specifies a database that is available only to your Lightsail resources in the same region as your database. + type: boolean + CaCertificateIdentifier: + description: Indicates the certificate that needs to be associated with the database. + type: string + BackupRetention: + description: When true, enables automated backup retention for your database. Updates are applied during the next maintenance window because this can result in an outage. + type: boolean + RotateMasterUserPassword: + description: When true, the master user password is changed to a new strong password generated by Lightsail. Use the get relational database master user password operation to get the new password. + type: boolean + RelationalDatabaseParameters: + description: Update one or more parameters of the relational database. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/RelationalDatabaseParameter' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - RelationalDatabaseName + - RelationalDatabaseBlueprintId + - RelationalDatabaseBundleId + - MasterDatabaseName + - MasterUsername + x-stackql-resource-name: database + x-stackql-primaryIdentifier: + - RelationalDatabaseName + x-create-only-properties: + - RelationalDatabaseName + - AvailabilityZone + - RelationalDatabaseBlueprintId + - RelationalDatabaseBundleId + - MasterDatabaseName + - MasterUsername + x-read-only-properties: + - DatabaseArn + x-required-permissions: + create: + - lightsail:CreateRelationalDatabase + - lightsail:GetRelationalDatabase + - lightsail:GetRelationalDatabases + - lightsail:GetRegions + - lightsail:TagResource + - lightsail:UntagResource + - lightsail:UpdateRelationalDatabase + - lightsail:UpdateRelationalDatabaseParameters + read: + - lightsail:GetRelationalDatabase + - lightsail:GetRelationalDatabases + update: + - lightsail:GetRelationalDatabase + - lightsail:GetRelationalDatabases + - lightsail:TagResource + - lightsail:UntagResource + - lightsail:UpdateRelationalDatabase + - lightsail:UpdateRelationalDatabaseParameters + delete: + - lightsail:DeleteRelationalDatabase + - lightsail:GetRelationalDatabase + - lightsail:GetRelationalDatabases + list: + - lightsail:GetRelationalDatabases + AutoSnapshotAddOn: + description: An object that represents additional parameters when enabling or modifying the automatic snapshot add-on + type: object + properties: + SnapshotTimeOfDay: + type: string + description: The daily time when an automatic snapshot will be created. + pattern: ^[0-9]{2}:00$ + additionalProperties: false + AddOn: + description: A addon associate with a resource. + type: object + properties: + AddOnType: + type: string + description: The add-on type + minLength: 1 + maxLength: 128 + Status: + type: string + description: Status of the Addon + enum: + - Enabling + - Disabling + - Enabled + - Terminating + - Terminated + - Disabled + - Failed + AutoSnapshotAddOnRequest: + $ref: '#/components/schemas/AutoSnapshotAddOn' + required: + - AddOnType + additionalProperties: false + Location: + description: Location of a resource. + type: object + properties: + AvailabilityZone: + type: string + description: 'The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request.' + RegionName: + type: string + description: The Region Name in which to create your instance. + additionalProperties: false + Disk: + description: Disk associated with the Instance. + type: object + properties: + DiskName: + description: The names to use for your new Lightsail disk. + type: string + pattern: ^[a-zA-Z0-9][\w\-.]*[a-zA-Z0-9]$ + minLength: 1 + maxLength: 254 + SizeInGb: + type: string + description: Size of the disk attached to the Instance. + IsSystemDisk: + type: boolean + description: Is the Attached disk is the system disk of the Instance. + IOPS: + type: integer + description: IOPS of disk. + Path: + type: string + description: Path of the disk attached to the instance. + AttachedTo: + type: string + description: Instance attached to the disk. + AttachmentState: + type: string + description: Attachment state of the disk. + required: + - DiskName + - Path + additionalProperties: false + CacheBehaviorPerPath: + description: Describes the per-path cache behavior of an Amazon Lightsail content delivery network (CDN) distribution. + type: object + properties: + Behavior: + type: string + description: The cache behavior for the specified path. + Path: + type: string + description: The path to a directory or file to cached, or not cache. Use an asterisk symbol to specify wildcard directories (path/to/assets/*), and file types (*.html, *jpg, *js). Directories and file paths are case-sensitive. + additionalProperties: false + CookieObject: + description: Describes whether an Amazon Lightsail content delivery network (CDN) distribution forwards cookies to the origin and, if so, which ones. + type: object + properties: + CookiesAllowList: + description: The specific cookies to forward to your distribution's origin. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Option: + type: string + description: 'Specifies which cookies to forward to the distribution''s origin for a cache behavior: all, none, or allow-list to forward only the cookies specified in the cookiesAllowList parameter.' + additionalProperties: false + HeaderObject: + description: Describes the request headers that a Lightsail distribution bases caching on. + type: object + properties: + HeadersAllowList: + description: The specific headers to forward to your distribution's origin. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Option: + type: string + description: The headers that you want your distribution to forward to your origin and base caching on. + additionalProperties: false + QueryStringObject: + description: Describes the query string parameters that an Amazon Lightsail content delivery network (CDN) distribution to bases caching on. + type: object + properties: + QueryStringsAllowList: + description: The specific query strings that the distribution forwards to the origin. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Option: + type: boolean + description: Indicates whether the distribution forwards and caches based on query strings. + additionalProperties: false + CacheSettings: + description: Describes the cache settings of an Amazon Lightsail content delivery network (CDN) distribution. + type: object + properties: + AllowedHTTPMethods: + type: string + description: The HTTP methods that are processed and forwarded to the distribution's origin. + CachedHTTPMethods: + type: string + description: The HTTP method responses that are cached by your distribution. + DefaultTTL: + type: integer + format: int64 + description: The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated. + MaximumTTL: + type: integer + format: int64 + description: The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated. + MinimumTTL: + type: integer + format: int64 + description: The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated. + ForwardedCookies: + $ref: '#/components/schemas/CookieObject' + description: An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded. + ForwardedHeaders: + $ref: '#/components/schemas/HeaderObject' + description: An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded. + ForwardedQueryStrings: + $ref: '#/components/schemas/QueryStringObject' + description: An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded. + additionalProperties: false + CacheBehavior: + description: Describes the default cache behavior of an Amazon Lightsail content delivery network (CDN) distribution. + type: object + properties: + Behavior: + type: string + description: The cache behavior of the distribution. + additionalProperties: false + InputOrigin: + description: Describes the origin resource of an Amazon Lightsail content delivery network (CDN) distribution. + type: object + properties: + Name: + type: string + description: The name of the origin resource. + ProtocolPolicy: + type: string + description: The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content. + RegionName: + type: string + description: The AWS Region name of the origin resource. + additionalProperties: false + Distribution: + type: object + properties: + DistributionName: + description: The name for the distribution. + type: string + pattern: \w[\w\-]*\w + DistributionArn: + type: string + BundleId: + description: The bundle ID to use for the distribution. + type: string + IpAddressType: + description: The IP address type for the distribution. + type: string + CacheBehaviors: + description: An array of objects that describe the per-path cache behavior for the distribution. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/CacheBehaviorPerPath' + CacheBehaviorSettings: + description: An object that describes the cache behavior settings for the distribution. + $ref: '#/components/schemas/CacheSettings' + DefaultCacheBehavior: + description: An object that describes the default cache behavior for the distribution. + $ref: '#/components/schemas/CacheBehavior' + Origin: + description: An object that describes the origin resource for the distribution, such as a Lightsail instance or load balancer. + $ref: '#/components/schemas/InputOrigin' + Status: + description: The status of the distribution. + type: string + AbleToUpdateBundle: + description: Indicates whether the bundle that is currently applied to your distribution, specified using the distributionName parameter, can be changed to another bundle. + type: boolean + IsEnabled: + description: Indicates whether the distribution is enabled. + type: boolean + CertificateName: + description: The certificate attached to the Distribution. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DistributionName + - BundleId + - DefaultCacheBehavior + - Origin + x-stackql-resource-name: distribution + x-stackql-primaryIdentifier: + - DistributionName + x-create-only-properties: + - DistributionName + - IpAddressType + x-read-only-properties: + - DistributionArn + - Status + - AbleToUpdateBundle + x-required-permissions: + create: + - lightsail:AttachCertificateToDistribution + - lightsail:CreateDistribution + - lightsail:DetachCertificateFromDistribution + - lightsail:GetCertificates + - lightsail:GetCertificateDetails + - lightsail:GetDistributions + - lightsail:TagResource + - lightsail:UntagResource + - lightsail:UpdateDistribution + - lightsail:UpdateDistributionBundle + read: + - lightsail:GetDistributions + update: + - lightsail:AttachCertificateToDistribution + - lightsail:DetachCertificateFromDistribution + - lightsail:GetCertificates + - lightsail:GetCertificateDetails + - lightsail:GetDistributions + - lightsail:TagResource + - lightsail:UntagResource + - lightsail:UpdateDistribution + - lightsail:UpdateDistributionBundle + delete: + - lightsail:DeleteDistribution + - lightsail:GetDistributions + list: + - lightsail:GetDistributions + ipv6Cidrs: + description: IPv6 Cidrs + type: array + x-insertionOrder: false + items: + type: string + cidrs: + description: cidrs + type: array + x-insertionOrder: false + items: + type: string + cidrListAliases: + description: cidr List Aliases + type: array + x-insertionOrder: false + items: + type: string + Hardware: + description: Hardware of the Instance. + type: object + properties: + CpuCount: + type: integer + description: CPU count of the Instance. + RamSizeInGb: + type: integer + description: RAM Size of the Instance. + Disks: + description: Disks attached to the Instance. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Disk' + additionalProperties: false + State: + description: Current State of the Instance. + type: object + properties: + Code: + type: integer + description: Status code of the Instance. + Name: + type: string + description: Status code of the Instance. + additionalProperties: false + Port: + description: Port of the Instance. + type: object + properties: + FromPort: + type: integer + description: From Port of the Instance. + ToPort: + type: integer + description: To Port of the Instance. + Protocol: + type: string + description: Port Protocol of the Instance. + AccessFrom: + type: string + description: Access From Protocol of the Instance. + AccessType: + type: string + description: Access Type Protocol of the Instance. + CommonName: + type: string + description: CommonName for Protocol of the Instance. + AccessDirection: + type: string + description: Access Direction for Protocol of the Instance(inbound/outbound). + Ipv6Cidrs: + $ref: '#/components/schemas/ipv6Cidrs' + CidrListAliases: + $ref: '#/components/schemas/cidrListAliases' + Cidrs: + $ref: '#/components/schemas/cidrs' + additionalProperties: false + MonthlyTransfer: + description: Monthly Transfer of the Instance. + type: object + properties: + GbPerMonthAllocated: + type: string + description: GbPerMonthAllocated of the Instance. + additionalProperties: false + Networking: + description: Networking of the Instance. + type: object + properties: + Ports: + description: Ports to the Instance. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Port' + MonthlyTransfer: + $ref: '#/components/schemas/MonthlyTransfer' + required: + - Ports + additionalProperties: false + Instance: + type: object + properties: + SupportCode: + description: Support code to help identify any issues + type: string + ResourceType: + description: Resource type of Lightsail instance. + type: string + IsStaticIp: + description: Is the IP Address of the Instance is the static IP + type: boolean + PrivateIpAddress: + description: Private IP Address of the Instance + type: string + PublicIpAddress: + description: Public IP Address of the Instance + type: string + Location: + $ref: '#/components/schemas/Location' + Hardware: + $ref: '#/components/schemas/Hardware' + State: + $ref: '#/components/schemas/State' + Networking: + $ref: '#/components/schemas/Networking' + UserName: + description: Username of the Lightsail instance. + type: string + SshKeyName: + description: SSH Key Name of the Lightsail instance. + type: string + InstanceName: + description: The names to use for your new Lightsail instance. + type: string + pattern: ^[a-zA-Z0-9][\w\-.]*[a-zA-Z0-9]$ + minLength: 1 + maxLength: 254 + AvailabilityZone: + description: 'The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request.' + type: string + minLength: 1 + maxLength: 255 + BundleId: + description: The bundle of specification information for your virtual private server (or instance ), including the pricing plan (e.g., micro_1_0 ). + type: string + minLength: 1 + maxLength: 255 + BlueprintId: + description: The ID for a virtual private server image (e.g., app_wordpress_4_4 or app_lamp_7_0 ). Use the get blueprints operation to return a list of available images (or blueprints ). + type: string + minLength: 1 + maxLength: 255 + AddOns: + description: An array of objects representing the add-ons to enable for the new instance. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AddOn' + UserData: + description: A launch script you can create that configures a server with additional user data. For example, you might want to run apt-get -y update. + type: string + KeyPairName: + description: The name of your key pair. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + InstanceArn: + type: string + required: + - InstanceName + - BlueprintId + - BundleId + x-stackql-resource-name: instance + x-stackql-primaryIdentifier: + - InstanceName + x-create-only-properties: + - InstanceName + - BlueprintId + - BundleId + - AvailabilityZone + x-read-only-properties: + - InstanceArn + - SshKeyName + - SupportCode + - ResourceType + - IsStaticIp + - PrivateIpAddress + - PublicIpAddress + - Location/AvailabilityZone + - Location/RegionName + - Hardware/CpuCount + - Hardware/RamSizeInGb + - State/Code + - State/Name + - UserName + - Networking/MonthlyTransfer/GbPerMonthAllocated + x-required-permissions: + create: + - lightsail:CreateInstances + - lightsail:GetInstances + - lightsail:EnableAddOn + - lightsail:GetInstance + - lightsail:DisableAddOn + - lightsail:PutInstancePublicPorts + - lightsail:AttachDisk + - lightsail:DetachDisk + - lightsail:StartInstance + - lightsail:StopInstance + - lightsail:GetDisk + - lightsail:GetRegions + - lightsail:TagResource + - lightsail:UntagResource + read: + - lightsail:GetInstances + - lightsail:GetInstance + delete: + - lightsail:GetInstances + - lightsail:GetInstance + - lightsail:DeleteInstance + list: + - lightsail:GetInstances + update: + - lightsail:GetInstances + - lightsail:GetInstance + - lightsail:DeleteInstance + - lightsail:EnableAddOn + - lightsail:DisableAddOn + - lightsail:PutInstancePublicPorts + - lightsail:AttachDisk + - lightsail:DetachDisk + - lightsail:StartInstance + - lightsail:StopInstance + - lightsail:GetDisk + - lightsail:TagResource + - lightsail:UntagResource + LoadBalancer: + type: object + properties: + LoadBalancerName: + description: The name of your load balancer. + type: string + pattern: \w[\w\-]*\w + LoadBalancerArn: + type: string + InstancePort: + description: The instance port where you're creating your load balancer. + type: integer + IpAddressType: + description: The IP address type for the load balancer. The possible values are ipv4 for IPv4 only, and dualstack for IPv4 and IPv6. The default value is dualstack. + type: string + AttachedInstances: + description: The names of the instances attached to the load balancer. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + HealthCheckPath: + description: The path you provided to perform the load balancer health check. If you didn't specify a health check path, Lightsail uses the root path of your website (e.g., "/"). + type: string + SessionStickinessEnabled: + description: Configuration option to enable session stickiness. + type: boolean + SessionStickinessLBCookieDurationSeconds: + description: Configuration option to adjust session stickiness cookie duration parameter. + type: string + TlsPolicyName: + description: The name of the TLS policy to apply to the load balancer. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - LoadBalancerName + - InstancePort + x-stackql-resource-name: load_balancer + x-stackql-primaryIdentifier: + - LoadBalancerName + x-create-only-properties: + - LoadBalancerName + - InstancePort + - IpAddressType + x-read-only-properties: + - LoadBalancerArn + x-required-permissions: + create: + - lightsail:CreateLoadBalancer + - lightsail:GetLoadBalancer + - lightsail:GetLoadBalancers + - lightsail:GetInstance + - lightsail:AttachInstancesToLoadBalancer + - lightsail:DetachInstancesFromLoadBalancer + - lightsail:UpdateLoadBalancerAttribute + - lightsail:TagResource + - lightsail:UntagResource + read: + - lightsail:GetLoadBalancer + - lightsail:GetLoadBalancers + update: + - lightsail:GetLoadBalancer + - lightsail:GetLoadBalancers + - lightsail:GetInstance + - lightsail:AttachInstancesToLoadBalancer + - lightsail:DetachInstancesFromLoadBalancer + - lightsail:UpdateLoadBalancerAttribute + - lightsail:TagResource + - lightsail:UntagResource + delete: + - lightsail:DeleteLoadBalancer + - lightsail:GetLoadBalancer + - lightsail:GetLoadBalancers + list: + - lightsail:GetLoadBalancers + LoadBalancerTlsCertificate: + type: object + properties: + LoadBalancerName: + description: The name of your load balancer. + type: string + pattern: \w[\w\-]*\w + CertificateName: + description: The SSL/TLS certificate name. + type: string + CertificateDomainName: + description: The domain name (e.g., example.com ) for your SSL/TLS certificate. + type: string + CertificateAlternativeNames: + description: An array of strings listing alternative domains and subdomains for your SSL/TLS certificate. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + LoadBalancerTlsCertificateArn: + type: string + IsAttached: + description: When true, the SSL/TLS certificate is attached to the Lightsail load balancer. + type: boolean + HttpsRedirectionEnabled: + description: A Boolean value that indicates whether HTTPS redirection is enabled for the load balancer. + type: boolean + Status: + description: The validation status of the SSL/TLS certificate. + type: string + required: + - LoadBalancerName + - CertificateName + - CertificateDomainName + x-stackql-resource-name: load_balancer_tls_certificate + x-stackql-primaryIdentifier: + - CertificateName + - LoadBalancerName + x-create-only-properties: + - LoadBalancerName + - CertificateName + - CertificateDomainName + - CertificateAlternativeNames + x-read-only-properties: + - LoadBalancerTlsCertificateArn + - Status + x-required-permissions: + create: + - lightsail:CreateLoadBalancerTlsCertificate + - lightsail:GetLoadBalancerTlsCertificates + - lightsail:GetLoadBalancer + - lightsail:AttachLoadBalancerTlsCertificate + - lightsail:UpdateLoadBalancerAttribute + read: + - lightsail:GetLoadBalancerTlsCertificates + - lightsail:GetLoadBalancer + update: + - lightsail:AttachLoadBalancerTlsCertificate + - lightsail:GetLoadBalancerTlsCertificates + - lightsail:GetLoadBalancer + - lightsail:UpdateLoadBalancerAttribute + delete: + - lightsail:DeleteLoadBalancerTlsCertificate + - lightsail:GetLoadBalancerTlsCertificates + - lightsail:GetLoadBalancer + list: + - lightsail:GetLoadBalancerTlsCertificates + - lightsail:GetLoadBalancer + StaticIp: + type: object + properties: + StaticIpName: + description: The name of the static IP address. + type: string + AttachedTo: + description: The instance where the static IP is attached. + type: string + IsAttached: + description: A Boolean value indicating whether the static IP is attached. + type: boolean + IpAddress: + description: The static IP address. + type: string + StaticIpArn: + type: string + required: + - StaticIpName + x-stackql-resource-name: static_ip + x-stackql-primaryIdentifier: + - StaticIpName + x-create-only-properties: + - StaticIpName + x-read-only-properties: + - StaticIpArn + - IsAttached + - IpAddress + x-required-permissions: + create: + - lightsail:AllocateStaticIp + - lightsail:AttachStaticIp + - lightsail:DetachStaticIp + - lightsail:GetInstance + - lightsail:GetStaticIp + - lightsail:GetStaticIps + read: + - lightsail:GetStaticIp + - lightsail:GetStaticIps + update: + - lightsail:AttachStaticIp + - lightsail:DetachStaticIp + - lightsail:GetInstance + - lightsail:GetStaticIp + - lightsail:GetStaticIps + delete: + - lightsail:GetStaticIp + - lightsail:GetStaticIps + - lightsail:ReleaseStaticIp + list: + - lightsail:GetStaticIps + x-stackQL-resources: + alarms: + name: alarms + id: awscc.lightsail.alarms + x-cfn-schema-name: Alarm + x-type: list + x-identifiers: + - AlarmName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlarmName') as alarm_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Alarm' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlarmName') as alarm_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Alarm' + AND region = 'us-east-1' + alarm: + name: alarm + id: awscc.lightsail.alarm + x-cfn-schema-name: Alarm + x-type: get + x-identifiers: + - AlarmName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlarmName') as alarm_name, + JSON_EXTRACT(Properties, '$.MonitoredResourceName') as monitored_resource_name, + JSON_EXTRACT(Properties, '$.MetricName') as metric_name, + JSON_EXTRACT(Properties, '$.ComparisonOperator') as comparison_operator, + JSON_EXTRACT(Properties, '$.ContactProtocols') as contact_protocols, + JSON_EXTRACT(Properties, '$.AlarmArn') as alarm_arn, + JSON_EXTRACT(Properties, '$.DatapointsToAlarm') as datapoints_to_alarm, + JSON_EXTRACT(Properties, '$.EvaluationPeriods') as evaluation_periods, + JSON_EXTRACT(Properties, '$.NotificationEnabled') as notification_enabled, + JSON_EXTRACT(Properties, '$.NotificationTriggers') as notification_triggers, + JSON_EXTRACT(Properties, '$.Threshold') as threshold, + JSON_EXTRACT(Properties, '$.TreatMissingData') as treat_missing_data, + JSON_EXTRACT(Properties, '$.State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Alarm' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlarmName') as alarm_name, + json_extract_path_text(Properties, 'MonitoredResourceName') as monitored_resource_name, + json_extract_path_text(Properties, 'MetricName') as metric_name, + json_extract_path_text(Properties, 'ComparisonOperator') as comparison_operator, + json_extract_path_text(Properties, 'ContactProtocols') as contact_protocols, + json_extract_path_text(Properties, 'AlarmArn') as alarm_arn, + json_extract_path_text(Properties, 'DatapointsToAlarm') as datapoints_to_alarm, + json_extract_path_text(Properties, 'EvaluationPeriods') as evaluation_periods, + json_extract_path_text(Properties, 'NotificationEnabled') as notification_enabled, + json_extract_path_text(Properties, 'NotificationTriggers') as notification_triggers, + json_extract_path_text(Properties, 'Threshold') as threshold, + json_extract_path_text(Properties, 'TreatMissingData') as treat_missing_data, + json_extract_path_text(Properties, 'State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Alarm' + AND data__Identifier = '' + AND region = 'us-east-1' + buckets: + name: buckets + id: awscc.lightsail.buckets + x-cfn-schema-name: Bucket + x-type: list + x-identifiers: + - BucketName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Bucket' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BucketName') as bucket_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Bucket' + AND region = 'us-east-1' + bucket: + name: bucket + id: awscc.lightsail.bucket + x-cfn-schema-name: Bucket + x-type: get + x-identifiers: + - BucketName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name, + JSON_EXTRACT(Properties, '$.BundleId') as bundle_id, + JSON_EXTRACT(Properties, '$.BucketArn') as bucket_arn, + JSON_EXTRACT(Properties, '$.ObjectVersioning') as object_versioning, + JSON_EXTRACT(Properties, '$.AccessRules') as access_rules, + JSON_EXTRACT(Properties, '$.ResourcesReceivingAccess') as resources_receiving_access, + JSON_EXTRACT(Properties, '$.ReadOnlyAccessAccounts') as read_only_access_accounts, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Url') as url, + JSON_EXTRACT(Properties, '$.AbleToUpdateBundle') as able_to_update_bundle + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Bucket' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BucketName') as bucket_name, + json_extract_path_text(Properties, 'BundleId') as bundle_id, + json_extract_path_text(Properties, 'BucketArn') as bucket_arn, + json_extract_path_text(Properties, 'ObjectVersioning') as object_versioning, + json_extract_path_text(Properties, 'AccessRules') as access_rules, + json_extract_path_text(Properties, 'ResourcesReceivingAccess') as resources_receiving_access, + json_extract_path_text(Properties, 'ReadOnlyAccessAccounts') as read_only_access_accounts, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Url') as url, + json_extract_path_text(Properties, 'AbleToUpdateBundle') as able_to_update_bundle + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Bucket' + AND data__Identifier = '' + AND region = 'us-east-1' + certificates: + name: certificates + id: awscc.lightsail.certificates + x-cfn-schema-name: Certificate + x-type: list + x-identifiers: + - CertificateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateName') as certificate_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Certificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateName') as certificate_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Certificate' + AND region = 'us-east-1' + certificate: + name: certificate + id: awscc.lightsail.certificate + x-cfn-schema-name: Certificate + x-type: get + x-identifiers: + - CertificateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateName') as certificate_name, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.SubjectAlternativeNames') as subject_alternative_names, + JSON_EXTRACT(Properties, '$.CertificateArn') as certificate_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateName') as certificate_name, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'SubjectAlternativeNames') as subject_alternative_names, + json_extract_path_text(Properties, 'CertificateArn') as certificate_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + containers: + name: containers + id: awscc.lightsail.containers + x-cfn-schema-name: Container + x-type: list + x-identifiers: + - ServiceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServiceName') as service_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Container' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServiceName') as service_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Container' + AND region = 'us-east-1' + container: + name: container + id: awscc.lightsail.container + x-cfn-schema-name: Container + x-type: get + x-identifiers: + - ServiceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServiceName') as service_name, + JSON_EXTRACT(Properties, '$.Power') as power, + JSON_EXTRACT(Properties, '$.ContainerArn') as container_arn, + JSON_EXTRACT(Properties, '$.Scale') as scale, + JSON_EXTRACT(Properties, '$.PublicDomainNames') as public_domain_names, + JSON_EXTRACT(Properties, '$.ContainerServiceDeployment') as container_service_deployment, + JSON_EXTRACT(Properties, '$.IsDisabled') as is_disabled, + JSON_EXTRACT(Properties, '$.PrivateRegistryAccess') as private_registry_access, + JSON_EXTRACT(Properties, '$.Url') as url, + JSON_EXTRACT(Properties, '$.PrincipalArn') as principal_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Container' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServiceName') as service_name, + json_extract_path_text(Properties, 'Power') as power, + json_extract_path_text(Properties, 'ContainerArn') as container_arn, + json_extract_path_text(Properties, 'Scale') as scale, + json_extract_path_text(Properties, 'PublicDomainNames') as public_domain_names, + json_extract_path_text(Properties, 'ContainerServiceDeployment') as container_service_deployment, + json_extract_path_text(Properties, 'IsDisabled') as is_disabled, + json_extract_path_text(Properties, 'PrivateRegistryAccess') as private_registry_access, + json_extract_path_text(Properties, 'Url') as url, + json_extract_path_text(Properties, 'PrincipalArn') as principal_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Container' + AND data__Identifier = '' + AND region = 'us-east-1' + databases: + name: databases + id: awscc.lightsail.databases + x-cfn-schema-name: Database + x-type: list + x-identifiers: + - RelationalDatabaseName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RelationalDatabaseName') as relational_database_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Database' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RelationalDatabaseName') as relational_database_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Database' + AND region = 'us-east-1' + database: + name: database + id: awscc.lightsail.database + x-cfn-schema-name: Database + x-type: get + x-identifiers: + - RelationalDatabaseName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RelationalDatabaseName') as relational_database_name, + JSON_EXTRACT(Properties, '$.DatabaseArn') as database_arn, + JSON_EXTRACT(Properties, '$.AvailabilityZone') as availability_zone, + JSON_EXTRACT(Properties, '$.RelationalDatabaseBlueprintId') as relational_database_blueprint_id, + JSON_EXTRACT(Properties, '$.RelationalDatabaseBundleId') as relational_database_bundle_id, + JSON_EXTRACT(Properties, '$.MasterDatabaseName') as master_database_name, + JSON_EXTRACT(Properties, '$.MasterUsername') as master_username, + JSON_EXTRACT(Properties, '$.MasterUserPassword') as master_user_password, + JSON_EXTRACT(Properties, '$.PreferredBackupWindow') as preferred_backup_window, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.PubliclyAccessible') as publicly_accessible, + JSON_EXTRACT(Properties, '$.CaCertificateIdentifier') as ca_certificate_identifier, + JSON_EXTRACT(Properties, '$.BackupRetention') as backup_retention, + JSON_EXTRACT(Properties, '$.RotateMasterUserPassword') as rotate_master_user_password, + JSON_EXTRACT(Properties, '$.RelationalDatabaseParameters') as relational_database_parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Database' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RelationalDatabaseName') as relational_database_name, + json_extract_path_text(Properties, 'DatabaseArn') as database_arn, + json_extract_path_text(Properties, 'AvailabilityZone') as availability_zone, + json_extract_path_text(Properties, 'RelationalDatabaseBlueprintId') as relational_database_blueprint_id, + json_extract_path_text(Properties, 'RelationalDatabaseBundleId') as relational_database_bundle_id, + json_extract_path_text(Properties, 'MasterDatabaseName') as master_database_name, + json_extract_path_text(Properties, 'MasterUsername') as master_username, + json_extract_path_text(Properties, 'MasterUserPassword') as master_user_password, + json_extract_path_text(Properties, 'PreferredBackupWindow') as preferred_backup_window, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'PubliclyAccessible') as publicly_accessible, + json_extract_path_text(Properties, 'CaCertificateIdentifier') as ca_certificate_identifier, + json_extract_path_text(Properties, 'BackupRetention') as backup_retention, + json_extract_path_text(Properties, 'RotateMasterUserPassword') as rotate_master_user_password, + json_extract_path_text(Properties, 'RelationalDatabaseParameters') as relational_database_parameters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Database' + AND data__Identifier = '' + AND region = 'us-east-1' + distributions: + name: distributions + id: awscc.lightsail.distributions + x-cfn-schema-name: Distribution + x-type: list + x-identifiers: + - DistributionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DistributionName') as distribution_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Distribution' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DistributionName') as distribution_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Distribution' + AND region = 'us-east-1' + distribution: + name: distribution + id: awscc.lightsail.distribution + x-cfn-schema-name: Distribution + x-type: get + x-identifiers: + - DistributionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DistributionName') as distribution_name, + JSON_EXTRACT(Properties, '$.DistributionArn') as distribution_arn, + JSON_EXTRACT(Properties, '$.BundleId') as bundle_id, + JSON_EXTRACT(Properties, '$.IpAddressType') as ip_address_type, + JSON_EXTRACT(Properties, '$.CacheBehaviors') as cache_behaviors, + JSON_EXTRACT(Properties, '$.CacheBehaviorSettings') as cache_behavior_settings, + JSON_EXTRACT(Properties, '$.DefaultCacheBehavior') as default_cache_behavior, + JSON_EXTRACT(Properties, '$.Origin') as origin, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.AbleToUpdateBundle') as able_to_update_bundle, + JSON_EXTRACT(Properties, '$.IsEnabled') as is_enabled, + JSON_EXTRACT(Properties, '$.CertificateName') as certificate_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Distribution' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DistributionName') as distribution_name, + json_extract_path_text(Properties, 'DistributionArn') as distribution_arn, + json_extract_path_text(Properties, 'BundleId') as bundle_id, + json_extract_path_text(Properties, 'IpAddressType') as ip_address_type, + json_extract_path_text(Properties, 'CacheBehaviors') as cache_behaviors, + json_extract_path_text(Properties, 'CacheBehaviorSettings') as cache_behavior_settings, + json_extract_path_text(Properties, 'DefaultCacheBehavior') as default_cache_behavior, + json_extract_path_text(Properties, 'Origin') as origin, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'AbleToUpdateBundle') as able_to_update_bundle, + json_extract_path_text(Properties, 'IsEnabled') as is_enabled, + json_extract_path_text(Properties, 'CertificateName') as certificate_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Distribution' + AND data__Identifier = '' + AND region = 'us-east-1' + instances: + name: instances + id: awscc.lightsail.instances + x-cfn-schema-name: Instance + x-type: list + x-identifiers: + - InstanceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceName') as instance_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Instance' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceName') as instance_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::Instance' + AND region = 'us-east-1' + instance: + name: instance + id: awscc.lightsail.instance + x-cfn-schema-name: Instance + x-type: get + x-identifiers: + - InstanceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SupportCode') as support_code, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type, + JSON_EXTRACT(Properties, '$.IsStaticIp') as is_static_ip, + JSON_EXTRACT(Properties, '$.PrivateIpAddress') as private_ip_address, + JSON_EXTRACT(Properties, '$.PublicIpAddress') as public_ip_address, + JSON_EXTRACT(Properties, '$.Location') as location, + JSON_EXTRACT(Properties, '$.Hardware') as hardware, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Networking') as networking, + JSON_EXTRACT(Properties, '$.UserName') as user_name, + JSON_EXTRACT(Properties, '$.SshKeyName') as ssh_key_name, + JSON_EXTRACT(Properties, '$.InstanceName') as instance_name, + JSON_EXTRACT(Properties, '$.AvailabilityZone') as availability_zone, + JSON_EXTRACT(Properties, '$.BundleId') as bundle_id, + JSON_EXTRACT(Properties, '$.BlueprintId') as blueprint_id, + JSON_EXTRACT(Properties, '$.AddOns') as add_ons, + JSON_EXTRACT(Properties, '$.UserData') as user_data, + JSON_EXTRACT(Properties, '$.KeyPairName') as key_pair_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Instance' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SupportCode') as support_code, + json_extract_path_text(Properties, 'ResourceType') as resource_type, + json_extract_path_text(Properties, 'IsStaticIp') as is_static_ip, + json_extract_path_text(Properties, 'PrivateIpAddress') as private_ip_address, + json_extract_path_text(Properties, 'PublicIpAddress') as public_ip_address, + json_extract_path_text(Properties, 'Location') as location, + json_extract_path_text(Properties, 'Hardware') as hardware, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Networking') as networking, + json_extract_path_text(Properties, 'UserName') as user_name, + json_extract_path_text(Properties, 'SshKeyName') as ssh_key_name, + json_extract_path_text(Properties, 'InstanceName') as instance_name, + json_extract_path_text(Properties, 'AvailabilityZone') as availability_zone, + json_extract_path_text(Properties, 'BundleId') as bundle_id, + json_extract_path_text(Properties, 'BlueprintId') as blueprint_id, + json_extract_path_text(Properties, 'AddOns') as add_ons, + json_extract_path_text(Properties, 'UserData') as user_data, + json_extract_path_text(Properties, 'KeyPairName') as key_pair_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::Instance' + AND data__Identifier = '' + AND region = 'us-east-1' + load_balancers: + name: load_balancers + id: awscc.lightsail.load_balancers + x-cfn-schema-name: LoadBalancer + x-type: list + x-identifiers: + - LoadBalancerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LoadBalancerName') as load_balancer_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::LoadBalancer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LoadBalancerName') as load_balancer_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::LoadBalancer' + AND region = 'us-east-1' + load_balancer: + name: load_balancer + id: awscc.lightsail.load_balancer + x-cfn-schema-name: LoadBalancer + x-type: get + x-identifiers: + - LoadBalancerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LoadBalancerName') as load_balancer_name, + JSON_EXTRACT(Properties, '$.LoadBalancerArn') as load_balancer_arn, + JSON_EXTRACT(Properties, '$.InstancePort') as instance_port, + JSON_EXTRACT(Properties, '$.IpAddressType') as ip_address_type, + JSON_EXTRACT(Properties, '$.AttachedInstances') as attached_instances, + JSON_EXTRACT(Properties, '$.HealthCheckPath') as health_check_path, + JSON_EXTRACT(Properties, '$.SessionStickinessEnabled') as session_stickiness_enabled, + JSON_EXTRACT(Properties, '$.SessionStickinessLBCookieDurationSeconds') as session_stickiness_lb_cookie_duration_seconds, + JSON_EXTRACT(Properties, '$.TlsPolicyName') as tls_policy_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::LoadBalancer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LoadBalancerName') as load_balancer_name, + json_extract_path_text(Properties, 'LoadBalancerArn') as load_balancer_arn, + json_extract_path_text(Properties, 'InstancePort') as instance_port, + json_extract_path_text(Properties, 'IpAddressType') as ip_address_type, + json_extract_path_text(Properties, 'AttachedInstances') as attached_instances, + json_extract_path_text(Properties, 'HealthCheckPath') as health_check_path, + json_extract_path_text(Properties, 'SessionStickinessEnabled') as session_stickiness_enabled, + json_extract_path_text(Properties, 'SessionStickinessLBCookieDurationSeconds') as session_stickiness_lb_cookie_duration_seconds, + json_extract_path_text(Properties, 'TlsPolicyName') as tls_policy_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::LoadBalancer' + AND data__Identifier = '' + AND region = 'us-east-1' + load_balancer_tls_certificates: + name: load_balancer_tls_certificates + id: awscc.lightsail.load_balancer_tls_certificates + x-cfn-schema-name: LoadBalancerTlsCertificate + x-type: list + x-identifiers: + - CertificateName + - LoadBalancerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateName') as certificate_name, + JSON_EXTRACT(Properties, '$.LoadBalancerName') as load_balancer_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::LoadBalancerTlsCertificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateName') as certificate_name, + json_extract_path_text(Properties, 'LoadBalancerName') as load_balancer_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::LoadBalancerTlsCertificate' + AND region = 'us-east-1' + load_balancer_tls_certificate: + name: load_balancer_tls_certificate + id: awscc.lightsail.load_balancer_tls_certificate + x-cfn-schema-name: LoadBalancerTlsCertificate + x-type: get + x-identifiers: + - CertificateName + - LoadBalancerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LoadBalancerName') as load_balancer_name, + JSON_EXTRACT(Properties, '$.CertificateName') as certificate_name, + JSON_EXTRACT(Properties, '$.CertificateDomainName') as certificate_domain_name, + JSON_EXTRACT(Properties, '$.CertificateAlternativeNames') as certificate_alternative_names, + JSON_EXTRACT(Properties, '$.LoadBalancerTlsCertificateArn') as load_balancer_tls_certificate_arn, + JSON_EXTRACT(Properties, '$.IsAttached') as is_attached, + JSON_EXTRACT(Properties, '$.HttpsRedirectionEnabled') as https_redirection_enabled, + JSON_EXTRACT(Properties, '$.Status') as status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::LoadBalancerTlsCertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LoadBalancerName') as load_balancer_name, + json_extract_path_text(Properties, 'CertificateName') as certificate_name, + json_extract_path_text(Properties, 'CertificateDomainName') as certificate_domain_name, + json_extract_path_text(Properties, 'CertificateAlternativeNames') as certificate_alternative_names, + json_extract_path_text(Properties, 'LoadBalancerTlsCertificateArn') as load_balancer_tls_certificate_arn, + json_extract_path_text(Properties, 'IsAttached') as is_attached, + json_extract_path_text(Properties, 'HttpsRedirectionEnabled') as https_redirection_enabled, + json_extract_path_text(Properties, 'Status') as status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::LoadBalancerTlsCertificate' + AND data__Identifier = '' + AND region = 'us-east-1' + static_ips: + name: static_ips + id: awscc.lightsail.static_ips + x-cfn-schema-name: StaticIp + x-type: list + x-identifiers: + - StaticIpName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StaticIpName') as static_ip_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::StaticIp' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StaticIpName') as static_ip_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Lightsail::StaticIp' + AND region = 'us-east-1' + static_ip: + name: static_ip + id: awscc.lightsail.static_ip + x-cfn-schema-name: StaticIp + x-type: get + x-identifiers: + - StaticIpName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StaticIpName') as static_ip_name, + JSON_EXTRACT(Properties, '$.AttachedTo') as attached_to, + JSON_EXTRACT(Properties, '$.IsAttached') as is_attached, + JSON_EXTRACT(Properties, '$.IpAddress') as ip_address, + JSON_EXTRACT(Properties, '$.StaticIpArn') as static_ip_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::StaticIp' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StaticIpName') as static_ip_name, + json_extract_path_text(Properties, 'AttachedTo') as attached_to, + json_extract_path_text(Properties, 'IsAttached') as is_attached, + json_extract_path_text(Properties, 'IpAddress') as ip_address, + json_extract_path_text(Properties, 'StaticIpArn') as static_ip_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Lightsail::StaticIp' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/location.yaml b/providers/src/awscc/v00.00.00000/services/location.yaml new file mode 100644 index 00000000..a973814f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/location.yaml @@ -0,0 +1,1108 @@ +openapi: 3.0.0 +info: + title: Location + version: 1.0.0 +paths: {} +components: + schemas: + ApiKeyRestrictions: + type: object + properties: + AllowActions: + type: array + items: + type: string + maxLength: 200 + minLength: 5 + pattern: ^geo:\w*\*?$ + maxItems: 7 + minItems: 1 + x-insertionOrder: false + AllowResources: + type: array + items: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*):geo(:([a-z0-9]+([.-][a-z0-9]+)*))(:[0-9]+):((\*)|([-a-z]+[/][*-._\w]+))$ + maxItems: 5 + minItems: 1 + x-insertionOrder: false + AllowReferers: + type: array + items: + type: string + maxLength: 253 + pattern: ^([$\-._+!*\x{60}(),;/?:@=&\w]|%([0-9a-fA-F?]{2}|[0-9a-fA-F?]?[*]))+$ + maxItems: 5 + minItems: 1 + x-insertionOrder: false + required: + - AllowActions + - AllowResources + additionalProperties: false + TagMap: + type: object + maxProperties: 50 + x-patternProperties: + ^[a-zA-Z+-=._:/]+$: + type: string + maxLength: 256 + minLength: 0 + pattern: ^[A-Za-z0-9 _=@:.+-/]*$ + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z+-=._:/]+$ + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + pattern: ^[A-Za-z0-9 _=@:.+-/]*$ + required: + - Key + - Value + additionalProperties: false + iso8601UTC: + description: The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ) + type: string + pattern: ^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$ + APIKey: + type: object + properties: + CreateTime: + $ref: '#/components/schemas/iso8601UTC' + Description: + type: string + maxLength: 1000 + minLength: 0 + ExpireTime: + $ref: '#/components/schemas/iso8601UTC' + ForceUpdate: + type: boolean + KeyArn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + KeyName: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + NoExpiry: + type: boolean + Restrictions: + $ref: '#/components/schemas/ApiKeyRestrictions' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + UpdateTime: + $ref: '#/components/schemas/iso8601UTC' + ForceDelete: + type: boolean + Arn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + required: + - KeyName + - Restrictions + x-stackql-resource-name: api_key + x-stackql-primaryIdentifier: + - KeyName + x-create-only-properties: + - KeyName + x-read-only-properties: + - CreateTime + - Arn + - KeyArn + - UpdateTime + x-required-permissions: + create: + - geo:CreateKey + - geo:DescribeKey + - geo:TagResource + - geo:UntagResource + - geo:GetMapTile + - geo:GetMapStyleDescriptor + - geo:GetMapSprites + - geo:GetMapGlyphs + - geo:SearchPlaceIndexForText + - geo:SearchPlaceIndexForPosition + - geo:SearchPlaceIndexForSuggestions + - geo:GetPlace + - geo:CalculateRoute + - geo:CalculateRouteMatrix + read: + - geo:DescribeKey + update: + - geo:CreateKey + - geo:DescribeKey + - geo:TagResource + - geo:UntagResource + - geo:GetMapTile + - geo:GetMapStyleDescriptor + - geo:GetMapSprites + - geo:GetMapGlyphs + - geo:SearchPlaceIndexForText + - geo:SearchPlaceIndexForPosition + - geo:SearchPlaceIndexForSuggestions + - geo:GetPlace + - geo:CalculateRoute + - geo:CalculateRouteMatrix + - geo:UpdateKey + delete: + - geo:DeleteKey + - geo:DescribeKey + list: + - geo:ListKeys + PricingPlan: + type: string + enum: + - RequestBasedUsage + GeofenceCollection: + type: object + properties: + CollectionArn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + CollectionName: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + CreateTime: + $ref: '#/components/schemas/iso8601UTC' + Description: + type: string + maxLength: 1000 + minLength: 0 + KmsKeyId: + type: string + maxLength: 2048 + minLength: 1 + PricingPlan: + $ref: '#/components/schemas/PricingPlan' + PricingPlanDataSource: + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + UpdateTime: + $ref: '#/components/schemas/iso8601UTC' + Arn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + required: + - CollectionName + x-stackql-resource-name: geofence_collection + x-stackql-primaryIdentifier: + - CollectionName + x-create-only-properties: + - CollectionName + - KmsKeyId + x-read-only-properties: + - CollectionArn + - Arn + - CreateTime + - UpdateTime + x-required-permissions: + create: + - geo:CreateGeofenceCollection + - geo:DescribeGeofenceCollection + - geo:TagResource + - geo:UntagResource + - kms:DescribeKey + - kms:CreateGrant + read: + - geo:DescribeGeofenceCollection + - kms:DescribeKey + update: + - geo:CreateGeofenceCollection + - geo:DescribeGeofenceCollection + - geo:TagResource + - geo:UntagResource + - kms:DescribeKey + - kms:CreateGrant + - geo:UpdateGeofenceCollection + delete: + - geo:DeleteGeofenceCollection + - geo:DescribeGeofenceCollection + list: + - geo:ListGeofenceCollections + MapConfiguration: + type: object + properties: + Style: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + PoliticalView: + type: string + maxLength: 3 + minLength: 3 + pattern: ^[A-Z]{3}$ + CustomLayers: + type: array + items: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + maxItems: 10 + required: + - Style + additionalProperties: false + Map: + type: object + properties: + Configuration: + $ref: '#/components/schemas/MapConfiguration' + CreateTime: + $ref: '#/components/schemas/iso8601UTC' + Description: + type: string + maxLength: 1000 + minLength: 0 + MapArn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*):geo(:([a-z0-9]+([.-][a-z0-9]+)*))(:[0-9]+):((\*)|([-a-z]+[/][*-._\w]+))$ + MapName: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + PricingPlan: + $ref: '#/components/schemas/PricingPlan' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + UpdateTime: + $ref: '#/components/schemas/iso8601UTC' + Arn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + required: + - Configuration + - MapName + x-stackql-resource-name: map + x-stackql-primaryIdentifier: + - MapName + x-create-only-properties: + - Configuration + - MapName + x-read-only-properties: + - CreateTime + - Arn + - MapArn + - UpdateTime + x-required-permissions: + create: + - geo:CreateMap + - geo:DescribeMap + - geo:TagResource + - geo:UntagResource + read: + - geo:DescribeMap + update: + - geo:CreateMap + - geo:DescribeMap + - geo:TagResource + - geo:UntagResource + - geo:UpdateMap + delete: + - geo:DeleteMap + - geo:DescribeMap + list: + - geo:ListMaps + DataSourceConfiguration: + type: object + properties: + IntendedUse: + $ref: '#/components/schemas/IntendedUse' + additionalProperties: false + IntendedUse: + type: string + enum: + - SingleUse + - Storage + PlaceIndex: + type: object + properties: + CreateTime: + $ref: '#/components/schemas/iso8601UTC' + DataSource: + type: string + DataSourceConfiguration: + $ref: '#/components/schemas/DataSourceConfiguration' + Description: + type: string + maxLength: 1000 + minLength: 0 + IndexArn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*):geo(:([a-z0-9]+([.-][a-z0-9]+)*))(:[0-9]+):((\*)|([-a-z]+[/][*-._\w]+))$ + IndexName: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + PricingPlan: + $ref: '#/components/schemas/PricingPlan' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + UpdateTime: + $ref: '#/components/schemas/iso8601UTC' + Arn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + required: + - DataSource + - IndexName + x-stackql-resource-name: place_index + x-stackql-primaryIdentifier: + - IndexName + x-create-only-properties: + - DataSource + - IndexName + x-read-only-properties: + - CreateTime + - Arn + - IndexArn + - UpdateTime + x-required-permissions: + create: + - geo:CreatePlaceIndex + - geo:DescribePlaceIndex + - geo:TagResource + - geo:UntagResource + read: + - geo:DescribePlaceIndex + update: + - geo:CreatePlaceIndex + - geo:DescribePlaceIndex + - geo:TagResource + - geo:UntagResource + - geo:UpdatePlaceIndex + delete: + - geo:DeletePlaceIndex + - geo:DescribePlaceIndex + list: + - geo:ListPlaceIndexes + RouteCalculator: + type: object + properties: + CalculatorArn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*):geo(:([a-z0-9]+([.-][a-z0-9]+)*))(:[0-9]+):((\*)|([-a-z]+[/][*-._\w]+))$ + CalculatorName: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + CreateTime: + $ref: '#/components/schemas/iso8601UTC' + DataSource: + type: string + Description: + type: string + maxLength: 1000 + minLength: 0 + PricingPlan: + $ref: '#/components/schemas/PricingPlan' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + UpdateTime: + $ref: '#/components/schemas/iso8601UTC' + Arn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + required: + - DataSource + - CalculatorName + x-stackql-resource-name: route_calculator + x-stackql-primaryIdentifier: + - CalculatorName + x-create-only-properties: + - CalculatorName + - DataSource + x-read-only-properties: + - CalculatorArn + - Arn + - CreateTime + - UpdateTime + x-required-permissions: + create: + - geo:CreateRouteCalculator + - geo:DescribeRouteCalculator + - geo:TagResource + - geo:UntagResource + read: + - geo:DescribeRouteCalculator + update: + - geo:CreateRouteCalculator + - geo:DescribeRouteCalculator + - geo:TagResource + - geo:UntagResource + - geo:UpdateRouteCalculator + delete: + - geo:DeleteRouteCalculator + - geo:DescribeRouteCalculator + list: + - geo:ListRouteCalculators + PositionFiltering: + type: string + enum: + - TimeBased + - DistanceBased + - AccuracyBased + Tracker: + type: object + properties: + CreateTime: + $ref: '#/components/schemas/iso8601UTC' + Description: + type: string + maxLength: 1000 + minLength: 0 + EventBridgeEnabled: + type: boolean + KmsKeyEnableGeospatialQueries: + type: boolean + KmsKeyId: + type: string + maxLength: 2048 + minLength: 1 + PositionFiltering: + $ref: '#/components/schemas/PositionFiltering' + PricingPlan: + $ref: '#/components/schemas/PricingPlan' + PricingPlanDataSource: + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + TrackerArn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + TrackerName: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + UpdateTime: + $ref: '#/components/schemas/iso8601UTC' + Arn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + required: + - TrackerName + x-stackql-resource-name: tracker + x-stackql-primaryIdentifier: + - TrackerName + x-create-only-properties: + - KmsKeyId + - TrackerName + x-read-only-properties: + - CreateTime + - Arn + - TrackerArn + - UpdateTime + x-required-permissions: + create: + - geo:CreateTracker + - geo:DescribeTracker + - geo:TagResource + - geo:UntagResource + - kms:DescribeKey + - kms:CreateGrant + read: + - geo:DescribeTracker + - kms:DescribeKey + update: + - geo:CreateTracker + - geo:DescribeTracker + - geo:TagResource + - geo:UntagResource + - kms:DescribeKey + - kms:CreateGrant + - geo:UpdateTracker + delete: + - geo:DeleteTracker + - geo:DescribeTracker + list: + - geo:ListTrackers + TrackerConsumer: + type: object + properties: + ConsumerArn: + type: string + maxLength: 1600 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + TrackerName: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[-._\w]+$ + required: + - ConsumerArn + - TrackerName + x-stackql-resource-name: tracker_consumer + x-stackql-primaryIdentifier: + - TrackerName + - ConsumerArn + x-create-only-properties: + - TrackerName + - ConsumerArn + x-required-permissions: + create: + - geo:AssociateTrackerConsumer + - geo:ListTrackerConsumers + delete: + - geo:DisassociateTrackerConsumer + - geo:ListTrackerConsumers + list: + - geo:ListTrackerConsumers + read: + - geo:ListTrackerConsumers + x-stackQL-resources: + api_keys: + name: api_keys + id: awscc.location.api_keys + x-cfn-schema-name: APIKey + x-type: list + x-identifiers: + - KeyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyName') as key_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::APIKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyName') as key_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::APIKey' + AND region = 'us-east-1' + api_key: + name: api_key + id: awscc.location.api_key + x-cfn-schema-name: APIKey + x-type: get + x-identifiers: + - KeyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ExpireTime') as expire_time, + JSON_EXTRACT(Properties, '$.ForceUpdate') as force_update, + JSON_EXTRACT(Properties, '$.KeyArn') as key_arn, + JSON_EXTRACT(Properties, '$.KeyName') as key_name, + JSON_EXTRACT(Properties, '$.NoExpiry') as no_expiry, + JSON_EXTRACT(Properties, '$.Restrictions') as restrictions, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time, + JSON_EXTRACT(Properties, '$.ForceDelete') as force_delete, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::APIKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreateTime') as create_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ExpireTime') as expire_time, + json_extract_path_text(Properties, 'ForceUpdate') as force_update, + json_extract_path_text(Properties, 'KeyArn') as key_arn, + json_extract_path_text(Properties, 'KeyName') as key_name, + json_extract_path_text(Properties, 'NoExpiry') as no_expiry, + json_extract_path_text(Properties, 'Restrictions') as restrictions, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UpdateTime') as update_time, + json_extract_path_text(Properties, 'ForceDelete') as force_delete, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::APIKey' + AND data__Identifier = '' + AND region = 'us-east-1' + geofence_collections: + name: geofence_collections + id: awscc.location.geofence_collections + x-cfn-schema-name: GeofenceCollection + x-type: list + x-identifiers: + - CollectionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CollectionName') as collection_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::GeofenceCollection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CollectionName') as collection_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::GeofenceCollection' + AND region = 'us-east-1' + geofence_collection: + name: geofence_collection + id: awscc.location.geofence_collection + x-cfn-schema-name: GeofenceCollection + x-type: get + x-identifiers: + - CollectionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CollectionArn') as collection_arn, + JSON_EXTRACT(Properties, '$.CollectionName') as collection_name, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.PricingPlan') as pricing_plan, + JSON_EXTRACT(Properties, '$.PricingPlanDataSource') as pricing_plan_data_source, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::GeofenceCollection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CollectionArn') as collection_arn, + json_extract_path_text(Properties, 'CollectionName') as collection_name, + json_extract_path_text(Properties, 'CreateTime') as create_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'PricingPlan') as pricing_plan, + json_extract_path_text(Properties, 'PricingPlanDataSource') as pricing_plan_data_source, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UpdateTime') as update_time, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::GeofenceCollection' + AND data__Identifier = '' + AND region = 'us-east-1' + maps: + name: maps + id: awscc.location.maps + x-cfn-schema-name: Map + x-type: list + x-identifiers: + - MapName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MapName') as map_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::Map' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MapName') as map_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::Map' + AND region = 'us-east-1' + map: + name: map + id: awscc.location.map + x-cfn-schema-name: Map + x-type: get + x-identifiers: + - MapName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.MapArn') as map_arn, + JSON_EXTRACT(Properties, '$.MapName') as map_name, + JSON_EXTRACT(Properties, '$.PricingPlan') as pricing_plan, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::Map' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'CreateTime') as create_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'MapArn') as map_arn, + json_extract_path_text(Properties, 'MapName') as map_name, + json_extract_path_text(Properties, 'PricingPlan') as pricing_plan, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UpdateTime') as update_time, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::Map' + AND data__Identifier = '' + AND region = 'us-east-1' + place_indices: + name: place_indices + id: awscc.location.place_indices + x-cfn-schema-name: PlaceIndex + x-type: list + x-identifiers: + - IndexName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IndexName') as index_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::PlaceIndex' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IndexName') as index_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::PlaceIndex' + AND region = 'us-east-1' + place_index: + name: place_index + id: awscc.location.place_index + x-cfn-schema-name: PlaceIndex + x-type: get + x-identifiers: + - IndexName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time, + JSON_EXTRACT(Properties, '$.DataSource') as data_source, + JSON_EXTRACT(Properties, '$.DataSourceConfiguration') as data_source_configuration, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.IndexArn') as index_arn, + JSON_EXTRACT(Properties, '$.IndexName') as index_name, + JSON_EXTRACT(Properties, '$.PricingPlan') as pricing_plan, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::PlaceIndex' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreateTime') as create_time, + json_extract_path_text(Properties, 'DataSource') as data_source, + json_extract_path_text(Properties, 'DataSourceConfiguration') as data_source_configuration, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'IndexArn') as index_arn, + json_extract_path_text(Properties, 'IndexName') as index_name, + json_extract_path_text(Properties, 'PricingPlan') as pricing_plan, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UpdateTime') as update_time, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::PlaceIndex' + AND data__Identifier = '' + AND region = 'us-east-1' + route_calculators: + name: route_calculators + id: awscc.location.route_calculators + x-cfn-schema-name: RouteCalculator + x-type: list + x-identifiers: + - CalculatorName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CalculatorName') as calculator_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::RouteCalculator' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CalculatorName') as calculator_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::RouteCalculator' + AND region = 'us-east-1' + route_calculator: + name: route_calculator + id: awscc.location.route_calculator + x-cfn-schema-name: RouteCalculator + x-type: get + x-identifiers: + - CalculatorName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CalculatorArn') as calculator_arn, + JSON_EXTRACT(Properties, '$.CalculatorName') as calculator_name, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time, + JSON_EXTRACT(Properties, '$.DataSource') as data_source, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.PricingPlan') as pricing_plan, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::RouteCalculator' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CalculatorArn') as calculator_arn, + json_extract_path_text(Properties, 'CalculatorName') as calculator_name, + json_extract_path_text(Properties, 'CreateTime') as create_time, + json_extract_path_text(Properties, 'DataSource') as data_source, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'PricingPlan') as pricing_plan, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UpdateTime') as update_time, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::RouteCalculator' + AND data__Identifier = '' + AND region = 'us-east-1' + trackers: + name: trackers + id: awscc.location.trackers + x-cfn-schema-name: Tracker + x-type: list + x-identifiers: + - TrackerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TrackerName') as tracker_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::Tracker' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TrackerName') as tracker_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::Tracker' + AND region = 'us-east-1' + tracker: + name: tracker + id: awscc.location.tracker + x-cfn-schema-name: Tracker + x-type: get + x-identifiers: + - TrackerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EventBridgeEnabled') as event_bridge_enabled, + JSON_EXTRACT(Properties, '$.KmsKeyEnableGeospatialQueries') as kms_key_enable_geospatial_queries, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.PositionFiltering') as position_filtering, + JSON_EXTRACT(Properties, '$.PricingPlan') as pricing_plan, + JSON_EXTRACT(Properties, '$.PricingPlanDataSource') as pricing_plan_data_source, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TrackerArn') as tracker_arn, + JSON_EXTRACT(Properties, '$.TrackerName') as tracker_name, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::Tracker' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreateTime') as create_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EventBridgeEnabled') as event_bridge_enabled, + json_extract_path_text(Properties, 'KmsKeyEnableGeospatialQueries') as kms_key_enable_geospatial_queries, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'PositionFiltering') as position_filtering, + json_extract_path_text(Properties, 'PricingPlan') as pricing_plan, + json_extract_path_text(Properties, 'PricingPlanDataSource') as pricing_plan_data_source, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TrackerArn') as tracker_arn, + json_extract_path_text(Properties, 'TrackerName') as tracker_name, + json_extract_path_text(Properties, 'UpdateTime') as update_time, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::Tracker' + AND data__Identifier = '' + AND region = 'us-east-1' + tracker_consumers: + name: tracker_consumers + id: awscc.location.tracker_consumers + x-cfn-schema-name: TrackerConsumer + x-type: list + x-identifiers: + - TrackerName + - ConsumerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TrackerName') as tracker_name, + JSON_EXTRACT(Properties, '$.ConsumerArn') as consumer_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::TrackerConsumer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TrackerName') as tracker_name, + json_extract_path_text(Properties, 'ConsumerArn') as consumer_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Location::TrackerConsumer' + AND region = 'us-east-1' + tracker_consumer: + name: tracker_consumer + id: awscc.location.tracker_consumer + x-cfn-schema-name: TrackerConsumer + x-type: get + x-identifiers: + - TrackerName + - ConsumerArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConsumerArn') as consumer_arn, + JSON_EXTRACT(Properties, '$.TrackerName') as tracker_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::TrackerConsumer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConsumerArn') as consumer_arn, + json_extract_path_text(Properties, 'TrackerName') as tracker_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Location::TrackerConsumer' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/logs.yaml b/providers/src/awscc/v00.00.00000/services/logs.yaml new file mode 100644 index 00000000..c5f23327 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/logs.yaml @@ -0,0 +1,1469 @@ +openapi: 3.0.0 +info: + title: Logs + version: 1.0.0 +paths: {} +components: + schemas: + AccountPolicy: + type: object + properties: + AccountId: + description: User account id + type: string + pattern: ^\d{12}$ + PolicyName: + description: The name of the account policy + type: string + minLength: 1 + maxLength: 256 + pattern: ^[^:*]{1,256}$ + PolicyDocument: + description: |- + The body of the policy document you want to use for this topic. + + You can only add one policy per PolicyType. + + The policy must be in JSON string format. + + Length Constraints: Maximum length of 30720 + type: string + minLength: 1 + maxLength: 30720 + PolicyType: + description: Type of the policy. + type: string + enum: + - DATA_PROTECTION_POLICY + - SUBSCRIPTION_FILTER_POLICY + Scope: + description: Scope for policy application + type: string + enum: + - ALL + SelectionCriteria: + description: Log group selection criteria to apply policy only to a subset of log groups. SelectionCriteria string can be up to 25KB and cloudwatchlogs determines the length of selectionCriteria by using its UTF-8 bytes + type: string + required: + - PolicyName + - PolicyType + - PolicyDocument + x-stackql-resource-name: account_policy + x-stackql-primaryIdentifier: + - AccountId + - PolicyType + - PolicyName + x-create-only-properties: + - PolicyName + - PolicyType + x-read-only-properties: + - AccountId + x-required-permissions: + create: + - logs:PutAccountPolicy + - logs:PutDataProtectionPolicy + - logs:DescribeAccountPolicies + - logs:CreateLogDelivery + - s3:REST.PUT.OBJECT + - firehose:TagDeliveryStream + - logs:PutSubscriptionFilter + - logs:DeleteSubscriptionFilter + - iam:PassRole + read: + - logs:DescribeAccountPolicies + update: + - logs:PutAccountPolicy + - logs:PutDataProtectionPolicy + - logs:DescribeAccountPolicies + - logs:DeleteAccountPolicy + - logs:DeleteDataProtectionPolicy + - logs:CreateLogDelivery + - logs:PutSubscriptionFilter + - logs:DeleteSubscriptionFilter + - s3:REST.PUT.OBJECT + - firehose:TagDeliveryStream + - iam:PassRole + delete: + - logs:DeleteAccountPolicy + - logs:DeleteDataProtectionPolicy + - logs:DescribeAccountPolicies + - logs:DeleteSubscriptionFilter + - iam:PassRole + list: + - logs:DescribeAccountPolicies + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., :, /, =, +, - and @.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., :, /, =, +, - and @.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + Arn: + description: The Amazon Resource Name (ARN) that uniquely identifies this delivery source. + type: string + minLength: 16 + maxLength: 2048 + pattern: ^arn:(aws[a-zA-Z-]*)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + Delivery: + type: object + properties: + DeliveryId: + description: The unique ID that identifies this delivery in your account. + type: string + minLength: 1 + maxLength: 64 + pattern: ^[0-9A-Za-z]+$ + Arn: + description: The Amazon Resource Name (ARN) that uniquely identifies this delivery. + $ref: '#/components/schemas/Arn' + DeliverySourceName: + description: The name of the delivery source that is associated with this delivery. + type: string + pattern: '[\w-]*$' + minLength: 1 + maxLength: 60 + DeliveryDestinationArn: + description: The ARN of the delivery destination that is associated with this delivery. + $ref: '#/components/schemas/Arn' + DeliveryDestinationType: + description: Displays whether the delivery destination associated with this delivery is CloudWatch Logs, Amazon S3, or Kinesis Data Firehose. + type: string + minLength: 1 + maxLength: 12 + pattern: ^[0-9A-Za-z]+$ + Tags: + description: The tags that have been assigned to this delivery. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DeliverySourceName + - DeliveryDestinationArn + x-stackql-resource-name: delivery + x-stackql-primaryIdentifier: + - DeliveryId + x-create-only-properties: + - DeliverySourceName + - DeliveryDestinationArn + x-read-only-properties: + - DeliveryId + - Arn + - DeliveryDestinationType + x-required-permissions: + create: + - logs:CreateDelivery + - logs:GetDelivery + - logs:DescribeDeliveries + - logs:ListTagsForResource + - logs:TagResource + - logs:GetDeliverySource + - logs:GetDeliveryDestination + read: + - logs:GetDelivery + - logs:ListTagsForResource + update: + - logs:GetDelivery + - logs:ListTagsForResource + - logs:TagResource + - logs:UntagResource + delete: + - logs:DeleteDelivery + - logs:ListTagsForResource + - logs:UntagResource + list: + - logs:DescribeDeliveries + - logs:ListTagsForResource + DestinationPolicy: + type: object + properties: + DeliveryDestinationName: + type: string + description: The name of the delivery destination to assign this policy to + minLength: 1 + maxLength: 60 + DeliveryDestinationPolicy: + type: string + description: The contents of the policy attached to the delivery destination + minLength: 1 + maxLength: 51200 + required: + - DeliveryDestinationName + - DeliveryDestinationPolicy + additionalProperties: false + DeliveryDestination: + type: object + properties: + Name: + description: The name of this delivery destination. + type: string + pattern: '[\w-]*$' + minLength: 1 + maxLength: 60 + Arn: + description: The Amazon Resource Name (ARN) that uniquely identifies this delivery destination. + $ref: '#/components/schemas/Arn' + DestinationResourceArn: + description: The ARN of the AWS resource that will receive the logs. + $ref: '#/components/schemas/Arn' + Tags: + description: The tags that have been assigned to this delivery destination. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + DeliveryDestinationType: + description: Displays whether this delivery destination is CloudWatch Logs, Amazon S3, or Kinesis Data Firehose. + type: string + minLength: 1 + maxLength: 12 + pattern: ^[0-9A-Za-z]+$ + DeliveryDestinationPolicy: + description: |- + IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. + + The policy must be in JSON string format. + + Length Constraints: Maximum length of 51200 + type: object + items: + $ref: '#/components/schemas/DestinationPolicy' + required: + - Name + x-stackql-resource-name: delivery_destination + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - DestinationResourceArn + x-read-only-properties: + - Arn + - DeliveryDestinationType + x-required-permissions: + create: + - logs:PutDeliveryDestination + - logs:GetDeliveryDestination + - logs:ListTagsForResource + - logs:TagResource + - logs:UntagResource + - logs:PutDeliveryDestinationPolicy + - logs:GetDeliveryDestinationPolicy + read: + - logs:GetDeliveryDestination + - logs:ListTagsForResource + - logs:GetDeliveryDestinationPolicy + update: + - logs:PutDeliveryDestination + - logs:GetDeliveryDestination + - logs:ListTagsForResource + - logs:TagResource + - logs:UntagResource + - logs:DeleteDeliveryDestinationPolicy + - logs:PutDeliveryDestinationPolicy + - logs:GetDeliveryDestinationPolicy + delete: + - logs:DeleteDeliveryDestination + - logs:DeleteDeliveryDestinationPolicy + list: + - logs:DescribeDeliveryDestinations + - logs:GetDeliveryDestinationPolicy + DeliverySource: + type: object + properties: + Name: + description: The unique name of the Log source. + type: string + pattern: '[\w-]*$' + minLength: 1 + maxLength: 60 + Arn: + description: The Amazon Resource Name (ARN) that uniquely identifies this delivery source. + $ref: '#/components/schemas/Arn' + ResourceArns: + description: This array contains the ARN of the AWS resource that sends logs and is represented by this delivery source. Currently, only one ARN can be in the array. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Arn' + ResourceArn: + description: The ARN of the resource that will be sending the logs. + $ref: '#/components/schemas/Arn' + Service: + description: The AWS service that is sending logs. + type: string + pattern: '[\w-]*$' + minLength: 1 + maxLength: 255 + LogType: + description: The type of logs being delivered. Only mandatory when the resourceArn could match more than one. In such a case, the error message will contain all the possible options. + type: string + pattern: '[\w-]*$' + minLength: 1 + maxLength: 255 + Tags: + description: The tags that have been assigned to this delivery source. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + x-stackql-resource-name: delivery_source + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Service + - ResourceArns + - Arn + x-required-permissions: + create: + - logs:PutDeliverySource + - logs:GetDeliverySource + - logs:ListTagsForResource + - logs:TagResource + - logs:AllowVendedLogDeliveryForResource + - codewhisperer:AllowVendedLogDeliveryForResource + - autoloop:AllowVendedLogDeliveryForResource + - workmail:AllowVendedLogDeliveryForResource + read: + - logs:GetDeliverySource + - logs:ListTagsForResource + update: + - logs:PutDeliverySource + - logs:GetDeliverySource + - logs:ListTagsForResource + - logs:TagResource + - logs:UntagResource + delete: + - logs:DeleteDeliverySource + list: + - logs:DescribeDeliverySources + Destination: + type: object + properties: + Arn: + type: string + DestinationName: + description: The name of the destination resource + type: string + minLength: 1 + maxLength: 512 + pattern: ^[^:*]{1,512}$ + DestinationPolicy: + description: An IAM policy document that governs which AWS accounts can create subscription filters against this destination. + type: string + minLength: 1 + RoleArn: + description: The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource + type: string + minLength: 1 + TargetArn: + description: The ARN of the physical target where the log events are delivered (for example, a Kinesis stream) + type: string + minLength: 1 + required: + - DestinationName + - TargetArn + - RoleArn + x-stackql-resource-name: destination + x-stackql-primaryIdentifier: + - DestinationName + x-create-only-properties: + - DestinationName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - logs:PutDestination + - logs:PutDestinationPolicy + - logs:DescribeDestinations + - iam:PassRole + read: + - logs:DescribeDestinations + update: + - logs:PutDestination + - logs:PutDestinationPolicy + - logs:DescribeDestinations + - iam:PassRole + delete: + - logs:DeleteDestination + list: + - logs:DescribeDestinations + LogAnomalyDetector: + type: object + properties: + AccountId: + description: Account ID for owner of detector + type: string + KmsKeyId: + description: The Amazon Resource Name (ARN) of the CMK to use when encrypting log data. + type: string + maxLength: 256 + DetectorName: + description: Name of detector + type: string + LogGroupArnList: + description: List of Arns for the given log group + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + minLength: 20 + maxLength: 2048 + EvaluationFrequency: + description: How often log group is evaluated + type: string + enum: + - FIVE_MIN + - TEN_MIN + - FIFTEEN_MIN + - THIRTY_MIN + - ONE_HOUR + FilterPattern: + description: '' + type: string + pattern: '' + AnomalyDetectorStatus: + description: Current status of detector. + type: string + AnomalyVisibilityTime: + description: '' + type: number + CreationTimeStamp: + description: When detector was created. + type: number + LastModifiedTimeStamp: + description: When detector was lsat modified. + type: number + AnomalyDetectorArn: + description: ARN of LogAnomalyDetector + type: string + required: [] + x-stackql-resource-name: log_anomaly_detector + x-stackql-primaryIdentifier: + - AnomalyDetectorArn + x-read-only-properties: + - AnomalyDetectorArn + - CreationTimeStamp + - LastModifiedTimeStamp + - AnomalyDetectorStatus + x-required-permissions: + create: + - logs:CreateLogAnomalyDetector + read: + - logs:GetLogAnomalyDetector + update: + - logs:UpdateLogAnomalyDetector + delete: + - logs:DeleteLogAnomalyDetector + list: + - logs:ListLogAnomalyDetectors + LogGroup: + type: string + pattern: '[\.\-_/#A-Za-z0-9]+' + minLength: 1 + maxLength: 512 + LogStream: + type: object + properties: + LogGroupName: + type: string + description: The name of the log group where the log stream is created. + LogStreamName: + type: string + description: The name of the log stream. The name must be unique wihtin the log group. + required: + - LogGroupName + x-stackql-resource-name: log_stream + x-stackql-primaryIdentifier: + - LogGroupName + - LogStreamName + x-create-only-properties: + - LogGroupName + - LogStreamName + x-required-permissions: + create: + - logs:CreateLogStream + read: + - logs:DescribeLogStreams + delete: + - logs:DeleteLogStream + list: + - logs:DescribeLogStreams + Dimension: + description: the key-value pairs that further define a metric. + type: object + additionalProperties: false + properties: + Key: + type: string + description: The key of the dimension. Maximum length of 255. + minLength: 1 + maxLength: 255 + Value: + type: string + description: The value of the dimension. Maximum length of 255. + minLength: 1 + maxLength: 255 + required: + - Key + - Value + MetricTransformation: + type: object + properties: + DefaultValue: + description: The value to emit when a filter pattern does not match a log event. This value can be null. + type: number + MetricName: + description: The name of the CloudWatch metric. Metric name must be in ASCII format. + type: string + minLength: 1 + maxLength: 255 + pattern: ^((?![:*$])[\x00-\x7F]){1,255} + MetricNamespace: + x-$comment: Namespaces can be up to 256 characters long; valid characters include 0-9A-Za-z.-_/# + description: The namespace of the CloudWatch metric. + type: string + minLength: 1 + maxLength: 256 + pattern: ^[0-9a-zA-Z\.\-_\/#]{1,256} + MetricValue: + description: The value to publish to the CloudWatch metric when a filter pattern matches a log event. + type: string + pattern: .{1,100} + minLength: 1 + maxLength: 100 + Unit: + description: The unit to assign to the metric. If you omit this, the unit is set as None. + type: string + enum: + - Seconds + - Microseconds + - Milliseconds + - Bytes + - Kilobytes + - Megabytes + - Gigabytes + - Terabytes + - Bits + - Kilobits + - Megabits + - Gigabits + - Terabits + - Percent + - Count + - Bytes/Second + - Kilobytes/Second + - Megabytes/Second + - Gigabytes/Second + - Terabytes/Second + - Bits/Second + - Kilobits/Second + - Megabits/Second + - Gigabits/Second + - Terabits/Second + - Count/Second + - None + Dimensions: + description: Dimensions are the key-value pairs that further define a metric + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + maxItems: 3 + items: + $ref: '#/components/schemas/Dimension' + required: + - MetricName + - MetricNamespace + - MetricValue + additionalProperties: false + MetricFilter: + type: object + properties: + FilterName: + description: A name for the metric filter. + type: string + minLength: 1 + maxLength: 512 + pattern: ^[^:*]{1,512} + FilterPattern: + description: Pattern that Logs follows to interpret each entry in a log. + type: string + maxLength: 1024 + LogGroupName: + description: Existing log group that you want to associate with this filter. + type: string + minLength: 1 + maxLength: 512 + pattern: ^[.\-_/#A-Za-z0-9]{1,512} + MetricTransformations: + description: A collection of information that defines how metric data gets emitted. + type: array + minItems: 1 + maxItems: 1 + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricTransformation' + required: + - FilterPattern + - LogGroupName + - MetricTransformations + x-stackql-resource-name: metric_filter + x-stackql-primaryIdentifier: + - LogGroupName + - FilterName + x-create-only-properties: + - FilterName + - LogGroupName + x-required-permissions: + create: + - logs:PutMetricFilter + - logs:DescribeMetricFilters + read: + - logs:DescribeMetricFilters + update: + - logs:PutMetricFilter + - logs:DescribeMetricFilters + delete: + - logs:DeleteMetricFilter + list: + - logs:DescribeMetricFilters + QueryDefinition: + type: object + properties: + Name: + description: A name for the saved query definition + type: string + minLength: 1 + maxLength: 255 + QueryString: + description: The query string to use for this definition + type: string + minLength: 1 + maxLength: 10000 + LogGroupNames: + description: Optionally define specific log groups as part of your query definition + type: array + x-insertionOrder: false + items: + description: LogGroup name + $ref: '#/components/schemas/LogGroup' + QueryDefinitionId: + description: Unique identifier of a query definition + type: string + minLength: 0 + maxLength: 256 + required: + - Name + - QueryString + x-stackql-resource-name: query_definition + x-stackql-primaryIdentifier: + - QueryDefinitionId + x-read-only-properties: + - QueryDefinitionId + x-required-permissions: + create: + - logs:PutQueryDefinition + read: + - logs:DescribeQueryDefinitions + update: + - logs:PutQueryDefinition + delete: + - logs:DeleteQueryDefinition + list: + - logs:DescribeQueryDefinitions + ResourcePolicy: + type: object + properties: + PolicyName: + description: A name for resource policy + type: string + pattern: ^([^:*\/]+\/?)*[^:*\/]+$ + minLength: 1 + maxLength: 255 + PolicyDocument: + description: The policy document + type: string + pattern: '[\u0009\u000A\u000D\u0020-\u00FF]+' + minLength: 1 + maxLength: 5120 + required: + - PolicyName + - PolicyDocument + x-stackql-resource-name: resource_policy + x-stackql-primaryIdentifier: + - PolicyName + x-create-only-properties: + - PolicyName + x-required-permissions: + create: + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + read: + - logs:DescribeResourcePolicies + update: + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DeleteResourcePolicy + delete: + - logs:DeleteResourcePolicy + list: + - logs:DescribeResourcePolicies + SubscriptionFilter: + type: object + properties: + FilterName: + description: The name of the filter generated by resource. + type: string + DestinationArn: + description: The Amazon Resource Name (ARN) of the destination. + type: string + FilterPattern: + description: The filtering expressions that restrict what gets delivered to the destination AWS resource. + type: string + LogGroupName: + description: Existing log group that you want to associate with this filter. + type: string + RoleArn: + description: The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery. + type: string + Distribution: + description: The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis stream. + type: string + enum: + - Random + - ByLogStream + required: + - DestinationArn + - FilterPattern + - LogGroupName + x-stackql-resource-name: subscription_filter + x-stackql-primaryIdentifier: + - FilterName + - LogGroupName + x-create-only-properties: + - FilterName + - LogGroupName + x-required-permissions: + create: + - iam:PassRole + - logs:PutSubscriptionFilter + - logs:DescribeSubscriptionFilters + read: + - logs:DescribeSubscriptionFilters + update: + - iam:PassRole + - logs:PutSubscriptionFilter + - logs:DescribeSubscriptionFilters + delete: + - logs:DeleteSubscriptionFilter + list: + - logs:DescribeSubscriptionFilters + x-stackQL-resources: + account_policies: + name: account_policies + id: awscc.logs.account_policies + x-cfn-schema-name: AccountPolicy + x-type: list + x-identifiers: + - AccountId + - PolicyType + - PolicyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.PolicyType') as policy_type, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::AccountPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'PolicyType') as policy_type, + json_extract_path_text(Properties, 'PolicyName') as policy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::AccountPolicy' + AND region = 'us-east-1' + account_policy: + name: account_policy + id: awscc.logs.account_policy + x-cfn-schema-name: AccountPolicy + x-type: get + x-identifiers: + - AccountId + - PolicyType + - PolicyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.PolicyType') as policy_type, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.SelectionCriteria') as selection_criteria + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::AccountPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'PolicyType') as policy_type, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'SelectionCriteria') as selection_criteria + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::AccountPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + deliveries: + name: deliveries + id: awscc.logs.deliveries + x-cfn-schema-name: Delivery + x-type: list + x-identifiers: + - DeliveryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeliveryId') as delivery_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::Delivery' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeliveryId') as delivery_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::Delivery' + AND region = 'us-east-1' + delivery: + name: delivery + id: awscc.logs.delivery + x-cfn-schema-name: Delivery + x-type: get + x-identifiers: + - DeliveryId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeliveryId') as delivery_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DeliverySourceName') as delivery_source_name, + JSON_EXTRACT(Properties, '$.DeliveryDestinationArn') as delivery_destination_arn, + JSON_EXTRACT(Properties, '$.DeliveryDestinationType') as delivery_destination_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::Delivery' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeliveryId') as delivery_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DeliverySourceName') as delivery_source_name, + json_extract_path_text(Properties, 'DeliveryDestinationArn') as delivery_destination_arn, + json_extract_path_text(Properties, 'DeliveryDestinationType') as delivery_destination_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::Delivery' + AND data__Identifier = '' + AND region = 'us-east-1' + delivery_destinations: + name: delivery_destinations + id: awscc.logs.delivery_destinations + x-cfn-schema-name: DeliveryDestination + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::DeliveryDestination' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::DeliveryDestination' + AND region = 'us-east-1' + delivery_destination: + name: delivery_destination + id: awscc.logs.delivery_destination + x-cfn-schema-name: DeliveryDestination + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DestinationResourceArn') as destination_resource_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.DeliveryDestinationType') as delivery_destination_type, + JSON_EXTRACT(Properties, '$.DeliveryDestinationPolicy') as delivery_destination_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::DeliveryDestination' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DestinationResourceArn') as destination_resource_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'DeliveryDestinationType') as delivery_destination_type, + json_extract_path_text(Properties, 'DeliveryDestinationPolicy') as delivery_destination_policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::DeliveryDestination' + AND data__Identifier = '' + AND region = 'us-east-1' + delivery_sources: + name: delivery_sources + id: awscc.logs.delivery_sources + x-cfn-schema-name: DeliverySource + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::DeliverySource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::DeliverySource' + AND region = 'us-east-1' + delivery_source: + name: delivery_source + id: awscc.logs.delivery_source + x-cfn-schema-name: DeliverySource + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ResourceArns') as resource_arns, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.Service') as service, + JSON_EXTRACT(Properties, '$.LogType') as log_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::DeliverySource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ResourceArns') as resource_arns, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'Service') as service, + json_extract_path_text(Properties, 'LogType') as log_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::DeliverySource' + AND data__Identifier = '' + AND region = 'us-east-1' + destinations: + name: destinations + id: awscc.logs.destinations + x-cfn-schema-name: Destination + x-type: list + x-identifiers: + - DestinationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DestinationName') as destination_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::Destination' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DestinationName') as destination_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::Destination' + AND region = 'us-east-1' + destination: + name: destination + id: awscc.logs.destination + x-cfn-schema-name: Destination + x-type: get + x-identifiers: + - DestinationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DestinationName') as destination_name, + JSON_EXTRACT(Properties, '$.DestinationPolicy') as destination_policy, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.TargetArn') as target_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::Destination' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DestinationName') as destination_name, + json_extract_path_text(Properties, 'DestinationPolicy') as destination_policy, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'TargetArn') as target_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::Destination' + AND data__Identifier = '' + AND region = 'us-east-1' + log_anomaly_detectors: + name: log_anomaly_detectors + id: awscc.logs.log_anomaly_detectors + x-cfn-schema-name: LogAnomalyDetector + x-type: list + x-identifiers: + - AnomalyDetectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AnomalyDetectorArn') as anomaly_detector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::LogAnomalyDetector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AnomalyDetectorArn') as anomaly_detector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::LogAnomalyDetector' + AND region = 'us-east-1' + log_anomaly_detector: + name: log_anomaly_detector + id: awscc.logs.log_anomaly_detector + x-cfn-schema-name: LogAnomalyDetector + x-type: get + x-identifiers: + - AnomalyDetectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.DetectorName') as detector_name, + JSON_EXTRACT(Properties, '$.LogGroupArnList') as log_group_arn_list, + JSON_EXTRACT(Properties, '$.EvaluationFrequency') as evaluation_frequency, + JSON_EXTRACT(Properties, '$.FilterPattern') as filter_pattern, + JSON_EXTRACT(Properties, '$.AnomalyDetectorStatus') as anomaly_detector_status, + JSON_EXTRACT(Properties, '$.AnomalyVisibilityTime') as anomaly_visibility_time, + JSON_EXTRACT(Properties, '$.CreationTimeStamp') as creation_time_stamp, + JSON_EXTRACT(Properties, '$.LastModifiedTimeStamp') as last_modified_time_stamp, + JSON_EXTRACT(Properties, '$.AnomalyDetectorArn') as anomaly_detector_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::LogAnomalyDetector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'DetectorName') as detector_name, + json_extract_path_text(Properties, 'LogGroupArnList') as log_group_arn_list, + json_extract_path_text(Properties, 'EvaluationFrequency') as evaluation_frequency, + json_extract_path_text(Properties, 'FilterPattern') as filter_pattern, + json_extract_path_text(Properties, 'AnomalyDetectorStatus') as anomaly_detector_status, + json_extract_path_text(Properties, 'AnomalyVisibilityTime') as anomaly_visibility_time, + json_extract_path_text(Properties, 'CreationTimeStamp') as creation_time_stamp, + json_extract_path_text(Properties, 'LastModifiedTimeStamp') as last_modified_time_stamp, + json_extract_path_text(Properties, 'AnomalyDetectorArn') as anomaly_detector_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::LogAnomalyDetector' + AND data__Identifier = '' + AND region = 'us-east-1' + log_streams: + name: log_streams + id: awscc.logs.log_streams + x-cfn-schema-name: LogStream + x-type: list + x-identifiers: + - LogGroupName + - LogStreamName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LogGroupName') as log_group_name, + JSON_EXTRACT(Properties, '$.LogStreamName') as log_stream_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::LogStream' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LogGroupName') as log_group_name, + json_extract_path_text(Properties, 'LogStreamName') as log_stream_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::LogStream' + AND region = 'us-east-1' + log_stream: + name: log_stream + id: awscc.logs.log_stream + x-cfn-schema-name: LogStream + x-type: get + x-identifiers: + - LogGroupName + - LogStreamName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LogGroupName') as log_group_name, + JSON_EXTRACT(Properties, '$.LogStreamName') as log_stream_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::LogStream' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LogGroupName') as log_group_name, + json_extract_path_text(Properties, 'LogStreamName') as log_stream_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::LogStream' + AND data__Identifier = '' + AND region = 'us-east-1' + metric_filters: + name: metric_filters + id: awscc.logs.metric_filters + x-cfn-schema-name: MetricFilter + x-type: list + x-identifiers: + - LogGroupName + - FilterName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LogGroupName') as log_group_name, + JSON_EXTRACT(Properties, '$.FilterName') as filter_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::MetricFilter' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LogGroupName') as log_group_name, + json_extract_path_text(Properties, 'FilterName') as filter_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::MetricFilter' + AND region = 'us-east-1' + metric_filter: + name: metric_filter + id: awscc.logs.metric_filter + x-cfn-schema-name: MetricFilter + x-type: get + x-identifiers: + - LogGroupName + - FilterName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FilterName') as filter_name, + JSON_EXTRACT(Properties, '$.FilterPattern') as filter_pattern, + JSON_EXTRACT(Properties, '$.LogGroupName') as log_group_name, + JSON_EXTRACT(Properties, '$.MetricTransformations') as metric_transformations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::MetricFilter' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FilterName') as filter_name, + json_extract_path_text(Properties, 'FilterPattern') as filter_pattern, + json_extract_path_text(Properties, 'LogGroupName') as log_group_name, + json_extract_path_text(Properties, 'MetricTransformations') as metric_transformations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::MetricFilter' + AND data__Identifier = '' + AND region = 'us-east-1' + query_definitions: + name: query_definitions + id: awscc.logs.query_definitions + x-cfn-schema-name: QueryDefinition + x-type: list + x-identifiers: + - QueryDefinitionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.QueryDefinitionId') as query_definition_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::QueryDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'QueryDefinitionId') as query_definition_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::QueryDefinition' + AND region = 'us-east-1' + query_definition: + name: query_definition + id: awscc.logs.query_definition + x-cfn-schema-name: QueryDefinition + x-type: get + x-identifiers: + - QueryDefinitionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.QueryString') as query_string, + JSON_EXTRACT(Properties, '$.LogGroupNames') as log_group_names, + JSON_EXTRACT(Properties, '$.QueryDefinitionId') as query_definition_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::QueryDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'QueryString') as query_string, + json_extract_path_text(Properties, 'LogGroupNames') as log_group_names, + json_extract_path_text(Properties, 'QueryDefinitionId') as query_definition_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::QueryDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_policies: + name: resource_policies + id: awscc.logs.resource_policies + x-cfn-schema-name: ResourcePolicy + x-type: list + x-identifiers: + - PolicyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::ResourcePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::ResourcePolicy' + AND region = 'us-east-1' + resource_policy: + name: resource_policy + id: awscc.logs.resource_policy + x-cfn-schema-name: ResourcePolicy + x-type: get + x-identifiers: + - PolicyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + subscription_filters: + name: subscription_filters + id: awscc.logs.subscription_filters + x-cfn-schema-name: SubscriptionFilter + x-type: list + x-identifiers: + - FilterName + - LogGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FilterName') as filter_name, + JSON_EXTRACT(Properties, '$.LogGroupName') as log_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::SubscriptionFilter' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FilterName') as filter_name, + json_extract_path_text(Properties, 'LogGroupName') as log_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Logs::SubscriptionFilter' + AND region = 'us-east-1' + subscription_filter: + name: subscription_filter + id: awscc.logs.subscription_filter + x-cfn-schema-name: SubscriptionFilter + x-type: get + x-identifiers: + - FilterName + - LogGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FilterName') as filter_name, + JSON_EXTRACT(Properties, '$.DestinationArn') as destination_arn, + JSON_EXTRACT(Properties, '$.FilterPattern') as filter_pattern, + JSON_EXTRACT(Properties, '$.LogGroupName') as log_group_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Distribution') as distribution + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::SubscriptionFilter' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FilterName') as filter_name, + json_extract_path_text(Properties, 'DestinationArn') as destination_arn, + json_extract_path_text(Properties, 'FilterPattern') as filter_pattern, + json_extract_path_text(Properties, 'LogGroupName') as log_group_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Distribution') as distribution + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Logs::SubscriptionFilter' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/lookoutequipment.yaml b/providers/src/awscc/v00.00.00000/services/lookoutequipment.yaml new file mode 100644 index 00000000..0fe1ea2c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/lookoutequipment.yaml @@ -0,0 +1,262 @@ +openapi: 3.0.0 +info: + title: LookoutEquipment + version: 1.0.0 +paths: {} +components: + schemas: + Bucket: + type: string + pattern: ^[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9]$ + minLength: 3 + maxLength: 63 + Prefix: + type: string + minLength: 0 + maxLength: 1024 + S3InputConfiguration: + description: Specifies configuration information for the input data for the inference, including input data S3 location. + type: object + properties: + Bucket: + $ref: '#/components/schemas/Bucket' + Prefix: + $ref: '#/components/schemas/Prefix' + required: + - Bucket + additionalProperties: false + S3OutputConfiguration: + description: Specifies configuration information for the output results from the inference, including output S3 location. + type: object + properties: + Bucket: + $ref: '#/components/schemas/Bucket' + Prefix: + $ref: '#/components/schemas/Prefix' + required: + - Bucket + additionalProperties: false + InputNameConfiguration: + description: Specifies configuration information for the input data for the inference, including timestamp format and delimiter. + type: object + properties: + ComponentTimestampDelimiter: + description: Indicates the delimiter character used between items in the data. + type: string + pattern: ^(\-|\_|\s)?$ + minLength: 0 + maxLength: 1 + TimestampFormat: + description: The format of the timestamp, whether Epoch time, or standard, with or without hyphens (-). + type: string + pattern: ^EPOCH|yyyy-MM-dd-HH-mm-ss|yyyyMMddHHmmss$ + additionalProperties: false + Tag: + description: A tag is a key-value pair that can be added to a resource as metadata. + type: object + properties: + Key: + description: The key for the specified tag. + type: string + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + minLength: 1 + maxLength: 128 + Value: + description: The value for the specified tag. + type: string + pattern: '[\s\w+-=\.:/@]*' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + InferenceScheduler: + type: object + properties: + DataDelayOffsetInMinutes: + description: A period of time (in minutes) by which inference on the data is delayed after the data starts. + type: integer + minimum: 0 + maximum: 60 + DataInputConfiguration: + description: Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location. + type: object + properties: + InputTimeZoneOffset: + description: Indicates the difference between your time zone and Greenwich Mean Time (GMT). + type: string + pattern: ^(\+|\-)[0-9]{2}\:[0-9]{2}$ + InferenceInputNameConfiguration: + $ref: '#/components/schemas/InputNameConfiguration' + S3InputConfiguration: + $ref: '#/components/schemas/S3InputConfiguration' + required: + - S3InputConfiguration + additionalProperties: false + DataOutputConfiguration: + description: Specifies configuration information for the output results for the inference scheduler, including the S3 location for the output. + type: object + properties: + KmsKeyId: + description: The ID number for the AWS KMS key used to encrypt the inference output. + type: string + pattern: ^[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,2048}$ + minLength: 1 + maxLength: 2048 + S3OutputConfiguration: + $ref: '#/components/schemas/S3OutputConfiguration' + required: + - S3OutputConfiguration + additionalProperties: false + DataUploadFrequency: + description: How often data is uploaded to the source S3 bucket for the input data. + type: string + enum: + - PT5M + - PT10M + - PT15M + - PT30M + - PT1H + InferenceSchedulerName: + description: The name of the inference scheduler being created. + type: string + pattern: ^[0-9a-zA-Z_-]{1,200}$ + minLength: 1 + maxLength: 200 + ModelName: + description: The name of the previously trained ML model being used to create the inference scheduler. + type: string + pattern: ^[0-9a-zA-Z_-]{1,200}$ + minLength: 1 + maxLength: 200 + RoleArn: + description: The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference. + type: string + pattern: arn:aws(-[^:]+)?:iam::[0-9]{12}:role/.+ + minLength: 20 + maxLength: 2048 + ServerSideKmsKeyId: + description: Provides the identifier of the AWS KMS customer master key (CMK) used to encrypt inference scheduler data by Amazon Lookout for Equipment. + type: string + pattern: ^[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,2048}$ + minLength: 1 + maxLength: 2048 + Tags: + description: Any tags associated with the inference scheduler. + type: array + uniqueItems: true + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + InferenceSchedulerArn: + description: The Amazon Resource Name (ARN) of the inference scheduler being created. + type: string + pattern: arn:aws(-[^:]+)?:lookoutequipment:[a-zA-Z0-9\-]*:[0-9]{12}:inference-scheduler\/.+ + minLength: 1 + maxLength: 200 + required: + - DataInputConfiguration + - DataOutputConfiguration + - DataUploadFrequency + - ModelName + - RoleArn + x-stackql-resource-name: inference_scheduler + x-stackql-primaryIdentifier: + - InferenceSchedulerName + x-create-only-properties: + - InferenceSchedulerName + - ModelName + - ServerSideKmsKeyId + x-read-only-properties: + - InferenceSchedulerArn + x-required-permissions: + create: + - iam:PassRole + - lookoutequipment:CreateInferenceScheduler + - lookoutequipment:DescribeInferenceScheduler + read: + - lookoutequipment:DescribeInferenceScheduler + delete: + - lookoutequipment:DeleteInferenceScheduler + - lookoutequipment:StopInferenceScheduler + - lookoutequipment:DescribeInferenceScheduler + update: + - lookoutequipment:UpdateInferenceScheduler + - lookoutequipment:DescribeInferenceScheduler + - lookoutequipment:StopInferenceScheduler + - lookoutequipment:StartInferenceScheduler + list: + - lookoutequipment:ListInferenceSchedulers + x-stackQL-resources: + inference_schedulers: + name: inference_schedulers + id: awscc.lookoutequipment.inference_schedulers + x-cfn-schema-name: InferenceScheduler + x-type: list + x-identifiers: + - InferenceSchedulerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InferenceSchedulerName') as inference_scheduler_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutEquipment::InferenceScheduler' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InferenceSchedulerName') as inference_scheduler_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutEquipment::InferenceScheduler' + AND region = 'us-east-1' + inference_scheduler: + name: inference_scheduler + id: awscc.lookoutequipment.inference_scheduler + x-cfn-schema-name: InferenceScheduler + x-type: get + x-identifiers: + - InferenceSchedulerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DataDelayOffsetInMinutes') as data_delay_offset_in_minutes, + JSON_EXTRACT(Properties, '$.DataInputConfiguration') as data_input_configuration, + JSON_EXTRACT(Properties, '$.DataOutputConfiguration') as data_output_configuration, + JSON_EXTRACT(Properties, '$.DataUploadFrequency') as data_upload_frequency, + JSON_EXTRACT(Properties, '$.InferenceSchedulerName') as inference_scheduler_name, + JSON_EXTRACT(Properties, '$.ModelName') as model_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.ServerSideKmsKeyId') as server_side_kms_key_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.InferenceSchedulerArn') as inference_scheduler_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutEquipment::InferenceScheduler' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DataDelayOffsetInMinutes') as data_delay_offset_in_minutes, + json_extract_path_text(Properties, 'DataInputConfiguration') as data_input_configuration, + json_extract_path_text(Properties, 'DataOutputConfiguration') as data_output_configuration, + json_extract_path_text(Properties, 'DataUploadFrequency') as data_upload_frequency, + json_extract_path_text(Properties, 'InferenceSchedulerName') as inference_scheduler_name, + json_extract_path_text(Properties, 'ModelName') as model_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'ServerSideKmsKeyId') as server_side_kms_key_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'InferenceSchedulerArn') as inference_scheduler_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutEquipment::InferenceScheduler' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/lookoutmetrics.yaml b/providers/src/awscc/v00.00.00000/services/lookoutmetrics.yaml new file mode 100644 index 00000000..67d437d9 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/lookoutmetrics.yaml @@ -0,0 +1,618 @@ +openapi: 3.0.0 +info: + title: LookoutMetrics + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):.*:.*:.*:.+ + Action: + type: object + additionalProperties: false + properties: + SNSConfiguration: + $ref: '#/components/schemas/SNSConfiguration' + LambdaConfiguration: + $ref: '#/components/schemas/LambdaConfiguration' + SNSConfiguration: + description: Configuration options for an SNS alert action. + type: object + additionalProperties: false + properties: + RoleArn: + description: ARN of an IAM role that LookoutMetrics should assume to access the SNS topic. + $ref: '#/components/schemas/Arn' + SnsTopicArn: + description: ARN of an SNS topic to send alert notifications to. + $ref: '#/components/schemas/Arn' + required: + - RoleArn + - SnsTopicArn + LambdaConfiguration: + description: Configuration options for a Lambda alert action. + type: object + additionalProperties: false + properties: + RoleArn: + description: ARN of an IAM role that LookoutMetrics should assume to access the Lambda function. + $ref: '#/components/schemas/Arn' + LambdaArn: + description: ARN of a Lambda to send alert notifications to. + $ref: '#/components/schemas/Arn' + required: + - RoleArn + - LambdaArn + Alert: + type: object + properties: + AlertName: + description: The name of the alert. If not provided, a name is generated automatically. + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + Arn: + description: ARN assigned to the alert. + $ref: '#/components/schemas/Arn' + AlertDescription: + description: A description for the alert. + type: string + maxLength: 256 + pattern: .*\S.* + AnomalyDetectorArn: + description: The Amazon resource name (ARN) of the Anomaly Detector to alert. + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):.*:.*:.*:.+ + AlertSensitivityThreshold: + description: A number between 0 and 100 (inclusive) that tunes the sensitivity of the alert. + type: integer + minimum: 0 + maximum: 100 + Action: + description: The action to be taken by the alert when an anomaly is detected. + $ref: '#/components/schemas/Action' + required: + - AnomalyDetectorArn + - AlertSensitivityThreshold + - Action + x-stackql-resource-name: alert + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - AlertName + - AlertDescription + - AnomalyDetectorArn + - AlertSensitivityThreshold + - Action + x-read-only-properties: + - Arn + x-required-permissions: + create: + - lookoutmetrics:CreateAlert + - iam:PassRole + read: + - lookoutmetrics:DescribeAlert + delete: + - lookoutmetrics:DeleteAlert + list: + - lookoutmetrics:ListAlerts + ColumnName: + description: Name of a column in the data. + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + Charset: + type: string + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + CsvFormatDescriptor: + type: object + properties: + FileCompression: + type: string + enum: + - NONE + - GZIP + Charset: + $ref: '#/components/schemas/Charset' + Delimiter: + type: string + maxLength: 1 + pattern: '[^\r\n]' + HeaderList: + type: array + items: + $ref: '#/components/schemas/ColumnName' + QuoteSymbol: + type: string + maxLength: 1 + pattern: '[^\r\n]|^$' + ContainsHeader: + type: boolean + additionalProperties: false + JsonFormatDescriptor: + type: object + properties: + FileCompression: + type: string + enum: + - NONE + - GZIP + Charset: + $ref: '#/components/schemas/Charset' + additionalProperties: false + FileFormatDescriptor: + type: object + properties: + CsvFormatDescriptor: + $ref: '#/components/schemas/CsvFormatDescriptor' + JsonFormatDescriptor: + $ref: '#/components/schemas/JsonFormatDescriptor' + additionalProperties: false + S3SourceConfig: + type: object + properties: + RoleArn: + $ref: '#/components/schemas/Arn' + TemplatedPathList: + type: array + minItems: 1 + maxItems: 1 + items: + type: string + maxLength: 1024 + pattern: ^s3://[a-zA-Z0-9_\-\/ {}=]+$ + HistoricalDataPathList: + type: array + minItems: 1 + maxItems: 1 + items: + type: string + maxLength: 1024 + pattern: ^s3://[a-z0-9].+$ + FileFormatDescriptor: + $ref: '#/components/schemas/FileFormatDescriptor' + additionalProperties: false + required: + - RoleArn + - FileFormatDescriptor + AppFlowConfig: + type: object + properties: + RoleArn: + $ref: '#/components/schemas/Arn' + FlowName: + type: string + maxLength: 256 + pattern: '[a-zA-Z0-9][\w!@#.-]+' + required: + - RoleArn + - FlowName + additionalProperties: false + CloudwatchConfig: + type: object + properties: + RoleArn: + $ref: '#/components/schemas/Arn' + required: + - RoleArn + additionalProperties: false + DatabaseHost: + type: string + minLength: 1 + maxLength: 253 + pattern: .*\S.* + DatabasePort: + type: integer + minimum: 1 + maximum: 65535 + TableName: + type: string + minLength: 1 + maxLength: 100 + pattern: ^[a-zA-Z][a-zA-Z0-9_]*$ + SubnetIdList: + type: array + items: + type: string + maxLength: 255 + pattern: '[\-0-9a-zA-Z]+' + SecurityGroupIdList: + type: array + items: + type: string + minLength: 1 + maxLength: 255 + pattern: '[-0-9a-zA-Z]+' + VpcConfiguration: + type: object + properties: + SubnetIdList: + $ref: '#/components/schemas/SubnetIdList' + SecurityGroupIdList: + $ref: '#/components/schemas/SecurityGroupIdList' + required: + - SubnetIdList + - SecurityGroupIdList + additionalProperties: false + SecretManagerArn: + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):.*:.*:secret:AmazonLookoutMetrics-.+ + RDSSourceConfig: + type: object + properties: + DBInstanceIdentifier: + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z](?!.*--)(?!.*-$)[0-9a-zA-Z\-]*$ + DatabaseHost: + $ref: '#/components/schemas/DatabaseHost' + DatabasePort: + $ref: '#/components/schemas/DatabasePort' + SecretManagerArn: + $ref: '#/components/schemas/SecretManagerArn' + DatabaseName: + type: string + minLength: 1 + maxLength: 64 + pattern: '[a-zA-Z0-9_]+' + TableName: + $ref: '#/components/schemas/TableName' + RoleArn: + $ref: '#/components/schemas/Arn' + VpcConfiguration: + $ref: '#/components/schemas/VpcConfiguration' + required: + - DBInstanceIdentifier + - DatabaseHost + - DatabasePort + - SecretManagerArn + - DatabaseName + - TableName + - RoleArn + - VpcConfiguration + additionalProperties: false + RedshiftSourceConfig: + type: object + properties: + ClusterIdentifier: + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-z](?!.*--)(?!.*-$)[0-9a-z\-]*$ + DatabaseHost: + $ref: '#/components/schemas/DatabaseHost' + DatabasePort: + $ref: '#/components/schemas/DatabasePort' + SecretManagerArn: + $ref: '#/components/schemas/SecretManagerArn' + DatabaseName: + type: string + minLength: 1 + maxLength: 100 + pattern: '[a-z0-9]+' + TableName: + $ref: '#/components/schemas/TableName' + RoleArn: + $ref: '#/components/schemas/Arn' + VpcConfiguration: + $ref: '#/components/schemas/VpcConfiguration' + required: + - ClusterIdentifier + - DatabaseHost + - DatabasePort + - SecretManagerArn + - DatabaseName + - TableName + - RoleArn + - VpcConfiguration + additionalProperties: false + MetricSource: + type: object + properties: + S3SourceConfig: + $ref: '#/components/schemas/S3SourceConfig' + RDSSourceConfig: + $ref: '#/components/schemas/RDSSourceConfig' + RedshiftSourceConfig: + $ref: '#/components/schemas/RedshiftSourceConfig' + CloudwatchConfig: + $ref: '#/components/schemas/CloudwatchConfig' + AppFlowConfig: + $ref: '#/components/schemas/AppFlowConfig' + additionalProperties: false + TimestampColumn: + type: object + additionalProperties: false + properties: + ColumnName: + $ref: '#/components/schemas/ColumnName' + ColumnFormat: + description: A timestamp format for the timestamps in the dataset + type: string + maxLength: 63 + pattern: .*\S.* + Metric: + type: object + additionalProperties: false + properties: + MetricName: + $ref: '#/components/schemas/ColumnName' + AggregationFunction: + description: Operator used to aggregate metric values + type: string + enum: + - AVG + - SUM + Namespace: + type: string + minLength: 1 + maxLength: 255 + pattern: '[^:].*' + required: + - MetricName + - AggregationFunction + MetricSet: + type: object + properties: + MetricSetName: + description: The name of the MetricSet. + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + MetricSetDescription: + description: A description for the MetricSet. + type: string + maxLength: 256 + pattern: .*\S.* + MetricSource: + $ref: '#/components/schemas/MetricSource' + MetricList: + description: Metrics captured by this MetricSet. + type: array + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/Metric' + Offset: + description: Offset, in seconds, between the frequency interval and the time at which the metrics are available. + type: integer + minimum: 0 + maximum: 432000 + TimestampColumn: + $ref: '#/components/schemas/TimestampColumn' + DimensionList: + description: Dimensions for this MetricSet. + type: array + x-insertionOrder: false + minItems: 0 + items: + $ref: '#/components/schemas/ColumnName' + MetricSetFrequency: + description: A frequency period to aggregate the data + type: string + enum: + - PT5M + - PT10M + - PT1H + - P1D + Timezone: + type: string + maxLength: 60 + pattern: .*\S.* + required: + - MetricSetName + - MetricList + - MetricSource + additionalProperties: false + AnomalyDetectorFrequency: + description: Frequency of anomaly detection + type: string + enum: + - PT5M + - PT10M + - PT1H + - P1D + AnomalyDetectorConfig: + type: object + properties: + AnomalyDetectorFrequency: + description: Frequency of anomaly detection + $ref: '#/components/schemas/AnomalyDetectorFrequency' + required: + - AnomalyDetectorFrequency + additionalProperties: false + AnomalyDetector: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + AnomalyDetectorName: + description: Name for the Amazon Lookout for Metrics Anomaly Detector + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + AnomalyDetectorDescription: + description: A description for the AnomalyDetector. + type: string + maxLength: 256 + pattern: .*\S.* + AnomalyDetectorConfig: + description: Configuration options for the AnomalyDetector + $ref: '#/components/schemas/AnomalyDetectorConfig' + MetricSetList: + description: List of metric sets for anomaly detection + type: array + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/MetricSet' + KmsKeyArn: + description: KMS key used to encrypt the AnomalyDetector data + type: string + minLength: 20 + maxLength: 2048 + pattern: arn:aws.*:kms:.*:[0-9]{12}:key/.* + required: + - AnomalyDetectorConfig + - MetricSetList + x-stackql-resource-name: anomaly_detector + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - AnomalyDetectorName + - MetricSource + x-read-only-properties: + - Arn + x-required-permissions: + create: + - lookoutmetrics:CreateAnomalyDetector + - lookoutmetrics:DeleteAnomalyDetector + - lookoutmetrics:CreateMetricSet + - iam:PassRole + read: + - lookoutmetrics:DescribeAnomalyDetector + - lookoutmetrics:DescribeMetricSet + - lookoutmetrics:ListMetricSets + update: + - lookoutmetrics:UpdateAnomalyDetector + - lookoutmetrics:UpdateMetricSet + delete: + - lookoutmetrics:DescribeAnomalyDetector + - lookoutmetrics:DeleteAnomalyDetector + list: + - lookoutmetrics:ListAnomalyDetectors + x-stackQL-resources: + alerts: + name: alerts + id: awscc.lookoutmetrics.alerts + x-cfn-schema-name: Alert + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutMetrics::Alert' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutMetrics::Alert' + AND region = 'us-east-1' + alert: + name: alert + id: awscc.lookoutmetrics.alert + x-cfn-schema-name: Alert + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlertName') as alert_name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AlertDescription') as alert_description, + JSON_EXTRACT(Properties, '$.AnomalyDetectorArn') as anomaly_detector_arn, + JSON_EXTRACT(Properties, '$.AlertSensitivityThreshold') as alert_sensitivity_threshold, + JSON_EXTRACT(Properties, '$.Action') as action + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutMetrics::Alert' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlertName') as alert_name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AlertDescription') as alert_description, + json_extract_path_text(Properties, 'AnomalyDetectorArn') as anomaly_detector_arn, + json_extract_path_text(Properties, 'AlertSensitivityThreshold') as alert_sensitivity_threshold, + json_extract_path_text(Properties, 'Action') as action + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutMetrics::Alert' + AND data__Identifier = '' + AND region = 'us-east-1' + anomaly_detectors: + name: anomaly_detectors + id: awscc.lookoutmetrics.anomaly_detectors + x-cfn-schema-name: AnomalyDetector + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutMetrics::AnomalyDetector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutMetrics::AnomalyDetector' + AND region = 'us-east-1' + anomaly_detector: + name: anomaly_detector + id: awscc.lookoutmetrics.anomaly_detector + x-cfn-schema-name: AnomalyDetector + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AnomalyDetectorName') as anomaly_detector_name, + JSON_EXTRACT(Properties, '$.AnomalyDetectorDescription') as anomaly_detector_description, + JSON_EXTRACT(Properties, '$.AnomalyDetectorConfig') as anomaly_detector_config, + JSON_EXTRACT(Properties, '$.MetricSetList') as metric_set_list, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutMetrics::AnomalyDetector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AnomalyDetectorName') as anomaly_detector_name, + json_extract_path_text(Properties, 'AnomalyDetectorDescription') as anomaly_detector_description, + json_extract_path_text(Properties, 'AnomalyDetectorConfig') as anomaly_detector_config, + json_extract_path_text(Properties, 'MetricSetList') as metric_set_list, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutMetrics::AnomalyDetector' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/lookoutvision.yaml b/providers/src/awscc/v00.00.00000/services/lookoutvision.yaml new file mode 100644 index 00000000..af53c57d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/lookoutvision.yaml @@ -0,0 +1,97 @@ +openapi: 3.0.0 +info: + title: LookoutVision + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + type: string + maxLength: 1000 + ProjectName: + description: The name of the Amazon Lookout for Vision project + type: string + minLength: 1 + maxLength: 255 + pattern: '[a-zA-Z0-9][a-zA-Z0-9_\-]*' + Project: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + ProjectName: + $ref: '#/components/schemas/ProjectName' + required: + - ProjectName + x-stackql-resource-name: project + x-stackql-primaryIdentifier: + - ProjectName + x-create-only-properties: + - ProjectName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - lookoutvision:CreateProject + read: + - lookoutvision:DescribeProject + update: [] + delete: + - lookoutvision:DeleteProject + list: + - lookoutvision:ListProjects + x-stackQL-resources: + projects: + name: projects + id: awscc.lookoutvision.projects + x-cfn-schema-name: Project + x-type: list + x-identifiers: + - ProjectName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProjectName') as project_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutVision::Project' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProjectName') as project_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::LookoutVision::Project' + AND region = 'us-east-1' + project: + name: project + id: awscc.lookoutvision.project + x-cfn-schema-name: Project + x-type: get + x-identifiers: + - ProjectName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ProjectName') as project_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutVision::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ProjectName') as project_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::LookoutVision::Project' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/m2.yaml b/providers/src/awscc/v00.00.00000/services/m2.yaml new file mode 100644 index 00000000..55e626e0 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/m2.yaml @@ -0,0 +1,448 @@ +openapi: 3.0.0 +info: + title: M2 + version: 1.0.0 +paths: {} +components: + schemas: + Definition: + oneOf: + - type: object + title: S3Location + properties: + S3Location: + type: string + pattern: ^\S{1,2000}$ + required: + - S3Location + additionalProperties: false + - type: object + title: Content + properties: + Content: + type: string + maxLength: 65000 + minLength: 1 + required: + - Content + additionalProperties: false + EngineType: + type: string + description: The target platform for the environment. + enum: + - microfocus + - bluage + TagMap: + type: object + description: Defines tags associated to an environment. + maxProperties: 200 + minProperties: 0 + x-patternProperties: + ^(?!aws:).+$: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + Application: + type: object + properties: + ApplicationArn: + type: string + pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9/][A-Za-z0-9:_/+=,@.-]{0,1023}$ + ApplicationId: + type: string + pattern: ^\S{1,80}$ + Definition: + $ref: '#/components/schemas/Definition' + Description: + type: string + maxLength: 500 + minLength: 0 + EngineType: + $ref: '#/components/schemas/EngineType' + KmsKeyId: + type: string + maxLength: 2048 + description: The ID or the Amazon Resource Name (ARN) of the customer managed KMS Key used for encrypting application-related resources. + Name: + type: string + pattern: ^[A-Za-z0-9][A-Za-z0-9_\-]{1,59}$ + RoleArn: + type: string + pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]|):[0-9]{12}:[A-Za-z0-9/][A-Za-z0-9:_/+=,@.-]{0,1023}$ + Tags: + $ref: '#/components/schemas/TagMap' + required: + - Definition + - EngineType + - Name + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - ApplicationArn + x-create-only-properties: + - EngineType + - Name + - KmsKeyId + - RoleArn + x-read-only-properties: + - ApplicationArn + - ApplicationId + x-required-permissions: + create: + - m2:CreateApplication + - m2:GetApplication + - m2:ListTagsForResource + - m2:TagResource + - s3:GetObject + - s3:ListBucket + - kms:DescribeKey + - kms:CreateGrant + - iam:PassRole + read: + - m2:GetApplication + - m2:ListTagsForResource + update: + - m2:UpdateApplication + - m2:GetApplication + - m2:ListTagsForResource + - m2:TagResource + - m2:UntagResource + - s3:GetObject + - s3:ListBucket + delete: + - elasticloadbalancing:DeleteListener + - elasticloadbalancing:DeleteTargetGroup + - logs:DeleteLogDelivery + - m2:GetApplication + - m2:DeleteApplication + list: + - m2:ListApplications + EfsStorageConfiguration: + type: object + description: Defines the storage configuration for an Amazon EFS file system. + properties: + FileSystemId: + type: string + description: The file system identifier. + pattern: ^\S{1,200}$ + MountPoint: + type: string + description: The mount point for the file system. + pattern: ^\S{1,200}$ + required: + - FileSystemId + - MountPoint + additionalProperties: false + FsxStorageConfiguration: + type: object + description: Defines the storage configuration for an Amazon FSx file system. + properties: + FileSystemId: + type: string + description: The file system identifier. + pattern: ^\S{1,200}$ + MountPoint: + type: string + description: The mount point for the file system. + pattern: ^\S{1,200}$ + required: + - FileSystemId + - MountPoint + additionalProperties: false + HighAvailabilityConfig: + type: object + description: Defines the details of a high availability configuration. + properties: + DesiredCapacity: + type: integer + maximum: 100 + minimum: 1 + required: + - DesiredCapacity + additionalProperties: false + StorageConfiguration: + type: object + description: Defines the storage configuration for an environment. + oneOf: + - properties: + Efs: + $ref: '#/components/schemas/EfsStorageConfiguration' + required: + - Efs + additionalProperties: false + - properties: + Fsx: + $ref: '#/components/schemas/FsxStorageConfiguration' + required: + - Fsx + additionalProperties: false + Environment: + type: object + properties: + Description: + type: string + description: The description of the environment. + maxLength: 500 + minLength: 0 + EngineType: + $ref: '#/components/schemas/EngineType' + EngineVersion: + type: string + description: The version of the runtime engine for the environment. + pattern: ^\S{1,10}$ + EnvironmentArn: + type: string + description: The Amazon Resource Name (ARN) of the runtime environment. + pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9/][A-Za-z0-9:_/+=,@.-]{0,1023}$ + EnvironmentId: + type: string + description: The unique identifier of the environment. + pattern: ^\S{1,80}$ + HighAvailabilityConfig: + $ref: '#/components/schemas/HighAvailabilityConfig' + InstanceType: + type: string + description: The type of instance underlying the environment. + pattern: ^\S{1,20}$ + KmsKeyId: + type: string + maxLength: 2048 + description: The ID or the Amazon Resource Name (ARN) of the customer managed KMS Key used for encrypting environment-related resources. + Name: + type: string + description: The name of the environment. + pattern: ^[A-Za-z0-9][A-Za-z0-9_\-]{1,59}$ + PreferredMaintenanceWindow: + type: string + description: Configures a desired maintenance window for the environment. If you do not provide a value, a random system-generated value will be assigned. + pattern: ^\S{1,50}$ + PubliclyAccessible: + type: boolean + description: Specifies whether the environment is publicly accessible. + SecurityGroupIds: + type: array + description: The list of security groups for the VPC associated with this environment. + x-insertionOrder: false + items: + type: string + pattern: ^\S{1,50}$ + StorageConfigurations: + type: array + description: The storage configurations defined for the runtime environment. + x-insertionOrder: false + items: + $ref: '#/components/schemas/StorageConfiguration' + SubnetIds: + type: array + description: The unique identifiers of the subnets assigned to this runtime environment. + x-insertionOrder: false + items: + type: string + pattern: ^\S{1,50}$ + Tags: + description: Tags associated to this environment. + $ref: '#/components/schemas/TagMap' + required: + - EngineType + - InstanceType + - Name + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - EnvironmentArn + x-create-only-properties: + - Description + - EngineType + - KmsKeyId + - Name + - PubliclyAccessible + - SecurityGroupIds + - StorageConfigurations + - SubnetIds + x-read-only-properties: + - EnvironmentArn + - EnvironmentId + x-required-permissions: + create: + - ec2:CreateNetworkInterface + - ec2:CreateNetworkInterfacePermission + - ec2:DescribeNetworkInterfaces + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - ec2:ModifyNetworkInterfaceAttribute + - elasticfilesystem:DescribeMountTargets + - elasticloadbalancing:CreateLoadBalancer + - elasticloadbalancing:AddTags + - fsx:DescribeFileSystems + - iam:CreateServiceLinkedRole + - kms:DescribeKey + - kms:CreateGrant + - m2:CreateEnvironment + - m2:GetEnvironment + - m2:ListTagsForResource + - m2:TagResource + read: + - m2:ListTagsForResource + - m2:GetEnvironment + update: + - m2:TagResource + - m2:UntagResource + - m2:ListTagsForResource + - m2:GetEnvironment + - m2:UpdateEnvironment + delete: + - elasticloadbalancing:DeleteLoadBalancer + - m2:DeleteEnvironment + - m2:GetEnvironment + list: + - m2:ListEnvironments + x-stackQL-resources: + applications: + name: applications + id: awscc.m2.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - ApplicationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::M2::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::M2::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.m2.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - ApplicationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EngineType') as engine_type, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::M2::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EngineType') as engine_type, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::M2::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + environments: + name: environments + id: awscc.m2.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - EnvironmentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentArn') as environment_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::M2::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentArn') as environment_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::M2::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.m2.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - EnvironmentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EngineType') as engine_type, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.EnvironmentArn') as environment_arn, + JSON_EXTRACT(Properties, '$.EnvironmentId') as environment_id, + JSON_EXTRACT(Properties, '$.HighAvailabilityConfig') as high_availability_config, + JSON_EXTRACT(Properties, '$.InstanceType') as instance_type, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.PubliclyAccessible') as publicly_accessible, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.StorageConfigurations') as storage_configurations, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::M2::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EngineType') as engine_type, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'EnvironmentArn') as environment_arn, + json_extract_path_text(Properties, 'EnvironmentId') as environment_id, + json_extract_path_text(Properties, 'HighAvailabilityConfig') as high_availability_config, + json_extract_path_text(Properties, 'InstanceType') as instance_type, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'PubliclyAccessible') as publicly_accessible, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'StorageConfigurations') as storage_configurations, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::M2::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/macie.yaml b/providers/src/awscc/v00.00.00000/services/macie.yaml new file mode 100644 index 00000000..9db35944 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/macie.yaml @@ -0,0 +1,589 @@ +openapi: 3.0.0 +info: + title: Macie + version: 1.0.0 +paths: {} +components: + schemas: + Regex: + type: string + S3WordsList: + type: object + properties: + BucketName: + type: string + ObjectKey: + type: string + required: + - BucketName + - ObjectKey + additionalProperties: false + Criteria: + description: The regex or s3 object to use for the AllowList. + type: object + oneOf: + - additionalProperties: false + properties: + Regex: + type: string + description: The S3 object key for the AllowList. + required: + - Regex + - additionalProperties: false + properties: + S3WordsList: + $ref: '#/components/schemas/S3WordsList' + description: The S3 location for the AllowList. + required: + - S3WordsList + Status: + description: The status for the AllowList + type: string + enum: + - OK + - S3_OBJECT_NOT_FOUND + - S3_USER_ACCESS_DENIED + - S3_OBJECT_ACCESS_DENIED + - S3_THROTTLED + - S3_OBJECT_OVERSIZE + - S3_OBJECT_EMPTY + - UNKNOWN_ERROR + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: The tag's key. + Value: + type: string + description: The tag's value. + required: + - Value + - Key + additionalProperties: false + AllowList: + type: object + properties: + Name: + description: Name of AllowList. + type: string + Description: + description: Description of AllowList. + type: string + Criteria: + description: AllowList criteria. + $ref: '#/components/schemas/Criteria' + Id: + description: AllowList ID. + type: string + Arn: + description: AllowList ARN. + type: string + Status: + description: AllowList status. + $ref: '#/components/schemas/Status' + Tags: + description: A collection of tags associated with a resource + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Criteria + x-stackql-resource-name: allow_list + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + - Status + x-required-permissions: + create: + - macie2:CreateAllowList + - macie2:GetAllowList + - macie2:TagResource + read: + - macie2:GetAllowList + update: + - macie2:UpdateAllowList + - macie2:GetAllowList + - macie2:TagResource + - macie2:UntagResource + delete: + - macie2:DeleteAllowList + list: + - macie2:ListAllowLists + CustomDataIdentifier: + type: object + properties: + Name: + description: Name of custom data identifier. + type: string + Description: + description: Description of custom data identifier. + type: string + Regex: + description: Regular expression for custom data identifier. + type: string + MaximumMatchDistance: + description: Maximum match distance. + type: integer + Keywords: + description: Keywords to be matched against. + type: array + items: + type: string + IgnoreWords: + description: Words to be ignored. + type: array + items: + type: string + Id: + description: Custom data identifier ID. + type: string + Arn: + description: Custom data identifier ARN. + type: string + Tags: + description: A collection of tags associated with a resource + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Regex + x-stackql-resource-name: custom_data_identifier + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + - Description + - Regex + - MaximumMatchDistance + - Keywords + - IgnoreWords + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - macie2:CreateCustomDataIdentifier + - macie2:GetCustomDataIdentifier + - macie2:TagResource + read: + - macie2:GetCustomDataIdentifier + delete: + - macie2:DeleteCustomDataIdentifier + list: + - macie2:ListCustomDataIdentifiers + update: + - macie2:TagResource + - macie2:UntagResource + CriterionAdditionalProperties: + type: object + properties: + gt: + type: integer + format: int64 + gte: + type: integer + format: int64 + lt: + type: integer + format: int64 + lte: + type: integer + format: int64 + eq: + type: array + items: + type: string + neq: + type: array + items: + type: string + additionalProperties: false + Criterion: + description: Map of filter criteria. + type: object + x-patternProperties: + \w: + $ref: '#/components/schemas/CriterionAdditionalProperties' + additionalProperties: false + FindingCriteria: + type: object + properties: + Criterion: + $ref: '#/components/schemas/Criterion' + additionalProperties: false + FindingFilterAction: + type: string + enum: + - ARCHIVE + - NOOP + FindingsFilterListItem: + description: Returned by ListHandler representing filter name and ID. + type: object + properties: + Id: + type: string + Name: + type: string + FindingsFilter: + type: object + properties: + Name: + description: Findings filter name + type: string + Description: + description: Findings filter description + type: string + FindingCriteria: + description: Findings filter criteria. + $ref: '#/components/schemas/FindingCriteria' + Action: + description: Findings filter action. + $ref: '#/components/schemas/FindingFilterAction' + Position: + description: Findings filter position. + type: integer + Id: + description: Findings filter ID. + type: string + Arn: + description: Findings filter ARN. + type: string + Tags: + description: A collection of tags associated with a resource + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - FindingCriteria + x-stackql-resource-name: findings_filter + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - macie2:GetFindingsFilter + - macie2:CreateFindingsFilter + - macie2:TagResource + read: + - macie2:GetFindingsFilter + update: + - macie2:GetFindingsFilter + - macie2:UpdateFindingsFilter + - macie2:TagResource + - macie2:UntagResource + delete: + - macie2:DeleteFindingsFilter + list: + - macie2:ListFindingsFilters + Session: + type: object + properties: + AwsAccountId: + description: AWS account ID of customer + type: string + Status: + description: A enumeration value that specifies the status of the Macie Session. + type: string + enum: + - ENABLED + - PAUSED + default: ENABLED + FindingPublishingFrequency: + description: A enumeration value that specifies how frequently finding updates are published. + type: string + enum: + - FIFTEEN_MINUTES + - ONE_HOUR + - SIX_HOURS + default: SIX_HOURS + ServiceRole: + description: Service role used by Macie + type: string + x-stackql-resource-name: session + x-stackql-primaryIdentifier: + - AwsAccountId + x-read-only-properties: + - AwsAccountId + - ServiceRole + x-required-permissions: + create: + - macie2:GetMacieSession + - macie2:EnableMacie + read: + - macie2:GetMacieSession + list: + - macie2:GetMacieSession + update: + - macie2:GetMacieSession + - macie2:UpdateMacieSession + delete: + - macie2:DisableMacie + x-stackQL-resources: + allow_lists: + name: allow_lists + id: awscc.macie.allow_lists + x-cfn-schema-name: AllowList + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::AllowList' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::AllowList' + AND region = 'us-east-1' + allow_list: + name: allow_list + id: awscc.macie.allow_list + x-cfn-schema-name: AllowList + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Criteria') as criteria, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::AllowList' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Criteria') as criteria, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::AllowList' + AND data__Identifier = '' + AND region = 'us-east-1' + custom_data_identifiers: + name: custom_data_identifiers + id: awscc.macie.custom_data_identifiers + x-cfn-schema-name: CustomDataIdentifier + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::CustomDataIdentifier' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::CustomDataIdentifier' + AND region = 'us-east-1' + custom_data_identifier: + name: custom_data_identifier + id: awscc.macie.custom_data_identifier + x-cfn-schema-name: CustomDataIdentifier + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Regex') as regex, + JSON_EXTRACT(Properties, '$.MaximumMatchDistance') as maximum_match_distance, + JSON_EXTRACT(Properties, '$.Keywords') as keywords, + JSON_EXTRACT(Properties, '$.IgnoreWords') as ignore_words, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::CustomDataIdentifier' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Regex') as regex, + json_extract_path_text(Properties, 'MaximumMatchDistance') as maximum_match_distance, + json_extract_path_text(Properties, 'Keywords') as keywords, + json_extract_path_text(Properties, 'IgnoreWords') as ignore_words, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::CustomDataIdentifier' + AND data__Identifier = '' + AND region = 'us-east-1' + findings_filters: + name: findings_filters + id: awscc.macie.findings_filters + x-cfn-schema-name: FindingsFilter + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::FindingsFilter' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::FindingsFilter' + AND region = 'us-east-1' + findings_filter: + name: findings_filter + id: awscc.macie.findings_filter + x-cfn-schema-name: FindingsFilter + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.FindingCriteria') as finding_criteria, + JSON_EXTRACT(Properties, '$.Action') as action, + JSON_EXTRACT(Properties, '$.Position') as position, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::FindingsFilter' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'FindingCriteria') as finding_criteria, + json_extract_path_text(Properties, 'Action') as action, + json_extract_path_text(Properties, 'Position') as position, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::FindingsFilter' + AND data__Identifier = '' + AND region = 'us-east-1' + sessions: + name: sessions + id: awscc.macie.sessions + x-cfn-schema-name: Session + x-type: list + x-identifiers: + - AwsAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::Session' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Macie::Session' + AND region = 'us-east-1' + session: + name: session + id: awscc.macie.session + x-cfn-schema-name: Session + x-type: get + x-identifiers: + - AwsAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.FindingPublishingFrequency') as finding_publishing_frequency, + JSON_EXTRACT(Properties, '$.ServiceRole') as service_role + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::Session' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'FindingPublishingFrequency') as finding_publishing_frequency, + json_extract_path_text(Properties, 'ServiceRole') as service_role + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Macie::Session' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/managedblockchain.yaml b/providers/src/awscc/v00.00.00000/services/managedblockchain.yaml new file mode 100644 index 00000000..c8f6563b --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/managedblockchain.yaml @@ -0,0 +1,172 @@ +openapi: 3.0.0 +info: + title: ManagedBlockchain + version: 1.0.0 +paths: {} +components: + schemas: + AccessorStatus: + type: string + enum: + - AVAILABLE + - PENDING_DELETION + - DELETED + AccessorType: + type: string + enum: + - BILLING_TOKEN + NetworkAccessorType: + type: string + enum: + - ETHEREUM_GOERLI + - ETHEREUM_MAINNET + - ETHEREUM_MAINNET_AND_GOERLI + - POLYGON_MAINNET + - POLYGON_MUMBAI + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 127 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 255 + required: + - Key + - Value + additionalProperties: false + Accessor: + type: object + properties: + Arn: + type: string + maxLength: 1011 + minLength: 1 + pattern: ^arn:.+:.+:.+:.+:.+$ + BillingToken: + type: string + maxLength: 42 + minLength: 42 + CreationDate: + type: string + Id: + type: string + maxLength: 32 + minLength: 1 + Status: + $ref: '#/components/schemas/AccessorStatus' + AccessorType: + $ref: '#/components/schemas/AccessorType' + NetworkType: + $ref: '#/components/schemas/NetworkAccessorType' + Tags: + type: array + maxItems: 50 + x-insertionOrder: false + uniqueItems: true + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - AccessorType + x-stackql-resource-name: accessor + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - AccessorType + - NetworkType + x-read-only-properties: + - Arn + - Id + - BillingToken + - CreationDate + - Status + x-required-permissions: + create: + - managedblockchain:CreateAccessor + - managedblockchain:TagResource + - managedblockchain:GetAccessor + read: + - managedblockchain:GetAccessor + update: + - managedblockchain:GetAccessor + - managedblockchain:CreateAccessor + - managedblockchain:TagResource + - managedblockchain:UntagResource + delete: + - managedblockchain:DeleteAccessor + list: + - managedblockchain:ListAccessors + x-stackQL-resources: + accessors: + name: accessors + id: awscc.managedblockchain.accessors + x-cfn-schema-name: Accessor + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ManagedBlockchain::Accessor' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ManagedBlockchain::Accessor' + AND region = 'us-east-1' + accessor: + name: accessor + id: awscc.managedblockchain.accessor + x-cfn-schema-name: Accessor + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.BillingToken') as billing_token, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.AccessorType') as accessor_type, + JSON_EXTRACT(Properties, '$.NetworkType') as network_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ManagedBlockchain::Accessor' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'BillingToken') as billing_token, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'AccessorType') as accessor_type, + json_extract_path_text(Properties, 'NetworkType') as network_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ManagedBlockchain::Accessor' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/mediaconnect.yaml b/providers/src/awscc/v00.00.00000/services/mediaconnect.yaml new file mode 100644 index 00000000..3b8b672a --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/mediaconnect.yaml @@ -0,0 +1,1476 @@ +openapi: 3.0.0 +info: + title: MediaConnect + version: 1.0.0 +paths: {} +components: + schemas: + FailoverConfig: + type: object + description: The settings for source failover + properties: + State: + type: string + enum: + - ENABLED + - DISABLED + RecoveryWindow: + type: integer + description: Search window time to look for dash-7 packets + FailoverMode: + type: string + description: The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. + enum: + - MERGE + - FAILOVER + SourcePriority: + type: object + description: The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. + properties: + PrimarySource: + type: string + description: The name of the source you choose as the primary source for this flow. + required: + - PrimarySource + additionalProperties: false + additionalProperties: false + BridgeStateEnum: + type: string + enum: + - CREATING + - STANDBY + - STARTING + - DEPLOYING + - ACTIVE + - STOPPING + - DELETING + - DELETED + - START_FAILED + - START_PENDING + - UPDATING + FailoverConfigStateEnum: + type: string + enum: + - ENABLED + - DISABLED + FailoverModeEnum: + type: string + enum: + - FAILOVER + SourcePriority: + type: object + description: The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. + properties: + PrimarySource: + description: The name of the source you choose as the primary source for this flow. + type: string + additionalProperties: false + BridgeOutput: + type: object + properties: + BridgeArn: + description: The Amazon Resource Number (ARN) of the bridge. + type: string + NetworkOutput: + description: The output of the bridge. + $ref: '#/components/schemas/BridgeNetworkOutput' + Name: + type: string + description: The network output name. + required: + - BridgeArn + - Name + - NetworkOutput + x-stackql-resource-name: bridge_output + x-stackql-primaryIdentifier: + - BridgeArn + - Name + x-create-only-properties: + - BridgeArn + - Name + x-required-permissions: + create: + - mediaconnect:AddBridgeOutputs + - mediaconnect:DescribeBridge + read: + - mediaconnect:DescribeBridge + update: + - mediaconnect:DescribeBridge + - mediaconnect:UpdateBridgeOutput + delete: + - mediaconnect:RemoveBridgeOutput + BridgeNetworkOutput: + type: object + description: The output of the bridge. A network output is delivered to your premises. + properties: + Protocol: + type: string + enum: + - rtp-fec + - rtp + - udp + description: The network output protocol. + IpAddress: + type: string + description: The network output IP Address. + Port: + type: integer + description: The network output port. + NetworkName: + type: string + description: The network output's gateway network name. + Ttl: + type: integer + description: The network output TTL. + required: + - Protocol + - IpAddress + - Port + - NetworkName + - Ttl + additionalProperties: false + BridgeSource: + type: object + properties: + Name: + type: string + description: The name of the source. + BridgeArn: + description: The Amazon Resource Number (ARN) of the bridge. + type: string + FlowSource: + $ref: '#/components/schemas/BridgeFlowSource' + NetworkSource: + $ref: '#/components/schemas/BridgeNetworkSource' + required: + - Name + - BridgeArn + x-stackql-resource-name: bridge_source + x-stackql-primaryIdentifier: + - BridgeArn + - Name + x-create-only-properties: + - BridgeArn + - Name + x-required-permissions: + create: + - mediaconnect:AddBridgeSources + - mediaconnect:DescribeBridge + read: + - mediaconnect:DescribeBridge + update: + - mediaconnect:DescribeBridge + - mediaconnect:UpdateBridgeSource + delete: + - mediaconnect:RemoveBridgeSource + BridgeFlowSource: + type: object + description: The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow. + properties: + FlowArn: + description: The ARN of the cloud flow used as a source of this bridge. + type: string + FlowVpcInterfaceAttachment: + description: The name of the VPC interface attachment to use for this source. + $ref: '#/components/schemas/VpcInterfaceAttachment' + additionalProperties: false + required: + - FlowArn + VpcInterfaceAttachment: + type: object + description: The settings for attaching a VPC interface to an resource. + properties: + VpcInterfaceName: + type: string + description: The name of the VPC interface to use for this resource. + additionalProperties: false + BridgeNetworkSource: + type: object + description: The source of the bridge. A network source originates at your premises. + properties: + Protocol: + description: The network source protocol. + $ref: '#/components/schemas/ProtocolEnum' + MulticastIp: + description: The network source multicast IP. + type: string + Port: + description: The network source port. + type: integer + NetworkName: + description: The network source's gateway network name. + type: string + required: + - Protocol + - MulticastIp + - Port + - NetworkName + additionalProperties: false + ProtocolEnum: + type: string + enum: + - rtp-fec + - rtp + - udp + IngressGatewayBridge: + type: object + properties: + MaxBitrate: + description: The maximum expected bitrate of the ingress bridge. + type: integer + MaxOutputs: + description: The maximum number of outputs on the ingress bridge. + type: integer + additionalProperties: false + required: + - MaxBitrate + - MaxOutputs + EgressGatewayBridge: + type: object + properties: + MaxBitrate: + type: integer + description: The maximum expected bitrate of the egress bridge. + additionalProperties: false + required: + - MaxBitrate + Bridge: + type: object + properties: + Name: + description: The name of the bridge. + type: string + BridgeArn: + description: The Amazon Resource Number (ARN) of the bridge. + type: string + PlacementArn: + description: The placement Amazon Resource Number (ARN) of the bridge. + type: string + BridgeState: + $ref: '#/components/schemas/BridgeStateEnum' + SourceFailoverConfig: + $ref: '#/components/schemas/FailoverConfig' + Outputs: + description: The outputs on this bridge. + type: array + minItems: 0 + maxItems: 2 + items: + $ref: '#/components/schemas/BridgeOutput' + x-insertionOrder: true + Sources: + description: The sources on this bridge. + type: array + minItems: 0 + maxItems: 2 + items: + $ref: '#/components/schemas/BridgeSource' + x-insertionOrder: true + IngressGatewayBridge: + type: object + $ref: '#/components/schemas/IngressGatewayBridge' + EgressGatewayBridge: + type: object + $ref: '#/components/schemas/EgressGatewayBridge' + required: + - Name + - PlacementArn + - Sources + x-stackql-resource-name: bridge + x-stackql-primaryIdentifier: + - BridgeArn + x-read-only-properties: + - BridgeArn + - BridgeState + x-required-permissions: + create: + - mediaconnect:CreateBridge + - mediaconnect:DescribeBridge + read: + - mediaconnect:DescribeBridge + update: + - mediaconnect:DescribeBridge + - mediaconnect:UpdateBridge + delete: + - mediaconnect:DescribeBridge + - mediaconnect:DeleteBridge + list: + - mediaconnect:ListBridges + Source: + description: The settings for the source of the flow. + type: object + properties: + SourceArn: + type: string + description: The ARN of the source. + Decryption: + $ref: '#/components/schemas/Encryption' + description: The type of decryption that is used on the content ingested from this source. + Description: + type: string + description: A description for the source. This value is not used or seen outside of the current AWS Elemental MediaConnect account. + EntitlementArn: + type: string + description: The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow. + GatewayBridgeSource: + $ref: '#/components/schemas/GatewayBridgeSource' + description: The source configuration for cloud flows receiving a stream from a bridge. + IngestIp: + type: string + description: The IP address that the flow will be listening on for incoming content. + IngestPort: + type: integer + description: The port that the flow will be listening on for incoming content. + MaxBitrate: + type: integer + description: The smoothing max bitrate for RIST, RTP, and RTP-FEC streams. + MaxLatency: + type: integer + description: The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams. + default: 2000 + MinLatency: + type: integer + description: The minimum latency in milliseconds. + default: 2000 + Name: + type: string + description: The name of the source. + Protocol: + type: string + enum: + - zixi-push + - rtp-fec + - rtp + - rist + - fujitsu-qos + - srt-listener + - srt-caller + description: The protocol that is used by the source. + SenderIpAddress: + type: string + description: The IP address that the flow communicates with to initiate connection with the sender for fujitsu-qos protocol. + SenderControlPort: + type: integer + description: The port that the flow uses to send outbound requests to initiate connection with the sender for fujitsu-qos protocol. + StreamId: + type: string + description: The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams. + SourceIngestPort: + type: string + description: The port that the flow will be listening on for incoming content.(ReadOnly) + SourceListenerAddress: + type: string + description: Source IP or domain name for SRT-caller protocol. + SourceListenerPort: + type: integer + description: Source port for SRT-caller protocol. + VpcInterfaceName: + type: string + description: The name of the VPC Interface this Source is configured with. + WhitelistCidr: + type: string + description: The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. + additionalProperties: false + Encryption: + type: object + description: Information about the encryption of the flow. + properties: + Algorithm: + type: string + enum: + - aes128 + - aes192 + - aes256 + description: The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256). + ConstantInitializationVector: + type: string + description: A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption. + DeviceId: + type: string + description: The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption. + KeyType: + type: string + enum: + - speke + - static-key + - srt-password + description: The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key). + default: static-key + Region: + type: string + description: The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption. + ResourceId: + type: string + description: An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption. + RoleArn: + type: string + description: The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity). + SecretArn: + type: string + description: ' The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.' + Url: + type: string + description: The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption. + additionalProperties: false + required: + - RoleArn + GatewayBridgeSource: + type: object + description: The source configuration for cloud flows receiving a stream from a bridge. + properties: + BridgeArn: + type: string + description: The ARN of the bridge feeding this flow. + VpcInterfaceAttachment: + $ref: '#/components/schemas/VpcInterfaceAttachment' + description: The name of the VPC interface attachment to use for this bridge source. + additionalProperties: false + required: + - BridgeArn + Flow: + type: object + properties: + FlowArn: + description: The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow. + type: string + Name: + description: The name of the flow. + type: string + AvailabilityZone: + description: The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS. + type: string + FlowAvailabilityZone: + description: The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS.(ReadOnly) + type: string + Source: + description: The source of the flow. + $ref: '#/components/schemas/Source' + SourceFailoverConfig: + description: The source failover config of the flow. + $ref: '#/components/schemas/FailoverConfig' + required: + - Name + - Source + x-stackql-resource-name: flow + x-stackql-primaryIdentifier: + - FlowArn + x-create-only-properties: + - Name + - AvailabilityZone + - Source/Name + x-read-only-properties: + - FlowArn + - FlowAvailabilityZone + - Source/SourceArn + - Source/IngestIp + - Source/SourceIngestPort + x-required-permissions: + create: + - mediaconnect:CreateFlow + - iam:PassRole + read: + - mediaconnect:DescribeFlow + update: + - mediaconnect:DescribeFlow + - mediaconnect:UpdateFlow + - mediaconnect:UpdateFlowSource + delete: + - mediaconnect:DescribeFlow + - mediaconnect:DeleteFlow + list: + - mediaconnect:ListFlows + FlowEntitlement: + type: object + properties: + FlowArn: + type: string + description: The ARN of the flow. + EntitlementArn: + type: string + description: The ARN of the entitlement. + DataTransferSubscriberFeePercent: + type: integer + default: 0 + description: Percentage from 0-100 of the data transfer cost to be billed to the subscriber. + Description: + type: string + description: A description of the entitlement. + Encryption: + $ref: '#/components/schemas/Encryption' + description: The type of encryption that will be used on the output that is associated with this entitlement. + EntitlementStatus: + type: string + description: ' An indication of whether the entitlement is enabled.' + enum: + - ENABLED + - DISABLED + Name: + type: string + description: The name of the entitlement. + Subscribers: + type: array + description: The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flow using your content as the source. + items: + type: string + required: + - FlowArn + - Name + - Subscribers + - Description + x-stackql-resource-name: flow_entitlement + x-stackql-primaryIdentifier: + - EntitlementArn + x-create-only-properties: + - DataTransferSubscriberFeePercent + - Name + x-read-only-properties: + - EntitlementArn + x-required-permissions: + create: + - iam:PassRole + - mediaconnect:GrantFlowEntitlements + read: + - mediaconnect:DescribeFlow + update: + - mediaconnect:DescribeFlow + - mediaconnect:UpdateFlowEntitlement + delete: + - mediaconnect:DescribeFlow + - mediaconnect:RevokeFlowEntitlement + list: + - mediaconnect:DescribeFlow + FlowOutput: + type: object + properties: + FlowArn: + description: The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow. + type: string + OutputArn: + description: The ARN of the output. + type: string + CidrAllowList: + type: array + description: The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. + items: + type: string + Encryption: + $ref: '#/components/schemas/Encryption' + description: The type of key used for the encryption. If no keyType is provided, the service will use the default setting (static-key). + Description: + type: string + description: A description of the output. + Destination: + type: string + description: The address where you want to send the output. + MaxLatency: + type: integer + description: The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams. + MinLatency: + type: integer + description: The minimum latency in milliseconds. + Name: + type: string + description: The name of the output. This value must be unique within the current flow. + Port: + type: integer + description: The port to use when content is distributed to this output. + Protocol: + type: string + enum: + - zixi-push + - rtp-fec + - rtp + - zixi-pull + - rist + - fujitsu-qos + - srt-listener + - srt-caller + description: The protocol that is used by the source or output. + RemoteId: + type: string + description: The remote ID for the Zixi-pull stream. + SmoothingLatency: + type: integer + description: The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams. + StreamId: + type: string + description: The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams. + VpcInterfaceAttachment: + $ref: '#/components/schemas/VpcInterfaceAttachment' + description: The name of the VPC interface attachment to use for this output. + required: + - FlowArn + - Protocol + x-stackql-resource-name: flow_output + x-stackql-primaryIdentifier: + - OutputArn + x-create-only-properties: + - Name + x-read-only-properties: + - OutputArn + x-required-permissions: + create: + - iam:PassRole + - mediaconnect:AddFlowOutputs + read: + - mediaconnect:DescribeFlow + update: + - mediaconnect:DescribeFlow + - mediaconnect:UpdateFlowOutput + delete: + - mediaconnect:DescribeFlow + - mediaconnect:RemoveFlowOutput + list: + - mediaconnect:DescribeFlow + FlowSource: + type: object + properties: + FlowArn: + type: string + description: The ARN of the flow. + SourceArn: + type: string + description: The ARN of the source. + Decryption: + $ref: '#/components/schemas/Encryption' + description: The type of encryption that is used on the content ingested from this source. + Description: + type: string + description: A description for the source. This value is not used or seen outside of the current AWS Elemental MediaConnect account. + EntitlementArn: + type: string + description: The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow. + GatewayBridgeSource: + $ref: '#/components/schemas/GatewayBridgeSource' + description: The source configuration for cloud flows receiving a stream from a bridge. + IngestIp: + type: string + description: The IP address that the flow will be listening on for incoming content. + IngestPort: + type: integer + description: The port that the flow will be listening on for incoming content. + MaxBitrate: + type: integer + description: The smoothing max bitrate for RIST, RTP, and RTP-FEC streams. + MaxLatency: + type: integer + description: The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams. + default: 2000 + MinLatency: + type: integer + description: The minimum latency in milliseconds. + default: 2000 + Name: + type: string + description: The name of the source. + Protocol: + type: string + enum: + - zixi-push + - rtp-fec + - rtp + - rist + - srt-listener + - srt-caller + description: The protocol that is used by the source. + SenderIpAddress: + type: string + description: The IP address that the flow communicates with to initiate connection with the sender for fujitsu-qos protocol. + SenderControlPort: + type: integer + description: The port that the flow uses to send outbound requests to initiate connection with the sender for fujitsu-qos protocol. + StreamId: + type: string + description: The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams. + SourceIngestPort: + type: string + description: The port that the flow will be listening on for incoming content.(ReadOnly) + SourceListenerAddress: + type: string + description: Source IP or domain name for SRT-caller protocol. + SourceListenerPort: + type: integer + description: Source port for SRT-caller protocol. + VpcInterfaceName: + type: string + description: The name of the VPC Interface this Source is configured with. + WhitelistCidr: + type: string + description: The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. + required: + - Name + - Description + x-stackql-resource-name: flow_source + x-stackql-primaryIdentifier: + - SourceArn + x-create-only-properties: + - Name + x-read-only-properties: + - IngestIp + - SourceArn + - SourceIngestPort + x-required-permissions: + create: + - mediaconnect:CreateFlow + - mediaconnect:DescribeFlow + - mediaconnect:AddFlowSources + - iam:PassRole + read: + - mediaconnect:DescribeFlow + update: + - mediaconnect:DescribeFlow + - mediaconnect:UpdateFlowSource + delete: + - mediaconnect:DescribeFlow + - mediaconnect:RemoveFlowSource + list: + - mediaconnect:DescribeFlow + FlowVpcInterface: + type: object + properties: + FlowArn: + type: string + description: The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow. + Name: + type: string + description: Immutable and has to be a unique against other VpcInterfaces in this Flow. + RoleArn: + type: string + description: Role Arn MediaConnect can assumes to create ENIs in customer's account. + SecurityGroupIds: + type: array + description: Security Group IDs to be used on ENI. + items: + type: string + SubnetId: + type: string + description: Subnet must be in the AZ of the Flow + NetworkInterfaceIds: + type: array + description: IDs of the network interfaces created in customer's account by MediaConnect. + items: + type: string + required: + - FlowArn + - Name + - RoleArn + - SubnetId + - SecurityGroupIds + x-stackql-resource-name: flow_vpc_interface + x-stackql-primaryIdentifier: + - FlowArn + - Name + x-create-only-properties: + - FlowArn + - Name + x-read-only-properties: + - NetworkInterfaceIds + x-required-permissions: + create: + - iam:PassRole + - mediaconnect:DescribeFlow + - mediaconnect:AddFlowVpcInterfaces + read: + - mediaconnect:DescribeFlow + update: + - mediaconnect:DescribeFlow + - mediaconnect:AddFlowVpcInterfaces + - mediaconnect:RemoveFlowVpcInterface + delete: + - mediaconnect:DescribeFlow + - mediaconnect:RemoveFlowVpcInterface + list: + - mediaconnect:DescribeFlow + GatewayNetwork: + description: The network settings for a gateway. + type: object + properties: + Name: + type: string + description: The name of the network. This name is used to reference the network and must be unique among networks in this gateway. + CidrBlock: + type: string + description: A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. + additionalProperties: false + required: + - Name + - CidrBlock + Gateway: + type: object + properties: + Name: + description: The name of the gateway. This name can not be modified after the gateway is created. + type: string + GatewayArn: + description: The Amazon Resource Name (ARN) of the gateway. + type: string + GatewayState: + description: The current status of the gateway. + type: string + enum: + - CREATING + - ACTIVE + - UPDATING + - ERROR + - DELETING + - DELETED + EgressCidrBlocks: + description: The range of IP addresses that contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. + type: array + items: + type: string + x-insertionOrder: true + Networks: + type: array + description: The list of networks in the gateway. + minItems: 1 + maxItems: 4 + items: + $ref: '#/components/schemas/GatewayNetwork' + x-insertionOrder: true + required: + - Name + - EgressCidrBlocks + - Networks + x-stackql-resource-name: gateway + x-stackql-primaryIdentifier: + - GatewayArn + x-create-only-properties: + - Name + - EgressCidrBlocks + - Networks + - Networks/Name + - Networks/CidrBlock + x-read-only-properties: + - GatewayArn + - GatewayState + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - mediaconnect:CreateGateway + - mediaconnect:DescribeGateway + read: + - mediaconnect:DescribeGateway + delete: + - iam:CreateServiceLinkedRole + - mediaconnect:DescribeGateway + - mediaconnect:DeleteGateway + list: + - mediaconnect:ListGateways + x-stackQL-resources: + bridge_outputs: + name: bridge_outputs + id: awscc.mediaconnect.bridge_outputs + x-cfn-schema-name: BridgeOutput + x-type: list + x-identifiers: + - BridgeArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BridgeArn') as bridge_arn, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::BridgeOutput' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BridgeArn') as bridge_arn, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::BridgeOutput' + AND region = 'us-east-1' + bridge_output: + name: bridge_output + id: awscc.mediaconnect.bridge_output + x-cfn-schema-name: BridgeOutput + x-type: get + x-identifiers: + - BridgeArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BridgeArn') as bridge_arn, + JSON_EXTRACT(Properties, '$.NetworkOutput') as network_output, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::BridgeOutput' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BridgeArn') as bridge_arn, + json_extract_path_text(Properties, 'NetworkOutput') as network_output, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::BridgeOutput' + AND data__Identifier = '' + AND region = 'us-east-1' + bridge_sources: + name: bridge_sources + id: awscc.mediaconnect.bridge_sources + x-cfn-schema-name: BridgeSource + x-type: list + x-identifiers: + - BridgeArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BridgeArn') as bridge_arn, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::BridgeSource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BridgeArn') as bridge_arn, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::BridgeSource' + AND region = 'us-east-1' + bridge_source: + name: bridge_source + id: awscc.mediaconnect.bridge_source + x-cfn-schema-name: BridgeSource + x-type: get + x-identifiers: + - BridgeArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.BridgeArn') as bridge_arn, + JSON_EXTRACT(Properties, '$.FlowSource') as flow_source, + JSON_EXTRACT(Properties, '$.NetworkSource') as network_source + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::BridgeSource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'BridgeArn') as bridge_arn, + json_extract_path_text(Properties, 'FlowSource') as flow_source, + json_extract_path_text(Properties, 'NetworkSource') as network_source + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::BridgeSource' + AND data__Identifier = '' + AND region = 'us-east-1' + bridges: + name: bridges + id: awscc.mediaconnect.bridges + x-cfn-schema-name: Bridge + x-type: list + x-identifiers: + - BridgeArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BridgeArn') as bridge_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::Bridge' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BridgeArn') as bridge_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::Bridge' + AND region = 'us-east-1' + bridge: + name: bridge + id: awscc.mediaconnect.bridge + x-cfn-schema-name: Bridge + x-type: get + x-identifiers: + - BridgeArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.BridgeArn') as bridge_arn, + JSON_EXTRACT(Properties, '$.PlacementArn') as placement_arn, + JSON_EXTRACT(Properties, '$.BridgeState') as bridge_state, + JSON_EXTRACT(Properties, '$.SourceFailoverConfig') as source_failover_config, + JSON_EXTRACT(Properties, '$.Outputs') as outputs, + JSON_EXTRACT(Properties, '$.Sources') as sources, + JSON_EXTRACT(Properties, '$.IngressGatewayBridge') as ingress_gateway_bridge, + JSON_EXTRACT(Properties, '$.EgressGatewayBridge') as egress_gateway_bridge + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::Bridge' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'BridgeArn') as bridge_arn, + json_extract_path_text(Properties, 'PlacementArn') as placement_arn, + json_extract_path_text(Properties, 'BridgeState') as bridge_state, + json_extract_path_text(Properties, 'SourceFailoverConfig') as source_failover_config, + json_extract_path_text(Properties, 'Outputs') as outputs, + json_extract_path_text(Properties, 'Sources') as sources, + json_extract_path_text(Properties, 'IngressGatewayBridge') as ingress_gateway_bridge, + json_extract_path_text(Properties, 'EgressGatewayBridge') as egress_gateway_bridge + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::Bridge' + AND data__Identifier = '' + AND region = 'us-east-1' + flows: + name: flows + id: awscc.mediaconnect.flows + x-cfn-schema-name: Flow + x-type: list + x-identifiers: + - FlowArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::Flow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::Flow' + AND region = 'us-east-1' + flow: + name: flow + id: awscc.mediaconnect.flow + x-cfn-schema-name: Flow + x-type: get + x-identifiers: + - FlowArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.AvailabilityZone') as availability_zone, + JSON_EXTRACT(Properties, '$.FlowAvailabilityZone') as flow_availability_zone, + JSON_EXTRACT(Properties, '$.Source') as source, + JSON_EXTRACT(Properties, '$.SourceFailoverConfig') as source_failover_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::Flow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'AvailabilityZone') as availability_zone, + json_extract_path_text(Properties, 'FlowAvailabilityZone') as flow_availability_zone, + json_extract_path_text(Properties, 'Source') as source, + json_extract_path_text(Properties, 'SourceFailoverConfig') as source_failover_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::Flow' + AND data__Identifier = '' + AND region = 'us-east-1' + flow_entitlements: + name: flow_entitlements + id: awscc.mediaconnect.flow_entitlements + x-cfn-schema-name: FlowEntitlement + x-type: list + x-identifiers: + - EntitlementArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EntitlementArn') as entitlement_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowEntitlement' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EntitlementArn') as entitlement_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowEntitlement' + AND region = 'us-east-1' + flow_entitlement: + name: flow_entitlement + id: awscc.mediaconnect.flow_entitlement + x-cfn-schema-name: FlowEntitlement + x-type: get + x-identifiers: + - EntitlementArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn, + JSON_EXTRACT(Properties, '$.EntitlementArn') as entitlement_arn, + JSON_EXTRACT(Properties, '$.DataTransferSubscriberFeePercent') as data_transfer_subscriber_fee_percent, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Encryption') as encryption, + JSON_EXTRACT(Properties, '$.EntitlementStatus') as entitlement_status, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Subscribers') as subscribers + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowEntitlement' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn, + json_extract_path_text(Properties, 'EntitlementArn') as entitlement_arn, + json_extract_path_text(Properties, 'DataTransferSubscriberFeePercent') as data_transfer_subscriber_fee_percent, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Encryption') as encryption, + json_extract_path_text(Properties, 'EntitlementStatus') as entitlement_status, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Subscribers') as subscribers + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowEntitlement' + AND data__Identifier = '' + AND region = 'us-east-1' + flow_outputs: + name: flow_outputs + id: awscc.mediaconnect.flow_outputs + x-cfn-schema-name: FlowOutput + x-type: list + x-identifiers: + - OutputArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OutputArn') as output_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowOutput' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OutputArn') as output_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowOutput' + AND region = 'us-east-1' + flow_output: + name: flow_output + id: awscc.mediaconnect.flow_output + x-cfn-schema-name: FlowOutput + x-type: get + x-identifiers: + - OutputArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn, + JSON_EXTRACT(Properties, '$.OutputArn') as output_arn, + JSON_EXTRACT(Properties, '$.CidrAllowList') as cidr_allow_list, + JSON_EXTRACT(Properties, '$.Encryption') as encryption, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Destination') as destination, + JSON_EXTRACT(Properties, '$.MaxLatency') as max_latency, + JSON_EXTRACT(Properties, '$.MinLatency') as min_latency, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.RemoteId') as remote_id, + JSON_EXTRACT(Properties, '$.SmoothingLatency') as smoothing_latency, + JSON_EXTRACT(Properties, '$.StreamId') as stream_id, + JSON_EXTRACT(Properties, '$.VpcInterfaceAttachment') as vpc_interface_attachment + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowOutput' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn, + json_extract_path_text(Properties, 'OutputArn') as output_arn, + json_extract_path_text(Properties, 'CidrAllowList') as cidr_allow_list, + json_extract_path_text(Properties, 'Encryption') as encryption, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Destination') as destination, + json_extract_path_text(Properties, 'MaxLatency') as max_latency, + json_extract_path_text(Properties, 'MinLatency') as min_latency, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'RemoteId') as remote_id, + json_extract_path_text(Properties, 'SmoothingLatency') as smoothing_latency, + json_extract_path_text(Properties, 'StreamId') as stream_id, + json_extract_path_text(Properties, 'VpcInterfaceAttachment') as vpc_interface_attachment + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowOutput' + AND data__Identifier = '' + AND region = 'us-east-1' + flow_sources: + name: flow_sources + id: awscc.mediaconnect.flow_sources + x-cfn-schema-name: FlowSource + x-type: list + x-identifiers: + - SourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SourceArn') as source_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowSource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SourceArn') as source_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowSource' + AND region = 'us-east-1' + flow_source: + name: flow_source + id: awscc.mediaconnect.flow_source + x-cfn-schema-name: FlowSource + x-type: get + x-identifiers: + - SourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn, + JSON_EXTRACT(Properties, '$.SourceArn') as source_arn, + JSON_EXTRACT(Properties, '$.Decryption') as decryption, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EntitlementArn') as entitlement_arn, + JSON_EXTRACT(Properties, '$.GatewayBridgeSource') as gateway_bridge_source, + JSON_EXTRACT(Properties, '$.IngestIp') as ingest_ip, + JSON_EXTRACT(Properties, '$.IngestPort') as ingest_port, + JSON_EXTRACT(Properties, '$.MaxBitrate') as max_bitrate, + JSON_EXTRACT(Properties, '$.MaxLatency') as max_latency, + JSON_EXTRACT(Properties, '$.MinLatency') as min_latency, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.SenderIpAddress') as sender_ip_address, + JSON_EXTRACT(Properties, '$.SenderControlPort') as sender_control_port, + JSON_EXTRACT(Properties, '$.StreamId') as stream_id, + JSON_EXTRACT(Properties, '$.SourceIngestPort') as source_ingest_port, + JSON_EXTRACT(Properties, '$.SourceListenerAddress') as source_listener_address, + JSON_EXTRACT(Properties, '$.SourceListenerPort') as source_listener_port, + JSON_EXTRACT(Properties, '$.VpcInterfaceName') as vpc_interface_name, + JSON_EXTRACT(Properties, '$.WhitelistCidr') as whitelist_cidr + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowSource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn, + json_extract_path_text(Properties, 'SourceArn') as source_arn, + json_extract_path_text(Properties, 'Decryption') as decryption, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EntitlementArn') as entitlement_arn, + json_extract_path_text(Properties, 'GatewayBridgeSource') as gateway_bridge_source, + json_extract_path_text(Properties, 'IngestIp') as ingest_ip, + json_extract_path_text(Properties, 'IngestPort') as ingest_port, + json_extract_path_text(Properties, 'MaxBitrate') as max_bitrate, + json_extract_path_text(Properties, 'MaxLatency') as max_latency, + json_extract_path_text(Properties, 'MinLatency') as min_latency, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'SenderIpAddress') as sender_ip_address, + json_extract_path_text(Properties, 'SenderControlPort') as sender_control_port, + json_extract_path_text(Properties, 'StreamId') as stream_id, + json_extract_path_text(Properties, 'SourceIngestPort') as source_ingest_port, + json_extract_path_text(Properties, 'SourceListenerAddress') as source_listener_address, + json_extract_path_text(Properties, 'SourceListenerPort') as source_listener_port, + json_extract_path_text(Properties, 'VpcInterfaceName') as vpc_interface_name, + json_extract_path_text(Properties, 'WhitelistCidr') as whitelist_cidr + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowSource' + AND data__Identifier = '' + AND region = 'us-east-1' + flow_vpc_interfaces: + name: flow_vpc_interfaces + id: awscc.mediaconnect.flow_vpc_interfaces + x-cfn-schema-name: FlowVpcInterface + x-type: list + x-identifiers: + - FlowArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowVpcInterface' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::FlowVpcInterface' + AND region = 'us-east-1' + flow_vpc_interface: + name: flow_vpc_interface + id: awscc.mediaconnect.flow_vpc_interface + x-cfn-schema-name: FlowVpcInterface + x-type: get + x-identifiers: + - FlowArn + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FlowArn') as flow_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetId') as subnet_id, + JSON_EXTRACT(Properties, '$.NetworkInterfaceIds') as network_interface_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowVpcInterface' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FlowArn') as flow_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SubnetId') as subnet_id, + json_extract_path_text(Properties, 'NetworkInterfaceIds') as network_interface_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::FlowVpcInterface' + AND data__Identifier = '' + AND region = 'us-east-1' + gateways: + name: gateways + id: awscc.mediaconnect.gateways + x-cfn-schema-name: Gateway + x-type: list + x-identifiers: + - GatewayArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GatewayArn') as gateway_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::Gateway' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GatewayArn') as gateway_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaConnect::Gateway' + AND region = 'us-east-1' + gateway: + name: gateway + id: awscc.mediaconnect.gateway + x-cfn-schema-name: Gateway + x-type: get + x-identifiers: + - GatewayArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.GatewayArn') as gateway_arn, + JSON_EXTRACT(Properties, '$.GatewayState') as gateway_state, + JSON_EXTRACT(Properties, '$.EgressCidrBlocks') as egress_cidr_blocks, + JSON_EXTRACT(Properties, '$.Networks') as networks + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::Gateway' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'GatewayArn') as gateway_arn, + json_extract_path_text(Properties, 'GatewayState') as gateway_state, + json_extract_path_text(Properties, 'EgressCidrBlocks') as egress_cidr_blocks, + json_extract_path_text(Properties, 'Networks') as networks + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaConnect::Gateway' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/medialive.yaml b/providers/src/awscc/v00.00.00000/services/medialive.yaml new file mode 100644 index 00000000..adb048a1 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/medialive.yaml @@ -0,0 +1,478 @@ +openapi: 3.0.0 +info: + title: MediaLive + version: 1.0.0 +paths: {} +components: + schemas: + MultiplexOutputDestination: + description: Multiplex MediaConnect output destination settings. + type: object + properties: + MultiplexMediaConnectOutputDestinationSettings: + description: Multiplex MediaConnect output destination settings. + properties: + EntitlementArn: + type: string + description: The MediaConnect entitlement ARN available as a Flow source. + minLength: 1 + additionalProperties: false + additionalProperties: false + MultiplexSettings: + type: object + description: A key-value pair to associate with a resource. + properties: + MaximumVideoBufferDelayMilliseconds: + type: integer + description: Maximum video buffer delay in milliseconds. + minimum: 800 + maximum: 3000 + TransportStreamBitrate: + type: integer + description: Transport stream bit rate. + minimum: 1000000 + maximum: 100000000 + TransportStreamId: + type: integer + description: Transport stream ID. + minimum: 0 + maximum: 65535 + TransportStreamReservedBitrate: + type: integer + description: Transport stream reserved bit rate. + minimum: 0 + maximum: 100000000 + required: + - TransportStreamBitrate + - TransportStreamId + additionalProperties: false + Tags: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + Value: + type: string + additionalProperties: false + Multiplex: + type: object + properties: + Arn: + type: string + description: The unique arn of the multiplex. + AvailabilityZones: + description: A list of availability zones for the multiplex. + type: array + x-insertionOrder: false + items: + type: string + Destinations: + description: A list of the multiplex output destinations. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/MultiplexOutputDestination' + Id: + type: string + description: The unique id of the multiplex. + MultiplexSettings: + $ref: '#/components/schemas/MultiplexSettings' + description: Configuration for a multiplex event. + Name: + type: string + description: Name of multiplex. + PipelinesRunningCount: + type: integer + description: The number of currently healthy pipelines. + ProgramCount: + type: integer + description: The number of programs in the multiplex. + State: + type: string + enum: + - CREATING + - CREATE_FAILED + - IDLE + - STARTING + - RUNNING + - RECOVERING + - STOPPING + - DELETING + - DELETED + Tags: + description: A collection of key-value pairs. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tags' + required: + - AvailabilityZones + - MultiplexSettings + - Name + x-stackql-resource-name: multiplex + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - AvailabilityZones + x-read-only-properties: + - Arn + - Id + - PipelinesRunningCount + - ProgramCount + - State + x-required-permissions: + create: + - medialive:CreateMultiplex + - medialive:DescribeMultiplex + - medialive:CreateTags + read: + - medialive:DescribeMultiplex + update: + - medialive:UpdateMultiplex + - medialive:DescribeMultiplex + - medialive:CreateTags + - medialive:DeleteTags + delete: + - medialive:DeleteMultiplex + - medialive:DescribeMultiplex + list: + - medialive:ListMultiplexes + MultiplexProgramSettings: + description: Multiplex Program settings configuration. + type: object + properties: + PreferredChannelPipeline: + type: string + $ref: '#/components/schemas/PreferredChannelPipeline' + ProgramNumber: + type: integer + description: Unique program number. + minimum: 0 + maximum: 65535 + ServiceDescriptor: + $ref: '#/components/schemas/MultiplexProgramServiceDescriptor' + description: Transport stream service descriptor configuration for the Multiplex program. + VideoSettings: + $ref: '#/components/schemas/MultiplexVideoSettings' + description: Program video settings configuration. + required: + - ProgramNumber + additionalProperties: false + PreferredChannelPipeline: + type: string + description: | + Indicates which pipeline is preferred by the multiplex for program ingest. + If set to \"PIPELINE_0\" or \"PIPELINE_1\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline, + it will switch back once that ingest is healthy again. If set to \"CURRENTLY_ACTIVE\", + it will not switch back to the other pipeline based on it recovering to a healthy state, + it will only switch if the active pipeline becomes unhealthy. + enum: + - CURRENTLY_ACTIVE + - PIPELINE_0 + - PIPELINE_1 + MultiplexProgramServiceDescriptor: + description: Transport stream service descriptor configuration for the Multiplex program. + type: object + properties: + ProviderName: + type: string + description: Name of the provider. + minLength: 1 + maxLength: 256 + ServiceName: + type: string + description: Name of the service. + minLength: 1 + maxLength: 256 + required: + - ProviderName + - ServiceName + additionalProperties: false + MultiplexVideoSettings: + description: The video configuration for each program in a multiplex. + type: object + oneOf: + - type: object + properties: + ConstantBitrate: + type: integer + description: |- + The constant bitrate configuration for the video encode. + When this field is defined, StatmuxSettings must be undefined. + minimum: 100000 + maximum: 100000000 + required: + - ConstantBitrate + additionalProperties: false + - type: object + properties: + StatmuxSettings: + description: |- + Statmux rate control settings. + When this field is defined, ConstantBitrate must be undefined. + $ref: '#/components/schemas/MultiplexStatmuxVideoSettings' + required: + - StatmuxSettings + additionalProperties: false + MultiplexStatmuxVideoSettings: + description: Statmux rate control settings + type: object + properties: + MaximumBitrate: + type: integer + description: Maximum statmux bitrate. + minimum: 100000 + maximum: 100000000 + MinimumBitrate: + type: integer + description: Minimum statmux bitrate. + minimum: 100000 + maximum: 100000000 + Priority: + type: integer + description: The purpose of the priority is to use a combination of the\nmultiplex rate control algorithm and the QVBR capability of the\nencoder to prioritize the video quality of some channels in a\nmultiplex over others. Channels that have a higher priority will\nget higher video quality at the expense of the video quality of\nother channels in the multiplex with lower priority. + minimum: -5 + maximum: 5 + additionalProperties: false + MultiplexProgramPacketIdentifiersMap: + description: Packet identifiers map for a given Multiplex program. + type: object + properties: + AudioPids: + type: array + items: + type: integer + x-insertionOrder: true + DvbSubPids: + type: array + items: + type: integer + x-insertionOrder: true + DvbTeletextPid: + type: integer + EtvPlatformPid: + type: integer + EtvSignalPid: + type: integer + KlvDataPids: + type: array + items: + type: integer + x-insertionOrder: true + PcrPid: + type: integer + PmtPid: + type: integer + PrivateMetadataPid: + type: integer + Scte27Pids: + type: array + items: + type: integer + x-insertionOrder: true + Scte35Pid: + type: integer + TimedMetadataPid: + type: integer + VideoPid: + type: integer + additionalProperties: false + MultiplexProgramPipelineDetail: + description: The current source for one of the pipelines in the multiplex. + type: object + properties: + ActiveChannelPipeline: + type: string + description: Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex. + PipelineId: + type: string + description: Identifies a specific pipeline in the multiplex. + additionalProperties: false + Multiplexprogram: + type: object + properties: + ChannelId: + type: string + description: The MediaLive channel associated with the program. + MultiplexId: + type: string + description: The ID of the multiplex that the program belongs to. + MultiplexProgramSettings: + description: The settings for this multiplex program. + $ref: '#/components/schemas/MultiplexProgramSettings' + PreferredChannelPipeline: + description: The settings for this multiplex program. + $ref: '#/components/schemas/PreferredChannelPipeline' + PacketIdentifiersMap: + $ref: '#/components/schemas/MultiplexProgramPacketIdentifiersMap' + description: The packet identifier map for this multiplex program. + PipelineDetails: + description: Contains information about the current sources for the specified program in the specified multiplex. Keep in mind that each multiplex pipeline connects to both pipelines in a given source channel (the channel identified by the program). But only one of those channel pipelines is ever active at one time. + type: array + items: + $ref: '#/components/schemas/MultiplexProgramPipelineDetail' + x-insertionOrder: true + ProgramName: + type: string + description: The name of the multiplex program. + x-stackql-resource-name: multiplexprogram + x-stackql-primaryIdentifier: + - ProgramName + - MultiplexId + x-create-only-properties: + - ProgramName + - MultiplexId + x-required-permissions: + create: + - medialive:CreateMultiplexProgram + - medialive:DescribeMultiplexProgram + read: + - medialive:DescribeMultiplexProgram + update: + - medialive:UpdateMultiplexProgram + - medialive:DescribeMultiplexProgram + delete: + - medialive:DeleteMultiplexProgram + - medialive:DescribeMultiplexProgram + list: + - medialive:ListMultiplexPrograms + x-stackQL-resources: + multiplexes: + name: multiplexes + id: awscc.medialive.multiplexes + x-cfn-schema-name: Multiplex + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaLive::Multiplex' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaLive::Multiplex' + AND region = 'us-east-1' + multiplex: + name: multiplex + id: awscc.medialive.multiplex + x-cfn-schema-name: Multiplex + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AvailabilityZones') as availability_zones, + JSON_EXTRACT(Properties, '$.Destinations') as destinations, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.MultiplexSettings') as multiplex_settings, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PipelinesRunningCount') as pipelines_running_count, + JSON_EXTRACT(Properties, '$.ProgramCount') as program_count, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaLive::Multiplex' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AvailabilityZones') as availability_zones, + json_extract_path_text(Properties, 'Destinations') as destinations, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'MultiplexSettings') as multiplex_settings, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PipelinesRunningCount') as pipelines_running_count, + json_extract_path_text(Properties, 'ProgramCount') as program_count, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaLive::Multiplex' + AND data__Identifier = '' + AND region = 'us-east-1' + multiplexprograms: + name: multiplexprograms + id: awscc.medialive.multiplexprograms + x-cfn-schema-name: Multiplexprogram + x-type: list + x-identifiers: + - ProgramName + - MultiplexId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProgramName') as program_name, + JSON_EXTRACT(Properties, '$.MultiplexId') as multiplex_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaLive::Multiplexprogram' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProgramName') as program_name, + json_extract_path_text(Properties, 'MultiplexId') as multiplex_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaLive::Multiplexprogram' + AND region = 'us-east-1' + multiplexprogram: + name: multiplexprogram + id: awscc.medialive.multiplexprogram + x-cfn-schema-name: Multiplexprogram + x-type: get + x-identifiers: + - ProgramName + - MultiplexId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelId') as channel_id, + JSON_EXTRACT(Properties, '$.MultiplexId') as multiplex_id, + JSON_EXTRACT(Properties, '$.MultiplexProgramSettings') as multiplex_program_settings, + JSON_EXTRACT(Properties, '$.PreferredChannelPipeline') as preferred_channel_pipeline, + JSON_EXTRACT(Properties, '$.PacketIdentifiersMap') as packet_identifiers_map, + JSON_EXTRACT(Properties, '$.PipelineDetails') as pipeline_details, + JSON_EXTRACT(Properties, '$.ProgramName') as program_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaLive::Multiplexprogram' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelId') as channel_id, + json_extract_path_text(Properties, 'MultiplexId') as multiplex_id, + json_extract_path_text(Properties, 'MultiplexProgramSettings') as multiplex_program_settings, + json_extract_path_text(Properties, 'PreferredChannelPipeline') as preferred_channel_pipeline, + json_extract_path_text(Properties, 'PacketIdentifiersMap') as packet_identifiers_map, + json_extract_path_text(Properties, 'PipelineDetails') as pipeline_details, + json_extract_path_text(Properties, 'ProgramName') as program_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaLive::Multiplexprogram' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/mediapackage.yaml b/providers/src/awscc/v00.00.00000/services/mediapackage.yaml new file mode 100644 index 00000000..af304272 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/mediapackage.yaml @@ -0,0 +1,1046 @@ +openapi: 3.0.0 +info: + title: MediaPackage + version: 1.0.0 +paths: {} +components: + schemas: + EgressEndpoint: + description: The endpoint URL used to access an Asset using one PackagingConfiguration. + type: object + additionalProperties: false + properties: + PackagingConfigurationId: + description: The ID of the PackagingConfiguration being applied to the Asset. + type: string + Url: + description: The URL of the parent manifest for the repackaged Asset. + type: string + required: + - PackagingConfigurationId + - Url + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + required: + - Value + - Key + Asset: + type: object + properties: + Arn: + description: The ARN of the Asset. + type: string + CreatedAt: + description: The time the Asset was initially submitted for Ingest. + type: string + EgressEndpoints: + description: The list of egress endpoints available for the Asset. + type: array + items: + $ref: '#/components/schemas/EgressEndpoint' + Id: + description: The unique identifier for the Asset. + type: string + PackagingGroupId: + description: The ID of the PackagingGroup for the Asset. + type: string + ResourceId: + description: The resource ID to include in SPEKE key requests. + type: string + SourceArn: + description: ARN of the source object in S3. + type: string + SourceRoleArn: + description: The IAM role_arn used to access the source S3 bucket. + type: string + Tags: + description: A collection of tags associated with a resource + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - Id + - PackagingGroupId + - SourceArn + - SourceRoleArn + x-stackql-resource-name: asset + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Arn + - CreatedAt + - EgressEndpoints/*/PackagingConfigurationId + - EgressEndpoints/*/Url + x-required-permissions: + create: + - mediapackage-vod:CreateAsset + - mediapackage-vod:DescribeAsset + - mediapackage-vod:TagResource + - iam:PassRole + read: + - mediapackage-vod:DescribeAsset + delete: + - mediapackage-vod:DescribeAsset + - mediapackage-vod:DeleteAsset + list: + - mediapackage-vod:ListAssets + - mediapackage-vod:DescribePackagingGroup + HlsIngest: + description: An HTTP Live Streaming (HLS) ingest resource configuration. + type: object + additionalProperties: false + properties: + ingestEndpoints: + description: A list of endpoints to which the source stream should be sent. + type: array + items: + $ref: '#/components/schemas/IngestEndpoint' + IngestEndpoint: + description: An endpoint for ingesting source content for a Channel. + type: object + additionalProperties: false + properties: + Id: + description: The system generated unique identifier for the IngestEndpoint + type: string + Username: + description: The system generated username for ingest authentication. + type: string + Password: + description: The system generated password for ingest authentication. + type: string + Url: + description: The ingest URL to which the source stream should be sent. + type: string + required: + - Id + - Username + - Password + - Url + LogConfiguration: + type: object + additionalProperties: false + properties: + LogGroupName: + description: 'Sets a custom AWS CloudWatch log group name for egress logs. If a log group name isn''t specified, the default name is used: /aws/MediaPackage/VodEgressAccessLogs.' + type: string + pattern: \A\/aws\/MediaPackage\/[0-9a-zA-Z-_\/\.#]+\Z + minLength: 1 + maxLength: 512 + Channel: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) assigned to the Channel. + type: string + Id: + description: The ID of the Channel. + type: string + pattern: \A[0-9a-zA-Z-_]+\Z + minLength: 1 + maxLength: 256 + Description: + description: A short text description of the Channel. + type: string + HlsIngest: + description: An HTTP Live Streaming (HLS) ingest resource configuration. + $ref: '#/components/schemas/HlsIngest' + Tags: + description: A collection of tags associated with a resource + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + EgressAccessLogs: + description: The configuration parameters for egress access logging. + $ref: '#/components/schemas/LogConfiguration' + IngressAccessLogs: + description: The configuration parameters for egress access logging. + $ref: '#/components/schemas/LogConfiguration' + required: + - Id + x-stackql-resource-name: channel + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Id + - Tags + x-read-only-properties: + - Arn + - HlsIngest/ingestEndpoints/*/Id + - HlsIngest/ingestEndpoints/*/Username + - HlsIngest/ingestEndpoints/*/Password + - HlsIngest/ingestEndpoints/*/Url + x-required-permissions: + create: + - mediapackage:CreateChannel + - mediapackage:DescribeChannel + - mediapackage:UpdateChannel + - mediapackage:TagResource + - mediapackage:ConfigureLogs + - iam:CreateServiceLinkedRole + read: + - mediapackage:DescribeChannel + update: + - mediapackage:UpdateChannel + - mediapackage:ConfigureLogs + - iam:CreateServiceLinkedRole + delete: + - mediapackage:DeleteChannel + list: + - mediapackage:ListChannels + MssPackage: + type: object + description: A Microsoft Smooth Streaming (MSS) PackagingConfiguration. + additionalProperties: false + properties: + Encryption: + $ref: '#/components/schemas/MssEncryption' + MssManifests: + description: A list of MSS manifest configurations. + type: array + items: + $ref: '#/components/schemas/MssManifest' + SegmentDurationSeconds: + $ref: '#/components/schemas/SegmentDurationSeconds' + required: + - MssManifests + MssEncryption: + description: A CMAF encryption configuration. + type: object + additionalProperties: false + properties: + SpekeKeyProvider: + $ref: '#/components/schemas/SpekeKeyProvider' + required: + - SpekeKeyProvider + DashPackage: + type: object + description: A Dynamic Adaptive Streaming over HTTP (DASH) packaging configuration. + additionalProperties: false + properties: + DashManifests: + description: A list of DASH manifest configurations. + type: array + items: + $ref: '#/components/schemas/DashManifest' + Encryption: + $ref: '#/components/schemas/DashEncryption' + PeriodTriggers: + description: A list of triggers that controls when the outgoing Dynamic Adaptive Streaming over HTTP (DASH) Media Presentation Description (MPD) will be partitioned into multiple periods. If empty, the content will not be partitioned into more than one period. If the list contains "ADS", new periods will be created where the Asset contains SCTE-35 ad markers. + type: array + items: + type: string + enum: + - ADS + SegmentDurationSeconds: + $ref: '#/components/schemas/SegmentDurationSeconds' + SegmentTemplateFormat: + description: Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to NUMBER_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to TIME_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to NUMBER_WITH_DURATION, only a duration is included in each SegmentTemplate, with $Number$ media URLs. + type: string + enum: + - NUMBER_WITH_TIMELINE + - TIME_WITH_TIMELINE + - NUMBER_WITH_DURATION + IncludeEncoderConfigurationInSegments: + description: When includeEncoderConfigurationInSegments is set to true, MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback. + type: boolean + IncludeIframeOnlyStream: + description: When enabled, an I-Frame only stream will be included in the output. + type: boolean + required: + - DashManifests + DashEncryption: + type: object + description: A Dynamic Adaptive Streaming over HTTP (DASH) encryption configuration. + additionalProperties: false + properties: + SpekeKeyProvider: + $ref: '#/components/schemas/SpekeKeyProvider' + required: + - SpekeKeyProvider + Authorization: + type: object + additionalProperties: false + properties: + CdnIdentifierSecret: + description: The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization. + type: string + SecretsRoleArn: + description: The Amazon Resource Name (ARN) for the IAM role that allows MediaPackage to communicate with AWS Secrets Manager. + type: string + required: + - CdnIdentifierSecret + - SecretsRoleArn + HlsPackage: + description: An HTTP Live Streaming (HLS) packaging configuration. + type: object + additionalProperties: false + properties: + Encryption: + $ref: '#/components/schemas/HlsEncryption' + HlsManifests: + description: A list of HLS manifest configurations. + type: array + items: + $ref: '#/components/schemas/HlsManifest' + IncludeDvbSubtitles: + description: When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output. + type: boolean + SegmentDurationSeconds: + $ref: '#/components/schemas/SegmentDurationSeconds' + UseAudioRenditionGroup: + description: When enabled, audio streams will be placed in rendition groups in the output. + type: boolean + required: + - HlsManifests + HlsEncryption: + description: An HTTP Live Streaming (HLS) encryption configuration. + type: object + additionalProperties: false + properties: + ConstantInitializationVector: + description: An HTTP Live Streaming (HLS) encryption configuration. + type: string + EncryptionMethod: + description: The encryption method to use. + type: string + enum: + - AES_128 + - SAMPLE_AES + SpekeKeyProvider: + $ref: '#/components/schemas/SpekeKeyProvider' + required: + - SpekeKeyProvider + CmafPackage: + description: A CMAF packaging configuration. + type: object + additionalProperties: false + properties: + Encryption: + $ref: '#/components/schemas/CmafEncryption' + HlsManifests: + description: A list of HLS manifest configurations. + type: array + items: + $ref: '#/components/schemas/HlsManifest' + SegmentDurationSeconds: + $ref: '#/components/schemas/SegmentDurationSeconds' + IncludeEncoderConfigurationInSegments: + description: When includeEncoderConfigurationInSegments is set to true, MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback. + type: boolean + required: + - HlsManifests + CmafEncryption: + type: object + description: A CMAF encryption configuration. + additionalProperties: false + properties: + SpekeKeyProvider: + $ref: '#/components/schemas/SpekeKeyProvider' + required: + - SpekeKeyProvider + HlsManifest: + description: An HTTP Live Streaming (HLS) manifest configuration. + type: object + additionalProperties: false + properties: + AdMarkers: + description: This setting controls how ad markers are included in the packaged OriginEndpoint. "NONE" will omit all SCTE-35 ad markers from the output. "PASSTHROUGH" causes the manifest to contain a copy of the SCTE-35 ad markers (comments) taken directly from the input HTTP Live Streaming (HLS) manifest. "SCTE35_ENHANCED" generates ad markers and blackout tags based on SCTE-35 messages in the input source. + type: string + enum: + - NONE + - SCTE35_ENHANCED + - PASSTHROUGH + IncludeIframeOnlyStream: + description: When enabled, an I-Frame only stream will be included in the output. + type: boolean + ManifestName: + $ref: '#/components/schemas/ManifestName' + ProgramDateTimeIntervalSeconds: + description: >- + The interval (in seconds) between each EXT-X-PROGRAM-DATE-TIME tag inserted into manifests. Additionally, when an interval is specified ID3Timed Metadata messages will be generated every 5 seconds using the ingest time of the content. If the interval is not specified, or set to 0, then no EXT-X-PROGRAM-DATE-TIME tags will be inserted into manifests and no ID3Timed Metadata messages will be generated. Note that irrespective of this parameter, if any ID3 Timed Metadata is found in HTTP + Live Streaming (HLS) input, it will be passed through to HLS output. + type: integer + RepeatExtXKey: + description: When enabled, the EXT-X-KEY tag will be repeated in output manifests. + type: boolean + StreamSelection: + $ref: '#/components/schemas/StreamSelection' + StreamSelection: + description: A StreamSelection configuration. + type: object + additionalProperties: false + properties: + MaxVideoBitsPerSecond: + description: The maximum video bitrate (bps) to include in output. + type: integer + MinVideoBitsPerSecond: + description: The minimum video bitrate (bps) to include in output. + type: integer + StreamOrder: + description: A directive that determines the order of streams in the output. + type: string + enum: + - ORIGINAL + - VIDEO_BITRATE_ASCENDING + - VIDEO_BITRATE_DESCENDING + SpekeKeyProvider: + description: A configuration for accessing an external Secure Packager and Encoder Key Exchange (SPEKE) service that will provide encryption keys. + type: object + additionalProperties: false + properties: + EncryptionContractConfiguration: + $ref: '#/components/schemas/EncryptionContractConfiguration' + RoleArn: + $ref: '#/components/schemas/RoleArn' + SystemIds: + description: The system IDs to include in key requests. + type: array + items: + type: string + Url: + description: The URL of the external key provider service. + type: string + required: + - RoleArn + - SystemIds + - Url + EncryptionContractConfiguration: + description: The configuration to use for encrypting one or more content tracks separately for endpoints that use SPEKE 2.0. + type: object + additionalProperties: false + required: + - PresetSpeke20Audio + - PresetSpeke20Video + properties: + PresetSpeke20Audio: + description: A collection of audio encryption presets. + type: string + enum: + - PRESET-AUDIO-1 + - PRESET-AUDIO-2 + - PRESET-AUDIO-3 + - SHARED + - UNENCRYPTED + PresetSpeke20Video: + description: A collection of video encryption presets. + type: string + enum: + - PRESET-VIDEO-1 + - PRESET-VIDEO-2 + - PRESET-VIDEO-3 + - PRESET-VIDEO-4 + - PRESET-VIDEO-5 + - PRESET-VIDEO-6 + - PRESET-VIDEO-7 + - PRESET-VIDEO-8 + - SHARED + - UNENCRYPTED + AdsOnDeliveryRestrictions: + description: >- + This setting allows the delivery restriction flags on SCTE-35 segmentation descriptors to determine whether a message signals an ad. Choosing "NONE" means no SCTE-35 messages become ads. Choosing "RESTRICTED" means SCTE-35 messages of the types specified in AdTriggers that contain delivery restrictions will be treated as ads. Choosing "UNRESTRICTED" means SCTE-35 messages of the types specified in AdTriggers that do not contain delivery restrictions will be treated as ads. Choosing + "BOTH" means all SCTE-35 messages of the types specified in AdTriggers will be treated as ads. Note that Splice Insert messages do not have these flags and are always treated as ads if specified in AdTriggers. + type: string + enum: + - NONE + - RESTRICTED + - UNRESTRICTED + - BOTH + OriginEndpoint: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) assigned to the OriginEndpoint. + type: string + Url: + description: The URL of the packaged OriginEndpoint for consumption. + type: string + Id: + description: The ID of the OriginEndpoint. + type: string + pattern: \A[0-9a-zA-Z-_]+\Z + minLength: 1 + maxLength: 256 + ChannelId: + description: The ID of the Channel the OriginEndpoint is associated with. + type: string + Description: + description: A short text description of the OriginEndpoint. + type: string + Whitelist: + description: A list of source IP CIDR blocks that will be allowed to access the OriginEndpoint. + type: array + items: + type: string + StartoverWindowSeconds: + description: Maximum duration (seconds) of content to retain for startover playback. If not specified, startover playback will be disabled for the OriginEndpoint. + type: integer + TimeDelaySeconds: + description: Amount of delay (seconds) to enforce on the playback of live content. If not specified, there will be no time delay in effect for the OriginEndpoint. + type: integer + ManifestName: + description: A short string appended to the end of the OriginEndpoint URL. + type: string + Origination: + description: Control whether origination of video is allowed for this OriginEndpoint. If set to ALLOW, the OriginEndpoint may by requested, pursuant to any other form of access control. If set to DENY, the OriginEndpoint may not be requested. This can be helpful for Live to VOD harvesting, or for temporarily disabling origination + type: string + enum: + - ALLOW + - DENY + Authorization: + $ref: '#/components/schemas/Authorization' + HlsPackage: + $ref: '#/components/schemas/HlsPackage' + DashPackage: + $ref: '#/components/schemas/DashPackage' + MssPackage: + $ref: '#/components/schemas/MssPackage' + CmafPackage: + $ref: '#/components/schemas/CmafPackage' + Tags: + description: A collection of tags associated with a resource + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - Id + - ChannelId + x-stackql-resource-name: origin_endpoint + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Id + x-read-only-properties: + - Arn + - Url + x-required-permissions: + create: + - mediapackage:CreateOriginEndpoint + - mediapackage:DescribeOriginEndpoint + - mediapackage:DescribeChannel + - mediapackage:TagResource + - iam:PassRole + - acm:DescribeCertificate + read: + - mediapackage:DescribeOriginEndpoint + update: + - mediapackage:UpdateOriginEndpoint + - iam:PassRole + delete: + - mediapackage:DeleteOriginEndpoint + list: + - mediapackage:ListOriginEndpoints + RoleArn: + description: An Amazon Resource Name (ARN) of an IAM role that AWS Elemental MediaPackage will assume when accessing the key provider service. + type: string + SegmentDurationSeconds: + description: Duration (in seconds) of each fragment. Actual fragments will be rounded to the nearest multiple of the source fragment duration. + type: integer + ManifestName: + description: An optional string to include in the name of the manifest. + type: string + DashManifest: + description: A DASH manifest configuration. + type: object + additionalProperties: false + properties: + ManifestLayout: + description: Determines the position of some tags in the Media Presentation Description (MPD). When set to FULL, elements like SegmentTemplate and ContentProtection are included in each Representation. When set to COMPACT, duplicate elements are combined and presented at the AdaptationSet level. + type: string + enum: + - FULL + - COMPACT + ManifestName: + $ref: '#/components/schemas/ManifestName' + MinBufferTimeSeconds: + description: Minimum duration (in seconds) that a player will buffer media before starting the presentation. + type: integer + Profile: + description: The Dynamic Adaptive Streaming over HTTP (DASH) profile type. When set to "HBBTV_1_5", HbbTV 1.5 compliant output is enabled. + type: string + enum: + - NONE + - HBBTV_1_5 + ScteMarkersSource: + description: The source of scte markers used. When set to SEGMENTS, the scte markers are sourced from the segments of the ingested content. When set to MANIFEST, the scte markers are sourced from the manifest of the ingested content. + type: string + enum: + - SEGMENTS + - MANIFEST + StreamSelection: + $ref: '#/components/schemas/StreamSelection' + MssManifest: + description: A Microsoft Smooth Streaming (MSS) manifest configuration. + type: object + additionalProperties: false + properties: + ManifestName: + $ref: '#/components/schemas/ManifestName' + StreamSelection: + $ref: '#/components/schemas/StreamSelection' + PackagingConfiguration: + type: object + properties: + Id: + description: The ID of the PackagingConfiguration. + type: string + PackagingGroupId: + description: The ID of a PackagingGroup. + type: string + Arn: + description: The ARN of the PackagingConfiguration. + type: string + CmafPackage: + description: A CMAF packaging configuration. + $ref: '#/components/schemas/CmafPackage' + DashPackage: + description: A Dynamic Adaptive Streaming over HTTP (DASH) packaging configuration. + $ref: '#/components/schemas/DashPackage' + HlsPackage: + description: An HTTP Live Streaming (HLS) packaging configuration. + $ref: '#/components/schemas/HlsPackage' + MssPackage: + description: A Microsoft Smooth Streaming (MSS) PackagingConfiguration. + $ref: '#/components/schemas/MssPackage' + Tags: + description: A collection of tags associated with a resource + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - PackagingGroupId + - Id + x-stackql-resource-name: packaging_configuration + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Id + x-read-only-properties: + - Arn + x-required-permissions: + create: + - mediapackage-vod:CreatePackagingConfiguration + - mediapackage-vod:DescribePackagingConfiguration + - mediapackage-vod:TagResource + - iam:PassRole + read: + - mediapackage-vod:DescribePackagingConfiguration + delete: + - mediapackage-vod:DescribePackagingConfiguration + - mediapackage-vod:DeletePackagingConfiguration + list: + - mediapackage-vod:ListPackagingConfigurations + - mediapackage-vod:DescribePackagingGroup + PackagingGroup: + type: object + properties: + Id: + description: The ID of the PackagingGroup. + type: string + pattern: \A[0-9a-zA-Z-_]+\Z + minLength: 1 + maxLength: 256 + Arn: + description: The ARN of the PackagingGroup. + type: string + DomainName: + description: The fully qualified domain name for Assets in the PackagingGroup. + type: string + Authorization: + description: CDN Authorization + $ref: '#/components/schemas/Authorization' + Tags: + description: A collection of tags associated with a resource + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + EgressAccessLogs: + description: The configuration parameters for egress access logging. + $ref: '#/components/schemas/LogConfiguration' + required: + - Id + x-stackql-resource-name: packaging_group + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Id + - Tags + x-read-only-properties: + - Arn + - DomainName + x-required-permissions: + create: + - mediapackage-vod:CreatePackagingGroup + - mediapackage-vod:DescribePackagingGroup + - mediapackage-vod:TagResource + - mediapackage-vod:ConfigureLogs + - iam:PassRole + - iam:CreateServiceLinkedRole + read: + - mediapackage-vod:DescribePackagingGroup + update: + - mediapackage-vod:DescribePackagingGroup + - mediapackage-vod:UpdatePackagingGroup + - mediapackage-vod:ConfigureLogs + - mediapackage-vod:TagResource + - iam:PassRole + - iam:CreateServiceLinkedRole + list: + - mediapackage-vod:ListPackagingGroups + delete: + - mediapackage-vod:DescribePackagingGroup + - mediapackage-vod:DeletePackagingGroup + x-stackQL-resources: + assets: + name: assets + id: awscc.mediapackage.assets + x-cfn-schema-name: Asset + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::Asset' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::Asset' + AND region = 'us-east-1' + asset: + name: asset + id: awscc.mediapackage.asset + x-cfn-schema-name: Asset + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.EgressEndpoints') as egress_endpoints, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.PackagingGroupId') as packaging_group_id, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.SourceArn') as source_arn, + JSON_EXTRACT(Properties, '$.SourceRoleArn') as source_role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::Asset' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'EgressEndpoints') as egress_endpoints, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'PackagingGroupId') as packaging_group_id, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'SourceArn') as source_arn, + json_extract_path_text(Properties, 'SourceRoleArn') as source_role_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::Asset' + AND data__Identifier = '' + AND region = 'us-east-1' + channels: + name: channels + id: awscc.mediapackage.channels + x-cfn-schema-name: Channel + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::Channel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::Channel' + AND region = 'us-east-1' + channel: + name: channel + id: awscc.mediapackage.channel + x-cfn-schema-name: Channel + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.HlsIngest') as hls_ingest, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.EgressAccessLogs') as egress_access_logs, + JSON_EXTRACT(Properties, '$.IngressAccessLogs') as ingress_access_logs + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'HlsIngest') as hls_ingest, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'EgressAccessLogs') as egress_access_logs, + json_extract_path_text(Properties, 'IngressAccessLogs') as ingress_access_logs + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + origin_endpoints: + name: origin_endpoints + id: awscc.mediapackage.origin_endpoints + x-cfn-schema-name: OriginEndpoint + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::OriginEndpoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::OriginEndpoint' + AND region = 'us-east-1' + origin_endpoint: + name: origin_endpoint + id: awscc.mediapackage.origin_endpoint + x-cfn-schema-name: OriginEndpoint + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Url') as url, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ChannelId') as channel_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Whitelist') as whitelist, + JSON_EXTRACT(Properties, '$.StartoverWindowSeconds') as startover_window_seconds, + JSON_EXTRACT(Properties, '$.TimeDelaySeconds') as time_delay_seconds, + JSON_EXTRACT(Properties, '$.ManifestName') as manifest_name, + JSON_EXTRACT(Properties, '$.Origination') as origination, + JSON_EXTRACT(Properties, '$.Authorization') as authorization, + JSON_EXTRACT(Properties, '$.HlsPackage') as hls_package, + JSON_EXTRACT(Properties, '$.DashPackage') as dash_package, + JSON_EXTRACT(Properties, '$.MssPackage') as mss_package, + JSON_EXTRACT(Properties, '$.CmafPackage') as cmaf_package, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::OriginEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Url') as url, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ChannelId') as channel_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Whitelist') as whitelist, + json_extract_path_text(Properties, 'StartoverWindowSeconds') as startover_window_seconds, + json_extract_path_text(Properties, 'TimeDelaySeconds') as time_delay_seconds, + json_extract_path_text(Properties, 'ManifestName') as manifest_name, + json_extract_path_text(Properties, 'Origination') as origination, + json_extract_path_text(Properties, 'Authorization') as authorization, + json_extract_path_text(Properties, 'HlsPackage') as hls_package, + json_extract_path_text(Properties, 'DashPackage') as dash_package, + json_extract_path_text(Properties, 'MssPackage') as mss_package, + json_extract_path_text(Properties, 'CmafPackage') as cmaf_package, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::OriginEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + packaging_configurations: + name: packaging_configurations + id: awscc.mediapackage.packaging_configurations + x-cfn-schema-name: PackagingConfiguration + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::PackagingConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::PackagingConfiguration' + AND region = 'us-east-1' + packaging_configuration: + name: packaging_configuration + id: awscc.mediapackage.packaging_configuration + x-cfn-schema-name: PackagingConfiguration + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.PackagingGroupId') as packaging_group_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CmafPackage') as cmaf_package, + JSON_EXTRACT(Properties, '$.DashPackage') as dash_package, + JSON_EXTRACT(Properties, '$.HlsPackage') as hls_package, + JSON_EXTRACT(Properties, '$.MssPackage') as mss_package, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::PackagingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'PackagingGroupId') as packaging_group_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CmafPackage') as cmaf_package, + json_extract_path_text(Properties, 'DashPackage') as dash_package, + json_extract_path_text(Properties, 'HlsPackage') as hls_package, + json_extract_path_text(Properties, 'MssPackage') as mss_package, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::PackagingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + packaging_groups: + name: packaging_groups + id: awscc.mediapackage.packaging_groups + x-cfn-schema-name: PackagingGroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::PackagingGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackage::PackagingGroup' + AND region = 'us-east-1' + packaging_group: + name: packaging_group + id: awscc.mediapackage.packaging_group + x-cfn-schema-name: PackagingGroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Authorization') as authorization, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.EgressAccessLogs') as egress_access_logs + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::PackagingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Authorization') as authorization, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'EgressAccessLogs') as egress_access_logs + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackage::PackagingGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/mediapackagev2.yaml b/providers/src/awscc/v00.00.00000/services/mediapackagev2.yaml new file mode 100644 index 00000000..a49cb6ba --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/mediapackagev2.yaml @@ -0,0 +1,961 @@ +openapi: 3.0.0 +info: + title: MediaPackageV2 + version: 1.0.0 +paths: {} +components: + schemas: + IngestEndpoint: + type: object + description:

The ingest domain URL where the source stream should be sent.

+ properties: + Id: + type: string + description:

The system-generated unique identifier for the IngestEndpoint.

+ Url: + type: string + description:

The ingest domain URL where the source stream should be sent.

+ additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + Value: + type: string + additionalProperties: false + Channel: + type: object + properties: + Arn: + type: string + description:

The Amazon Resource Name (ARN) associated with the resource.

+ ChannelGroupName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + ChannelName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + CreatedAt: + type: string + description:

The date and time the channel was created.

+ format: date-time + Description: + type: string + maxLength: 1024 + minLength: 0 + description:

Enter any descriptive text that helps you to identify the channel.

+ IngestEndpoints: + type: array + items: + $ref: '#/components/schemas/IngestEndpoint' + description:

The list of ingest endpoints.

+ ModifiedAt: + type: string + description:

The date and time the channel was modified.

+ format: date-time + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ChannelGroupName + - ChannelName + x-stackql-resource-name: channel + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ChannelGroupName + - ChannelName + x-read-only-properties: + - Arn + - CreatedAt + - IngestEndpoints + - ModifiedAt + x-required-permissions: + create: + - mediapackagev2:TagResource + - mediapackagev2:CreateChannel + read: + - mediapackagev2:GetChannel + update: + - mediapackagev2:TagResource + - mediapackagev2:UntagResource + - mediapackagev2:ListTagsForResource + - mediapackagev2:UpdateChannel + delete: + - mediapackagev2:GetChannel + - mediapackagev2:DeleteChannel + list: + - mediapackagev2:ListChannels + ChannelGroup: + type: object + properties: + Arn: + type: string + description:

The Amazon Resource Name (ARN) associated with the resource.

+ ChannelGroupName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + CreatedAt: + type: string + description:

The date and time the channel group was created.

+ format: date-time + Description: + type: string + maxLength: 1024 + minLength: 0 + description:

Enter any descriptive text that helps you to identify the channel group.

+ EgressDomain: + type: string + description:

The output domain where the source stream should be sent. Integrate the domain with a downstream CDN (such as Amazon CloudFront) or playback device.

+ ModifiedAt: + type: string + description:

The date and time the channel group was modified.

+ format: date-time + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ChannelGroupName + x-stackql-resource-name: channel_group + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ChannelGroupName + x-read-only-properties: + - Arn + - CreatedAt + - EgressDomain + - ModifiedAt + x-required-permissions: + create: + - mediapackagev2:TagResource + - mediapackagev2:CreateChannelGroup + read: + - mediapackagev2:GetChannelGroup + update: + - mediapackagev2:TagResource + - mediapackagev2:UntagResource + - mediapackagev2:ListTagsForResource + - mediapackagev2:UpdateChannelGroup + delete: + - mediapackagev2:GetChannelGroup + - mediapackagev2:DeleteChannelGroup + list: + - mediapackagev2:ListChannelGroups + ChannelPolicy: + type: object + properties: + ChannelGroupName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + ChannelName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + Policy: + type: object + required: + - ChannelGroupName + - ChannelName + - Policy + x-stackql-resource-name: channel_policy + x-stackql-primaryIdentifier: + - ChannelGroupName + - ChannelName + x-create-only-properties: + - ChannelGroupName + - ChannelName + x-required-permissions: + create: + - mediapackagev2:GetChannelPolicy + - mediapackagev2:PutChannelPolicy + read: + - mediapackagev2:GetChannelPolicy + update: + - mediapackagev2:GetChannelPolicy + - mediapackagev2:PutChannelPolicy + delete: + - mediapackagev2:GetChannelPolicy + - mediapackagev2:DeleteChannelPolicy + AdMarkerHls: + type: string + enum: + - DATERANGE + CmafEncryptionMethod: + type: string + enum: + - CENC + - CBCS + ContainerType: + type: string + enum: + - TS + - CMAF + DrmSystem: + type: string + enum: + - CLEAR_KEY_AES_128 + - FAIRPLAY + - PLAYREADY + - WIDEVINE + Encryption: + type: object + description:

The parameters for encrypting content.

+ properties: + ConstantInitializationVector: + type: string + maxLength: 32 + minLength: 32 + pattern: ^[0-9a-fA-F]+$ + description:

A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).

+ EncryptionMethod: + $ref: '#/components/schemas/EncryptionMethod' + KeyRotationIntervalSeconds: + type: integer + maximum: 31536000 + minimum: 300 + description: |- +

The frequency (in seconds) of key changes for live workflows, in which content is streamed real time. The service retrieves content keys before the live content begins streaming, and then retrieves them as needed over the lifetime of the workflow. By default, key rotation is set to 300 seconds (5 minutes), the minimum rotation interval, which is equivalent to setting it to 300. If you don't enter an interval, content keys aren't rotated.

+

The following example setting causes the service to rotate keys every thirty minutes: 1800 +

+ SpekeKeyProvider: + $ref: '#/components/schemas/SpekeKeyProvider' + required: + - EncryptionMethod + - SpekeKeyProvider + additionalProperties: false + EncryptionContractConfiguration: + type: object + description:

Configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.

+ properties: + PresetSpeke20Audio: + $ref: '#/components/schemas/PresetSpeke20Audio' + PresetSpeke20Video: + $ref: '#/components/schemas/PresetSpeke20Video' + required: + - PresetSpeke20Audio + - PresetSpeke20Video + additionalProperties: false + EncryptionMethod: + type: object + description:

The encryption type.

+ properties: + TsEncryptionMethod: + $ref: '#/components/schemas/TsEncryptionMethod' + CmafEncryptionMethod: + $ref: '#/components/schemas/CmafEncryptionMethod' + additionalProperties: false + FilterConfiguration: + type: object + description:

Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.

+ properties: + ManifestFilter: + type: string + maxLength: 1024 + minLength: 1 + description:

Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.

+ Start: + type: string + description:

Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.

+ format: date-time + End: + type: string + description:

Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.

+ format: date-time + TimeDelaySeconds: + type: integer + maximum: 1209600 + minimum: 0 + description:

Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.

+ additionalProperties: false + HlsManifestConfiguration: + type: object + description:

Retrieve the HTTP live streaming (HLS) manifest configuration.

+ properties: + ManifestName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + description:

A short short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. MediaPackage automatically inserts the format extension, such as .m3u8. You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

+ Url: + type: string + description:

The egress domain URL for stream delivery from MediaPackage.

+ ChildManifestName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + description:

A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default child manifest name, index_1. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

+ ManifestWindowSeconds: + type: integer + description:

The total duration (in seconds) of the manifest's content.

+ ProgramDateTimeIntervalSeconds: + type: integer + description: |- +

Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, + EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. + The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. + ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.

+

Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.

+ ScteHls: + $ref: '#/components/schemas/ScteHls' + FilterConfiguration: + $ref: '#/components/schemas/FilterConfiguration' + required: + - ManifestName + additionalProperties: false + LowLatencyHlsManifestConfiguration: + type: object + description:

Retrieve the low-latency HTTP live streaming (HLS) manifest configuration.

+ properties: + ManifestName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + description:

A short short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. MediaPackage automatically inserts the format extension, such as .m3u8. You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

+ Url: + type: string + description:

The egress domain URL for stream delivery from MediaPackage.

+ ChildManifestName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + description:

A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default child manifest name, index_1. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

+ ManifestWindowSeconds: + type: integer + description:

The total duration (in seconds) of the manifest's content.

+ ProgramDateTimeIntervalSeconds: + type: integer + description: |- +

Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, + EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. + The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. + ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.

+

Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.

+ ScteHls: + $ref: '#/components/schemas/ScteHls' + FilterConfiguration: + $ref: '#/components/schemas/FilterConfiguration' + required: + - ManifestName + additionalProperties: false + PresetSpeke20Audio: + type: string + enum: + - PRESET_AUDIO_1 + - PRESET_AUDIO_2 + - PRESET_AUDIO_3 + - SHARED + - UNENCRYPTED + PresetSpeke20Video: + type: string + enum: + - PRESET_VIDEO_1 + - PRESET_VIDEO_2 + - PRESET_VIDEO_3 + - PRESET_VIDEO_4 + - PRESET_VIDEO_5 + - PRESET_VIDEO_6 + - PRESET_VIDEO_7 + - PRESET_VIDEO_8 + - SHARED + - UNENCRYPTED + Scte: + type: object + description:

The SCTE configuration.

+ properties: + ScteFilter: + type: array + items: + $ref: '#/components/schemas/ScteFilter' + maxItems: 100 + minItems: 0 + description:

The SCTE-35 message types that you want to be treated as ad markers in the output.

+ additionalProperties: false + ScteFilter: + type: string + enum: + - SPLICE_INSERT + - BREAK + - PROVIDER_ADVERTISEMENT + - DISTRIBUTOR_ADVERTISEMENT + - PROVIDER_PLACEMENT_OPPORTUNITY + - DISTRIBUTOR_PLACEMENT_OPPORTUNITY + - PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY + - DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY + - PROGRAM + ScteHls: + type: object + description:

The SCTE configuration.

+ properties: + AdMarkerHls: + $ref: '#/components/schemas/AdMarkerHls' + additionalProperties: false + Segment: + type: object + description:

The segment configuration, including the segment name, duration, and other configuration values.

+ properties: + SegmentDurationSeconds: + type: integer + maximum: 30 + minimum: 1 + description:

The duration (in seconds) of each segment. Enter a value equal to, or a multiple of, the input segment duration. If the value that you enter is different from the input segment duration, MediaPackage rounds segments to the nearest multiple of the input segment duration.

+ SegmentName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + description:

The name that describes the segment. The name is the base name of the segment used in all content manifests inside of the endpoint. You can't use spaces in the name.

+ TsUseAudioRenditionGroup: + type: boolean + description:

When selected, MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.

+ IncludeIframeOnlyStreams: + type: boolean + description:

When selected, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included. MediaPackage generates an I-frame only stream from the first rendition in the manifest. The service inserts EXT-I-FRAMES-ONLY tags in the output manifest, and then generates and includes an I-frames only playlist in the stream. This playlist permits player functionality like fast forward and rewind.

+ TsIncludeDvbSubtitles: + type: boolean + description:

By default, MediaPackage excludes all digital video broadcasting (DVB) subtitles from the output. When selected, MediaPackage passes through DVB subtitles into the output.

+ Scte: + $ref: '#/components/schemas/Scte' + Encryption: + $ref: '#/components/schemas/Encryption' + additionalProperties: false + SpekeKeyProvider: + type: object + description:

The parameters for the SPEKE key provider.

+ properties: + EncryptionContractConfiguration: + $ref: '#/components/schemas/EncryptionContractConfiguration' + ResourceId: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[0-9a-zA-Z_-]+$ + description: |- +

The unique identifier for the content. The service sends this to the key server to identify the current endpoint. How unique you make this depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.

+

The following example shows a resource ID: MovieNight20171126093045 +

+ DrmSystems: + type: array + items: + $ref: '#/components/schemas/DrmSystem' + maxItems: 4 + minItems: 1 + description:

The DRM solution provider you're using to protect your content during distribution.

+ RoleArn: + type: string + maxLength: 2048 + minLength: 1 + description: |- +

The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.

+

Valid format: arn:aws:iam::{accountID}:role/{name}. The following example shows a role ARN: arn:aws:iam::444455556666:role/SpekeAccess +

+ Url: + type: string + maxLength: 1024 + minLength: 1 + description: |- +

The URL of the API Gateway proxy that you set up to talk to your key server. The API Gateway proxy must reside in the same AWS Region as MediaPackage and must start with https://.

+

The following example shows a URL: https://1wm2dx1f33.execute-api.us-west-2.amazonaws.com/SpekeSample/copyProtection +

+ required: + - DrmSystems + - EncryptionContractConfiguration + - ResourceId + - RoleArn + - Url + additionalProperties: false + TsEncryptionMethod: + type: string + enum: + - AES_128 + - SAMPLE_AES + OriginEndpoint: + type: object + properties: + Arn: + type: string + description:

The Amazon Resource Name (ARN) associated with the resource.

+ ChannelGroupName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + ChannelName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + ContainerType: + $ref: '#/components/schemas/ContainerType' + CreatedAt: + type: string + description:

The date and time the origin endpoint was created.

+ format: date-time + Description: + type: string + maxLength: 1024 + minLength: 0 + description:

Enter any descriptive text that helps you to identify the origin endpoint.

+ HlsManifests: + type: array + items: + $ref: '#/components/schemas/HlsManifestConfiguration' + description:

An HTTP live streaming (HLS) manifest configuration.

+ LowLatencyHlsManifests: + type: array + items: + $ref: '#/components/schemas/LowLatencyHlsManifestConfiguration' + description:

A low-latency HLS manifest configuration.

+ ModifiedAt: + type: string + description:

The date and time the origin endpoint was modified.

+ format: date-time + OriginEndpointName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + Segment: + $ref: '#/components/schemas/Segment' + StartoverWindowSeconds: + type: integer + maximum: 1209600 + minimum: 60 + description:

The size of the window (in seconds) to create a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window. The maximum startover window is 1,209,600 seconds (14 days).

+ Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ChannelGroupName + - ChannelName + - OriginEndpointName + x-stackql-resource-name: origin_endpoint + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ChannelGroupName + - ChannelName + - OriginEndpointName + x-read-only-properties: + - Arn + - CreatedAt + - ModifiedAt + - LowLatencyHlsManifests/*/Url + - HlsManifests/*/Url + x-required-permissions: + create: + - mediapackagev2:TagResource + - mediapackagev2:CreateOriginEndpoint + - iam:PassRole + read: + - mediapackagev2:GetOriginEndpoint + update: + - mediapackagev2:TagResource + - mediapackagev2:UntagResource + - mediapackagev2:ListTagsForResource + - mediapackagev2:UpdateOriginEndpoint + - iam:PassRole + delete: + - mediapackagev2:GetOriginEndpoint + - mediapackagev2:DeleteOriginEndpoint + list: + - mediapackagev2:ListOriginEndpoints + OriginEndpointPolicy: + type: object + properties: + ChannelGroupName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + ChannelName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + OriginEndpointName: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9_-]+$ + Policy: + type: object + required: + - ChannelGroupName + - ChannelName + - OriginEndpointName + - Policy + x-stackql-resource-name: origin_endpoint_policy + x-stackql-primaryIdentifier: + - ChannelGroupName + - ChannelName + - OriginEndpointName + x-create-only-properties: + - ChannelGroupName + - ChannelName + - OriginEndpointName + x-required-permissions: + create: + - mediapackagev2:GetOriginEndpointPolicy + - mediapackagev2:PutOriginEndpointPolicy + read: + - mediapackagev2:GetOriginEndpointPolicy + update: + - mediapackagev2:GetOriginEndpointPolicy + - mediapackagev2:PutOriginEndpointPolicy + delete: + - mediapackagev2:GetOriginEndpointPolicy + - mediapackagev2:DeleteOriginEndpointPolicy + x-stackQL-resources: + channels: + name: channels + id: awscc.mediapackagev2.channels + x-cfn-schema-name: Channel + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::Channel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::Channel' + AND region = 'us-east-1' + channel: + name: channel + id: awscc.mediapackagev2.channel + x-cfn-schema-name: Channel + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ChannelGroupName') as channel_group_name, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.IngestEndpoints') as ingest_endpoints, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ChannelGroupName') as channel_group_name, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'IngestEndpoints') as ingest_endpoints, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + channel_groups: + name: channel_groups + id: awscc.mediapackagev2.channel_groups + x-cfn-schema-name: ChannelGroup + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelGroup' + AND region = 'us-east-1' + channel_group: + name: channel_group + id: awscc.mediapackagev2.channel_group + x-cfn-schema-name: ChannelGroup + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ChannelGroupName') as channel_group_name, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EgressDomain') as egress_domain, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ChannelGroupName') as channel_group_name, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EgressDomain') as egress_domain, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + channel_policies: + name: channel_policies + id: awscc.mediapackagev2.channel_policies + x-cfn-schema-name: ChannelPolicy + x-type: list + x-identifiers: + - ChannelGroupName + - ChannelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelGroupName') as channel_group_name, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelGroupName') as channel_group_name, + json_extract_path_text(Properties, 'ChannelName') as channel_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelPolicy' + AND region = 'us-east-1' + channel_policy: + name: channel_policy + id: awscc.mediapackagev2.channel_policy + x-cfn-schema-name: ChannelPolicy + x-type: get + x-identifiers: + - ChannelGroupName + - ChannelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelGroupName') as channel_group_name, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelGroupName') as channel_group_name, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::ChannelPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + origin_endpoints: + name: origin_endpoints + id: awscc.mediapackagev2.origin_endpoints + x-cfn-schema-name: OriginEndpoint + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpoint' + AND region = 'us-east-1' + origin_endpoint: + name: origin_endpoint + id: awscc.mediapackagev2.origin_endpoint + x-cfn-schema-name: OriginEndpoint + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ChannelGroupName') as channel_group_name, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.ContainerType') as container_type, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.HlsManifests') as hls_manifests, + JSON_EXTRACT(Properties, '$.LowLatencyHlsManifests') as low_latency_hls_manifests, + JSON_EXTRACT(Properties, '$.ModifiedAt') as modified_at, + JSON_EXTRACT(Properties, '$.OriginEndpointName') as origin_endpoint_name, + JSON_EXTRACT(Properties, '$.Segment') as segment, + JSON_EXTRACT(Properties, '$.StartoverWindowSeconds') as startover_window_seconds, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ChannelGroupName') as channel_group_name, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'ContainerType') as container_type, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'HlsManifests') as hls_manifests, + json_extract_path_text(Properties, 'LowLatencyHlsManifests') as low_latency_hls_manifests, + json_extract_path_text(Properties, 'ModifiedAt') as modified_at, + json_extract_path_text(Properties, 'OriginEndpointName') as origin_endpoint_name, + json_extract_path_text(Properties, 'Segment') as segment, + json_extract_path_text(Properties, 'StartoverWindowSeconds') as startover_window_seconds, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + origin_endpoint_policies: + name: origin_endpoint_policies + id: awscc.mediapackagev2.origin_endpoint_policies + x-cfn-schema-name: OriginEndpointPolicy + x-type: list + x-identifiers: + - ChannelGroupName + - ChannelName + - OriginEndpointName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelGroupName') as channel_group_name, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.OriginEndpointName') as origin_endpoint_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpointPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelGroupName') as channel_group_name, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'OriginEndpointName') as origin_endpoint_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpointPolicy' + AND region = 'us-east-1' + origin_endpoint_policy: + name: origin_endpoint_policy + id: awscc.mediapackagev2.origin_endpoint_policy + x-cfn-schema-name: OriginEndpointPolicy + x-type: get + x-identifiers: + - ChannelGroupName + - ChannelName + - OriginEndpointName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelGroupName') as channel_group_name, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.OriginEndpointName') as origin_endpoint_name, + JSON_EXTRACT(Properties, '$.Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpointPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelGroupName') as channel_group_name, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'OriginEndpointName') as origin_endpoint_name, + json_extract_path_text(Properties, 'Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaPackageV2::OriginEndpointPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/mediatailor.yaml b/providers/src/awscc/v00.00.00000/services/mediatailor.yaml new file mode 100644 index 00000000..e447c8a5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/mediatailor.yaml @@ -0,0 +1,1051 @@ +openapi: 3.0.0 +info: + title: MediaTailor + version: 1.0.0 +paths: {} +components: + schemas: + DashPlaylistSettings: + type: object + description:

Dash manifest configuration parameters.

+ properties: + ManifestWindowSeconds: + type: number + description: '

The total duration (in seconds) of each manifest. Minimum value: 30 seconds. Maximum value: 3600 seconds.

' + MinBufferTimeSeconds: + type: number + description: '

Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: 2 seconds. Maximum value: 60 seconds.

' + MinUpdatePeriodSeconds: + type: number + description: '

Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: 2 seconds. Maximum value: 60 seconds.

' + SuggestedPresentationDelaySeconds: + type: number + description: '

Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: 2 seconds. Maximum value: 60 seconds.

' + additionalProperties: false + HlsPlaylistSettings: + type: object + description:

HLS playlist configuration parameters.

+ properties: + ManifestWindowSeconds: + type: number + description: '

The total duration (in seconds) of each manifest. Minimum value: 30 seconds. Maximum value: 3600 seconds.

' + AdMarkupType: + type: array + items: + $ref: '#/components/schemas/AdMarkupType' + description:

Determines the type of SCTE 35 tags to use in ad markup. Specify DATERANGE to use DATERANGE tags (for live or VOD content). Specify SCTE35_ENHANCED to use EXT-X-CUE-OUT and EXT-X-CUE-IN tags (for VOD content only).

+ additionalProperties: false + LogConfigurationForChannel: + type: object + description:

The log configuration for the channel.

+ properties: + LogTypes: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/LogType' + description:

The log types.

+ additionalProperties: false + LogType: + type: string + enum: + - AS_RUN + PlaybackMode: + type: string + enum: + - LOOP + - LINEAR + AdMarkupType: + type: string + enum: + - DATERANGE + - SCTE35_ENHANCED + RequestOutputItem: + type: object + description:

The output configuration for this channel.

+ properties: + DashPlaylistSettings: + $ref: '#/components/schemas/DashPlaylistSettings' + HlsPlaylistSettings: + $ref: '#/components/schemas/HlsPlaylistSettings' + ManifestName: + type: string + description:

The name of the manifest for the channel. The name appears in the PlaybackUrl.

+ SourceGroup: + type: string + description:

A string used to match which HttpPackageConfiguration is used for each VodSource.

+ required: + - ManifestName + - SourceGroup + additionalProperties: false + SlateSource: + type: object + description:

Slate VOD source configuration.

+ properties: + SourceLocationName: + type: string + description:

The name of the source location where the slate VOD source is stored.

+ VodSourceName: + type: string + description:

The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.

+ additionalProperties: false + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + required: + - Value + - Key + Tier: + type: string + enum: + - BASIC + - STANDARD + TimeShiftConfiguration: + type: object + description:

The configuration for time-shifted viewing.

+ properties: + MaxTimeDelaySeconds: + type: number + description:

The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).

+ required: + - MaxTimeDelaySeconds + additionalProperties: false + Channel: + type: object + properties: + Arn: + type: string + description:

The ARN of the channel.

+ ChannelName: + type: string + FillerSlate: + $ref: '#/components/schemas/SlateSource' + LogConfiguration: + $ref: '#/components/schemas/LogConfigurationForChannel' + Outputs: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/RequestOutputItem' + description:

The channel's output properties.

+ PlaybackMode: + $ref: '#/components/schemas/PlaybackMode' + Tags: + description: The tags to assign to the channel. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Tier: + $ref: '#/components/schemas/Tier' + TimeShiftConfiguration: + $ref: '#/components/schemas/TimeShiftConfiguration' + required: + - ChannelName + - Outputs + - PlaybackMode + x-stackql-resource-name: channel + x-stackql-primaryIdentifier: + - ChannelName + x-create-only-properties: + - ChannelName + - Tier + x-read-only-properties: + - Arn + x-required-permissions: + create: + - mediatailor:CreateChannel + - mediatailor:TagResource + - mediatailor:ConfigureLogsForChannel + - iam:CreateServiceLinkedRole + - mediatailor:DescribeChannel + read: + - mediatailor:DescribeChannel + update: + - mediatailor:UpdateChannel + - mediatailor:TagResource + - mediatailor:UntagResource + - iam:CreateServiceLinkedRole + - mediatailor:ConfigureLogsForChannel + - mediatailor:DescribeChannel + delete: + - mediatailor:DeleteChannel + - mediatailor:DescribeChannel + list: + - mediatailor:ListChannels + ChannelPolicy: + type: object + properties: + ChannelName: + type: string + Policy: + type: object + description:

The IAM policy for the channel. IAM policies are used to control access to your channel.

+ required: + - ChannelName + - Policy + x-stackql-resource-name: channel_policy + x-stackql-primaryIdentifier: + - ChannelName + x-create-only-properties: + - ChannelName + x-required-permissions: + create: + - mediatailor:PutChannelPolicy + - mediatailor:GetChannelPolicy + read: + - mediatailor:GetChannelPolicy + update: + - mediatailor:PutChannelPolicy + - mediatailor:GetChannelPolicy + delete: + - mediatailor:DeleteChannelPolicy + - mediatailor:GetChannelPolicy + HttpPackageConfiguration: + type: object + description:

The HTTP package configuration properties for the requested VOD source.

+ properties: + Path: + type: string + description:

The relative path to the URL for this VOD source. This is combined with SourceLocation::HttpConfiguration::BaseUrl to form a valid URL.

+ SourceGroup: + type: string + description:

The name of the source group. This has to match one of the Channel::Outputs::SourceGroup.

+ Type: + $ref: '#/components/schemas/Type' + required: + - Path + - SourceGroup + - Type + additionalProperties: false + Type: + type: string + enum: + - DASH + - HLS + LiveSource: + type: object + properties: + Arn: + type: string + description:

The ARN of the live source.

+ HttpPackageConfigurations: + type: array + items: + $ref: '#/components/schemas/HttpPackageConfiguration' + description:

A list of HTTP package configuration parameters for this live source.

+ LiveSourceName: + type: string + SourceLocationName: + type: string + Tags: + description: The tags to assign to the live source. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - HttpPackageConfigurations + - LiveSourceName + - SourceLocationName + x-stackql-resource-name: live_source + x-stackql-primaryIdentifier: + - LiveSourceName + - SourceLocationName + x-create-only-properties: + - LiveSourceName + - SourceLocationName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - mediatailor:CreateLiveSource + - mediatailor:DescribeLiveSource + - mediatailor:TagResource + read: + - mediatailor:DescribeLiveSource + update: + - mediatailor:UpdateLiveSource + - mediatailor:DescribeLiveSource + - mediatailor:TagResource + - mediatailor:UntagResource + delete: + - mediatailor:DeleteLiveSource + - mediatailor:DescribeLiveSource + list: + - mediatailor:ListLiveSources + AvailSuppression: + description: The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see Ad Suppression (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html). + type: object + additionalProperties: false + properties: + Mode: + description: Sets the ad suppression mode. By default, ad suppression is set to OFF and all ad breaks are filled with ads or slate. When Mode is set to BEHIND_LIVE_EDGE, ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. + type: string + enum: + - 'OFF' + - BEHIND_LIVE_EDGE + Value: + description: >- + A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the + live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge. + type: string + Bumper: + description: The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see Bumpers (https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html). + type: object + additionalProperties: false + properties: + StartUrl: + description: The URL for the start bumper asset. + type: string + EndUrl: + description: The URL for the end bumper asset. + type: string + CdnConfiguration: + description: The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management. + type: object + additionalProperties: false + properties: + AdSegmentUrlPrefix: + description: A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor.<region>.amazonaws.com. Then specify the rule's name in this AdSegmentUrlPrefix. When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments. + type: string + ContentSegmentUrlPrefix: + description: A content delivery network (CDN) to cache content segments, so that content requests don't always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this ContentSegmentUrlPrefix. When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments. + type: string + ConfigurationAliases: + description: The predefined aliases for dynamic variables. + additionalProperties: false + x-patternProperties: + player_params\.\w+\Z: + type: object + DashConfiguration: + description: The configuration for DASH PUT operations. + type: object + additionalProperties: false + properties: + MpdLocation: + description: >- + The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are DISABLED and EMT_DEFAULT. The EMT_DEFAULT setting enables + the inclusion of the tag and is the default value. + type: string + OriginManifestType: + description: The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to SINGLE_PERIOD. The default setting is MULTI_PERIOD. For multi-period manifests, omit this setting or set it to MULTI_PERIOD. + type: string + enum: + - SINGLE_PERIOD + - MULTI_PERIOD + ManifestEndpointPrefix: + description: The URL generated by MediaTailor to initiate a DASH playback session. The session uses server-side reporting. + type: string + LivePreRollConfiguration: + description: The configuration for pre-roll ad insertion. + type: object + additionalProperties: false + properties: + AdDecisionServerUrl: + description: The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters. + type: string + MaxDurationSeconds: + description: The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns. + type: integer + ManifestProcessingRules: + description: The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor. + type: object + additionalProperties: false + properties: + AdMarkerPassthrough: + description: For HLS, when set to true, MediaTailor passes through EXT-X-CUE-IN, EXT-X-CUE-OUT, and EXT-X-SPLICEPOINT-SCTE35 ad markers from the origin manifest to the MediaTailor personalized manifest. No logic is applied to these ad markers. For example, if EXT-X-CUE-OUT has a value of 60, but no ads are filled for that ad break, MediaTailor will not set the value to 0. + $ref: '#/components/schemas/AdMarkerPassthrough' + AdMarkerPassthrough: + description: For HLS, when set to true, MediaTailor passes through EXT-X-CUE-IN, EXT-X-CUE-OUT, and EXT-X-SPLICEPOINT-SCTE35 ad markers from the origin manifest to the MediaTailor personalized manifest. No logic is applied to these ad markers. For example, if EXT-X-CUE-OUT has a value of 60, but no ads are filled for that ad break, MediaTailor will not set the value to 0. + type: object + additionalProperties: false + properties: + Enabled: + description: Enables ad marker passthrough for your configuration. + type: boolean + HlsConfiguration: + type: object + additionalProperties: false + properties: + ManifestEndpointPrefix: + description: The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting. + type: string + PlaybackConfiguration: + type: object + properties: + AdDecisionServerUrl: + description: The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters. + type: string + AvailSuppression: + description: The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see Ad Suppression (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html). + $ref: '#/components/schemas/AvailSuppression' + Bumper: + description: The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see Bumpers (https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html). + $ref: '#/components/schemas/Bumper' + CdnConfiguration: + description: The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management. + $ref: '#/components/schemas/CdnConfiguration' + ConfigurationAliases: + description: 'The player parameters and aliases used as dynamic variables during session initialization. For more information, see Domain Variables. ' + $ref: '#/components/schemas/ConfigurationAliases' + DashConfiguration: + description: The configuration for DASH content. + $ref: '#/components/schemas/DashConfiguration' + LivePreRollConfiguration: + description: The configuration for pre-roll ad insertion. + $ref: '#/components/schemas/LivePreRollConfiguration' + ManifestProcessingRules: + description: The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor. + $ref: '#/components/schemas/ManifestProcessingRules' + Name: + description: The identifier for the playback configuration. + type: string + pattern: ^[a-zA-Z0-9_-]+$ + maxLength: 64 + minLength: 1 + PersonalizationThresholdSeconds: + description: >- + Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to ad replacement in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see + Ad Behavior in AWS Elemental MediaTailor (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html). + type: integer + SessionInitializationEndpointPrefix: + description: The URL that the player uses to initialize a session that uses client-side reporting. + type: string + HlsConfiguration: + description: The configuration for HLS content. + $ref: '#/components/schemas/HlsConfiguration' + PlaybackConfigurationArn: + description: The Amazon Resource Name (ARN) for the playback configuration. + type: string + PlaybackEndpointPrefix: + description: The URL that the player accesses to get a manifest from MediaTailor. This session will use server-side reporting. + type: string + SlateAdUrl: + description: The URL for a high-quality video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID configurations. For VPAID, the slate is required because MediaTailor provides it in the slots that are designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video. + type: string + Tags: + description: The tags to assign to the playback configuration. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TranscodeProfileName: + description: The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support. + type: string + VideoContentSourceUrl: + description: The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters. + type: string + required: + - Name + - VideoContentSourceUrl + - AdDecisionServerUrl + x-stackql-resource-name: playback_configuration + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - SessionInitializationEndpointPrefix + - HlsConfiguration/ManifestEndpointPrefix + - DashConfiguration/ManifestEndpointPrefix + - PlaybackConfigurationArn + - PlaybackEndpointPrefix + x-required-permissions: + create: + - mediatailor:PutPlaybackConfiguration + - mediatailor:ConfigureLogsForPlaybackConfiguration + - iam:CreateServiceLinkedRole + - mediatailor:UntagResource + - mediatailor:TagResource + read: + - mediatailor:GetPlaybackConfiguration + update: + - mediatailor:PutPlaybackConfiguration + - mediatailor:ConfigureLogsForPlaybackConfiguration + - iam:CreateServiceLinkedRole + - mediatailor:UntagResource + - mediatailor:TagResource + delete: + - mediatailor:DeletePlaybackConfiguration + list: + - mediatailor:ListPlaybackConfigurations + AccessConfiguration: + type: object + description:

Access configuration parameters.

+ properties: + AccessType: + $ref: '#/components/schemas/AccessType' + SecretsManagerAccessTokenConfiguration: + $ref: '#/components/schemas/SecretsManagerAccessTokenConfiguration' + additionalProperties: false + AccessType: + type: string + enum: + - S3_SIGV4 + - SECRETS_MANAGER_ACCESS_TOKEN + - AUTODETECT_SIGV4 + DefaultSegmentDeliveryConfiguration: + type: object + description:

The optional configuration for a server that serves segments. Use this if you want the segment delivery server to be different from the source location server. For example, you can configure your source location server to be an origination server, such as MediaPackage, and the segment delivery server to be a content delivery network (CDN), such as CloudFront. If you don't specify a segment delivery server, then the source location server is used.

+ properties: + BaseUrl: + type: string + description:

The hostname of the server that will be used to serve segments. This string must include the protocol, such as https://.

+ additionalProperties: false + HttpConfiguration: + type: object + description:

The HTTP configuration for the source location.

+ properties: + BaseUrl: + type: string + description:

The base URL for the source location host server. This string must include the protocol, such as https://.

+ required: + - BaseUrl + additionalProperties: false + SecretsManagerAccessTokenConfiguration: + type: object + description:

AWS Secrets Manager access token configuration parameters. For information about Secrets Manager access token authentication, see Working with AWS Secrets Manager access token authentication.

+ properties: + HeaderName: + type: string + description:

The name of the HTTP header used to supply the access token in requests to the source location.

+ SecretArn: + type: string + description:

The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.

+ SecretStringKey: + type: string + description:

The AWS Secrets Manager SecretString key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.

+ additionalProperties: false + SegmentDeliveryConfiguration: + type: object + description:

The segment delivery configuration settings.

+ properties: + BaseUrl: + type: string + description:

The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as https://example.com/some/path. To use a relative URL specify the relative path, such as /some/path*.

+ Name: + type: string + description:

A unique identifier used to distinguish between multiple segment delivery configurations in a source location.

+ additionalProperties: false + SourceLocation: + type: object + properties: + AccessConfiguration: + $ref: '#/components/schemas/AccessConfiguration' + Arn: + type: string + description:

The ARN of the source location.

+ DefaultSegmentDeliveryConfiguration: + $ref: '#/components/schemas/DefaultSegmentDeliveryConfiguration' + HttpConfiguration: + $ref: '#/components/schemas/HttpConfiguration' + SegmentDeliveryConfigurations: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SegmentDeliveryConfiguration' + description:

A list of the segment delivery configurations associated with this resource.

+ SourceLocationName: + type: string + Tags: + description: The tags to assign to the source location. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - HttpConfiguration + - SourceLocationName + x-stackql-resource-name: source_location + x-stackql-primaryIdentifier: + - SourceLocationName + x-create-only-properties: + - SourceLocationName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - mediatailor:CreateSourceLocation + - mediatailor:DescribeSourceLocation + - mediatailor:TagResource + - secretsmanager:DescribeSecret + - secretsmanager:GetSecretValue + - kms:CreateGrant + read: + - mediatailor:DescribeSourceLocation + update: + - mediatailor:DescribeSourceLocation + - mediatailor:TagResource + - mediatailor:UntagResource + - mediatailor:UpdateSourceLocation + - secretsmanager:DescribeSecret + - secretsmanager:GetSecretValue + - kms:CreateGrant + delete: + - mediatailor:DeleteSourceLocation + - mediatailor:DescribeSourceLocation + list: + - mediatailor:ListSourceLocations + VodSource: + type: object + properties: + Arn: + type: string + description:

The ARN of the VOD source.

+ HttpPackageConfigurations: + type: array + items: + $ref: '#/components/schemas/HttpPackageConfiguration' + description:

A list of HTTP package configuration parameters for this VOD source.

+ SourceLocationName: + type: string + Tags: + description: The tags to assign to the VOD source. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + VodSourceName: + type: string + required: + - HttpPackageConfigurations + - SourceLocationName + - VodSourceName + x-stackql-resource-name: vod_source + x-stackql-primaryIdentifier: + - SourceLocationName + - VodSourceName + x-create-only-properties: + - SourceLocationName + - VodSourceName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - mediatailor:CreateVodSource + - mediatailor:DescribeVodSource + - mediatailor:TagResource + read: + - mediatailor:DescribeVodSource + update: + - mediatailor:DescribeVodSource + - mediatailor:TagResource + - mediatailor:UntagResource + - mediatailor:UpdateVodSource + delete: + - mediatailor:DeleteVodSource + - mediatailor:DescribeVodSource + list: + - mediatailor:ListVodSources + x-stackQL-resources: + channels: + name: channels + id: awscc.mediatailor.channels + x-cfn-schema-name: Channel + x-type: list + x-identifiers: + - ChannelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::Channel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelName') as channel_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::Channel' + AND region = 'us-east-1' + channel: + name: channel + id: awscc.mediatailor.channel + x-cfn-schema-name: Channel + x-type: get + x-identifiers: + - ChannelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.FillerSlate') as filler_slate, + JSON_EXTRACT(Properties, '$.LogConfiguration') as log_configuration, + JSON_EXTRACT(Properties, '$.Outputs') as outputs, + JSON_EXTRACT(Properties, '$.PlaybackMode') as playback_mode, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Tier') as tier, + JSON_EXTRACT(Properties, '$.TimeShiftConfiguration') as time_shift_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'FillerSlate') as filler_slate, + json_extract_path_text(Properties, 'LogConfiguration') as log_configuration, + json_extract_path_text(Properties, 'Outputs') as outputs, + json_extract_path_text(Properties, 'PlaybackMode') as playback_mode, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Tier') as tier, + json_extract_path_text(Properties, 'TimeShiftConfiguration') as time_shift_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::Channel' + AND data__Identifier = '' + AND region = 'us-east-1' + channel_policies: + name: channel_policies + id: awscc.mediatailor.channel_policies + x-cfn-schema-name: ChannelPolicy + x-type: list + x-identifiers: + - ChannelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::ChannelPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelName') as channel_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::ChannelPolicy' + AND region = 'us-east-1' + channel_policy: + name: channel_policy + id: awscc.mediatailor.channel_policy + x-cfn-schema-name: ChannelPolicy + x-type: get + x-identifiers: + - ChannelName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::ChannelPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::ChannelPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + live_sources: + name: live_sources + id: awscc.mediatailor.live_sources + x-cfn-schema-name: LiveSource + x-type: list + x-identifiers: + - LiveSourceName + - SourceLocationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LiveSourceName') as live_source_name, + JSON_EXTRACT(Properties, '$.SourceLocationName') as source_location_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::LiveSource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LiveSourceName') as live_source_name, + json_extract_path_text(Properties, 'SourceLocationName') as source_location_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::LiveSource' + AND region = 'us-east-1' + live_source: + name: live_source + id: awscc.mediatailor.live_source + x-cfn-schema-name: LiveSource + x-type: get + x-identifiers: + - LiveSourceName + - SourceLocationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.HttpPackageConfigurations') as http_package_configurations, + JSON_EXTRACT(Properties, '$.LiveSourceName') as live_source_name, + JSON_EXTRACT(Properties, '$.SourceLocationName') as source_location_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::LiveSource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'HttpPackageConfigurations') as http_package_configurations, + json_extract_path_text(Properties, 'LiveSourceName') as live_source_name, + json_extract_path_text(Properties, 'SourceLocationName') as source_location_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::LiveSource' + AND data__Identifier = '' + AND region = 'us-east-1' + playback_configurations: + name: playback_configurations + id: awscc.mediatailor.playback_configurations + x-cfn-schema-name: PlaybackConfiguration + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::PlaybackConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::PlaybackConfiguration' + AND region = 'us-east-1' + playback_configuration: + name: playback_configuration + id: awscc.mediatailor.playback_configuration + x-cfn-schema-name: PlaybackConfiguration + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdDecisionServerUrl') as ad_decision_server_url, + JSON_EXTRACT(Properties, '$.AvailSuppression') as avail_suppression, + JSON_EXTRACT(Properties, '$.Bumper') as bumper, + JSON_EXTRACT(Properties, '$.CdnConfiguration') as cdn_configuration, + JSON_EXTRACT(Properties, '$.ConfigurationAliases') as configuration_aliases, + JSON_EXTRACT(Properties, '$.DashConfiguration') as dash_configuration, + JSON_EXTRACT(Properties, '$.LivePreRollConfiguration') as live_pre_roll_configuration, + JSON_EXTRACT(Properties, '$.ManifestProcessingRules') as manifest_processing_rules, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PersonalizationThresholdSeconds') as personalization_threshold_seconds, + JSON_EXTRACT(Properties, '$.SessionInitializationEndpointPrefix') as session_initialization_endpoint_prefix, + JSON_EXTRACT(Properties, '$.HlsConfiguration') as hls_configuration, + JSON_EXTRACT(Properties, '$.PlaybackConfigurationArn') as playback_configuration_arn, + JSON_EXTRACT(Properties, '$.PlaybackEndpointPrefix') as playback_endpoint_prefix, + JSON_EXTRACT(Properties, '$.SlateAdUrl') as slate_ad_url, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TranscodeProfileName') as transcode_profile_name, + JSON_EXTRACT(Properties, '$.VideoContentSourceUrl') as video_content_source_url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::PlaybackConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdDecisionServerUrl') as ad_decision_server_url, + json_extract_path_text(Properties, 'AvailSuppression') as avail_suppression, + json_extract_path_text(Properties, 'Bumper') as bumper, + json_extract_path_text(Properties, 'CdnConfiguration') as cdn_configuration, + json_extract_path_text(Properties, 'ConfigurationAliases') as configuration_aliases, + json_extract_path_text(Properties, 'DashConfiguration') as dash_configuration, + json_extract_path_text(Properties, 'LivePreRollConfiguration') as live_pre_roll_configuration, + json_extract_path_text(Properties, 'ManifestProcessingRules') as manifest_processing_rules, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PersonalizationThresholdSeconds') as personalization_threshold_seconds, + json_extract_path_text(Properties, 'SessionInitializationEndpointPrefix') as session_initialization_endpoint_prefix, + json_extract_path_text(Properties, 'HlsConfiguration') as hls_configuration, + json_extract_path_text(Properties, 'PlaybackConfigurationArn') as playback_configuration_arn, + json_extract_path_text(Properties, 'PlaybackEndpointPrefix') as playback_endpoint_prefix, + json_extract_path_text(Properties, 'SlateAdUrl') as slate_ad_url, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TranscodeProfileName') as transcode_profile_name, + json_extract_path_text(Properties, 'VideoContentSourceUrl') as video_content_source_url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::PlaybackConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + source_locations: + name: source_locations + id: awscc.mediatailor.source_locations + x-cfn-schema-name: SourceLocation + x-type: list + x-identifiers: + - SourceLocationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SourceLocationName') as source_location_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::SourceLocation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SourceLocationName') as source_location_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::SourceLocation' + AND region = 'us-east-1' + source_location: + name: source_location + id: awscc.mediatailor.source_location + x-cfn-schema-name: SourceLocation + x-type: get + x-identifiers: + - SourceLocationName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessConfiguration') as access_configuration, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DefaultSegmentDeliveryConfiguration') as default_segment_delivery_configuration, + JSON_EXTRACT(Properties, '$.HttpConfiguration') as http_configuration, + JSON_EXTRACT(Properties, '$.SegmentDeliveryConfigurations') as segment_delivery_configurations, + JSON_EXTRACT(Properties, '$.SourceLocationName') as source_location_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::SourceLocation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessConfiguration') as access_configuration, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DefaultSegmentDeliveryConfiguration') as default_segment_delivery_configuration, + json_extract_path_text(Properties, 'HttpConfiguration') as http_configuration, + json_extract_path_text(Properties, 'SegmentDeliveryConfigurations') as segment_delivery_configurations, + json_extract_path_text(Properties, 'SourceLocationName') as source_location_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::SourceLocation' + AND data__Identifier = '' + AND region = 'us-east-1' + vod_sources: + name: vod_sources + id: awscc.mediatailor.vod_sources + x-cfn-schema-name: VodSource + x-type: list + x-identifiers: + - SourceLocationName + - VodSourceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SourceLocationName') as source_location_name, + JSON_EXTRACT(Properties, '$.VodSourceName') as vod_source_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::VodSource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SourceLocationName') as source_location_name, + json_extract_path_text(Properties, 'VodSourceName') as vod_source_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MediaTailor::VodSource' + AND region = 'us-east-1' + vod_source: + name: vod_source + id: awscc.mediatailor.vod_source + x-cfn-schema-name: VodSource + x-type: get + x-identifiers: + - SourceLocationName + - VodSourceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.HttpPackageConfigurations') as http_package_configurations, + JSON_EXTRACT(Properties, '$.SourceLocationName') as source_location_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VodSourceName') as vod_source_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::VodSource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'HttpPackageConfigurations') as http_package_configurations, + json_extract_path_text(Properties, 'SourceLocationName') as source_location_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VodSourceName') as vod_source_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MediaTailor::VodSource' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/memorydb.yaml b/providers/src/awscc/v00.00.00000/services/memorydb.yaml new file mode 100644 index 00000000..55f6d51b --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/memorydb.yaml @@ -0,0 +1,795 @@ +openapi: 3.0.0 +info: + title: MemoryDB + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with ''aws:''. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + pattern: ^(?!aws:)[a-zA-Z0-9 _\.\/=+:\-@]*$ + minLength: 1 + maxLength: 128 + Value: + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + pattern: ^[a-zA-Z0-9 _\.\/=+:\-@]*$ + minLength: 0 + maxLength: 256 + required: + - Key + ACL: + type: object + properties: + Status: + description: Indicates acl status. Can be "creating", "active", "modifying", "deleting". + type: string + ACLName: + description: The name of the acl. + pattern: '[a-z][a-z0-9\\-]*' + type: string + UserNames: + type: array + x-$comment: List of users. + uniqueItems: true + x-insertionOrder: true + items: + type: string + description: List of users associated to this acl. + Arn: + description: The Amazon Resource Name (ARN) of the acl. + type: string + Tags: + description: An array of key-value pairs to apply to this cluster. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ACLName + x-stackql-resource-name: acl + x-stackql-primaryIdentifier: + - ACLName + x-create-only-properties: + - ACLName + x-read-only-properties: + - Status + - Arn + x-required-permissions: + create: + - memorydb:CreateACL + - memorydb:DescribeACLs + - memorydb:TagResource + - memorydb:ListTags + read: + - memorydb:DescribeACLs + - memorydb:ListTags + update: + - memorydb:UpdateACL + - memorydb:DescribeACLs + - memorydb:ListTags + - memorydb:TagResource + - memorydb:UntagResource + delete: + - memorydb:ModifyReplicationGroup + - memorydb:DeleteACL + - memorydb:DescribeACLs + list: + - memorydb:DescribeACLs + - memorydb:ListTags + Endpoint: + type: object + additionalProperties: false + properties: + Address: + description: The DNS address of the primary read-write node. + type: string + Port: + description: 'The port number that the engine is listening on. ' + type: integer + DataTieringStatus: + type: string + enum: + - 'true' + - 'false' + Cluster: + type: object + properties: + ClusterName: + description: The name of the cluster. This value must be unique as it also serves as the cluster identifier. + pattern: '[a-z][a-z0-9\-]*' + type: string + Description: + description: An optional description of the cluster. + type: string + Status: + description: The status of the cluster. For example, Available, Updating, Creating. + type: string + NodeType: + description: The compute and memory capacity of the nodes in the cluster. + type: string + NumShards: + description: The number of shards the cluster will contain. + type: integer + NumReplicasPerShard: + description: The number of replicas to apply to each shard. The limit is 5. + type: integer + SubnetGroupName: + description: The name of the subnet group to be used for the cluster. + type: string + SecurityGroupIds: + description: One or more Amazon VPC security groups associated with this cluster. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + MaintenanceWindow: + description: Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period. + type: string + ParameterGroupName: + description: The name of the parameter group associated with the cluster. + type: string + ParameterGroupStatus: + description: The status of the parameter group used by the cluster. + type: string + Port: + description: The port number on which each member of the cluster accepts connections. + type: integer + SnapshotRetentionLimit: + description: The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted. + type: integer + SnapshotWindow: + description: The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your cluster. + type: string + ACLName: + description: The name of the Access Control List to associate with the cluster. + type: string + pattern: '[a-zA-Z][a-zA-Z0-9\-]*' + SnsTopicArn: + description: The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent. + type: string + SnsTopicStatus: + description: The status of the Amazon SNS notification topic. Notifications are sent only if the status is enabled. + type: string + TLSEnabled: + description: |- + A flag that enables in-transit encryption when set to true. + + You cannot modify the value of TransitEncryptionEnabled after the cluster is created. To enable in-transit encryption on a cluster you must set TransitEncryptionEnabled to true when you create a cluster. + type: boolean + DataTiering: + type: object + description: Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes. + $ref: '#/components/schemas/DataTieringStatus' + KmsKeyId: + description: The ID of the KMS key used to encrypt the cluster. + type: string + SnapshotArns: + description: A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster. The Amazon S3 object name in the ARN cannot contain any commas. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + SnapshotName: + description: The name of a snapshot from which to restore data into the new cluster. The snapshot status changes to restoring while the new cluster is being created. + type: string + FinalSnapshotName: + description: The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward. + type: string + ARN: + description: The Amazon Resource Name (ARN) of the cluster. + type: string + EngineVersion: + description: The Redis engine version used by the cluster. + type: string + ClusterEndpoint: + description: The cluster endpoint. + $ref: '#/components/schemas/Endpoint' + AutoMinorVersionUpgrade: + description: |- + A flag that enables automatic minor version upgrade when set to true. + + You cannot modify the value of AutoMinorVersionUpgrade after the cluster is created. To enable AutoMinorVersionUpgrade on a cluster you must set AutoMinorVersionUpgrade to true when you create a cluster. + type: boolean + Tags: + description: An array of key-value pairs to apply to this cluster. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ClusterName + - NodeType + - ACLName + x-stackql-resource-name: cluster + x-stackql-primaryIdentifier: + - ClusterName + x-create-only-properties: + - ClusterName + - TLSEnabled + - DataTiering + - KmsKeyId + - Port + - SubnetGroupName + - SnapshotArns + - SnapshotName + x-read-only-properties: + - Status + - ClusterEndpoint/Address + - ClusterEndpoint/Port + - ARN + - ParameterGroupStatus + x-required-permissions: + create: + - memorydb:CreateCluster + - memorydb:DescribeClusters + - memorydb:ListTags + read: + - memorydb:DescribeClusters + - memorydb:ListTags + update: + - memorydb:UpdateCluster + - memorydb:DescribeClusters + - memorydb:ListTags + - memorydb:TagResource + - memorydb:UntagResource + delete: + - memorydb:DeleteCluster + - memorydb:DescribeClusters + list: + - memorydb:DescribeClusters + ParameterGroup: + type: object + properties: + ParameterGroupName: + description: The name of the parameter group. + type: string + Family: + description: The name of the parameter group family that this parameter group is compatible with. + type: string + Description: + description: A description of the parameter group. + type: string + Tags: + description: An array of key-value pairs to apply to this parameter group. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Parameters: + description: An map of parameter names and values for the parameter update. You must supply at least one parameter name and value; subsequent arguments are optional. + type: object + ARN: + description: The Amazon Resource Name (ARN) of the parameter group. + type: string + required: + - ParameterGroupName + - Family + x-stackql-resource-name: parameter_group + x-stackql-primaryIdentifier: + - ParameterGroupName + x-create-only-properties: + - ParameterGroupName + - Family + - Description + x-read-only-properties: + - ARN + x-required-permissions: + create: + - memorydb:CreateParameterGroup + - memorydb:DescribeParameterGroups + - memorydb:TagResource + - memorydb:ListTags + read: + - memorydb:DescribeParameterGroups + - memorydb:ListTags + update: + - memorydb:UpdateParameterGroup + - memorydb:DescribeParameterGroups + - memorydb:DescribeParameters + - memorydb:DescribeClusters + - memorydb:ListTags + - memorydb:TagResource + - memorydb:UntagResource + delete: + - memorydb:DeleteParameterGroup + list: + - memorydb:DescribeParameterGroups + SubnetGroup: + type: object + properties: + SubnetGroupName: + description: The name of the subnet group. This value must be unique as it also serves as the subnet group identifier. + pattern: '[a-z][a-z0-9\-]*' + type: string + Description: + description: An optional description of the subnet group. + type: string + SubnetIds: + description: A list of VPC subnet IDs for the subnet group. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + Tags: + description: An array of key-value pairs to apply to this subnet group. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + ARN: + description: The Amazon Resource Name (ARN) of the subnet group. + type: string + required: + - SubnetGroupName + - SubnetIds + x-stackql-resource-name: subnet_group + x-stackql-primaryIdentifier: + - SubnetGroupName + x-create-only-properties: + - SubnetGroupName + x-read-only-properties: + - ARN + x-required-permissions: + create: + - memorydb:CreateSubnetGroup + - memorydb:DescribeSubnetGroups + - memorydb:TagResource + - memorydb:ListTags + read: + - memorydb:DescribeSubnetGroups + - memorydb:ListTags + update: + - memorydb:UpdateSubnetGroup + - memorydb:DescribeSubnetGroups + - memorydb:ListTags + - memorydb:TagResource + - memorydb:UntagResource + delete: + - memorydb:DeleteSubnetGroup + - memorydb:DescribeSubnetGroups + list: + - memorydb:DescribeSubnetGroups + User: + type: object + properties: + Status: + description: Indicates the user status. Can be "active", "modifying" or "deleting". + type: string + UserName: + description: The name of the user. + pattern: '[a-z][a-z0-9\\-]*' + type: string + AccessString: + description: Access permissions string used for this user account. + type: string + AuthenticationMode: + type: object + properties: + Type: + type: string + description: Type of authentication strategy for this user. + enum: + - password + - iam + Passwords: + type: array + x-$comment: List of passwords. + uniqueItems: true + x-insertionOrder: true + maxItems: 2 + minItems: 1 + items: + type: string + description: Passwords used for this user account. You can create up to two passwords for each user. + additionalProperties: false + Arn: + description: The Amazon Resource Name (ARN) of the user account. + type: string + Tags: + description: An array of key-value pairs to apply to this user. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - UserName + x-stackql-resource-name: user + x-stackql-primaryIdentifier: + - UserName + x-create-only-properties: + - UserName + x-read-only-properties: + - Status + - Arn + x-required-permissions: + create: + - memorydb:CreateUser + - memorydb:DescribeUsers + - memorydb:TagResource + - memorydb:ListTags + read: + - memorydb:DescribeUsers + - memorydb:ListTags + update: + - memorydb:UpdateUser + - memorydb:DescribeUsers + - memorydb:ListTags + - memorydb:TagResource + - memorydb:UntagResource + delete: + - memorydb:DeleteUser + - memorydb:DescribeUsers + list: + - memorydb:DescribeUsers + - memorydb:ListTags + x-stackQL-resources: + acls: + name: acls + id: awscc.memorydb.acls + x-cfn-schema-name: ACL + x-type: list + x-identifiers: + - ACLName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ACLName') as a_cl_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::ACL' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ACLName') as a_cl_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::ACL' + AND region = 'us-east-1' + acl: + name: acl + id: awscc.memorydb.acl + x-cfn-schema-name: ACL + x-type: get + x-identifiers: + - ACLName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.ACLName') as a_cl_name, + JSON_EXTRACT(Properties, '$.UserNames') as user_names, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::ACL' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'ACLName') as a_cl_name, + json_extract_path_text(Properties, 'UserNames') as user_names, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::ACL' + AND data__Identifier = '' + AND region = 'us-east-1' + clusters: + name: clusters + id: awscc.memorydb.clusters + x-cfn-schema-name: Cluster + x-type: list + x-identifiers: + - ClusterName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::Cluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::Cluster' + AND region = 'us-east-1' + cluster: + name: cluster + id: awscc.memorydb.cluster + x-cfn-schema-name: Cluster + x-type: get + x-identifiers: + - ClusterName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.NodeType') as node_type, + JSON_EXTRACT(Properties, '$.NumShards') as num_shards, + JSON_EXTRACT(Properties, '$.NumReplicasPerShard') as num_replicas_per_shard, + JSON_EXTRACT(Properties, '$.SubnetGroupName') as subnet_group_name, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.MaintenanceWindow') as maintenance_window, + JSON_EXTRACT(Properties, '$.ParameterGroupName') as parameter_group_name, + JSON_EXTRACT(Properties, '$.ParameterGroupStatus') as parameter_group_status, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.SnapshotRetentionLimit') as snapshot_retention_limit, + JSON_EXTRACT(Properties, '$.SnapshotWindow') as snapshot_window, + JSON_EXTRACT(Properties, '$.ACLName') as a_cl_name, + JSON_EXTRACT(Properties, '$.SnsTopicArn') as sns_topic_arn, + JSON_EXTRACT(Properties, '$.SnsTopicStatus') as sns_topic_status, + JSON_EXTRACT(Properties, '$.TLSEnabled') as t_ls_enabled, + JSON_EXTRACT(Properties, '$.DataTiering') as data_tiering, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.SnapshotArns') as snapshot_arns, + JSON_EXTRACT(Properties, '$.SnapshotName') as snapshot_name, + JSON_EXTRACT(Properties, '$.FinalSnapshotName') as final_snapshot_name, + JSON_EXTRACT(Properties, '$.ARN') as a_rn, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.ClusterEndpoint') as cluster_endpoint, + JSON_EXTRACT(Properties, '$.AutoMinorVersionUpgrade') as auto_minor_version_upgrade, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'NodeType') as node_type, + json_extract_path_text(Properties, 'NumShards') as num_shards, + json_extract_path_text(Properties, 'NumReplicasPerShard') as num_replicas_per_shard, + json_extract_path_text(Properties, 'SubnetGroupName') as subnet_group_name, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'MaintenanceWindow') as maintenance_window, + json_extract_path_text(Properties, 'ParameterGroupName') as parameter_group_name, + json_extract_path_text(Properties, 'ParameterGroupStatus') as parameter_group_status, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'SnapshotRetentionLimit') as snapshot_retention_limit, + json_extract_path_text(Properties, 'SnapshotWindow') as snapshot_window, + json_extract_path_text(Properties, 'ACLName') as a_cl_name, + json_extract_path_text(Properties, 'SnsTopicArn') as sns_topic_arn, + json_extract_path_text(Properties, 'SnsTopicStatus') as sns_topic_status, + json_extract_path_text(Properties, 'TLSEnabled') as t_ls_enabled, + json_extract_path_text(Properties, 'DataTiering') as data_tiering, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'SnapshotArns') as snapshot_arns, + json_extract_path_text(Properties, 'SnapshotName') as snapshot_name, + json_extract_path_text(Properties, 'FinalSnapshotName') as final_snapshot_name, + json_extract_path_text(Properties, 'ARN') as a_rn, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'ClusterEndpoint') as cluster_endpoint, + json_extract_path_text(Properties, 'AutoMinorVersionUpgrade') as auto_minor_version_upgrade, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + parameter_groups: + name: parameter_groups + id: awscc.memorydb.parameter_groups + x-cfn-schema-name: ParameterGroup + x-type: list + x-identifiers: + - ParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ParameterGroupName') as parameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::ParameterGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ParameterGroupName') as parameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::ParameterGroup' + AND region = 'us-east-1' + parameter_group: + name: parameter_group + id: awscc.memorydb.parameter_group + x-cfn-schema-name: ParameterGroup + x-type: get + x-identifiers: + - ParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ParameterGroupName') as parameter_group_name, + JSON_EXTRACT(Properties, '$.Family') as family, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.ARN') as a_rn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::ParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ParameterGroupName') as parameter_group_name, + json_extract_path_text(Properties, 'Family') as family, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'ARN') as a_rn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::ParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + subnet_groups: + name: subnet_groups + id: awscc.memorydb.subnet_groups + x-cfn-schema-name: SubnetGroup + x-type: list + x-identifiers: + - SubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SubnetGroupName') as subnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::SubnetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SubnetGroupName') as subnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::SubnetGroup' + AND region = 'us-east-1' + subnet_group: + name: subnet_group + id: awscc.memorydb.subnet_group + x-cfn-schema-name: SubnetGroup + x-type: get + x-identifiers: + - SubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SubnetGroupName') as subnet_group_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ARN') as a_rn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::SubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SubnetGroupName') as subnet_group_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ARN') as a_rn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::SubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + users: + name: users + id: awscc.memorydb.users + x-cfn-schema-name: User + x-type: list + x-identifiers: + - UserName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserName') as user_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::User' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserName') as user_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MemoryDB::User' + AND region = 'us-east-1' + user: + name: user + id: awscc.memorydb.user + x-cfn-schema-name: User + x-type: get + x-identifiers: + - UserName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.UserName') as user_name, + JSON_EXTRACT(Properties, '$.AccessString') as access_string, + JSON_EXTRACT(Properties, '$.AuthenticationMode') as authentication_mode, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::User' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'UserName') as user_name, + json_extract_path_text(Properties, 'AccessString') as access_string, + json_extract_path_text(Properties, 'AuthenticationMode') as authentication_mode, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MemoryDB::User' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/msk.yaml b/providers/src/awscc/v00.00.00000/services/msk.yaml new file mode 100644 index 00000000..78e7bb14 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/msk.yaml @@ -0,0 +1,1466 @@ +openapi: 3.0.0 +info: + title: MSK + version: 1.0.0 +paths: {} +components: + schemas: + SecretArnList: + type: array + x-insertionOrder: false + items: + type: string + BatchScramSecret: + type: object + properties: + ClusterArn: + type: string + SecretArnList: + $ref: '#/components/schemas/SecretArnList' + required: + - ClusterArn + x-stackql-resource-name: batch_scram_secret + x-stackql-primaryIdentifier: + - ClusterArn + x-create-only-properties: + - ClusterArn + x-required-permissions: + create: + - kafka:BatchAssociateScramSecret + - kafka:ListScramSecrets + - kms:CreateGrant + - kms:DescribeKey + - secretsmanager:GetSecretValue + delete: + - kafka:BatchDisassociateScramSecret + - kafka:ListScramSecrets + - kms:CreateGrant + - kms:DescribeKey + list: + - kafka:ListScramSecrets + - kms:CreateGrant + - kms:DescribeKey + - secretsmanager:GetSecretValue + read: + - kafka:ListScramSecrets + - kms:CreateGrant + - kms:DescribeKey + - secretsmanager:GetSecretValue + update: + - kafka:BatchAssociateScramSecret + - kafka:BatchDisassociateScramSecret + - kafka:ListScramSecrets + - kms:CreateGrant + - kms:DescribeKey + - secretsmanager:GetSecretValue + S3: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + Prefix: + type: string + Bucket: + type: string + required: + - Enabled + BrokerLogs: + type: object + additionalProperties: false + properties: + S3: + $ref: '#/components/schemas/S3' + CloudWatchLogs: + $ref: '#/components/schemas/CloudWatchLogs' + Firehose: + $ref: '#/components/schemas/Firehose' + NodeExporter: + type: object + additionalProperties: false + properties: + EnabledInBroker: + type: boolean + required: + - EnabledInBroker + EncryptionInfo: + type: object + additionalProperties: false + properties: + EncryptionAtRest: + $ref: '#/components/schemas/EncryptionAtRest' + EncryptionInTransit: + $ref: '#/components/schemas/EncryptionInTransit' + Firehose: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + DeliveryStream: + type: string + required: + - Enabled + OpenMonitoring: + type: object + additionalProperties: false + properties: + Prometheus: + $ref: '#/components/schemas/Prometheus' + required: + - Prometheus + Prometheus: + type: object + additionalProperties: false + properties: + JmxExporter: + $ref: '#/components/schemas/JmxExporter' + NodeExporter: + $ref: '#/components/schemas/NodeExporter' + CloudWatchLogs: + type: object + additionalProperties: false + properties: + LogGroup: + type: string + Enabled: + type: boolean + required: + - Enabled + EBSStorageInfo: + type: object + additionalProperties: false + properties: + VolumeSize: + type: integer + minimum: 1 + maximum: 16384 + ProvisionedThroughput: + $ref: '#/components/schemas/ProvisionedThroughput' + ProvisionedThroughput: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + VolumeThroughput: + type: integer + PublicAccess: + type: object + additionalProperties: false + properties: + Type: + type: string + minLength: 7 + maxLength: 23 + VpcConnectivity: + type: object + additionalProperties: false + properties: + ClientAuthentication: + $ref: '#/components/schemas/VpcConnectivityClientAuthentication' + ConfigurationInfo: + type: object + additionalProperties: false + properties: + Revision: + type: integer + Arn: + type: string + required: + - Revision + - Arn + BrokerNodeGroupInfo: + type: object + additionalProperties: false + properties: + StorageInfo: + $ref: '#/components/schemas/StorageInfo' + ConnectivityInfo: + $ref: '#/components/schemas/ConnectivityInfo' + SecurityGroups: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + BrokerAZDistribution: + type: string + minLength: 6 + maxLength: 9 + ClientSubnets: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + InstanceType: + type: string + minLength: 5 + maxLength: 32 + required: + - ClientSubnets + - InstanceType + EncryptionAtRest: + type: object + additionalProperties: false + properties: + DataVolumeKMSKeyId: + type: string + required: + - DataVolumeKMSKeyId + JmxExporter: + type: object + additionalProperties: false + properties: + EnabledInBroker: + type: boolean + required: + - EnabledInBroker + StorageInfo: + type: object + additionalProperties: false + properties: + EBSStorageInfo: + $ref: '#/components/schemas/EBSStorageInfo' + ConnectivityInfo: + type: object + additionalProperties: false + properties: + PublicAccess: + $ref: '#/components/schemas/PublicAccess' + VpcConnectivity: + $ref: '#/components/schemas/VpcConnectivity' + VpcConnectivityTls: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + required: + - Enabled + VpcConnectivitySasl: + type: object + additionalProperties: false + properties: + Scram: + $ref: '#/components/schemas/VpcConnectivityScram' + Iam: + $ref: '#/components/schemas/VpcConnectivityIam' + VpcConnectivityScram: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + required: + - Enabled + VpcConnectivityIam: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + required: + - Enabled + Tls: + type: object + additionalProperties: false + properties: + CertificateAuthorityArnList: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + Enabled: + type: boolean + Sasl: + type: object + additionalProperties: false + properties: + Iam: + $ref: '#/components/schemas/Iam' + required: + - Iam + Scram: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + required: + - Enabled + Iam: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + required: + - Enabled + Unauthenticated: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + required: + - Enabled + ClientAuthentication: + type: object + properties: + Sasl: + $ref: '#/components/schemas/Sasl' + additionalProperties: false + required: + - Sasl + VpcConnectivityClientAuthentication: + type: object + additionalProperties: false + properties: + Tls: + $ref: '#/components/schemas/VpcConnectivityTls' + Sasl: + $ref: '#/components/schemas/VpcConnectivitySasl' + LoggingInfo: + type: object + additionalProperties: false + properties: + BrokerLogs: + $ref: '#/components/schemas/BrokerLogs' + required: + - BrokerLogs + EncryptionInTransit: + type: object + additionalProperties: false + properties: + InCluster: + type: boolean + ClientBroker: + type: string + enum: + - TLS + - TLS_PLAINTEXT + - PLAINTEXT + Cluster: + type: object + properties: + BrokerNodeGroupInfo: + $ref: '#/components/schemas/BrokerNodeGroupInfo' + EnhancedMonitoring: + type: string + minLength: 7 + maxLength: 23 + enum: + - DEFAULT + - PER_BROKER + - PER_TOPIC_PER_BROKER + - PER_TOPIC_PER_PARTITION + KafkaVersion: + type: string + minLength: 1 + maxLength: 128 + NumberOfBrokerNodes: + type: integer + EncryptionInfo: + $ref: '#/components/schemas/EncryptionInfo' + OpenMonitoring: + $ref: '#/components/schemas/OpenMonitoring' + ClusterName: + type: string + minLength: 1 + maxLength: 64 + Arn: + type: string + CurrentVersion: + description: The current version of the MSK cluster + type: string + ClientAuthentication: + $ref: '#/components/schemas/ClientAuthentication' + LoggingInfo: + $ref: '#/components/schemas/LoggingInfo' + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + additionalProperties: false + ConfigurationInfo: + $ref: '#/components/schemas/ConfigurationInfo' + StorageMode: + type: string + minLength: 5 + maxLength: 6 + enum: + - LOCAL + - TIERED + required: + - BrokerNodeGroupInfo + - KafkaVersion + - NumberOfBrokerNodes + - ClusterName + x-stackql-resource-name: cluster + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - BrokerNodeGroupInfo/BrokerAZDistribution + - BrokerNodeGroupInfo/ClientSubnets + - BrokerNodeGroupInfo/SecurityGroups + - EncryptionInfo/EncryptionAtRest + - EncryptionInfo/EncryptionInTransit/InCluster + - ClusterName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - iam:AttachRolePolicy + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + - kms:CreateGrant + - kms:DescribeKey + - kafka:CreateCluster + - kafka:DescribeCluster + - kafka:TagResource + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - firehose:TagDeliveryStream + - acm-pca:GetCertificateAuthorityCertificate + update: + - kafka:UpdateMonitoring + - kafka:UpdateClusterKafkaVersion + - kafka:UpdateClusterConfiguration + - kafka:UpdateBrokerType + - kafka:UpdateBrokerCount + - kafka:UpdateBrokerStorage + - kafka:UpdateStorage + - kafka:UpdateSecurity + - kafka:UpdateConnectivity + - kafka:DescribeCluster + - kafka:DescribeClusterOperation + - kafka:TagResource + - kafka:UntagResource + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - ec2:DescribeSecurityGroups + - iam:AttachRolePolicy + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + - kms:DescribeKey + - kms:CreateGrant + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - s3:GetBucketPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - firehose:TagDeliveryStream + - acm-pca:GetCertificateAuthorityCertificate + delete: + - kafka:DeleteCluster + - kafka:DescribeCluster + list: + - kafka:ListClusters + read: + - kafka:DescribeCluster + ClusterPolicy: + type: object + properties: + Policy: + description: A policy document containing permissions to add to the specified cluster. + type: object + ClusterArn: + description: The arn of the cluster for the resource policy. + type: string + pattern: ^arn:[\w-]+:kafka:[\w-]+:\d+:cluster.*\Z + CurrentVersion: + description: The current version of the policy attached to the specified cluster + type: string + pattern: ^(K)([a-zA-Z0-9]+)\Z + required: + - Policy + - ClusterArn + x-stackql-resource-name: cluster_policy + x-stackql-primaryIdentifier: + - ClusterArn + x-create-only-properties: + - ClusterArn + x-read-only-properties: + - CurrentVersion + x-required-permissions: + create: + - kafka:PutClusterPolicy + - kafka:GetClusterPolicy + read: + - kafka:GetClusterPolicy + list: + - kafka:GetClusterPolicy + update: + - kafka:PutClusterPolicy + - kafka:GetClusterPolicy + delete: + - kafka:DeleteClusterPolicy + - kafka:GetClusterPolicy + KafkaVersionsList: + type: array + x-insertionOrder: false + items: + type: string + LatestRevision: + type: object + additionalProperties: false + properties: + CreationTime: + type: string + Description: + type: string + Revision: + type: integer + Configuration: + type: object + properties: + Name: + type: string + Description: + type: string + ServerProperties: + type: string + KafkaVersionsList: + $ref: '#/components/schemas/KafkaVersionsList' + Arn: + type: string + LatestRevision: + $ref: '#/components/schemas/LatestRevision' + required: + - ServerProperties + - Name + x-stackql-resource-name: configuration + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - KafkaVersionsList + - Name + x-read-only-properties: + - Arn + - LatestRevision/CreationTime + - LatestRevision/Revision + - LatestRevision/Description + x-required-permissions: + create: + - kafka:CreateConfiguration + - Kafka:DescribeConfiguration + delete: + - kafka:DeleteConfiguration + - kafka:DescribeConfiguration + list: + - kafka:ListConfigurations + read: + - kafka:DescribeConfiguration + update: + - kafka:UpdateConfiguration + - kafka:DescribeConfiguration + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + maxLength: 256 + required: + - Value + - Key + additionalProperties: false + TopicReplication: + type: object + additionalProperties: false + properties: + TopicsToReplicate: + description: List of regular expression patterns indicating the topics to copy. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + maxItems: 100 + items: + type: string + maxLength: 249 + TopicsToExclude: + description: List of regular expression patterns indicating the topics that should not be replicated. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + maxItems: 100 + items: + type: string + maxLength: 249 + CopyTopicConfigurations: + description: Whether to periodically configure remote topics to match their corresponding upstream topics. + type: boolean + CopyAccessControlListsForTopics: + description: Whether to periodically configure remote topic ACLs to match their corresponding upstream topics. + type: boolean + DetectAndCopyNewTopics: + description: Whether to periodically check for new topics and partitions. + type: boolean + required: + - TopicsToReplicate + ConsumerGroupReplication: + description: Configuration relating to consumer group replication. + type: object + additionalProperties: false + properties: + ConsumerGroupsToReplicate: + description: List of regular expression patterns indicating the consumer groups to copy. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 100 + items: + type: string + maxLength: 256 + ConsumerGroupsToExclude: + description: List of regular expression patterns indicating the consumer groups that should not be replicated. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + maxItems: 100 + items: + type: string + maxLength: 256 + SynchroniseConsumerGroupOffsets: + description: Whether to periodically write the translated offsets to __consumer_offsets topic in target cluster. + type: boolean + DetectAndCopyNewConsumerGroups: + description: Whether to periodically check for new consumer groups. + type: boolean + required: + - ConsumerGroupsToReplicate + ReplicationInfo: + description: Specifies configuration for replication between a source and target Kafka cluster. + type: object + additionalProperties: false + properties: + SourceKafkaClusterArn: + description: Amazon Resource Name of the source Kafka cluster. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):kafka:.* + TargetKafkaClusterArn: + description: Amazon Resource Name of the target Kafka cluster. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):kafka:.* + TargetCompressionType: + description: The type of compression to use writing records to target Kafka cluster. + type: string + enum: + - NONE + - GZIP + - SNAPPY + - LZ4 + - ZSTD + TopicReplication: + description: Configuration relating to topic replication. + $ref: '#/components/schemas/TopicReplication' + ConsumerGroupReplication: + description: Configuration relating to consumer group replication. + $ref: '#/components/schemas/ConsumerGroupReplication' + required: + - SourceKafkaClusterArn + - TargetKafkaClusterArn + - TopicReplication + - ConsumerGroupReplication + - TargetCompressionType + AmazonMskCluster: + description: Details of an Amazon MSK cluster. + type: object + additionalProperties: false + properties: + MskClusterArn: + description: The ARN of an Amazon MSK cluster. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):kafka:.* + required: + - MskClusterArn + KafkaClusterClientVpcConfig: + description: Details of an Amazon VPC which has network connectivity to the Kafka cluster. + type: object + additionalProperties: false + properties: + SecurityGroupIds: + description: The AWS security groups to associate with the elastic network interfaces in order to specify what the replicator has access to. If a security group is not specified, the default security group associated with the VPC is used. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + maxItems: 16 + items: + type: string + SubnetIds: + description: The list of subnets to connect to in the virtual private cloud (VPC). AWS creates elastic network interfaces inside these subnets. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 2 + maxItems: 3 + items: + type: string + required: + - SubnetIds + KafkaCluster: + description: Details of a Kafka cluster for replication. + type: object + additionalProperties: false + properties: + AmazonMskCluster: + description: Details of an Amazon MSK cluster. Exactly one of AmazonMskCluster is required. + $ref: '#/components/schemas/AmazonMskCluster' + VpcConfig: + description: Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster. + $ref: '#/components/schemas/KafkaClusterClientVpcConfig' + required: + - AmazonMskCluster + - VpcConfig + Replicator: + type: object + properties: + ReplicatorArn: + description: Amazon Resource Name for the created replicator. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):kafka:.* + ReplicatorName: + description: The name of the replicator. + type: string + minLength: 1 + maxLength: 128 + pattern: ^[0-9A-Za-z][0-9A-Za-z-]{0,}$ + CurrentVersion: + description: The current version of the MSK replicator. + type: string + Description: + description: A summary description of the replicator. + type: string + maxLength: 1024 + KafkaClusters: + description: Specifies a list of Kafka clusters which are targets of the replicator. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 2 + maxItems: 2 + items: + $ref: '#/components/schemas/KafkaCluster' + ReplicationInfoList: + description: A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/ReplicationInfo' + ServiceExecutionRoleArn: + description: The Amazon Resource Name (ARN) of the IAM role used by the replicator to access external resources. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn):iam:.* + Tags: + description: A collection of tags associated with a resource + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ReplicatorName + - ReplicationInfoList + - KafkaClusters + - ServiceExecutionRoleArn + x-stackql-resource-name: replicator + x-stackql-primaryIdentifier: + - ReplicatorArn + x-create-only-properties: + - ReplicatorName + - Description + - KafkaClusters + - ServiceExecutionRoleArn + x-read-only-properties: + - ReplicatorArn + x-required-permissions: + create: + - ec2:CreateNetworkInterface + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - iam:CreateServiceLinkedRole + - iam:PassRole + - kafka:CreateReplicator + - kafka:CreateReplicatorReference + - kafka:DescribeClusterV2 + - kafka:DescribeReplicator + - kafka:GetBootstrapBrokers + - kafka:ListTagsForResource + - kafka:TagResource + read: + - kafka:DescribeReplicator + - kafka:ListTagsForResource + update: + - kafka:DescribeReplicator + - kafka:ListTagsForResource + - kafka:TagResource + - kafka:UntagResource + - kafka:UpdateReplicationInfo + delete: + - kafka:DeleteReplicator + - kafka:DescribeReplicator + - kafka:ListTagsForResource + - kafka:UntagResource + list: + - kafka:ListReplicators + VpcConfig: + type: object + additionalProperties: false + properties: + SecurityGroups: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + SubnetIds: + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + required: + - SubnetIds + ServerlessCluster: + type: object + properties: + Arn: + type: string + ClusterName: + type: string + minLength: 1 + maxLength: 64 + VpcConfigs: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/VpcConfig' + ClientAuthentication: + $ref: '#/components/schemas/ClientAuthentication' + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + additionalProperties: false + required: + - ClusterName + - VpcConfigs + - ClientAuthentication + x-stackql-resource-name: serverless_cluster + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ClusterName + - VpcConfigs + - ClientAuthentication + - Tags + x-read-only-properties: + - Arn + x-required-permissions: + create: + - kafka:CreateClusterV2 + - kafka:TagResource + - kafka:DescribeClusterV2 + - ec2:CreateVpcEndpoint + - ec2:CreateTags + - ec2:DescribeVpcAttribute + - ec2:DescribeSubnets + - ec2:DescribeVpcEndpoints + - ec2:DescribeVpcs + - ec2:DescribeSecurityGroups + read: + - kafka:DescribeClusterV2 + delete: + - kafka:DeleteCluster + - kafka:DescribeClusterV2 + - ec2:DeleteVpcEndpoints + list: + - kafka:ListClustersV2 + Authentication: + type: string + description: The type of private link authentication + minLength: 3 + maxLength: 10 + enum: + - SASL_IAM + - SASL_SCRAM + - TLS + ClientSubnets: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + pattern: ^(subnet-)([a-z0-9]+)\Z + SecurityGroups: + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + pattern: ^(sg-)([a-z0-9]+)\Z + Tags: + type: object + description: A key-value pair to associate with a resource. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + additionalProperties: false + VpcId: + type: string + pattern: ^(vpc-)([a-z0-9]+)\Z + VpcConnection: + type: object + properties: + Arn: + type: string + Authentication: + $ref: '#/components/schemas/Authentication' + ClientSubnets: + $ref: '#/components/schemas/ClientSubnets' + TargetClusterArn: + description: The Amazon Resource Name (ARN) of the target cluster + type: string + pattern: ^arn:[\w-]+:kafka:[\w-]+:\d+:cluster.*\Z + SecurityGroups: + $ref: '#/components/schemas/SecurityGroups' + Tags: + $ref: '#/components/schemas/Tags' + VpcId: + $ref: '#/components/schemas/VpcId' + required: + - Authentication + - ClientSubnets + - SecurityGroups + - TargetClusterArn + - VpcId + x-stackql-resource-name: vpc_connection + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ClientSubnets + - Authentication + - SecurityGroups + - TargetClusterArn + - VpcId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ec2:CreateVpcEndpoint + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - ec2:DescribeVpcEndpoints + - ec2:AcceptVpcEndpointConnections + - ec2:RejectVpcEndpointConnections + - ec2:DescribeVpcEndpointConnections + - ec2:CreateTags + - iam:AttachRolePolicy + - iam:CreateServiceLinkedRole + - iam:PutRolePolicy + - kafka:CreateVpcConnection + - kafka:DescribeVpcConnection + - kafka:TagResource + - kms:CreateGrant + - kms:DescribeKey + read: + - kafka:DescribeVpcConnection + - kms:CreateGrant + - kms:DescribeKey + update: + - kafka:DescribeVpcConnection + - kms:CreateGrant + - kms:DescribeKey + - kafka:TagResource + - kafka:UntagResource + delete: + - ec2:DeleteVpcEndpoint + - ec2:DeleteVpcEndpoints + - ec2:DescribeVpcEndpoints + - ec2:DescribeVpcEndpointConnections + - kafka:DeleteVpcConnection + - kafka:DescribeVpcConnection + - kms:CreateGrant + - kms:DescribeKey + list: + - kafka:ListVpcConnections + - kms:CreateGrant + - kms:DescribeKey + x-stackQL-resources: + batch_scram_secrets: + name: batch_scram_secrets + id: awscc.msk.batch_scram_secrets + x-cfn-schema-name: BatchScramSecret + x-type: list + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::BatchScramSecret' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::BatchScramSecret' + AND region = 'us-east-1' + batch_scram_secret: + name: batch_scram_secret + id: awscc.msk.batch_scram_secret + x-cfn-schema-name: BatchScramSecret + x-type: get + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn, + JSON_EXTRACT(Properties, '$.SecretArnList') as secret_arn_list + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::BatchScramSecret' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn, + json_extract_path_text(Properties, 'SecretArnList') as secret_arn_list + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::BatchScramSecret' + AND data__Identifier = '' + AND region = 'us-east-1' + clusters: + name: clusters + id: awscc.msk.clusters + x-cfn-schema-name: Cluster + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::Cluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::Cluster' + AND region = 'us-east-1' + cluster: + name: cluster + id: awscc.msk.cluster + x-cfn-schema-name: Cluster + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BrokerNodeGroupInfo') as broker_node_group_info, + JSON_EXTRACT(Properties, '$.EnhancedMonitoring') as enhanced_monitoring, + JSON_EXTRACT(Properties, '$.KafkaVersion') as kafka_version, + JSON_EXTRACT(Properties, '$.NumberOfBrokerNodes') as number_of_broker_nodes, + JSON_EXTRACT(Properties, '$.EncryptionInfo') as encryption_info, + JSON_EXTRACT(Properties, '$.OpenMonitoring') as open_monitoring, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CurrentVersion') as current_version, + JSON_EXTRACT(Properties, '$.ClientAuthentication') as client_authentication, + JSON_EXTRACT(Properties, '$.LoggingInfo') as logging_info, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ConfigurationInfo') as configuration_info, + JSON_EXTRACT(Properties, '$.StorageMode') as storage_mode + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BrokerNodeGroupInfo') as broker_node_group_info, + json_extract_path_text(Properties, 'EnhancedMonitoring') as enhanced_monitoring, + json_extract_path_text(Properties, 'KafkaVersion') as kafka_version, + json_extract_path_text(Properties, 'NumberOfBrokerNodes') as number_of_broker_nodes, + json_extract_path_text(Properties, 'EncryptionInfo') as encryption_info, + json_extract_path_text(Properties, 'OpenMonitoring') as open_monitoring, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CurrentVersion') as current_version, + json_extract_path_text(Properties, 'ClientAuthentication') as client_authentication, + json_extract_path_text(Properties, 'LoggingInfo') as logging_info, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ConfigurationInfo') as configuration_info, + json_extract_path_text(Properties, 'StorageMode') as storage_mode + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + cluster_policies: + name: cluster_policies + id: awscc.msk.cluster_policies + x-cfn-schema-name: ClusterPolicy + x-type: list + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::ClusterPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::ClusterPolicy' + AND region = 'us-east-1' + cluster_policy: + name: cluster_policy + id: awscc.msk.cluster_policy + x-cfn-schema-name: ClusterPolicy + x-type: get + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn, + JSON_EXTRACT(Properties, '$.CurrentVersion') as current_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::ClusterPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn, + json_extract_path_text(Properties, 'CurrentVersion') as current_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::ClusterPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + configurations: + name: configurations + id: awscc.msk.configurations + x-cfn-schema-name: Configuration + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::Configuration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::Configuration' + AND region = 'us-east-1' + configuration: + name: configuration + id: awscc.msk.configuration + x-cfn-schema-name: Configuration + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ServerProperties') as server_properties, + JSON_EXTRACT(Properties, '$.KafkaVersionsList') as kafka_versions_list, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.LatestRevision') as latest_revision + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::Configuration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ServerProperties') as server_properties, + json_extract_path_text(Properties, 'KafkaVersionsList') as kafka_versions_list, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'LatestRevision') as latest_revision + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::Configuration' + AND data__Identifier = '' + AND region = 'us-east-1' + replicators: + name: replicators + id: awscc.msk.replicators + x-cfn-schema-name: Replicator + x-type: list + x-identifiers: + - ReplicatorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReplicatorArn') as replicator_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::Replicator' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReplicatorArn') as replicator_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::Replicator' + AND region = 'us-east-1' + replicator: + name: replicator + id: awscc.msk.replicator + x-cfn-schema-name: Replicator + x-type: get + x-identifiers: + - ReplicatorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReplicatorArn') as replicator_arn, + JSON_EXTRACT(Properties, '$.ReplicatorName') as replicator_name, + JSON_EXTRACT(Properties, '$.CurrentVersion') as current_version, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.KafkaClusters') as kafka_clusters, + JSON_EXTRACT(Properties, '$.ReplicationInfoList') as replication_info_list, + JSON_EXTRACT(Properties, '$.ServiceExecutionRoleArn') as service_execution_role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::Replicator' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReplicatorArn') as replicator_arn, + json_extract_path_text(Properties, 'ReplicatorName') as replicator_name, + json_extract_path_text(Properties, 'CurrentVersion') as current_version, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'KafkaClusters') as kafka_clusters, + json_extract_path_text(Properties, 'ReplicationInfoList') as replication_info_list, + json_extract_path_text(Properties, 'ServiceExecutionRoleArn') as service_execution_role_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::Replicator' + AND data__Identifier = '' + AND region = 'us-east-1' + serverless_clusters: + name: serverless_clusters + id: awscc.msk.serverless_clusters + x-cfn-schema-name: ServerlessCluster + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::ServerlessCluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::ServerlessCluster' + AND region = 'us-east-1' + serverless_cluster: + name: serverless_cluster + id: awscc.msk.serverless_cluster + x-cfn-schema-name: ServerlessCluster + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ClusterName') as cluster_name, + JSON_EXTRACT(Properties, '$.VpcConfigs') as vpc_configs, + JSON_EXTRACT(Properties, '$.ClientAuthentication') as client_authentication, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::ServerlessCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ClusterName') as cluster_name, + json_extract_path_text(Properties, 'VpcConfigs') as vpc_configs, + json_extract_path_text(Properties, 'ClientAuthentication') as client_authentication, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::ServerlessCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_connections: + name: vpc_connections + id: awscc.msk.vpc_connections + x-cfn-schema-name: VpcConnection + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::VpcConnection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MSK::VpcConnection' + AND region = 'us-east-1' + vpc_connection: + name: vpc_connection + id: awscc.msk.vpc_connection + x-cfn-schema-name: VpcConnection + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Authentication') as authentication, + JSON_EXTRACT(Properties, '$.ClientSubnets') as client_subnets, + JSON_EXTRACT(Properties, '$.TargetClusterArn') as target_cluster_arn, + JSON_EXTRACT(Properties, '$.SecurityGroups') as security_groups, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::VpcConnection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Authentication') as authentication, + json_extract_path_text(Properties, 'ClientSubnets') as client_subnets, + json_extract_path_text(Properties, 'TargetClusterArn') as target_cluster_arn, + json_extract_path_text(Properties, 'SecurityGroups') as security_groups, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcId') as vpc_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MSK::VpcConnection' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/mwaa.yaml b/providers/src/awscc/v00.00.00000/services/mwaa.yaml new file mode 100644 index 00000000..c3f100a2 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/mwaa.yaml @@ -0,0 +1,500 @@ +openapi: 3.0.0 +info: + title: MWAA + version: 1.0.0 +paths: {} +components: + schemas: + EnvironmentName: + type: string + description: Customer-defined identifier for the environment, unique per customer region. + minLength: 1 + maxLength: 80 + pattern: ^[a-zA-Z][0-9a-zA-Z\-_]*$ + EnvironmentStatus: + type: string + description: The status of the environment. + enum: + - CREATING + - CREATE_FAILED + - AVAILABLE + - UPDATING + - DELETING + - DELETED + - UPDATE_FAILED + - UNAVAILABLE + - PENDING + UpdateStatus: + type: string + description: '' + enum: + - SUCCESS + - PENDING + - FAILED + UpdateError: + type: object + description: The error associated with an update request. + additionalProperties: false + properties: + ErrorCode: + $ref: '#/components/schemas/ErrorCode' + ErrorMessage: + $ref: '#/components/schemas/ErrorMessage' + AirflowArn: + type: string + description: '' + minLength: 1 + maxLength: 1224 + pattern: ^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b)(-[a-z]+)?:airflow:[a-z0-9\-]+:\d{12}:environment/\w+ + EnvironmentArn: + type: string + description: ARN for the MWAA environment. + minLength: 1 + maxLength: 1224 + pattern: ^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b)(-[a-z]+)?:airflow:[a-z0-9\-]+:\d{12}:environment/\w+ + S3BucketArn: + type: string + description: ARN for the AWS S3 bucket to use as the source of DAGs and plugins for the environment. + minLength: 1 + maxLength: 1224 + pattern: ^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b)(-[a-z]+)?:s3:::[a-z0-9.\-]+$ + CreatedAt: + type: string + description: When the environment resource was created. + UpdateCreatedAt: + type: string + description: When the update request was created. + WebserverUrl: + type: string + description: Url endpoint for the environment's Airflow UI. + minLength: 1 + maxLength: 256 + pattern: ^https://.+$ + ExecutionRoleArn: + type: string + description: IAM role to be used by tasks. + maxLength: 1224 + pattern: ^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b)(-[a-z]+)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + ServiceRoleArn: + type: string + description: IAM role to be used by MWAA to perform AWS API calls on behalf of the customer. + maxLength: 1224 + pattern: ^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b)(-[a-z]+)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + KmsKey: + type: string + description: |- + The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for MWAA data encryption. + + You can specify the CMK using any of the following: + + Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. + + Key alias. For example, alias/ExampleAlias. + + Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + + Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + + AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails. + maxLength: 1224 + pattern: ^(((arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b)(-[a-z]+)?:kms:[a-z]{2}-[a-z]+-\d:\d+:)?key\/)?[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}|(arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):kms:[a-z]{2}-[a-z]+-\d:\d+:)?alias/.+)$ + AirflowVersion: + type: string + description: Version of airflow to deploy to the environment. + maxLength: 32 + pattern: ^[0-9a-z.]+$ + RelativePath: + type: string + description: Represents an S3 prefix relative to the root of an S3 bucket. + maxLength: 1024 + pattern: .* + ConfigKey: + type: string + description: '' + maxLength: 64 + pattern: ^[a-z]+([a-z._]*[a-z]+)?$ + ConfigValue: + type: string + description: '' + maxLength: 256 + pattern: .* + SecurityGroupId: + type: string + description: '' + minLength: 1 + maxLength: 1024 + pattern: ^sg-[a-zA-Z0-9\-._]+$ + SubnetId: + type: string + description: '' + maxLength: 1024 + pattern: ^subnet-[a-zA-Z0-9\-._]+$ + CloudWatchLogGroupArn: + type: string + description: '' + maxLength: 1224 + pattern: ^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b)(-[a-z]+)?:logs:[a-z0-9\-]+:\d{12}:log-group:\w+ + LoggingEnabled: + type: boolean + description: '' + LoggingLevel: + type: string + description: '' + enum: + - CRITICAL + - ERROR + - WARNING + - INFO + - DEBUG + EnvironmentClass: + type: string + description: Templated configuration for airflow processes and backing infrastructure. + minLength: 1 + maxLength: 1024 + MaxWorkers: + type: integer + description: Maximum worker compute units. + minimum: 1 + MinWorkers: + type: integer + description: Minimum worker compute units. + minimum: 1 + Schedulers: + type: integer + description: Scheduler compute units. + minimum: 1 + NetworkConfiguration: + type: object + description: Configures the network resources of the environment. + additionalProperties: false + properties: + SubnetIds: + type: array + x-insertionOrder: true + description: A list of subnets to use for the environment. These must be private subnets, in the same VPC, in two different availability zones. + minItems: 2 + maxItems: 2 + items: + $ref: '#/components/schemas/SubnetId' + SecurityGroupIds: + type: array + x-insertionOrder: true + description: A list of security groups to use for the environment. + minItems: 1 + maxItems: 5 + items: + $ref: '#/components/schemas/SecurityGroupId' + LoggingConfiguration: + type: object + description: Logging configuration for the environment. + additionalProperties: false + properties: + DagProcessingLogs: + $ref: '#/components/schemas/ModuleLoggingConfiguration' + SchedulerLogs: + $ref: '#/components/schemas/ModuleLoggingConfiguration' + WebserverLogs: + $ref: '#/components/schemas/ModuleLoggingConfiguration' + WorkerLogs: + $ref: '#/components/schemas/ModuleLoggingConfiguration' + TaskLogs: + $ref: '#/components/schemas/ModuleLoggingConfiguration' + LoggingConfigurationInput: + type: object + description: Configures logging for the environment. + additionalProperties: false + properties: + DagProcessingLogs: + $ref: '#/components/schemas/ModuleLoggingConfigurationInput' + SchedulerLogs: + $ref: '#/components/schemas/ModuleLoggingConfigurationInput' + WebserverLogs: + $ref: '#/components/schemas/ModuleLoggingConfigurationInput' + WorkerLogs: + $ref: '#/components/schemas/ModuleLoggingConfigurationInput' + TaskLogs: + $ref: '#/components/schemas/ModuleLoggingConfigurationInput' + ModuleLoggingConfiguration: + type: object + description: Logging configuration for a specific airflow component. + additionalProperties: false + properties: + Enabled: + $ref: '#/components/schemas/LoggingEnabled' + LogLevel: + $ref: '#/components/schemas/LoggingLevel' + CloudWatchLogGroupArn: + $ref: '#/components/schemas/CloudWatchLogGroupArn' + ModuleLoggingConfigurationInput: + type: object + description: Configures airflow component logging for the environment. + additionalProperties: false + properties: + Enabled: + $ref: '#/components/schemas/LoggingEnabled' + LogLevel: + $ref: '#/components/schemas/LoggingLevel' + LastUpdate: + type: object + description: Details about the last update performed on the environment. + additionalProperties: false + properties: + Status: + $ref: '#/components/schemas/UpdateStatus' + CreatedAt: + $ref: '#/components/schemas/UpdateCreatedAt' + Error: + $ref: '#/components/schemas/UpdateError' + ErrorCode: + type: string + description: The error code associated with an error. + ErrorMessage: + type: string + description: Error message describing a failed operation. + minLength: 1 + maxLength: 1024 + pattern: ^.+$ + S3ObjectVersion: + type: string + description: Represents an version ID for an S3 object. + maxLength: 1024 + WeeklyMaintenanceWindowStart: + type: string + description: Start time for the weekly maintenance window. + maxLength: 9 + pattern: (MON|TUE|WED|THU|FRI|SAT|SUN):([01]\d|2[0-3]):(00|30) + WebserverAccessMode: + type: string + description: Choice for mode of webserver access including over public internet or via private VPC endpoint. + enum: + - PRIVATE_ONLY + - PUBLIC_ONLY + EndpointManagement: + type: string + description: Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. + enum: + - CUSTOMER + - SERVICE + CeleryExecutorQueue: + type: string + description: The celery executor queue associated with the environment. + maxLength: 1224 + DatabaseVpcEndpointService: + type: string + description: The database VPC endpoint service name. + maxLength: 1224 + WebserverVpcEndpointService: + type: string + description: The webserver VPC endpoint service name, applicable if private webserver access mode selected. + maxLength: 1224 + Environment: + type: object + properties: + Name: + $ref: '#/components/schemas/EnvironmentName' + Arn: + $ref: '#/components/schemas/EnvironmentArn' + WebserverUrl: + $ref: '#/components/schemas/WebserverUrl' + ExecutionRoleArn: + $ref: '#/components/schemas/ExecutionRoleArn' + KmsKey: + $ref: '#/components/schemas/KmsKey' + AirflowVersion: + $ref: '#/components/schemas/AirflowVersion' + SourceBucketArn: + $ref: '#/components/schemas/S3BucketArn' + DagS3Path: + $ref: '#/components/schemas/RelativePath' + PluginsS3Path: + $ref: '#/components/schemas/RelativePath' + PluginsS3ObjectVersion: + $ref: '#/components/schemas/S3ObjectVersion' + RequirementsS3Path: + $ref: '#/components/schemas/RelativePath' + RequirementsS3ObjectVersion: + $ref: '#/components/schemas/S3ObjectVersion' + StartupScriptS3Path: + $ref: '#/components/schemas/RelativePath' + StartupScriptS3ObjectVersion: + $ref: '#/components/schemas/S3ObjectVersion' + AirflowConfigurationOptions: + type: object + description: |- + Key/value pairs representing Airflow configuration variables. + Keys are prefixed by their section: + + [core] + dags_folder={AIRFLOW_HOME}/dags + + Would be represented as + + "core.dags_folder": "{AIRFLOW_HOME}/dags" + EnvironmentClass: + $ref: '#/components/schemas/EnvironmentClass' + MaxWorkers: + $ref: '#/components/schemas/MaxWorkers' + MinWorkers: + $ref: '#/components/schemas/MinWorkers' + Schedulers: + $ref: '#/components/schemas/Schedulers' + NetworkConfiguration: + $ref: '#/components/schemas/NetworkConfiguration' + LoggingConfiguration: + $ref: '#/components/schemas/LoggingConfiguration' + WeeklyMaintenanceWindowStart: + $ref: '#/components/schemas/WeeklyMaintenanceWindowStart' + Tags: + type: object + description: A map of tags for the environment. + WebserverAccessMode: + $ref: '#/components/schemas/WebserverAccessMode' + EndpointManagement: + $ref: '#/components/schemas/EndpointManagement' + CeleryExecutorQueue: + $ref: '#/components/schemas/CeleryExecutorQueue' + DatabaseVpcEndpointService: + $ref: '#/components/schemas/DatabaseVpcEndpointService' + WebserverVpcEndpointService: + $ref: '#/components/schemas/WebserverVpcEndpointService' + required: + - Name + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - KmsKey + - NetworkConfiguration/SubnetIds + - EndpointManagement + x-read-only-properties: + - Arn + - CeleryExecutorQueue + - DatabaseVpcEndpointService + - WebserverVpcEndpointService + - WebserverUrl + - LoggingConfiguration/DagProcessingLogs/CloudWatchLogGroupArn + - LoggingConfiguration/SchedulerLogs/CloudWatchLogGroupArn + - LoggingConfiguration/WebserverLogs/CloudWatchLogGroupArn + - LoggingConfiguration/WorkerLogs/CloudWatchLogGroupArn + - LoggingConfiguration/TaskLogs/CloudWatchLogGroupArn + x-required-permissions: + create: + - airflow:CreateEnvironment + read: + - airflow:GetEnvironment + update: + - airflow:UpdateEnvironment + - airflow:TagResource + - airflow:UntagResource + delete: + - airflow:DeleteEnvironment + list: + - airflow:ListEnvironments + x-stackQL-resources: + environments: + name: environments + id: awscc.mwaa.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MWAA::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::MWAA::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.mwaa.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.WebserverUrl') as webserver_url, + JSON_EXTRACT(Properties, '$.ExecutionRoleArn') as execution_role_arn, + JSON_EXTRACT(Properties, '$.KmsKey') as kms_key, + JSON_EXTRACT(Properties, '$.AirflowVersion') as airflow_version, + JSON_EXTRACT(Properties, '$.SourceBucketArn') as source_bucket_arn, + JSON_EXTRACT(Properties, '$.DagS3Path') as dag_s3_path, + JSON_EXTRACT(Properties, '$.PluginsS3Path') as plugins_s3_path, + JSON_EXTRACT(Properties, '$.PluginsS3ObjectVersion') as plugins_s3_object_version, + JSON_EXTRACT(Properties, '$.RequirementsS3Path') as requirements_s3_path, + JSON_EXTRACT(Properties, '$.RequirementsS3ObjectVersion') as requirements_s3_object_version, + JSON_EXTRACT(Properties, '$.StartupScriptS3Path') as startup_script_s3_path, + JSON_EXTRACT(Properties, '$.StartupScriptS3ObjectVersion') as startup_script_s3_object_version, + JSON_EXTRACT(Properties, '$.AirflowConfigurationOptions') as airflow_configuration_options, + JSON_EXTRACT(Properties, '$.EnvironmentClass') as environment_class, + JSON_EXTRACT(Properties, '$.MaxWorkers') as max_workers, + JSON_EXTRACT(Properties, '$.MinWorkers') as min_workers, + JSON_EXTRACT(Properties, '$.Schedulers') as schedulers, + JSON_EXTRACT(Properties, '$.NetworkConfiguration') as network_configuration, + JSON_EXTRACT(Properties, '$.LoggingConfiguration') as logging_configuration, + JSON_EXTRACT(Properties, '$.WeeklyMaintenanceWindowStart') as weekly_maintenance_window_start, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.WebserverAccessMode') as webserver_access_mode, + JSON_EXTRACT(Properties, '$.EndpointManagement') as endpoint_management, + JSON_EXTRACT(Properties, '$.CeleryExecutorQueue') as celery_executor_queue, + JSON_EXTRACT(Properties, '$.DatabaseVpcEndpointService') as database_vpc_endpoint_service, + JSON_EXTRACT(Properties, '$.WebserverVpcEndpointService') as webserver_vpc_endpoint_service + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MWAA::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'WebserverUrl') as webserver_url, + json_extract_path_text(Properties, 'ExecutionRoleArn') as execution_role_arn, + json_extract_path_text(Properties, 'KmsKey') as kms_key, + json_extract_path_text(Properties, 'AirflowVersion') as airflow_version, + json_extract_path_text(Properties, 'SourceBucketArn') as source_bucket_arn, + json_extract_path_text(Properties, 'DagS3Path') as dag_s3_path, + json_extract_path_text(Properties, 'PluginsS3Path') as plugins_s3_path, + json_extract_path_text(Properties, 'PluginsS3ObjectVersion') as plugins_s3_object_version, + json_extract_path_text(Properties, 'RequirementsS3Path') as requirements_s3_path, + json_extract_path_text(Properties, 'RequirementsS3ObjectVersion') as requirements_s3_object_version, + json_extract_path_text(Properties, 'StartupScriptS3Path') as startup_script_s3_path, + json_extract_path_text(Properties, 'StartupScriptS3ObjectVersion') as startup_script_s3_object_version, + json_extract_path_text(Properties, 'AirflowConfigurationOptions') as airflow_configuration_options, + json_extract_path_text(Properties, 'EnvironmentClass') as environment_class, + json_extract_path_text(Properties, 'MaxWorkers') as max_workers, + json_extract_path_text(Properties, 'MinWorkers') as min_workers, + json_extract_path_text(Properties, 'Schedulers') as schedulers, + json_extract_path_text(Properties, 'NetworkConfiguration') as network_configuration, + json_extract_path_text(Properties, 'LoggingConfiguration') as logging_configuration, + json_extract_path_text(Properties, 'WeeklyMaintenanceWindowStart') as weekly_maintenance_window_start, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'WebserverAccessMode') as webserver_access_mode, + json_extract_path_text(Properties, 'EndpointManagement') as endpoint_management, + json_extract_path_text(Properties, 'CeleryExecutorQueue') as celery_executor_queue, + json_extract_path_text(Properties, 'DatabaseVpcEndpointService') as database_vpc_endpoint_service, + json_extract_path_text(Properties, 'WebserverVpcEndpointService') as webserver_vpc_endpoint_service + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::MWAA::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/neptune.yaml b/providers/src/awscc/v00.00.00000/services/neptune.yaml new file mode 100644 index 00000000..6dc47847 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/neptune.yaml @@ -0,0 +1,381 @@ +openapi: 3.0.0 +info: + title: Neptune + version: 1.0.0 +paths: {} +components: + schemas: + DBClusterRole: + description: Describes an AWS Identity and Access Management (IAM) role that is associated with a DB cluster. + type: object + additionalProperties: false + properties: + FeatureName: + description: The name of the feature associated with the AWS Identity and Access Management (IAM) role. For the list of supported feature names, see DBEngineVersion in the Amazon Neptune API Reference. + type: string + RoleArn: + description: The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster. + type: string + required: + - RoleArn + ServerlessScalingConfiguration: + description: Contains the scaling configuration of an Neptune Serverless DB cluster. + type: object + additionalProperties: false + properties: + MinCapacity: + description: The minimum number of Neptune capacity units (NCUs) for a DB instance in an Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value you can use is 1, whereas the largest is 128. + type: number + minimum: 1 + maximum: 128 + MaxCapacity: + description: The maximum number of Neptune capacity units (NCUs) for a DB instance in an Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on. The smallest value you can use is 2.5, whereas the largest is 128. + type: number + minimum: 2.5 + maximum: 128 + required: + - MinCapacity + - MaxCapacity + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + required: + - Key + DBCluster: + type: object + properties: + Endpoint: + description: 'The connection endpoint for the DB cluster. For example: `mystack-mydbcluster-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com`' + type: string + ReadEndpoint: + description: 'The reader endpoint for the DB cluster. For example: `mystack-mydbcluster-ro-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com`' + type: string + ClusterResourceId: + description: 'The resource id for the DB cluster. For example: `cluster-ABCD1234EFGH5678IJKL90MNOP`. The cluster ID uniquely identifies the cluster and is used in things like IAM authentication policies.' + type: string + AssociatedRoles: + description: Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/DBClusterRole' + AvailabilityZones: + description: Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in. + type: array + uniqueItems: true + x-insertionOrder: true + items: + type: string + BackupRetentionPeriod: + description: Specifies the number of days for which automatic DB snapshots are retained. + default: 1 + minimum: 1 + type: integer + CopyTagsToSnapshot: + description: A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default behaviour is not to copy them. + type: boolean + DBClusterIdentifier: + description: The DB cluster identifier. Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster stored as a lowercase string. + type: string + pattern: ^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$ + minLength: 1 + maxLength: 63 + DBClusterParameterGroupName: + description: Provides the name of the DB cluster parameter group. + type: string + DBInstanceParameterGroupName: + description: The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major EngineVersion upgrade request. + type: string + DBPort: + description: |- + The port number on which the DB instances in the DB cluster accept connections. + + If not specified, the default port used is `8182`. + + Note: `Port` property will soon be deprecated from this resource. Please update existing templates to rename it with new property `DBPort` having same functionalities. + type: integer + DBSubnetGroupName: + description: Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group. + type: string + DeletionProtection: + description: Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. + type: boolean + EnableCloudwatchLogsExports: + description: Specifies a list of log types that are enabled for export to CloudWatch Logs. + type: array + uniqueItems: true + x-insertionOrder: true + items: + type: string + EngineVersion: + description: Indicates the database engine version. + type: string + IamAuthEnabled: + description: True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false. + type: boolean + KmsKeyId: + description: If `StorageEncrypted` is true, the Amazon KMS key identifier for the encrypted DB cluster. + type: string + Port: + description: 'The port number on which the DB cluster accepts connections. For example: `8182`.' + type: string + PreferredBackupWindow: + description: Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the BackupRetentionPeriod. + type: string + PreferredMaintenanceWindow: + description: Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). + type: string + RestoreToTime: + description: |- + Creates a new DB cluster from a DB snapshot or DB cluster snapshot. + + If a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group. + + If a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group. + type: string + RestoreType: + description: |- + Creates a new DB cluster from a DB snapshot or DB cluster snapshot. + + If a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group. + + If a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group. + type: string + default: full-copy + ServerlessScalingConfiguration: + description: Contains the scaling configuration used by the Neptune Serverless Instances within this DB cluster. + $ref: '#/components/schemas/ServerlessScalingConfiguration' + SnapshotIdentifier: + description: |- + Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot. + + After you restore a DB cluster using a SnapshotIdentifier, you must specify the same SnapshotIdentifier for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. + + However, if you don't specify the SnapshotIdentifier, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the SnapshotIdentifier, and the original DB cluster is deleted. + type: string + SourceDBClusterIdentifier: + description: |- + Creates a new DB cluster from a DB snapshot or DB cluster snapshot. + + If a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group. + + If a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group. + type: string + StorageEncrypted: + description: |- + Indicates whether the DB cluster is encrypted. + + If you specify the `DBClusterIdentifier`, `DBSnapshotIdentifier`, or `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance. If you specify the KmsKeyId property, you must enable encryption. + + If you specify the KmsKeyId, you must enable encryption by setting StorageEncrypted to true. + type: boolean + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: The tags assigned to this cluster. + items: + $ref: '#/components/schemas/Tag' + UseLatestRestorableTime: + description: |- + Creates a new DB cluster from a DB snapshot or DB cluster snapshot. + + If a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group. + + If a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group. + type: boolean + VpcSecurityGroupIds: + description: Provides a list of VPC security groups that the DB cluster belongs to. + uniqueItems: true + x-insertionOrder: true + items: + type: string + type: array + x-stackql-resource-name: db_cluster + x-stackql-primaryIdentifier: + - DBClusterIdentifier + x-create-only-properties: + - AvailabilityZones + - DBClusterIdentifier + - DBSubnetGroupName + - KmsKeyId + - RestoreToTime + - RestoreType + - SnapshotIdentifier + - SourceDBClusterIdentifier + - StorageEncrypted + - UseLatestRestorableTime + x-read-only-properties: + - Endpoint + - ClusterResourceId + - Port + - ReadEndpoint + x-required-permissions: + create: + - iam:PassRole + - rds:AddRoleToDBCluster + - rds:AddTagsToResource + - rds:CreateDBCluster + - rds:CreateDBInstance + - rds:DescribeDBClusters + - rds:ListTagsForResource + - rds:ModifyDBCluster + - rds:RestoreDBClusterFromSnapshot + - rds:RestoreDBClusterToPointInTime + - kms:* + read: + - rds:DescribeDBClusters + - rds:ListTagsForResource + - kms:* + update: + - ec2:DescribeSecurityGroups + - iam:PassRole + - rds:AddRoleToDBCluster + - rds:AddTagsToResource + - rds:DescribeDBClusters + - rds:DescribeDBInstances + - rds:DescribeDBSubnetGroups + - rds:DescribeGlobalClusters + - rds:ListTagsForResource + - rds:ModifyDBCluster + - rds:ModifyDBInstance + - rds:RemoveFromGlobalCluster + - rds:RemoveRoleFromDBCluster + - rds:RemoveTagsFromResource + - kms:* + delete: + - rds:DeleteDBCluster + - rds:DeleteDBInstance + - rds:DescribeDBClusters + - rds:DescribeGlobalClusters + - rds:ListTagsForResource + - rds:RemoveFromGlobalCluster + - rds:CreateDBClusterSnapshot + - kms:* + list: + - rds:DescribeDBClusters + - rds:ListTagsForResource + - kms:* + x-stackQL-resources: + db_clusters: + name: db_clusters + id: awscc.neptune.db_clusters + x-cfn-schema-name: DBCluster + x-type: list + x-identifiers: + - DBClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBClusterIdentifier') as d_bcluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Neptune::DBCluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBClusterIdentifier') as d_bcluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Neptune::DBCluster' + AND region = 'us-east-1' + db_cluster: + name: db_cluster + id: awscc.neptune.db_cluster + x-cfn-schema-name: DBCluster + x-type: get + x-identifiers: + - DBClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.ReadEndpoint') as read_endpoint, + JSON_EXTRACT(Properties, '$.ClusterResourceId') as cluster_resource_id, + JSON_EXTRACT(Properties, '$.AssociatedRoles') as associated_roles, + JSON_EXTRACT(Properties, '$.AvailabilityZones') as availability_zones, + JSON_EXTRACT(Properties, '$.BackupRetentionPeriod') as backup_retention_period, + JSON_EXTRACT(Properties, '$.CopyTagsToSnapshot') as copy_tags_to_snapshot, + JSON_EXTRACT(Properties, '$.DBClusterIdentifier') as d_bcluster_identifier, + JSON_EXTRACT(Properties, '$.DBClusterParameterGroupName') as d_bcluster_parameter_group_name, + JSON_EXTRACT(Properties, '$.DBInstanceParameterGroupName') as d_binstance_parameter_group_name, + JSON_EXTRACT(Properties, '$.DBPort') as d_bport, + JSON_EXTRACT(Properties, '$.DBSubnetGroupName') as d_bsubnet_group_name, + JSON_EXTRACT(Properties, '$.DeletionProtection') as deletion_protection, + JSON_EXTRACT(Properties, '$.EnableCloudwatchLogsExports') as enable_cloudwatch_logs_exports, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.IamAuthEnabled') as iam_auth_enabled, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.PreferredBackupWindow') as preferred_backup_window, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.RestoreToTime') as restore_to_time, + JSON_EXTRACT(Properties, '$.RestoreType') as restore_type, + JSON_EXTRACT(Properties, '$.ServerlessScalingConfiguration') as serverless_scaling_configuration, + JSON_EXTRACT(Properties, '$.SnapshotIdentifier') as snapshot_identifier, + JSON_EXTRACT(Properties, '$.SourceDBClusterIdentifier') as source_db_cluster_identifier, + JSON_EXTRACT(Properties, '$.StorageEncrypted') as storage_encrypted, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UseLatestRestorableTime') as use_latest_restorable_time, + JSON_EXTRACT(Properties, '$.VpcSecurityGroupIds') as vpc_security_group_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Neptune::DBCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'ReadEndpoint') as read_endpoint, + json_extract_path_text(Properties, 'ClusterResourceId') as cluster_resource_id, + json_extract_path_text(Properties, 'AssociatedRoles') as associated_roles, + json_extract_path_text(Properties, 'AvailabilityZones') as availability_zones, + json_extract_path_text(Properties, 'BackupRetentionPeriod') as backup_retention_period, + json_extract_path_text(Properties, 'CopyTagsToSnapshot') as copy_tags_to_snapshot, + json_extract_path_text(Properties, 'DBClusterIdentifier') as d_bcluster_identifier, + json_extract_path_text(Properties, 'DBClusterParameterGroupName') as d_bcluster_parameter_group_name, + json_extract_path_text(Properties, 'DBInstanceParameterGroupName') as d_binstance_parameter_group_name, + json_extract_path_text(Properties, 'DBPort') as d_bport, + json_extract_path_text(Properties, 'DBSubnetGroupName') as d_bsubnet_group_name, + json_extract_path_text(Properties, 'DeletionProtection') as deletion_protection, + json_extract_path_text(Properties, 'EnableCloudwatchLogsExports') as enable_cloudwatch_logs_exports, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'IamAuthEnabled') as iam_auth_enabled, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'PreferredBackupWindow') as preferred_backup_window, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'RestoreToTime') as restore_to_time, + json_extract_path_text(Properties, 'RestoreType') as restore_type, + json_extract_path_text(Properties, 'ServerlessScalingConfiguration') as serverless_scaling_configuration, + json_extract_path_text(Properties, 'SnapshotIdentifier') as snapshot_identifier, + json_extract_path_text(Properties, 'SourceDBClusterIdentifier') as source_db_cluster_identifier, + json_extract_path_text(Properties, 'StorageEncrypted') as storage_encrypted, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UseLatestRestorableTime') as use_latest_restorable_time, + json_extract_path_text(Properties, 'VpcSecurityGroupIds') as vpc_security_group_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Neptune::DBCluster' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/neptunegraph.yaml b/providers/src/awscc/v00.00.00000/services/neptunegraph.yaml new file mode 100644 index 00000000..d49bdf13 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/neptunegraph.yaml @@ -0,0 +1,359 @@ +openapi: 3.0.0 +info: + title: NeptuneGraph + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + required: + - Key + VectorSearchConfiguration: + description: The vector search configuration. + type: object + additionalProperties: false + properties: + VectorSearchDimension: + type: integer + description: The vector search dimension + required: + - VectorSearchDimension + Graph: + type: object + properties: + DeletionProtection: + description: |- + Value that indicates whether the Graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled. + + _Default_: If not specified, the default value is true. + type: boolean + GraphName: + description: |- + Contains a user-supplied name for the Graph. + + If you don't specify a name, we generate a unique Graph Name using a combination of Stack Name and a UUID comprising of 4 characters. + + _Important_: If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. + type: string + pattern: ^[a-zA-z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*$ + minLength: 1 + maxLength: 63 + ProvisionedMemory: + description: Memory for the Graph. + type: integer + PublicConnectivity: + description: |- + Specifies whether the Graph can be reached over the internet. Access to all graphs requires IAM authentication. + + When the Graph is publicly reachable, its Domain Name System (DNS) endpoint resolves to the public IP address from the internet. + + When the Graph isn't publicly reachable, you need to create a PrivateGraphEndpoint in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC. + + _Default_: If not specified, the default value is false. + type: boolean + ReplicaCount: + description: |- + Specifies the number of replicas you want when finished. All replicas will be provisioned in different availability zones. + + Replica Count should always be less than or equal to 2. + + _Default_: If not specified, the default value is 1. + type: integer + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: The tags associated with this graph. + items: + $ref: '#/components/schemas/Tag' + VectorSearchConfiguration: + description: Vector Search Configuration + $ref: '#/components/schemas/VectorSearchConfiguration' + Endpoint: + description: 'The connection endpoint for the graph. For example: `g-12a3bcdef4.us-east-1.neptune-graph.amazonaws.com`' + type: string + GraphArn: + description: Graph resource ARN + type: string + GraphId: + description: The auto-generated id assigned by the service. + type: string + required: + - ProvisionedMemory + x-stackql-resource-name: graph + x-stackql-primaryIdentifier: + - GraphId + x-create-only-properties: + - GraphName + - ReplicaCount + - VectorSearchConfiguration + x-read-only-properties: + - GraphArn + - GraphId + - Endpoint + x-required-permissions: + create: + - iam:PassRole + - neptune-graph:CreateGraph + - neptune-graph:GetGraph + - neptune-graph:ListTagsForResource + - neptune-graph:TagResource + - kms:DescribeKey + - kms:CreateGrant + - kms:Decrypt + - iam:CreateServiceLinkedRole + read: + - neptune-graph:GetGraph + - neptune-graph:ListTagsForResource + - kms:DescribeKey + - kms:CreateGrant + - kms:Decrypt + update: + - iam:PassRole + - neptune-graph:GetGraph + - neptune-graph:ListTagsForResource + - neptune-graph:TagResource + - neptune-graph:UntagResource + - neptune-graph:UpdateGraph + - kms:DescribeKey + - kms:CreateGrant + - kms:Decrypt + delete: + - neptune-graph:DeleteGraph + - neptune-graph:GetGraph + - kms:DescribeKey + - kms:CreateGrant + - kms:Decrypt + list: + - neptune-graph:GetGraph + - neptune-graph:ListGraphs + - kms:DescribeKey + - kms:CreateGrant + - kms:Decrypt + PrivateGraphEndpoint: + type: object + properties: + GraphIdentifier: + description: The auto-generated Graph Id assigned by the service. + type: string + SecurityGroupIds: + description: The security group Ids associated with the VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC. + type: array + x-insertionOrder: false + items: + type: string + SubnetIds: + description: The subnet Ids associated with the VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC. + type: array + x-insertionOrder: false + items: + type: string + VpcId: + description: The VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC. + type: string + PrivateGraphEndpointIdentifier: + description: |- + PrivateGraphEndpoint resource identifier generated by concatenating the associated GraphIdentifier and VpcId with an underscore separator. + + For example, if GraphIdentifier is `g-12a3bcdef4` and VpcId is `vpc-0a12bc34567de8f90`, the generated PrivateGraphEndpointIdentifier will be `g-12a3bcdef4_vpc-0a12bc34567de8f90` + type: string + VpcEndpointId: + description: VPC endpoint that provides a private connection between the Graph and specified VPC. + type: string + required: + - GraphIdentifier + - VpcId + x-stackql-resource-name: private_graph_endpoint + x-stackql-primaryIdentifier: + - PrivateGraphEndpointIdentifier + x-create-only-properties: + - GraphIdentifier + - SecurityGroupIds + - SubnetIds + - VpcId + x-read-only-properties: + - PrivateGraphEndpointIdentifier + - VpcEndpointId + x-required-permissions: + create: + - ec2:CreateVpcEndpoint + - ec2:DescribeVpcEndpoints + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - ec2:DescribeVpcAttribute + - ec2:DescribeAvailabilityZones + - ec2:ModifyVpcEndpoint + - route53:AssociateVPCWithHostedZone + - iam:PassRole + - neptune-graph:CreatePrivateGraphEndpoint + - neptune-graph:GetPrivateGraphEndpoint + - iam:CreateServiceLinkedRole + read: + - neptune-graph:GetPrivateGraphEndpoint + update: + - iam:PassRole + - neptune-graph:GetPrivateGraphEndpoint + delete: + - ec2:DeleteVpcEndpoints + - ec2:DescribeVpcEndpoints + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - ec2:DescribeVpcAttribute + - ec2:DescribeAvailabilityZones + - ec2:ModifyVpcEndpoint + - route53:DisassociateVPCFromHostedZone + - neptune-graph:DeletePrivateGraphEndpoint + - neptune-graph:GetPrivateGraphEndpoint + list: + - neptune-graph:GetPrivateGraphEndpoint + - neptune-graph:ListPrivateGraphEndpoints + x-stackQL-resources: + graphs: + name: graphs + id: awscc.neptunegraph.graphs + x-cfn-schema-name: Graph + x-type: list + x-identifiers: + - GraphId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GraphId') as graph_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NeptuneGraph::Graph' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GraphId') as graph_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NeptuneGraph::Graph' + AND region = 'us-east-1' + graph: + name: graph + id: awscc.neptunegraph.graph + x-cfn-schema-name: Graph + x-type: get + x-identifiers: + - GraphId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeletionProtection') as deletion_protection, + JSON_EXTRACT(Properties, '$.GraphName') as graph_name, + JSON_EXTRACT(Properties, '$.ProvisionedMemory') as provisioned_memory, + JSON_EXTRACT(Properties, '$.PublicConnectivity') as public_connectivity, + JSON_EXTRACT(Properties, '$.ReplicaCount') as replica_count, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VectorSearchConfiguration') as vector_search_configuration, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.GraphArn') as graph_arn, + JSON_EXTRACT(Properties, '$.GraphId') as graph_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NeptuneGraph::Graph' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeletionProtection') as deletion_protection, + json_extract_path_text(Properties, 'GraphName') as graph_name, + json_extract_path_text(Properties, 'ProvisionedMemory') as provisioned_memory, + json_extract_path_text(Properties, 'PublicConnectivity') as public_connectivity, + json_extract_path_text(Properties, 'ReplicaCount') as replica_count, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VectorSearchConfiguration') as vector_search_configuration, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'GraphArn') as graph_arn, + json_extract_path_text(Properties, 'GraphId') as graph_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NeptuneGraph::Graph' + AND data__Identifier = '' + AND region = 'us-east-1' + private_graph_endpoints: + name: private_graph_endpoints + id: awscc.neptunegraph.private_graph_endpoints + x-cfn-schema-name: PrivateGraphEndpoint + x-type: list + x-identifiers: + - PrivateGraphEndpointIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PrivateGraphEndpointIdentifier') as private_graph_endpoint_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NeptuneGraph::PrivateGraphEndpoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PrivateGraphEndpointIdentifier') as private_graph_endpoint_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NeptuneGraph::PrivateGraphEndpoint' + AND region = 'us-east-1' + private_graph_endpoint: + name: private_graph_endpoint + id: awscc.neptunegraph.private_graph_endpoint + x-cfn-schema-name: PrivateGraphEndpoint + x-type: get + x-identifiers: + - PrivateGraphEndpointIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GraphIdentifier') as graph_identifier, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.PrivateGraphEndpointIdentifier') as private_graph_endpoint_identifier, + JSON_EXTRACT(Properties, '$.VpcEndpointId') as vpc_endpoint_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NeptuneGraph::PrivateGraphEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GraphIdentifier') as graph_identifier, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'PrivateGraphEndpointIdentifier') as private_graph_endpoint_identifier, + json_extract_path_text(Properties, 'VpcEndpointId') as vpc_endpoint_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NeptuneGraph::PrivateGraphEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/networkfirewall.yaml b/providers/src/awscc/v00.00.00000/services/networkfirewall.yaml new file mode 100644 index 00000000..c28b7769 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/networkfirewall.yaml @@ -0,0 +1,1295 @@ +openapi: 3.0.0 +info: + title: NetworkFirewall + version: 1.0.0 +paths: {} +components: + schemas: + ResourceArn: + description: A resource ARN. + type: string + pattern: ^(arn:aws.*)$ + minLength: 1 + maxLength: 256 + EndpointId: + description: An endpoint Id. + type: string + SubnetMapping: + type: object + properties: + SubnetId: + description: A SubnetId. + type: string + IPAddressType: + description: A IPAddressType + type: string + required: + - SubnetId + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + pattern: ^.*$ + Value: + type: string + minLength: 0 + maxLength: 255 + pattern: ^.*$ + required: + - Key + - Value + additionalProperties: false + Firewall: + type: object + properties: + FirewallName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9-]+$ + FirewallArn: + $ref: '#/components/schemas/ResourceArn' + FirewallId: + type: string + minLength: 36 + maxLength: 36 + pattern: ^([0-9a-f]{8})-([0-9a-f]{4}-){3}([0-9a-f]{12})$ + FirewallPolicyArn: + $ref: '#/components/schemas/ResourceArn' + VpcId: + type: string + minLength: 1 + maxLength: 128 + pattern: ^vpc-[0-9a-f]+$ + SubnetMappings: + type: array + minItems: 1 + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/SubnetMapping' + DeleteProtection: + type: boolean + SubnetChangeProtection: + type: boolean + FirewallPolicyChangeProtection: + type: boolean + Description: + type: string + maxLength: 512 + pattern: ^.*$ + EndpointIds: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/EndpointId' + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - FirewallName + - FirewallPolicyArn + - VpcId + - SubnetMappings + x-stackql-resource-name: firewall + x-stackql-primaryIdentifier: + - FirewallArn + x-create-only-properties: + - VpcId + - FirewallName + x-read-only-properties: + - FirewallArn + - FirewallId + - EndpointIds + x-required-permissions: + create: + - ec2:CreateVpcEndpoint + - ec2:DescribeVpcEndpoints + - ec2:DescribeSubnets + - ec2:DescribeVpcs + - iam:CreateServiceLinkedRole + - network-firewall:CreateFirewall + - network-firewall:DescribeFirewallPolicy + - network-firewall:DescribeRuleGroup + - network-firewall:TagResource + - network-firewall:AssociateSubnets + - network-firewall:AssociateFirewallPolicy + - network-firewall:DescribeFirewall + read: + - network-firewall:DescribeFirewall + - network-firewall:ListTagsForResources + update: + - network-firewall:AssociateSubnets + - network-firewall:DisassociateSubnets + - network-firewall:UpdateFirewallDescription + - network-firewall:UpdateFirewallDeleteProtection + - network-firewall:UpdateSubnetChangeProtection + - network-firewall:UpdateFirewallPolicyChangeProtection + - network-firewall:AssociateFirewallPolicy + - network-firewall:TagResource + - network-firewall:UntagResource + - network-firewall:DescribeFirewall + delete: + - ec2:DeleteVpcEndpoints + - ec2:DescribeRouteTables + - logs:DescribeLogGroups + - logs:DescribeResourcePolicies + - logs:GetLogDelivery + - logs:ListLogDeliveries + - network-firewall:DeleteFirewall + - network-firewall:UntagResource + - network-firewall:DescribeFirewall + list: + - network-firewall:ListFirewalls + FirewallPolicy: + type: object + properties: + FirewallPolicyName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9-]+$ + FirewallPolicyArn: + $ref: '#/components/schemas/ResourceArn' + FirewallPolicy: + $ref: '#/components/schemas/FirewallPolicy' + FirewallPolicyId: + type: string + minLength: 36 + maxLength: 36 + pattern: ^([0-9a-f]{8})-([0-9a-f]{4}-){3}([0-9a-f]{12})$ + Description: + type: string + minLength: 1 + maxLength: 512 + pattern: ^.*$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - FirewallPolicyName + - FirewallPolicy + x-stackql-resource-name: firewall_policy + x-stackql-primaryIdentifier: + - FirewallPolicyArn + x-create-only-properties: + - FirewallPolicyName + x-read-only-properties: + - FirewallPolicyArn + - FirewallPolicyId + x-required-permissions: + create: + - network-firewall:CreateFirewallPolicy + - network-firewall:DescribeFirewallPolicy + - network-firewall:ListTLSInspectionConfigurations + - network-firewall:TagResource + - network-firewall:ListRuleGroups + read: + - network-firewall:DescribeFirewallPolicy + - network-firewall:ListTagsForResources + update: + - network-firewall:UpdateFirewallPolicy + - network-firewall:DescribeFirewallPolicy + - network-firewall:TagResource + - network-firewall:UntagResource + - network-firewall:ListRuleGroups + - network-firewall:ListTLSInspectionConfigurations + delete: + - network-firewall:DeleteFirewallPolicy + - network-firewall:DescribeFirewallPolicy + - network-firewall:UntagResource + list: + - network-firewall:ListFirewallPolicies + RuleVariables: + type: object + properties: + IPSets: + type: object + x-patternProperties: + ^[A-Za-z0-9_]{1,32}$: + $ref: '#/components/schemas/IPSet' + additionalProperties: false + PortSets: + type: object + x-patternProperties: + ^[A-Za-z0-9_]{1,32}$: + $ref: '#/components/schemas/PortSet' + additionalProperties: false + additionalProperties: false + CustomAction: + type: object + properties: + ActionName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9]+$ + ActionDefinition: + $ref: '#/components/schemas/ActionDefinition' + required: + - ActionName + - ActionDefinition + additionalProperties: false + ActionDefinition: + type: object + properties: + PublishMetricAction: + $ref: '#/components/schemas/PublishMetricAction' + additionalProperties: false + PublishMetricAction: + type: object + properties: + Dimensions: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/Dimension' + required: + - Dimensions + additionalProperties: false + Dimension: + type: object + properties: + Value: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9-_ ]+$ + required: + - Value + additionalProperties: false + StatefulRuleGroupReference: + type: object + properties: + ResourceArn: + $ref: '#/components/schemas/ResourceArn' + Priority: + $ref: '#/components/schemas/Priority' + Override: + $ref: '#/components/schemas/StatefulRuleGroupOverride' + required: + - ResourceArn + additionalProperties: false + StatelessRuleGroupReference: + type: object + properties: + ResourceArn: + $ref: '#/components/schemas/ResourceArn' + Priority: + $ref: '#/components/schemas/Priority' + required: + - ResourceArn + - Priority + additionalProperties: false + Priority: + type: integer + minimum: 1 + maximum: 65535 + VariableDefinition: + type: string + minLength: 1 + pattern: ^.*$ + IPSet: + type: object + properties: + Definition: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/VariableDefinition' + additionalProperties: false + StatefulRuleGroupOverride: + type: object + properties: + Action: + $ref: '#/components/schemas/OverrideAction' + additionalProperties: false + OverrideAction: + type: string + enum: + - DROP_TO_ALERT + StatefulEngineOptions: + type: object + properties: + RuleOrder: + $ref: '#/components/schemas/RuleOrder' + StreamExceptionPolicy: + $ref: '#/components/schemas/StreamExceptionPolicy' + additionalProperties: false + RuleOrder: + type: string + enum: + - DEFAULT_ACTION_ORDER + - STRICT_ORDER + StreamExceptionPolicy: + type: string + enum: + - DROP + - CONTINUE + - REJECT + LoggingConfiguration: + type: object + properties: + FirewallName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9-]+$ + FirewallArn: + $ref: '#/components/schemas/ResourceArn' + LoggingConfiguration: + $ref: '#/components/schemas/LoggingConfiguration' + required: + - FirewallArn + - LoggingConfiguration + x-stackql-resource-name: logging_configuration + x-stackql-primaryIdentifier: + - FirewallArn + x-create-only-properties: + - FirewallName + - FirewallArn + x-required-permissions: + create: + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - iam:CreateServiceLinkedRole + - firehose:TagDeliveryStream + - network-firewall:UpdateLoggingConfiguration + - network-firewall:DescribeLoggingConfiguration + read: + - logs:GetLogDelivery + - logs:ListLogDeliveries + - network-firewall:DescribeLoggingConfiguration + update: + - logs:CreateLogDelivery + - logs:DeleteLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:ListLogDeliveries + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - iam:CreateServiceLinkedRole + - firehose:TagDeliveryStream + - network-firewall:UpdateLoggingConfiguration + - network-firewall:DescribeLoggingConfiguration + delete: + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:GetLogDelivery + - network-firewall:UpdateLoggingConfiguration + - network-firewall:DescribeLoggingConfiguration + list: + - logs:GetLogDelivery + - logs:ListLogDeliveries + - network-firewall:DescribeLoggingConfiguration + LogDestinationConfig: + type: object + properties: + LogType: + type: string + enum: + - ALERT + - FLOW + LogDestinationType: + type: string + enum: + - S3 + - CloudWatchLogs + - KinesisDataFirehose + LogDestination: + type: object + description: A key-value pair to configure the logDestinations. + x-patternProperties: + ^[0-9A-Za-z.\-_@\/]+$: + type: string + minLength: 1 + maxLength: 1024 + minProperties: 1 + additionalProperties: false + required: + - LogType + - LogDestinationType + - LogDestination + additionalProperties: false + RulesString: + type: string + minLength: 0 + maxLength: 1000000 + RuleGroup: + type: object + properties: + RuleGroupName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9-]+$ + RuleGroupArn: + $ref: '#/components/schemas/ResourceArn' + RuleGroupId: + type: string + minLength: 36 + maxLength: 36 + pattern: ^([0-9a-f]{8})-([0-9a-f]{4}-){3}([0-9a-f]{12})$ + RuleGroup: + $ref: '#/components/schemas/RuleGroup' + Type: + type: string + enum: + - STATELESS + - STATEFUL + Capacity: + type: integer + Description: + type: string + minLength: 1 + maxLength: 512 + pattern: ^.*$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - Type + - Capacity + - RuleGroupName + x-stackql-resource-name: rule_group + x-stackql-primaryIdentifier: + - RuleGroupArn + x-create-only-properties: + - RuleGroupName + - Capacity + - Type + x-read-only-properties: + - RuleGroupArn + - RuleGroupId + x-required-permissions: + create: + - network-firewall:CreateRuleGroup + - network-firewall:DescribeRuleGroup + - network-firewall:TagResource + - network-firewall:ListRuleGroups + - iam:CreateServiceLinkedRole + - ec2:GetManagedPrefixListEntries + read: + - network-firewall:DescribeRuleGroup + - network-firewall:ListTagsForResources + update: + - network-firewall:UpdateRuleGroup + - network-firewall:DescribeRuleGroup + - network-firewall:TagResource + - network-firewall:UntagResource + - iam:CreateServiceLinkedRole + - ec2:GetManagedPrefixListEntries + delete: + - network-firewall:DeleteRuleGroup + - network-firewall:DescribeRuleGroup + - network-firewall:UntagResource + list: + - network-firewall:ListRuleGroups + PortSet: + type: object + properties: + Definition: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/VariableDefinition' + additionalProperties: false + ReferenceSets: + type: object + properties: + IPSetReferences: + type: object + x-patternProperties: + ^[A-Za-z0-9_]{1,32}$: + $ref: '#/components/schemas/IPSetReference' + additionalProperties: false + additionalProperties: false + IPSetReference: + type: object + properties: + ReferenceArn: + $ref: '#/components/schemas/ResourceArn' + additionalProperties: false + RulesSource: + type: object + properties: + RulesString: + $ref: '#/components/schemas/RulesString' + RulesSourceList: + $ref: '#/components/schemas/RulesSourceList' + StatefulRules: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/StatefulRule' + StatelessRulesAndCustomActions: + $ref: '#/components/schemas/StatelessRulesAndCustomActions' + additionalProperties: false + RulesSourceList: + type: object + properties: + Targets: + type: array + x-insertionOrder: true + uniqueItems: false + items: + type: string + TargetTypes: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/TargetType' + GeneratedRulesType: + $ref: '#/components/schemas/GeneratedRulesType' + required: + - Targets + - TargetTypes + - GeneratedRulesType + additionalProperties: false + TargetType: + type: string + enum: + - TLS_SNI + - HTTP_HOST + GeneratedRulesType: + type: string + enum: + - ALLOWLIST + - DENYLIST + StatefulRule: + type: object + properties: + Action: + type: string + enum: + - PASS + - DROP + - ALERT + - REJECT + Header: + $ref: '#/components/schemas/Header' + RuleOptions: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/RuleOption' + required: + - Action + - Header + - RuleOptions + additionalProperties: false + Header: + type: object + properties: + Protocol: + type: string + enum: + - IP + - TCP + - UDP + - ICMP + - HTTP + - FTP + - TLS + - SMB + - DNS + - DCERPC + - SSH + - SMTP + - IMAP + - MSN + - KRB5 + - IKEV2 + - TFTP + - NTP + - DHCP + Source: + type: string + minLength: 1 + maxLength: 1024 + pattern: ^.*$ + SourcePort: + $ref: '#/components/schemas/Port' + Direction: + type: string + enum: + - FORWARD + - ANY + Destination: + type: string + minLength: 1 + maxLength: 1024 + pattern: ^.*$ + DestinationPort: + $ref: '#/components/schemas/Port' + required: + - Protocol + - Source + - SourcePort + - Direction + - Destination + - DestinationPort + additionalProperties: false + RuleOption: + type: object + properties: + Keyword: + type: string + minLength: 1 + maxLength: 128 + pattern: ^.*$ + Settings: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/Setting' + required: + - Keyword + additionalProperties: false + Setting: + type: string + minLength: 1 + maxLength: 8192 + pattern: ^.*$ + Port: + type: string + minLength: 1 + maxLength: 1024 + pattern: ^.*$ + StatelessRulesAndCustomActions: + type: object + properties: + StatelessRules: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/StatelessRule' + CustomActions: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/CustomAction' + required: + - StatelessRules + additionalProperties: false + StatelessRule: + type: object + properties: + RuleDefinition: + $ref: '#/components/schemas/RuleDefinition' + Priority: + type: integer + minimum: 1 + maximum: 65535 + required: + - RuleDefinition + - Priority + additionalProperties: false + RuleDefinition: + type: object + properties: + MatchAttributes: + $ref: '#/components/schemas/MatchAttributes' + Actions: + type: array + x-insertionOrder: true + uniqueItems: false + items: + type: string + required: + - MatchAttributes + - Actions + additionalProperties: false + MatchAttributes: + type: object + properties: + Sources: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/Address' + Destinations: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/Address' + SourcePorts: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/PortRange' + DestinationPorts: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/PortRange' + Protocols: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/ProtocolNumber' + TCPFlags: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/TCPFlagField' + additionalProperties: false + Address: + type: object + properties: + AddressDefinition: + type: string + minLength: 1 + maxLength: 255 + pattern: ^([a-fA-F\d:\.]+/\d{1,3})$ + required: + - AddressDefinition + additionalProperties: false + PortRange: + type: object + properties: + FromPort: + $ref: '#/components/schemas/PortRangeBound' + ToPort: + $ref: '#/components/schemas/PortRangeBound' + required: + - FromPort + - ToPort + additionalProperties: false + PortRangeBound: + type: integer + minimum: 0 + maximum: 65535 + ProtocolNumber: + type: integer + minimum: 0 + maximum: 255 + TCPFlagField: + type: object + properties: + Flags: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/TCPFlag' + Masks: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/TCPFlag' + required: + - Flags + additionalProperties: false + TCPFlag: + type: string + enum: + - FIN + - SYN + - RST + - PSH + - ACK + - URG + - ECE + - CWR + StatefulRuleOptions: + type: object + properties: + RuleOrder: + $ref: '#/components/schemas/RuleOrder' + additionalProperties: false + TLSInspectionConfiguration: + type: object + properties: + TLSInspectionConfigurationName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9-]+$ + TLSInspectionConfigurationArn: + $ref: '#/components/schemas/ResourceArn' + TLSInspectionConfiguration: + $ref: '#/components/schemas/TLSInspectionConfiguration' + TLSInspectionConfigurationId: + type: string + minLength: 36 + maxLength: 36 + pattern: ^([0-9a-f]{8})-([0-9a-f]{4}-){3}([0-9a-f]{12})$ + Description: + type: string + minLength: 1 + maxLength: 512 + pattern: ^.*$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - TLSInspectionConfigurationName + - TLSInspectionConfiguration + x-stackql-resource-name: tls_inspection_configuration + x-stackql-primaryIdentifier: + - TLSInspectionConfigurationArn + x-create-only-properties: + - TLSInspectionConfigurationName + x-read-only-properties: + - TLSInspectionConfigurationArn + - TLSInspectionConfigurationId + x-required-permissions: + create: + - network-firewall:CreateTLSInspectionConfiguration + - network-firewall:DescribeTLSInspectionConfiguration + - network-firewall:TagResource + read: + - network-firewall:DescribeTLSInspectionConfiguration + - network-firewall:ListTagsForResources + update: + - network-firewall:UpdateTLSInspectionConfiguration + - network-firewall:DescribeTLSInspectionConfiguration + - network-firewall:TagResource + - network-firewall:UntagResource + delete: + - network-firewall:DeleteTLSInspectionConfiguration + - network-firewall:DescribeTLSInspectionConfiguration + - network-firewall:UntagResource + list: + - network-firewall:ListTLSInspectionConfigurations + ServerCertificateConfiguration: + type: object + properties: + ServerCertificates: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/ServerCertificate' + Scopes: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/ServerCertificateScope' + CertificateAuthorityArn: + $ref: '#/components/schemas/ResourceArn' + CheckCertificateRevocationStatus: + type: object + properties: + RevokedStatusAction: + $ref: '#/components/schemas/RevokedStatusAction' + UnknownStatusAction: + $ref: '#/components/schemas/UnknownStatusAction' + additionalProperties: false + additionalProperties: false + RevokedStatusAction: + type: string + enum: + - PASS + - DROP + - REJECT + UnknownStatusAction: + type: string + enum: + - PASS + - DROP + - REJECT + ServerCertificate: + type: object + properties: + ResourceArn: + $ref: '#/components/schemas/ResourceArn' + additionalProperties: false + ServerCertificateScope: + type: object + properties: + Sources: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/Address' + Destinations: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/Address' + SourcePorts: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/PortRange' + DestinationPorts: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/PortRange' + Protocols: + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/ProtocolNumber' + additionalProperties: false + x-stackQL-resources: + firewalls: + name: firewalls + id: awscc.networkfirewall.firewalls + x-cfn-schema-name: Firewall + x-type: list + x-identifiers: + - FirewallArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FirewallArn') as firewall_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::Firewall' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FirewallArn') as firewall_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::Firewall' + AND region = 'us-east-1' + firewall: + name: firewall + id: awscc.networkfirewall.firewall + x-cfn-schema-name: Firewall + x-type: get + x-identifiers: + - FirewallArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FirewallName') as firewall_name, + JSON_EXTRACT(Properties, '$.FirewallArn') as firewall_arn, + JSON_EXTRACT(Properties, '$.FirewallId') as firewall_id, + JSON_EXTRACT(Properties, '$.FirewallPolicyArn') as firewall_policy_arn, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.SubnetMappings') as subnet_mappings, + JSON_EXTRACT(Properties, '$.DeleteProtection') as delete_protection, + JSON_EXTRACT(Properties, '$.SubnetChangeProtection') as subnet_change_protection, + JSON_EXTRACT(Properties, '$.FirewallPolicyChangeProtection') as firewall_policy_change_protection, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EndpointIds') as endpoint_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::Firewall' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FirewallName') as firewall_name, + json_extract_path_text(Properties, 'FirewallArn') as firewall_arn, + json_extract_path_text(Properties, 'FirewallId') as firewall_id, + json_extract_path_text(Properties, 'FirewallPolicyArn') as firewall_policy_arn, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'SubnetMappings') as subnet_mappings, + json_extract_path_text(Properties, 'DeleteProtection') as delete_protection, + json_extract_path_text(Properties, 'SubnetChangeProtection') as subnet_change_protection, + json_extract_path_text(Properties, 'FirewallPolicyChangeProtection') as firewall_policy_change_protection, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EndpointIds') as endpoint_ids, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::Firewall' + AND data__Identifier = '' + AND region = 'us-east-1' + firewall_policies: + name: firewall_policies + id: awscc.networkfirewall.firewall_policies + x-cfn-schema-name: FirewallPolicy + x-type: list + x-identifiers: + - FirewallPolicyArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FirewallPolicyArn') as firewall_policy_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::FirewallPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FirewallPolicyArn') as firewall_policy_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::FirewallPolicy' + AND region = 'us-east-1' + firewall_policy: + name: firewall_policy + id: awscc.networkfirewall.firewall_policy + x-cfn-schema-name: FirewallPolicy + x-type: get + x-identifiers: + - FirewallPolicyArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FirewallPolicyName') as firewall_policy_name, + JSON_EXTRACT(Properties, '$.FirewallPolicyArn') as firewall_policy_arn, + JSON_EXTRACT(Properties, '$.FirewallPolicy') as firewall_policy, + JSON_EXTRACT(Properties, '$.FirewallPolicyId') as firewall_policy_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::FirewallPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FirewallPolicyName') as firewall_policy_name, + json_extract_path_text(Properties, 'FirewallPolicyArn') as firewall_policy_arn, + json_extract_path_text(Properties, 'FirewallPolicy') as firewall_policy, + json_extract_path_text(Properties, 'FirewallPolicyId') as firewall_policy_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::FirewallPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + logging_configurations: + name: logging_configurations + id: awscc.networkfirewall.logging_configurations + x-cfn-schema-name: LoggingConfiguration + x-type: list + x-identifiers: + - FirewallArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FirewallArn') as firewall_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::LoggingConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FirewallArn') as firewall_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::LoggingConfiguration' + AND region = 'us-east-1' + logging_configuration: + name: logging_configuration + id: awscc.networkfirewall.logging_configuration + x-cfn-schema-name: LoggingConfiguration + x-type: get + x-identifiers: + - FirewallArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FirewallName') as firewall_name, + JSON_EXTRACT(Properties, '$.FirewallArn') as firewall_arn, + JSON_EXTRACT(Properties, '$.LoggingConfiguration') as logging_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::LoggingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FirewallName') as firewall_name, + json_extract_path_text(Properties, 'FirewallArn') as firewall_arn, + json_extract_path_text(Properties, 'LoggingConfiguration') as logging_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::LoggingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + rule_groups: + name: rule_groups + id: awscc.networkfirewall.rule_groups + x-cfn-schema-name: RuleGroup + x-type: list + x-identifiers: + - RuleGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleGroupArn') as rule_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::RuleGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleGroupArn') as rule_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::RuleGroup' + AND region = 'us-east-1' + rule_group: + name: rule_group + id: awscc.networkfirewall.rule_group + x-cfn-schema-name: RuleGroup + x-type: get + x-identifiers: + - RuleGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleGroupName') as rule_group_name, + JSON_EXTRACT(Properties, '$.RuleGroupArn') as rule_group_arn, + JSON_EXTRACT(Properties, '$.RuleGroupId') as rule_group_id, + JSON_EXTRACT(Properties, '$.RuleGroup') as rule_group, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Capacity') as capacity, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::RuleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleGroupName') as rule_group_name, + json_extract_path_text(Properties, 'RuleGroupArn') as rule_group_arn, + json_extract_path_text(Properties, 'RuleGroupId') as rule_group_id, + json_extract_path_text(Properties, 'RuleGroup') as rule_group, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Capacity') as capacity, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::RuleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + tls_inspection_configurations: + name: tls_inspection_configurations + id: awscc.networkfirewall.tls_inspection_configurations + x-cfn-schema-name: TLSInspectionConfiguration + x-type: list + x-identifiers: + - TLSInspectionConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TLSInspectionConfigurationArn') as t_ls_inspection_configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::TLSInspectionConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TLSInspectionConfigurationArn') as t_ls_inspection_configuration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkFirewall::TLSInspectionConfiguration' + AND region = 'us-east-1' + tls_inspection_configuration: + name: tls_inspection_configuration + id: awscc.networkfirewall.tls_inspection_configuration + x-cfn-schema-name: TLSInspectionConfiguration + x-type: get + x-identifiers: + - TLSInspectionConfigurationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TLSInspectionConfigurationName') as t_ls_inspection_configuration_name, + JSON_EXTRACT(Properties, '$.TLSInspectionConfigurationArn') as t_ls_inspection_configuration_arn, + JSON_EXTRACT(Properties, '$.TLSInspectionConfiguration') as t_ls_inspection_configuration, + JSON_EXTRACT(Properties, '$.TLSInspectionConfigurationId') as t_ls_inspection_configuration_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::TLSInspectionConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TLSInspectionConfigurationName') as t_ls_inspection_configuration_name, + json_extract_path_text(Properties, 'TLSInspectionConfigurationArn') as t_ls_inspection_configuration_arn, + json_extract_path_text(Properties, 'TLSInspectionConfiguration') as t_ls_inspection_configuration, + json_extract_path_text(Properties, 'TLSInspectionConfigurationId') as t_ls_inspection_configuration_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkFirewall::TLSInspectionConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/networkmanager.yaml b/providers/src/awscc/v00.00.00000/services/networkmanager.yaml new file mode 100644 index 00000000..bd4de53d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/networkmanager.yaml @@ -0,0 +1,2235 @@ +openapi: 3.0.0 +info: + title: NetworkManager + version: 1.0.0 +paths: {} +components: + schemas: + ProposedSegmentChange: + description: The attachment to move from one segment to another. + type: object + properties: + Tags: + description: The key-value tags that changed for the segment. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AttachmentPolicyRuleNumber: + description: The rule number in the policy document that applies to this change. + type: integer + SegmentName: + description: The name of the segment to change. + type: string + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + required: + - Key + - Value + additionalProperties: false + ConnectAttachmentOptions: + description: Connect attachment options for protocol + type: object + properties: + Protocol: + type: string + description: Tunnel protocol for connect attachment + additionalProperties: false + ConnectAttachment: + type: object + properties: + CoreNetworkId: + description: ID of the CoreNetwork that the attachment will be attached to. + type: string + CoreNetworkArn: + description: The ARN of a core network. + type: string + AttachmentId: + description: The ID of the attachment. + type: string + OwnerAccountId: + description: The ID of the attachment account owner. + type: string + AttachmentType: + description: The type of attachment. + type: string + State: + description: State of the attachment. + type: string + EdgeLocation: + description: Edge location of the attachment. + type: string + ResourceArn: + description: The attachment resource ARN. + type: string + AttachmentPolicyRuleNumber: + description: The policy rule number associated with the attachment. + type: integer + SegmentName: + description: The name of the segment attachment. + type: string + ProposedSegmentChange: + description: The attachment to move from one segment to another. + $ref: '#/components/schemas/ProposedSegmentChange' + Tags: + description: Tags for the attachment. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + CreatedAt: + description: Creation time of the attachment. + type: string + UpdatedAt: + description: Last update time of the attachment. + type: string + TransportAttachmentId: + description: Id of transport attachment + type: string + Options: + description: Protocol options for connect attachment + $ref: '#/components/schemas/ConnectAttachmentOptions' + required: + - CoreNetworkId + - EdgeLocation + - TransportAttachmentId + - Options + x-stackql-resource-name: connect_attachment + x-stackql-primaryIdentifier: + - AttachmentId + x-create-only-properties: + - CoreNetworkId + - EdgeLocation + - TransportAttachmentId + - Options + x-read-only-properties: + - CoreNetworkArn + - CreatedAt + - UpdatedAt + - AttachmentType + - State + - ResourceArn + - AttachmentId + - OwnerAccountId + - AttachmentPolicyRuleNumber + - SegmentName + x-required-permissions: + create: + - networkmanager:GetConnectAttachment + - networkmanager:CreateConnectAttachment + - networkmanager:TagResource + - ec2:DescribeRegions + read: + - networkmanager:GetConnectAttachment + update: + - networkmanager:GetConnectAttachment + - networkmanager:ListTagsForResource + - networkmanager:TagResource + - networkmanager:UntagResource + - ec2:DescribeRegions + delete: + - networkmanager:GetConnectAttachment + - networkmanager:DeleteAttachment + - ec2:DescribeRegions + list: + - networkmanager:ListAttachments + ConnectPeerConfiguration: + type: object + properties: + CoreNetworkAddress: + description: The IP address of a core network. + type: string + PeerAddress: + description: The IP address of the Connect peer. + type: string + InsideCidrBlocks: + description: The inside IP addresses used for a Connect peer configuration. + type: array + x-insertionOrder: false + items: + type: string + Protocol: + $ref: '#/components/schemas/TunnelProtocol' + BgpConfigurations: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConnectPeerBgpConfiguration' + additionalProperties: false + TunnelProtocol: + description: The protocol used for a Connect peer configuration. + type: string + BgpOptions: + description: Bgp options + type: object + properties: + PeerAsn: + type: number + additionalProperties: false + ConnectPeerBgpConfiguration: + description: Bgp configuration for connect peer + type: object + properties: + CoreNetworkAsn: + description: The ASN of the Coret Network. + type: number + PeerAsn: + description: The ASN of the Connect peer. + type: number + CoreNetworkAddress: + description: The address of a core network. + type: string + PeerAddress: + description: The address of a core network Connect peer. + type: string + additionalProperties: false + ConnectPeer: + type: object + properties: + PeerAddress: + description: The IP address of the Connect peer. + type: string + CoreNetworkAddress: + description: The IP address of a core network. + type: string + BgpOptions: + description: Bgp options for connect peer. + $ref: '#/components/schemas/BgpOptions' + InsideCidrBlocks: + description: The inside IP addresses used for a Connect peer configuration. + type: array + x-insertionOrder: false + items: + type: string + CoreNetworkId: + description: The ID of the core network. + type: string + ConnectAttachmentId: + description: The ID of the attachment to connect. + type: string + ConnectPeerId: + description: The ID of the Connect peer. + type: string + EdgeLocation: + description: The Connect peer Regions where edges are located. + type: string + State: + description: State of the connect peer. + type: string + CreatedAt: + description: Connect peer creation time. + type: string + Configuration: + description: Configuration of the connect peer. + $ref: '#/components/schemas/ConnectPeerConfiguration' + SubnetArn: + description: The subnet ARN for the connect peer. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - ConnectAttachmentId + - PeerAddress + x-stackql-resource-name: connect_peer + x-stackql-primaryIdentifier: + - ConnectPeerId + x-create-only-properties: + - PeerAddress + - CoreNetworkAddress + - BgpOptions + - InsideCidrBlocks + - ConnectAttachmentId + - SubnetArn + x-read-only-properties: + - ConnectPeerId + - State + - CreatedAt + - Configuration + - CoreNetworkId + - EdgeLocation + x-required-permissions: + create: + - networkmanager:GetConnectPeer + - networkmanager:CreateConnectPeer + - networkmanager:TagResource + - ec2:DescribeRegions + read: + - networkmanager:GetConnectPeer + update: + - networkmanager:GetConnectPeer + - networkmanager:ListTagsForResource + - networkmanager:TagResource + - networkmanager:UntagResource + - ec2:DescribeRegions + delete: + - networkmanager:GetConnectPeer + - networkmanager:DeleteConnectPeer + - ec2:DescribeRegions + list: + - networkmanager:ListConnectPeers + CoreNetworkSegment: + type: object + properties: + Name: + type: string + description: Name of segment + EdgeLocations: + type: array + x-insertionOrder: false + items: + type: string + description: The Regions where the edges are located. + SharedSegments: + type: array + x-insertionOrder: false + items: + type: string + description: The shared segments of a core network. + additionalProperties: false + CoreNetworkEdge: + type: object + properties: + EdgeLocation: + type: string + description: The Region where a core network edge is located. + Asn: + type: number + description: The ASN of a core network edge. + InsideCidrBlocks: + type: array + x-insertionOrder: false + items: + type: string + description: The inside IP addresses used for core network edges. + additionalProperties: false + CoreNetwork: + type: object + properties: + GlobalNetworkId: + description: The ID of the global network that your core network is a part of. + type: string + CoreNetworkId: + description: The Id of core network + type: string + CoreNetworkArn: + description: The ARN (Amazon resource name) of core network + type: string + PolicyDocument: + description: Live policy document for the core network, you must provide PolicyDocument in Json Format + type: object + Description: + description: The description of core network + type: string + CreatedAt: + description: The creation time of core network + type: string + State: + description: The state of core network + type: string + Segments: + description: The segments within a core network. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/CoreNetworkSegment' + Edges: + description: The edges within a core network. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/CoreNetworkEdge' + OwnerAccount: + description: Owner of the core network + type: string + Tags: + description: The tags for the global network. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - GlobalNetworkId + x-stackql-resource-name: core_network + x-stackql-primaryIdentifier: + - CoreNetworkId + x-create-only-properties: + - GlobalNetworkId + x-read-only-properties: + - OwnerAccount + - CoreNetworkId + - CoreNetworkArn + - CreatedAt + - State + - Segments + - Edges + x-required-permissions: + create: + - networkmanager:CreateCoreNetwork + - networkmanager:GetCoreNetwork + - networkmanager:GetCoreNetworkPolicy + - networkmanager:TagResource + - ec2:DescribeRegions + read: + - networkmanager:GetCoreNetwork + - networkmanager:GetCoreNetworkPolicy + update: + - networkmanager:UpdateCoreNetwork + - networkmanager:GetCoreNetwork + - networkmanager:ListTagsForResource + - networkmanager:PutCoreNetworkPolicy + - networkmanager:GetCoreNetworkPolicy + - networkmanager:ExecuteCoreNetworkChangeSet + - networkmanager:TagResource + - networkmanager:UntagResource + - ec2:DescribeRegions + delete: + - networkmanager:DeleteCoreNetwork + - networkmanager:UntagResource + - networkmanager:GetCoreNetwork + - networkmanager:GetCoreNetworkPolicy + - ec2:DescribeRegions + list: + - networkmanager:ListCoreNetworks + CustomerGatewayAssociation: + type: object + properties: + GlobalNetworkId: + description: The ID of the global network. + type: string + CustomerGatewayArn: + description: The Amazon Resource Name (ARN) of the customer gateway. + type: string + DeviceId: + description: The ID of the device + type: string + LinkId: + description: The ID of the link + type: string + required: + - GlobalNetworkId + - CustomerGatewayArn + - DeviceId + x-stackql-resource-name: customer_gateway_association + x-stackql-primaryIdentifier: + - GlobalNetworkId + - CustomerGatewayArn + x-create-only-properties: + - GlobalNetworkId + - CustomerGatewayArn + - DeviceId + - LinkId + x-required-permissions: + create: + - networkmanager:GetCustomerGatewayAssociations + - networkmanager:AssociateCustomerGateway + read: + - networkmanager:GetCustomerGatewayAssociations + list: + - networkmanager:GetCustomerGatewayAssociations + delete: + - networkmanager:DisassociateCustomerGateway + Location: + description: The location of the site + type: object + properties: + Address: + description: The physical address. + type: string + Latitude: + description: The latitude. + type: string + Longitude: + description: The longitude. + type: string + additionalProperties: false + AWSLocation: + description: The Amazon Web Services location of the device, if applicable. + type: object + properties: + Zone: + description: The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost. + type: string + SubnetArn: + description: The Amazon Resource Name (ARN) of the subnet that the device is located in. + type: string + additionalProperties: false + Device: + type: object + properties: + DeviceArn: + description: The Amazon Resource Name (ARN) of the device. + type: string + DeviceId: + description: The ID of the device. + type: string + Description: + description: The description of the device. + type: string + Tags: + description: The tags for the device. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + GlobalNetworkId: + description: The ID of the global network. + type: string + AWSLocation: + description: The Amazon Web Services location of the device, if applicable. + $ref: '#/components/schemas/AWSLocation' + Location: + description: The site location. + $ref: '#/components/schemas/Location' + Model: + description: The device model + type: string + SerialNumber: + description: The device serial number. + type: string + SiteId: + description: The site ID. + type: string + Type: + description: The device type. + type: string + Vendor: + description: The device vendor. + type: string + CreatedAt: + description: The date and time that the device was created. + type: string + State: + description: The state of the device. + type: string + required: + - GlobalNetworkId + x-stackql-resource-name: device + x-stackql-primaryIdentifier: + - GlobalNetworkId + - DeviceId + x-create-only-properties: + - GlobalNetworkId + x-read-only-properties: + - DeviceId + - DeviceArn + - State + - CreatedAt + x-required-permissions: + create: + - networkmanager:CreateDevice + - networkmanager:GetDevices + - networkmanager:TagResource + read: + - networkmanager:GetDevices + update: + - networkmanager:UpdateDevice + - networkmanager:ListTagsForResource + - networkmanager:GetDevices + - networkmanager:TagResource + - networkmanager:UntagResource + delete: + - networkmanager:GetDevices + - networkmanager:DeleteDevice + list: + - networkmanager:GetDevices + GlobalNetwork: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the global network. + type: string + Id: + description: The ID of the global network. + type: string + Description: + description: The description of the global network. + type: string + Tags: + description: The tags for the global network. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + CreatedAt: + description: The date and time that the global network was created. + type: string + State: + description: The state of the global network. + type: string + x-stackql-resource-name: global_network + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - networkmanager:CreateGlobalNetwork + - networkmanager:DescribeGlobalNetworks + - networkmanager:TagResource + - iam:CreateServiceLinkedRole + read: + - networkmanager:DescribeGlobalNetworks + update: + - networkmanager:UpdateGlobalNetwork + - networkmanager:DescribeGlobalNetworks + - networkmanager:TagResource + - networkmanager:UntagResource + - networkmanager:ListTagsForResource + delete: + - networkmanager:DeleteGlobalNetwork + - networkmanager:DescribeGlobalNetworks + list: + - networkmanager:DescribeGlobalNetworks + Bandwidth: + description: The bandwidth for the link. + type: object + properties: + DownloadSpeed: + description: Download speed in Mbps. + type: integer + UploadSpeed: + description: Upload speed in Mbps. + type: integer + additionalProperties: false + Link: + type: object + properties: + LinkArn: + description: The Amazon Resource Name (ARN) of the link. + type: string + LinkId: + description: The ID of the link. + type: string + GlobalNetworkId: + description: The ID of the global network. + type: string + SiteId: + description: The ID of the site + type: string + Bandwidth: + description: The Bandwidth for the link. + $ref: '#/components/schemas/Bandwidth' + Provider: + description: The provider of the link. + type: string + Description: + description: The description of the link. + type: string + Tags: + description: The tags for the link. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Type: + description: The type of the link. + type: string + CreatedAt: + description: The date and time that the device was created. + type: string + State: + description: The state of the link. + type: string + required: + - GlobalNetworkId + - SiteId + - Bandwidth + x-stackql-resource-name: link + x-stackql-primaryIdentifier: + - GlobalNetworkId + - LinkId + x-create-only-properties: + - GlobalNetworkId + - SiteId + x-read-only-properties: + - LinkId + - LinkArn + - CreatedAt + - State + x-required-permissions: + create: + - networkmanager:CreateLink + - networkmanager:GetLinks + - networkmanager:TagResource + read: + - networkmanager:GetLinks + update: + - networkmanager:ListTagsForResource + - networkmanager:TagResource + - networkmanager:GetLinks + - networkmanager:UntagResource + - networkmanager:UpdateLink + delete: + - networkmanager:GetLinks + - networkmanager:DeleteLink + list: + - networkmanager:GetLinks + LinkAssociation: + type: object + properties: + GlobalNetworkId: + description: The ID of the global network. + type: string + DeviceId: + description: The ID of the device + type: string + LinkId: + description: The ID of the link + type: string + required: + - GlobalNetworkId + - DeviceId + - LinkId + x-stackql-resource-name: link_association + x-stackql-primaryIdentifier: + - GlobalNetworkId + - DeviceId + - LinkId + x-create-only-properties: + - GlobalNetworkId + - DeviceId + - LinkId + x-required-permissions: + create: + - networkmanager:GetLinkAssociations + - networkmanager:AssociateLink + read: + - networkmanager:GetLinkAssociations + list: + - networkmanager:GetLinkAssociations + delete: + - networkmanager:DisassociateLink + Site: + type: object + properties: + SiteArn: + description: The Amazon Resource Name (ARN) of the site. + type: string + SiteId: + description: The ID of the site. + type: string + Description: + description: The description of the site. + type: string + Tags: + description: The tags for the site. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + GlobalNetworkId: + description: The ID of the global network. + type: string + Location: + description: The location of the site. + $ref: '#/components/schemas/Location' + CreatedAt: + description: The date and time that the device was created. + type: string + State: + description: The state of the site. + type: string + required: + - GlobalNetworkId + x-stackql-resource-name: site + x-stackql-primaryIdentifier: + - GlobalNetworkId + - SiteId + x-create-only-properties: + - GlobalNetworkId + x-read-only-properties: + - SiteId + - SiteArn + - State + - CreatedAt + x-required-permissions: + create: + - networkmanager:CreateSite + - networkmanager:GetSites + - networkmanager:TagResource + read: + - networkmanager:GetSites + update: + - networkmanager:GetSites + - networkmanager:ListTagsForResource + - networkmanager:TagResource + - networkmanager:UntagResource + - networkmanager:UpdateSite + delete: + - networkmanager:GetSites + - networkmanager:DeleteSite + list: + - networkmanager:GetSites + SiteToSiteVpnAttachment: + type: object + properties: + CoreNetworkId: + description: The ID of a core network where you're creating a site-to-site VPN attachment. + type: string + CoreNetworkArn: + description: The ARN of a core network for the VPC attachment. + type: string + AttachmentId: + description: The ID of the attachment. + type: string + OwnerAccountId: + description: Owner account of the attachment. + type: string + AttachmentType: + description: The type of attachment. + type: string + State: + description: The state of the attachment. + type: string + EdgeLocation: + description: The Region where the edge is located. + type: string + ResourceArn: + description: The ARN of the Resource. + type: string + AttachmentPolicyRuleNumber: + description: The policy rule number associated with the attachment. + type: integer + SegmentName: + description: The name of the segment that attachment is in. + type: string + ProposedSegmentChange: + description: The attachment to move from one segment to another. + $ref: '#/components/schemas/ProposedSegmentChange' + Tags: + description: Tags for the attachment. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + CreatedAt: + description: Creation time of the attachment. + type: string + UpdatedAt: + description: Last update time of the attachment. + type: string + VpnConnectionArn: + description: The ARN of the site-to-site VPN attachment. + type: string + required: + - CoreNetworkId + - VpnConnectionArn + x-stackql-resource-name: site_to_site_vpn_attachment + x-stackql-primaryIdentifier: + - AttachmentId + x-create-only-properties: + - CoreNetworkId + - VpnConnectionArn + x-read-only-properties: + - CoreNetworkArn + - CreatedAt + - UpdatedAt + - AttachmentType + - State + - ResourceArn + - AttachmentId + - OwnerAccountId + - EdgeLocation + - AttachmentPolicyRuleNumber + - SegmentName + x-required-permissions: + create: + - networkmanager:GetSiteToSiteVpnAttachment + - networkmanager:CreateSiteToSiteVpnAttachment + - ec2:DescribeRegions + - networkmanager:TagResource + read: + - networkmanager:GetSiteToSiteVpnAttachment + update: + - networkmanager:GetSiteToSiteVpnAttachment + - networkmanager:ListTagsForResource + - networkmanager:TagResource + - networkmanager:UntagResource + - ec2:DescribeRegions + delete: + - networkmanager:GetSiteToSiteVpnAttachment + - networkmanager:DeleteAttachment + - ec2:DescribeRegions + list: + - networkmanager:ListAttachments + TransitGatewayPeering: + type: object + properties: + CoreNetworkId: + description: The Id of the core network that you want to peer a transit gateway to. + type: string + CoreNetworkArn: + description: The ARN (Amazon Resource Name) of the core network that you want to peer a transit gateway to. + type: string + TransitGatewayArn: + description: The ARN (Amazon Resource Name) of the transit gateway that you will peer to a core network + type: string + TransitGatewayPeeringAttachmentId: + description: The ID of the TransitGatewayPeeringAttachment + type: string + PeeringId: + description: The Id of the transit gateway peering + type: string + State: + description: The state of the transit gateway peering + type: string + EdgeLocation: + description: The location of the transit gateway peering + type: string + ResourceArn: + description: The ARN (Amazon Resource Name) of the resource that you will peer to a core network + type: string + OwnerAccountId: + description: Peering owner account Id + type: string + PeeringType: + description: Peering type (TransitGatewayPeering) + type: string + CreatedAt: + description: The creation time of the transit gateway peering + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - CoreNetworkId + - TransitGatewayArn + x-stackql-resource-name: transit_gateway_peering + x-stackql-primaryIdentifier: + - PeeringId + x-create-only-properties: + - CoreNetworkId + - TransitGatewayArn + x-read-only-properties: + - CoreNetworkArn + - PeeringId + - State + - PeeringType + - OwnerAccountId + - EdgeLocation + - ResourceArn + - CreatedAt + - TransitGatewayPeeringAttachmentId + x-required-permissions: + create: + - networkmanager:CreateTransitGatewayPeering + - networkmanager:TagResource + - networkmanager:GetTransitGatewayPeering + - iam:CreateServiceLinkedRole + - ec2:CreateTransitGatewayPeeringAttachment + - ec2:AcceptTransitGatewayPeeringAttachment + - ec2:DescribeRegions + read: + - networkmanager:GetTransitGatewayPeering + - networkmanager:TagResource + update: + - networkmanager:TagResource + - networkmanager:UntagResource + - networkmanager:ListTagsForResource + - networkmanager:GetTransitGatewayPeering + - ec2:DescribeRegions + delete: + - networkmanager:DeletePeering + - networkmanager:GetTransitGatewayPeering + - ec2:DescribeRegions + list: + - networkmanager:ListPeerings + TransitGatewayRegistration: + type: object + properties: + GlobalNetworkId: + description: The ID of the global network. + type: string + TransitGatewayArn: + description: The Amazon Resource Name (ARN) of the transit gateway. + type: string + required: + - GlobalNetworkId + - TransitGatewayArn + x-stackql-resource-name: transit_gateway_registration + x-stackql-primaryIdentifier: + - GlobalNetworkId + - TransitGatewayArn + x-create-only-properties: + - GlobalNetworkId + - TransitGatewayArn + x-required-permissions: + create: + - networkmanager:RegisterTransitGateway + - networkmanager:GetTransitGatewayRegistrations + read: + - networkmanager:GetTransitGatewayRegistrations + list: + - networkmanager:GetTransitGatewayRegistrations + delete: + - networkmanager:DeregisterTransitGateway + - networkmanager:GetTransitGatewayRegistrations + TransitGatewayRouteTableAttachment: + type: object + properties: + PeeringId: + description: The Id of peering between transit gateway and core network. + type: string + TransitGatewayRouteTableArn: + description: The Arn of transit gateway route table. + type: string + CoreNetworkId: + description: The ID of a core network where you're creating a site-to-site VPN attachment. + type: string + CoreNetworkArn: + description: The ARN of a core network for the VPC attachment. + type: string + AttachmentId: + description: The ID of the attachment. + type: string + OwnerAccountId: + description: Owner account of the attachment. + type: string + AttachmentType: + description: The type of attachment. + type: string + State: + description: The state of the attachment. + type: string + EdgeLocation: + description: The Region where the edge is located. + type: string + ResourceArn: + description: The ARN of the Resource. + type: string + AttachmentPolicyRuleNumber: + description: The policy rule number associated with the attachment. + type: integer + SegmentName: + description: The name of the segment that attachment is in. + type: string + ProposedSegmentChange: + description: The attachment to move from one segment to another. + $ref: '#/components/schemas/ProposedSegmentChange' + CreatedAt: + description: Creation time of the attachment. + type: string + UpdatedAt: + description: Last update time of the attachment. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - PeeringId + - TransitGatewayRouteTableArn + x-stackql-resource-name: transit_gateway_route_table_attachment + x-stackql-primaryIdentifier: + - AttachmentId + x-create-only-properties: + - PeeringId + - TransitGatewayRouteTableArn + x-read-only-properties: + - CoreNetworkArn + - CoreNetworkId + - CreatedAt + - UpdatedAt + - AttachmentType + - State + - ResourceArn + - AttachmentId + - OwnerAccountId + - EdgeLocation + - AttachmentPolicyRuleNumber + - SegmentName + x-required-permissions: + create: + - networkmanager:CreateTransitGatewayRouteTableAttachment + - networkmanager:GetTransitGatewayRouteTableAttachment + - networkmanager:TagResource + - iam:CreateServiceLinkedRole + - ec2:DescribeRegions + read: + - networkmanager:GetTransitGatewayRouteTableAttachment + update: + - networkmanager:GetTransitGatewayRouteTableAttachment + - networkmanager:ListTagsForResource + - networkmanager:TagResource + - networkmanager:UntagResource + - ec2:DescribeRegions + delete: + - networkmanager:GetTransitGatewayRouteTableAttachment + - networkmanager:DeleteAttachment + - ec2:DescribeRegions + list: + - networkmanager:ListAttachments + VpcOptions: + description: Vpc options of the attachment. + type: object + properties: + Ipv6Support: + description: 'Indicates whether to enable Ipv6 Support for Vpc Attachment. Valid Values: enable | disable' + type: boolean + default: false + ApplianceModeSupport: + description: 'Indicates whether to enable ApplianceModeSupport Support for Vpc Attachment. Valid Values: true | false' + type: boolean + default: false + additionalProperties: false + VpcAttachment: + type: object + properties: + CoreNetworkId: + description: The ID of a core network for the VPC attachment. + type: string + CoreNetworkArn: + description: The ARN of a core network for the VPC attachment. + type: string + AttachmentId: + description: Id of the attachment. + type: string + OwnerAccountId: + description: Owner account of the attachment. + type: string + AttachmentType: + description: Attachment type. + type: string + State: + description: State of the attachment. + type: string + EdgeLocation: + description: The Region where the edge is located. + type: string + VpcArn: + description: The ARN of the VPC. + type: string + ResourceArn: + description: The ARN of the Resource. + type: string + AttachmentPolicyRuleNumber: + description: The policy rule number associated with the attachment. + type: integer + SegmentName: + description: The name of the segment attachment.. + type: string + ProposedSegmentChange: + description: The attachment to move from one segment to another. + $ref: '#/components/schemas/ProposedSegmentChange' + Tags: + description: Tags for the attachment. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + CreatedAt: + description: Creation time of the attachment. + type: string + UpdatedAt: + description: Last update time of the attachment. + type: string + SubnetArns: + description: Subnet Arn list + type: array + x-insertionOrder: false + items: + type: string + Options: + description: Vpc options of the attachment. + $ref: '#/components/schemas/VpcOptions' + required: + - CoreNetworkId + - VpcArn + - SubnetArns + x-stackql-resource-name: vpc_attachment + x-stackql-primaryIdentifier: + - AttachmentId + x-create-only-properties: + - CoreNetworkId + - VpcArn + x-read-only-properties: + - CoreNetworkArn + - CreatedAt + - UpdatedAt + - AttachmentType + - State + - AttachmentId + - OwnerAccountId + - EdgeLocation + - AttachmentPolicyRuleNumber + - SegmentName + - ResourceArn + x-required-permissions: + create: + - networkmanager:CreateVpcAttachment + - networkmanager:GetVpcAttachment + - networkmanager:TagResource + - ec2:DescribeRegions + - iam:CreateServiceLinkedRole + read: + - networkmanager:GetVpcAttachment + update: + - networkmanager:UpdateVpcAttachment + - networkmanager:GetVpcAttachment + - networkmanager:ListTagsForResource + - networkmanager:TagResource + - networkmanager:UntagResource + - ec2:DescribeRegions + delete: + - networkmanager:DeleteAttachment + - networkmanager:GetVpcAttachment + - networkmanager:UntagResource + - ec2:DescribeRegions + list: + - networkmanager:ListAttachments + x-stackQL-resources: + connect_attachments: + name: connect_attachments + id: awscc.networkmanager.connect_attachments + x-cfn-schema-name: ConnectAttachment + x-type: list + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::ConnectAttachment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::ConnectAttachment' + AND region = 'us-east-1' + connect_attachment: + name: connect_attachment + id: awscc.networkmanager.connect_attachment + x-cfn-schema-name: ConnectAttachment + x-type: get + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id, + JSON_EXTRACT(Properties, '$.CoreNetworkArn') as core_network_arn, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id, + JSON_EXTRACT(Properties, '$.OwnerAccountId') as owner_account_id, + JSON_EXTRACT(Properties, '$.AttachmentType') as attachment_type, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.EdgeLocation') as edge_location, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + JSON_EXTRACT(Properties, '$.SegmentName') as segment_name, + JSON_EXTRACT(Properties, '$.ProposedSegmentChange') as proposed_segment_change, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.TransportAttachmentId') as transport_attachment_id, + JSON_EXTRACT(Properties, '$.Options') as options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::ConnectAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id, + json_extract_path_text(Properties, 'CoreNetworkArn') as core_network_arn, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id, + json_extract_path_text(Properties, 'OwnerAccountId') as owner_account_id, + json_extract_path_text(Properties, 'AttachmentType') as attachment_type, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'EdgeLocation') as edge_location, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + json_extract_path_text(Properties, 'SegmentName') as segment_name, + json_extract_path_text(Properties, 'ProposedSegmentChange') as proposed_segment_change, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'TransportAttachmentId') as transport_attachment_id, + json_extract_path_text(Properties, 'Options') as options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::ConnectAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + connect_peers: + name: connect_peers + id: awscc.networkmanager.connect_peers + x-cfn-schema-name: ConnectPeer + x-type: list + x-identifiers: + - ConnectPeerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectPeerId') as connect_peer_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::ConnectPeer' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectPeerId') as connect_peer_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::ConnectPeer' + AND region = 'us-east-1' + connect_peer: + name: connect_peer + id: awscc.networkmanager.connect_peer + x-cfn-schema-name: ConnectPeer + x-type: get + x-identifiers: + - ConnectPeerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PeerAddress') as peer_address, + JSON_EXTRACT(Properties, '$.CoreNetworkAddress') as core_network_address, + JSON_EXTRACT(Properties, '$.BgpOptions') as bgp_options, + JSON_EXTRACT(Properties, '$.InsideCidrBlocks') as inside_cidr_blocks, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id, + JSON_EXTRACT(Properties, '$.ConnectAttachmentId') as connect_attachment_id, + JSON_EXTRACT(Properties, '$.ConnectPeerId') as connect_peer_id, + JSON_EXTRACT(Properties, '$.EdgeLocation') as edge_location, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.SubnetArn') as subnet_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::ConnectPeer' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PeerAddress') as peer_address, + json_extract_path_text(Properties, 'CoreNetworkAddress') as core_network_address, + json_extract_path_text(Properties, 'BgpOptions') as bgp_options, + json_extract_path_text(Properties, 'InsideCidrBlocks') as inside_cidr_blocks, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id, + json_extract_path_text(Properties, 'ConnectAttachmentId') as connect_attachment_id, + json_extract_path_text(Properties, 'ConnectPeerId') as connect_peer_id, + json_extract_path_text(Properties, 'EdgeLocation') as edge_location, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'SubnetArn') as subnet_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::ConnectPeer' + AND data__Identifier = '' + AND region = 'us-east-1' + core_networks: + name: core_networks + id: awscc.networkmanager.core_networks + x-cfn-schema-name: CoreNetwork + x-type: list + x-identifiers: + - CoreNetworkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::CoreNetwork' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::CoreNetwork' + AND region = 'us-east-1' + core_network: + name: core_network + id: awscc.networkmanager.core_network + x-cfn-schema-name: CoreNetwork + x-type: get + x-identifiers: + - CoreNetworkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id, + JSON_EXTRACT(Properties, '$.CoreNetworkArn') as core_network_arn, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Segments') as segments, + JSON_EXTRACT(Properties, '$.Edges') as edges, + JSON_EXTRACT(Properties, '$.OwnerAccount') as owner_account, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::CoreNetwork' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id, + json_extract_path_text(Properties, 'CoreNetworkArn') as core_network_arn, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Segments') as segments, + json_extract_path_text(Properties, 'Edges') as edges, + json_extract_path_text(Properties, 'OwnerAccount') as owner_account, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::CoreNetwork' + AND data__Identifier = '' + AND region = 'us-east-1' + customer_gateway_associations: + name: customer_gateway_associations + id: awscc.networkmanager.customer_gateway_associations + x-cfn-schema-name: CustomerGatewayAssociation + x-type: list + x-identifiers: + - GlobalNetworkId + - CustomerGatewayArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.CustomerGatewayArn') as customer_gateway_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::CustomerGatewayAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'CustomerGatewayArn') as customer_gateway_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::CustomerGatewayAssociation' + AND region = 'us-east-1' + customer_gateway_association: + name: customer_gateway_association + id: awscc.networkmanager.customer_gateway_association + x-cfn-schema-name: CustomerGatewayAssociation + x-type: get + x-identifiers: + - GlobalNetworkId + - CustomerGatewayArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.CustomerGatewayArn') as customer_gateway_arn, + JSON_EXTRACT(Properties, '$.DeviceId') as device_id, + JSON_EXTRACT(Properties, '$.LinkId') as link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::CustomerGatewayAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'CustomerGatewayArn') as customer_gateway_arn, + json_extract_path_text(Properties, 'DeviceId') as device_id, + json_extract_path_text(Properties, 'LinkId') as link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::CustomerGatewayAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + devices: + name: devices + id: awscc.networkmanager.devices + x-cfn-schema-name: Device + x-type: list + x-identifiers: + - GlobalNetworkId + - DeviceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.DeviceId') as device_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::Device' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'DeviceId') as device_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::Device' + AND region = 'us-east-1' + device: + name: device + id: awscc.networkmanager.device + x-cfn-schema-name: Device + x-type: get + x-identifiers: + - GlobalNetworkId + - DeviceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeviceArn') as device_arn, + JSON_EXTRACT(Properties, '$.DeviceId') as device_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.AWSLocation') as a_ws_location, + JSON_EXTRACT(Properties, '$.Location') as location, + JSON_EXTRACT(Properties, '$.Model') as model, + JSON_EXTRACT(Properties, '$.SerialNumber') as serial_number, + JSON_EXTRACT(Properties, '$.SiteId') as site_id, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Vendor') as vendor, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::Device' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeviceArn') as device_arn, + json_extract_path_text(Properties, 'DeviceId') as device_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'AWSLocation') as a_ws_location, + json_extract_path_text(Properties, 'Location') as location, + json_extract_path_text(Properties, 'Model') as model, + json_extract_path_text(Properties, 'SerialNumber') as serial_number, + json_extract_path_text(Properties, 'SiteId') as site_id, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Vendor') as vendor, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::Device' + AND data__Identifier = '' + AND region = 'us-east-1' + global_networks: + name: global_networks + id: awscc.networkmanager.global_networks + x-cfn-schema-name: GlobalNetwork + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::GlobalNetwork' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::GlobalNetwork' + AND region = 'us-east-1' + global_network: + name: global_network + id: awscc.networkmanager.global_network + x-cfn-schema-name: GlobalNetwork + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::GlobalNetwork' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::GlobalNetwork' + AND data__Identifier = '' + AND region = 'us-east-1' + links: + name: links + id: awscc.networkmanager.links + x-cfn-schema-name: Link + x-type: list + x-identifiers: + - GlobalNetworkId + - LinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.LinkId') as link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::Link' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'LinkId') as link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::Link' + AND region = 'us-east-1' + link: + name: link + id: awscc.networkmanager.link + x-cfn-schema-name: Link + x-type: get + x-identifiers: + - GlobalNetworkId + - LinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LinkArn') as link_arn, + JSON_EXTRACT(Properties, '$.LinkId') as link_id, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.SiteId') as site_id, + JSON_EXTRACT(Properties, '$.Bandwidth') as bandwidth, + JSON_EXTRACT(Properties, '$.Provider') as provider, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::Link' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LinkArn') as link_arn, + json_extract_path_text(Properties, 'LinkId') as link_id, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'SiteId') as site_id, + json_extract_path_text(Properties, 'Bandwidth') as bandwidth, + json_extract_path_text(Properties, 'Provider') as provider, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::Link' + AND data__Identifier = '' + AND region = 'us-east-1' + link_associations: + name: link_associations + id: awscc.networkmanager.link_associations + x-cfn-schema-name: LinkAssociation + x-type: list + x-identifiers: + - GlobalNetworkId + - DeviceId + - LinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.DeviceId') as device_id, + JSON_EXTRACT(Properties, '$.LinkId') as link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::LinkAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'DeviceId') as device_id, + json_extract_path_text(Properties, 'LinkId') as link_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::LinkAssociation' + AND region = 'us-east-1' + link_association: + name: link_association + id: awscc.networkmanager.link_association + x-cfn-schema-name: LinkAssociation + x-type: get + x-identifiers: + - GlobalNetworkId + - DeviceId + - LinkId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.DeviceId') as device_id, + JSON_EXTRACT(Properties, '$.LinkId') as link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::LinkAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'DeviceId') as device_id, + json_extract_path_text(Properties, 'LinkId') as link_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::LinkAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + sites: + name: sites + id: awscc.networkmanager.sites + x-cfn-schema-name: Site + x-type: list + x-identifiers: + - GlobalNetworkId + - SiteId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.SiteId') as site_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::Site' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'SiteId') as site_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::Site' + AND region = 'us-east-1' + site: + name: site + id: awscc.networkmanager.site + x-cfn-schema-name: Site + x-type: get + x-identifiers: + - GlobalNetworkId + - SiteId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SiteArn') as site_arn, + JSON_EXTRACT(Properties, '$.SiteId') as site_id, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.Location') as location, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::Site' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SiteArn') as site_arn, + json_extract_path_text(Properties, 'SiteId') as site_id, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'Location') as location, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::Site' + AND data__Identifier = '' + AND region = 'us-east-1' + site_to_site_vpn_attachments: + name: site_to_site_vpn_attachments + id: awscc.networkmanager.site_to_site_vpn_attachments + x-cfn-schema-name: SiteToSiteVpnAttachment + x-type: list + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::SiteToSiteVpnAttachment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::SiteToSiteVpnAttachment' + AND region = 'us-east-1' + site_to_site_vpn_attachment: + name: site_to_site_vpn_attachment + id: awscc.networkmanager.site_to_site_vpn_attachment + x-cfn-schema-name: SiteToSiteVpnAttachment + x-type: get + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id, + JSON_EXTRACT(Properties, '$.CoreNetworkArn') as core_network_arn, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id, + JSON_EXTRACT(Properties, '$.OwnerAccountId') as owner_account_id, + JSON_EXTRACT(Properties, '$.AttachmentType') as attachment_type, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.EdgeLocation') as edge_location, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + JSON_EXTRACT(Properties, '$.SegmentName') as segment_name, + JSON_EXTRACT(Properties, '$.ProposedSegmentChange') as proposed_segment_change, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.VpnConnectionArn') as vpn_connection_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::SiteToSiteVpnAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id, + json_extract_path_text(Properties, 'CoreNetworkArn') as core_network_arn, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id, + json_extract_path_text(Properties, 'OwnerAccountId') as owner_account_id, + json_extract_path_text(Properties, 'AttachmentType') as attachment_type, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'EdgeLocation') as edge_location, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + json_extract_path_text(Properties, 'SegmentName') as segment_name, + json_extract_path_text(Properties, 'ProposedSegmentChange') as proposed_segment_change, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'VpnConnectionArn') as vpn_connection_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::SiteToSiteVpnAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + transit_gateway_peerings: + name: transit_gateway_peerings + id: awscc.networkmanager.transit_gateway_peerings + x-cfn-schema-name: TransitGatewayPeering + x-type: list + x-identifiers: + - PeeringId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PeeringId') as peering_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayPeering' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PeeringId') as peering_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayPeering' + AND region = 'us-east-1' + transit_gateway_peering: + name: transit_gateway_peering + id: awscc.networkmanager.transit_gateway_peering + x-cfn-schema-name: TransitGatewayPeering + x-type: get + x-identifiers: + - PeeringId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id, + JSON_EXTRACT(Properties, '$.CoreNetworkArn') as core_network_arn, + JSON_EXTRACT(Properties, '$.TransitGatewayArn') as transit_gateway_arn, + JSON_EXTRACT(Properties, '$.TransitGatewayPeeringAttachmentId') as transit_gateway_peering_attachment_id, + JSON_EXTRACT(Properties, '$.PeeringId') as peering_id, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.EdgeLocation') as edge_location, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.OwnerAccountId') as owner_account_id, + JSON_EXTRACT(Properties, '$.PeeringType') as peering_type, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayPeering' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id, + json_extract_path_text(Properties, 'CoreNetworkArn') as core_network_arn, + json_extract_path_text(Properties, 'TransitGatewayArn') as transit_gateway_arn, + json_extract_path_text(Properties, 'TransitGatewayPeeringAttachmentId') as transit_gateway_peering_attachment_id, + json_extract_path_text(Properties, 'PeeringId') as peering_id, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'EdgeLocation') as edge_location, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'OwnerAccountId') as owner_account_id, + json_extract_path_text(Properties, 'PeeringType') as peering_type, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayPeering' + AND data__Identifier = '' + AND region = 'us-east-1' + transit_gateway_registrations: + name: transit_gateway_registrations + id: awscc.networkmanager.transit_gateway_registrations + x-cfn-schema-name: TransitGatewayRegistration + x-type: list + x-identifiers: + - GlobalNetworkId + - TransitGatewayArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.TransitGatewayArn') as transit_gateway_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRegistration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'TransitGatewayArn') as transit_gateway_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRegistration' + AND region = 'us-east-1' + transit_gateway_registration: + name: transit_gateway_registration + id: awscc.networkmanager.transit_gateway_registration + x-cfn-schema-name: TransitGatewayRegistration + x-type: get + x-identifiers: + - GlobalNetworkId + - TransitGatewayArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalNetworkId') as global_network_id, + JSON_EXTRACT(Properties, '$.TransitGatewayArn') as transit_gateway_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRegistration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalNetworkId') as global_network_id, + json_extract_path_text(Properties, 'TransitGatewayArn') as transit_gateway_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRegistration' + AND data__Identifier = '' + AND region = 'us-east-1' + transit_gateway_route_table_attachments: + name: transit_gateway_route_table_attachments + id: awscc.networkmanager.transit_gateway_route_table_attachments + x-cfn-schema-name: TransitGatewayRouteTableAttachment + x-type: list + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRouteTableAttachment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRouteTableAttachment' + AND region = 'us-east-1' + transit_gateway_route_table_attachment: + name: transit_gateway_route_table_attachment + id: awscc.networkmanager.transit_gateway_route_table_attachment + x-cfn-schema-name: TransitGatewayRouteTableAttachment + x-type: get + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PeeringId') as peering_id, + JSON_EXTRACT(Properties, '$.TransitGatewayRouteTableArn') as transit_gateway_route_table_arn, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id, + JSON_EXTRACT(Properties, '$.CoreNetworkArn') as core_network_arn, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id, + JSON_EXTRACT(Properties, '$.OwnerAccountId') as owner_account_id, + JSON_EXTRACT(Properties, '$.AttachmentType') as attachment_type, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.EdgeLocation') as edge_location, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + JSON_EXTRACT(Properties, '$.SegmentName') as segment_name, + JSON_EXTRACT(Properties, '$.ProposedSegmentChange') as proposed_segment_change, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRouteTableAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PeeringId') as peering_id, + json_extract_path_text(Properties, 'TransitGatewayRouteTableArn') as transit_gateway_route_table_arn, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id, + json_extract_path_text(Properties, 'CoreNetworkArn') as core_network_arn, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id, + json_extract_path_text(Properties, 'OwnerAccountId') as owner_account_id, + json_extract_path_text(Properties, 'AttachmentType') as attachment_type, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'EdgeLocation') as edge_location, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + json_extract_path_text(Properties, 'SegmentName') as segment_name, + json_extract_path_text(Properties, 'ProposedSegmentChange') as proposed_segment_change, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::TransitGatewayRouteTableAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_attachments: + name: vpc_attachments + id: awscc.networkmanager.vpc_attachments + x-cfn-schema-name: VpcAttachment + x-type: list + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::VpcAttachment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NetworkManager::VpcAttachment' + AND region = 'us-east-1' + vpc_attachment: + name: vpc_attachment + id: awscc.networkmanager.vpc_attachment + x-cfn-schema-name: VpcAttachment + x-type: get + x-identifiers: + - AttachmentId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CoreNetworkId') as core_network_id, + JSON_EXTRACT(Properties, '$.CoreNetworkArn') as core_network_arn, + JSON_EXTRACT(Properties, '$.AttachmentId') as attachment_id, + JSON_EXTRACT(Properties, '$.OwnerAccountId') as owner_account_id, + JSON_EXTRACT(Properties, '$.AttachmentType') as attachment_type, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.EdgeLocation') as edge_location, + JSON_EXTRACT(Properties, '$.VpcArn') as vpc_arn, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + JSON_EXTRACT(Properties, '$.SegmentName') as segment_name, + JSON_EXTRACT(Properties, '$.ProposedSegmentChange') as proposed_segment_change, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.SubnetArns') as subnet_arns, + JSON_EXTRACT(Properties, '$.Options') as options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::VpcAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CoreNetworkId') as core_network_id, + json_extract_path_text(Properties, 'CoreNetworkArn') as core_network_arn, + json_extract_path_text(Properties, 'AttachmentId') as attachment_id, + json_extract_path_text(Properties, 'OwnerAccountId') as owner_account_id, + json_extract_path_text(Properties, 'AttachmentType') as attachment_type, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'EdgeLocation') as edge_location, + json_extract_path_text(Properties, 'VpcArn') as vpc_arn, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'AttachmentPolicyRuleNumber') as attachment_policy_rule_number, + json_extract_path_text(Properties, 'SegmentName') as segment_name, + json_extract_path_text(Properties, 'ProposedSegmentChange') as proposed_segment_change, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'SubnetArns') as subnet_arns, + json_extract_path_text(Properties, 'Options') as options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NetworkManager::VpcAttachment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/nimblestudio.yaml b/providers/src/awscc/v00.00.00000/services/nimblestudio.yaml new file mode 100644 index 00000000..49121d97 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/nimblestudio.yaml @@ -0,0 +1,1121 @@ +openapi: 3.0.0 +info: + title: NimbleStudio + version: 1.0.0 +paths: {} +components: + schemas: + AutomaticTerminationMode: + type: string + enum: + - DEACTIVATED + - ACTIVATED + SessionBackupMode: + type: string + enum: + - AUTOMATIC + - DEACTIVATED + SessionPersistenceMode: + type: string + enum: + - DEACTIVATED + - ACTIVATED + StreamConfiguration: + type: object + description:

A configuration for a streaming session.

+ properties: + ClipboardMode: + $ref: '#/components/schemas/StreamingClipboardMode' + Ec2InstanceTypes: + type: array + items: + $ref: '#/components/schemas/StreamingInstanceType' + maxItems: 30 + minItems: 1 + description: |- +

The EC2 instance types that users can select from when launching a streaming session + with this launch profile.

+ MaxSessionLengthInMinutes: + type: number + default: 690 + maximum: 43200 + minimum: 1 + description: |- +

The length of time, in minutes, that a streaming session can be active before it is + stopped or terminated. After this point, Nimble Studio automatically terminates or + stops the session. The default length of time is 690 minutes, and the maximum length of + time is 30 days.

+ StreamingImageIds: + type: array + items: + type: string + maxLength: 22 + minLength: 0 + pattern: ^[a-zA-Z0-9-_]*$ + maxItems: 20 + minItems: 1 + description: |- +

The streaming images that users can select from when launching a streaming session + with this launch profile.

+ MaxStoppedSessionLengthInMinutes: + type: number + default: 0 + maximum: 5760 + minimum: 0 + description: |- +

Integer that determines if you can start and stop your sessions and how long a session + can stay in the STOPPED state. The default value is 0. The maximum value is + 5760.

+

This field is allowed only when sessionPersistenceMode is + ACTIVATED and automaticTerminationMode is + ACTIVATED.

+

If the value is set to 0, your sessions can’t be STOPPED. If you then + call StopStreamingSession, the session fails. If the time that a session + stays in the READY state exceeds the maxSessionLengthInMinutes + value, the session will automatically be terminated (instead of + STOPPED).

+

If the value is set to a positive number, the session can be stopped. You can call + StopStreamingSession to stop sessions in the READY state. + If the time that a session stays in the READY state exceeds the + maxSessionLengthInMinutes value, the session will automatically be + stopped (instead of terminated).

+ SessionStorage: + $ref: '#/components/schemas/StreamConfigurationSessionStorage' + SessionBackup: + $ref: '#/components/schemas/StreamConfigurationSessionBackup' + SessionPersistenceMode: + $ref: '#/components/schemas/SessionPersistenceMode' + VolumeConfiguration: + $ref: '#/components/schemas/VolumeConfiguration' + AutomaticTerminationMode: + $ref: '#/components/schemas/AutomaticTerminationMode' + required: + - ClipboardMode + - Ec2InstanceTypes + - StreamingImageIds + additionalProperties: false + StreamConfigurationSessionBackup: + type: object + description: |- +

Configures how streaming sessions are backed up when launched from this launch + profile.

+ properties: + Mode: + $ref: '#/components/schemas/SessionBackupMode' + MaxBackupsToRetain: + type: number + default: 0 + maximum: 10 + minimum: 0 + description: |- +

The maximum number of backups that each streaming session created from this launch + profile can have.

+ additionalProperties: false + StreamConfigurationSessionStorage: + type: object + description:

The configuration for a streaming session’s upload storage.

+ properties: + Root: + $ref: '#/components/schemas/StreamingSessionStorageRoot' + Mode: + type: array + items: + $ref: '#/components/schemas/StreamingSessionStorageMode' + minItems: 1 + description: |- +

Allows artists to upload files to their workstations. The only valid option is + UPLOAD.

+ required: + - Mode + additionalProperties: false + StreamingClipboardMode: + type: string + enum: + - ENABLED + - DISABLED + StreamingInstanceType: + type: string + enum: + - g4dn.xlarge + - g4dn.2xlarge + - g4dn.4xlarge + - g4dn.8xlarge + - g4dn.12xlarge + - g4dn.16xlarge + - g3.4xlarge + - g3s.xlarge + - g5.xlarge + - g5.2xlarge + - g5.4xlarge + - g5.8xlarge + - g5.16xlarge + StreamingSessionStorageMode: + type: string + enum: + - UPLOAD + StreamingSessionStorageRoot: + type: object + description: |- +

The upload storage root location (folder) on streaming workstations where files are + uploaded.

+ properties: + Linux: + type: string + maxLength: 128 + minLength: 1 + pattern: ^(\$HOME|/)[/]?([A-Za-z0-9-_]+/)*([A-Za-z0-9_-]+)$ + description:

The folder path in Linux workstations where files are uploaded.

+ Windows: + type: string + maxLength: 128 + minLength: 1 + pattern: ^((\%HOMEPATH\%)|[a-zA-Z]:)[\\/](?:[a-zA-Z0-9_-]+[\\/])*[a-zA-Z0-9_-]+$ + description:

The folder path in Windows workstations where files are uploaded.

+ additionalProperties: false + Tags: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + VolumeConfiguration: + type: object + description: |- +

Custom volume configuration for the root volumes that are attached to streaming + sessions.

+

This parameter is only allowed when sessionPersistenceMode is + ACTIVATED.

+ properties: + Size: + type: number + default: 500 + maximum: 16000 + minimum: 100 + description: |- +

The size of the root volume that is attached to the streaming session. The root volume + size is measured in GiBs.

+ Throughput: + type: number + default: 125 + maximum: 1000 + minimum: 125 + description: |- +

The throughput to provision for the root volume that is attached to the streaming + session. The throughput is measured in MiB/s.

+ Iops: + type: number + default: 3000 + maximum: 16000 + minimum: 3000 + description: |- +

The number of I/O operations per second for the root volume that is attached to + streaming session.

+ additionalProperties: false + LaunchProfile: + type: object + properties: + Description: + type: string + maxLength: 256 + minLength: 0 + description:

The description.

+ Ec2SubnetIds: + type: array + items: + type: string + maxItems: 6 + minItems: 0 + description: |- +

Specifies the IDs of the EC2 subnets where streaming sessions will be accessible from. + These subnets must support the specified instance types.

+ LaunchProfileId: + type: string + LaunchProfileProtocolVersions: + type: array + items: + type: string + maxLength: 10 + minLength: 0 + pattern: ^2021\-03\-31$ + description: |- +

The version number of the protocol that is used by the launch profile. The only valid + version is "2021-03-31".

+ description: |- +

The version number of the protocol that is used by the launch profile. The only valid + version is "2021-03-31".

+ Name: + type: string + maxLength: 64 + minLength: 1 + description:

The name for the launch profile.

+ StreamConfiguration: + $ref: '#/components/schemas/StreamConfiguration' + StudioComponentIds: + type: array + items: + type: string + maxItems: 100 + minItems: 1 + description: |- +

Unique identifiers for a collection of studio components that can be used with this + launch profile.

+ StudioId: + type: string + description:

The studio ID.

+ Tags: + $ref: '#/components/schemas/Tags' + required: + - StudioId + - Name + - StudioComponentIds + - Ec2SubnetIds + - StreamConfiguration + - LaunchProfileProtocolVersions + x-stackql-resource-name: launch_profile + x-stackql-primaryIdentifier: + - LaunchProfileId + - StudioId + x-create-only-properties: + - Ec2SubnetIds + - StudioId + - Tags + x-read-only-properties: + - LaunchProfileId + x-required-permissions: + create: + - nimble:CreateLaunchProfile + - nimble:GetLaunchProfile + - nimble:TagResource + - ec2:CreateNetworkInterface + - ec2:CreateNetworkInterfacePermission + - ec2:RunInstances + - ec2:DescribeSubnets + read: + - nimble:GetLaunchProfile + update: + - nimble:UpdateLaunchProfile + - nimble:GetLaunchProfile + - ec2:CreateNetworkInterface + - ec2:CreateNetworkInterfacePermission + - ec2:DescribeSubnets + - ec2:RunInstances + delete: + - nimble:DeleteLaunchProfile + - nimble:GetLaunchProfile + - nimble:UntagResource + list: + - nimble:ListLaunchProfiles + StreamingImageEncryptionConfiguration: + type: object + description:

TODO

+ properties: + KeyType: + $ref: '#/components/schemas/StreamingImageEncryptionConfigurationKeyType' + KeyArn: + type: string + minLength: 4 + pattern: ^arn:.* + description:

The ARN for a KMS key that is used to encrypt studio data.

+ required: + - KeyType + additionalProperties: false + StreamingImageEncryptionConfigurationKeyType: + type: string + description:

+ enum: + - CUSTOMER_MANAGED_KEY + StreamingImage: + type: object + properties: + Description: + type: string + maxLength: 256 + minLength: 0 + description:

A human-readable description of the streaming image.

+ Ec2ImageId: + type: string + pattern: ^ami-[0-9A-z]+$ + description:

The ID of an EC2 machine image with which to create this streaming image.

+ EncryptionConfiguration: + $ref: '#/components/schemas/StreamingImageEncryptionConfiguration' + EulaIds: + type: array + items: + type: string + description:

The list of EULAs that must be accepted before a Streaming Session can be started using this streaming image.

+ Name: + type: string + maxLength: 64 + minLength: 0 + description:

A friendly name for a streaming image resource.

+ Owner: + type: string + description:

The owner of the streaming image, either the studioId that contains the streaming image, or 'amazon' for images that are provided by Amazon Nimble Studio.

+ Platform: + type: string + pattern: ^[a-zA-Z]*$ + description:

The platform of the streaming image, either WINDOWS or LINUX.

+ StreamingImageId: + type: string + StudioId: + type: string + description:

The studioId.

+ Tags: + $ref: '#/components/schemas/Tags' + required: + - StudioId + - Ec2ImageId + - Name + x-stackql-resource-name: streaming_image + x-stackql-primaryIdentifier: + - StudioId + - StreamingImageId + x-create-only-properties: + - Ec2ImageId + - StudioId + - Tags + x-read-only-properties: + - EncryptionConfiguration + - EulaIds + - Owner + - Platform + - StreamingImageId + x-required-permissions: + create: + - nimble:CreateStreamingImage + - nimble:GetStreamingImage + - nimble:TagResource + - ec2:DescribeImages + - ec2:DescribeSnapshots + - ec2:ModifyInstanceAttribute + - ec2:ModifySnapshotAttribute + - ec2:ModifyImageAttribute + - ec2:RegisterImage + - kms:Encrypt + - kms:Decrypt + - kms:CreateGrant + - kms:ListGrants + - kms:GenerateDataKey + read: + - nimble:GetStreamingImage + update: + - nimble:UpdateStreamingImage + - nimble:GetStreamingImage + - kms:Encrypt + - kms:Decrypt + - kms:CreateGrant + - kms:ListGrants + - kms:GenerateDataKey + delete: + - nimble:DeleteStreamingImage + - nimble:GetStreamingImage + - nimble:UntagResource + - ec2:ModifyInstanceAttribute + - ec2:ModifySnapshotAttribute + - ec2:DeregisterImage + - ec2:DeleteSnapshot + - kms:ListGrants + - kms:RetireGrant + list: + - nimble:ListStreamingImages + StudioEncryptionConfiguration: + type: object + description:

Configuration of the encryption method that is used for the studio.

+ properties: + KeyType: + $ref: '#/components/schemas/StudioEncryptionConfigurationKeyType' + KeyArn: + type: string + minLength: 4 + pattern: ^arn:.* + description:

The ARN for a KMS key that is used to encrypt studio data.

+ required: + - KeyType + additionalProperties: false + StudioEncryptionConfigurationKeyType: + type: string + description:

The type of KMS key that is used to encrypt studio data.

+ enum: + - AWS_OWNED_KEY + - CUSTOMER_MANAGED_KEY + Studio: + type: object + properties: + AdminRoleArn: + type: string + description:

The IAM role that Studio Admins will assume when logging in to the Nimble Studio portal.

+ DisplayName: + type: string + maxLength: 64 + minLength: 0 + description:

A friendly name for the studio.

+ HomeRegion: + type: string + maxLength: 50 + minLength: 0 + pattern: '[a-z]{2}-?(iso|gov)?-{1}[a-z]*-{1}[0-9]' + description:

The Amazon Web Services Region where the studio resource is located.

+ SsoClientId: + type: string + description:

The Amazon Web Services SSO application client ID used to integrate with Amazon Web Services SSO to enable Amazon Web Services SSO users to log in to Nimble Studio portal.

+ StudioEncryptionConfiguration: + $ref: '#/components/schemas/StudioEncryptionConfiguration' + StudioId: + type: string + StudioName: + type: string + maxLength: 64 + minLength: 3 + pattern: ^[a-z0-9]*$ + description:

The studio name that is used in the URL of the Nimble Studio portal when accessed by Nimble Studio users.

+ StudioUrl: + type: string + description:

The address of the web page for the studio.

+ Tags: + $ref: '#/components/schemas/Tags' + UserRoleArn: + type: string + description:

The IAM role that Studio Users will assume when logging in to the Nimble Studio portal.

+ required: + - DisplayName + - UserRoleArn + - AdminRoleArn + - StudioName + x-stackql-resource-name: studio + x-stackql-primaryIdentifier: + - StudioId + x-create-only-properties: + - StudioName + - Tags + x-read-only-properties: + - HomeRegion + - SsoClientId + - StudioId + - StudioUrl + x-required-permissions: + create: + - iam:PassRole + - nimble:CreateStudio + - nimble:GetStudio + - nimble:TagResource + - sso:CreateManagedApplicationInstance + - kms:Encrypt + - kms:Decrypt + - kms:CreateGrant + - kms:ListGrants + - kms:GenerateDataKey + read: + - nimble:GetStudio + - kms:Encrypt + - kms:Decrypt + - kms:ListGrants + - kms:GenerateDataKey + update: + - iam:PassRole + - nimble:UpdateStudio + - nimble:GetStudio + - kms:Encrypt + - kms:Decrypt + - kms:CreateGrant + - kms:ListGrants + - kms:GenerateDataKey + delete: + - nimble:DeleteStudio + - nimble:GetStudio + - nimble:UntagResource + - kms:Encrypt + - kms:Decrypt + - kms:ListGrants + - kms:RetireGrant + - kms:GenerateDataKey + - sso:DeleteManagedApplicationInstance + - sso:GetManagedApplicationInstance + list: + - nimble:ListStudios + ActiveDirectoryComputerAttribute: + type: object + description: |- +

An LDAP attribute of an Active Directory computer account, in the form of a name:value + pair.

+ properties: + Name: + type: string + maxLength: 40 + minLength: 1 + description:

The name for the LDAP attribute.

+ Value: + type: string + maxLength: 64 + minLength: 1 + description:

The value for the LDAP attribute.

+ additionalProperties: false + ActiveDirectoryConfiguration: + type: object + description: |- +

The configuration for a Microsoft Active Directory (Microsoft AD) studio + resource.

+ properties: + ComputerAttributes: + type: array + items: + $ref: '#/components/schemas/ActiveDirectoryComputerAttribute' + maxItems: 50 + minItems: 0 + description:

A collection of custom attributes for an Active Directory computer.

+ DirectoryId: + type: string + description: |- +

The directory ID of the Directory Service for Microsoft Active Directory to access + using this studio component.

+ OrganizationalUnitDistinguishedName: + type: string + maxLength: 2000 + minLength: 1 + description: |- +

The distinguished name (DN) and organizational unit (OU) of an Active Directory + computer.

+ additionalProperties: false + ComputeFarmConfiguration: + type: object + description:

The configuration for a render farm that is associated with a studio resource.

+ properties: + ActiveDirectoryUser: + type: string + description: |- +

The name of an Active Directory user that is used on ComputeFarm worker + instances.

+ Endpoint: + type: string + description: |- +

The endpoint of the ComputeFarm that is accessed by the studio component + resource.

+ additionalProperties: false + LaunchProfilePlatform: + type: string + enum: + - LINUX + - WINDOWS + LicenseServiceConfiguration: + type: object + description: |- +

The configuration for a license service that is associated with a studio + resource.

+ properties: + Endpoint: + type: string + description: |- +

The endpoint of the license service that is accessed by the studio component + resource.

+ additionalProperties: false + ScriptParameterKeyValue: + type: object + description:

A parameter for a studio component script, in the form of a key:value pair.

+ properties: + Key: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[a-zA-Z_][a-zA-Z0-9_]+$ + description:

A script parameter key.

+ Value: + type: string + maxLength: 256 + minLength: 1 + description:

A script parameter value.

+ additionalProperties: false + SharedFileSystemConfiguration: + type: object + description: |- +

The configuration for a shared file storage system that is associated with a studio + resource.

+ properties: + Endpoint: + type: string + description: |- +

The endpoint of the shared file system that is accessed by the studio component + resource.

+ FileSystemId: + type: string + description:

The unique identifier for a file system.

+ LinuxMountPoint: + type: string + maxLength: 128 + minLength: 0 + pattern: ^(/?|(\$HOME)?(/[^/\n\s\\]+)*)$ + description:

The mount location for a shared file system on a Linux virtual workstation.

+ ShareName: + type: string + description:

The name of the file share.

+ WindowsMountDrive: + type: string + pattern: ^[A-Z]$ + description:

The mount location for a shared file system on a Windows virtual workstation.

+ additionalProperties: false + StudioComponentConfiguration: + description:

The configuration of the studio component, based on component type.

+ oneOf: + - type: object + title: ActiveDirectoryConfiguration + properties: + ActiveDirectoryConfiguration: + $ref: '#/components/schemas/ActiveDirectoryConfiguration' + required: + - ActiveDirectoryConfiguration + additionalProperties: false + - type: object + title: ComputeFarmConfiguration + properties: + ComputeFarmConfiguration: + $ref: '#/components/schemas/ComputeFarmConfiguration' + required: + - ComputeFarmConfiguration + additionalProperties: false + - type: object + title: LicenseServiceConfiguration + properties: + LicenseServiceConfiguration: + $ref: '#/components/schemas/LicenseServiceConfiguration' + required: + - LicenseServiceConfiguration + additionalProperties: false + - type: object + title: SharedFileSystemConfiguration + properties: + SharedFileSystemConfiguration: + $ref: '#/components/schemas/SharedFileSystemConfiguration' + required: + - SharedFileSystemConfiguration + additionalProperties: false + StudioComponentInitializationScript: + type: object + description:

Initialization scripts for studio components.

+ properties: + LaunchProfileProtocolVersion: + type: string + maxLength: 10 + minLength: 0 + pattern: ^2021\-03\-31$ + description: |- +

The version number of the protocol that is used by the launch profile. The only valid + version is "2021-03-31".

+ Platform: + $ref: '#/components/schemas/LaunchProfilePlatform' + RunContext: + $ref: '#/components/schemas/StudioComponentInitializationScriptRunContext' + Script: + type: string + maxLength: 5120 + minLength: 1 + description:

The initialization script.

+ additionalProperties: false + StudioComponentInitializationScriptRunContext: + type: string + enum: + - SYSTEM_INITIALIZATION + - USER_INITIALIZATION + StudioComponentSubtype: + type: string + enum: + - AWS_MANAGED_MICROSOFT_AD + - AMAZON_FSX_FOR_WINDOWS + - AMAZON_FSX_FOR_LUSTRE + - CUSTOM + StudioComponentType: + type: string + enum: + - ACTIVE_DIRECTORY + - SHARED_FILE_SYSTEM + - COMPUTE_FARM + - LICENSE_SERVICE + - CUSTOM + StudioComponent: + type: object + properties: + Configuration: + $ref: '#/components/schemas/StudioComponentConfiguration' + Description: + type: string + maxLength: 256 + minLength: 0 + description:

The description.

+ Ec2SecurityGroupIds: + type: array + items: + type: string + maxItems: 30 + minItems: 0 + description:

The EC2 security groups that control access to the studio component.

+ InitializationScripts: + type: array + items: + $ref: '#/components/schemas/StudioComponentInitializationScript' + description:

Initialization scripts for studio components.

+ Name: + type: string + maxLength: 64 + minLength: 0 + description:

The name for the studio component.

+ RuntimeRoleArn: + type: string + maxLength: 2048 + minLength: 0 + ScriptParameters: + type: array + items: + $ref: '#/components/schemas/ScriptParameterKeyValue' + maxItems: 30 + minItems: 0 + description:

Parameters for the studio component scripts.

+ SecureInitializationRoleArn: + type: string + maxLength: 2048 + minLength: 0 + StudioComponentId: + type: string + StudioId: + type: string + description:

The studio ID.

+ Subtype: + $ref: '#/components/schemas/StudioComponentSubtype' + Tags: + $ref: '#/components/schemas/Tags' + Type: + $ref: '#/components/schemas/StudioComponentType' + required: + - StudioId + - Name + - Type + x-stackql-resource-name: studio_component + x-stackql-primaryIdentifier: + - StudioComponentId + - StudioId + x-create-only-properties: + - StudioId + - Subtype + - Tags + x-read-only-properties: + - StudioComponentId + x-required-permissions: + create: + - iam:PassRole + - nimble:CreateStudioComponent + - nimble:GetStudioComponent + - nimble:TagResource + - ds:AuthorizeApplication + - ec2:DescribeSecurityGroups + - fsx:DescribeFilesystems + - ds:DescribeDirectories + read: + - nimble:GetStudioComponent + update: + - iam:PassRole + - nimble:UpdateStudioComponent + - nimble:GetStudioComponent + - ds:AuthorizeApplication + - ec2:DescribeSecurityGroups + - fsx:DescribeFilesystems + - ds:DescribeDirectories + delete: + - nimble:DeleteStudioComponent + - nimble:GetStudioComponent + - nimble:UntagResource + - ds:UnauthorizeApplication + list: + - nimble:ListStudioComponents + x-stackQL-resources: + launch_profiles: + name: launch_profiles + id: awscc.nimblestudio.launch_profiles + x-cfn-schema-name: LaunchProfile + x-type: list + x-identifiers: + - LaunchProfileId + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LaunchProfileId') as launch_profile_id, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::LaunchProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LaunchProfileId') as launch_profile_id, + json_extract_path_text(Properties, 'StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::LaunchProfile' + AND region = 'us-east-1' + launch_profile: + name: launch_profile + id: awscc.nimblestudio.launch_profile + x-cfn-schema-name: LaunchProfile + x-type: get + x-identifiers: + - LaunchProfileId + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Ec2SubnetIds') as ec2_subnet_ids, + JSON_EXTRACT(Properties, '$.LaunchProfileId') as launch_profile_id, + JSON_EXTRACT(Properties, '$.LaunchProfileProtocolVersions') as launch_profile_protocol_versions, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.StreamConfiguration') as stream_configuration, + JSON_EXTRACT(Properties, '$.StudioComponentIds') as studio_component_ids, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::LaunchProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Ec2SubnetIds') as ec2_subnet_ids, + json_extract_path_text(Properties, 'LaunchProfileId') as launch_profile_id, + json_extract_path_text(Properties, 'LaunchProfileProtocolVersions') as launch_profile_protocol_versions, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'StreamConfiguration') as stream_configuration, + json_extract_path_text(Properties, 'StudioComponentIds') as studio_component_ids, + json_extract_path_text(Properties, 'StudioId') as studio_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::LaunchProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + streaming_images: + name: streaming_images + id: awscc.nimblestudio.streaming_images + x-cfn-schema-name: StreamingImage + x-type: list + x-identifiers: + - StudioId + - StreamingImageId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id, + JSON_EXTRACT(Properties, '$.StreamingImageId') as streaming_image_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::StreamingImage' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StudioId') as studio_id, + json_extract_path_text(Properties, 'StreamingImageId') as streaming_image_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::StreamingImage' + AND region = 'us-east-1' + streaming_image: + name: streaming_image + id: awscc.nimblestudio.streaming_image + x-cfn-schema-name: StreamingImage + x-type: get + x-identifiers: + - StudioId + - StreamingImageId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Ec2ImageId') as ec2_image_id, + JSON_EXTRACT(Properties, '$.EncryptionConfiguration') as encryption_configuration, + JSON_EXTRACT(Properties, '$.EulaIds') as eula_ids, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Owner') as owner, + JSON_EXTRACT(Properties, '$.Platform') as platform, + JSON_EXTRACT(Properties, '$.StreamingImageId') as streaming_image_id, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::StreamingImage' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Ec2ImageId') as ec2_image_id, + json_extract_path_text(Properties, 'EncryptionConfiguration') as encryption_configuration, + json_extract_path_text(Properties, 'EulaIds') as eula_ids, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Owner') as owner, + json_extract_path_text(Properties, 'Platform') as platform, + json_extract_path_text(Properties, 'StreamingImageId') as streaming_image_id, + json_extract_path_text(Properties, 'StudioId') as studio_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::StreamingImage' + AND data__Identifier = '' + AND region = 'us-east-1' + studios: + name: studios + id: awscc.nimblestudio.studios + x-cfn-schema-name: Studio + x-type: list + x-identifiers: + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::Studio' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::Studio' + AND region = 'us-east-1' + studio: + name: studio + id: awscc.nimblestudio.studio + x-cfn-schema-name: Studio + x-type: get + x-identifiers: + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdminRoleArn') as admin_role_arn, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.HomeRegion') as home_region, + JSON_EXTRACT(Properties, '$.SsoClientId') as sso_client_id, + JSON_EXTRACT(Properties, '$.StudioEncryptionConfiguration') as studio_encryption_configuration, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id, + JSON_EXTRACT(Properties, '$.StudioName') as studio_name, + JSON_EXTRACT(Properties, '$.StudioUrl') as studio_url, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UserRoleArn') as user_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::Studio' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdminRoleArn') as admin_role_arn, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'HomeRegion') as home_region, + json_extract_path_text(Properties, 'SsoClientId') as sso_client_id, + json_extract_path_text(Properties, 'StudioEncryptionConfiguration') as studio_encryption_configuration, + json_extract_path_text(Properties, 'StudioId') as studio_id, + json_extract_path_text(Properties, 'StudioName') as studio_name, + json_extract_path_text(Properties, 'StudioUrl') as studio_url, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UserRoleArn') as user_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::Studio' + AND data__Identifier = '' + AND region = 'us-east-1' + studio_components: + name: studio_components + id: awscc.nimblestudio.studio_components + x-cfn-schema-name: StudioComponent + x-type: list + x-identifiers: + - StudioComponentId + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StudioComponentId') as studio_component_id, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::StudioComponent' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StudioComponentId') as studio_component_id, + json_extract_path_text(Properties, 'StudioId') as studio_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::NimbleStudio::StudioComponent' + AND region = 'us-east-1' + studio_component: + name: studio_component + id: awscc.nimblestudio.studio_component + x-cfn-schema-name: StudioComponent + x-type: get + x-identifiers: + - StudioComponentId + - StudioId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Ec2SecurityGroupIds') as ec2_security_group_ids, + JSON_EXTRACT(Properties, '$.InitializationScripts') as initialization_scripts, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RuntimeRoleArn') as runtime_role_arn, + JSON_EXTRACT(Properties, '$.ScriptParameters') as script_parameters, + JSON_EXTRACT(Properties, '$.SecureInitializationRoleArn') as secure_initialization_role_arn, + JSON_EXTRACT(Properties, '$.StudioComponentId') as studio_component_id, + JSON_EXTRACT(Properties, '$.StudioId') as studio_id, + JSON_EXTRACT(Properties, '$.Subtype') as subtype, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::StudioComponent' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Ec2SecurityGroupIds') as ec2_security_group_ids, + json_extract_path_text(Properties, 'InitializationScripts') as initialization_scripts, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RuntimeRoleArn') as runtime_role_arn, + json_extract_path_text(Properties, 'ScriptParameters') as script_parameters, + json_extract_path_text(Properties, 'SecureInitializationRoleArn') as secure_initialization_role_arn, + json_extract_path_text(Properties, 'StudioComponentId') as studio_component_id, + json_extract_path_text(Properties, 'StudioId') as studio_id, + json_extract_path_text(Properties, 'Subtype') as subtype, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::NimbleStudio::StudioComponent' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/oam.yaml b/providers/src/awscc/v00.00.00000/services/oam.yaml new file mode 100644 index 00000000..b188ba5f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/oam.yaml @@ -0,0 +1,263 @@ +openapi: 3.0.0 +info: + title: Oam + version: 1.0.0 +paths: {} +components: + schemas: + ResourceType: + type: string + enum: + - AWS::CloudWatch::Metric + - AWS::Logs::LogGroup + - AWS::XRay::Trace + - AWS::ApplicationInsights::Application + Link: + type: object + properties: + Arn: + type: string + maxLength: 2048 + Label: + type: string + LabelTemplate: + type: string + maxLength: 64 + minLength: 1 + ResourceTypes: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ResourceType' + maxItems: 50 + minItems: 1 + uniqueItems: true + SinkIdentifier: + type: string + maxLength: 2048 + minLength: 1 + Tags: + description: Tags to apply to the link + type: object + additionalProperties: false + x-patternProperties: + ^(?!aws:.*)[a-zA-Z0-9\s\_\.\/\=\+\-]{1,128}$: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + pattern: ^(?!aws:.*)[a-zA-Z0-9\s\_\.\/\=\+\-]{0,256}$ + minLength: 0 + maxLength: 256 + required: + - ResourceTypes + - SinkIdentifier + x-stackql-resource-name: link + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - SinkIdentifier + - LabelTemplate + x-read-only-properties: + - Arn + - Label + x-required-permissions: + create: + - oam:CreateLink + - oam:GetLink + - cloudwatch:Link + - logs:Link + - xray:Link + - applicationinsights:Link + read: + - oam:GetLink + update: + - oam:GetLink + - oam:UpdateLink + - cloudwatch:Link + - logs:Link + - xray:Link + - applicationinsights:Link + - oam:TagResource + - oam:UntagResource + delete: + - oam:DeleteLink + - oam:GetLink + list: + - oam:ListLinks + Sink: + type: object + properties: + Arn: + description: The Amazon resource name (ARN) of the ObservabilityAccessManager Sink + type: string + maxLength: 2048 + Name: + description: The name of the ObservabilityAccessManager Sink. + type: string + minLength: 1 + maxLength: 255 + pattern: ^[a-zA-Z0-9_.-]+$ + Policy: + description: The policy of this ObservabilityAccessManager Sink. + type: object + Tags: + description: Tags to apply to the sink + type: object + additionalProperties: false + x-patternProperties: + ^(?!aws:.*)[a-zA-Z0-9\s\_\.\/\=\+\-]{1,128}$: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + pattern: ^(?!aws:.*)[a-zA-Z0-9\s\_\.\/\=\+\-]{0,256}$ + minLength: 0 + maxLength: 256 + required: + - Name + x-stackql-resource-name: sink + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - oam:CreateSink + - oam:PutSinkPolicy + - oam:GetSinkPolicy + - oam:GetSink + delete: + - oam:DeleteSink + - oam:GetSinkPolicy + - oam:GetSink + list: + - oam:ListSinks + read: + - oam:GetSinkPolicy + - oam:GetSink + update: + - oam:PutSinkPolicy + - oam:GetSinkPolicy + - oam:GetSink + - oam:TagResource + - oam:UntagResource + x-stackQL-resources: + links: + name: links + id: awscc.oam.links + x-cfn-schema-name: Link + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Oam::Link' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Oam::Link' + AND region = 'us-east-1' + link: + name: link + id: awscc.oam.link + x-cfn-schema-name: Link + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Label') as label, + JSON_EXTRACT(Properties, '$.LabelTemplate') as label_template, + JSON_EXTRACT(Properties, '$.ResourceTypes') as resource_types, + JSON_EXTRACT(Properties, '$.SinkIdentifier') as sink_identifier, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Oam::Link' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Label') as label, + json_extract_path_text(Properties, 'LabelTemplate') as label_template, + json_extract_path_text(Properties, 'ResourceTypes') as resource_types, + json_extract_path_text(Properties, 'SinkIdentifier') as sink_identifier, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Oam::Link' + AND data__Identifier = '' + AND region = 'us-east-1' + sinks: + name: sinks + id: awscc.oam.sinks + x-cfn-schema-name: Sink + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Oam::Sink' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Oam::Sink' + AND region = 'us-east-1' + sink: + name: sink + id: awscc.oam.sink + x-cfn-schema-name: Sink + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Oam::Sink' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Oam::Sink' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/omics.yaml b/providers/src/awscc/v00.00.00000/services/omics.yaml new file mode 100644 index 00000000..dc982a47 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/omics.yaml @@ -0,0 +1,1070 @@ +openapi: 3.0.0 +info: + title: Omics + version: 1.0.0 +paths: {} +components: + schemas: + AnnotationType: + type: string + enum: + - GENERIC + - CHR_POS + - CHR_POS_REF_ALT + - CHR_START_END_ONE_BASE + - CHR_START_END_REF_ALT_ONE_BASE + - CHR_START_END_ZERO_BASE + - CHR_START_END_REF_ALT_ZERO_BASE + EncryptionType: + type: string + enum: + - KMS + FormatToHeader: + type: object + x-patternProperties: + .+: + type: string + maxLength: 1000 + minLength: 0 + additionalProperties: false + FormatToHeaderKey: + type: string + enum: + - CHR + - START + - END + - REF + - ALT + - POS + ReferenceItem: + type: object + properties: + ReferenceArn: + type: string + maxLength: 127 + minLength: 1 + pattern: ^arn:.+$ + required: + - ReferenceArn + additionalProperties: false + SchemaItem: + type: object + maxProperties: 1 + minProperties: 1 + x-patternProperties: + ^[a-z0-9_]{1,255}$: + $ref: '#/components/schemas/SchemaValueType' + additionalProperties: false + SchemaValueType: + type: string + enum: + - LONG + - INT + - STRING + - FLOAT + - DOUBLE + - BOOLEAN + SseConfig: + type: object + properties: + Type: + $ref: '#/components/schemas/EncryptionType' + KeyArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: |- + arn:([^: + ]*):([^: + ]*):([^: + ]*):([0-9]{12}):([^: + ]*) + required: + - Type + additionalProperties: false + StoreFormat: + type: string + enum: + - GFF + - TSV + - VCF + StoreOptions: + oneOf: + - type: object + title: TsvStoreOptions + properties: + TsvStoreOptions: + $ref: '#/components/schemas/TsvStoreOptions' + required: + - TsvStoreOptions + additionalProperties: false + StoreStatus: + type: string + enum: + - CREATING + - UPDATING + - DELETING + - ACTIVE + - FAILED + TagMap: + type: object + description: A map of resource tags + x-patternProperties: + .+: + type: string + maxLength: 256 + minLength: 0 + description: Resource tag value + additionalProperties: false + TsvStoreOptions: + type: object + properties: + AnnotationType: + $ref: '#/components/schemas/AnnotationType' + FormatToHeader: + $ref: '#/components/schemas/FormatToHeader' + Schema: + type: array + items: + $ref: '#/components/schemas/SchemaItem' + maxItems: 5000 + minItems: 1 + x-insertionOrder: false + additionalProperties: false + AnnotationStore: + type: object + properties: + CreationTime: + type: string + format: date-time + Description: + type: string + maxLength: 500 + minLength: 0 + Id: + type: string + pattern: ^[a-f0-9]{12}$ + Name: + type: string + pattern: ^([a-z]){1}([a-z0-9_]){2,254} + Reference: + $ref: '#/components/schemas/ReferenceItem' + SseConfig: + $ref: '#/components/schemas/SseConfig' + Status: + $ref: '#/components/schemas/StoreStatus' + StatusMessage: + type: string + maxLength: 1000 + minLength: 0 + StoreArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: |- + ^arn:([^: + ]*):([^: + ]*):([^: + ]*):([0-9]{12}):([^: + ]*)$ + StoreFormat: + $ref: '#/components/schemas/StoreFormat' + StoreOptions: + $ref: '#/components/schemas/StoreOptions' + StoreSizeBytes: + type: number + Tags: + $ref: '#/components/schemas/TagMap' + UpdateTime: + type: string + format: date-time + required: + - Name + - StoreFormat + x-stackql-resource-name: annotation_store + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Reference + - SseConfig + - StoreFormat + - StoreOptions + - Tags + x-read-only-properties: + - CreationTime + - Id + - Status + - StatusMessage + - StoreArn + - StoreSizeBytes + - UpdateTime + x-required-permissions: + create: + - omics:CreateAnnotationStore + - omics:TagResource + - kms:DescribeKey + - kms:GenerateDataKey + - kms:CreateGrant + - ram:AcceptResourceShareInvitation + - ram:GetResourceShareInvitations + - omics:GetAnnotationStore + read: + - omics:GetAnnotationStore + update: + - omics:UpdateAnnotationStore + - omics:TagResource + - omics:UntagResource + - omics:GetAnnotationStore + - omics:ListTagsForResource + delete: + - omics:DeleteAnnotationStore + - omics:ListAnnotationStores + list: + - omics:ListAnnotationStores + ReferenceStore: + type: object + properties: + Arn: + type: string + maxLength: 127 + minLength: 1 + pattern: ^arn:.+$ + description: The store's ARN. + CreationTime: + type: string + description: When the store was created. + format: date-time + Description: + type: string + maxLength: 255 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + description: A description for the store. + Name: + type: string + maxLength: 127 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + description: A name for the store. + ReferenceStoreId: + type: string + maxLength: 36 + minLength: 10 + pattern: ^[0-9]+$ + SseConfig: + $ref: '#/components/schemas/SseConfig' + Tags: + $ref: '#/components/schemas/TagMap' + required: + - Name + x-stackql-resource-name: reference_store + x-stackql-primaryIdentifier: + - ReferenceStoreId + x-create-only-properties: + - Description + - Name + - SseConfig + - Tags + x-read-only-properties: + - Arn + - CreationTime + - ReferenceStoreId + x-required-permissions: + create: + - omics:CreateReferenceStore + - omics:TagResource + read: + - omics:GetReferenceStore + - omics:ListTagsForResource + delete: + - omics:DeleteReferenceStore + list: + - omics:ListReferenceStores + RunGroup: + type: object + properties: + Arn: + type: string + maxLength: 128 + minLength: 1 + pattern: ^arn:.+$ + CreationTime: + type: string + format: date-time + Id: + type: string + maxLength: 18 + minLength: 1 + pattern: ^[0-9]+$ + MaxCpus: + type: number + maximum: 100000 + minimum: 1 + MaxGpus: + type: number + maximum: 100000 + minimum: 1 + MaxDuration: + type: number + maximum: 100000 + minimum: 1 + MaxRuns: + type: number + maximum: 100000 + minimum: 1 + Name: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + Tags: + $ref: '#/components/schemas/TagMap' + x-stackql-resource-name: run_group + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Arn + - CreationTime + - Id + x-required-permissions: + create: + - omics:CreateRunGroup + - omics:TagResource + read: + - omics:GetRunGroup + update: + - omics:UpdateRunGroup + - omics:TagResource + - omics:GetRunGroup + - omics:ListTagsForResource + - omics:UntagResource + delete: + - omics:DeleteRunGroup + - omics:GetRunGroup + list: + - omics:ListRunGroups + SequenceStore: + type: object + properties: + Arn: + type: string + maxLength: 127 + minLength: 1 + pattern: ^arn:.+$ + description: The store's ARN. + CreationTime: + type: string + description: When the store was created. + format: date-time + Description: + type: string + maxLength: 255 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + description: A description for the store. + Name: + type: string + maxLength: 127 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + description: A name for the store. + FallbackLocation: + type: string + minLength: 1 + pattern: ^s3:\/\/([a-z0-9][a-z0-9-.]{1,61}[a-z0-9])\/?((.{1,1024})\/)?$ + description: An S3 URI representing the bucket and folder to store failed read set uploads. + SequenceStoreId: + type: string + maxLength: 36 + minLength: 10 + pattern: ^[0-9]+$ + SseConfig: + $ref: '#/components/schemas/SseConfig' + Tags: + $ref: '#/components/schemas/TagMap' + required: + - Name + x-stackql-resource-name: sequence_store + x-stackql-primaryIdentifier: + - SequenceStoreId + x-create-only-properties: + - Description + - Name + - FallbackLocation + - SseConfig + - Tags + x-read-only-properties: + - Arn + - CreationTime + - SequenceStoreId + x-required-permissions: + create: + - omics:CreateSequenceStore + - omics:TagResource + read: + - omics:GetSequenceStore + - omics:ListTagsForResource + delete: + - omics:DeleteSequenceStore + list: + - omics:ListSequenceStores + VariantStore: + type: object + properties: + CreationTime: + type: string + format: date-time + Description: + type: string + maxLength: 500 + minLength: 0 + Id: + type: string + pattern: ^[a-f0-9]{12}$ + Name: + type: string + pattern: ^([a-z]){1}([a-z0-9_]){2,254} + Reference: + $ref: '#/components/schemas/ReferenceItem' + SseConfig: + $ref: '#/components/schemas/SseConfig' + Status: + $ref: '#/components/schemas/StoreStatus' + StatusMessage: + type: string + maxLength: 1000 + minLength: 0 + StoreArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: |- + ^arn:([^: + ]*):([^: + ]*):([^: + ]*):([0-9]{12}):([^: + ]*)$ + StoreSizeBytes: + type: number + Tags: + $ref: '#/components/schemas/TagMap' + UpdateTime: + type: string + format: date-time + required: + - Name + - Reference + x-stackql-resource-name: variant_store + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Reference + - SseConfig + - Tags + x-read-only-properties: + - CreationTime + - Id + - Status + - StatusMessage + - StoreArn + - StoreSizeBytes + - UpdateTime + x-required-permissions: + create: + - omics:CreateVariantStore + - omics:TagResource + - kms:DescribeKey + - kms:GenerateDataKey + - kms:CreateGrant + - ram:AcceptResourceShareInvitation + - ram:GetResourceShareInvitations + - omics:GetVariantStore + read: + - omics:GetVariantStore + update: + - omics:UpdateVariantStore + - omics:TagResource + - omics:UntagResource + - omics:ListTagsForResource + - omics:GetVariantStore + delete: + - omics:DeleteVariantStore + - omics:ListVariantStores + list: + - omics:ListVariantStores + WorkflowEngine: + type: string + maxLength: 64 + minLength: 1 + enum: + - WDL + - NEXTFLOW + - CWL + Accelerators: + type: string + maxLength: 64 + minLength: 1 + enum: + - GPU + WorkflowParameter: + type: object + properties: + Description: + type: string + maxLength: 256 + minLength: 0 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + Optional: + type: boolean + additionalProperties: false + WorkflowParameterTemplate: + type: object + maxProperties: 1000 + minProperties: 1 + x-patternProperties: + ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$: + $ref: '#/components/schemas/WorkflowParameter' + additionalProperties: false + WorkflowStatus: + type: string + maxLength: 64 + minLength: 1 + enum: + - CREATING + - ACTIVE + - UPDATING + - DELETED + - FAILED + WorkflowType: + type: string + maxLength: 64 + minLength: 1 + enum: + - PRIVATE + Workflow: + type: object + properties: + Arn: + type: string + maxLength: 128 + minLength: 1 + pattern: ^arn:.+$ + CreationTime: + type: string + format: date-time + DefinitionUri: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + Description: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + Engine: + $ref: '#/components/schemas/WorkflowEngine' + Id: + type: string + maxLength: 18 + minLength: 1 + pattern: ^[0-9]+$ + Main: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + Name: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[\p{L}||\p{M}||\p{Z}||\p{S}||\p{N}||\p{P}]+$ + ParameterTemplate: + $ref: '#/components/schemas/WorkflowParameterTemplate' + Status: + $ref: '#/components/schemas/WorkflowStatus' + Accelerators: + $ref: '#/components/schemas/Accelerators' + StorageCapacity: + type: number + maximum: 100000 + minimum: 0 + Tags: + $ref: '#/components/schemas/TagMap' + Type: + $ref: '#/components/schemas/WorkflowType' + x-stackql-resource-name: workflow + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - DefinitionUri + - Engine + - Main + - ParameterTemplate + - StorageCapacity + - Accelerators + x-read-only-properties: + - Arn + - CreationTime + - Id + - Status + - Type + x-required-permissions: + create: + - omics:CreateWorkflow + - omics:GetWorkflow + - omics:TagResource + - s3:PutObject + - s3:GetObject + - s3:GetObjectAttributes + - s3:HeadObject + - s3:GetEncryptionConfiguration + - kms:Decrypt + - kms:GenerateDataKey + - kms:GenerateDataKeyPair + - kms:GenerateDataKeyPairWithoutPlaintext + - kms:GenerateDataKeyWithoutPlaintext + read: + - omics:GetWorkflow + update: + - omics:UpdateWorkflow + - omics:GetWorkflow + - omics:TagResource + - omics:ListTagsForResource + - omics:UntagResource + delete: + - omics:DeleteWorkflow + - omics:GetWorkflow + list: + - omics:ListWorkflows + x-stackQL-resources: + annotation_stores: + name: annotation_stores + id: awscc.omics.annotation_stores + x-cfn-schema-name: AnnotationStore + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::AnnotationStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::AnnotationStore' + AND region = 'us-east-1' + annotation_store: + name: annotation_store + id: awscc.omics.annotation_store + x-cfn-schema-name: AnnotationStore + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Reference') as reference, + JSON_EXTRACT(Properties, '$.SseConfig') as sse_config, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusMessage') as status_message, + JSON_EXTRACT(Properties, '$.StoreArn') as store_arn, + JSON_EXTRACT(Properties, '$.StoreFormat') as store_format, + JSON_EXTRACT(Properties, '$.StoreOptions') as store_options, + JSON_EXTRACT(Properties, '$.StoreSizeBytes') as store_size_bytes, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::AnnotationStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Reference') as reference, + json_extract_path_text(Properties, 'SseConfig') as sse_config, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusMessage') as status_message, + json_extract_path_text(Properties, 'StoreArn') as store_arn, + json_extract_path_text(Properties, 'StoreFormat') as store_format, + json_extract_path_text(Properties, 'StoreOptions') as store_options, + json_extract_path_text(Properties, 'StoreSizeBytes') as store_size_bytes, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UpdateTime') as update_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::AnnotationStore' + AND data__Identifier = '' + AND region = 'us-east-1' + reference_stores: + name: reference_stores + id: awscc.omics.reference_stores + x-cfn-schema-name: ReferenceStore + x-type: list + x-identifiers: + - ReferenceStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReferenceStoreId') as reference_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::ReferenceStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReferenceStoreId') as reference_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::ReferenceStore' + AND region = 'us-east-1' + reference_store: + name: reference_store + id: awscc.omics.reference_store + x-cfn-schema-name: ReferenceStore + x-type: get + x-identifiers: + - ReferenceStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ReferenceStoreId') as reference_store_id, + JSON_EXTRACT(Properties, '$.SseConfig') as sse_config, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::ReferenceStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ReferenceStoreId') as reference_store_id, + json_extract_path_text(Properties, 'SseConfig') as sse_config, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::ReferenceStore' + AND data__Identifier = '' + AND region = 'us-east-1' + run_groups: + name: run_groups + id: awscc.omics.run_groups + x-cfn-schema-name: RunGroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::RunGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::RunGroup' + AND region = 'us-east-1' + run_group: + name: run_group + id: awscc.omics.run_group + x-cfn-schema-name: RunGroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.MaxCpus') as max_cpus, + JSON_EXTRACT(Properties, '$.MaxGpus') as max_gpus, + JSON_EXTRACT(Properties, '$.MaxDuration') as max_duration, + JSON_EXTRACT(Properties, '$.MaxRuns') as max_runs, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::RunGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'MaxCpus') as max_cpus, + json_extract_path_text(Properties, 'MaxGpus') as max_gpus, + json_extract_path_text(Properties, 'MaxDuration') as max_duration, + json_extract_path_text(Properties, 'MaxRuns') as max_runs, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::RunGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + sequence_stores: + name: sequence_stores + id: awscc.omics.sequence_stores + x-cfn-schema-name: SequenceStore + x-type: list + x-identifiers: + - SequenceStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SequenceStoreId') as sequence_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::SequenceStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SequenceStoreId') as sequence_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::SequenceStore' + AND region = 'us-east-1' + sequence_store: + name: sequence_store + id: awscc.omics.sequence_store + x-cfn-schema-name: SequenceStore + x-type: get + x-identifiers: + - SequenceStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.FallbackLocation') as fallback_location, + JSON_EXTRACT(Properties, '$.SequenceStoreId') as sequence_store_id, + JSON_EXTRACT(Properties, '$.SseConfig') as sse_config, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::SequenceStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'FallbackLocation') as fallback_location, + json_extract_path_text(Properties, 'SequenceStoreId') as sequence_store_id, + json_extract_path_text(Properties, 'SseConfig') as sse_config, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::SequenceStore' + AND data__Identifier = '' + AND region = 'us-east-1' + variant_stores: + name: variant_stores + id: awscc.omics.variant_stores + x-cfn-schema-name: VariantStore + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::VariantStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::VariantStore' + AND region = 'us-east-1' + variant_store: + name: variant_store + id: awscc.omics.variant_store + x-cfn-schema-name: VariantStore + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Reference') as reference, + JSON_EXTRACT(Properties, '$.SseConfig') as sse_config, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusMessage') as status_message, + JSON_EXTRACT(Properties, '$.StoreArn') as store_arn, + JSON_EXTRACT(Properties, '$.StoreSizeBytes') as store_size_bytes, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UpdateTime') as update_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::VariantStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Reference') as reference, + json_extract_path_text(Properties, 'SseConfig') as sse_config, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusMessage') as status_message, + json_extract_path_text(Properties, 'StoreArn') as store_arn, + json_extract_path_text(Properties, 'StoreSizeBytes') as store_size_bytes, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UpdateTime') as update_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::VariantStore' + AND data__Identifier = '' + AND region = 'us-east-1' + workflows: + name: workflows + id: awscc.omics.workflows + x-cfn-schema-name: Workflow + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::Workflow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Omics::Workflow' + AND region = 'us-east-1' + workflow: + name: workflow + id: awscc.omics.workflow + x-cfn-schema-name: Workflow + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.DefinitionUri') as definition_uri, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Main') as main, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ParameterTemplate') as parameter_template, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Accelerators') as accelerators, + JSON_EXTRACT(Properties, '$.StorageCapacity') as storage_capacity, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::Workflow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'DefinitionUri') as definition_uri, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Main') as main, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ParameterTemplate') as parameter_template, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Accelerators') as accelerators, + json_extract_path_text(Properties, 'StorageCapacity') as storage_capacity, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Omics::Workflow' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/opensearchserverless.yaml b/providers/src/awscc/v00.00.00000/services/opensearchserverless.yaml new file mode 100644 index 00000000..7ce941d7 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/opensearchserverless.yaml @@ -0,0 +1,842 @@ +openapi: 3.0.0 +info: + title: OpenSearchServerless + version: 1.0.0 +paths: {} +components: + schemas: + AccessPolicyType: + type: string + description: The possible types for the access policy + enum: + - data + AccessPolicy: + type: object + properties: + Name: + type: string + maxLength: 32 + minLength: 3 + pattern: ^[a-z][a-z0-9-]{2,31}$ + description: The name of the policy + Type: + $ref: '#/components/schemas/AccessPolicyType' + Description: + type: string + maxLength: 1000 + minLength: 1 + description: The description of the policy + Policy: + type: string + minLength: 1 + maxLength: 20480 + pattern: '[\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]+' + description: The JSON policy document that is the content for the policy + required: + - Type + - Name + - Policy + x-stackql-resource-name: access_policy + x-stackql-primaryIdentifier: + - Type + - Name + x-create-only-properties: + - Type + - Name + x-required-permissions: + create: + - aoss:CreateAccessPolicy + - aoss:GetAccessPolicy + read: + - aoss:GetAccessPolicy + update: + - aoss:UpdateAccessPolicy + - aoss:GetAccessPolicy + delete: + - aoss:DeleteAccessPolicy + - aoss:GetAccessPolicy + list: + - aoss:ListAccessPolicies + Tag: + type: object + description: A key-value pair metadata associated with resource + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + description: The key in the key-value pair + Value: + type: string + maxLength: 256 + minLength: 0 + description: The value in the key-value pair + required: + - Key + - Value + additionalProperties: false + CollectionType: + type: string + description: The possible types for the collection + enum: + - SEARCH + - TIMESERIES + - VECTORSEARCH + StandbyReplicas: + type: string + description: The possible standby replicas for the collection + enum: + - ENABLED + - DISABLED + Collection: + type: object + properties: + Description: + type: string + maxLength: 1000 + description: The description of the collection + Id: + type: string + maxLength: 40 + minLength: 3 + description: The identifier of the collection + Name: + type: string + maxLength: 32 + minLength: 3 + pattern: ^[a-z][a-z0-9-]{2,31}$ + description: | + The name of the collection. + + The name must meet the following criteria: + Unique to your account and AWS Region + Starts with a lowercase letter + Contains only lowercase letters a-z, the numbers 0-9 and the hyphen (-) + Contains between 3 and 32 characters + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + minItems: 0 + x-insertionOrder: false + description: List of tags to be added to the resource + Arn: + description: The Amazon Resource Name (ARN) of the collection. + type: string + CollectionEndpoint: + description: The endpoint for the collection. + type: string + DashboardEndpoint: + description: The OpenSearch Dashboards endpoint for the collection. + type: string + Type: + $ref: '#/components/schemas/CollectionType' + StandbyReplicas: + $ref: '#/components/schemas/StandbyReplicas' + required: + - Name + x-stackql-resource-name: collection + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + - Tags + - Type + x-read-only-properties: + - Id + - Arn + - CollectionEndpoint + - DashboardEndpoint + x-required-permissions: + create: + - aoss:CreateCollection + - aoss:BatchGetCollection + - iam:CreateServiceLinkedRole + delete: + - aoss:DeleteCollection + - aoss:BatchGetCollection + list: + - aoss:ListCollections + read: + - aoss:BatchGetCollection + update: + - aoss:UpdateCollection + - aoss:BatchGetCollection + LifecyclePolicyType: + type: string + description: The type of lifecycle policy + enum: + - retention + LifecyclePolicy: + type: object + properties: + Name: + type: string + maxLength: 32 + minLength: 3 + pattern: ^[a-z][a-z0-9-]+$ + description: The name of the policy + Type: + $ref: '#/components/schemas/LifecyclePolicyType' + Description: + type: string + maxLength: 1000 + minLength: 0 + description: The description of the policy + Policy: + type: string + minLength: 1 + maxLength: 20480 + pattern: '[\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]+' + description: The JSON policy document that is the content for the policy + required: + - Type + - Name + - Policy + x-stackql-resource-name: lifecycle_policy + x-stackql-primaryIdentifier: + - Type + - Name + x-create-only-properties: + - Type + - Name + x-required-permissions: + create: + - aoss:CreateLifecyclePolicy + read: + - aoss:BatchGetLifecyclePolicy + update: + - aoss:UpdateLifecyclePolicy + - aoss:BatchGetLifecyclePolicy + delete: + - aoss:DeleteLifecyclePolicy + list: + - aoss:ListLifecyclePolicies + SamlConfigOptions: + type: object + description: Describes saml options in form of key value map + properties: + Metadata: + type: string + description: The XML saml provider metadata document that you want to use + maxLength: 51200 + minLength: 1 + pattern: '[\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]+' + UserAttribute: + type: string + description: Custom attribute for this saml integration + maxLength: 2048 + minLength: 1 + pattern: '[\w+=,.@-]+' + GroupAttribute: + type: string + description: Group attribute for this saml integration + maxLength: 2048 + minLength: 1 + pattern: '[\w+=,.@-]+' + SessionTimeout: + type: integer + description: Defines the session timeout in minutes + required: + - Metadata + additionalProperties: false + SecurityConfigType: + type: string + description: Config type for security config + enum: + - saml + SecurityConfig: + type: object + properties: + Description: + type: string + maxLength: 1000 + minLength: 1 + description: Security config description + Id: + type: string + maxLength: 100 + minLength: 1 + description: The identifier of the security config + Name: + type: string + maxLength: 32 + minLength: 3 + pattern: ^[a-z][a-z0-9-]{2,31}$ + description: The friendly name of the security config + SamlOptions: + $ref: '#/components/schemas/SamlConfigOptions' + Type: + $ref: '#/components/schemas/SecurityConfigType' + x-stackql-resource-name: security_config + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Type + - Name + x-read-only-properties: + - Id + x-required-permissions: + create: + - aoss:CreateSecurityConfig + read: + - aoss:GetSecurityConfig + update: + - aoss:GetSecurityConfig + - aoss:UpdateSecurityConfig + delete: + - aoss:DeleteSecurityConfig + list: + - aoss:ListSecurityConfigs + SecurityPolicyType: + type: string + description: The possible types for the network policy + enum: + - encryption + - network + SecurityPolicy: + type: object + properties: + Description: + type: string + maxLength: 1000 + minLength: 1 + description: The description of the policy + Policy: + type: string + maxLength: 20480 + minLength: 1 + pattern: '[\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]+' + description: The JSON policy document that is the content for the policy + Name: + type: string + maxLength: 32 + minLength: 3 + pattern: ^[a-z][a-z0-9-]{2,31}$ + description: The name of the policy + Type: + $ref: '#/components/schemas/SecurityPolicyType' + required: + - Type + - Name + - Policy + x-stackql-resource-name: security_policy + x-stackql-primaryIdentifier: + - Type + - Name + x-create-only-properties: + - Type + - Name + x-required-permissions: + create: + - aoss:GetSecurityPolicy + - aoss:CreateSecurityPolicy + - kms:DescribeKey + - kms:CreateGrant + update: + - aoss:GetSecurityPolicy + - aoss:UpdateSecurityPolicy + - kms:DescribeKey + - kms:CreateGrant + delete: + - aoss:GetSecurityPolicy + - aoss:DeleteSecurityPolicy + list: + - aoss:ListSecurityPolicies + read: + - aoss:GetSecurityPolicy + - kms:DescribeKey + VpcEndpoint: + type: object + properties: + Id: + type: string + maxLength: 255 + minLength: 1 + pattern: ^vpce-[0-9a-z]*$ + description: The identifier of the VPC Endpoint + Name: + type: string + maxLength: 32 + minLength: 3 + pattern: ^[a-z][a-z0-9-]{2,31}$ + description: The name of the VPC Endpoint + SecurityGroupIds: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[\w+\-]+$ + maxItems: 5 + minItems: 1 + description: The ID of one or more security groups to associate with the endpoint network interface + SubnetIds: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 32 + minLength: 1 + pattern: ^subnet-([0-9a-f]{8}|[0-9a-f]{17})$ + maxItems: 6 + minItems: 1 + description: The ID of one or more subnets in which to create an endpoint network interface + VpcId: + type: string + maxLength: 255 + minLength: 1 + pattern: ^vpc-[0-9a-z]*$ + description: The ID of the VPC in which the endpoint will be used. + required: + - Name + - VpcId + - SubnetIds + x-stackql-resource-name: vpc_endpoint + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + - VpcId + x-read-only-properties: + - Id + x-required-permissions: + create: + - aoss:BatchGetVpcEndpoint + - aoss:CreateVpcEndpoint + - ec2:CreateVpcEndpoint + - ec2:DeleteVpcEndPoints + - ec2:DescribeVpcEndpoints + - ec2:ModifyVpcEndPoint + - ec2:DescribeVpcs + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + - ec2:CreateTags + - route53:ChangeResourceRecordSets + - route53:GetChange + - route53:GetHostedZone + - route53:ListResourceRecordSets + - route53:ListHostedZonesByName + - route53:CreateHostedZone + - route53:ListHostedZonesByVPC + - route53:AssociateVPCWithHostedZone + read: + - aoss:BatchGetVpcEndpoint + - ec2:DescribeVpcEndpoints + update: + - aoss:BatchGetVpcEndpoint + - aoss:UpdateVpcEndpoint + - ec2:CreateVpcEndpoint + - ec2:DeleteVpcEndPoints + - ec2:DescribeVpcEndpoints + - ec2:ModifyVpcEndPoint + - ec2:DescribeVpcs + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + - ec2:CreateTags + - route53:ChangeResourceRecordSets + - route53:GetChange + - route53:GetHostedZone + - route53:ListResourceRecordSets + - route53:ListHostedZonesByName + - route53:CreateHostedZone + - route53:ListHostedZonesByVPC + - route53:AssociateVPCWithHostedZone + delete: + - aoss:BatchGetVpcEndpoint + - aoss:DeleteVpcEndpoint + - ec2:DeleteVpcEndPoints + - ec2:DescribeVpcEndpoints + - ec2:ModifyVpcEndPoint + - ec2:DescribeVpcs + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + - ec2:CreateTags + - route53:ChangeResourceRecordSets + - route53:DeleteHostedZone + - route53:GetChange + - route53:GetHostedZone + - route53:ListResourceRecordSets + - route53:ListHostedZonesByName + - route53:ListHostedZonesByVPC + - route53:AssociateVPCWithHostedZone + list: + - aoss:ListVpcEndpoints + - ec2:DescribeVpcEndpoints + x-stackQL-resources: + access_policies: + name: access_policies + id: awscc.opensearchserverless.access_policies + x-cfn-schema-name: AccessPolicy + x-type: list + x-identifiers: + - Type + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::AccessPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::AccessPolicy' + AND region = 'us-east-1' + access_policy: + name: access_policy + id: awscc.opensearchserverless.access_policy + x-cfn-schema-name: AccessPolicy + x-type: get + x-identifiers: + - Type + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::AccessPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::AccessPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + collections: + name: collections + id: awscc.opensearchserverless.collections + x-cfn-schema-name: Collection + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::Collection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::Collection' + AND region = 'us-east-1' + collection: + name: collection + id: awscc.opensearchserverless.collection + x-cfn-schema-name: Collection + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CollectionEndpoint') as collection_endpoint, + JSON_EXTRACT(Properties, '$.DashboardEndpoint') as dashboard_endpoint, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.StandbyReplicas') as standby_replicas + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::Collection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CollectionEndpoint') as collection_endpoint, + json_extract_path_text(Properties, 'DashboardEndpoint') as dashboard_endpoint, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'StandbyReplicas') as standby_replicas + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::Collection' + AND data__Identifier = '' + AND region = 'us-east-1' + lifecycle_policies: + name: lifecycle_policies + id: awscc.opensearchserverless.lifecycle_policies + x-cfn-schema-name: LifecyclePolicy + x-type: list + x-identifiers: + - Type + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::LifecyclePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::LifecyclePolicy' + AND region = 'us-east-1' + lifecycle_policy: + name: lifecycle_policy + id: awscc.opensearchserverless.lifecycle_policy + x-cfn-schema-name: LifecyclePolicy + x-type: get + x-identifiers: + - Type + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::LifecyclePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::LifecyclePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + security_configs: + name: security_configs + id: awscc.opensearchserverless.security_configs + x-cfn-schema-name: SecurityConfig + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityConfig' + AND region = 'us-east-1' + security_config: + name: security_config + id: awscc.opensearchserverless.security_config + x-cfn-schema-name: SecurityConfig + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SamlOptions') as saml_options, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SamlOptions') as saml_options, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + security_policies: + name: security_policies + id: awscc.opensearchserverless.security_policies + x-cfn-schema-name: SecurityPolicy + x-type: list + x-identifiers: + - Type + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityPolicy' + AND region = 'us-east-1' + security_policy: + name: security_policy + id: awscc.opensearchserverless.security_policy + x-cfn-schema-name: SecurityPolicy + x-type: get + x-identifiers: + - Type + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::SecurityPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_endpoints: + name: vpc_endpoints + id: awscc.opensearchserverless.vpc_endpoints + x-cfn-schema-name: VpcEndpoint + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::VpcEndpoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchServerless::VpcEndpoint' + AND region = 'us-east-1' + vpc_endpoint: + name: vpc_endpoint + id: awscc.opensearchserverless.vpc_endpoint + x-cfn-schema-name: VpcEndpoint + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::VpcEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'VpcId') as vpc_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchServerless::VpcEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/opensearchservice.yaml b/providers/src/awscc/v00.00.00000/services/opensearchservice.yaml new file mode 100644 index 00000000..67a2a270 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/opensearchservice.yaml @@ -0,0 +1,462 @@ +openapi: 3.0.0 +info: + title: OpenSearchService + version: 1.0.0 +paths: {} +components: + schemas: + ZoneAwarenessConfig: + type: object + additionalProperties: false + properties: + AvailabilityZoneCount: + type: integer + ClusterConfig: + type: object + additionalProperties: false + properties: + InstanceCount: + type: integer + WarmEnabled: + type: boolean + WarmCount: + type: integer + DedicatedMasterEnabled: + type: boolean + ZoneAwarenessConfig: + $ref: '#/components/schemas/ZoneAwarenessConfig' + DedicatedMasterCount: + type: integer + InstanceType: + type: string + WarmType: + type: string + ZoneAwarenessEnabled: + type: boolean + DedicatedMasterType: + type: string + MultiAZWithStandbyEnabled: + type: boolean + ColdStorageOptions: + $ref: '#/components/schemas/ColdStorageOptions' + LogPublishingOption: + type: object + additionalProperties: false + properties: + CloudWatchLogsLogGroupArn: + type: string + Enabled: + type: boolean + SnapshotOptions: + type: object + additionalProperties: false + properties: + AutomatedSnapshotStartHour: + type: integer + VPCOptions: + type: object + additionalProperties: false + properties: + SecurityGroupIds: + type: array + uniqueItems: true + items: + type: string + SubnetIds: + type: array + uniqueItems: true + items: + type: string + NodeToNodeEncryptionOptions: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + DomainEndpointOptions: + type: object + additionalProperties: false + properties: + CustomEndpointCertificateArn: + type: string + CustomEndpointEnabled: + type: boolean + EnforceHTTPS: + type: boolean + CustomEndpoint: + type: string + TLSSecurityPolicy: + type: string + CognitoOptions: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + IdentityPoolId: + type: string + UserPoolId: + type: string + RoleArn: + type: string + MasterUserOptions: + type: object + additionalProperties: false + properties: + MasterUserPassword: + type: string + MasterUserName: + type: string + MasterUserARN: + type: string + Idp: + type: object + additionalProperties: false + properties: + MetadataContent: + type: string + maxLength: 1048576 + minLength: 1 + EntityId: + type: string + required: + - MetadataContent + - EntityId + SAMLOptions: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + Idp: + $ref: '#/components/schemas/Idp' + MasterUserName: + type: string + MasterBackendRole: + type: string + SubjectKey: + type: string + RolesKey: + type: string + SessionTimeoutMinutes: + type: integer + AdvancedSecurityOptionsInput: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + MasterUserOptions: + $ref: '#/components/schemas/MasterUserOptions' + InternalUserDatabaseEnabled: + type: boolean + AnonymousAuthEnabled: + type: boolean + SAMLOptions: + $ref: '#/components/schemas/SAMLOptions' + AnonymousAuthDisableDate: + type: string + EBSOptions: + type: object + additionalProperties: false + properties: + EBSEnabled: + type: boolean + VolumeType: + type: string + Iops: + type: integer + VolumeSize: + type: integer + Throughput: + type: integer + EncryptionAtRestOptions: + type: object + additionalProperties: false + properties: + KmsKeyId: + type: string + Enabled: + type: boolean + Tag: + type: object + additionalProperties: false + properties: + Value: + description: The key of the tag. + type: string + minLength: 0 + maxLength: 256 + Key: + description: The value of the tag. + type: string + minLength: 0 + maxLength: 128 + required: + - Value + - Key + ServiceSoftwareOptions: + type: object + additionalProperties: false + properties: + CurrentVersion: + type: string + NewVersion: + type: string + UpdateAvailable: + type: boolean + Cancellable: + type: boolean + UpdateStatus: + type: string + Description: + type: string + AutomatedUpdateDate: + type: string + OptionalDeployment: + type: boolean + WindowStartTime: + type: object + additionalProperties: false + properties: + Hours: + type: integer + minimum: 0 + maximum: 23 + Minutes: + type: integer + minimum: 0 + maximum: 59 + required: + - Hours + - Minutes + OffPeakWindow: + type: object + additionalProperties: false + properties: + WindowStartTime: + $ref: '#/components/schemas/WindowStartTime' + OffPeakWindowOptions: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + OffPeakWindow: + $ref: '#/components/schemas/OffPeakWindow' + SoftwareUpdateOptions: + type: object + additionalProperties: false + properties: + AutoSoftwareUpdateEnabled: + type: boolean + ColdStorageOptions: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + Domain: + type: object + properties: + ClusterConfig: + $ref: '#/components/schemas/ClusterConfig' + DomainName: + type: string + AccessPolicies: + type: object + IPAddressType: + type: string + EngineVersion: + type: string + AdvancedOptions: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + type: string + LogPublishingOptions: + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z0-9]+': + $ref: '#/components/schemas/LogPublishingOption' + SnapshotOptions: + $ref: '#/components/schemas/SnapshotOptions' + VPCOptions: + $ref: '#/components/schemas/VPCOptions' + NodeToNodeEncryptionOptions: + $ref: '#/components/schemas/NodeToNodeEncryptionOptions' + DomainEndpointOptions: + $ref: '#/components/schemas/DomainEndpointOptions' + CognitoOptions: + $ref: '#/components/schemas/CognitoOptions' + AdvancedSecurityOptions: + $ref: '#/components/schemas/AdvancedSecurityOptionsInput' + DomainEndpoint: + type: string + DomainEndpointV2: + type: string + DomainEndpoints: + type: object + additionalProperties: false + x-patternProperties: + ^.*$: + type: string + EBSOptions: + $ref: '#/components/schemas/EBSOptions' + Id: + type: string + Arn: + type: string + DomainArn: + type: string + EncryptionAtRestOptions: + $ref: '#/components/schemas/EncryptionAtRestOptions' + Tags: + description: An arbitrary set of tags (key-value pairs) for this Domain. + items: + $ref: '#/components/schemas/Tag' + type: array + uniqueItems: true + ServiceSoftwareOptions: + $ref: '#/components/schemas/ServiceSoftwareOptions' + OffPeakWindowOptions: + $ref: '#/components/schemas/OffPeakWindowOptions' + SoftwareUpdateOptions: + $ref: '#/components/schemas/SoftwareUpdateOptions' + x-stackql-resource-name: domain + x-stackql-primaryIdentifier: + - DomainName + x-create-only-properties: + - DomainName + x-read-only-properties: + - Id + - Arn + - DomainArn + - DomainEndpoint + - DomainEndpointV2 + - DomainEndpoints + - ServiceSoftwareOptions + - AdvancedSecurityOptions/AnonymousAuthDisableDate + x-required-permissions: + create: + - es:CreateDomain + - es:DescribeDomain + - es:AddTags + - es:ListTags + read: + - es:DescribeDomain + - es:ListTags + update: + - es:UpdateDomain + - es:UpgradeDomain + - es:DescribeDomain + - es:AddTags + - es:RemoveTags + - es:ListTags + - es:DescribeDomainChangeProgress + delete: + - es:DeleteDomain + - es:DescribeDomain + x-stackQL-resources: + domains: + name: domains + id: awscc.opensearchservice.domains + x-cfn-schema-name: Domain + x-type: list + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchService::Domain' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainName') as domain_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpenSearchService::Domain' + AND region = 'us-east-1' + domain: + name: domain + id: awscc.opensearchservice.domain + x-cfn-schema-name: Domain + x-type: get + x-identifiers: + - DomainName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterConfig') as cluster_config, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.AccessPolicies') as access_policies, + JSON_EXTRACT(Properties, '$.IPAddressType') as i_paddress_type, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.AdvancedOptions') as advanced_options, + JSON_EXTRACT(Properties, '$.LogPublishingOptions') as log_publishing_options, + JSON_EXTRACT(Properties, '$.SnapshotOptions') as snapshot_options, + JSON_EXTRACT(Properties, '$.VPCOptions') as v_pc_options, + JSON_EXTRACT(Properties, '$.NodeToNodeEncryptionOptions') as node_to_node_encryption_options, + JSON_EXTRACT(Properties, '$.DomainEndpointOptions') as domain_endpoint_options, + JSON_EXTRACT(Properties, '$.CognitoOptions') as cognito_options, + JSON_EXTRACT(Properties, '$.AdvancedSecurityOptions') as advanced_security_options, + JSON_EXTRACT(Properties, '$.DomainEndpoint') as domain_endpoint, + JSON_EXTRACT(Properties, '$.DomainEndpointV2') as domain_endpoint_v2, + JSON_EXTRACT(Properties, '$.DomainEndpoints') as domain_endpoints, + JSON_EXTRACT(Properties, '$.EBSOptions') as e_bs_options, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DomainArn') as domain_arn, + JSON_EXTRACT(Properties, '$.EncryptionAtRestOptions') as encryption_at_rest_options, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ServiceSoftwareOptions') as service_software_options, + JSON_EXTRACT(Properties, '$.OffPeakWindowOptions') as off_peak_window_options, + JSON_EXTRACT(Properties, '$.SoftwareUpdateOptions') as software_update_options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchService::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterConfig') as cluster_config, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'AccessPolicies') as access_policies, + json_extract_path_text(Properties, 'IPAddressType') as i_paddress_type, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'AdvancedOptions') as advanced_options, + json_extract_path_text(Properties, 'LogPublishingOptions') as log_publishing_options, + json_extract_path_text(Properties, 'SnapshotOptions') as snapshot_options, + json_extract_path_text(Properties, 'VPCOptions') as v_pc_options, + json_extract_path_text(Properties, 'NodeToNodeEncryptionOptions') as node_to_node_encryption_options, + json_extract_path_text(Properties, 'DomainEndpointOptions') as domain_endpoint_options, + json_extract_path_text(Properties, 'CognitoOptions') as cognito_options, + json_extract_path_text(Properties, 'AdvancedSecurityOptions') as advanced_security_options, + json_extract_path_text(Properties, 'DomainEndpoint') as domain_endpoint, + json_extract_path_text(Properties, 'DomainEndpointV2') as domain_endpoint_v2, + json_extract_path_text(Properties, 'DomainEndpoints') as domain_endpoints, + json_extract_path_text(Properties, 'EBSOptions') as e_bs_options, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DomainArn') as domain_arn, + json_extract_path_text(Properties, 'EncryptionAtRestOptions') as encryption_at_rest_options, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ServiceSoftwareOptions') as service_software_options, + json_extract_path_text(Properties, 'OffPeakWindowOptions') as off_peak_window_options, + json_extract_path_text(Properties, 'SoftwareUpdateOptions') as software_update_options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpenSearchService::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/opsworkscm.yaml b/providers/src/awscc/v00.00.00000/services/opsworkscm.yaml new file mode 100644 index 00000000..6f9042ee --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/opsworkscm.yaml @@ -0,0 +1,269 @@ +openapi: 3.0.0 +info: + title: OpsWorksCM + version: 1.0.0 +paths: {} +components: + schemas: + EngineAttribute: + type: object + additionalProperties: false + properties: + Value: + type: string + pattern: (?s).* + maxLength: 10000 + Name: + type: string + pattern: (?s).* + maxLength: 10000 + Tag: + type: object + additionalProperties: false + properties: + Value: + type: string + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + minLength: 0 + maxLength: 256 + Key: + type: string + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + minLength: 1 + maxLength: 128 + required: + - Value + - Key + Server: + type: object + properties: + KeyPair: + type: string + pattern: .* + maxLength: 10000 + EngineVersion: + type: string + maxLength: 10000 + ServiceRoleArn: + type: string + pattern: arn:aws:iam::[0-9]{12}:role/.* + maxLength: 10000 + DisableAutomatedBackup: + type: boolean + BackupId: + type: string + pattern: '[a-zA-Z][a-zA-Z0-9\-\.\:]*' + maxLength: 79 + EngineModel: + type: string + maxLength: 10000 + PreferredMaintenanceWindow: + type: string + pattern: ^((Mon|Tue|Wed|Thu|Fri|Sat|Sun):)?([0-1][0-9]|2[0-3]):[0-5][0-9]$ + maxLength: 10000 + AssociatePublicIpAddress: + type: boolean + InstanceProfileArn: + type: string + pattern: arn:aws:iam::[0-9]{12}:instance-profile/.* + maxLength: 10000 + CustomCertificate: + type: string + pattern: (?s)\s*-----BEGIN CERTIFICATE-----.+-----END CERTIFICATE-----\s* + maxLength: 2097152 + PreferredBackupWindow: + type: string + pattern: ^((Mon|Tue|Wed|Thu|Fri|Sat|Sun):)?([0-1][0-9]|2[0-3]):[0-5][0-9]$ + maxLength: 10000 + SecurityGroupIds: + type: array + uniqueItems: false + items: + type: string + maxLength: 10000 + SubnetIds: + type: array + uniqueItems: false + items: + type: string + maxLength: 10000 + CustomDomain: + type: string + pattern: ^(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$ + maxLength: 253 + Endpoint: + type: string + maxLength: 10000 + CustomPrivateKey: + type: string + pattern: (?ms)\s*^-----BEGIN (?-s:.*)PRIVATE KEY-----$.*?^-----END (?-s:.*)PRIVATE KEY-----$\s* + maxLength: 4096 + ServerName: + type: string + minLength: 1 + maxLength: 40 + pattern: '[a-zA-Z][a-zA-Z0-9\-]*' + EngineAttributes: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/EngineAttribute' + BackupRetentionCount: + type: integer + minLength: 1 + Arn: + type: string + maxLength: 10000 + InstanceType: + type: string + maxLength: 10000 + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + Engine: + type: string + maxLength: 10000 + required: + - ServiceRoleArn + - InstanceProfileArn + - InstanceType + x-stackql-resource-name: server + x-stackql-primaryIdentifier: + - ServerName + x-create-only-properties: + - KeyPair + - CustomPrivateKey + - ServiceRoleArn + - InstanceType + - CustomCertificate + - CustomDomain + - InstanceProfileArn + - SecurityGroupIds + - ServerName + - SubnetIds + - BackupId + - EngineModel + - AssociatePublicIpAddress + - EngineVersion + - Engine + x-read-only-properties: + - ServerName + - Endpoint + - Arn + x-required-permissions: + create: + - opsworks-cm:CreateServer + - opsworks-cm:DescribeServers + - iam:PassRole + delete: + - opsworks-cm:DeleteServer + - opsworks-cm:DescribeServers + update: + - opsworks-cm:UpdateServer + - opsworks-cm:TagResource + - opsworks-cm:UntagResource + - opsworks-cm:DescribeServers + list: + - opsworks-cm:DescribeServers + - opsworks-cm:ListTagsForResource + read: + - opsworks-cm:DescribeServers + x-stackQL-resources: + servers: + name: servers + id: awscc.opsworkscm.servers + x-cfn-schema-name: Server + x-type: list + x-identifiers: + - ServerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ServerName') as server_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpsWorksCM::Server' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ServerName') as server_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OpsWorksCM::Server' + AND region = 'us-east-1' + server: + name: server + id: awscc.opsworkscm.server + x-cfn-schema-name: Server + x-type: get + x-identifiers: + - ServerName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KeyPair') as key_pair, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.ServiceRoleArn') as service_role_arn, + JSON_EXTRACT(Properties, '$.DisableAutomatedBackup') as disable_automated_backup, + JSON_EXTRACT(Properties, '$.BackupId') as backup_id, + JSON_EXTRACT(Properties, '$.EngineModel') as engine_model, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.AssociatePublicIpAddress') as associate_public_ip_address, + JSON_EXTRACT(Properties, '$.InstanceProfileArn') as instance_profile_arn, + JSON_EXTRACT(Properties, '$.CustomCertificate') as custom_certificate, + JSON_EXTRACT(Properties, '$.PreferredBackupWindow') as preferred_backup_window, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.CustomDomain') as custom_domain, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.CustomPrivateKey') as custom_private_key, + JSON_EXTRACT(Properties, '$.ServerName') as server_name, + JSON_EXTRACT(Properties, '$.EngineAttributes') as engine_attributes, + JSON_EXTRACT(Properties, '$.BackupRetentionCount') as backup_retention_count, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.InstanceType') as instance_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Engine') as engine + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpsWorksCM::Server' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KeyPair') as key_pair, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'ServiceRoleArn') as service_role_arn, + json_extract_path_text(Properties, 'DisableAutomatedBackup') as disable_automated_backup, + json_extract_path_text(Properties, 'BackupId') as backup_id, + json_extract_path_text(Properties, 'EngineModel') as engine_model, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'AssociatePublicIpAddress') as associate_public_ip_address, + json_extract_path_text(Properties, 'InstanceProfileArn') as instance_profile_arn, + json_extract_path_text(Properties, 'CustomCertificate') as custom_certificate, + json_extract_path_text(Properties, 'PreferredBackupWindow') as preferred_backup_window, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'CustomDomain') as custom_domain, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'CustomPrivateKey') as custom_private_key, + json_extract_path_text(Properties, 'ServerName') as server_name, + json_extract_path_text(Properties, 'EngineAttributes') as engine_attributes, + json_extract_path_text(Properties, 'BackupRetentionCount') as backup_retention_count, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'InstanceType') as instance_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Engine') as engine + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OpsWorksCM::Server' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/organizations.yaml b/providers/src/awscc/v00.00.00000/services/organizations.yaml new file mode 100644 index 00000000..abb0a2fd --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/organizations.yaml @@ -0,0 +1,716 @@ +openapi: 3.0.0 +info: + title: Organizations + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A custom key-value pair associated with a resource within your organization. + type: object + properties: + Key: + type: string + description: The key identifier, or name, of the tag. + minLength: 1 + maxLength: 128 + Value: + type: string + description: The string value that's associated with the key of the tag. You can set the value of a tag to an empty string, but you can't set the value of a tag to null. + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Account: + type: object + properties: + AccountName: + description: The friendly name of the member account. + type: string + pattern: '[\u0020-\u007E]+' + minLength: 1 + maxLength: 50 + Email: + description: The email address of the owner to assign to the new member account. + type: string + pattern: '[^\s@]+@[^\s@]+\.[^\s@]+' + minLength: 6 + maxLength: 64 + RoleName: + description: The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. Default name is OrganizationAccountAccessRole if not specified. + type: string + default: OrganizationAccountAccessRole + pattern: '[\w+=,.@-]{1,64}' + minLength: 1 + maxLength: 64 + ParentIds: + description: List of parent nodes for the member account. Currently only one parent at a time is supported. Default is root. + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + pattern: ^(r-[0-9a-z]{4,32})|(ou-[0-9a-z]{4,32}-[a-z0-9]{8,32})$ + Tags: + description: A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AccountId: + description: If the account was created successfully, the unique identifier (ID) of the new account. + type: string + pattern: ^\d{12}$ + maxLength: 12 + Arn: + description: The Amazon Resource Name (ARN) of the account. + type: string + pattern: ^arn:aws.*:organizations::\d{12}:account\/o-[a-z0-9]{10,32}\/\d{12} + JoinedMethod: + description: The method by which the account joined the organization. + type: string + enum: + - INVITED + - CREATED + JoinedTimestamp: + description: The date the account became a part of the organization. + type: string + Status: + description: The status of the account in the organization. + type: string + enum: + - ACTIVE + - SUSPENDED + - PENDING_CLOSURE + required: + - AccountName + - Email + x-stackql-resource-name: account + x-stackql-primaryIdentifier: + - AccountId + x-read-only-properties: + - AccountId + - Status + - JoinedTimestamp + - JoinedMethod + - Arn + x-required-permissions: + create: + - organizations:CreateAccount + - organizations:DescribeCreateAccountStatus + - organizations:MoveAccount + - organizations:ListParents + - organizations:TagResource + - organizations:DescribeAccount + - organizations:ListTagsForResource + read: + - organizations:DescribeAccount + - organizations:ListParents + - organizations:ListTagsForResource + update: + - organizations:MoveAccount + - organizations:TagResource + - organizations:UntagResource + - organizations:ListRoots + - organizations:DescribeAccount + - organizations:ListParents + - organizations:ListTagsForResource + delete: + - organizations:CloseAccount + list: + - organizations:ListAccounts + Organization: + type: object + properties: + Id: + description: The unique identifier (ID) of an organization. + type: string + pattern: ^o-[a-z0-9]{10,32}$ + Arn: + description: The Amazon Resource Name (ARN) of an organization. + type: string + pattern: ^arn:aws.*:organizations::\d{12}:organization\/o-[a-z0-9]{10,32} + FeatureSet: + description: Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality. + type: string + enum: + - ALL + - CONSOLIDATED_BILLING + default: ALL + ManagementAccountArn: + description: The Amazon Resource Name (ARN) of the account that is designated as the management account for the organization. + type: string + pattern: ^arn:aws.*:organizations::\d{12}:account\/o-[a-z0-9]{10,32}\/\d{12} + ManagementAccountId: + description: The unique identifier (ID) of the management account of an organization. + type: string + pattern: ^\d{12}$ + ManagementAccountEmail: + description: The email address that is associated with the AWS account that is designated as the management account for the organization. + type: string + pattern: '[^\s@]+@[^\s@]+\.[^\s@]+' + minLength: 6 + maxLength: 64 + RootId: + description: The unique identifier (ID) for the root. + type: string + pattern: ^r-[0-9a-z]{4,32}$ + maxLength: 64 + x-stackql-resource-name: organization + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + - ManagementAccountArn + - ManagementAccountId + - ManagementAccountEmail + - RootId + x-required-permissions: + create: + - organizations:CreateOrganization + - organizations:DescribeOrganization + - iam:CreateServiceLinkedRole + - organizations:ListRoots + read: + - organizations:DescribeOrganization + - organizations:ListRoots + delete: + - organizations:DeleteOrganization + - organizations:DescribeOrganization + list: + - organizations:DescribeOrganization + update: [] + OrganizationalUnit: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of this OU. + type: string + pattern: ^arn:aws.*:organizations::\d{12}:ou/o-[a-z0-9]{10,32}/ou-[0-9a-z]{4,32}-[0-9a-z]{8,32} + Id: + description: The unique identifier (ID) associated with this OU. + type: string + pattern: ^ou-[0-9a-z]{4,32}-[a-z0-9]{8,32}$ + maxLength: 68 + Name: + description: The friendly name of this OU. + type: string + pattern: '[\s\S]*' + minLength: 1 + maxLength: 128 + ParentId: + description: The unique identifier (ID) of the parent root or OU that you want to create the new OU in. + type: string + pattern: ^(r-[0-9a-z]{4,32})|(ou-[0-9a-z]{4,32}-[a-z0-9]{8,32})$ + maxLength: 100 + Tags: + description: A list of tags that you want to attach to the newly created OU. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - ParentId + x-stackql-resource-name: organizational_unit + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ParentId + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - organizations:CreateOrganizationalUnit + - organizations:DescribeOrganizationalUnit + - organizations:ListParents + - organizations:ListTagsForResource + - organizations:TagResource + read: + - organizations:DescribeOrganizationalUnit + - organizations:ListParents + - organizations:ListTagsForResource + update: + - organizations:DescribeOrganizationalUnit + - organizations:ListParents + - organizations:ListTagsForResource + - organizations:TagResource + - organizations:UntagResource + - organizations:UpdateOrganizationalUnit + delete: + - organizations:DeleteOrganizationalUnit + list: + - organizations:ListOrganizationalUnitsForParent + Policy: + type: object + properties: + Name: + description: Name of the Policy + type: string + pattern: '[\s\S]*' + minLength: 1 + maxLength: 128 + Type: + description: 'The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY' + type: string + enum: + - SERVICE_CONTROL_POLICY + - AISERVICES_OPT_OUT_POLICY + - BACKUP_POLICY + - TAG_POLICY + Content: + description: The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it. + type: object + pattern: '[\s\S]*' + minLength: 1 + maxLength: 1000000 + Description: + description: Human readable description of the policy + pattern: '[\s\S]*' + type: string + maxLength: 512 + TargetIds: + description: List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + pattern: ^(r-[0-9a-z]{4,32})|(\d{12})|(ou-[0-9a-z]{4,32}-[a-z0-9]{8,32})$ + Tags: + description: A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Id: + description: Id of the Policy + type: string + pattern: ^p-[0-9a-zA-Z_]{8,128}$ + maxLength: 130 + Arn: + description: ARN of the Policy + type: string + pattern: ^arn:aws.*:organizations::[0-9]{12}:policy/o-[a-z0-9]{10}/(service_control|tag|backup|aiservices_opt_out)_policy/p-[a-z0-9]{8} + AwsManaged: + description: A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it. + type: boolean + required: + - Name + - Type + - Content + x-stackql-resource-name: policy + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Type + x-read-only-properties: + - Id + - Arn + - AwsManaged + x-required-permissions: + create: + - organizations:CreatePolicy + - organizations:DescribePolicy + - organizations:AttachPolicy + - organizations:ListTagsForResource + - organizations:ListTargetsForPolicy + - organizations:TagResource + read: + - organizations:DescribePolicy + - organizations:ListTargetsForPolicy + - organizations:ListTagsForResource + update: + - organizations:AttachPolicy + - organizations:DetachPolicy + - organizations:UpdatePolicy + - organizations:ListTagsForResource + - organizations:ListTargetsForPolicy + - organizations:TagResource + - organizations:UntagResource + - organizations:DescribePolicy + delete: + - organizations:DetachPolicy + - organizations:DeletePolicy + list: + - organizations:ListPolicies + ResourcePolicy: + type: object + properties: + Id: + description: The unique identifier (ID) associated with this resource policy. + type: string + pattern: ^rp-[0-9a-zA-Z_]{4,128}$ + maxLength: 131 + Arn: + description: The Amazon Resource Name (ARN) of the resource policy. + type: string + pattern: ^arn:aws.*:organizations::\d{12}:resourcepolicy\/o-[a-z0-9]{10,32}\/rp-[0-9a-zA-Z_]{4,128} + Content: + description: The policy document. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it. + type: object + pattern: '[\s\S]*' + minLength: 1 + maxLength: 40000 + Tags: + description: A list of tags that you want to attach to the resource policy + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Content + x-stackql-resource-name: resource_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - organizations:PutResourcePolicy + - organizations:DescribeResourcePolicy + - organizations:ListTagsForResource + - organizations:TagResource + read: + - organizations:DescribeResourcePolicy + - organizations:ListTagsForResource + update: + - organizations:DescribeResourcePolicy + - organizations:PutResourcePolicy + - organizations:ListTagsForResource + - organizations:TagResource + - organizations:UntagResource + delete: + - organizations:DeleteResourcePolicy + list: + - organizations:DescribeResourcePolicy + x-stackQL-resources: + accounts: + name: accounts + id: awscc.organizations.accounts + x-cfn-schema-name: Account + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::Account' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::Account' + AND region = 'us-east-1' + account: + name: account + id: awscc.organizations.account + x-cfn-schema-name: Account + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountName') as account_name, + JSON_EXTRACT(Properties, '$.Email') as email, + JSON_EXTRACT(Properties, '$.RoleName') as role_name, + JSON_EXTRACT(Properties, '$.ParentIds') as parent_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.JoinedMethod') as joined_method, + JSON_EXTRACT(Properties, '$.JoinedTimestamp') as joined_timestamp, + JSON_EXTRACT(Properties, '$.Status') as status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::Account' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountName') as account_name, + json_extract_path_text(Properties, 'Email') as email, + json_extract_path_text(Properties, 'RoleName') as role_name, + json_extract_path_text(Properties, 'ParentIds') as parent_ids, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'JoinedMethod') as joined_method, + json_extract_path_text(Properties, 'JoinedTimestamp') as joined_timestamp, + json_extract_path_text(Properties, 'Status') as status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::Account' + AND data__Identifier = '' + AND region = 'us-east-1' + organizations: + name: organizations + id: awscc.organizations.organizations + x-cfn-schema-name: Organization + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::Organization' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::Organization' + AND region = 'us-east-1' + organization: + name: organization + id: awscc.organizations.organization + x-cfn-schema-name: Organization + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.FeatureSet') as feature_set, + JSON_EXTRACT(Properties, '$.ManagementAccountArn') as management_account_arn, + JSON_EXTRACT(Properties, '$.ManagementAccountId') as management_account_id, + JSON_EXTRACT(Properties, '$.ManagementAccountEmail') as management_account_email, + JSON_EXTRACT(Properties, '$.RootId') as root_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::Organization' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'FeatureSet') as feature_set, + json_extract_path_text(Properties, 'ManagementAccountArn') as management_account_arn, + json_extract_path_text(Properties, 'ManagementAccountId') as management_account_id, + json_extract_path_text(Properties, 'ManagementAccountEmail') as management_account_email, + json_extract_path_text(Properties, 'RootId') as root_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::Organization' + AND data__Identifier = '' + AND region = 'us-east-1' + organizational_units: + name: organizational_units + id: awscc.organizations.organizational_units + x-cfn-schema-name: OrganizationalUnit + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::OrganizationalUnit' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::OrganizationalUnit' + AND region = 'us-east-1' + organizational_unit: + name: organizational_unit + id: awscc.organizations.organizational_unit + x-cfn-schema-name: OrganizationalUnit + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ParentId') as parent_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::OrganizationalUnit' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ParentId') as parent_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::OrganizationalUnit' + AND data__Identifier = '' + AND region = 'us-east-1' + policies: + name: policies + id: awscc.organizations.policies + x-cfn-schema-name: Policy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::Policy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::Policy' + AND region = 'us-east-1' + policy: + name: policy + id: awscc.organizations.policy + x-cfn-schema-name: Policy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.TargetIds') as target_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsManaged') as aws_managed + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'TargetIds') as target_ids, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsManaged') as aws_managed + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_policies: + name: resource_policies + id: awscc.organizations.resource_policies + x-cfn-schema-name: ResourcePolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::ResourcePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Organizations::ResourcePolicy' + AND region = 'us-east-1' + resource_policy: + name: resource_policy + id: awscc.organizations.resource_policy + x-cfn-schema-name: ResourcePolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Organizations::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/osis.yaml b/providers/src/awscc/v00.00.00000/services/osis.yaml new file mode 100644 index 00000000..2f0d1e69 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/osis.yaml @@ -0,0 +1,281 @@ +openapi: 3.0.0 +info: + title: OSIS + version: 1.0.0 +paths: {} +components: + schemas: + BufferOptions: + description: Key-value pairs to configure buffering. + type: object + properties: + PersistentBufferEnabled: + type: boolean + description: Whether persistent buffering should be enabled. + required: + - PersistentBufferEnabled + additionalProperties: false + EncryptionAtRestOptions: + description: Key-value pairs to configure encryption at rest. + type: object + properties: + KmsKeyArn: + type: string + description: The KMS key to use for encrypting data. By default an AWS owned key is used + required: + - KmsKeyArn + additionalProperties: false + LogPublishingOptions: + description: Key-value pairs to configure log publishing. + type: object + properties: + IsLoggingEnabled: + type: boolean + description: Whether logs should be published. + CloudWatchLogDestination: + type: object + description: The destination for OpenSearch Ingestion Service logs sent to Amazon CloudWatch. + properties: + LogGroup: + type: string + minLength: 1 + maxLength: 512 + pattern: \/aws\/vendedlogs\/[\.\-_/#A-Za-z0-9]+ + required: + - LogGroup + additionalProperties: false + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + VpcOptions: + description: Container for the values required to configure VPC access for the pipeline. If you don't specify these values, OpenSearch Ingestion Service creates the pipeline with a public endpoint. + type: object + properties: + SecurityGroupIds: + type: array + x-insertionOrder: false + description: A list of security groups associated with the VPC endpoint. + items: + type: string + minLength: 11 + maxLength: 20 + pattern: sg-\w{8}(\w{9})? + SubnetIds: + type: array + x-insertionOrder: false + description: A list of subnet IDs associated with the VPC endpoint. + items: + type: string + minLength: 15 + maxLength: 24 + pattern: subnet-\w{8}(\w{9})? + required: + - SubnetIds + additionalProperties: false + VpcEndpoint: + description: An OpenSearch Ingestion Service-managed VPC endpoint that will access one or more pipelines. + type: object + properties: + VpcEndpointId: + type: string + description: The unique identifier of the endpoint. + VpcId: + type: string + description: The ID for your VPC. AWS Privatelink generates this value when you create a VPC. + VpcOptions: + $ref: '#/components/schemas/VpcOptions' + additionalProperties: false + Pipeline: + type: object + properties: + BufferOptions: + $ref: '#/components/schemas/BufferOptions' + EncryptionAtRestOptions: + $ref: '#/components/schemas/EncryptionAtRestOptions' + LogPublishingOptions: + $ref: '#/components/schemas/LogPublishingOptions' + MaxUnits: + description: The maximum pipeline capacity, in Ingestion Compute Units (ICUs). + type: integer + minimum: 1 + maximum: 24 + MinUnits: + description: The minimum pipeline capacity, in Ingestion Compute Units (ICUs). + type: integer + minimum: 1 + maximum: 24 + PipelineConfigurationBody: + description: The Data Prepper pipeline configuration in YAML format. + type: string + minLength: 1 + maxLength: 12000 + PipelineName: + description: Name of the OpenSearch Ingestion Service pipeline to create. Pipeline names are unique across the pipelines owned by an account within an AWS Region. + type: string + minLength: 3 + maxLength: 28 + pattern: '[a-z][a-z0-9\-]+' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + VpcOptions: + $ref: '#/components/schemas/VpcOptions' + VpcEndpoints: + type: array + x-insertionOrder: false + description: The VPC interface endpoints that have access to the pipeline. + items: + $ref: '#/components/schemas/VpcEndpoint' + PipelineArn: + description: The Amazon Resource Name (ARN) of the pipeline. + type: string + minLength: 46 + maxLength: 76 + pattern: ^arn:(aws|aws\-cn|aws\-us\-gov|aws\-iso|aws\-iso\-b):osis:.+:pipeline\/.+$ + IngestEndpointUrls: + type: array + x-insertionOrder: false + description: A list of endpoints that can be used for ingesting data into a pipeline + items: + type: string + required: + - MaxUnits + - MinUnits + - PipelineConfigurationBody + - PipelineName + x-stackql-resource-name: pipeline + x-stackql-primaryIdentifier: + - PipelineArn + x-create-only-properties: + - PipelineName + x-read-only-properties: + - PipelineArn + - IngestEndpointUrls + - VpcEndpoints + x-required-permissions: + create: + - osis:CreatePipeline + - osis:GetPipeline + - osis:TagResource + - osis:ListTagsForResource + - iam:PassRole + - iam:CreateServiceLinkedRole + - logs:CreateLogDelivery + - kms:DescribeKey + read: + - osis:GetPipeline + - osis:ListTagsForResource + update: + - osis:UpdatePipeline + - osis:GetPipeline + - osis:ListTagsForResource + - osis:TagResource + - osis:UntagResource + - iam:PassRole + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:ListLogDeliveries + - kms:DescribeKey + delete: + - osis:DeletePipeline + - osis:GetPipeline + - logs:GetLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + list: + - osis:ListPipelines + x-stackQL-resources: + pipelines: + name: pipelines + id: awscc.osis.pipelines + x-cfn-schema-name: Pipeline + x-type: list + x-identifiers: + - PipelineArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PipelineArn') as pipeline_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OSIS::Pipeline' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PipelineArn') as pipeline_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::OSIS::Pipeline' + AND region = 'us-east-1' + pipeline: + name: pipeline + id: awscc.osis.pipeline + x-cfn-schema-name: Pipeline + x-type: get + x-identifiers: + - PipelineArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BufferOptions') as buffer_options, + JSON_EXTRACT(Properties, '$.EncryptionAtRestOptions') as encryption_at_rest_options, + JSON_EXTRACT(Properties, '$.LogPublishingOptions') as log_publishing_options, + JSON_EXTRACT(Properties, '$.MaxUnits') as max_units, + JSON_EXTRACT(Properties, '$.MinUnits') as min_units, + JSON_EXTRACT(Properties, '$.PipelineConfigurationBody') as pipeline_configuration_body, + JSON_EXTRACT(Properties, '$.PipelineName') as pipeline_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcOptions') as vpc_options, + JSON_EXTRACT(Properties, '$.VpcEndpoints') as vpc_endpoints, + JSON_EXTRACT(Properties, '$.PipelineArn') as pipeline_arn, + JSON_EXTRACT(Properties, '$.IngestEndpointUrls') as ingest_endpoint_urls + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OSIS::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BufferOptions') as buffer_options, + json_extract_path_text(Properties, 'EncryptionAtRestOptions') as encryption_at_rest_options, + json_extract_path_text(Properties, 'LogPublishingOptions') as log_publishing_options, + json_extract_path_text(Properties, 'MaxUnits') as max_units, + json_extract_path_text(Properties, 'MinUnits') as min_units, + json_extract_path_text(Properties, 'PipelineConfigurationBody') as pipeline_configuration_body, + json_extract_path_text(Properties, 'PipelineName') as pipeline_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcOptions') as vpc_options, + json_extract_path_text(Properties, 'VpcEndpoints') as vpc_endpoints, + json_extract_path_text(Properties, 'PipelineArn') as pipeline_arn, + json_extract_path_text(Properties, 'IngestEndpointUrls') as ingest_endpoint_urls + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::OSIS::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/panorama.yaml b/providers/src/awscc/v00.00.00000/services/panorama.yaml new file mode 100644 index 00000000..ed438d21 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/panorama.yaml @@ -0,0 +1,658 @@ +openapi: 3.0.0 +info: + title: Panorama + version: 1.0.0 +paths: {} +components: + schemas: + DefaultRuntimeContextDevice: + minLength: 1 + pattern: ^[a-zA-Z0-9\-\_]+$ + type: string + maxLength: 255 + Description: + minLength: 0 + pattern: ^.*$ + type: string + maxLength: 255 + DeviceId: + minLength: 1 + pattern: ^[a-zA-Z0-9\-\_]+$ + type: string + maxLength: 255 + ApplicationInstanceStatus: + type: string + enum: + - DEPLOYMENT_PENDING + - DEPLOYMENT_REQUESTED + - DEPLOYMENT_IN_PROGRESS + - DEPLOYMENT_ERROR + - DEPLOYMENT_SUCCEEDED + - REMOVAL_PENDING + - REMOVAL_REQUESTED + - REMOVAL_IN_PROGRESS + - REMOVAL_FAILED + - REMOVAL_SUCCEEDED + ManifestOverridesPayload: + additionalProperties: false + type: object + properties: + PayloadData: + $ref: '#/components/schemas/ManifestOverridesPayloadData' + RuntimeRoleArn: + minLength: 1 + pattern: ^arn:[a-z0-9][-.a-z0-9]{0,62}:iam::[0-9]{12}:role/.+$ + type: string + maxLength: 255 + Timestamp: + type: integer + Name: + minLength: 1 + pattern: ^[a-zA-Z0-9\-\_]+$ + type: string + maxLength: 255 + ApplicationInstanceId: + minLength: 1 + pattern: ^[a-zA-Z0-9\-\_]+$ + type: string + maxLength: 255 + ManifestPayloadData: + minLength: 1 + pattern: ^.+$ + type: string + maxLength: 51200 + ApplicationInstanceHealthStatus: + type: string + enum: + - RUNNING + - ERROR + - NOT_AVAILABLE + StatusFilter: + type: string + enum: + - DEPLOYMENT_SUCCEEDED + - DEPLOYMENT_ERROR + - REMOVAL_SUCCEEDED + - REMOVAL_FAILED + - PROCESSING_DEPLOYMENT + - PROCESSING_REMOVAL + TagList: + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + ManifestPayload: + additionalProperties: false + type: object + properties: + PayloadData: + $ref: '#/components/schemas/ManifestPayloadData' + ApplicationInstanceArn: + minLength: 1 + type: string + maxLength: 255 + ManifestOverridesPayloadData: + minLength: 0 + pattern: ^.+$ + type: string + maxLength: 51200 + ApplicationInstanceStatusDescription: + minLength: 1 + type: string + maxLength: 255 + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + pattern: ^.+$ + Value: + type: string + minLength: 0 + maxLength: 256 + pattern: ^.+$ + required: + - Key + - Value + additionalProperties: false + DeviceName: + minLength: 1 + pattern: ^[a-zA-Z0-9\-\_]+$ + type: string + maxLength: 255 + ApplicationInstance: + type: object + properties: + DefaultRuntimeContextDeviceName: + $ref: '#/components/schemas/DeviceName' + Status: + $ref: '#/components/schemas/ApplicationInstanceStatus' + DefaultRuntimeContextDevice: + $ref: '#/components/schemas/DefaultRuntimeContextDevice' + Description: + $ref: '#/components/schemas/Description' + ApplicationInstanceIdToReplace: + $ref: '#/components/schemas/ApplicationInstanceId' + CreatedTime: + $ref: '#/components/schemas/Timestamp' + HealthStatus: + $ref: '#/components/schemas/ApplicationInstanceHealthStatus' + ManifestOverridesPayload: + $ref: '#/components/schemas/ManifestOverridesPayload' + LastUpdatedTime: + $ref: '#/components/schemas/Timestamp' + RuntimeRoleArn: + $ref: '#/components/schemas/RuntimeRoleArn' + Name: + $ref: '#/components/schemas/Name' + ApplicationInstanceId: + $ref: '#/components/schemas/ApplicationInstanceId' + StatusDescription: + $ref: '#/components/schemas/ApplicationInstanceStatusDescription' + ManifestPayload: + $ref: '#/components/schemas/ManifestPayload' + Arn: + $ref: '#/components/schemas/ApplicationInstanceArn' + Tags: + $ref: '#/components/schemas/TagList' + required: + - ManifestPayload + - DefaultRuntimeContextDevice + x-stackql-resource-name: application_instance + x-stackql-primaryIdentifier: + - ApplicationInstanceId + x-create-only-properties: + - Name + - Description + - ManifestPayload + - ManifestOverridesPayload + - RuntimeRoleArn + - DefaultRuntimeContextDevice + - ApplicationInstanceIdToReplace + x-read-only-properties: + - ApplicationInstanceId + - Arn + - Status + - HealthStatus + - StatusDescription + - DefaultRuntimeContextDeviceName + - CreatedTime + - LastUpdatedTime + x-required-permissions: + read: + - panorama:DescribeApplicationInstance + - panorama:DescribeApplicationInstanceDetails + - panorama:ListTagsForResource + - s3:ListObjects + - s3:GetObject + - s3:GetObjectVersion + create: + - panorama:CreateApplicationInstance + - panorama:ListTagsForResource + - panorama:TagResource + - panorama:DescribeApplicationInstance + - panorama:DescribeApplicationInstanceDetails + - iam:PassRole + - s3:ListBucket + - s3:PutObject + - s3:GetObject + - s3:GetObjectVersion + update: + - panorama:ListTagsForResource + - panorama:TagResource + - panorama:UntagResource + - panorama:DescribeApplicationInstance + - panorama:DescribeApplicationInstanceDetails + - s3:ListObjects + - s3:GetObject + - s3:GetObjectVersion + list: + - panorama:ListApplicationInstances + - s3:ListBucket + - s3:GetObject + - s3:GetObjectVersion + delete: + - panorama:RemoveApplicationInstance + - panorama:DescribeApplicationInstance + - panorama:DescribeApplicationInstanceDetails + - s3:DeleteObject + - s3:DeleteObjectVersion + - s3:DeleteObjectVersionTagging + - s3:ListObjects + - s3:GetObject + - s3:GetObjectVersion + NodePackageName: + type: string + minLength: 1 + maxLength: 128 + pattern: ^[a-zA-Z0-9\-\_]+$ + NodePackageId: + type: string + minLength: 1 + maxLength: 255 + pattern: ^[a-zA-Z0-9\-\_\/]+$ + NodePackageArn: + type: string + minLength: 1 + maxLength: 255 + StorageLocation: + type: object + properties: + Bucket: + type: string + RepoPrefixLocation: + type: string + GeneratedPrefixLocation: + type: string + BinaryPrefixLocation: + type: string + ManifestPrefixLocation: + type: string + additionalProperties: false + Package: + type: object + properties: + PackageName: + $ref: '#/components/schemas/NodePackageName' + PackageId: + $ref: '#/components/schemas/NodePackageId' + Arn: + $ref: '#/components/schemas/NodePackageArn' + StorageLocation: + $ref: '#/components/schemas/StorageLocation' + CreatedTime: + $ref: '#/components/schemas/Timestamp' + Tags: + $ref: '#/components/schemas/TagList' + required: + - PackageName + x-stackql-resource-name: package + x-stackql-primaryIdentifier: + - PackageId + x-create-only-properties: + - PackageName + x-read-only-properties: + - PackageId + - Arn + - CreatedTime + - StorageLocation/Bucket + - StorageLocation/RepoPrefixLocation + - StorageLocation/GeneratedPrefixLocation + - StorageLocation/BinaryPrefixLocation + - StorageLocation/ManifestPrefixLocation + x-required-permissions: + create: + - panorama:CreatePackage + - panorama:ListTagsForResource + - panorama:TagResource + - panorama:DescribePackage + - s3:ListBucket + - s3:PutObject + - s3:GetObject + - s3:GetObjectVersion + read: + - panorama:DescribePackage + - panorama:ListTagsForResource + - s3:ListBucket + - s3:GetObject + - s3:GetObjectVersion + update: + - panorama:DescribePackage + - panorama:ListTagsForResource + - panorama:TagResource + - panorama:UntagResource + - s3:PutObject + - s3:ListBucket + - s3:GetObject + - s3:GetObjectVersion + list: + - panorama:ListPackages + - s3:ListBucket + - s3:GetObject + - s3:GetObjectVersion + delete: + - panorama:DeletePackage + - panorama:DescribePackage + - s3:DeleteObject + - s3:DeleteObjectVersion + - s3:DeleteObjectVersionTagging + - s3:ListObjects + - s3:ListObjectsV2 + - s3:ListBucket + - s3:GetObject + - s3:GetObjectVersion + PackageOwnerAccount: + type: string + minLength: 1 + maxLength: 12 + pattern: ^[0-9a-z\_]+$ + NodePackageVersion: + type: string + minLength: 1 + maxLength: 255 + pattern: ^([0-9]+)\.([0-9]+)$ + NodePackagePatchVersion: + type: string + minLength: 1 + maxLength: 255 + pattern: ^[a-z0-9]+$ + PackageVersionStatus: + type: string + enum: + - REGISTER_PENDING + - REGISTER_COMPLETED + - FAILED + - DELETING + PackageVersionStatusDescription: + type: string + minLength: 1 + maxLength: 255 + TimeStamp: + type: integer + PackageVersion: + type: object + properties: + OwnerAccount: + $ref: '#/components/schemas/PackageOwnerAccount' + PackageId: + $ref: '#/components/schemas/NodePackageId' + PackageArn: + $ref: '#/components/schemas/NodePackageArn' + PackageVersion: + $ref: '#/components/schemas/NodePackageVersion' + PatchVersion: + $ref: '#/components/schemas/NodePackagePatchVersion' + MarkLatest: + type: boolean + IsLatestPatch: + type: boolean + PackageName: + $ref: '#/components/schemas/NodePackageName' + Status: + $ref: '#/components/schemas/PackageVersionStatus' + StatusDescription: + $ref: '#/components/schemas/PackageVersionStatusDescription' + RegisteredTime: + $ref: '#/components/schemas/TimeStamp' + UpdatedLatestPatchVersion: + $ref: '#/components/schemas/NodePackagePatchVersion' + required: + - PackageId + - PackageVersion + - PatchVersion + x-stackql-resource-name: package_version + x-stackql-primaryIdentifier: + - PackageId + - PackageVersion + - PatchVersion + x-create-only-properties: + - OwnerAccount + - PackageId + - PackageVersion + - PatchVersion + x-read-only-properties: + - PackageName + - PackageArn + - Status + - StatusDescription + - IsLatestPatch + - RegisteredTime + x-required-permissions: + create: + - panorama:RegisterPackageVersion + - panorama:DescribePackageVersion + - s3:ListBucket + - s3:PutObject + - s3:GetObject + - s3:GetObjectVersion + read: + - panorama:DescribePackageVersion + - s3:ListBucket + - s3:GetObject + - s3:GetObjectVersion + update: + - panorama:DescribePackageVersion + - panorama:RegisterPackageVersion + - s3:ListBucket + - s3:PutObject + - s3:GetObject + - s3:GetObjectVersion + delete: + - panorama:DeregisterPackageVersion + - panorama:DescribePackageVersion + - s3:DeleteObject + - s3:DeleteObjectVersion + - s3:DeleteObjectVersionTagging + - s3:ListBucket + - s3:GetObject + - s3:GetObjectVersion + x-stackQL-resources: + application_instances: + name: application_instances + id: awscc.panorama.application_instances + x-cfn-schema-name: ApplicationInstance + x-type: list + x-identifiers: + - ApplicationInstanceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationInstanceId') as application_instance_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Panorama::ApplicationInstance' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationInstanceId') as application_instance_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Panorama::ApplicationInstance' + AND region = 'us-east-1' + application_instance: + name: application_instance + id: awscc.panorama.application_instance + x-cfn-schema-name: ApplicationInstance + x-type: get + x-identifiers: + - ApplicationInstanceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DefaultRuntimeContextDeviceName') as default_runtime_context_device_name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.DefaultRuntimeContextDevice') as default_runtime_context_device, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ApplicationInstanceIdToReplace') as application_instance_id_to_replace, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.HealthStatus') as health_status, + JSON_EXTRACT(Properties, '$.ManifestOverridesPayload') as manifest_overrides_payload, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.RuntimeRoleArn') as runtime_role_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ApplicationInstanceId') as application_instance_id, + JSON_EXTRACT(Properties, '$.StatusDescription') as status_description, + JSON_EXTRACT(Properties, '$.ManifestPayload') as manifest_payload, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Panorama::ApplicationInstance' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DefaultRuntimeContextDeviceName') as default_runtime_context_device_name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'DefaultRuntimeContextDevice') as default_runtime_context_device, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ApplicationInstanceIdToReplace') as application_instance_id_to_replace, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'HealthStatus') as health_status, + json_extract_path_text(Properties, 'ManifestOverridesPayload') as manifest_overrides_payload, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'RuntimeRoleArn') as runtime_role_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ApplicationInstanceId') as application_instance_id, + json_extract_path_text(Properties, 'StatusDescription') as status_description, + json_extract_path_text(Properties, 'ManifestPayload') as manifest_payload, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Panorama::ApplicationInstance' + AND data__Identifier = '' + AND region = 'us-east-1' + packages: + name: packages + id: awscc.panorama.packages + x-cfn-schema-name: Package + x-type: list + x-identifiers: + - PackageId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PackageId') as package_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Panorama::Package' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PackageId') as package_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Panorama::Package' + AND region = 'us-east-1' + package: + name: package + id: awscc.panorama.package + x-cfn-schema-name: Package + x-type: get + x-identifiers: + - PackageId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PackageName') as package_name, + JSON_EXTRACT(Properties, '$.PackageId') as package_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.StorageLocation') as storage_location, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Panorama::Package' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PackageName') as package_name, + json_extract_path_text(Properties, 'PackageId') as package_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'StorageLocation') as storage_location, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Panorama::Package' + AND data__Identifier = '' + AND region = 'us-east-1' + package_versions: + name: package_versions + id: awscc.panorama.package_versions + x-cfn-schema-name: PackageVersion + x-type: list + x-identifiers: + - PackageId + - PackageVersion + - PatchVersion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PackageId') as package_id, + JSON_EXTRACT(Properties, '$.PackageVersion') as package_version, + JSON_EXTRACT(Properties, '$.PatchVersion') as patch_version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Panorama::PackageVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PackageId') as package_id, + json_extract_path_text(Properties, 'PackageVersion') as package_version, + json_extract_path_text(Properties, 'PatchVersion') as patch_version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Panorama::PackageVersion' + AND region = 'us-east-1' + package_version: + name: package_version + id: awscc.panorama.package_version + x-cfn-schema-name: PackageVersion + x-type: get + x-identifiers: + - PackageId + - PackageVersion + - PatchVersion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OwnerAccount') as owner_account, + JSON_EXTRACT(Properties, '$.PackageId') as package_id, + JSON_EXTRACT(Properties, '$.PackageArn') as package_arn, + JSON_EXTRACT(Properties, '$.PackageVersion') as package_version, + JSON_EXTRACT(Properties, '$.PatchVersion') as patch_version, + JSON_EXTRACT(Properties, '$.MarkLatest') as mark_latest, + JSON_EXTRACT(Properties, '$.IsLatestPatch') as is_latest_patch, + JSON_EXTRACT(Properties, '$.PackageName') as package_name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusDescription') as status_description, + JSON_EXTRACT(Properties, '$.RegisteredTime') as registered_time, + JSON_EXTRACT(Properties, '$.UpdatedLatestPatchVersion') as updated_latest_patch_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Panorama::PackageVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OwnerAccount') as owner_account, + json_extract_path_text(Properties, 'PackageId') as package_id, + json_extract_path_text(Properties, 'PackageArn') as package_arn, + json_extract_path_text(Properties, 'PackageVersion') as package_version, + json_extract_path_text(Properties, 'PatchVersion') as patch_version, + json_extract_path_text(Properties, 'MarkLatest') as mark_latest, + json_extract_path_text(Properties, 'IsLatestPatch') as is_latest_patch, + json_extract_path_text(Properties, 'PackageName') as package_name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusDescription') as status_description, + json_extract_path_text(Properties, 'RegisteredTime') as registered_time, + json_extract_path_text(Properties, 'UpdatedLatestPatchVersion') as updated_latest_patch_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Panorama::PackageVersion' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/pcaconnectorad.yaml b/providers/src/awscc/v00.00.00000/services/pcaconnectorad.yaml new file mode 100644 index 00000000..7364dddd --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/pcaconnectorad.yaml @@ -0,0 +1,1229 @@ +openapi: 3.0.0 +info: + title: PCAConnectorAD + version: 1.0.0 +paths: {} +components: + schemas: + Tags: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + VpcInformation: + type: object + properties: + SecurityGroupIds: + type: array + items: + type: string + maxLength: 20 + minLength: 11 + pattern: ^(?:sg-[0-9a-f]{8}|sg-[0-9a-f]{17})$ + maxItems: 5 + minItems: 1 + uniqueItems: true + required: + - SecurityGroupIds + additionalProperties: false + Connector: + type: object + properties: + CertificateAuthorityArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:acm-pca:[\w-]+:[0-9]+:certificate-authority(\/[\w-]+)$ + ConnectorArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:connector(\/[\w-]+)$ + DirectoryId: + type: string + pattern: ^d-[0-9a-f]{10}$ + Tags: + $ref: '#/components/schemas/Tags' + VpcInformation: + $ref: '#/components/schemas/VpcInformation' + required: + - CertificateAuthorityArn + - DirectoryId + - VpcInformation + x-stackql-resource-name: connector + x-stackql-primaryIdentifier: + - ConnectorArn + x-create-only-properties: + - CertificateAuthorityArn + - DirectoryId + - VpcInformation + x-read-only-properties: + - ConnectorArn + x-required-permissions: + create: + - acm-pca:DescribeCertificateAuthority + - acm-pca:GetCertificateAuthorityCertificate + - acm-pca:GetCertificate + - acm-pca:IssueCertificate + - ds:DescribeDirectories + - ec2:CreateTags + - ec2:CreateVpcEndpoint + - ec2:DescribeVpcEndpoints + - pca-connector-ad:CreateConnector + - pca-connector-ad:GetConnector + read: + - pca-connector-ad:ListTagsForResource + - pca-connector-ad:GetConnector + delete: + - pca-connector-ad:GetConnector + - pca-connector-ad:DeleteConnector + - ec2:DeleteVpcEndpoints + - ec2:DescribeVpcEndpoints + list: + - pca-connector-ad:ListConnectors + update: + - pca-connector-ad:ListTagsForResource + - pca-connector-ad:TagResource + - pca-connector-ad:UntagResource + DirectoryRegistration: + type: object + properties: + DirectoryId: + type: string + pattern: ^d-[0-9a-f]{10}$ + DirectoryRegistrationArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:directory-registration(\/[\w-]+)$ + Tags: + $ref: '#/components/schemas/Tags' + required: + - DirectoryId + x-stackql-resource-name: directory_registration + x-stackql-primaryIdentifier: + - DirectoryRegistrationArn + x-create-only-properties: + - DirectoryId + x-read-only-properties: + - DirectoryRegistrationArn + x-required-permissions: + create: + - pca-connector-ad:GetDirectoryRegistration + - pca-connector-ad:CreateDirectoryRegistration + - ds:AuthorizeApplication + - ds:DescribeDirectories + read: + - pca-connector-ad:ListTagsForResource + - pca-connector-ad:GetDirectoryRegistration + delete: + - pca-connector-ad:GetDirectoryRegistration + - pca-connector-ad:DeleteDirectoryRegistration + - ds:DescribeDirectories + - ds:UnauthorizeApplication + - ds:UpdateAuthorizedApplication + list: + - pca-connector-ad:ListDirectoryRegistrations + update: + - pca-connector-ad:ListTagsForResource + - pca-connector-ad:TagResource + - pca-connector-ad:UntagResource + ServicePrincipalName: + type: object + properties: + ConnectorArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:connector(\/[\w-]+)$ + DirectoryRegistrationArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:directory-registration(\/[\w-]+)$ + x-stackql-resource-name: service_principal_name + x-stackql-primaryIdentifier: + - ConnectorArn + - DirectoryRegistrationArn + x-create-only-properties: + - ConnectorArn + - DirectoryRegistrationArn + x-required-permissions: + create: + - ds:UpdateAuthorizedApplication + - pca-connector-ad:GetServicePrincipalName + - pca-connector-ad:CreateServicePrincipalName + read: + - pca-connector-ad:GetServicePrincipalName + delete: + - ds:UpdateAuthorizedApplication + - pca-connector-ad:GetServicePrincipalName + - pca-connector-ad:DeleteServicePrincipalName + list: + - pca-connector-ad:ListServicePrincipalNames + ApplicationPolicies: + type: object + properties: + Critical: + type: boolean + Policies: + type: array + items: + $ref: '#/components/schemas/ApplicationPolicy' + maxItems: 100 + minItems: 1 + uniqueItems: true + required: + - Policies + additionalProperties: false + ApplicationPolicy: + oneOf: + - type: object + title: PolicyType + properties: + PolicyType: + $ref: '#/components/schemas/ApplicationPolicyType' + required: + - PolicyType + additionalProperties: false + - type: object + title: PolicyObjectIdentifier + properties: + PolicyObjectIdentifier: + type: string + maxLength: 64 + minLength: 1 + pattern: ^([0-2])\.([0-9]|([0-3][0-9]))(\.([0-9]+)){0,126}$ + required: + - PolicyObjectIdentifier + additionalProperties: false + ApplicationPolicyType: + type: string + enum: + - ALL_APPLICATION_POLICIES + - ANY_PURPOSE + - ATTESTATION_IDENTITY_KEY_CERTIFICATE + - CERTIFICATE_REQUEST_AGENT + - CLIENT_AUTHENTICATION + - CODE_SIGNING + - CTL_USAGE + - DIGITAL_RIGHTS + - DIRECTORY_SERVICE_EMAIL_REPLICATION + - DISALLOWED_LIST + - DNS_SERVER_TRUST + - DOCUMENT_ENCRYPTION + - DOCUMENT_SIGNING + - DYNAMIC_CODE_GENERATOR + - EARLY_LAUNCH_ANTIMALWARE_DRIVER + - EMBEDDED_WINDOWS_SYSTEM_COMPONENT_VERIFICATION + - ENCLAVE + - ENCRYPTING_FILE_SYSTEM + - ENDORSEMENT_KEY_CERTIFICATE + - FILE_RECOVERY + - HAL_EXTENSION + - IP_SECURITY_END_SYSTEM + - IP_SECURITY_IKE_INTERMEDIATE + - IP_SECURITY_TUNNEL_TERMINATION + - IP_SECURITY_USER + - ISOLATED_USER_MODE + - KDC_AUTHENTICATION + - KERNEL_MODE_CODE_SIGNING + - KEY_PACK_LICENSES + - KEY_RECOVERY + - KEY_RECOVERY_AGENT + - LICENSE_SERVER_VERIFICATION + - LIFETIME_SIGNING + - MICROSOFT_PUBLISHER + - MICROSOFT_TIME_STAMPING + - MICROSOFT_TRUST_LIST_SIGNING + - OCSP_SIGNING + - OEM_WINDOWS_SYSTEM_COMPONENT_VERIFICATION + - PLATFORM_CERTIFICATE + - PREVIEW_BUILD_SIGNING + - PRIVATE_KEY_ARCHIVAL + - PROTECTED_PROCESS_LIGHT_VERIFICATION + - PROTECTED_PROCESS_VERIFICATION + - QUALIFIED_SUBORDINATION + - REVOKED_LIST_SIGNER + - ROOT_PROGRAM_AUTO_UPDATE_CA_REVOCATION + - ROOT_PROGRAM_AUTO_UPDATE_END_REVOCATION + - ROOT_PROGRAM_NO_OSCP_FAILOVER_TO_CRL + - ROOT_LIST_SIGNER + - SECURE_EMAIL + - SERVER_AUTHENTICATION + - SMART_CARD_LOGIN + - SPC_ENCRYPTED_DIGEST_RETRY_COUNT + - SPC_RELAXED_PE_MARKER_CHECK + - TIME_STAMPING + - WINDOWS_HARDWARE_DRIVER_ATTESTED_VERIFICATION + - WINDOWS_HARDWARE_DRIVER_EXTENDED_VERIFICATION + - WINDOWS_HARDWARE_DRIVER_VERIFICATION + - WINDOWS_HELLO_RECOVERY_KEY_ENCRYPTION + - WINDOWS_KITS_COMPONENT + - WINDOWS_RT_VERIFICATION + - WINDOWS_SOFTWARE_EXTENSION_VERIFICATION + - WINDOWS_STORE + - WINDOWS_SYSTEM_COMPONENT_VERIFICATION + - WINDOWS_TCB_COMPONENT + - WINDOWS_THIRD_PARTY_APPLICATION_COMPONENT + - WINDOWS_UPDATE + CertificateValidity: + type: object + properties: + ValidityPeriod: + $ref: '#/components/schemas/ValidityPeriod' + RenewalPeriod: + $ref: '#/components/schemas/ValidityPeriod' + required: + - RenewalPeriod + - ValidityPeriod + additionalProperties: false + ClientCompatibilityV2: + type: string + enum: + - WINDOWS_SERVER_2003 + - WINDOWS_SERVER_2008 + - WINDOWS_SERVER_2008_R2 + - WINDOWS_SERVER_2012 + - WINDOWS_SERVER_2012_R2 + - WINDOWS_SERVER_2016 + ClientCompatibilityV3: + type: string + enum: + - WINDOWS_SERVER_2008 + - WINDOWS_SERVER_2008_R2 + - WINDOWS_SERVER_2012 + - WINDOWS_SERVER_2012_R2 + - WINDOWS_SERVER_2016 + ClientCompatibilityV4: + type: string + enum: + - WINDOWS_SERVER_2012 + - WINDOWS_SERVER_2012_R2 + - WINDOWS_SERVER_2016 + EnrollmentFlagsV2: + type: object + properties: + IncludeSymmetricAlgorithms: + type: boolean + UserInteractionRequired: + type: boolean + RemoveInvalidCertificateFromPersonalStore: + type: boolean + NoSecurityExtension: + type: boolean + EnableKeyReuseOnNtTokenKeysetStorageFull: + type: boolean + additionalProperties: false + EnrollmentFlagsV3: + type: object + properties: + IncludeSymmetricAlgorithms: + type: boolean + UserInteractionRequired: + type: boolean + RemoveInvalidCertificateFromPersonalStore: + type: boolean + NoSecurityExtension: + type: boolean + EnableKeyReuseOnNtTokenKeysetStorageFull: + type: boolean + additionalProperties: false + EnrollmentFlagsV4: + type: object + properties: + IncludeSymmetricAlgorithms: + type: boolean + UserInteractionRequired: + type: boolean + RemoveInvalidCertificateFromPersonalStore: + type: boolean + NoSecurityExtension: + type: boolean + EnableKeyReuseOnNtTokenKeysetStorageFull: + type: boolean + additionalProperties: false + ExtensionsV2: + type: object + properties: + KeyUsage: + $ref: '#/components/schemas/KeyUsage' + ApplicationPolicies: + $ref: '#/components/schemas/ApplicationPolicies' + required: + - KeyUsage + additionalProperties: false + ExtensionsV3: + type: object + properties: + KeyUsage: + $ref: '#/components/schemas/KeyUsage' + ApplicationPolicies: + $ref: '#/components/schemas/ApplicationPolicies' + required: + - KeyUsage + additionalProperties: false + ExtensionsV4: + type: object + properties: + KeyUsage: + $ref: '#/components/schemas/KeyUsage' + ApplicationPolicies: + $ref: '#/components/schemas/ApplicationPolicies' + required: + - KeyUsage + additionalProperties: false + GeneralFlagsV2: + type: object + properties: + AutoEnrollment: + type: boolean + MachineType: + type: boolean + additionalProperties: false + GeneralFlagsV3: + type: object + properties: + AutoEnrollment: + type: boolean + MachineType: + type: boolean + additionalProperties: false + GeneralFlagsV4: + type: object + properties: + AutoEnrollment: + type: boolean + MachineType: + type: boolean + additionalProperties: false + HashAlgorithm: + type: string + enum: + - SHA256 + - SHA384 + - SHA512 + KeySpec: + type: string + enum: + - KEY_EXCHANGE + - SIGNATURE + KeyUsage: + type: object + properties: + Critical: + type: boolean + UsageFlags: + $ref: '#/components/schemas/KeyUsageFlags' + required: + - UsageFlags + additionalProperties: false + KeyUsageFlags: + type: object + properties: + DigitalSignature: + type: boolean + NonRepudiation: + type: boolean + KeyEncipherment: + type: boolean + DataEncipherment: + type: boolean + KeyAgreement: + type: boolean + additionalProperties: false + KeyUsageProperty: + oneOf: + - type: object + title: PropertyType + properties: + PropertyType: + $ref: '#/components/schemas/KeyUsagePropertyType' + required: + - PropertyType + additionalProperties: false + - type: object + title: PropertyFlags + properties: + PropertyFlags: + $ref: '#/components/schemas/KeyUsagePropertyFlags' + required: + - PropertyFlags + additionalProperties: false + KeyUsagePropertyFlags: + type: object + properties: + Decrypt: + type: boolean + KeyAgreement: + type: boolean + Sign: + type: boolean + additionalProperties: false + KeyUsagePropertyType: + type: string + enum: + - ALL + PrivateKeyAlgorithm: + type: string + enum: + - RSA + - ECDH_P256 + - ECDH_P384 + - ECDH_P521 + PrivateKeyAttributesV2: + type: object + properties: + MinimalKeyLength: + type: number + minimum: 1 + KeySpec: + $ref: '#/components/schemas/KeySpec' + CryptoProviders: + type: array + items: + type: string + maxLength: 100 + minLength: 1 + maxItems: 100 + minItems: 1 + uniqueItems: true + required: + - KeySpec + - MinimalKeyLength + additionalProperties: false + PrivateKeyAttributesV3: + type: object + properties: + MinimalKeyLength: + type: number + minimum: 1 + KeySpec: + $ref: '#/components/schemas/KeySpec' + CryptoProviders: + type: array + items: + type: string + maxLength: 100 + minLength: 1 + maxItems: 100 + minItems: 1 + uniqueItems: true + KeyUsageProperty: + $ref: '#/components/schemas/KeyUsageProperty' + Algorithm: + $ref: '#/components/schemas/PrivateKeyAlgorithm' + required: + - Algorithm + - KeySpec + - KeyUsageProperty + - MinimalKeyLength + additionalProperties: false + PrivateKeyAttributesV4: + type: object + properties: + MinimalKeyLength: + type: number + minimum: 1 + KeySpec: + $ref: '#/components/schemas/KeySpec' + CryptoProviders: + type: array + items: + type: string + maxLength: 100 + minLength: 1 + maxItems: 100 + minItems: 1 + uniqueItems: true + KeyUsageProperty: + $ref: '#/components/schemas/KeyUsageProperty' + Algorithm: + $ref: '#/components/schemas/PrivateKeyAlgorithm' + required: + - KeySpec + - MinimalKeyLength + additionalProperties: false + PrivateKeyFlagsV2: + type: object + properties: + ExportableKey: + type: boolean + StrongKeyProtectionRequired: + type: boolean + ClientVersion: + $ref: '#/components/schemas/ClientCompatibilityV2' + required: + - ClientVersion + additionalProperties: false + PrivateKeyFlagsV3: + type: object + properties: + ExportableKey: + type: boolean + StrongKeyProtectionRequired: + type: boolean + RequireAlternateSignatureAlgorithm: + type: boolean + ClientVersion: + $ref: '#/components/schemas/ClientCompatibilityV3' + required: + - ClientVersion + additionalProperties: false + PrivateKeyFlagsV4: + type: object + properties: + ExportableKey: + type: boolean + StrongKeyProtectionRequired: + type: boolean + RequireAlternateSignatureAlgorithm: + type: boolean + RequireSameKeyRenewal: + type: boolean + UseLegacyProvider: + type: boolean + ClientVersion: + $ref: '#/components/schemas/ClientCompatibilityV4' + required: + - ClientVersion + additionalProperties: false + SubjectNameFlagsV2: + type: object + properties: + SanRequireDomainDns: + type: boolean + SanRequireSpn: + type: boolean + SanRequireDirectoryGuid: + type: boolean + SanRequireUpn: + type: boolean + SanRequireEmail: + type: boolean + SanRequireDns: + type: boolean + RequireDnsAsCn: + type: boolean + RequireEmail: + type: boolean + RequireCommonName: + type: boolean + RequireDirectoryPath: + type: boolean + additionalProperties: false + SubjectNameFlagsV3: + type: object + properties: + SanRequireDomainDns: + type: boolean + SanRequireSpn: + type: boolean + SanRequireDirectoryGuid: + type: boolean + SanRequireUpn: + type: boolean + SanRequireEmail: + type: boolean + SanRequireDns: + type: boolean + RequireDnsAsCn: + type: boolean + RequireEmail: + type: boolean + RequireCommonName: + type: boolean + RequireDirectoryPath: + type: boolean + additionalProperties: false + SubjectNameFlagsV4: + type: object + properties: + SanRequireDomainDns: + type: boolean + SanRequireSpn: + type: boolean + SanRequireDirectoryGuid: + type: boolean + SanRequireUpn: + type: boolean + SanRequireEmail: + type: boolean + SanRequireDns: + type: boolean + RequireDnsAsCn: + type: boolean + RequireEmail: + type: boolean + RequireCommonName: + type: boolean + RequireDirectoryPath: + type: boolean + additionalProperties: false + TemplateDefinition: + oneOf: + - type: object + title: TemplateV2 + properties: + TemplateV2: + $ref: '#/components/schemas/TemplateV2' + required: + - TemplateV2 + additionalProperties: false + - type: object + title: TemplateV3 + properties: + TemplateV3: + $ref: '#/components/schemas/TemplateV3' + required: + - TemplateV3 + additionalProperties: false + - type: object + title: TemplateV4 + properties: + TemplateV4: + $ref: '#/components/schemas/TemplateV4' + required: + - TemplateV4 + additionalProperties: false + TemplateV2: + type: object + properties: + CertificateValidity: + $ref: '#/components/schemas/CertificateValidity' + SupersededTemplates: + type: array + items: + type: string + maxLength: 64 + minLength: 1 + pattern: ^(?!^\s+$)((?![\x5c'\x2b,;<=>#\x22])([\x20-\x7E]))+$ + maxItems: 100 + minItems: 1 + uniqueItems: true + PrivateKeyAttributes: + $ref: '#/components/schemas/PrivateKeyAttributesV2' + PrivateKeyFlags: + $ref: '#/components/schemas/PrivateKeyFlagsV2' + EnrollmentFlags: + $ref: '#/components/schemas/EnrollmentFlagsV2' + SubjectNameFlags: + $ref: '#/components/schemas/SubjectNameFlagsV2' + GeneralFlags: + $ref: '#/components/schemas/GeneralFlagsV2' + Extensions: + $ref: '#/components/schemas/ExtensionsV2' + required: + - CertificateValidity + - EnrollmentFlags + - Extensions + - GeneralFlags + - PrivateKeyAttributes + - PrivateKeyFlags + - SubjectNameFlags + additionalProperties: false + TemplateV3: + type: object + properties: + CertificateValidity: + $ref: '#/components/schemas/CertificateValidity' + SupersededTemplates: + type: array + items: + type: string + maxLength: 64 + minLength: 1 + pattern: ^(?!^\s+$)((?![\x5c'\x2b,;<=>#\x22])([\x20-\x7E]))+$ + maxItems: 100 + minItems: 1 + uniqueItems: true + PrivateKeyAttributes: + $ref: '#/components/schemas/PrivateKeyAttributesV3' + PrivateKeyFlags: + $ref: '#/components/schemas/PrivateKeyFlagsV3' + EnrollmentFlags: + $ref: '#/components/schemas/EnrollmentFlagsV3' + SubjectNameFlags: + $ref: '#/components/schemas/SubjectNameFlagsV3' + GeneralFlags: + $ref: '#/components/schemas/GeneralFlagsV3' + HashAlgorithm: + $ref: '#/components/schemas/HashAlgorithm' + Extensions: + $ref: '#/components/schemas/ExtensionsV3' + required: + - CertificateValidity + - EnrollmentFlags + - Extensions + - GeneralFlags + - HashAlgorithm + - PrivateKeyAttributes + - PrivateKeyFlags + - SubjectNameFlags + additionalProperties: false + TemplateV4: + type: object + properties: + CertificateValidity: + $ref: '#/components/schemas/CertificateValidity' + SupersededTemplates: + type: array + items: + type: string + maxLength: 64 + minLength: 1 + pattern: ^(?!^\s+$)((?![\x5c'\x2b,;<=>#\x22])([\x20-\x7E]))+$ + maxItems: 100 + minItems: 1 + uniqueItems: true + PrivateKeyAttributes: + $ref: '#/components/schemas/PrivateKeyAttributesV4' + PrivateKeyFlags: + $ref: '#/components/schemas/PrivateKeyFlagsV4' + EnrollmentFlags: + $ref: '#/components/schemas/EnrollmentFlagsV4' + SubjectNameFlags: + $ref: '#/components/schemas/SubjectNameFlagsV4' + GeneralFlags: + $ref: '#/components/schemas/GeneralFlagsV4' + HashAlgorithm: + $ref: '#/components/schemas/HashAlgorithm' + Extensions: + $ref: '#/components/schemas/ExtensionsV4' + required: + - CertificateValidity + - EnrollmentFlags + - Extensions + - GeneralFlags + - PrivateKeyAttributes + - PrivateKeyFlags + - SubjectNameFlags + additionalProperties: false + ValidityPeriod: + type: object + properties: + PeriodType: + $ref: '#/components/schemas/ValidityPeriodType' + Period: + type: number + maximum: 8766000 + minimum: 1 + required: + - Period + - PeriodType + additionalProperties: false + ValidityPeriodType: + type: string + enum: + - HOURS + - DAYS + - WEEKS + - MONTHS + - YEARS + Template: + type: object + properties: + ConnectorArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:connector\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$ + Definition: + $ref: '#/components/schemas/TemplateDefinition' + Name: + type: string + maxLength: 64 + minLength: 1 + pattern: ^(?!^\s+$)((?![\x5c'\x2b,;<=>#\x22])([\x20-\x7E]))+$ + ReenrollAllCertificateHolders: + type: boolean + Tags: + $ref: '#/components/schemas/Tags' + TemplateArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:connector\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\/template\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$ + required: + - ConnectorArn + - Definition + - Name + x-stackql-resource-name: template + x-stackql-primaryIdentifier: + - TemplateArn + x-create-only-properties: + - ConnectorArn + - Name + x-read-only-properties: + - TemplateArn + x-required-permissions: + create: + - pca-connector-ad:CreateTemplate + read: + - pca-connector-ad:GetTemplate + - pca-connector-ad:ListTagsForResource + update: + - pca-connector-ad:ListTagsForResource + - pca-connector-ad:TagResource + - pca-connector-ad:UntagResource + - pca-connector-ad:UpdateTemplate + delete: + - pca-connector-ad:GetTemplate + - pca-connector-ad:DeleteTemplate + list: + - pca-connector-ad:ListTemplates + AccessRight: + type: string + enum: + - ALLOW + - DENY + AccessRights: + type: object + properties: + Enroll: + $ref: '#/components/schemas/AccessRight' + AutoEnroll: + $ref: '#/components/schemas/AccessRight' + additionalProperties: false + TemplateGroupAccessControlEntry: + type: object + properties: + AccessRights: + $ref: '#/components/schemas/AccessRights' + GroupDisplayName: + type: string + maxLength: 256 + minLength: 0 + pattern: ^[\x20-\x7E]+$ + GroupSecurityIdentifier: + type: string + maxLength: 256 + minLength: 7 + pattern: ^S-[0-9]-([0-9]+-){1,14}[0-9]+$ + TemplateArn: + type: string + maxLength: 200 + minLength: 5 + pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:connector(\/[\w-]+)\/template(\/[\w-]+)$ + required: + - AccessRights + - GroupDisplayName + x-stackql-resource-name: template_group_access_control_entry + x-stackql-primaryIdentifier: + - GroupSecurityIdentifier + - TemplateArn + x-create-only-properties: + - GroupSecurityIdentifier + - TemplateArn + x-required-permissions: + create: + - pca-connector-ad:CreateTemplateGroupAccessControlEntry + read: + - pca-connector-ad:GetTemplateGroupAccessControlEntry + update: + - pca-connector-ad:UpdateTemplateGroupAccessControlEntry + delete: + - pca-connector-ad:DeleteTemplateGroupAccessControlEntry + - pca-connector-ad:GetTemplateGroupAccessControlEntry + list: + - pca-connector-ad:ListTemplateGroupAccessControlEntries + x-stackQL-resources: + connectors: + name: connectors + id: awscc.pcaconnectorad.connectors + x-cfn-schema-name: Connector + x-type: list + x-identifiers: + - ConnectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::Connector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::Connector' + AND region = 'us-east-1' + connector: + name: connector + id: awscc.pcaconnectorad.connector + x-cfn-schema-name: Connector + x-type: get + x-identifiers: + - ConnectorArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateAuthorityArn') as certificate_authority_arn, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn, + JSON_EXTRACT(Properties, '$.DirectoryId') as directory_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcInformation') as vpc_information + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateAuthorityArn') as certificate_authority_arn, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn, + json_extract_path_text(Properties, 'DirectoryId') as directory_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcInformation') as vpc_information + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' + directory_registrations: + name: directory_registrations + id: awscc.pcaconnectorad.directory_registrations + x-cfn-schema-name: DirectoryRegistration + x-type: list + x-identifiers: + - DirectoryRegistrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DirectoryRegistrationArn') as directory_registration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::DirectoryRegistration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DirectoryRegistrationArn') as directory_registration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::DirectoryRegistration' + AND region = 'us-east-1' + directory_registration: + name: directory_registration + id: awscc.pcaconnectorad.directory_registration + x-cfn-schema-name: DirectoryRegistration + x-type: get + x-identifiers: + - DirectoryRegistrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DirectoryId') as directory_id, + JSON_EXTRACT(Properties, '$.DirectoryRegistrationArn') as directory_registration_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::DirectoryRegistration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DirectoryId') as directory_id, + json_extract_path_text(Properties, 'DirectoryRegistrationArn') as directory_registration_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::DirectoryRegistration' + AND data__Identifier = '' + AND region = 'us-east-1' + service_principal_names: + name: service_principal_names + id: awscc.pcaconnectorad.service_principal_names + x-cfn-schema-name: ServicePrincipalName + x-type: list + x-identifiers: + - ConnectorArn + - DirectoryRegistrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn, + JSON_EXTRACT(Properties, '$.DirectoryRegistrationArn') as directory_registration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::ServicePrincipalName' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn, + json_extract_path_text(Properties, 'DirectoryRegistrationArn') as directory_registration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::ServicePrincipalName' + AND region = 'us-east-1' + service_principal_name: + name: service_principal_name + id: awscc.pcaconnectorad.service_principal_name + x-cfn-schema-name: ServicePrincipalName + x-type: get + x-identifiers: + - ConnectorArn + - DirectoryRegistrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn, + JSON_EXTRACT(Properties, '$.DirectoryRegistrationArn') as directory_registration_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::ServicePrincipalName' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn, + json_extract_path_text(Properties, 'DirectoryRegistrationArn') as directory_registration_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::ServicePrincipalName' + AND data__Identifier = '' + AND region = 'us-east-1' + templates: + name: templates + id: awscc.pcaconnectorad.templates + x-cfn-schema-name: Template + x-type: list + x-identifiers: + - TemplateArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TemplateArn') as template_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::Template' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TemplateArn') as template_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::Template' + AND region = 'us-east-1' + template: + name: template + id: awscc.pcaconnectorad.template + x-cfn-schema-name: Template + x-type: get + x-identifiers: + - TemplateArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorArn') as connector_arn, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ReenrollAllCertificateHolders') as reenroll_all_certificate_holders, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TemplateArn') as template_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::Template' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorArn') as connector_arn, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ReenrollAllCertificateHolders') as reenroll_all_certificate_holders, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TemplateArn') as template_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::Template' + AND data__Identifier = '' + AND region = 'us-east-1' + template_group_access_control_entries: + name: template_group_access_control_entries + id: awscc.pcaconnectorad.template_group_access_control_entries + x-cfn-schema-name: TemplateGroupAccessControlEntry + x-type: list + x-identifiers: + - GroupSecurityIdentifier + - TemplateArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GroupSecurityIdentifier') as group_security_identifier, + JSON_EXTRACT(Properties, '$.TemplateArn') as template_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::TemplateGroupAccessControlEntry' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GroupSecurityIdentifier') as group_security_identifier, + json_extract_path_text(Properties, 'TemplateArn') as template_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::PCAConnectorAD::TemplateGroupAccessControlEntry' + AND region = 'us-east-1' + template_group_access_control_entry: + name: template_group_access_control_entry + id: awscc.pcaconnectorad.template_group_access_control_entry + x-cfn-schema-name: TemplateGroupAccessControlEntry + x-type: get + x-identifiers: + - GroupSecurityIdentifier + - TemplateArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessRights') as access_rights, + JSON_EXTRACT(Properties, '$.GroupDisplayName') as group_display_name, + JSON_EXTRACT(Properties, '$.GroupSecurityIdentifier') as group_security_identifier, + JSON_EXTRACT(Properties, '$.TemplateArn') as template_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::TemplateGroupAccessControlEntry' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessRights') as access_rights, + json_extract_path_text(Properties, 'GroupDisplayName') as group_display_name, + json_extract_path_text(Properties, 'GroupSecurityIdentifier') as group_security_identifier, + json_extract_path_text(Properties, 'TemplateArn') as template_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::PCAConnectorAD::TemplateGroupAccessControlEntry' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/personalize.yaml b/providers/src/awscc/v00.00.00000/services/personalize.yaml new file mode 100644 index 00000000..fc826537 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/personalize.yaml @@ -0,0 +1,682 @@ +openapi: 3.0.0 +info: + title: Personalize + version: 1.0.0 +paths: {} +components: + schemas: + DatasetImportJob: + description: Initial DatasetImportJob for the created dataset + type: object + properties: + JobName: + description: The name for the dataset import job. + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + minLength: 1 + maxLength: 63 + DatasetImportJobArn: + description: The ARN of the dataset import job + type: string + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + maxLength: 256 + DatasetArn: + description: The ARN of the dataset that receives the imported data + type: string + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + maxLength: 256 + DataSource: + type: object + description: The Amazon S3 bucket that contains the training data to import. + properties: + DataLocation: + description: The path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. + type: string + maxLength: 256 + pattern: (s3|http|https)://.+ + additionalProperties: false + RoleArn: + description: The ARN of the IAM role that has permissions to read from the Amazon S3 data source. + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+ + additionalProperties: false + Dataset: + type: object + properties: + Name: + description: The name for the dataset + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + minLength: 1 + maxLength: 63 + DatasetArn: + description: The ARN of the dataset + type: string + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + maxLength: 256 + DatasetType: + description: The type of dataset + type: string + enum: + - Interactions + - Items + - Users + maxLength: 256 + DatasetGroupArn: + description: The Amazon Resource Name (ARN) of the dataset group to add the dataset to + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + SchemaArn: + description: The ARN of the schema to associate with the dataset. The schema defines the dataset fields. + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + DatasetImportJob: + $ref: '#/components/schemas/DatasetImportJob' + required: + - Name + - DatasetType + - DatasetGroupArn + - SchemaArn + x-stackql-resource-name: dataset + x-stackql-primaryIdentifier: + - DatasetArn + x-create-only-properties: + - Name + - DatasetType + - DatasetGroupArn + - SchemaArn + x-read-only-properties: + - DatasetArn + x-required-permissions: + create: + - personalize:CreateDataset + - personalize:DescribeDataset + - personalize:CreateDatasetImportJob + - personalize:DescribeDatasetImportJob + - iam:PassRole + read: + - personalize:DescribeDataset + update: + - personalize:DescribeDataset + - personalize:CreateDatasetImportJob + - personalize:DescribeDatasetImportJob + - iam:PassRole + delete: + - personalize:DeleteDataset + - personalize:DescribeDataset + list: + - personalize:ListDatasets + DatasetGroup: + type: object + properties: + DatasetGroupArn: + description: The Amazon Resource Name (ARN) of the dataset group. + type: string + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + maxLength: 256 + Name: + description: The name for the new dataset group. + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + KmsKeyArn: + description: The Amazon Resource Name(ARN) of a AWS Key Management Service (KMS) key used to encrypt the datasets. + type: string + maxLength: 2048 + pattern: arn:aws.*:kms:.*:[0-9]{12}:key/.* + RoleArn: + description: The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key. + type: string + pattern: arn:([a-z\d-]+):iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+ + minLength: 0 + maxLength: 256 + Domain: + description: The domain of a Domain dataset group. + type: string + enum: + - ECOMMERCE + - VIDEO_ON_DEMAND + required: + - Name + x-stackql-resource-name: dataset_group + x-stackql-primaryIdentifier: + - DatasetGroupArn + x-create-only-properties: + - Name + - RoleArn + - KmsKeyArn + - Domain + x-read-only-properties: + - DatasetGroupArn + x-required-permissions: + create: + - personalize:CreateDatasetGroup + - personalize:DescribeDatasetGroup + - iam:PassRole + read: + - personalize:DescribeDatasetGroup + delete: + - personalize:DescribeDatasetGroup + - personalize:DeleteDatasetGroup + list: + - personalize:ListDatasetGroups + Schema: + type: object + properties: + Name: + description: Name for the schema. + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + SchemaArn: + description: Arn for the schema. + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + Schema: + description: A schema in Avro JSON format. + type: string + maxLength: 10000 + Domain: + description: The domain of a Domain dataset group. + type: string + enum: + - ECOMMERCE + - VIDEO_ON_DEMAND + required: + - Name + - Schema + x-stackql-resource-name: schema + x-stackql-primaryIdentifier: + - SchemaArn + x-create-only-properties: + - Name + - Schema + - Domain + x-read-only-properties: + - SchemaArn + x-required-permissions: + create: + - personalize:CreateSchema + - personalize:DescribeSchema + read: + - personalize:DescribeSchema + delete: + - personalize:DeleteSchema + - personalize:DescribeSchema + list: + - personalize:ListSchemas + SolutionArn: + description: The ARN of the solution + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + CategoricalHyperParameterRange: + description: Provides the name and values of a Categorical hyperparameter. + type: object + properties: + Name: + description: The name of the hyperparameter. + type: string + maxLength: 256 + Values: + description: A list of the categories for the hyperparameter. + type: array + items: + type: string + maxLength: 1000 + maxItems: 100 + x-insertionOrder: true + additionalProperties: false + ContinuousHyperParameterRange: + description: Provides the name and range of a continuous hyperparameter. + type: object + properties: + Name: + description: The name of the hyperparameter. + type: string + maxLength: 256 + MinValue: + description: The minimum allowable value for the hyperparameter. + type: number + minimum: -1000000 + MaxValue: + description: The maximum allowable value for the hyperparameter. + type: number + minimum: -1000000 + additionalProperties: false + IntegerHyperParameterRange: + description: Provides the name and range of an integer-valued hyperparameter. + type: object + properties: + Name: + description: The name of the hyperparameter. + type: string + maxLength: 256 + MinValue: + description: The minimum allowable value for the hyperparameter. + type: integer + minimum: -1000000 + MaxValue: + description: The maximum allowable value for the hyperparameter. + type: integer + maximum: 1000000 + additionalProperties: false + SolutionConfig: + type: object + description: The configuration to use with the solution. When performAutoML is set to true, Amazon Personalize only evaluates the autoMLConfig section of the solution configuration. + properties: + AlgorithmHyperParameters: + description: Lists the hyperparameter names and ranges. + type: object + x-patternProperties: + .{1,}: + type: string + maxProperties: 100 + additionalProperties: false + AutoMLConfig: + description: The AutoMLConfig object containing a list of recipes to search when AutoML is performed. + type: object + properties: + MetricName: + description: The metric to optimize. + type: string + maxLength: 256 + RecipeList: + description: The list of candidate recipes. + type: array + items: + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + x-insertionOrder: true + maxItems: 100 + additionalProperties: false + EventValueThreshold: + description: Only events with a value greater than or equal to this threshold are used for training a model. + type: string + maxLength: 256 + FeatureTransformationParameters: + description: Lists the feature transformation parameters. + type: object + x-patternProperties: + .{1,}: + type: string + maxProperties: 100 + additionalProperties: false + HpoConfig: + description: Describes the properties for hyperparameter optimization (HPO) + type: object + properties: + AlgorithmHyperParameterRanges: + description: The hyperparameters and their allowable ranges + type: object + properties: + CategoricalHyperParameterRanges: + description: The categorical hyperparameters and their ranges. + type: array + maxItems: 100 + items: + $ref: '#/components/schemas/CategoricalHyperParameterRange' + x-insertionOrder: true + ContinuousHyperParameterRanges: + description: The continuous hyperparameters and their ranges. + type: array + maxItems: 100 + items: + $ref: '#/components/schemas/ContinuousHyperParameterRange' + x-insertionOrder: true + IntegerHyperParameterRanges: + description: The integer hyperparameters and their ranges. + type: array + maxItems: 100 + items: + $ref: '#/components/schemas/IntegerHyperParameterRange' + x-insertionOrder: true + additionalProperties: false + HpoObjective: + description: The metric to optimize during HPO. + type: object + properties: + MetricName: + description: The name of the metric + type: string + maxLength: 256 + Type: + description: The type of the metric. Valid values are Maximize and Minimize. + type: string + enum: + - Maximize + - Minimize + MetricRegex: + description: A regular expression for finding the metric in the training job logs. + type: string + maxLength: 256 + additionalProperties: false + HpoResourceConfig: + description: Describes the resource configuration for hyperparameter optimization (HPO). + type: object + properties: + MaxNumberOfTrainingJobs: + description: The maximum number of training jobs when you create a solution version. The maximum value for maxNumberOfTrainingJobs is 40. + type: string + maxLength: 256 + MaxParallelTrainingJobs: + description: The maximum number of parallel training jobs when you create a solution version. The maximum value for maxParallelTrainingJobs is 10. + type: string + maxLength: 256 + additionalProperties: false + additionalProperties: false + additionalProperties: false + Solution: + type: object + properties: + Name: + description: The name for the solution + type: string + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-_]* + SolutionArn: + $ref: '#/components/schemas/SolutionArn' + EventType: + description: When your have multiple event types (using an EVENT_TYPE schema field), this parameter specifies which event type (for example, 'click' or 'like') is used for training the model. If you do not provide an eventType, Amazon Personalize will use all interactions for training with equal weight regardless of type. + type: string + maxLength: 256 + DatasetGroupArn: + description: The ARN of the dataset group that provides the training data. + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + PerformAutoML: + description: Whether to perform automated machine learning (AutoML). The default is false. For this case, you must specify recipeArn. + type: boolean + PerformHPO: + description: Whether to perform hyperparameter optimization (HPO) on the specified or selected recipe. The default is false. When performing AutoML, this parameter is always true and you should not set it to false. + type: boolean + RecipeArn: + description: The ARN of the recipe to use for model training. Only specified when performAutoML is false. + type: string + maxLength: 256 + pattern: arn:([a-z\d-]+):personalize:.*:.*:.+ + SolutionConfig: + $ref: '#/components/schemas/SolutionConfig' + required: + - Name + - DatasetGroupArn + x-stackql-resource-name: solution + x-stackql-primaryIdentifier: + - SolutionArn + x-create-only-properties: + - Name + - EventType + - DatasetGroupArn + - PerformAutoML + - PerformHPO + - RecipeArn + - SolutionConfig + x-read-only-properties: + - SolutionArn + x-required-permissions: + create: + - personalize:CreateSolution + - personalize:DescribeSolution + read: + - personalize:DescribeSolution + delete: + - personalize:DeleteSolution + - personalize:DescribeSolution + list: + - personalize:ListSolutions + x-stackQL-resources: + datasets: + name: datasets + id: awscc.personalize.datasets + x-cfn-schema-name: Dataset + x-type: list + x-identifiers: + - DatasetArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetArn') as dataset_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::Dataset' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetArn') as dataset_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::Dataset' + AND region = 'us-east-1' + dataset: + name: dataset + id: awscc.personalize.dataset + x-cfn-schema-name: Dataset + x-type: get + x-identifiers: + - DatasetArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DatasetArn') as dataset_arn, + JSON_EXTRACT(Properties, '$.DatasetType') as dataset_type, + JSON_EXTRACT(Properties, '$.DatasetGroupArn') as dataset_group_arn, + JSON_EXTRACT(Properties, '$.SchemaArn') as schema_arn, + JSON_EXTRACT(Properties, '$.DatasetImportJob') as dataset_import_job + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DatasetArn') as dataset_arn, + json_extract_path_text(Properties, 'DatasetType') as dataset_type, + json_extract_path_text(Properties, 'DatasetGroupArn') as dataset_group_arn, + json_extract_path_text(Properties, 'SchemaArn') as schema_arn, + json_extract_path_text(Properties, 'DatasetImportJob') as dataset_import_job + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::Dataset' + AND data__Identifier = '' + AND region = 'us-east-1' + dataset_groups: + name: dataset_groups + id: awscc.personalize.dataset_groups + x-cfn-schema-name: DatasetGroup + x-type: list + x-identifiers: + - DatasetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetGroupArn') as dataset_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::DatasetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetGroupArn') as dataset_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::DatasetGroup' + AND region = 'us-east-1' + dataset_group: + name: dataset_group + id: awscc.personalize.dataset_group + x-cfn-schema-name: DatasetGroup + x-type: get + x-identifiers: + - DatasetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatasetGroupArn') as dataset_group_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Domain') as domain + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::DatasetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatasetGroupArn') as dataset_group_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Domain') as domain + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::DatasetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + schemata: + name: schemata + id: awscc.personalize.schemata + x-cfn-schema-name: Schema + x-type: list + x-identifiers: + - SchemaArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SchemaArn') as schema_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::Schema' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SchemaArn') as schema_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::Schema' + AND region = 'us-east-1' + schema: + name: schema + id: awscc.personalize.schema + x-cfn-schema-name: Schema + x-type: get + x-identifiers: + - SchemaArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SchemaArn') as schema_arn, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.Domain') as domain + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::Schema' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SchemaArn') as schema_arn, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'Domain') as domain + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::Schema' + AND data__Identifier = '' + AND region = 'us-east-1' + solutions: + name: solutions + id: awscc.personalize.solutions + x-cfn-schema-name: Solution + x-type: list + x-identifiers: + - SolutionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SolutionArn') as solution_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::Solution' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SolutionArn') as solution_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Personalize::Solution' + AND region = 'us-east-1' + solution: + name: solution + id: awscc.personalize.solution + x-cfn-schema-name: Solution + x-type: get + x-identifiers: + - SolutionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SolutionArn') as solution_arn, + JSON_EXTRACT(Properties, '$.EventType') as event_type, + JSON_EXTRACT(Properties, '$.DatasetGroupArn') as dataset_group_arn, + JSON_EXTRACT(Properties, '$.PerformAutoML') as perform_auto_ml, + JSON_EXTRACT(Properties, '$.PerformHPO') as perform_hp_o, + JSON_EXTRACT(Properties, '$.RecipeArn') as recipe_arn, + JSON_EXTRACT(Properties, '$.SolutionConfig') as solution_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::Solution' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SolutionArn') as solution_arn, + json_extract_path_text(Properties, 'EventType') as event_type, + json_extract_path_text(Properties, 'DatasetGroupArn') as dataset_group_arn, + json_extract_path_text(Properties, 'PerformAutoML') as perform_auto_ml, + json_extract_path_text(Properties, 'PerformHPO') as perform_hp_o, + json_extract_path_text(Properties, 'RecipeArn') as recipe_arn, + json_extract_path_text(Properties, 'SolutionConfig') as solution_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Personalize::Solution' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/pinpoint.yaml b/providers/src/awscc/v00.00.00000/services/pinpoint.yaml new file mode 100644 index 00000000..f66ab2f6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/pinpoint.yaml @@ -0,0 +1,209 @@ +openapi: 3.0.0 +info: + title: Pinpoint + version: 1.0.0 +paths: {} +components: + schemas: + Alignment: + enum: + - LEFT + - CENTER + - RIGHT + type: string + BodyConfig: + additionalProperties: false + properties: + Alignment: + $ref: '#/components/schemas/Alignment' + Body: + type: string + TextColor: + type: string + type: object + ButtonAction: + enum: + - LINK + - DEEP_LINK + - CLOSE + type: string + ButtonConfig: + additionalProperties: false + properties: + Android: + $ref: '#/components/schemas/OverrideButtonConfiguration' + DefaultConfig: + $ref: '#/components/schemas/DefaultButtonConfiguration' + IOS: + $ref: '#/components/schemas/OverrideButtonConfiguration' + Web: + $ref: '#/components/schemas/OverrideButtonConfiguration' + type: object + DefaultButtonConfiguration: + additionalProperties: false + properties: + BackgroundColor: + type: string + BorderRadius: + type: integer + ButtonAction: + $ref: '#/components/schemas/ButtonAction' + Link: + type: string + Text: + type: string + TextColor: + type: string + type: object + HeaderConfig: + additionalProperties: false + properties: + Alignment: + $ref: '#/components/schemas/Alignment' + Header: + type: string + TextColor: + type: string + type: object + InAppMessageContent: + additionalProperties: false + properties: + BackgroundColor: + type: string + BodyConfig: + $ref: '#/components/schemas/BodyConfig' + HeaderConfig: + $ref: '#/components/schemas/HeaderConfig' + ImageUrl: + type: string + PrimaryBtn: + $ref: '#/components/schemas/ButtonConfig' + SecondaryBtn: + $ref: '#/components/schemas/ButtonConfig' + type: object + OverrideButtonConfiguration: + additionalProperties: false + properties: + ButtonAction: + $ref: '#/components/schemas/ButtonAction' + Link: + type: string + type: object + InAppTemplate: + type: object + properties: + Arn: + type: string + Content: + x-insertionOrder: true + items: + $ref: '#/components/schemas/InAppMessageContent' + type: array + CustomConfig: + type: object + Layout: + enum: + - BOTTOM_BANNER + - TOP_BANNER + - OVERLAYS + - MOBILE_FEED + - MIDDLE_BANNER + - CAROUSEL + type: string + Tags: + type: object + TemplateDescription: + type: string + TemplateName: + type: string + required: + - TemplateName + x-stackql-resource-name: in_app_template + x-stackql-primaryIdentifier: + - TemplateName + x-create-only-properties: + - TemplateName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - mobiletargeting:CreateInAppTemplate + - mobiletargeting:GetInAppTemplate + - mobiletargeting:TagResource + delete: + - mobiletargeting:DeleteInAppTemplate + - mobiletargeting:GetInAppTemplate + list: + - mobiletargeting:GetInAppTemplate + - mobiletargeting:ListTemplates + read: + - mobiletargeting:GetInAppTemplate + - mobiletargeting:ListTemplates + update: + - mobiletargeting:UpdateInAppTemplate + - mobiletargeting:GetInAppTemplate + x-stackQL-resources: + in_app_templates: + name: in_app_templates + id: awscc.pinpoint.in_app_templates + x-cfn-schema-name: InAppTemplate + x-type: list + x-identifiers: + - TemplateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TemplateName') as template_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Pinpoint::InAppTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TemplateName') as template_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Pinpoint::InAppTemplate' + AND region = 'us-east-1' + in_app_template: + name: in_app_template + id: awscc.pinpoint.in_app_template + x-cfn-schema-name: InAppTemplate + x-type: get + x-identifiers: + - TemplateName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.CustomConfig') as custom_config, + JSON_EXTRACT(Properties, '$.Layout') as layout, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TemplateDescription') as template_description, + JSON_EXTRACT(Properties, '$.TemplateName') as template_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Pinpoint::InAppTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'CustomConfig') as custom_config, + json_extract_path_text(Properties, 'Layout') as layout, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TemplateDescription') as template_description, + json_extract_path_text(Properties, 'TemplateName') as template_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Pinpoint::InAppTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/pipes.yaml b/providers/src/awscc/v00.00.00000/services/pipes.yaml new file mode 100644 index 00000000..37282461 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/pipes.yaml @@ -0,0 +1,1339 @@ +openapi: 3.0.0 +info: + title: Pipes + version: 1.0.0 +paths: {} +components: + schemas: + AssignPublicIp: + type: string + enum: + - ENABLED + - DISABLED + AwsVpcConfiguration: + type: object + properties: + Subnets: + type: array + items: + type: string + maxLength: 1024 + minLength: 1 + pattern: ^subnet-[0-9a-z]*|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + maxItems: 16 + minItems: 0 + SecurityGroups: + type: array + items: + type: string + maxLength: 1024 + minLength: 1 + pattern: ^sg-[0-9a-zA-Z]*|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + maxItems: 5 + minItems: 0 + AssignPublicIp: + $ref: '#/components/schemas/AssignPublicIp' + required: + - Subnets + additionalProperties: false + BatchArrayProperties: + type: object + properties: + Size: + type: integer + default: 0 + maximum: 10000 + minimum: 2 + additionalProperties: false + BatchContainerOverrides: + type: object + properties: + Command: + type: array + items: + type: string + Environment: + type: array + items: + $ref: '#/components/schemas/BatchEnvironmentVariable' + InstanceType: + type: string + ResourceRequirements: + type: array + items: + $ref: '#/components/schemas/BatchResourceRequirement' + additionalProperties: false + BatchEnvironmentVariable: + type: object + properties: + Name: + type: string + Value: + type: string + additionalProperties: false + BatchJobDependency: + type: object + properties: + JobId: + type: string + Type: + $ref: '#/components/schemas/BatchJobDependencyType' + additionalProperties: false + BatchJobDependencyType: + type: string + enum: + - N_TO_N + - SEQUENTIAL + BatchParametersMap: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + BatchResourceRequirement: + type: object + properties: + Type: + $ref: '#/components/schemas/BatchResourceRequirementType' + Value: + type: string + required: + - Type + - Value + additionalProperties: false + BatchResourceRequirementType: + type: string + enum: + - GPU + - MEMORY + - VCPU + BatchRetryStrategy: + type: object + properties: + Attempts: + type: integer + default: 0 + maximum: 10 + minimum: 1 + additionalProperties: false + CapacityProviderStrategyItem: + type: object + properties: + CapacityProvider: + type: string + maxLength: 255 + minLength: 1 + Weight: + type: integer + default: 0 + maximum: 1000 + minimum: 0 + Base: + type: integer + default: 0 + maximum: 100000 + minimum: 0 + required: + - CapacityProvider + additionalProperties: false + CloudwatchLogsLogDestination: + type: object + properties: + LogGroupArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:logs:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):log-group:.+)$ + additionalProperties: false + DeadLetterConfig: + type: object + properties: + Arn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)$ + additionalProperties: false + DynamoDBStreamStartPosition: + type: string + enum: + - TRIM_HORIZON + - LATEST + EcsContainerOverride: + type: object + properties: + Command: + type: array + items: + type: string + Cpu: + type: integer + Environment: + type: array + items: + $ref: '#/components/schemas/EcsEnvironmentVariable' + EnvironmentFiles: + type: array + items: + $ref: '#/components/schemas/EcsEnvironmentFile' + Memory: + type: integer + MemoryReservation: + type: integer + Name: + type: string + ResourceRequirements: + type: array + items: + $ref: '#/components/schemas/EcsResourceRequirement' + additionalProperties: false + EcsEnvironmentFile: + type: object + properties: + Type: + $ref: '#/components/schemas/EcsEnvironmentFileType' + Value: + type: string + required: + - Type + - Value + additionalProperties: false + EcsEnvironmentFileType: + type: string + enum: + - s3 + EcsEnvironmentVariable: + type: object + properties: + Name: + type: string + Value: + type: string + additionalProperties: false + EcsEphemeralStorage: + type: object + properties: + SizeInGiB: + type: integer + default: 0 + maximum: 200 + minimum: 21 + required: + - SizeInGiB + additionalProperties: false + EcsInferenceAcceleratorOverride: + type: object + properties: + DeviceName: + type: string + DeviceType: + type: string + additionalProperties: false + EcsResourceRequirement: + type: object + properties: + Type: + $ref: '#/components/schemas/EcsResourceRequirementType' + Value: + type: string + required: + - Type + - Value + additionalProperties: false + EcsResourceRequirementType: + type: string + enum: + - GPU + - InferenceAccelerator + EcsTaskOverride: + type: object + properties: + ContainerOverrides: + type: array + items: + $ref: '#/components/schemas/EcsContainerOverride' + Cpu: + type: string + EphemeralStorage: + $ref: '#/components/schemas/EcsEphemeralStorage' + ExecutionRoleArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + InferenceAcceleratorOverrides: + type: array + items: + $ref: '#/components/schemas/EcsInferenceAcceleratorOverride' + Memory: + type: string + TaskRoleArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + additionalProperties: false + Filter: + type: object + properties: + Pattern: + type: string + maxLength: 4096 + minLength: 0 + additionalProperties: false + FilterCriteria: + type: object + properties: + Filters: + type: array + items: + $ref: '#/components/schemas/Filter' + maxItems: 5 + minItems: 0 + additionalProperties: false + FirehoseLogDestination: + type: object + properties: + DeliveryStreamArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:firehose:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):deliverystream/.+)$ + additionalProperties: false + HeaderParametersMap: + type: object + x-patternProperties: + ^[!#$%&'*+-.^_`|~0-9a-zA-Z]+|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$: + type: string + maxLength: 512 + minLength: 0 + pattern: ^[ \t]*[\x20-\x7E]+([ \t]+[\x20-\x7E]+)*[ \t]*|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + additionalProperties: false + IncludeExecutionDataOption: + type: string + enum: + - ALL + KinesisStreamStartPosition: + type: string + enum: + - TRIM_HORIZON + - LATEST + - AT_TIMESTAMP + LaunchType: + type: string + enum: + - EC2 + - FARGATE + - EXTERNAL + LogLevel: + type: string + enum: + - 'OFF' + - ERROR + - INFO + - TRACE + MQBrokerAccessCredentials: + oneOf: + - type: object + title: BasicAuth + properties: + BasicAuth: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + required: + - BasicAuth + additionalProperties: false + MSKAccessCredentials: + oneOf: + - type: object + title: SaslScram512Auth + properties: + SaslScram512Auth: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + required: + - SaslScram512Auth + additionalProperties: false + - type: object + title: ClientCertificateTlsAuth + properties: + ClientCertificateTlsAuth: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + required: + - ClientCertificateTlsAuth + additionalProperties: false + MSKStartPosition: + type: string + enum: + - TRIM_HORIZON + - LATEST + NetworkConfiguration: + type: object + properties: + AwsvpcConfiguration: + $ref: '#/components/schemas/AwsVpcConfiguration' + additionalProperties: false + OnPartialBatchItemFailureStreams: + type: string + enum: + - AUTOMATIC_BISECT + PipeEnrichmentHttpParameters: + type: object + properties: + PathParameterValues: + type: array + items: + type: string + pattern: ^(?!\s*$).+|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + HeaderParameters: + $ref: '#/components/schemas/HeaderParametersMap' + QueryStringParameters: + $ref: '#/components/schemas/QueryStringParametersMap' + additionalProperties: false + PipeEnrichmentParameters: + type: object + properties: + InputTemplate: + type: string + maxLength: 8192 + minLength: 0 + HttpParameters: + $ref: '#/components/schemas/PipeEnrichmentHttpParameters' + additionalProperties: false + PipeLogConfiguration: + type: object + properties: + S3LogDestination: + $ref: '#/components/schemas/S3LogDestination' + FirehoseLogDestination: + $ref: '#/components/schemas/FirehoseLogDestination' + CloudwatchLogsLogDestination: + $ref: '#/components/schemas/CloudwatchLogsLogDestination' + Level: + $ref: '#/components/schemas/LogLevel' + IncludeExecutionData: + type: array + items: + $ref: '#/components/schemas/IncludeExecutionDataOption' + uniqueItems: true + additionalProperties: false + PipeSourceActiveMQBrokerParameters: + type: object + properties: + Credentials: + $ref: '#/components/schemas/MQBrokerAccessCredentials' + QueueName: + type: string + maxLength: 1000 + minLength: 1 + pattern: ^[\s\S]*$ + BatchSize: + type: integer + maximum: 10000 + minimum: 1 + MaximumBatchingWindowInSeconds: + type: integer + maximum: 300 + minimum: 0 + required: + - Credentials + - QueueName + additionalProperties: false + PipeSourceDynamoDBStreamParameters: + type: object + properties: + BatchSize: + type: integer + maximum: 10000 + minimum: 1 + DeadLetterConfig: + $ref: '#/components/schemas/DeadLetterConfig' + OnPartialBatchItemFailure: + $ref: '#/components/schemas/OnPartialBatchItemFailureStreams' + MaximumBatchingWindowInSeconds: + type: integer + maximum: 300 + minimum: 0 + MaximumRecordAgeInSeconds: + type: integer + maximum: 604800 + minimum: -1 + MaximumRetryAttempts: + type: integer + maximum: 10000 + minimum: -1 + ParallelizationFactor: + type: integer + maximum: 10 + minimum: 1 + StartingPosition: + $ref: '#/components/schemas/DynamoDBStreamStartPosition' + required: + - StartingPosition + additionalProperties: false + PipeSourceKinesisStreamParameters: + type: object + properties: + BatchSize: + type: integer + maximum: 10000 + minimum: 1 + DeadLetterConfig: + $ref: '#/components/schemas/DeadLetterConfig' + OnPartialBatchItemFailure: + $ref: '#/components/schemas/OnPartialBatchItemFailureStreams' + MaximumBatchingWindowInSeconds: + type: integer + maximum: 300 + minimum: 0 + MaximumRecordAgeInSeconds: + type: integer + maximum: 604800 + minimum: -1 + MaximumRetryAttempts: + type: integer + maximum: 10000 + minimum: -1 + ParallelizationFactor: + type: integer + maximum: 10 + minimum: 1 + StartingPosition: + $ref: '#/components/schemas/KinesisStreamStartPosition' + StartingPositionTimestamp: + type: string + format: date-time + required: + - StartingPosition + additionalProperties: false + PipeSourceManagedStreamingKafkaParameters: + type: object + properties: + TopicName: + type: string + maxLength: 249 + minLength: 1 + pattern: ^[^.]([a-zA-Z0-9\-_.]+)$ + StartingPosition: + $ref: '#/components/schemas/MSKStartPosition' + BatchSize: + type: integer + maximum: 10000 + minimum: 1 + MaximumBatchingWindowInSeconds: + type: integer + maximum: 300 + minimum: 0 + ConsumerGroupID: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-\/*:_+=.@-]*$ + Credentials: + $ref: '#/components/schemas/MSKAccessCredentials' + required: + - TopicName + additionalProperties: false + PipeSourceParameters: + type: object + properties: + FilterCriteria: + $ref: '#/components/schemas/FilterCriteria' + KinesisStreamParameters: + $ref: '#/components/schemas/PipeSourceKinesisStreamParameters' + DynamoDBStreamParameters: + $ref: '#/components/schemas/PipeSourceDynamoDBStreamParameters' + SqsQueueParameters: + $ref: '#/components/schemas/PipeSourceSqsQueueParameters' + ActiveMQBrokerParameters: + $ref: '#/components/schemas/PipeSourceActiveMQBrokerParameters' + RabbitMQBrokerParameters: + $ref: '#/components/schemas/PipeSourceRabbitMQBrokerParameters' + ManagedStreamingKafkaParameters: + $ref: '#/components/schemas/PipeSourceManagedStreamingKafkaParameters' + SelfManagedKafkaParameters: + $ref: '#/components/schemas/PipeSourceSelfManagedKafkaParameters' + additionalProperties: false + PipeSourceRabbitMQBrokerParameters: + type: object + properties: + Credentials: + $ref: '#/components/schemas/MQBrokerAccessCredentials' + QueueName: + type: string + maxLength: 1000 + minLength: 1 + pattern: ^[\s\S]*$ + VirtualHost: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-\/*:_+=.@-]*$ + BatchSize: + type: integer + maximum: 10000 + minimum: 1 + MaximumBatchingWindowInSeconds: + type: integer + maximum: 300 + minimum: 0 + required: + - Credentials + - QueueName + additionalProperties: false + PipeSourceSelfManagedKafkaParameters: + type: object + properties: + TopicName: + type: string + maxLength: 249 + minLength: 1 + pattern: ^[^.]([a-zA-Z0-9\-_.]+)$ + StartingPosition: + $ref: '#/components/schemas/SelfManagedKafkaStartPosition' + AdditionalBootstrapServers: + type: array + items: + type: string + maxLength: 300 + minLength: 1 + pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9]):[0-9]{1,5}$ + maxItems: 2 + minItems: 0 + BatchSize: + type: integer + maximum: 10000 + minimum: 1 + MaximumBatchingWindowInSeconds: + type: integer + maximum: 300 + minimum: 0 + ConsumerGroupID: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-\/*:_+=.@-]*$ + Credentials: + $ref: '#/components/schemas/SelfManagedKafkaAccessConfigurationCredentials' + ServerRootCaCertificate: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + Vpc: + $ref: '#/components/schemas/SelfManagedKafkaAccessConfigurationVpc' + required: + - TopicName + additionalProperties: false + PipeSourceSqsQueueParameters: + type: object + properties: + BatchSize: + type: integer + maximum: 10000 + minimum: 1 + MaximumBatchingWindowInSeconds: + type: integer + maximum: 300 + minimum: 0 + additionalProperties: false + PipeState: + type: string + enum: + - RUNNING + - STOPPED + - CREATING + - UPDATING + - DELETING + - STARTING + - STOPPING + - CREATE_FAILED + - UPDATE_FAILED + - START_FAILED + - STOP_FAILED + - DELETE_FAILED + - CREATE_ROLLBACK_FAILED + - DELETE_ROLLBACK_FAILED + - UPDATE_ROLLBACK_FAILED + PipeTargetBatchJobParameters: + type: object + properties: + JobDefinition: + type: string + JobName: + type: string + ArrayProperties: + $ref: '#/components/schemas/BatchArrayProperties' + RetryStrategy: + $ref: '#/components/schemas/BatchRetryStrategy' + ContainerOverrides: + $ref: '#/components/schemas/BatchContainerOverrides' + DependsOn: + type: array + items: + $ref: '#/components/schemas/BatchJobDependency' + maxItems: 20 + minItems: 0 + Parameters: + $ref: '#/components/schemas/BatchParametersMap' + required: + - JobDefinition + - JobName + additionalProperties: false + PipeTargetCloudWatchLogsParameters: + type: object + properties: + LogStreamName: + type: string + maxLength: 256 + minLength: 1 + Timestamp: + type: string + maxLength: 256 + minLength: 1 + pattern: ^\$(\.[\w_-]+(\[(\d+|\*)\])*)*$ + additionalProperties: false + PipeTargetEcsTaskParameters: + type: object + properties: + TaskDefinitionArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + TaskCount: + type: integer + minimum: 1 + LaunchType: + $ref: '#/components/schemas/LaunchType' + NetworkConfiguration: + $ref: '#/components/schemas/NetworkConfiguration' + PlatformVersion: + type: string + Group: + type: string + CapacityProviderStrategy: + type: array + items: + $ref: '#/components/schemas/CapacityProviderStrategyItem' + maxItems: 6 + minItems: 0 + EnableECSManagedTags: + type: boolean + default: false + EnableExecuteCommand: + type: boolean + default: false + PlacementConstraints: + type: array + items: + $ref: '#/components/schemas/PlacementConstraint' + maxItems: 10 + minItems: 0 + PlacementStrategy: + type: array + items: + $ref: '#/components/schemas/PlacementStrategy' + maxItems: 5 + minItems: 0 + PropagateTags: + $ref: '#/components/schemas/PropagateTags' + ReferenceId: + type: string + maxLength: 1024 + minLength: 0 + Overrides: + $ref: '#/components/schemas/EcsTaskOverride' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - TaskDefinitionArn + additionalProperties: false + PipeTargetEventBridgeEventBusParameters: + type: object + properties: + EndpointId: + type: string + maxLength: 50 + minLength: 1 + pattern: ^[A-Za-z0-9\-]+[\.][A-Za-z0-9\-]+$ + DetailType: + type: string + maxLength: 128 + minLength: 1 + Source: + type: string + maxLength: 256 + minLength: 1 + pattern: (?=[/\.\-_A-Za-z0-9]+)((?!aws\.).*)|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*) + Resources: + type: array + items: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + maxItems: 10 + minItems: 0 + Time: + type: string + maxLength: 256 + minLength: 1 + pattern: ^\$(\.[\w/_-]+(\[(\d+|\*)\])*)*$ + additionalProperties: false + PipeTargetHttpParameters: + type: object + properties: + PathParameterValues: + type: array + items: + type: string + pattern: ^(?!\s*$).+|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + HeaderParameters: + $ref: '#/components/schemas/HeaderParametersMap' + QueryStringParameters: + $ref: '#/components/schemas/QueryStringParametersMap' + additionalProperties: false + PipeTargetInvocationType: + type: string + enum: + - REQUEST_RESPONSE + - FIRE_AND_FORGET + PipeTargetKinesisStreamParameters: + type: object + properties: + PartitionKey: + type: string + maxLength: 256 + minLength: 0 + required: + - PartitionKey + additionalProperties: false + PipeTargetLambdaFunctionParameters: + type: object + properties: + InvocationType: + $ref: '#/components/schemas/PipeTargetInvocationType' + additionalProperties: false + PipeTargetParameters: + type: object + properties: + InputTemplate: + type: string + maxLength: 8192 + minLength: 0 + LambdaFunctionParameters: + $ref: '#/components/schemas/PipeTargetLambdaFunctionParameters' + StepFunctionStateMachineParameters: + $ref: '#/components/schemas/PipeTargetStateMachineParameters' + KinesisStreamParameters: + $ref: '#/components/schemas/PipeTargetKinesisStreamParameters' + EcsTaskParameters: + $ref: '#/components/schemas/PipeTargetEcsTaskParameters' + BatchJobParameters: + $ref: '#/components/schemas/PipeTargetBatchJobParameters' + SqsQueueParameters: + $ref: '#/components/schemas/PipeTargetSqsQueueParameters' + HttpParameters: + $ref: '#/components/schemas/PipeTargetHttpParameters' + RedshiftDataParameters: + $ref: '#/components/schemas/PipeTargetRedshiftDataParameters' + SageMakerPipelineParameters: + $ref: '#/components/schemas/PipeTargetSageMakerPipelineParameters' + EventBridgeEventBusParameters: + $ref: '#/components/schemas/PipeTargetEventBridgeEventBusParameters' + CloudWatchLogsParameters: + $ref: '#/components/schemas/PipeTargetCloudWatchLogsParameters' + additionalProperties: false + PipeTargetRedshiftDataParameters: + type: object + properties: + SecretManagerArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + description: Optional SecretManager ARN which stores the database credentials + Database: + type: string + maxLength: 64 + minLength: 1 + description: Redshift Database + DbUser: + type: string + maxLength: 128 + minLength: 1 + description: Database user name + StatementName: + type: string + maxLength: 500 + minLength: 1 + description: A name for Redshift DataAPI statement which can be used as filter of ListStatement. + WithEvent: + type: boolean + default: false + Sqls: + type: array + items: + type: string + maxLength: 100000 + minLength: 1 + description: A single Redshift SQL + maxItems: 40 + minItems: 1 + description: A list of SQLs. + required: + - Database + - Sqls + additionalProperties: false + PipeTargetSageMakerPipelineParameters: + type: object + properties: + PipelineParameterList: + type: array + items: + $ref: '#/components/schemas/SageMakerPipelineParameter' + maxItems: 200 + minItems: 0 + additionalProperties: false + PipeTargetSqsQueueParameters: + type: object + properties: + MessageGroupId: + type: string + maxLength: 100 + minLength: 0 + MessageDeduplicationId: + type: string + maxLength: 100 + minLength: 0 + additionalProperties: false + PipeTargetStateMachineParameters: + type: object + properties: + InvocationType: + $ref: '#/components/schemas/PipeTargetInvocationType' + additionalProperties: false + PlacementConstraint: + type: object + properties: + Type: + $ref: '#/components/schemas/PlacementConstraintType' + Expression: + type: string + maxLength: 2000 + minLength: 0 + additionalProperties: false + PlacementConstraintType: + type: string + enum: + - distinctInstance + - memberOf + PlacementStrategy: + type: object + properties: + Type: + $ref: '#/components/schemas/PlacementStrategyType' + Field: + type: string + maxLength: 255 + minLength: 0 + additionalProperties: false + PlacementStrategyType: + type: string + enum: + - random + - spread + - binpack + PropagateTags: + type: string + enum: + - TASK_DEFINITION + QueryStringParametersMap: + type: object + x-patternProperties: + ^[^\x00-\x1F\x7F]+|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$: + type: string + maxLength: 512 + minLength: 0 + pattern: ^[^\x00-\x09\x0B\x0C\x0E-\x1F\x7F]+|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + additionalProperties: false + RequestedPipeState: + type: string + enum: + - RUNNING + - STOPPED + S3LogDestination: + type: object + properties: + BucketName: + type: string + Prefix: + type: string + BucketOwner: + type: string + OutputFormat: + $ref: '#/components/schemas/S3OutputFormat' + additionalProperties: false + S3OutputFormat: + type: string + enum: + - json + - plain + - w3c + SageMakerPipelineParameter: + type: object + properties: + Name: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*|(\$(\.[\w/_-]+(\[(\d+|\*)\])*)*)$ + Value: + type: string + maxLength: 1024 + minLength: 0 + required: + - Name + - Value + additionalProperties: false + SelfManagedKafkaAccessConfigurationCredentials: + oneOf: + - type: object + title: BasicAuth + properties: + BasicAuth: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + required: + - BasicAuth + additionalProperties: false + - type: object + title: SaslScram512Auth + properties: + SaslScram512Auth: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + required: + - SaslScram512Auth + additionalProperties: false + - type: object + title: SaslScram256Auth + properties: + SaslScram256Auth: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + required: + - SaslScram256Auth + additionalProperties: false + - type: object + title: ClientCertificateTlsAuth + properties: + ClientCertificateTlsAuth: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^(^arn:aws([a-z]|\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}):(\d{12}):secret:.+)$ + description: Optional SecretManager ARN which stores the database credentials + required: + - ClientCertificateTlsAuth + additionalProperties: false + SelfManagedKafkaAccessConfigurationVpc: + type: object + properties: + Subnets: + type: array + items: + type: string + maxLength: 1024 + minLength: 1 + pattern: ^subnet-[0-9a-z]*$ + maxItems: 16 + minItems: 0 + description: List of SubnetId. + SecurityGroup: + type: array + items: + type: string + maxLength: 1024 + minLength: 1 + pattern: ^sg-[0-9a-zA-Z]*$ + maxItems: 5 + minItems: 0 + description: List of SecurityGroupId. + additionalProperties: false + SelfManagedKafkaStartPosition: + type: string + enum: + - TRIM_HORIZON + - LATEST + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + Value: + type: string + maxLength: 256 + minLength: 0 + required: + - Key + - Value + additionalProperties: false + TagMap: + type: object + maxProperties: 50 + minProperties: 1 + x-patternProperties: + .+: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + Pipe: + type: object + properties: + Arn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:aws([a-z]|\-)*:([a-zA-Z0-9\-]+):([a-z]|\d|\-)*:([0-9]{12})?:(.+)$ + CreationTime: + type: string + format: date-time + CurrentState: + $ref: '#/components/schemas/PipeState' + Description: + type: string + maxLength: 512 + minLength: 0 + pattern: ^.*$ + DesiredState: + $ref: '#/components/schemas/RequestedPipeState' + Enrichment: + type: string + maxLength: 1600 + minLength: 0 + pattern: ^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)$ + EnrichmentParameters: + $ref: '#/components/schemas/PipeEnrichmentParameters' + LastModifiedTime: + type: string + format: date-time + LogConfiguration: + $ref: '#/components/schemas/PipeLogConfiguration' + Name: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[\.\-_A-Za-z0-9]+$ + RoleArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z0-9+=,.@\-_/]+$ + Source: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^smk://(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9]):[0-9]{1,5}|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)$ + SourceParameters: + $ref: '#/components/schemas/PipeSourceParameters' + StateReason: + type: string + maxLength: 512 + minLength: 0 + pattern: ^.*$ + Tags: + $ref: '#/components/schemas/TagMap' + Target: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1})?:(\d{12})?:(.+)$ + TargetParameters: + $ref: '#/components/schemas/PipeTargetParameters' + required: + - RoleArn + - Source + - Target + x-stackql-resource-name: pipe + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Source + - SourceParameters/DynamoDBStreamParameters/StartingPosition + - SourceParameters/KinesisStreamParameters/StartingPosition + - SourceParameters/KinesisStreamParameters/StartingPositionTimestamp + - SourceParameters/ActiveMQBrokerParameters/QueueName + - SourceParameters/RabbitMQBrokerParameters/QueueName + - SourceParameters/RabbitMQBrokerParameters/VirtualHost + - SourceParameters/ManagedStreamingKafkaParameters/TopicName + - SourceParameters/ManagedStreamingKafkaParameters/StartingPosition + - SourceParameters/ManagedStreamingKafkaParameters/ConsumerGroupID + - SourceParameters/SelfManagedApacheKafkaParameters/TopicName + - SourceParameters/SelfManagedApacheKafkaParameters/StartingPosition + - SourceParameters/SelfManagedApacheKafkaParameters/AdditionalBootstrapServers + - SourceParameters/SelfManagedApacheKafkaParameters/ConsumerGroupID + x-read-only-properties: + - Arn + - CreationTime + - CurrentState + - LastModifiedTime + - StateReason + x-required-permissions: + create: + - pipes:CreatePipe + - pipes:DescribePipe + - pipes:TagResource + - iam:PassRole + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - iam:CreateServiceLinkedRole + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - firehose:TagDeliveryStream + read: + - pipes:DescribePipe + update: + - pipes:UpdatePipe + - pipes:TagResource + - pipes:UntagResource + - pipes:DescribePipe + - iam:PassRole + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - iam:CreateServiceLinkedRole + - logs:CreateLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - firehose:TagDeliveryStream + delete: + - pipes:DeletePipe + - pipes:DescribePipe + - logs:CreateLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:GetLogDelivery + - logs:ListLogDeliveries + list: + - pipes:ListPipes + x-stackQL-resources: + pipes: + name: pipes + id: awscc.pipes.pipes + x-cfn-schema-name: Pipe + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Pipes::Pipe' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Pipes::Pipe' + AND region = 'us-east-1' + pipe: + name: pipe + id: awscc.pipes.pipe + x-cfn-schema-name: Pipe + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.CurrentState') as current_state, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DesiredState') as desired_state, + JSON_EXTRACT(Properties, '$.Enrichment') as enrichment, + JSON_EXTRACT(Properties, '$.EnrichmentParameters') as enrichment_parameters, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.LogConfiguration') as log_configuration, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Source') as source, + JSON_EXTRACT(Properties, '$.SourceParameters') as source_parameters, + JSON_EXTRACT(Properties, '$.StateReason') as state_reason, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Target') as target, + JSON_EXTRACT(Properties, '$.TargetParameters') as target_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Pipes::Pipe' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'CurrentState') as current_state, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DesiredState') as desired_state, + json_extract_path_text(Properties, 'Enrichment') as enrichment, + json_extract_path_text(Properties, 'EnrichmentParameters') as enrichment_parameters, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'LogConfiguration') as log_configuration, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Source') as source, + json_extract_path_text(Properties, 'SourceParameters') as source_parameters, + json_extract_path_text(Properties, 'StateReason') as state_reason, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Target') as target, + json_extract_path_text(Properties, 'TargetParameters') as target_parameters + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Pipes::Pipe' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/proton.yaml b/providers/src/awscc/v00.00.00000/services/proton.yaml new file mode 100644 index 00000000..db3e0e11 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/proton.yaml @@ -0,0 +1,474 @@ +openapi: 3.0.0 +info: + title: Proton + version: 1.0.0 +paths: {} +components: + schemas: + Status: + type: string + enum: + - PENDING + - CONNECTED + - REJECTED + Tag: + type: object + description:

A description of a resource tag.

+ properties: + Key: + type: string + maxLength: 128 + minLength: 1 + description:

The key of the resource tag.

+ Value: + type: string + maxLength: 256 + minLength: 0 + description:

The value of the resource tag.

+ required: + - Key + - Value + additionalProperties: false + EnvironmentAccountConnection: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the environment account connection. + type: string + CodebuildRoleArn: + description: The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account. + type: string + minLength: 1 + maxLength: 200 + pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::\d{12}:role/([\w+=,.@-]{1,512}[/:])*([\w+=,.@-]{1,64})$ + ComponentRoleArn: + description: The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account. + type: string + minLength: 1 + maxLength: 200 + pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::\d{12}:role/([\w+=,.@-]{1,512}[/:])*([\w+=,.@-]{1,64})$ + EnvironmentAccountId: + description: The environment account that's connected to the environment account connection. + type: string + pattern: ^\d{12}$ + EnvironmentName: + description: The name of the AWS Proton environment that's created in the associated management account. + type: string + pattern: ^[0-9A-Za-z]+[0-9A-Za-z_\-]*$ + minLength: 1 + maxLength: 100 + Id: + description: The ID of the environment account connection. + type: string + pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$ + ManagementAccountId: + description: The ID of the management account that accepts or rejects the environment account connection. You create an manage the AWS Proton environment in this account. If the management account accepts the environment account connection, AWS Proton can use the associated IAM role to provision environment infrastructure resources in the associated environment account. + type: string + pattern: ^\d{12}$ + RoleArn: + description: The Amazon Resource Name (ARN) of the IAM service role that's created in the environment account. AWS Proton uses this role to provision infrastructure resources in the associated environment account. + type: string + minLength: 1 + maxLength: 200 + pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::\d{12}:role/([\w+=,.@-]{1,512}[/:])*([\w+=,.@-]{1,64})$ + Status: + description: The status of the environment account connection. + $ref: '#/components/schemas/Status' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + uniqueItems: true + x-insertionOrder: false + description: |- +

An optional list of metadata items that you can associate with the Proton environment account connection. A tag is a key-value pair.

+

For more information, see Proton resources and tagging in the + Proton User Guide.

+ x-stackql-resource-name: environment_account_connection + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - Id + - Status + x-required-permissions: + create: + - proton:CreateEnvironmentAccountConnection + - proton:TagResource + - iam:PassRole + - proton:ListTagsForResource + - proton:GetEnvironmentAccountConnection + read: + - proton:GetEnvironmentAccountConnection + - proton:ListTagsForResource + - iam:PassRole + - proton:GetEnvironmentAccountConnection + update: + - proton:CreateEnvironmentAccountConnection + - proton:ListTagsForResource + - proton:TagResource + - proton:UntagResource + - proton:UpdateEnvironmentAccountConnection + - iam:PassRole + - proton:GetEnvironmentAccountConnection + delete: + - proton:DeleteEnvironmentAccountConnection + - proton:UntagResource + - iam:PassRole + - proton:ListTagsForResource + - proton:GetEnvironmentAccountConnection + list: + - proton:ListEnvironmentAccountConnections + Provisioning: + type: string + enum: + - CUSTOMER_MANAGED + EnvironmentTemplate: + type: object + properties: + Arn: + type: string + description:

The Amazon Resource Name (ARN) of the environment template.

+ Description: + type: string + maxLength: 500 + minLength: 0 + description:

A description of the environment template.

+ DisplayName: + type: string + maxLength: 100 + minLength: 1 + description:

The environment template name as displayed in the developer interface.

+ EncryptionKey: + type: string + maxLength: 200 + minLength: 1 + pattern: ^arn:(aws|aws-cn|aws-us-gov):[a-zA-Z0-9-]+:[a-zA-Z0-9-]*:\d{12}:([\w+=,.@-]+[/:])*[\w+=,.@-]+$ + description:

A customer provided encryption key that Proton uses to encrypt data.

+ Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[0-9A-Za-z]+[0-9A-Za-z_\-]*$ + Provisioning: + $ref: '#/components/schemas/Provisioning' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + minItems: 0 + uniqueItems: true + description: |- +

An optional list of metadata items that you can associate with the Proton environment template. A tag is a key-value pair.

+

For more information, see Proton resources and tagging in the + Proton User Guide.

+ x-stackql-resource-name: environment_template + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - EncryptionKey + - Name + - Provisioning + x-read-only-properties: + - Arn + x-required-permissions: + create: + - proton:CreateEnvironmentTemplate + - proton:TagResource + - proton:GetEnvironmentTemplate + - kms:* + read: + - proton:GetEnvironmentTemplate + - proton:ListTagsForResource + - kms:* + update: + - proton:CreateEnvironmentTemplate + - proton:ListTagsForResource + - proton:TagResource + - proton:UntagResource + - proton:UpdateEnvironmentTemplate + - proton:GetEnvironmentTemplate + - kms:* + delete: + - proton:DeleteEnvironmentTemplate + - proton:GetEnvironmentTemplate + - kms:* + list: + - proton:ListEnvironmentTemplates + ServiceTemplate: + type: object + properties: + Arn: + type: string + maxLength: 200 + minLength: 1 + pattern: ^arn:(aws|aws-cn|aws-us-gov):[a-zA-Z0-9-]+:[a-zA-Z0-9-]*:\d{12}:([\w+=,.@-]+[/:])*[\w+=,.@-]+$ + description:

The Amazon Resource Name (ARN) of the service template.

+ Description: + type: string + maxLength: 500 + minLength: 0 + description:

A description of the service template.

+ DisplayName: + type: string + maxLength: 100 + minLength: 1 + description:

The name of the service template as displayed in the developer interface.

+ EncryptionKey: + type: string + maxLength: 200 + minLength: 1 + pattern: ^arn:(aws|aws-cn|aws-us-gov):[a-zA-Z0-9-]+:[a-zA-Z0-9-]*:\d{12}:([\w+=,.@-]+[/:])*[\w+=,.@-]+$ + description:

A customer provided encryption key that's used to encrypt data.

+ Name: + type: string + maxLength: 100 + minLength: 1 + pattern: ^[0-9A-Za-z]+[0-9A-Za-z_\-]*$ + PipelineProvisioning: + $ref: '#/components/schemas/Provisioning' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + minItems: 0 + uniqueItems: true + description: |- +

An optional list of metadata items that you can associate with the Proton service template. A tag is a key-value pair.

+

For more information, see Proton resources and tagging in the + Proton User Guide.

+ x-stackql-resource-name: service_template + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - EncryptionKey + - Name + - PipelineProvisioning + x-read-only-properties: + - Arn + x-required-permissions: + create: + - proton:CreateServiceTemplate + - proton:TagResource + - kms:* + - proton:GetServiceTemplate + read: + - proton:GetServiceTemplate + - proton:ListTagsForResource + - kms:* + update: + - proton:GetServiceTemplate + - proton:CreateServiceTemplate + - proton:ListTagsForResource + - proton:TagResource + - proton:UntagResource + - proton:UpdateServiceTemplate + - kms:* + delete: + - proton:DeleteServiceTemplate + - proton:UntagResource + - kms:* + - proton:GetServiceTemplate + list: + - proton:ListServiceTemplates + x-stackQL-resources: + environment_account_connections: + name: environment_account_connections + id: awscc.proton.environment_account_connections + x-cfn-schema-name: EnvironmentAccountConnection + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Proton::EnvironmentAccountConnection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Proton::EnvironmentAccountConnection' + AND region = 'us-east-1' + environment_account_connection: + name: environment_account_connection + id: awscc.proton.environment_account_connection + x-cfn-schema-name: EnvironmentAccountConnection + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CodebuildRoleArn') as codebuild_role_arn, + JSON_EXTRACT(Properties, '$.ComponentRoleArn') as component_role_arn, + JSON_EXTRACT(Properties, '$.EnvironmentAccountId') as environment_account_id, + JSON_EXTRACT(Properties, '$.EnvironmentName') as environment_name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ManagementAccountId') as management_account_id, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Proton::EnvironmentAccountConnection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CodebuildRoleArn') as codebuild_role_arn, + json_extract_path_text(Properties, 'ComponentRoleArn') as component_role_arn, + json_extract_path_text(Properties, 'EnvironmentAccountId') as environment_account_id, + json_extract_path_text(Properties, 'EnvironmentName') as environment_name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ManagementAccountId') as management_account_id, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Proton::EnvironmentAccountConnection' + AND data__Identifier = '' + AND region = 'us-east-1' + environment_templates: + name: environment_templates + id: awscc.proton.environment_templates + x-cfn-schema-name: EnvironmentTemplate + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Proton::EnvironmentTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Proton::EnvironmentTemplate' + AND region = 'us-east-1' + environment_template: + name: environment_template + id: awscc.proton.environment_template + x-cfn-schema-name: EnvironmentTemplate + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.EncryptionKey') as encryption_key, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Provisioning') as provisioning, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Proton::EnvironmentTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'EncryptionKey') as encryption_key, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Provisioning') as provisioning, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Proton::EnvironmentTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + service_templates: + name: service_templates + id: awscc.proton.service_templates + x-cfn-schema-name: ServiceTemplate + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Proton::ServiceTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Proton::ServiceTemplate' + AND region = 'us-east-1' + service_template: + name: service_template + id: awscc.proton.service_template + x-cfn-schema-name: ServiceTemplate + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.EncryptionKey') as encryption_key, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PipelineProvisioning') as pipeline_provisioning, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Proton::ServiceTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'EncryptionKey') as encryption_key, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PipelineProvisioning') as pipeline_provisioning, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Proton::ServiceTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/qldb.yaml b/providers/src/awscc/v00.00.00000/services/qldb.yaml new file mode 100644 index 00000000..b2f94ae6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/qldb.yaml @@ -0,0 +1,174 @@ +openapi: 3.0.0 +info: + title: QLDB + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + type: string + pattern: arn:[\w+=/,.@-]+:[\w+=/,.@-]+:[\w+=/,.@-]*:[0-9]*:[\w+=,.@-]+(/[\w+=,.@-]+)* + KinesisConfiguration: + type: object + properties: + StreamArn: + type: object + $ref: '#/components/schemas/Arn' + AggregationEnabled: + type: boolean + additionalProperties: false + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 127 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 255 + required: + - Key + - Value + additionalProperties: false + Stream: + type: object + properties: + LedgerName: + type: string + StreamName: + type: string + RoleArn: + $ref: '#/components/schemas/Arn' + InclusiveStartTime: + type: string + ExclusiveEndTime: + type: string + KinesisConfiguration: + $ref: '#/components/schemas/KinesisConfiguration' + Tags: + type: array + maxItems: 50 + x-insertionOrder: false + uniqueItems: true + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + Arn: + $ref: '#/components/schemas/Arn' + Id: + type: string + required: + - LedgerName + - StreamName + - RoleArn + - KinesisConfiguration + - InclusiveStartTime + x-stackql-resource-name: stream + x-stackql-primaryIdentifier: + - LedgerName + - Id + x-create-only-properties: + - LedgerName + - StreamName + - RoleArn + - KinesisConfiguration + - InclusiveStartTime + - ExclusiveEndTime + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - iam:PassRole + - qldb:StreamJournalToKinesis + - qldb:DescribeJournalKinesisStream + delete: + - qldb:CancelJournalKinesisStream + - qldb:DescribeJournalKinesisStream + read: + - qldb:DescribeJournalKinesisStream + - qldb:ListTagsForResource + update: + - qldb:DescribeJournalKinesisStream + - qldb:UntagResource + - qldb:TagResource + list: + - qldb:listJournalKinesisStreamsForLedger + x-stackQL-resources: + streams: + name: streams + id: awscc.qldb.streams + x-cfn-schema-name: Stream + x-type: list + x-identifiers: + - LedgerName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LedgerName') as ledger_name, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QLDB::Stream' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LedgerName') as ledger_name, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QLDB::Stream' + AND region = 'us-east-1' + qldb_stream: + name: qldb_stream + id: awscc.qldb.qldb_stream + x-cfn-schema-name: Stream + x-type: get + x-identifiers: + - LedgerName + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.LedgerName') as ledger_name, + JSON_EXTRACT(Properties, '$.StreamName') as stream_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.InclusiveStartTime') as inclusive_start_time, + JSON_EXTRACT(Properties, '$.ExclusiveEndTime') as exclusive_end_time, + JSON_EXTRACT(Properties, '$.KinesisConfiguration') as kinesis_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QLDB::Stream' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'LedgerName') as ledger_name, + json_extract_path_text(Properties, 'StreamName') as stream_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'InclusiveStartTime') as inclusive_start_time, + json_extract_path_text(Properties, 'ExclusiveEndTime') as exclusive_end_time, + json_extract_path_text(Properties, 'KinesisConfiguration') as kinesis_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QLDB::Stream' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/quicksight.yaml b/providers/src/awscc/v00.00.00000/services/quicksight.yaml new file mode 100644 index 00000000..7b77341f --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/quicksight.yaml @@ -0,0 +1,12353 @@ +openapi: 3.0.0 +info: + title: QuickSight + version: 1.0.0 +paths: {} +components: + schemas: + AggregationFunction: + type: object + properties: + NumericalAggregationFunction: + $ref: '#/components/schemas/NumericalAggregationFunction' + CategoricalAggregationFunction: + $ref: '#/components/schemas/CategoricalAggregationFunction' + DateAggregationFunction: + $ref: '#/components/schemas/DateAggregationFunction' + AttributeAggregationFunction: + $ref: '#/components/schemas/AttributeAggregationFunction' + additionalProperties: false + AggregationSortConfiguration: + type: object + properties: + Column: + $ref: '#/components/schemas/ColumnIdentifier' + SortDirection: + $ref: '#/components/schemas/SortDirection' + AggregationFunction: + $ref: '#/components/schemas/AggregationFunction' + required: + - Column + - SortDirection + additionalProperties: false + AllSheetsFilterScopeConfiguration: + type: object + additionalProperties: false + AnalysisDefaults: + type: object + properties: + DefaultNewSheetConfiguration: + $ref: '#/components/schemas/DefaultNewSheetConfiguration' + required: + - DefaultNewSheetConfiguration + additionalProperties: false + AnalysisDefinition: + type: object + properties: + DataSetIdentifierDeclarations: + type: array + items: + $ref: '#/components/schemas/DataSetIdentifierDeclaration' + maxItems: 50 + minItems: 1 + Sheets: + type: array + items: + $ref: '#/components/schemas/SheetDefinition' + maxItems: 20 + minItems: 0 + CalculatedFields: + type: array + items: + $ref: '#/components/schemas/CalculatedField' + maxItems: 500 + minItems: 0 + ParameterDeclarations: + type: array + items: + $ref: '#/components/schemas/ParameterDeclaration' + maxItems: 200 + minItems: 0 + FilterGroups: + type: array + items: + $ref: '#/components/schemas/FilterGroup' + maxItems: 2000 + minItems: 0 + ColumnConfigurations: + type: array + items: + $ref: '#/components/schemas/ColumnConfiguration' + maxItems: 200 + minItems: 0 + AnalysisDefaults: + $ref: '#/components/schemas/AnalysisDefaults' + Options: + $ref: '#/components/schemas/AssetOptions' + required: + - DataSetIdentifierDeclarations + additionalProperties: false + AnalysisError: + type: object + properties: + Type: + $ref: '#/components/schemas/AnalysisErrorType' + Message: + type: string + pattern: .*\S.* + ViolatedEntities: + type: array + items: + $ref: '#/components/schemas/Entity' + maxItems: 200 + minItems: 0 + additionalProperties: false + AnalysisErrorType: + type: string + enum: + - ACCESS_DENIED + - SOURCE_NOT_FOUND + - DATA_SET_NOT_FOUND + - INTERNAL_FAILURE + - PARAMETER_VALUE_INCOMPATIBLE + - PARAMETER_TYPE_INVALID + - PARAMETER_NOT_FOUND + - COLUMN_TYPE_MISMATCH + - COLUMN_GEOGRAPHIC_ROLE_MISMATCH + - COLUMN_REPLACEMENT_MISSING + AnalysisSourceEntity: + type: object + properties: + SourceTemplate: + $ref: '#/components/schemas/AnalysisSourceTemplate' + additionalProperties: false + AnalysisSourceTemplate: + type: object + properties: + DataSetReferences: + type: array + items: + $ref: '#/components/schemas/DataSetReference' + minItems: 1 + Arn: + type: string + required: + - Arn + - DataSetReferences + additionalProperties: false + AnchorDateConfiguration: + type: object + properties: + AnchorOption: + $ref: '#/components/schemas/AnchorOption' + ParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + additionalProperties: false + AnchorOption: + type: string + enum: + - NOW + ArcAxisConfiguration: + type: object + properties: + Range: + $ref: '#/components/schemas/ArcAxisDisplayRange' + ReserveRange: + type: number + default: 0 + additionalProperties: false + ArcAxisDisplayRange: + type: object + properties: + Min: + type: number + default: null + Max: + type: number + default: null + additionalProperties: false + ArcConfiguration: + type: object + properties: + ArcAngle: + type: number + default: null + ArcThickness: + $ref: '#/components/schemas/ArcThicknessOptions' + additionalProperties: false + ArcOptions: + type: object + properties: + ArcThickness: + $ref: '#/components/schemas/ArcThickness' + additionalProperties: false + ArcThickness: + type: string + enum: + - SMALL + - MEDIUM + - LARGE + - WHOLE + ArcThicknessOptions: + type: string + enum: + - SMALL + - MEDIUM + - LARGE + AssetOptions: + type: object + properties: + Timezone: + type: string + WeekStart: + $ref: '#/components/schemas/DayOfTheWeek' + additionalProperties: false + AttributeAggregationFunction: + type: object + properties: + SimpleAttributeAggregation: + $ref: '#/components/schemas/SimpleAttributeAggregationFunction' + ValueForMultipleValues: + type: string + additionalProperties: false + AxisBinding: + type: string + enum: + - PRIMARY_YAXIS + - SECONDARY_YAXIS + AxisDataOptions: + type: object + properties: + NumericAxisOptions: + $ref: '#/components/schemas/NumericAxisOptions' + DateAxisOptions: + $ref: '#/components/schemas/DateAxisOptions' + additionalProperties: false + AxisDisplayDataDrivenRange: + type: object + additionalProperties: false + AxisDisplayMinMaxRange: + type: object + properties: + Minimum: + type: number + default: null + Maximum: + type: number + default: null + additionalProperties: false + AxisDisplayOptions: + type: object + properties: + TickLabelOptions: + $ref: '#/components/schemas/AxisTickLabelOptions' + AxisLineVisibility: + $ref: '#/components/schemas/Visibility' + GridLineVisibility: + $ref: '#/components/schemas/Visibility' + DataOptions: + $ref: '#/components/schemas/AxisDataOptions' + ScrollbarOptions: + $ref: '#/components/schemas/ScrollBarOptions' + AxisOffset: + type: string + description: String based length that is composed of value and unit in px + additionalProperties: false + AxisDisplayRange: + type: object + properties: + MinMax: + $ref: '#/components/schemas/AxisDisplayMinMaxRange' + DataDriven: + $ref: '#/components/schemas/AxisDisplayDataDrivenRange' + additionalProperties: false + AxisLabelOptions: + type: object + properties: + FontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + CustomLabel: + type: string + ApplyTo: + $ref: '#/components/schemas/AxisLabelReferenceOptions' + additionalProperties: false + AxisLabelReferenceOptions: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + required: + - Column + - FieldId + additionalProperties: false + AxisLinearScale: + type: object + properties: + StepCount: + type: number + default: null + StepSize: + type: number + default: null + additionalProperties: false + AxisLogarithmicScale: + type: object + properties: + Base: + type: number + default: null + additionalProperties: false + AxisScale: + type: object + properties: + Linear: + $ref: '#/components/schemas/AxisLinearScale' + Logarithmic: + $ref: '#/components/schemas/AxisLogarithmicScale' + additionalProperties: false + AxisTickLabelOptions: + type: object + properties: + LabelOptions: + $ref: '#/components/schemas/LabelOptions' + RotationAngle: + type: number + default: null + additionalProperties: false + BarChartAggregatedFieldWells: + type: object + properties: + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Colors: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + SmallMultiples: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + additionalProperties: false + BarChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/BarChartFieldWells' + SortConfiguration: + $ref: '#/components/schemas/BarChartSortConfiguration' + Orientation: + $ref: '#/components/schemas/BarChartOrientation' + BarsArrangement: + $ref: '#/components/schemas/BarsArrangement' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + SmallMultiplesOptions: + $ref: '#/components/schemas/SmallMultiplesOptions' + CategoryAxis: + $ref: '#/components/schemas/AxisDisplayOptions' + CategoryLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ValueAxis: + $ref: '#/components/schemas/AxisDisplayOptions' + ValueLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ColorLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + Legend: + $ref: '#/components/schemas/LegendOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + ReferenceLines: + type: array + items: + $ref: '#/components/schemas/ReferenceLine' + maxItems: 20 + minItems: 0 + ContributionAnalysisDefaults: + type: array + items: + $ref: '#/components/schemas/ContributionAnalysisDefault' + maxItems: 200 + minItems: 1 + additionalProperties: false + BarChartFieldWells: + type: object + properties: + BarChartAggregatedFieldWells: + $ref: '#/components/schemas/BarChartAggregatedFieldWells' + additionalProperties: false + BarChartOrientation: + type: string + enum: + - HORIZONTAL + - VERTICAL + BarChartSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + CategoryItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + ColorSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + ColorItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + SmallMultiplesSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + SmallMultiplesLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + BarChartVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/BarChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + BarsArrangement: + type: string + enum: + - CLUSTERED + - STACKED + - STACKED_PERCENT + BaseMapStyleType: + type: string + enum: + - LIGHT_GRAY + - DARK_GRAY + - STREET + - IMAGERY + BinCountOptions: + type: object + properties: + Value: + type: number + minimum: 0 + additionalProperties: false + BinWidthOptions: + type: object + properties: + Value: + type: number + minimum: 0 + BinCountLimit: + type: number + maximum: 1000 + minimum: 0 + additionalProperties: false + BodySectionConfiguration: + type: object + properties: + SectionId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Content: + $ref: '#/components/schemas/BodySectionContent' + Style: + $ref: '#/components/schemas/SectionStyle' + PageBreakConfiguration: + $ref: '#/components/schemas/SectionPageBreakConfiguration' + required: + - Content + - SectionId + additionalProperties: false + BodySectionContent: + type: object + properties: + Layout: + $ref: '#/components/schemas/SectionLayoutConfiguration' + additionalProperties: false + BoxPlotAggregatedFieldWells: + type: object + properties: + GroupBy: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 5 + minItems: 0 + additionalProperties: false + BoxPlotChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/BoxPlotFieldWells' + SortConfiguration: + $ref: '#/components/schemas/BoxPlotSortConfiguration' + BoxPlotOptions: + $ref: '#/components/schemas/BoxPlotOptions' + CategoryAxis: + $ref: '#/components/schemas/AxisDisplayOptions' + CategoryLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + PrimaryYAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + PrimaryYAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + Legend: + $ref: '#/components/schemas/LegendOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + ReferenceLines: + type: array + items: + $ref: '#/components/schemas/ReferenceLine' + maxItems: 20 + minItems: 0 + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + BoxPlotFieldWells: + type: object + properties: + BoxPlotAggregatedFieldWells: + $ref: '#/components/schemas/BoxPlotAggregatedFieldWells' + additionalProperties: false + BoxPlotFillStyle: + type: string + enum: + - SOLID + - TRANSPARENT + BoxPlotOptions: + type: object + properties: + StyleOptions: + $ref: '#/components/schemas/BoxPlotStyleOptions' + OutlierVisibility: + $ref: '#/components/schemas/Visibility' + AllDataPointsVisibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + BoxPlotSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + PaginationConfiguration: + $ref: '#/components/schemas/PaginationConfiguration' + additionalProperties: false + BoxPlotStyleOptions: + type: object + properties: + FillStyle: + $ref: '#/components/schemas/BoxPlotFillStyle' + additionalProperties: false + BoxPlotVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/BoxPlotChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + CalculatedField: + type: object + properties: + DataSetIdentifier: + type: string + maxLength: 2048 + minLength: 1 + Name: + type: string + maxLength: 127 + minLength: 1 + Expression: + type: string + maxLength: 32000 + minLength: 1 + required: + - DataSetIdentifier + - Expression + - Name + additionalProperties: false + CalculatedMeasureField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Expression: + type: string + maxLength: 4096 + minLength: 1 + required: + - Expression + - FieldId + additionalProperties: false + CascadingControlConfiguration: + type: object + properties: + SourceControls: + type: array + items: + $ref: '#/components/schemas/CascadingControlSource' + maxItems: 200 + minItems: 0 + additionalProperties: false + CascadingControlSource: + type: object + properties: + SourceSheetControlId: + type: string + ColumnToMatch: + $ref: '#/components/schemas/ColumnIdentifier' + additionalProperties: false + CategoricalAggregationFunction: + type: string + enum: + - COUNT + - DISTINCT_COUNT + CategoricalDimensionField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + HierarchyId: + type: string + maxLength: 512 + minLength: 1 + FormatConfiguration: + $ref: '#/components/schemas/StringFormatConfiguration' + required: + - Column + - FieldId + additionalProperties: false + CategoricalMeasureField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + AggregationFunction: + $ref: '#/components/schemas/CategoricalAggregationFunction' + FormatConfiguration: + $ref: '#/components/schemas/StringFormatConfiguration' + required: + - Column + - FieldId + additionalProperties: false + CategoryDrillDownFilter: + type: object + properties: + Column: + $ref: '#/components/schemas/ColumnIdentifier' + CategoryValues: + type: array + items: + type: string + maxLength: 512 + minLength: 0 + maxItems: 100000 + minItems: 0 + required: + - CategoryValues + - Column + additionalProperties: false + CategoryFilter: + type: object + properties: + FilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Column: + $ref: '#/components/schemas/ColumnIdentifier' + Configuration: + $ref: '#/components/schemas/CategoryFilterConfiguration' + required: + - Column + - Configuration + - FilterId + additionalProperties: false + CategoryFilterConfiguration: + type: object + properties: + FilterListConfiguration: + $ref: '#/components/schemas/FilterListConfiguration' + CustomFilterListConfiguration: + $ref: '#/components/schemas/CustomFilterListConfiguration' + CustomFilterConfiguration: + $ref: '#/components/schemas/CustomFilterConfiguration' + additionalProperties: false + CategoryFilterMatchOperator: + type: string + enum: + - EQUALS + - DOES_NOT_EQUAL + - CONTAINS + - DOES_NOT_CONTAIN + - STARTS_WITH + - ENDS_WITH + CategoryFilterSelectAllOptions: + type: string + enum: + - FILTER_ALL_VALUES + ChartAxisLabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + SortIconVisibility: + $ref: '#/components/schemas/Visibility' + AxisLabelOptions: + type: array + items: + $ref: '#/components/schemas/AxisLabelOptions' + maxItems: 100 + minItems: 0 + additionalProperties: false + ClusterMarker: + type: object + properties: + SimpleClusterMarker: + $ref: '#/components/schemas/SimpleClusterMarker' + additionalProperties: false + ClusterMarkerConfiguration: + type: object + properties: + ClusterMarker: + $ref: '#/components/schemas/ClusterMarker' + additionalProperties: false + ColorFillType: + type: string + enum: + - DISCRETE + - GRADIENT + ColorScale: + type: object + properties: + Colors: + type: array + items: + $ref: '#/components/schemas/DataColor' + maxItems: 3 + minItems: 2 + ColorFillType: + $ref: '#/components/schemas/ColorFillType' + NullValueColor: + $ref: '#/components/schemas/DataColor' + required: + - ColorFillType + - Colors + additionalProperties: false + ColorsConfiguration: + type: object + properties: + CustomColors: + type: array + items: + $ref: '#/components/schemas/CustomColor' + maxItems: 50 + minItems: 0 + additionalProperties: false + ColumnConfiguration: + type: object + properties: + Column: + $ref: '#/components/schemas/ColumnIdentifier' + FormatConfiguration: + $ref: '#/components/schemas/FormatConfiguration' + Role: + $ref: '#/components/schemas/ColumnRole' + ColorsConfiguration: + $ref: '#/components/schemas/ColorsConfiguration' + required: + - Column + additionalProperties: false + ColumnHierarchy: + type: object + properties: + ExplicitHierarchy: + $ref: '#/components/schemas/ExplicitHierarchy' + DateTimeHierarchy: + $ref: '#/components/schemas/DateTimeHierarchy' + PredefinedHierarchy: + $ref: '#/components/schemas/PredefinedHierarchy' + additionalProperties: false + ColumnIdentifier: + type: object + properties: + DataSetIdentifier: + type: string + maxLength: 2048 + minLength: 1 + ColumnName: + type: string + maxLength: 127 + minLength: 1 + required: + - ColumnName + - DataSetIdentifier + additionalProperties: false + ColumnRole: + type: string + enum: + - DIMENSION + - MEASURE + ColumnSort: + type: object + properties: + SortBy: + $ref: '#/components/schemas/ColumnIdentifier' + Direction: + $ref: '#/components/schemas/SortDirection' + AggregationFunction: + $ref: '#/components/schemas/AggregationFunction' + required: + - Direction + - SortBy + additionalProperties: false + ColumnTooltipItem: + type: object + properties: + Column: + $ref: '#/components/schemas/ColumnIdentifier' + Label: + type: string + Visibility: + $ref: '#/components/schemas/Visibility' + Aggregation: + $ref: '#/components/schemas/AggregationFunction' + required: + - Column + additionalProperties: false + ComboChartAggregatedFieldWells: + type: object + properties: + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + BarValues: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Colors: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + LineValues: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + additionalProperties: false + ComboChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/ComboChartFieldWells' + SortConfiguration: + $ref: '#/components/schemas/ComboChartSortConfiguration' + BarsArrangement: + $ref: '#/components/schemas/BarsArrangement' + CategoryAxis: + $ref: '#/components/schemas/AxisDisplayOptions' + CategoryLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + PrimaryYAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + PrimaryYAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + SecondaryYAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + SecondaryYAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ColorLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + Legend: + $ref: '#/components/schemas/LegendOptions' + BarDataLabels: + $ref: '#/components/schemas/DataLabelOptions' + LineDataLabels: + $ref: '#/components/schemas/DataLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + ReferenceLines: + type: array + items: + $ref: '#/components/schemas/ReferenceLine' + maxItems: 20 + minItems: 0 + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + ComboChartFieldWells: + type: object + properties: + ComboChartAggregatedFieldWells: + $ref: '#/components/schemas/ComboChartAggregatedFieldWells' + additionalProperties: false + ComboChartSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + CategoryItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + ColorSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + ColorItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + ComboChartVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/ComboChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + ComparisonConfiguration: + type: object + properties: + ComparisonMethod: + $ref: '#/components/schemas/ComparisonMethod' + ComparisonFormat: + $ref: '#/components/schemas/ComparisonFormatConfiguration' + additionalProperties: false + ComparisonFormatConfiguration: + type: object + properties: + NumberDisplayFormatConfiguration: + $ref: '#/components/schemas/NumberDisplayFormatConfiguration' + PercentageDisplayFormatConfiguration: + $ref: '#/components/schemas/PercentageDisplayFormatConfiguration' + additionalProperties: false + ComparisonMethod: + type: string + enum: + - DIFFERENCE + - PERCENT_DIFFERENCE + - PERCENT + Computation: + type: object + properties: + TopBottomRanked: + $ref: '#/components/schemas/TopBottomRankedComputation' + TopBottomMovers: + $ref: '#/components/schemas/TopBottomMoversComputation' + TotalAggregation: + $ref: '#/components/schemas/TotalAggregationComputation' + MaximumMinimum: + $ref: '#/components/schemas/MaximumMinimumComputation' + MetricComparison: + $ref: '#/components/schemas/MetricComparisonComputation' + PeriodOverPeriod: + $ref: '#/components/schemas/PeriodOverPeriodComputation' + PeriodToDate: + $ref: '#/components/schemas/PeriodToDateComputation' + GrowthRate: + $ref: '#/components/schemas/GrowthRateComputation' + UniqueValues: + $ref: '#/components/schemas/UniqueValuesComputation' + Forecast: + $ref: '#/components/schemas/ForecastComputation' + additionalProperties: false + ConditionalFormattingColor: + type: object + properties: + Solid: + $ref: '#/components/schemas/ConditionalFormattingSolidColor' + Gradient: + $ref: '#/components/schemas/ConditionalFormattingGradientColor' + additionalProperties: false + ConditionalFormattingCustomIconCondition: + type: object + properties: + Expression: + type: string + maxLength: 4096 + minLength: 1 + IconOptions: + $ref: '#/components/schemas/ConditionalFormattingCustomIconOptions' + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + DisplayConfiguration: + $ref: '#/components/schemas/ConditionalFormattingIconDisplayConfiguration' + required: + - Expression + - IconOptions + additionalProperties: false + ConditionalFormattingCustomIconOptions: + type: object + properties: + Icon: + $ref: '#/components/schemas/Icon' + UnicodeIcon: + type: string + pattern: ^[^\u0000-\u00FF]$ + additionalProperties: false + ConditionalFormattingGradientColor: + type: object + properties: + Expression: + type: string + maxLength: 4096 + minLength: 1 + Color: + $ref: '#/components/schemas/GradientColor' + required: + - Color + - Expression + additionalProperties: false + ConditionalFormattingIcon: + type: object + properties: + IconSet: + $ref: '#/components/schemas/ConditionalFormattingIconSet' + CustomCondition: + $ref: '#/components/schemas/ConditionalFormattingCustomIconCondition' + additionalProperties: false + ConditionalFormattingIconDisplayConfiguration: + type: object + properties: + IconDisplayOption: + $ref: '#/components/schemas/ConditionalFormattingIconDisplayOption' + additionalProperties: false + ConditionalFormattingIconDisplayOption: + type: string + enum: + - ICON_ONLY + ConditionalFormattingIconSet: + type: object + properties: + Expression: + type: string + maxLength: 4096 + minLength: 1 + IconSetType: + $ref: '#/components/schemas/ConditionalFormattingIconSetType' + required: + - Expression + additionalProperties: false + ConditionalFormattingIconSetType: + type: string + enum: + - PLUS_MINUS + - CHECK_X + - THREE_COLOR_ARROW + - THREE_GRAY_ARROW + - CARET_UP_MINUS_DOWN + - THREE_SHAPE + - THREE_CIRCLE + - FLAGS + - BARS + - FOUR_COLOR_ARROW + - FOUR_GRAY_ARROW + ConditionalFormattingSolidColor: + type: object + properties: + Expression: + type: string + maxLength: 4096 + minLength: 1 + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + required: + - Expression + additionalProperties: false + ContributionAnalysisDefault: + type: object + properties: + MeasureFieldId: + type: string + maxLength: 512 + minLength: 1 + ContributorDimensions: + type: array + items: + $ref: '#/components/schemas/ColumnIdentifier' + maxItems: 4 + minItems: 1 + required: + - ContributorDimensions + - MeasureFieldId + additionalProperties: false + CrossDatasetTypes: + type: string + enum: + - ALL_DATASETS + - SINGLE_DATASET + CurrencyDisplayFormatConfiguration: + type: object + properties: + Prefix: + type: string + maxLength: 128 + minLength: 1 + Suffix: + type: string + maxLength: 128 + minLength: 1 + SeparatorConfiguration: + $ref: '#/components/schemas/NumericSeparatorConfiguration' + Symbol: + type: string + pattern: '[A-Z]{3}' + DecimalPlacesConfiguration: + $ref: '#/components/schemas/DecimalPlacesConfiguration' + NumberScale: + $ref: '#/components/schemas/NumberScale' + NegativeValueConfiguration: + $ref: '#/components/schemas/NegativeValueConfiguration' + NullValueFormatConfiguration: + $ref: '#/components/schemas/NullValueFormatConfiguration' + additionalProperties: false + CustomActionFilterOperation: + type: object + properties: + SelectedFieldsConfiguration: + $ref: '#/components/schemas/FilterOperationSelectedFieldsConfiguration' + TargetVisualsConfiguration: + $ref: '#/components/schemas/FilterOperationTargetVisualsConfiguration' + required: + - SelectedFieldsConfiguration + - TargetVisualsConfiguration + additionalProperties: false + CustomActionNavigationOperation: + type: object + properties: + LocalNavigationConfiguration: + $ref: '#/components/schemas/LocalNavigationConfiguration' + additionalProperties: false + CustomActionSetParametersOperation: + type: object + properties: + ParameterValueConfigurations: + type: array + items: + $ref: '#/components/schemas/SetParameterValueConfiguration' + maxItems: 200 + minItems: 1 + required: + - ParameterValueConfigurations + additionalProperties: false + CustomActionURLOperation: + type: object + properties: + URLTemplate: + type: string + maxLength: 2048 + minLength: 1 + URLTarget: + $ref: '#/components/schemas/URLTargetConfiguration' + required: + - URLTarget + - URLTemplate + additionalProperties: false + CustomColor: + type: object + properties: + FieldValue: + type: string + maxLength: 2048 + minLength: 0 + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + SpecialValue: + $ref: '#/components/schemas/SpecialValue' + required: + - Color + additionalProperties: false + CustomContentConfiguration: + type: object + properties: + ContentUrl: + type: string + maxLength: 2048 + minLength: 1 + ContentType: + $ref: '#/components/schemas/CustomContentType' + ImageScaling: + $ref: '#/components/schemas/CustomContentImageScalingConfiguration' + additionalProperties: false + CustomContentImageScalingConfiguration: + type: string + enum: + - FIT_TO_HEIGHT + - FIT_TO_WIDTH + - DO_NOT_SCALE + - SCALE_TO_VISUAL + CustomContentType: + type: string + enum: + - IMAGE + - OTHER_EMBEDDED_CONTENT + CustomContentVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/CustomContentConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + DataSetIdentifier: + type: string + maxLength: 2048 + minLength: 1 + required: + - DataSetIdentifier + - VisualId + additionalProperties: false + CustomFilterConfiguration: + type: object + properties: + MatchOperator: + $ref: '#/components/schemas/CategoryFilterMatchOperator' + CategoryValue: + type: string + maxLength: 512 + minLength: 0 + SelectAllOptions: + $ref: '#/components/schemas/CategoryFilterSelectAllOptions' + ParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + NullOption: + $ref: '#/components/schemas/FilterNullOption' + required: + - MatchOperator + - NullOption + additionalProperties: false + CustomFilterListConfiguration: + type: object + properties: + MatchOperator: + $ref: '#/components/schemas/CategoryFilterMatchOperator' + CategoryValues: + type: array + items: + type: string + maxLength: 512 + minLength: 0 + maxItems: 100000 + minItems: 0 + SelectAllOptions: + $ref: '#/components/schemas/CategoryFilterSelectAllOptions' + NullOption: + $ref: '#/components/schemas/FilterNullOption' + required: + - MatchOperator + - NullOption + additionalProperties: false + CustomNarrativeOptions: + type: object + properties: + Narrative: + type: string + maxLength: 150000 + minLength: 0 + required: + - Narrative + additionalProperties: false + CustomParameterValues: + type: object + properties: + StringValues: + type: array + items: + type: string + maxItems: 50000 + minItems: 0 + IntegerValues: + type: array + items: + type: number + maxItems: 50000 + minItems: 0 + DecimalValues: + type: array + items: + type: number + maxItems: 50000 + minItems: 0 + DateTimeValues: + type: array + items: + type: string + format: date-time + maxItems: 50000 + minItems: 0 + additionalProperties: false + CustomValuesConfiguration: + type: object + properties: + IncludeNullValue: + type: boolean + CustomValues: + $ref: '#/components/schemas/CustomParameterValues' + required: + - CustomValues + additionalProperties: false + DataBarsOptions: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + PositiveColor: + type: string + pattern: ^#[A-F0-9]{6}$ + NegativeColor: + type: string + pattern: ^#[A-F0-9]{6}$ + required: + - FieldId + additionalProperties: false + DataColor: + type: object + properties: + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + DataValue: + type: number + default: null + additionalProperties: false + DataFieldSeriesItem: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + FieldValue: + type: string + AxisBinding: + $ref: '#/components/schemas/AxisBinding' + Settings: + $ref: '#/components/schemas/LineChartSeriesSettings' + required: + - AxisBinding + - FieldId + additionalProperties: false + DataLabelContent: + type: string + enum: + - VALUE + - PERCENT + - VALUE_AND_PERCENT + DataLabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + CategoryLabelVisibility: + $ref: '#/components/schemas/Visibility' + MeasureLabelVisibility: + $ref: '#/components/schemas/Visibility' + DataLabelTypes: + type: array + items: + $ref: '#/components/schemas/DataLabelType' + maxItems: 100 + minItems: 0 + Position: + $ref: '#/components/schemas/DataLabelPosition' + LabelContent: + $ref: '#/components/schemas/DataLabelContent' + LabelFontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + LabelColor: + type: string + pattern: ^#[A-F0-9]{6}$ + Overlap: + $ref: '#/components/schemas/DataLabelOverlap' + TotalsVisibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + DataLabelOverlap: + type: string + enum: + - DISABLE_OVERLAP + - ENABLE_OVERLAP + DataLabelPosition: + type: string + enum: + - INSIDE + - OUTSIDE + - LEFT + - TOP + - BOTTOM + - RIGHT + DataLabelType: + type: object + properties: + FieldLabelType: + $ref: '#/components/schemas/FieldLabelType' + DataPathLabelType: + $ref: '#/components/schemas/DataPathLabelType' + RangeEndsLabelType: + $ref: '#/components/schemas/RangeEndsLabelType' + MinimumLabelType: + $ref: '#/components/schemas/MinimumLabelType' + MaximumLabelType: + $ref: '#/components/schemas/MaximumLabelType' + additionalProperties: false + DataPathColor: + type: object + properties: + Element: + $ref: '#/components/schemas/DataPathValue' + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + required: + - Color + - Element + additionalProperties: false + DataPathLabelType: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + FieldValue: + type: string + maxLength: 2048 + minLength: 0 + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + DataPathSort: + type: object + properties: + Direction: + $ref: '#/components/schemas/SortDirection' + SortPaths: + type: array + items: + $ref: '#/components/schemas/DataPathValue' + maxItems: 20 + minItems: 0 + required: + - Direction + - SortPaths + additionalProperties: false + DataPathType: + type: object + properties: + PivotTableDataPathType: + $ref: '#/components/schemas/PivotTableDataPathType' + additionalProperties: false + DataPathValue: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + FieldValue: + type: string + maxLength: 2048 + minLength: 0 + DataPathType: + $ref: '#/components/schemas/DataPathType' + additionalProperties: false + DataSetIdentifierDeclaration: + type: object + properties: + Identifier: + type: string + maxLength: 2048 + minLength: 1 + DataSetArn: + type: string + required: + - DataSetArn + - Identifier + additionalProperties: false + DataSetReference: + type: object + properties: + DataSetPlaceholder: + type: string + pattern: .*\S.* + DataSetArn: + type: string + required: + - DataSetArn + - DataSetPlaceholder + additionalProperties: false + DateAggregationFunction: + type: string + enum: + - COUNT + - DISTINCT_COUNT + - MIN + - MAX + DateAxisOptions: + type: object + properties: + MissingDateVisibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + DateDimensionField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + DateGranularity: + $ref: '#/components/schemas/TimeGranularity' + HierarchyId: + type: string + maxLength: 512 + minLength: 1 + FormatConfiguration: + $ref: '#/components/schemas/DateTimeFormatConfiguration' + required: + - Column + - FieldId + additionalProperties: false + DateMeasureField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + AggregationFunction: + $ref: '#/components/schemas/DateAggregationFunction' + FormatConfiguration: + $ref: '#/components/schemas/DateTimeFormatConfiguration' + required: + - Column + - FieldId + additionalProperties: false + DateTimeDefaultValues: + type: object + properties: + DynamicValue: + $ref: '#/components/schemas/DynamicDefaultValue' + StaticValues: + type: array + items: + type: string + format: date-time + maxItems: 50000 + minItems: 0 + RollingDate: + $ref: '#/components/schemas/RollingDateConfiguration' + additionalProperties: false + DateTimeFormatConfiguration: + type: object + properties: + DateTimeFormat: + type: string + maxLength: 128 + minLength: 1 + NullValueFormatConfiguration: + $ref: '#/components/schemas/NullValueFormatConfiguration' + NumericFormatConfiguration: + $ref: '#/components/schemas/NumericFormatConfiguration' + additionalProperties: false + DateTimeHierarchy: + type: object + properties: + HierarchyId: + type: string + maxLength: 512 + minLength: 1 + DrillDownFilters: + type: array + items: + $ref: '#/components/schemas/DrillDownFilter' + maxItems: 10 + minItems: 0 + required: + - HierarchyId + additionalProperties: false + DateTimeParameter: + type: object + properties: + Name: + type: string + pattern: .*\S.* + Values: + type: array + items: + type: string + required: + - Name + - Values + additionalProperties: false + DateTimeParameterDeclaration: + type: object + properties: + Name: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DefaultValues: + $ref: '#/components/schemas/DateTimeDefaultValues' + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + ValueWhenUnset: + $ref: '#/components/schemas/DateTimeValueWhenUnsetConfiguration' + MappedDataSetParameters: + type: array + items: + $ref: '#/components/schemas/MappedDataSetParameter' + maxItems: 150 + minItems: 0 + required: + - Name + additionalProperties: false + DateTimePickerControlDisplayOptions: + type: object + properties: + TitleOptions: + $ref: '#/components/schemas/LabelOptions' + DateTimeFormat: + type: string + maxLength: 128 + minLength: 1 + InfoIconLabelOptions: + $ref: '#/components/schemas/SheetControlInfoIconLabelOptions' + additionalProperties: false + DateTimeValueWhenUnsetConfiguration: + type: object + properties: + ValueWhenUnsetOption: + $ref: '#/components/schemas/ValueWhenUnsetOption' + CustomValue: + type: string + format: date-time + additionalProperties: false + DayOfTheWeek: + type: string + enum: + - SUNDAY + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + DecimalDefaultValues: + type: object + properties: + DynamicValue: + $ref: '#/components/schemas/DynamicDefaultValue' + StaticValues: + type: array + items: + type: number + maxItems: 50000 + minItems: 0 + additionalProperties: false + DecimalParameter: + type: object + properties: + Name: + type: string + pattern: .*\S.* + Values: + type: array + items: + type: number + default: 0 + required: + - Name + - Values + additionalProperties: false + DecimalParameterDeclaration: + type: object + properties: + ParameterValueType: + $ref: '#/components/schemas/ParameterValueType' + Name: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DefaultValues: + $ref: '#/components/schemas/DecimalDefaultValues' + ValueWhenUnset: + $ref: '#/components/schemas/DecimalValueWhenUnsetConfiguration' + MappedDataSetParameters: + type: array + items: + $ref: '#/components/schemas/MappedDataSetParameter' + maxItems: 150 + minItems: 0 + required: + - Name + - ParameterValueType + additionalProperties: false + DecimalPlacesConfiguration: + type: object + properties: + DecimalPlaces: + type: number + maximum: 20 + minimum: 0 + required: + - DecimalPlaces + additionalProperties: false + DecimalValueWhenUnsetConfiguration: + type: object + properties: + ValueWhenUnsetOption: + $ref: '#/components/schemas/ValueWhenUnsetOption' + CustomValue: + type: number + default: null + additionalProperties: false + DefaultFreeFormLayoutConfiguration: + type: object + properties: + CanvasSizeOptions: + $ref: '#/components/schemas/FreeFormLayoutCanvasSizeOptions' + required: + - CanvasSizeOptions + additionalProperties: false + DefaultGridLayoutConfiguration: + type: object + properties: + CanvasSizeOptions: + $ref: '#/components/schemas/GridLayoutCanvasSizeOptions' + required: + - CanvasSizeOptions + additionalProperties: false + DefaultInteractiveLayoutConfiguration: + type: object + properties: + Grid: + $ref: '#/components/schemas/DefaultGridLayoutConfiguration' + FreeForm: + $ref: '#/components/schemas/DefaultFreeFormLayoutConfiguration' + additionalProperties: false + DefaultNewSheetConfiguration: + type: object + properties: + InteractiveLayoutConfiguration: + $ref: '#/components/schemas/DefaultInteractiveLayoutConfiguration' + PaginatedLayoutConfiguration: + $ref: '#/components/schemas/DefaultPaginatedLayoutConfiguration' + SheetContentType: + $ref: '#/components/schemas/SheetContentType' + additionalProperties: false + DefaultPaginatedLayoutConfiguration: + type: object + properties: + SectionBased: + $ref: '#/components/schemas/DefaultSectionBasedLayoutConfiguration' + additionalProperties: false + DefaultSectionBasedLayoutConfiguration: + type: object + properties: + CanvasSizeOptions: + $ref: '#/components/schemas/SectionBasedLayoutCanvasSizeOptions' + required: + - CanvasSizeOptions + additionalProperties: false + DestinationParameterValueConfiguration: + type: object + properties: + CustomValuesConfiguration: + $ref: '#/components/schemas/CustomValuesConfiguration' + SelectAllValueOptions: + $ref: '#/components/schemas/SelectAllValueOptions' + SourceParameterName: + type: string + SourceField: + type: string + maxLength: 512 + minLength: 1 + SourceColumn: + $ref: '#/components/schemas/ColumnIdentifier' + additionalProperties: false + DimensionField: + type: object + properties: + NumericalDimensionField: + $ref: '#/components/schemas/NumericalDimensionField' + CategoricalDimensionField: + $ref: '#/components/schemas/CategoricalDimensionField' + DateDimensionField: + $ref: '#/components/schemas/DateDimensionField' + additionalProperties: false + DonutCenterOptions: + type: object + properties: + LabelVisibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + DonutOptions: + type: object + properties: + ArcOptions: + $ref: '#/components/schemas/ArcOptions' + DonutCenterOptions: + $ref: '#/components/schemas/DonutCenterOptions' + additionalProperties: false + DrillDownFilter: + type: object + properties: + NumericEqualityFilter: + $ref: '#/components/schemas/NumericEqualityDrillDownFilter' + CategoryFilter: + $ref: '#/components/schemas/CategoryDrillDownFilter' + TimeRangeFilter: + $ref: '#/components/schemas/TimeRangeDrillDownFilter' + additionalProperties: false + DropDownControlDisplayOptions: + type: object + properties: + SelectAllOptions: + $ref: '#/components/schemas/ListControlSelectAllOptions' + TitleOptions: + $ref: '#/components/schemas/LabelOptions' + InfoIconLabelOptions: + $ref: '#/components/schemas/SheetControlInfoIconLabelOptions' + additionalProperties: false + DynamicDefaultValue: + type: object + properties: + UserNameColumn: + $ref: '#/components/schemas/ColumnIdentifier' + GroupNameColumn: + $ref: '#/components/schemas/ColumnIdentifier' + DefaultValueColumn: + $ref: '#/components/schemas/ColumnIdentifier' + required: + - DefaultValueColumn + additionalProperties: false + EmptyVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DataSetIdentifier: + type: string + maxLength: 2048 + minLength: 1 + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - DataSetIdentifier + - VisualId + additionalProperties: false + Entity: + type: object + properties: + Path: + type: string + pattern: .*\S.* + additionalProperties: false + ExcludePeriodConfiguration: + type: object + properties: + Amount: + type: number + default: null + Granularity: + $ref: '#/components/schemas/TimeGranularity' + Status: + $ref: '#/components/schemas/WidgetStatus' + required: + - Amount + - Granularity + additionalProperties: false + ExplicitHierarchy: + type: object + properties: + HierarchyId: + type: string + maxLength: 512 + minLength: 1 + Columns: + type: array + items: + $ref: '#/components/schemas/ColumnIdentifier' + maxItems: 10 + minItems: 2 + DrillDownFilters: + type: array + items: + $ref: '#/components/schemas/DrillDownFilter' + maxItems: 10 + minItems: 0 + required: + - Columns + - HierarchyId + additionalProperties: false + FieldBasedTooltip: + type: object + properties: + AggregationVisibility: + $ref: '#/components/schemas/Visibility' + TooltipTitleType: + $ref: '#/components/schemas/TooltipTitleType' + TooltipFields: + type: array + items: + $ref: '#/components/schemas/TooltipItem' + maxItems: 100 + minItems: 0 + additionalProperties: false + FieldLabelType: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + FieldSeriesItem: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + AxisBinding: + $ref: '#/components/schemas/AxisBinding' + Settings: + $ref: '#/components/schemas/LineChartSeriesSettings' + required: + - AxisBinding + - FieldId + additionalProperties: false + FieldSort: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Direction: + $ref: '#/components/schemas/SortDirection' + required: + - Direction + - FieldId + additionalProperties: false + FieldSortOptions: + type: object + properties: + FieldSort: + $ref: '#/components/schemas/FieldSort' + ColumnSort: + $ref: '#/components/schemas/ColumnSort' + additionalProperties: false + FieldTooltipItem: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Label: + type: string + Visibility: + $ref: '#/components/schemas/Visibility' + required: + - FieldId + additionalProperties: false + FilledMapAggregatedFieldWells: + type: object + properties: + Geospatial: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 1 + minItems: 0 + additionalProperties: false + FilledMapConditionalFormatting: + type: object + properties: + ConditionalFormattingOptions: + type: array + items: + $ref: '#/components/schemas/FilledMapConditionalFormattingOption' + maxItems: 200 + minItems: 0 + required: + - ConditionalFormattingOptions + additionalProperties: false + FilledMapConditionalFormattingOption: + type: object + properties: + Shape: + $ref: '#/components/schemas/FilledMapShapeConditionalFormatting' + required: + - Shape + additionalProperties: false + FilledMapConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/FilledMapFieldWells' + SortConfiguration: + $ref: '#/components/schemas/FilledMapSortConfiguration' + Legend: + $ref: '#/components/schemas/LegendOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + WindowOptions: + $ref: '#/components/schemas/GeospatialWindowOptions' + MapStyleOptions: + $ref: '#/components/schemas/GeospatialMapStyleOptions' + additionalProperties: false + FilledMapFieldWells: + type: object + properties: + FilledMapAggregatedFieldWells: + $ref: '#/components/schemas/FilledMapAggregatedFieldWells' + additionalProperties: false + FilledMapShapeConditionalFormatting: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Format: + $ref: '#/components/schemas/ShapeConditionalFormat' + required: + - FieldId + additionalProperties: false + FilledMapSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + additionalProperties: false + FilledMapVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/FilledMapConfiguration' + ConditionalFormatting: + $ref: '#/components/schemas/FilledMapConditionalFormatting' + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + Filter: + type: object + properties: + CategoryFilter: + $ref: '#/components/schemas/CategoryFilter' + NumericRangeFilter: + $ref: '#/components/schemas/NumericRangeFilter' + NumericEqualityFilter: + $ref: '#/components/schemas/NumericEqualityFilter' + TimeEqualityFilter: + $ref: '#/components/schemas/TimeEqualityFilter' + TimeRangeFilter: + $ref: '#/components/schemas/TimeRangeFilter' + RelativeDatesFilter: + $ref: '#/components/schemas/RelativeDatesFilter' + TopBottomFilter: + $ref: '#/components/schemas/TopBottomFilter' + additionalProperties: false + FilterControl: + type: object + properties: + DateTimePicker: + $ref: '#/components/schemas/FilterDateTimePickerControl' + List: + $ref: '#/components/schemas/FilterListControl' + Dropdown: + $ref: '#/components/schemas/FilterDropDownControl' + TextField: + $ref: '#/components/schemas/FilterTextFieldControl' + TextArea: + $ref: '#/components/schemas/FilterTextAreaControl' + Slider: + $ref: '#/components/schemas/FilterSliderControl' + RelativeDateTime: + $ref: '#/components/schemas/FilterRelativeDateTimeControl' + additionalProperties: false + FilterDateTimePickerControl: + type: object + properties: + FilterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceFilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DisplayOptions: + $ref: '#/components/schemas/DateTimePickerControlDisplayOptions' + Type: + $ref: '#/components/schemas/SheetControlDateTimePickerType' + required: + - FilterControlId + - SourceFilterId + - Title + additionalProperties: false + FilterDropDownControl: + type: object + properties: + FilterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceFilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DisplayOptions: + $ref: '#/components/schemas/DropDownControlDisplayOptions' + Type: + $ref: '#/components/schemas/SheetControlListType' + SelectableValues: + $ref: '#/components/schemas/FilterSelectableValues' + CascadingControlConfiguration: + $ref: '#/components/schemas/CascadingControlConfiguration' + required: + - FilterControlId + - SourceFilterId + - Title + additionalProperties: false + FilterGroup: + type: object + properties: + FilterGroupId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Filters: + type: array + items: + $ref: '#/components/schemas/Filter' + maxItems: 20 + minItems: 0 + ScopeConfiguration: + $ref: '#/components/schemas/FilterScopeConfiguration' + Status: + $ref: '#/components/schemas/WidgetStatus' + CrossDataset: + $ref: '#/components/schemas/CrossDatasetTypes' + required: + - CrossDataset + - FilterGroupId + - Filters + - ScopeConfiguration + additionalProperties: false + FilterListConfiguration: + type: object + properties: + MatchOperator: + $ref: '#/components/schemas/CategoryFilterMatchOperator' + CategoryValues: + type: array + items: + type: string + maxLength: 512 + minLength: 0 + maxItems: 100000 + minItems: 0 + SelectAllOptions: + $ref: '#/components/schemas/CategoryFilterSelectAllOptions' + NullOption: + $ref: '#/components/schemas/FilterNullOption' + required: + - MatchOperator + additionalProperties: false + FilterListControl: + type: object + properties: + FilterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceFilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DisplayOptions: + $ref: '#/components/schemas/ListControlDisplayOptions' + Type: + $ref: '#/components/schemas/SheetControlListType' + SelectableValues: + $ref: '#/components/schemas/FilterSelectableValues' + CascadingControlConfiguration: + $ref: '#/components/schemas/CascadingControlConfiguration' + required: + - FilterControlId + - SourceFilterId + - Title + additionalProperties: false + FilterNullOption: + type: string + enum: + - ALL_VALUES + - NULLS_ONLY + - NON_NULLS_ONLY + FilterOperationSelectedFieldsConfiguration: + type: object + properties: + SelectedFields: + type: array + items: + type: string + maxLength: 512 + minLength: 1 + maxItems: 20 + minItems: 1 + SelectedFieldOptions: + $ref: '#/components/schemas/SelectedFieldOptions' + SelectedColumns: + type: array + items: + $ref: '#/components/schemas/ColumnIdentifier' + maxItems: 10 + minItems: 0 + additionalProperties: false + FilterOperationTargetVisualsConfiguration: + type: object + properties: + SameSheetTargetVisualConfiguration: + $ref: '#/components/schemas/SameSheetTargetVisualConfiguration' + additionalProperties: false + FilterRelativeDateTimeControl: + type: object + properties: + FilterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceFilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DisplayOptions: + $ref: '#/components/schemas/RelativeDateTimeControlDisplayOptions' + required: + - FilterControlId + - SourceFilterId + - Title + additionalProperties: false + FilterScopeConfiguration: + type: object + properties: + SelectedSheets: + $ref: '#/components/schemas/SelectedSheetsFilterScopeConfiguration' + AllSheets: + $ref: '#/components/schemas/AllSheetsFilterScopeConfiguration' + additionalProperties: false + FilterSelectableValues: + type: object + properties: + Values: + type: array + items: + type: string + maxItems: 50000 + minItems: 0 + additionalProperties: false + FilterSliderControl: + type: object + properties: + FilterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceFilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DisplayOptions: + $ref: '#/components/schemas/SliderControlDisplayOptions' + Type: + $ref: '#/components/schemas/SheetControlSliderType' + MaximumValue: + type: number + default: 0 + MinimumValue: + type: number + default: 0 + StepSize: + type: number + default: 0 + required: + - FilterControlId + - MaximumValue + - MinimumValue + - SourceFilterId + - StepSize + - Title + additionalProperties: false + FilterTextAreaControl: + type: object + properties: + FilterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceFilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Delimiter: + type: string + maxLength: 2048 + minLength: 1 + DisplayOptions: + $ref: '#/components/schemas/TextAreaControlDisplayOptions' + required: + - FilterControlId + - SourceFilterId + - Title + additionalProperties: false + FilterTextFieldControl: + type: object + properties: + FilterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceFilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DisplayOptions: + $ref: '#/components/schemas/TextFieldControlDisplayOptions' + required: + - FilterControlId + - SourceFilterId + - Title + additionalProperties: false + FilterVisualScope: + type: string + enum: + - ALL_VISUALS + - SELECTED_VISUALS + FontConfiguration: + type: object + properties: + FontSize: + $ref: '#/components/schemas/FontSize' + FontDecoration: + $ref: '#/components/schemas/FontDecoration' + FontColor: + type: string + pattern: ^#[A-F0-9]{6}$ + FontWeight: + $ref: '#/components/schemas/FontWeight' + FontStyle: + $ref: '#/components/schemas/FontStyle' + additionalProperties: false + FontDecoration: + type: string + enum: + - UNDERLINE + - NONE + FontSize: + type: object + properties: + Relative: + $ref: '#/components/schemas/RelativeFontSize' + additionalProperties: false + FontStyle: + type: string + enum: + - NORMAL + - ITALIC + FontWeight: + type: object + properties: + Name: + $ref: '#/components/schemas/FontWeightName' + additionalProperties: false + FontWeightName: + type: string + enum: + - NORMAL + - BOLD + ForecastComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Time: + $ref: '#/components/schemas/DimensionField' + Value: + $ref: '#/components/schemas/MeasureField' + PeriodsForward: + type: number + maximum: 1000 + minimum: 1 + PeriodsBackward: + type: number + maximum: 1000 + minimum: 0 + UpperBoundary: + type: number + default: null + LowerBoundary: + type: number + default: null + PredictionInterval: + type: number + maximum: 95 + minimum: 50 + Seasonality: + $ref: '#/components/schemas/ForecastComputationSeasonality' + CustomSeasonalityValue: + type: number + default: null + maximum: 180 + minimum: 1 + required: + - ComputationId + additionalProperties: false + ForecastComputationSeasonality: + type: string + enum: + - AUTOMATIC + - CUSTOM + ForecastConfiguration: + type: object + properties: + ForecastProperties: + $ref: '#/components/schemas/TimeBasedForecastProperties' + Scenario: + $ref: '#/components/schemas/ForecastScenario' + additionalProperties: false + ForecastScenario: + type: object + properties: + WhatIfPointScenario: + $ref: '#/components/schemas/WhatIfPointScenario' + WhatIfRangeScenario: + $ref: '#/components/schemas/WhatIfRangeScenario' + additionalProperties: false + FormatConfiguration: + type: object + properties: + StringFormatConfiguration: + $ref: '#/components/schemas/StringFormatConfiguration' + NumberFormatConfiguration: + $ref: '#/components/schemas/NumberFormatConfiguration' + DateTimeFormatConfiguration: + $ref: '#/components/schemas/DateTimeFormatConfiguration' + additionalProperties: false + FreeFormLayoutCanvasSizeOptions: + type: object + properties: + ScreenCanvasSizeOptions: + $ref: '#/components/schemas/FreeFormLayoutScreenCanvasSizeOptions' + additionalProperties: false + FreeFormLayoutConfiguration: + type: object + properties: + Elements: + type: array + items: + $ref: '#/components/schemas/FreeFormLayoutElement' + maxItems: 430 + minItems: 0 + CanvasSizeOptions: + $ref: '#/components/schemas/FreeFormLayoutCanvasSizeOptions' + required: + - Elements + additionalProperties: false + FreeFormLayoutElement: + type: object + properties: + ElementId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + ElementType: + $ref: '#/components/schemas/LayoutElementType' + XAxisLocation: + type: string + description: String based length that is composed of value and unit in px + YAxisLocation: + type: string + description: String based length that is composed of value and unit in px with Integer.MAX_VALUE as maximum value + Width: + type: string + description: String based length that is composed of value and unit in px + Height: + type: string + description: String based length that is composed of value and unit in px + Visibility: + $ref: '#/components/schemas/Visibility' + RenderingRules: + type: array + items: + $ref: '#/components/schemas/SheetElementRenderingRule' + maxItems: 10000 + minItems: 0 + BorderStyle: + $ref: '#/components/schemas/FreeFormLayoutElementBorderStyle' + SelectedBorderStyle: + $ref: '#/components/schemas/FreeFormLayoutElementBorderStyle' + BackgroundStyle: + $ref: '#/components/schemas/FreeFormLayoutElementBackgroundStyle' + LoadingAnimation: + $ref: '#/components/schemas/LoadingAnimation' + required: + - ElementId + - ElementType + - Height + - Width + - XAxisLocation + - YAxisLocation + additionalProperties: false + FreeFormLayoutElementBackgroundStyle: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + Color: + type: string + pattern: ^#[A-F0-9]{6}(?:[A-F0-9]{2})?$ + additionalProperties: false + FreeFormLayoutElementBorderStyle: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + Color: + type: string + pattern: ^#[A-F0-9]{6}(?:[A-F0-9]{2})?$ + additionalProperties: false + FreeFormLayoutScreenCanvasSizeOptions: + type: object + properties: + OptimizedViewPortWidth: + type: string + description: String based length that is composed of value and unit in px + required: + - OptimizedViewPortWidth + additionalProperties: false + FreeFormSectionLayoutConfiguration: + type: object + properties: + Elements: + type: array + items: + $ref: '#/components/schemas/FreeFormLayoutElement' + maxItems: 430 + minItems: 0 + required: + - Elements + additionalProperties: false + FunnelChartAggregatedFieldWells: + type: object + properties: + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 1 + minItems: 0 + additionalProperties: false + FunnelChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/FunnelChartFieldWells' + SortConfiguration: + $ref: '#/components/schemas/FunnelChartSortConfiguration' + CategoryLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ValueLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + DataLabelOptions: + $ref: '#/components/schemas/FunnelChartDataLabelOptions' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + FunnelChartDataLabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + CategoryLabelVisibility: + $ref: '#/components/schemas/Visibility' + MeasureLabelVisibility: + $ref: '#/components/schemas/Visibility' + Position: + $ref: '#/components/schemas/DataLabelPosition' + LabelFontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + LabelColor: + type: string + pattern: ^#[A-F0-9]{6}$ + MeasureDataLabelStyle: + $ref: '#/components/schemas/FunnelChartMeasureDataLabelStyle' + additionalProperties: false + FunnelChartFieldWells: + type: object + properties: + FunnelChartAggregatedFieldWells: + $ref: '#/components/schemas/FunnelChartAggregatedFieldWells' + additionalProperties: false + FunnelChartMeasureDataLabelStyle: + type: string + enum: + - VALUE_ONLY + - PERCENTAGE_BY_FIRST_STAGE + - PERCENTAGE_BY_PREVIOUS_STAGE + - VALUE_AND_PERCENTAGE_BY_FIRST_STAGE + - VALUE_AND_PERCENTAGE_BY_PREVIOUS_STAGE + FunnelChartSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + CategoryItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + FunnelChartVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/FunnelChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + GaugeChartArcConditionalFormatting: + type: object + properties: + ForegroundColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + additionalProperties: false + GaugeChartConditionalFormatting: + type: object + properties: + ConditionalFormattingOptions: + type: array + items: + $ref: '#/components/schemas/GaugeChartConditionalFormattingOption' + maxItems: 100 + minItems: 0 + additionalProperties: false + GaugeChartConditionalFormattingOption: + type: object + properties: + PrimaryValue: + $ref: '#/components/schemas/GaugeChartPrimaryValueConditionalFormatting' + Arc: + $ref: '#/components/schemas/GaugeChartArcConditionalFormatting' + additionalProperties: false + GaugeChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/GaugeChartFieldWells' + GaugeChartOptions: + $ref: '#/components/schemas/GaugeChartOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + TooltipOptions: + $ref: '#/components/schemas/TooltipOptions' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + GaugeChartFieldWells: + type: object + properties: + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + TargetValues: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + additionalProperties: false + GaugeChartOptions: + type: object + properties: + PrimaryValueDisplayType: + $ref: '#/components/schemas/PrimaryValueDisplayType' + Comparison: + $ref: '#/components/schemas/ComparisonConfiguration' + ArcAxis: + $ref: '#/components/schemas/ArcAxisConfiguration' + Arc: + $ref: '#/components/schemas/ArcConfiguration' + PrimaryValueFontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + additionalProperties: false + GaugeChartPrimaryValueConditionalFormatting: + type: object + properties: + TextColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + Icon: + $ref: '#/components/schemas/ConditionalFormattingIcon' + additionalProperties: false + GaugeChartVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/GaugeChartConfiguration' + ConditionalFormatting: + $ref: '#/components/schemas/GaugeChartConditionalFormatting' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + GeospatialCoordinateBounds: + type: object + properties: + North: + type: number + maximum: 90 + minimum: -90 + South: + type: number + maximum: 90 + minimum: -90 + West: + type: number + maximum: 1800 + minimum: -1800 + East: + type: number + maximum: 1800 + minimum: -1800 + required: + - East + - North + - South + - West + additionalProperties: false + GeospatialHeatmapColorScale: + type: object + properties: + Colors: + type: array + items: + $ref: '#/components/schemas/GeospatialHeatmapDataColor' + maxItems: 2 + minItems: 2 + additionalProperties: false + GeospatialHeatmapConfiguration: + type: object + properties: + HeatmapColor: + $ref: '#/components/schemas/GeospatialHeatmapColorScale' + additionalProperties: false + GeospatialHeatmapDataColor: + type: object + properties: + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + required: + - Color + additionalProperties: false + GeospatialMapAggregatedFieldWells: + type: object + properties: + Geospatial: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Colors: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + additionalProperties: false + GeospatialMapConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/GeospatialMapFieldWells' + Legend: + $ref: '#/components/schemas/LegendOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + WindowOptions: + $ref: '#/components/schemas/GeospatialWindowOptions' + MapStyleOptions: + $ref: '#/components/schemas/GeospatialMapStyleOptions' + PointStyleOptions: + $ref: '#/components/schemas/GeospatialPointStyleOptions' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + GeospatialMapFieldWells: + type: object + properties: + GeospatialMapAggregatedFieldWells: + $ref: '#/components/schemas/GeospatialMapAggregatedFieldWells' + additionalProperties: false + GeospatialMapStyleOptions: + type: object + properties: + BaseMapStyle: + $ref: '#/components/schemas/BaseMapStyleType' + additionalProperties: false + GeospatialMapVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/GeospatialMapConfiguration' + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + GeospatialPointStyleOptions: + type: object + properties: + SelectedPointStyle: + $ref: '#/components/schemas/GeospatialSelectedPointStyle' + ClusterMarkerConfiguration: + $ref: '#/components/schemas/ClusterMarkerConfiguration' + HeatmapConfiguration: + $ref: '#/components/schemas/GeospatialHeatmapConfiguration' + additionalProperties: false + GeospatialSelectedPointStyle: + type: string + enum: + - POINT + - CLUSTER + - HEATMAP + GeospatialWindowOptions: + type: object + properties: + Bounds: + $ref: '#/components/schemas/GeospatialCoordinateBounds' + MapZoomMode: + $ref: '#/components/schemas/MapZoomMode' + additionalProperties: false + GlobalTableBorderOptions: + type: object + properties: + UniformBorder: + $ref: '#/components/schemas/TableBorderOptions' + SideSpecificBorder: + $ref: '#/components/schemas/TableSideBorderOptions' + additionalProperties: false + GradientColor: + type: object + properties: + Stops: + type: array + items: + $ref: '#/components/schemas/GradientStop' + maxItems: 100 + minItems: 0 + additionalProperties: false + GradientStop: + type: object + properties: + GradientOffset: + type: number + default: 0 + DataValue: + type: number + default: null + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + required: + - GradientOffset + additionalProperties: false + GridLayoutCanvasSizeOptions: + type: object + properties: + ScreenCanvasSizeOptions: + $ref: '#/components/schemas/GridLayoutScreenCanvasSizeOptions' + additionalProperties: false + GridLayoutConfiguration: + type: object + properties: + Elements: + type: array + items: + $ref: '#/components/schemas/GridLayoutElement' + maxItems: 430 + minItems: 0 + CanvasSizeOptions: + $ref: '#/components/schemas/GridLayoutCanvasSizeOptions' + required: + - Elements + additionalProperties: false + GridLayoutElement: + type: object + properties: + ElementId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + ElementType: + $ref: '#/components/schemas/LayoutElementType' + ColumnIndex: + type: number + maximum: 35 + minimum: 0 + ColumnSpan: + type: number + maximum: 36 + minimum: 1 + RowIndex: + type: number + maximum: 9009 + minimum: 0 + RowSpan: + type: number + maximum: 21 + minimum: 1 + required: + - ColumnSpan + - ElementId + - ElementType + - RowSpan + additionalProperties: false + GridLayoutScreenCanvasSizeOptions: + type: object + properties: + ResizeOption: + $ref: '#/components/schemas/ResizeOption' + OptimizedViewPortWidth: + type: string + description: String based length that is composed of value and unit in px + required: + - ResizeOption + additionalProperties: false + GrowthRateComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Time: + $ref: '#/components/schemas/DimensionField' + Value: + $ref: '#/components/schemas/MeasureField' + PeriodSize: + type: number + default: 0 + maximum: 52 + minimum: 2 + required: + - ComputationId + additionalProperties: false + HeaderFooterSectionConfiguration: + type: object + properties: + SectionId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Layout: + $ref: '#/components/schemas/SectionLayoutConfiguration' + Style: + $ref: '#/components/schemas/SectionStyle' + required: + - Layout + - SectionId + additionalProperties: false + HeatMapAggregatedFieldWells: + type: object + properties: + Rows: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Columns: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 1 + minItems: 0 + additionalProperties: false + HeatMapConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/HeatMapFieldWells' + SortConfiguration: + $ref: '#/components/schemas/HeatMapSortConfiguration' + RowLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ColumnLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ColorScale: + $ref: '#/components/schemas/ColorScale' + Legend: + $ref: '#/components/schemas/LegendOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + additionalProperties: false + HeatMapFieldWells: + type: object + properties: + HeatMapAggregatedFieldWells: + $ref: '#/components/schemas/HeatMapAggregatedFieldWells' + additionalProperties: false + HeatMapSortConfiguration: + type: object + properties: + HeatMapRowSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + HeatMapColumnSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + HeatMapRowItemsLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + HeatMapColumnItemsLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + HeatMapVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/HeatMapConfiguration' + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + HistogramAggregatedFieldWells: + type: object + properties: + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 1 + minItems: 0 + additionalProperties: false + HistogramBinOptions: + type: object + properties: + SelectedBinType: + $ref: '#/components/schemas/HistogramBinType' + BinCount: + $ref: '#/components/schemas/BinCountOptions' + BinWidth: + $ref: '#/components/schemas/BinWidthOptions' + StartValue: + type: number + default: null + additionalProperties: false + HistogramBinType: + type: string + enum: + - BIN_COUNT + - BIN_WIDTH + HistogramConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/HistogramFieldWells' + XAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + XAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + YAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + BinOptions: + $ref: '#/components/schemas/HistogramBinOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + HistogramFieldWells: + type: object + properties: + HistogramAggregatedFieldWells: + $ref: '#/components/schemas/HistogramAggregatedFieldWells' + additionalProperties: false + HistogramVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/HistogramConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + HorizontalTextAlignment: + type: string + enum: + - LEFT + - CENTER + - RIGHT + - AUTO + Icon: + type: string + enum: + - CARET_UP + - CARET_DOWN + - PLUS + - MINUS + - ARROW_UP + - ARROW_DOWN + - ARROW_LEFT + - ARROW_UP_LEFT + - ARROW_DOWN_LEFT + - ARROW_RIGHT + - ARROW_UP_RIGHT + - ARROW_DOWN_RIGHT + - FACE_UP + - FACE_DOWN + - FACE_FLAT + - ONE_BAR + - TWO_BAR + - THREE_BAR + - CIRCLE + - TRIANGLE + - SQUARE + - FLAG + - THUMBS_UP + - THUMBS_DOWN + - CHECKMARK + - X + InsightConfiguration: + type: object + properties: + Computations: + type: array + items: + $ref: '#/components/schemas/Computation' + maxItems: 100 + minItems: 0 + CustomNarrative: + $ref: '#/components/schemas/CustomNarrativeOptions' + additionalProperties: false + InsightVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + InsightConfiguration: + $ref: '#/components/schemas/InsightConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + DataSetIdentifier: + type: string + maxLength: 2048 + minLength: 1 + required: + - DataSetIdentifier + - VisualId + additionalProperties: false + IntegerDefaultValues: + type: object + properties: + DynamicValue: + $ref: '#/components/schemas/DynamicDefaultValue' + StaticValues: + type: array + items: + type: number + maxItems: 50000 + minItems: 0 + additionalProperties: false + IntegerParameter: + type: object + properties: + Name: + type: string + pattern: .*\S.* + Values: + type: array + items: + type: number + default: 0 + required: + - Name + - Values + additionalProperties: false + IntegerParameterDeclaration: + type: object + properties: + ParameterValueType: + $ref: '#/components/schemas/ParameterValueType' + Name: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DefaultValues: + $ref: '#/components/schemas/IntegerDefaultValues' + ValueWhenUnset: + $ref: '#/components/schemas/IntegerValueWhenUnsetConfiguration' + MappedDataSetParameters: + type: array + items: + $ref: '#/components/schemas/MappedDataSetParameter' + maxItems: 150 + minItems: 0 + required: + - Name + - ParameterValueType + additionalProperties: false + IntegerValueWhenUnsetConfiguration: + type: object + properties: + ValueWhenUnsetOption: + $ref: '#/components/schemas/ValueWhenUnsetOption' + CustomValue: + type: number + default: null + additionalProperties: false + ItemsLimitConfiguration: + type: object + properties: + ItemsLimit: + type: number + default: null + OtherCategories: + $ref: '#/components/schemas/OtherCategories' + additionalProperties: false + KPIActualValueConditionalFormatting: + type: object + properties: + TextColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + Icon: + $ref: '#/components/schemas/ConditionalFormattingIcon' + additionalProperties: false + KPIComparisonValueConditionalFormatting: + type: object + properties: + TextColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + Icon: + $ref: '#/components/schemas/ConditionalFormattingIcon' + additionalProperties: false + KPIConditionalFormatting: + type: object + properties: + ConditionalFormattingOptions: + type: array + items: + $ref: '#/components/schemas/KPIConditionalFormattingOption' + maxItems: 100 + minItems: 0 + additionalProperties: false + KPIConditionalFormattingOption: + type: object + properties: + PrimaryValue: + $ref: '#/components/schemas/KPIPrimaryValueConditionalFormatting' + ProgressBar: + $ref: '#/components/schemas/KPIProgressBarConditionalFormatting' + ActualValue: + $ref: '#/components/schemas/KPIActualValueConditionalFormatting' + ComparisonValue: + $ref: '#/components/schemas/KPIComparisonValueConditionalFormatting' + additionalProperties: false + KPIConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/KPIFieldWells' + SortConfiguration: + $ref: '#/components/schemas/KPISortConfiguration' + KPIOptions: + $ref: '#/components/schemas/KPIOptions' + additionalProperties: false + KPIFieldWells: + type: object + properties: + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + TargetValues: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + TrendGroups: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + additionalProperties: false + KPIOptions: + type: object + properties: + ProgressBar: + $ref: '#/components/schemas/ProgressBarOptions' + TrendArrows: + $ref: '#/components/schemas/TrendArrowOptions' + SecondaryValue: + $ref: '#/components/schemas/SecondaryValueOptions' + Comparison: + $ref: '#/components/schemas/ComparisonConfiguration' + PrimaryValueDisplayType: + $ref: '#/components/schemas/PrimaryValueDisplayType' + PrimaryValueFontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + SecondaryValueFontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + Sparkline: + $ref: '#/components/schemas/KPISparklineOptions' + VisualLayoutOptions: + $ref: '#/components/schemas/KPIVisualLayoutOptions' + additionalProperties: false + KPIPrimaryValueConditionalFormatting: + type: object + properties: + TextColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + Icon: + $ref: '#/components/schemas/ConditionalFormattingIcon' + additionalProperties: false + KPIProgressBarConditionalFormatting: + type: object + properties: + ForegroundColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + additionalProperties: false + KPISortConfiguration: + type: object + properties: + TrendGroupSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + additionalProperties: false + KPISparklineOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + Type: + $ref: '#/components/schemas/KPISparklineType' + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + TooltipVisibility: + $ref: '#/components/schemas/Visibility' + required: + - Type + additionalProperties: false + KPISparklineType: + type: string + enum: + - LINE + - AREA + KPIVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/KPIConfiguration' + ConditionalFormatting: + $ref: '#/components/schemas/KPIConditionalFormatting' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + KPIVisualLayoutOptions: + type: object + properties: + StandardLayout: + $ref: '#/components/schemas/KPIVisualStandardLayout' + additionalProperties: false + KPIVisualStandardLayout: + type: object + properties: + Type: + $ref: '#/components/schemas/KPIVisualStandardLayoutType' + required: + - Type + additionalProperties: false + KPIVisualStandardLayoutType: + type: string + enum: + - CLASSIC + - VERTICAL + LabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + FontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + CustomLabel: + type: string + additionalProperties: false + Layout: + type: object + properties: + Configuration: + $ref: '#/components/schemas/LayoutConfiguration' + required: + - Configuration + additionalProperties: false + LayoutConfiguration: + type: object + properties: + GridLayout: + $ref: '#/components/schemas/GridLayoutConfiguration' + FreeFormLayout: + $ref: '#/components/schemas/FreeFormLayoutConfiguration' + SectionBasedLayout: + $ref: '#/components/schemas/SectionBasedLayoutConfiguration' + additionalProperties: false + LayoutElementType: + type: string + enum: + - VISUAL + - FILTER_CONTROL + - PARAMETER_CONTROL + - TEXT_BOX + LegendOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + Title: + $ref: '#/components/schemas/LabelOptions' + Position: + $ref: '#/components/schemas/LegendPosition' + Width: + type: string + description: String based length that is composed of value and unit in px + Height: + type: string + description: String based length that is composed of value and unit in px + additionalProperties: false + LegendPosition: + type: string + enum: + - AUTO + - RIGHT + - BOTTOM + - TOP + LineChartAggregatedFieldWells: + type: object + properties: + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Colors: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + SmallMultiples: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + additionalProperties: false + LineChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/LineChartFieldWells' + SortConfiguration: + $ref: '#/components/schemas/LineChartSortConfiguration' + ForecastConfigurations: + type: array + items: + $ref: '#/components/schemas/ForecastConfiguration' + maxItems: 10 + minItems: 0 + Type: + $ref: '#/components/schemas/LineChartType' + SmallMultiplesOptions: + $ref: '#/components/schemas/SmallMultiplesOptions' + XAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + XAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + PrimaryYAxisDisplayOptions: + $ref: '#/components/schemas/LineSeriesAxisDisplayOptions' + PrimaryYAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + SecondaryYAxisDisplayOptions: + $ref: '#/components/schemas/LineSeriesAxisDisplayOptions' + SecondaryYAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + DefaultSeriesSettings: + $ref: '#/components/schemas/LineChartDefaultSeriesSettings' + Series: + type: array + items: + $ref: '#/components/schemas/SeriesItem' + maxItems: 10 + minItems: 0 + Legend: + $ref: '#/components/schemas/LegendOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + ReferenceLines: + type: array + items: + $ref: '#/components/schemas/ReferenceLine' + maxItems: 20 + minItems: 0 + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + ContributionAnalysisDefaults: + type: array + items: + $ref: '#/components/schemas/ContributionAnalysisDefault' + maxItems: 200 + minItems: 1 + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + LineChartDefaultSeriesSettings: + type: object + properties: + AxisBinding: + $ref: '#/components/schemas/AxisBinding' + LineStyleSettings: + $ref: '#/components/schemas/LineChartLineStyleSettings' + MarkerStyleSettings: + $ref: '#/components/schemas/LineChartMarkerStyleSettings' + additionalProperties: false + LineChartFieldWells: + type: object + properties: + LineChartAggregatedFieldWells: + $ref: '#/components/schemas/LineChartAggregatedFieldWells' + additionalProperties: false + LineChartLineStyle: + type: string + enum: + - SOLID + - DOTTED + - DASHED + LineChartLineStyleSettings: + type: object + properties: + LineVisibility: + $ref: '#/components/schemas/Visibility' + LineInterpolation: + $ref: '#/components/schemas/LineInterpolation' + LineStyle: + $ref: '#/components/schemas/LineChartLineStyle' + LineWidth: + type: string + description: String based length that is composed of value and unit in px + additionalProperties: false + LineChartMarkerShape: + type: string + enum: + - CIRCLE + - TRIANGLE + - SQUARE + - DIAMOND + - ROUNDED_SQUARE + LineChartMarkerStyleSettings: + type: object + properties: + MarkerVisibility: + $ref: '#/components/schemas/Visibility' + MarkerShape: + $ref: '#/components/schemas/LineChartMarkerShape' + MarkerSize: + type: string + description: String based length that is composed of value and unit in px + MarkerColor: + type: string + pattern: ^#[A-F0-9]{6}$ + additionalProperties: false + LineChartSeriesSettings: + type: object + properties: + LineStyleSettings: + $ref: '#/components/schemas/LineChartLineStyleSettings' + MarkerStyleSettings: + $ref: '#/components/schemas/LineChartMarkerStyleSettings' + additionalProperties: false + LineChartSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + CategoryItemsLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + ColorItemsLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + SmallMultiplesSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + SmallMultiplesLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + LineChartType: + type: string + enum: + - LINE + - AREA + - STACKED_AREA + LineChartVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/LineChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + LineInterpolation: + type: string + enum: + - LINEAR + - SMOOTH + - STEPPED + LineSeriesAxisDisplayOptions: + type: object + properties: + AxisOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + MissingDataConfigurations: + type: array + items: + $ref: '#/components/schemas/MissingDataConfiguration' + maxItems: 100 + minItems: 0 + additionalProperties: false + ListControlDisplayOptions: + type: object + properties: + SearchOptions: + $ref: '#/components/schemas/ListControlSearchOptions' + SelectAllOptions: + $ref: '#/components/schemas/ListControlSelectAllOptions' + TitleOptions: + $ref: '#/components/schemas/LabelOptions' + InfoIconLabelOptions: + $ref: '#/components/schemas/SheetControlInfoIconLabelOptions' + additionalProperties: false + ListControlSearchOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + ListControlSelectAllOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + LoadingAnimation: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + LocalNavigationConfiguration: + type: object + properties: + TargetSheetId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + required: + - TargetSheetId + additionalProperties: false + LongFormatText: + type: object + properties: + PlainText: + type: string + maxLength: 1024 + minLength: 1 + RichText: + type: string + maxLength: 2048 + minLength: 1 + additionalProperties: false + MapZoomMode: + type: string + enum: + - AUTO + - MANUAL + MappedDataSetParameter: + type: object + properties: + DataSetIdentifier: + type: string + maxLength: 2048 + minLength: 1 + DataSetParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + required: + - DataSetIdentifier + - DataSetParameterName + additionalProperties: false + MaximumLabelType: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + MaximumMinimumComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Time: + $ref: '#/components/schemas/DimensionField' + Value: + $ref: '#/components/schemas/MeasureField' + Type: + $ref: '#/components/schemas/MaximumMinimumComputationType' + required: + - ComputationId + - Type + additionalProperties: false + MaximumMinimumComputationType: + type: string + enum: + - MAXIMUM + - MINIMUM + MeasureField: + type: object + properties: + NumericalMeasureField: + $ref: '#/components/schemas/NumericalMeasureField' + CategoricalMeasureField: + $ref: '#/components/schemas/CategoricalMeasureField' + DateMeasureField: + $ref: '#/components/schemas/DateMeasureField' + CalculatedMeasureField: + $ref: '#/components/schemas/CalculatedMeasureField' + additionalProperties: false + MetricComparisonComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Time: + $ref: '#/components/schemas/DimensionField' + FromValue: + $ref: '#/components/schemas/MeasureField' + TargetValue: + $ref: '#/components/schemas/MeasureField' + required: + - ComputationId + additionalProperties: false + MinimumLabelType: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + MissingDataConfiguration: + type: object + properties: + TreatmentOption: + $ref: '#/components/schemas/MissingDataTreatmentOption' + additionalProperties: false + MissingDataTreatmentOption: + type: string + enum: + - INTERPOLATE + - SHOW_AS_ZERO + - SHOW_AS_BLANK + NegativeValueConfiguration: + type: object + properties: + DisplayMode: + $ref: '#/components/schemas/NegativeValueDisplayMode' + required: + - DisplayMode + additionalProperties: false + NegativeValueDisplayMode: + type: string + enum: + - POSITIVE + - NEGATIVE + NullValueFormatConfiguration: + type: object + properties: + NullString: + type: string + maxLength: 128 + minLength: 1 + required: + - NullString + additionalProperties: false + NumberDisplayFormatConfiguration: + type: object + properties: + Prefix: + type: string + maxLength: 128 + minLength: 1 + Suffix: + type: string + maxLength: 128 + minLength: 1 + SeparatorConfiguration: + $ref: '#/components/schemas/NumericSeparatorConfiguration' + DecimalPlacesConfiguration: + $ref: '#/components/schemas/DecimalPlacesConfiguration' + NumberScale: + $ref: '#/components/schemas/NumberScale' + NegativeValueConfiguration: + $ref: '#/components/schemas/NegativeValueConfiguration' + NullValueFormatConfiguration: + $ref: '#/components/schemas/NullValueFormatConfiguration' + additionalProperties: false + NumberFormatConfiguration: + type: object + properties: + FormatConfiguration: + $ref: '#/components/schemas/NumericFormatConfiguration' + additionalProperties: false + NumberScale: + type: string + enum: + - NONE + - AUTO + - THOUSANDS + - MILLIONS + - BILLIONS + - TRILLIONS + NumericAxisOptions: + type: object + properties: + Scale: + $ref: '#/components/schemas/AxisScale' + Range: + $ref: '#/components/schemas/AxisDisplayRange' + additionalProperties: false + NumericEqualityDrillDownFilter: + type: object + properties: + Column: + $ref: '#/components/schemas/ColumnIdentifier' + Value: + type: number + default: 0 + required: + - Column + - Value + additionalProperties: false + NumericEqualityFilter: + type: object + properties: + FilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Column: + $ref: '#/components/schemas/ColumnIdentifier' + Value: + type: number + default: null + SelectAllOptions: + $ref: '#/components/schemas/NumericFilterSelectAllOptions' + MatchOperator: + $ref: '#/components/schemas/NumericEqualityMatchOperator' + AggregationFunction: + $ref: '#/components/schemas/AggregationFunction' + ParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + NullOption: + $ref: '#/components/schemas/FilterNullOption' + required: + - Column + - FilterId + - MatchOperator + - NullOption + additionalProperties: false + NumericEqualityMatchOperator: + type: string + enum: + - EQUALS + - DOES_NOT_EQUAL + NumericFilterSelectAllOptions: + type: string + enum: + - FILTER_ALL_VALUES + NumericFormatConfiguration: + type: object + properties: + NumberDisplayFormatConfiguration: + $ref: '#/components/schemas/NumberDisplayFormatConfiguration' + CurrencyDisplayFormatConfiguration: + $ref: '#/components/schemas/CurrencyDisplayFormatConfiguration' + PercentageDisplayFormatConfiguration: + $ref: '#/components/schemas/PercentageDisplayFormatConfiguration' + additionalProperties: false + NumericRangeFilter: + type: object + properties: + FilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Column: + $ref: '#/components/schemas/ColumnIdentifier' + IncludeMinimum: + type: boolean + default: null + IncludeMaximum: + type: boolean + default: null + RangeMinimum: + $ref: '#/components/schemas/NumericRangeFilterValue' + RangeMaximum: + $ref: '#/components/schemas/NumericRangeFilterValue' + SelectAllOptions: + $ref: '#/components/schemas/NumericFilterSelectAllOptions' + AggregationFunction: + $ref: '#/components/schemas/AggregationFunction' + NullOption: + $ref: '#/components/schemas/FilterNullOption' + required: + - Column + - FilterId + - NullOption + additionalProperties: false + NumericRangeFilterValue: + type: object + properties: + StaticValue: + type: number + default: null + Parameter: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + additionalProperties: false + NumericSeparatorConfiguration: + type: object + properties: + DecimalSeparator: + $ref: '#/components/schemas/NumericSeparatorSymbol' + ThousandsSeparator: + $ref: '#/components/schemas/ThousandSeparatorOptions' + additionalProperties: false + NumericSeparatorSymbol: + type: string + enum: + - COMMA + - DOT + - SPACE + NumericalAggregationFunction: + type: object + properties: + SimpleNumericalAggregation: + $ref: '#/components/schemas/SimpleNumericalAggregationFunction' + PercentileAggregation: + $ref: '#/components/schemas/PercentileAggregation' + additionalProperties: false + NumericalDimensionField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + HierarchyId: + type: string + maxLength: 512 + minLength: 1 + FormatConfiguration: + $ref: '#/components/schemas/NumberFormatConfiguration' + required: + - Column + - FieldId + additionalProperties: false + NumericalMeasureField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + AggregationFunction: + $ref: '#/components/schemas/NumericalAggregationFunction' + FormatConfiguration: + $ref: '#/components/schemas/NumberFormatConfiguration' + required: + - Column + - FieldId + additionalProperties: false + OtherCategories: + type: string + enum: + - INCLUDE + - EXCLUDE + PaginationConfiguration: + type: object + properties: + PageSize: + type: number + default: null + PageNumber: + type: number + minimum: 0 + required: + - PageNumber + - PageSize + additionalProperties: false + PanelBorderStyle: + type: string + enum: + - SOLID + - DASHED + - DOTTED + PanelConfiguration: + type: object + properties: + Title: + $ref: '#/components/schemas/PanelTitleOptions' + BorderVisibility: + $ref: '#/components/schemas/Visibility' + BorderThickness: + type: string + description: String based length that is composed of value and unit in px + BorderStyle: + $ref: '#/components/schemas/PanelBorderStyle' + BorderColor: + type: string + pattern: ^#[A-F0-9]{6}(?:[A-F0-9]{2})?$ + GutterVisibility: + $ref: '#/components/schemas/Visibility' + GutterSpacing: + type: string + description: String based length that is composed of value and unit in px + BackgroundVisibility: + $ref: '#/components/schemas/Visibility' + BackgroundColor: + type: string + pattern: ^#[A-F0-9]{6}(?:[A-F0-9]{2})?$ + additionalProperties: false + PanelTitleOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + FontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + HorizontalTextAlignment: + $ref: '#/components/schemas/HorizontalTextAlignment' + additionalProperties: false + PaperOrientation: + type: string + enum: + - PORTRAIT + - LANDSCAPE + PaperSize: + type: string + enum: + - US_LETTER + - US_LEGAL + - US_TABLOID_LEDGER + - A0 + - A1 + - A2 + - A3 + - A4 + - A5 + - JIS_B4 + - JIS_B5 + ParameterControl: + type: object + properties: + DateTimePicker: + $ref: '#/components/schemas/ParameterDateTimePickerControl' + List: + $ref: '#/components/schemas/ParameterListControl' + Dropdown: + $ref: '#/components/schemas/ParameterDropDownControl' + TextField: + $ref: '#/components/schemas/ParameterTextFieldControl' + TextArea: + $ref: '#/components/schemas/ParameterTextAreaControl' + Slider: + $ref: '#/components/schemas/ParameterSliderControl' + additionalProperties: false + ParameterDateTimePickerControl: + type: object + properties: + ParameterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DisplayOptions: + $ref: '#/components/schemas/DateTimePickerControlDisplayOptions' + required: + - ParameterControlId + - SourceParameterName + - Title + additionalProperties: false + ParameterDeclaration: + type: object + properties: + StringParameterDeclaration: + $ref: '#/components/schemas/StringParameterDeclaration' + DecimalParameterDeclaration: + $ref: '#/components/schemas/DecimalParameterDeclaration' + IntegerParameterDeclaration: + $ref: '#/components/schemas/IntegerParameterDeclaration' + DateTimeParameterDeclaration: + $ref: '#/components/schemas/DateTimeParameterDeclaration' + additionalProperties: false + ParameterDropDownControl: + type: object + properties: + ParameterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DisplayOptions: + $ref: '#/components/schemas/DropDownControlDisplayOptions' + Type: + $ref: '#/components/schemas/SheetControlListType' + SelectableValues: + $ref: '#/components/schemas/ParameterSelectableValues' + CascadingControlConfiguration: + $ref: '#/components/schemas/CascadingControlConfiguration' + required: + - ParameterControlId + - SourceParameterName + - Title + additionalProperties: false + ParameterListControl: + type: object + properties: + ParameterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DisplayOptions: + $ref: '#/components/schemas/ListControlDisplayOptions' + Type: + $ref: '#/components/schemas/SheetControlListType' + SelectableValues: + $ref: '#/components/schemas/ParameterSelectableValues' + CascadingControlConfiguration: + $ref: '#/components/schemas/CascadingControlConfiguration' + required: + - ParameterControlId + - SourceParameterName + - Title + additionalProperties: false + ParameterSelectableValues: + type: object + properties: + Values: + type: array + items: + type: string + maxItems: 50000 + minItems: 0 + LinkToDataSetColumn: + $ref: '#/components/schemas/ColumnIdentifier' + additionalProperties: false + ParameterSliderControl: + type: object + properties: + ParameterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DisplayOptions: + $ref: '#/components/schemas/SliderControlDisplayOptions' + MaximumValue: + type: number + default: 0 + MinimumValue: + type: number + default: 0 + StepSize: + type: number + default: 0 + required: + - MaximumValue + - MinimumValue + - ParameterControlId + - SourceParameterName + - StepSize + - Title + additionalProperties: false + ParameterTextAreaControl: + type: object + properties: + ParameterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + Delimiter: + type: string + maxLength: 2048 + minLength: 1 + DisplayOptions: + $ref: '#/components/schemas/TextAreaControlDisplayOptions' + required: + - ParameterControlId + - SourceParameterName + - Title + additionalProperties: false + ParameterTextFieldControl: + type: object + properties: + ParameterControlId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 2048 + minLength: 1 + SourceParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DisplayOptions: + $ref: '#/components/schemas/TextFieldControlDisplayOptions' + required: + - ParameterControlId + - SourceParameterName + - Title + additionalProperties: false + ParameterValueType: + type: string + enum: + - MULTI_VALUED + - SINGLE_VALUED + Parameters: + type: object + properties: + StringParameters: + type: array + items: + $ref: '#/components/schemas/StringParameter' + maxItems: 100 + minItems: 0 + IntegerParameters: + type: array + items: + $ref: '#/components/schemas/IntegerParameter' + maxItems: 100 + minItems: 0 + DecimalParameters: + type: array + items: + $ref: '#/components/schemas/DecimalParameter' + maxItems: 100 + minItems: 0 + DateTimeParameters: + type: array + items: + $ref: '#/components/schemas/DateTimeParameter' + maxItems: 100 + minItems: 0 + additionalProperties: false + PercentVisibleRange: + type: object + properties: + From: + type: number + default: null + maximum: 100 + minimum: 0 + To: + type: number + default: null + maximum: 100 + minimum: 0 + additionalProperties: false + PercentageDisplayFormatConfiguration: + type: object + properties: + Prefix: + type: string + maxLength: 128 + minLength: 1 + Suffix: + type: string + maxLength: 128 + minLength: 1 + SeparatorConfiguration: + $ref: '#/components/schemas/NumericSeparatorConfiguration' + DecimalPlacesConfiguration: + $ref: '#/components/schemas/DecimalPlacesConfiguration' + NegativeValueConfiguration: + $ref: '#/components/schemas/NegativeValueConfiguration' + NullValueFormatConfiguration: + $ref: '#/components/schemas/NullValueFormatConfiguration' + additionalProperties: false + PercentileAggregation: + type: object + properties: + PercentileValue: + type: number + maximum: 100 + minimum: 0 + additionalProperties: false + PeriodOverPeriodComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Time: + $ref: '#/components/schemas/DimensionField' + Value: + $ref: '#/components/schemas/MeasureField' + required: + - ComputationId + additionalProperties: false + PeriodToDateComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Time: + $ref: '#/components/schemas/DimensionField' + Value: + $ref: '#/components/schemas/MeasureField' + PeriodTimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + required: + - ComputationId + additionalProperties: false + PieChartAggregatedFieldWells: + type: object + properties: + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + SmallMultiples: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + additionalProperties: false + PieChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/PieChartFieldWells' + SortConfiguration: + $ref: '#/components/schemas/PieChartSortConfiguration' + DonutOptions: + $ref: '#/components/schemas/DonutOptions' + SmallMultiplesOptions: + $ref: '#/components/schemas/SmallMultiplesOptions' + CategoryLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ValueLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + Legend: + $ref: '#/components/schemas/LegendOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + ContributionAnalysisDefaults: + type: array + items: + $ref: '#/components/schemas/ContributionAnalysisDefault' + maxItems: 200 + minItems: 1 + additionalProperties: false + PieChartFieldWells: + type: object + properties: + PieChartAggregatedFieldWells: + $ref: '#/components/schemas/PieChartAggregatedFieldWells' + additionalProperties: false + PieChartSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + CategoryItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + SmallMultiplesSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + SmallMultiplesLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + PieChartVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/PieChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + PivotFieldSortOptions: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + SortBy: + $ref: '#/components/schemas/PivotTableSortBy' + required: + - FieldId + - SortBy + additionalProperties: false + PivotTableAggregatedFieldWells: + type: object + properties: + Rows: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 40 + minItems: 0 + Columns: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 40 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 40 + minItems: 0 + additionalProperties: false + PivotTableCellConditionalFormatting: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + TextFormat: + $ref: '#/components/schemas/TextConditionalFormat' + Scope: + $ref: '#/components/schemas/PivotTableConditionalFormattingScope' + Scopes: + type: array + items: + $ref: '#/components/schemas/PivotTableConditionalFormattingScope' + maxItems: 3 + minItems: 0 + required: + - FieldId + additionalProperties: false + PivotTableConditionalFormatting: + type: object + properties: + ConditionalFormattingOptions: + type: array + items: + $ref: '#/components/schemas/PivotTableConditionalFormattingOption' + maxItems: 100 + minItems: 0 + additionalProperties: false + PivotTableConditionalFormattingOption: + type: object + properties: + Cell: + $ref: '#/components/schemas/PivotTableCellConditionalFormatting' + additionalProperties: false + PivotTableConditionalFormattingScope: + type: object + properties: + Role: + $ref: '#/components/schemas/PivotTableConditionalFormattingScopeRole' + additionalProperties: false + PivotTableConditionalFormattingScopeRole: + type: string + enum: + - FIELD + - FIELD_TOTAL + - GRAND_TOTAL + PivotTableConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/PivotTableFieldWells' + SortConfiguration: + $ref: '#/components/schemas/PivotTableSortConfiguration' + TableOptions: + $ref: '#/components/schemas/PivotTableOptions' + TotalOptions: + $ref: '#/components/schemas/PivotTableTotalOptions' + FieldOptions: + $ref: '#/components/schemas/PivotTableFieldOptions' + PaginatedReportOptions: + $ref: '#/components/schemas/PivotTablePaginatedReportOptions' + additionalProperties: false + PivotTableDataPathOption: + type: object + properties: + DataPathList: + type: array + items: + $ref: '#/components/schemas/DataPathValue' + maxItems: 20 + minItems: 0 + Width: + type: string + description: String based length that is composed of value and unit in px + required: + - DataPathList + additionalProperties: false + PivotTableDataPathType: + type: string + enum: + - HIERARCHY_ROWS_LAYOUT_COLUMN + - MULTIPLE_ROW_METRICS_COLUMN + - EMPTY_COLUMN_HEADER + - COUNT_METRIC_COLUMN + PivotTableFieldCollapseState: + type: string + enum: + - COLLAPSED + - EXPANDED + PivotTableFieldCollapseStateOption: + type: object + properties: + Target: + $ref: '#/components/schemas/PivotTableFieldCollapseStateTarget' + State: + $ref: '#/components/schemas/PivotTableFieldCollapseState' + required: + - Target + additionalProperties: false + PivotTableFieldCollapseStateTarget: + type: object + properties: + FieldId: + type: string + FieldDataPathValues: + type: array + items: + $ref: '#/components/schemas/DataPathValue' + maxItems: 20 + minItems: 0 + additionalProperties: false + PivotTableFieldOption: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + CustomLabel: + type: string + maxLength: 2048 + minLength: 1 + Visibility: + $ref: '#/components/schemas/Visibility' + required: + - FieldId + additionalProperties: false + PivotTableFieldOptions: + type: object + properties: + SelectedFieldOptions: + type: array + items: + $ref: '#/components/schemas/PivotTableFieldOption' + maxItems: 100 + minItems: 0 + DataPathOptions: + type: array + items: + $ref: '#/components/schemas/PivotTableDataPathOption' + maxItems: 100 + minItems: 0 + CollapseStateOptions: + type: array + items: + $ref: '#/components/schemas/PivotTableFieldCollapseStateOption' + additionalProperties: false + PivotTableFieldSubtotalOptions: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + additionalProperties: false + PivotTableFieldWells: + type: object + properties: + PivotTableAggregatedFieldWells: + $ref: '#/components/schemas/PivotTableAggregatedFieldWells' + additionalProperties: false + PivotTableMetricPlacement: + type: string + enum: + - ROW + - COLUMN + PivotTableOptions: + type: object + properties: + MetricPlacement: + $ref: '#/components/schemas/PivotTableMetricPlacement' + SingleMetricVisibility: + $ref: '#/components/schemas/Visibility' + ColumnNamesVisibility: + $ref: '#/components/schemas/Visibility' + ToggleButtonsVisibility: + $ref: '#/components/schemas/Visibility' + ColumnHeaderStyle: + $ref: '#/components/schemas/TableCellStyle' + RowHeaderStyle: + $ref: '#/components/schemas/TableCellStyle' + CellStyle: + $ref: '#/components/schemas/TableCellStyle' + RowFieldNamesStyle: + $ref: '#/components/schemas/TableCellStyle' + RowAlternateColorOptions: + $ref: '#/components/schemas/RowAlternateColorOptions' + CollapsedRowDimensionsVisibility: + $ref: '#/components/schemas/Visibility' + RowsLayout: + $ref: '#/components/schemas/PivotTableRowsLayout' + RowsLabelOptions: + $ref: '#/components/schemas/PivotTableRowsLabelOptions' + DefaultCellWidth: + type: string + description: String based length that is composed of value and unit in px + additionalProperties: false + PivotTablePaginatedReportOptions: + type: object + properties: + VerticalOverflowVisibility: + $ref: '#/components/schemas/Visibility' + OverflowColumnHeaderVisibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + PivotTableRowsLabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + CustomLabel: + type: string + maxLength: 1024 + minLength: 1 + additionalProperties: false + PivotTableRowsLayout: + type: string + enum: + - TABULAR + - HIERARCHY + PivotTableSortBy: + type: object + properties: + Field: + $ref: '#/components/schemas/FieldSort' + Column: + $ref: '#/components/schemas/ColumnSort' + DataPath: + $ref: '#/components/schemas/DataPathSort' + additionalProperties: false + PivotTableSortConfiguration: + type: object + properties: + FieldSortOptions: + type: array + items: + $ref: '#/components/schemas/PivotFieldSortOptions' + maxItems: 200 + minItems: 0 + additionalProperties: false + PivotTableSubtotalLevel: + type: string + enum: + - ALL + - CUSTOM + - LAST + PivotTableTotalOptions: + type: object + properties: + RowSubtotalOptions: + $ref: '#/components/schemas/SubtotalOptions' + ColumnSubtotalOptions: + $ref: '#/components/schemas/SubtotalOptions' + RowTotalOptions: + $ref: '#/components/schemas/PivotTotalOptions' + ColumnTotalOptions: + $ref: '#/components/schemas/PivotTotalOptions' + additionalProperties: false + PivotTableVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/PivotTableConfiguration' + ConditionalFormatting: + $ref: '#/components/schemas/PivotTableConditionalFormatting' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + PivotTotalOptions: + type: object + properties: + TotalsVisibility: + $ref: '#/components/schemas/Visibility' + TotalAggregationOptions: + type: array + items: + $ref: '#/components/schemas/TotalAggregationOption' + maxItems: 200 + minItems: 0 + Placement: + $ref: '#/components/schemas/TableTotalsPlacement' + ScrollStatus: + $ref: '#/components/schemas/TableTotalsScrollStatus' + CustomLabel: + type: string + TotalCellStyle: + $ref: '#/components/schemas/TableCellStyle' + ValueCellStyle: + $ref: '#/components/schemas/TableCellStyle' + MetricHeaderCellStyle: + $ref: '#/components/schemas/TableCellStyle' + additionalProperties: false + PredefinedHierarchy: + type: object + properties: + HierarchyId: + type: string + maxLength: 512 + minLength: 1 + Columns: + type: array + items: + $ref: '#/components/schemas/ColumnIdentifier' + maxItems: 10 + minItems: 1 + DrillDownFilters: + type: array + items: + $ref: '#/components/schemas/DrillDownFilter' + maxItems: 10 + minItems: 0 + required: + - Columns + - HierarchyId + additionalProperties: false + PrimaryValueDisplayType: + type: string + enum: + - HIDDEN + - COMPARISON + - ACTUAL + ProgressBarOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + RadarChartAggregatedFieldWells: + type: object + properties: + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Color: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 20 + minItems: 0 + additionalProperties: false + RadarChartAreaStyleSettings: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + RadarChartAxesRangeScale: + type: string + enum: + - AUTO + - INDEPENDENT + - SHARED + RadarChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/RadarChartFieldWells' + SortConfiguration: + $ref: '#/components/schemas/RadarChartSortConfiguration' + Shape: + $ref: '#/components/schemas/RadarChartShape' + BaseSeriesSettings: + $ref: '#/components/schemas/RadarChartSeriesSettings' + StartAngle: + type: number + maximum: 360 + minimum: -360 + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + AlternateBandColorsVisibility: + $ref: '#/components/schemas/Visibility' + AlternateBandEvenColor: + type: string + pattern: ^#[A-F0-9]{6}$ + AlternateBandOddColor: + type: string + pattern: ^#[A-F0-9]{6}$ + CategoryAxis: + $ref: '#/components/schemas/AxisDisplayOptions' + CategoryLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ColorAxis: + $ref: '#/components/schemas/AxisDisplayOptions' + ColorLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + Legend: + $ref: '#/components/schemas/LegendOptions' + AxesRangeScale: + $ref: '#/components/schemas/RadarChartAxesRangeScale' + additionalProperties: false + RadarChartFieldWells: + type: object + properties: + RadarChartAggregatedFieldWells: + $ref: '#/components/schemas/RadarChartAggregatedFieldWells' + additionalProperties: false + RadarChartSeriesSettings: + type: object + properties: + AreaStyleSettings: + $ref: '#/components/schemas/RadarChartAreaStyleSettings' + additionalProperties: false + RadarChartShape: + type: string + enum: + - CIRCLE + - POLYGON + RadarChartSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + CategoryItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + ColorSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + ColorItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + RadarChartVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/RadarChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + RangeEndsLabelType: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + ReferenceLine: + type: object + properties: + Status: + $ref: '#/components/schemas/WidgetStatus' + DataConfiguration: + $ref: '#/components/schemas/ReferenceLineDataConfiguration' + StyleConfiguration: + $ref: '#/components/schemas/ReferenceLineStyleConfiguration' + LabelConfiguration: + $ref: '#/components/schemas/ReferenceLineLabelConfiguration' + required: + - DataConfiguration + additionalProperties: false + ReferenceLineCustomLabelConfiguration: + type: object + properties: + CustomLabel: + type: string + pattern: .*\S.* + required: + - CustomLabel + additionalProperties: false + ReferenceLineDataConfiguration: + type: object + properties: + StaticConfiguration: + $ref: '#/components/schemas/ReferenceLineStaticDataConfiguration' + DynamicConfiguration: + $ref: '#/components/schemas/ReferenceLineDynamicDataConfiguration' + AxisBinding: + $ref: '#/components/schemas/AxisBinding' + SeriesType: + $ref: '#/components/schemas/ReferenceLineSeriesType' + additionalProperties: false + ReferenceLineDynamicDataConfiguration: + type: object + properties: + Column: + $ref: '#/components/schemas/ColumnIdentifier' + MeasureAggregationFunction: + $ref: '#/components/schemas/AggregationFunction' + Calculation: + $ref: '#/components/schemas/NumericalAggregationFunction' + required: + - Calculation + - Column + additionalProperties: false + ReferenceLineLabelConfiguration: + type: object + properties: + ValueLabelConfiguration: + $ref: '#/components/schemas/ReferenceLineValueLabelConfiguration' + CustomLabelConfiguration: + $ref: '#/components/schemas/ReferenceLineCustomLabelConfiguration' + FontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + FontColor: + type: string + pattern: ^#[A-F0-9]{6}$ + HorizontalPosition: + $ref: '#/components/schemas/ReferenceLineLabelHorizontalPosition' + VerticalPosition: + $ref: '#/components/schemas/ReferenceLineLabelVerticalPosition' + additionalProperties: false + ReferenceLineLabelHorizontalPosition: + type: string + enum: + - LEFT + - CENTER + - RIGHT + ReferenceLineLabelVerticalPosition: + type: string + enum: + - ABOVE + - BELOW + ReferenceLinePatternType: + type: string + enum: + - SOLID + - DASHED + - DOTTED + ReferenceLineSeriesType: + type: string + enum: + - BAR + - LINE + ReferenceLineStaticDataConfiguration: + type: object + properties: + Value: + type: number + default: 0 + required: + - Value + additionalProperties: false + ReferenceLineStyleConfiguration: + type: object + properties: + Pattern: + $ref: '#/components/schemas/ReferenceLinePatternType' + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + additionalProperties: false + ReferenceLineValueLabelConfiguration: + type: object + properties: + RelativePosition: + $ref: '#/components/schemas/ReferenceLineValueLabelRelativePosition' + FormatConfiguration: + $ref: '#/components/schemas/NumericFormatConfiguration' + additionalProperties: false + ReferenceLineValueLabelRelativePosition: + type: string + enum: + - BEFORE_CUSTOM_LABEL + - AFTER_CUSTOM_LABEL + RelativeDateTimeControlDisplayOptions: + type: object + properties: + TitleOptions: + $ref: '#/components/schemas/LabelOptions' + DateTimeFormat: + type: string + maxLength: 128 + minLength: 1 + InfoIconLabelOptions: + $ref: '#/components/schemas/SheetControlInfoIconLabelOptions' + additionalProperties: false + RelativeDateType: + type: string + enum: + - PREVIOUS + - THIS + - LAST + - NOW + - NEXT + RelativeDatesFilter: + type: object + properties: + FilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Column: + $ref: '#/components/schemas/ColumnIdentifier' + AnchorDateConfiguration: + $ref: '#/components/schemas/AnchorDateConfiguration' + MinimumGranularity: + $ref: '#/components/schemas/TimeGranularity' + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + RelativeDateType: + $ref: '#/components/schemas/RelativeDateType' + RelativeDateValue: + type: number + default: null + ParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + NullOption: + $ref: '#/components/schemas/FilterNullOption' + ExcludePeriodConfiguration: + $ref: '#/components/schemas/ExcludePeriodConfiguration' + required: + - AnchorDateConfiguration + - Column + - FilterId + - NullOption + - RelativeDateType + - TimeGranularity + additionalProperties: false + RelativeFontSize: + type: string + enum: + - EXTRA_SMALL + - SMALL + - MEDIUM + - LARGE + - EXTRA_LARGE + ResizeOption: + type: string + enum: + - FIXED + - RESPONSIVE + ResourcePermission: + type: object + properties: + Principal: + type: string + maxLength: 256 + minLength: 1 + Actions: + type: array + items: + type: string + maxItems: 20 + minItems: 1 + required: + - Actions + - Principal + additionalProperties: false + ResourceStatus: + type: string + enum: + - CREATION_IN_PROGRESS + - CREATION_SUCCESSFUL + - CREATION_FAILED + - UPDATE_IN_PROGRESS + - UPDATE_SUCCESSFUL + - UPDATE_FAILED + - DELETED + RollingDateConfiguration: + type: object + properties: + DataSetIdentifier: + type: string + maxLength: 2048 + minLength: 1 + Expression: + type: string + maxLength: 4096 + minLength: 1 + required: + - Expression + additionalProperties: false + RowAlternateColorOptions: + type: object + properties: + Status: + $ref: '#/components/schemas/WidgetStatus' + RowAlternateColors: + type: array + items: + type: string + pattern: ^#[A-F0-9]{6}$ + maxItems: 1 + minItems: 0 + UsePrimaryBackgroundColor: + $ref: '#/components/schemas/WidgetStatus' + additionalProperties: false + SameSheetTargetVisualConfiguration: + type: object + properties: + TargetVisuals: + type: array + items: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + maxItems: 50 + minItems: 1 + TargetVisualOptions: + $ref: '#/components/schemas/TargetVisualOptions' + additionalProperties: false + SankeyDiagramAggregatedFieldWells: + type: object + properties: + Source: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Destination: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Weight: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + additionalProperties: false + SankeyDiagramChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/SankeyDiagramFieldWells' + SortConfiguration: + $ref: '#/components/schemas/SankeyDiagramSortConfiguration' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + additionalProperties: false + SankeyDiagramFieldWells: + type: object + properties: + SankeyDiagramAggregatedFieldWells: + $ref: '#/components/schemas/SankeyDiagramAggregatedFieldWells' + additionalProperties: false + SankeyDiagramSortConfiguration: + type: object + properties: + WeightSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + SourceItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + DestinationItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + SankeyDiagramVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/SankeyDiagramChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + ScatterPlotCategoricallyAggregatedFieldWells: + type: object + properties: + XAxis: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + YAxis: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Size: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Label: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + additionalProperties: false + ScatterPlotConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/ScatterPlotFieldWells' + XAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + XAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + YAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + YAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + Legend: + $ref: '#/components/schemas/LegendOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + ScatterPlotFieldWells: + type: object + properties: + ScatterPlotCategoricallyAggregatedFieldWells: + $ref: '#/components/schemas/ScatterPlotCategoricallyAggregatedFieldWells' + ScatterPlotUnaggregatedFieldWells: + $ref: '#/components/schemas/ScatterPlotUnaggregatedFieldWells' + additionalProperties: false + ScatterPlotUnaggregatedFieldWells: + type: object + properties: + XAxis: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + YAxis: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Size: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Category: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Label: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + additionalProperties: false + ScatterPlotVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/ScatterPlotConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + ScrollBarOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + VisibleRange: + $ref: '#/components/schemas/VisibleRangeOptions' + additionalProperties: false + SecondaryValueOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + SectionAfterPageBreak: + type: object + properties: + Status: + $ref: '#/components/schemas/SectionPageBreakStatus' + additionalProperties: false + SectionBasedLayoutCanvasSizeOptions: + type: object + properties: + PaperCanvasSizeOptions: + $ref: '#/components/schemas/SectionBasedLayoutPaperCanvasSizeOptions' + additionalProperties: false + SectionBasedLayoutConfiguration: + type: object + properties: + HeaderSections: + type: array + items: + $ref: '#/components/schemas/HeaderFooterSectionConfiguration' + maxItems: 1 + minItems: 0 + BodySections: + type: array + items: + $ref: '#/components/schemas/BodySectionConfiguration' + maxItems: 28 + minItems: 0 + FooterSections: + type: array + items: + $ref: '#/components/schemas/HeaderFooterSectionConfiguration' + maxItems: 1 + minItems: 0 + CanvasSizeOptions: + $ref: '#/components/schemas/SectionBasedLayoutCanvasSizeOptions' + required: + - BodySections + - CanvasSizeOptions + - FooterSections + - HeaderSections + additionalProperties: false + SectionBasedLayoutPaperCanvasSizeOptions: + type: object + properties: + PaperSize: + $ref: '#/components/schemas/PaperSize' + PaperOrientation: + $ref: '#/components/schemas/PaperOrientation' + PaperMargin: + $ref: '#/components/schemas/Spacing' + additionalProperties: false + SectionLayoutConfiguration: + type: object + properties: + FreeFormLayout: + $ref: '#/components/schemas/FreeFormSectionLayoutConfiguration' + required: + - FreeFormLayout + additionalProperties: false + SectionPageBreakConfiguration: + type: object + properties: + After: + $ref: '#/components/schemas/SectionAfterPageBreak' + additionalProperties: false + SectionPageBreakStatus: + type: string + enum: + - ENABLED + - DISABLED + SectionStyle: + type: object + properties: + Height: + type: string + description: String based length that is composed of value and unit in px + Padding: + $ref: '#/components/schemas/Spacing' + additionalProperties: false + SelectAllValueOptions: + type: string + enum: + - ALL_VALUES + SelectedFieldOptions: + type: string + enum: + - ALL_FIELDS + SelectedSheetsFilterScopeConfiguration: + type: object + properties: + SheetVisualScopingConfigurations: + type: array + items: + $ref: '#/components/schemas/SheetVisualScopingConfiguration' + maxItems: 50 + minItems: 1 + additionalProperties: false + SelectedTooltipType: + type: string + enum: + - BASIC + - DETAILED + SeriesItem: + type: object + properties: + FieldSeriesItem: + $ref: '#/components/schemas/FieldSeriesItem' + DataFieldSeriesItem: + $ref: '#/components/schemas/DataFieldSeriesItem' + additionalProperties: false + SetParameterValueConfiguration: + type: object + properties: + DestinationParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + Value: + $ref: '#/components/schemas/DestinationParameterValueConfiguration' + required: + - DestinationParameterName + - Value + additionalProperties: false + ShapeConditionalFormat: + type: object + properties: + BackgroundColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + required: + - BackgroundColor + additionalProperties: false + Sheet: + type: object + properties: + SheetId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + maxLength: 2048 + minLength: 1 + additionalProperties: false + SheetContentType: + type: string + enum: + - PAGINATED + - INTERACTIVE + SheetControlDateTimePickerType: + type: string + enum: + - SINGLE_VALUED + - DATE_RANGE + SheetControlInfoIconLabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + InfoIconText: + type: string + maxLength: 100 + minLength: 1 + additionalProperties: false + SheetControlLayout: + type: object + properties: + Configuration: + $ref: '#/components/schemas/SheetControlLayoutConfiguration' + required: + - Configuration + additionalProperties: false + SheetControlLayoutConfiguration: + type: object + properties: + GridLayout: + $ref: '#/components/schemas/GridLayoutConfiguration' + additionalProperties: false + SheetControlListType: + type: string + enum: + - MULTI_SELECT + - SINGLE_SELECT + SheetControlSliderType: + type: string + enum: + - SINGLE_POINT + - RANGE + SheetDefinition: + type: object + properties: + SheetId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + type: string + maxLength: 1024 + minLength: 1 + Description: + type: string + maxLength: 1024 + minLength: 1 + Name: + type: string + maxLength: 2048 + minLength: 1 + ParameterControls: + type: array + items: + $ref: '#/components/schemas/ParameterControl' + maxItems: 200 + minItems: 0 + FilterControls: + type: array + items: + $ref: '#/components/schemas/FilterControl' + maxItems: 200 + minItems: 0 + Visuals: + type: array + items: + $ref: '#/components/schemas/Visual' + maxItems: 50 + minItems: 0 + TextBoxes: + type: array + items: + $ref: '#/components/schemas/SheetTextBox' + maxItems: 100 + minItems: 0 + Layouts: + type: array + items: + $ref: '#/components/schemas/Layout' + maxItems: 1 + minItems: 1 + SheetControlLayouts: + type: array + items: + $ref: '#/components/schemas/SheetControlLayout' + maxItems: 1 + minItems: 0 + ContentType: + $ref: '#/components/schemas/SheetContentType' + required: + - SheetId + additionalProperties: false + SheetElementConfigurationOverrides: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + SheetElementRenderingRule: + type: object + properties: + Expression: + type: string + maxLength: 4096 + minLength: 1 + ConfigurationOverrides: + $ref: '#/components/schemas/SheetElementConfigurationOverrides' + required: + - ConfigurationOverrides + - Expression + additionalProperties: false + SheetTextBox: + type: object + properties: + SheetTextBoxId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Content: + type: string + maxLength: 150000 + minLength: 0 + required: + - SheetTextBoxId + additionalProperties: false + SheetVisualScopingConfiguration: + type: object + properties: + SheetId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Scope: + $ref: '#/components/schemas/FilterVisualScope' + VisualIds: + type: array + items: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + maxItems: 50 + minItems: 0 + required: + - Scope + - SheetId + additionalProperties: false + ShortFormatText: + type: object + properties: + PlainText: + type: string + maxLength: 512 + minLength: 1 + RichText: + type: string + maxLength: 1024 + minLength: 1 + additionalProperties: false + SimpleAttributeAggregationFunction: + type: string + enum: + - UNIQUE_VALUE + SimpleClusterMarker: + type: object + properties: + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + additionalProperties: false + SimpleNumericalAggregationFunction: + type: string + enum: + - SUM + - AVERAGE + - MIN + - MAX + - COUNT + - DISTINCT_COUNT + - VAR + - VARP + - STDEV + - STDEVP + - MEDIAN + SimpleTotalAggregationFunction: + type: string + enum: + - DEFAULT + - SUM + - AVERAGE + - MIN + - MAX + - NONE + SliderControlDisplayOptions: + type: object + properties: + TitleOptions: + $ref: '#/components/schemas/LabelOptions' + InfoIconLabelOptions: + $ref: '#/components/schemas/SheetControlInfoIconLabelOptions' + additionalProperties: false + SmallMultiplesAxisPlacement: + type: string + enum: + - OUTSIDE + - INSIDE + SmallMultiplesAxisProperties: + type: object + properties: + Scale: + $ref: '#/components/schemas/SmallMultiplesAxisScale' + Placement: + $ref: '#/components/schemas/SmallMultiplesAxisPlacement' + additionalProperties: false + SmallMultiplesAxisScale: + type: string + enum: + - SHARED + - INDEPENDENT + SmallMultiplesOptions: + type: object + properties: + MaxVisibleRows: + type: number + maximum: 10 + minimum: 1 + MaxVisibleColumns: + type: number + maximum: 10 + minimum: 1 + PanelConfiguration: + $ref: '#/components/schemas/PanelConfiguration' + XAxis: + $ref: '#/components/schemas/SmallMultiplesAxisProperties' + YAxis: + $ref: '#/components/schemas/SmallMultiplesAxisProperties' + additionalProperties: false + SortDirection: + type: string + enum: + - ASC + - DESC + Spacing: + type: object + properties: + Top: + type: string + description: String based length that is composed of value and unit + Bottom: + type: string + description: String based length that is composed of value and unit + Left: + type: string + description: String based length that is composed of value and unit + Right: + type: string + description: String based length that is composed of value and unit + additionalProperties: false + SpecialValue: + type: string + enum: + - EMPTY + - 'NULL' + - OTHER + StringDefaultValues: + type: object + properties: + DynamicValue: + $ref: '#/components/schemas/DynamicDefaultValue' + StaticValues: + type: array + items: + type: string + maxItems: 50000 + minItems: 0 + additionalProperties: false + StringFormatConfiguration: + type: object + properties: + NullValueFormatConfiguration: + $ref: '#/components/schemas/NullValueFormatConfiguration' + NumericFormatConfiguration: + $ref: '#/components/schemas/NumericFormatConfiguration' + additionalProperties: false + StringParameter: + type: object + properties: + Name: + type: string + pattern: .*\S.* + Values: + type: array + items: + type: string + required: + - Name + - Values + additionalProperties: false + StringParameterDeclaration: + type: object + properties: + ParameterValueType: + $ref: '#/components/schemas/ParameterValueType' + Name: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + DefaultValues: + $ref: '#/components/schemas/StringDefaultValues' + ValueWhenUnset: + $ref: '#/components/schemas/StringValueWhenUnsetConfiguration' + MappedDataSetParameters: + type: array + items: + $ref: '#/components/schemas/MappedDataSetParameter' + maxItems: 150 + minItems: 0 + required: + - Name + - ParameterValueType + additionalProperties: false + StringValueWhenUnsetConfiguration: + type: object + properties: + ValueWhenUnsetOption: + $ref: '#/components/schemas/ValueWhenUnsetOption' + CustomValue: + type: string + additionalProperties: false + StyledCellType: + type: string + enum: + - TOTAL + - METRIC_HEADER + - VALUE + SubtotalOptions: + type: object + properties: + TotalsVisibility: + $ref: '#/components/schemas/Visibility' + CustomLabel: + type: string + FieldLevel: + $ref: '#/components/schemas/PivotTableSubtotalLevel' + FieldLevelOptions: + type: array + items: + $ref: '#/components/schemas/PivotTableFieldSubtotalOptions' + maxItems: 100 + minItems: 0 + TotalCellStyle: + $ref: '#/components/schemas/TableCellStyle' + ValueCellStyle: + $ref: '#/components/schemas/TableCellStyle' + MetricHeaderCellStyle: + $ref: '#/components/schemas/TableCellStyle' + StyleTargets: + type: array + items: + $ref: '#/components/schemas/TableStyleTarget' + maxItems: 3 + minItems: 0 + additionalProperties: false + TableAggregatedFieldWells: + type: object + properties: + GroupBy: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + additionalProperties: false + TableBorderOptions: + type: object + properties: + Color: + type: string + pattern: ^#[A-F0-9]{6}$ + Thickness: + type: number + maximum: 4 + minimum: 1 + Style: + $ref: '#/components/schemas/TableBorderStyle' + additionalProperties: false + TableBorderStyle: + type: string + enum: + - NONE + - SOLID + TableCellConditionalFormatting: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + TextFormat: + $ref: '#/components/schemas/TextConditionalFormat' + required: + - FieldId + additionalProperties: false + TableCellImageScalingConfiguration: + type: string + enum: + - FIT_TO_CELL_HEIGHT + - FIT_TO_CELL_WIDTH + - DO_NOT_SCALE + TableCellImageSizingConfiguration: + type: object + properties: + TableCellImageScalingConfiguration: + $ref: '#/components/schemas/TableCellImageScalingConfiguration' + additionalProperties: false + TableCellStyle: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + FontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + TextWrap: + $ref: '#/components/schemas/TextWrap' + HorizontalTextAlignment: + $ref: '#/components/schemas/HorizontalTextAlignment' + VerticalTextAlignment: + $ref: '#/components/schemas/VerticalTextAlignment' + BackgroundColor: + type: string + pattern: ^#[A-F0-9]{6}$ + Height: + type: number + maximum: 500 + minimum: 8 + Border: + $ref: '#/components/schemas/GlobalTableBorderOptions' + additionalProperties: false + TableConditionalFormatting: + type: object + properties: + ConditionalFormattingOptions: + type: array + items: + $ref: '#/components/schemas/TableConditionalFormattingOption' + maxItems: 100 + minItems: 0 + additionalProperties: false + TableConditionalFormattingOption: + type: object + properties: + Cell: + $ref: '#/components/schemas/TableCellConditionalFormatting' + Row: + $ref: '#/components/schemas/TableRowConditionalFormatting' + additionalProperties: false + TableConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/TableFieldWells' + SortConfiguration: + $ref: '#/components/schemas/TableSortConfiguration' + TableOptions: + $ref: '#/components/schemas/TableOptions' + TotalOptions: + $ref: '#/components/schemas/TotalOptions' + FieldOptions: + $ref: '#/components/schemas/TableFieldOptions' + PaginatedReportOptions: + $ref: '#/components/schemas/TablePaginatedReportOptions' + TableInlineVisualizations: + type: array + items: + $ref: '#/components/schemas/TableInlineVisualization' + maxItems: 200 + minItems: 0 + additionalProperties: false + TableFieldCustomIconContent: + type: object + properties: + Icon: + $ref: '#/components/schemas/TableFieldIconSetType' + additionalProperties: false + TableFieldCustomTextContent: + type: object + properties: + Value: + type: string + FontConfiguration: + $ref: '#/components/schemas/FontConfiguration' + required: + - FontConfiguration + additionalProperties: false + TableFieldIconSetType: + type: string + enum: + - LINK + TableFieldImageConfiguration: + type: object + properties: + SizingOptions: + $ref: '#/components/schemas/TableCellImageSizingConfiguration' + additionalProperties: false + TableFieldLinkConfiguration: + type: object + properties: + Target: + $ref: '#/components/schemas/URLTargetConfiguration' + Content: + $ref: '#/components/schemas/TableFieldLinkContentConfiguration' + required: + - Content + - Target + additionalProperties: false + TableFieldLinkContentConfiguration: + type: object + properties: + CustomTextContent: + $ref: '#/components/schemas/TableFieldCustomTextContent' + CustomIconContent: + $ref: '#/components/schemas/TableFieldCustomIconContent' + additionalProperties: false + TableFieldOption: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Width: + type: string + description: String based length that is composed of value and unit in px + CustomLabel: + type: string + maxLength: 2048 + minLength: 1 + Visibility: + $ref: '#/components/schemas/Visibility' + URLStyling: + $ref: '#/components/schemas/TableFieldURLConfiguration' + required: + - FieldId + additionalProperties: false + TableFieldOptions: + type: object + properties: + SelectedFieldOptions: + type: array + items: + $ref: '#/components/schemas/TableFieldOption' + maxItems: 100 + minItems: 0 + Order: + type: array + items: + type: string + maxLength: 512 + minLength: 1 + maxItems: 200 + minItems: 0 + PinnedFieldOptions: + $ref: '#/components/schemas/TablePinnedFieldOptions' + additionalProperties: false + TableFieldURLConfiguration: + type: object + properties: + LinkConfiguration: + $ref: '#/components/schemas/TableFieldLinkConfiguration' + ImageConfiguration: + $ref: '#/components/schemas/TableFieldImageConfiguration' + additionalProperties: false + TableFieldWells: + type: object + properties: + TableAggregatedFieldWells: + $ref: '#/components/schemas/TableAggregatedFieldWells' + TableUnaggregatedFieldWells: + $ref: '#/components/schemas/TableUnaggregatedFieldWells' + additionalProperties: false + TableInlineVisualization: + type: object + properties: + DataBars: + $ref: '#/components/schemas/DataBarsOptions' + additionalProperties: false + TableOptions: + type: object + properties: + Orientation: + $ref: '#/components/schemas/TableOrientation' + HeaderStyle: + $ref: '#/components/schemas/TableCellStyle' + CellStyle: + $ref: '#/components/schemas/TableCellStyle' + RowAlternateColorOptions: + $ref: '#/components/schemas/RowAlternateColorOptions' + additionalProperties: false + TableOrientation: + type: string + enum: + - VERTICAL + - HORIZONTAL + TablePaginatedReportOptions: + type: object + properties: + VerticalOverflowVisibility: + $ref: '#/components/schemas/Visibility' + OverflowColumnHeaderVisibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + TablePinnedFieldOptions: + type: object + properties: + PinnedLeftFields: + type: array + items: + type: string + maxLength: 512 + minLength: 1 + maxItems: 201 + minItems: 0 + additionalProperties: false + TableRowConditionalFormatting: + type: object + properties: + BackgroundColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + TextColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + additionalProperties: false + TableSideBorderOptions: + type: object + properties: + InnerVertical: + $ref: '#/components/schemas/TableBorderOptions' + InnerHorizontal: + $ref: '#/components/schemas/TableBorderOptions' + Left: + $ref: '#/components/schemas/TableBorderOptions' + Right: + $ref: '#/components/schemas/TableBorderOptions' + Top: + $ref: '#/components/schemas/TableBorderOptions' + Bottom: + $ref: '#/components/schemas/TableBorderOptions' + additionalProperties: false + TableSortConfiguration: + type: object + properties: + RowSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + PaginationConfiguration: + $ref: '#/components/schemas/PaginationConfiguration' + additionalProperties: false + TableStyleTarget: + type: object + properties: + CellType: + $ref: '#/components/schemas/StyledCellType' + required: + - CellType + additionalProperties: false + TableTotalsPlacement: + type: string + enum: + - START + - END + - AUTO + TableTotalsScrollStatus: + type: string + enum: + - PINNED + - SCROLLED + TableUnaggregatedFieldWells: + type: object + properties: + Values: + type: array + items: + $ref: '#/components/schemas/UnaggregatedField' + maxItems: 200 + minItems: 0 + additionalProperties: false + TableVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/TableConfiguration' + ConditionalFormatting: + $ref: '#/components/schemas/TableConditionalFormatting' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + required: + - VisualId + additionalProperties: false + Tag: + type: object + properties: + Value: + type: string + maxLength: 256 + minLength: 1 + Key: + type: string + maxLength: 128 + minLength: 1 + additionalProperties: false + required: + - Key + - Value + TargetVisualOptions: + type: string + enum: + - ALL_VISUALS + TextAreaControlDisplayOptions: + type: object + properties: + TitleOptions: + $ref: '#/components/schemas/LabelOptions' + PlaceholderOptions: + $ref: '#/components/schemas/TextControlPlaceholderOptions' + InfoIconLabelOptions: + $ref: '#/components/schemas/SheetControlInfoIconLabelOptions' + additionalProperties: false + TextConditionalFormat: + type: object + properties: + BackgroundColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + TextColor: + $ref: '#/components/schemas/ConditionalFormattingColor' + Icon: + $ref: '#/components/schemas/ConditionalFormattingIcon' + additionalProperties: false + TextControlPlaceholderOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + TextFieldControlDisplayOptions: + type: object + properties: + TitleOptions: + $ref: '#/components/schemas/LabelOptions' + PlaceholderOptions: + $ref: '#/components/schemas/TextControlPlaceholderOptions' + InfoIconLabelOptions: + $ref: '#/components/schemas/SheetControlInfoIconLabelOptions' + additionalProperties: false + TextWrap: + type: string + enum: + - NONE + - WRAP + ThousandSeparatorOptions: + type: object + properties: + Symbol: + $ref: '#/components/schemas/NumericSeparatorSymbol' + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + TimeBasedForecastProperties: + type: object + properties: + PeriodsForward: + type: number + maximum: 1000 + minimum: 1 + PeriodsBackward: + type: number + maximum: 1000 + minimum: 0 + UpperBoundary: + type: number + default: null + LowerBoundary: + type: number + default: null + PredictionInterval: + type: number + maximum: 95 + minimum: 50 + Seasonality: + type: number + maximum: 180 + minimum: 1 + additionalProperties: false + TimeEqualityFilter: + type: object + properties: + FilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Column: + $ref: '#/components/schemas/ColumnIdentifier' + Value: + type: string + format: date-time + RollingDate: + $ref: '#/components/schemas/RollingDateConfiguration' + ParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + required: + - Column + - FilterId + additionalProperties: false + TimeGranularity: + type: string + enum: + - YEAR + - QUARTER + - MONTH + - WEEK + - DAY + - HOUR + - MINUTE + - SECOND + - MILLISECOND + TimeRangeDrillDownFilter: + type: object + properties: + Column: + $ref: '#/components/schemas/ColumnIdentifier' + RangeMinimum: + type: string + format: date-time + RangeMaximum: + type: string + format: date-time + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + required: + - Column + - RangeMaximum + - RangeMinimum + - TimeGranularity + additionalProperties: false + TimeRangeFilter: + type: object + properties: + FilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Column: + $ref: '#/components/schemas/ColumnIdentifier' + IncludeMinimum: + type: boolean + default: null + IncludeMaximum: + type: boolean + default: null + RangeMinimumValue: + $ref: '#/components/schemas/TimeRangeFilterValue' + RangeMaximumValue: + $ref: '#/components/schemas/TimeRangeFilterValue' + NullOption: + $ref: '#/components/schemas/FilterNullOption' + ExcludePeriodConfiguration: + $ref: '#/components/schemas/ExcludePeriodConfiguration' + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + required: + - Column + - FilterId + - NullOption + additionalProperties: false + TimeRangeFilterValue: + type: object + properties: + StaticValue: + type: string + format: date-time + RollingDate: + $ref: '#/components/schemas/RollingDateConfiguration' + Parameter: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + additionalProperties: false + TooltipItem: + type: object + properties: + FieldTooltipItem: + $ref: '#/components/schemas/FieldTooltipItem' + ColumnTooltipItem: + $ref: '#/components/schemas/ColumnTooltipItem' + additionalProperties: false + TooltipOptions: + type: object + properties: + TooltipVisibility: + $ref: '#/components/schemas/Visibility' + SelectedTooltipType: + $ref: '#/components/schemas/SelectedTooltipType' + FieldBasedTooltip: + $ref: '#/components/schemas/FieldBasedTooltip' + additionalProperties: false + TooltipTitleType: + type: string + enum: + - NONE + - PRIMARY_VALUE + TopBottomComputationType: + type: string + enum: + - TOP + - BOTTOM + TopBottomFilter: + type: object + properties: + FilterId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Column: + $ref: '#/components/schemas/ColumnIdentifier' + Limit: + type: number + default: null + AggregationSortConfigurations: + type: array + items: + $ref: '#/components/schemas/AggregationSortConfiguration' + maxItems: 100 + minItems: 0 + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + ParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + required: + - AggregationSortConfigurations + - Column + - FilterId + additionalProperties: false + TopBottomMoversComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Time: + $ref: '#/components/schemas/DimensionField' + Category: + $ref: '#/components/schemas/DimensionField' + Value: + $ref: '#/components/schemas/MeasureField' + MoverSize: + type: number + default: 0 + maximum: 20 + minimum: 1 + SortOrder: + $ref: '#/components/schemas/TopBottomSortOrder' + Type: + $ref: '#/components/schemas/TopBottomComputationType' + required: + - ComputationId + - Type + additionalProperties: false + TopBottomRankedComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Category: + $ref: '#/components/schemas/DimensionField' + Value: + $ref: '#/components/schemas/MeasureField' + ResultSize: + type: number + default: 0 + maximum: 20 + minimum: 1 + Type: + $ref: '#/components/schemas/TopBottomComputationType' + required: + - ComputationId + - Type + additionalProperties: false + TopBottomSortOrder: + type: string + enum: + - PERCENT_DIFFERENCE + - ABSOLUTE_DIFFERENCE + TotalAggregationComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Value: + $ref: '#/components/schemas/MeasureField' + required: + - ComputationId + additionalProperties: false + TotalAggregationFunction: + type: object + properties: + SimpleTotalAggregationFunction: + $ref: '#/components/schemas/SimpleTotalAggregationFunction' + additionalProperties: false + TotalAggregationOption: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + TotalAggregationFunction: + $ref: '#/components/schemas/TotalAggregationFunction' + required: + - FieldId + - TotalAggregationFunction + additionalProperties: false + TotalOptions: + type: object + properties: + TotalsVisibility: + $ref: '#/components/schemas/Visibility' + TotalAggregationOptions: + type: array + items: + $ref: '#/components/schemas/TotalAggregationOption' + maxItems: 200 + minItems: 0 + Placement: + $ref: '#/components/schemas/TableTotalsPlacement' + ScrollStatus: + $ref: '#/components/schemas/TableTotalsScrollStatus' + CustomLabel: + type: string + TotalCellStyle: + $ref: '#/components/schemas/TableCellStyle' + additionalProperties: false + TreeMapAggregatedFieldWells: + type: object + properties: + Groups: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 1 + minItems: 0 + Sizes: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 1 + minItems: 0 + Colors: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 1 + minItems: 0 + additionalProperties: false + TreeMapConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/TreeMapFieldWells' + SortConfiguration: + $ref: '#/components/schemas/TreeMapSortConfiguration' + GroupLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + SizeLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ColorLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + ColorScale: + $ref: '#/components/schemas/ColorScale' + Legend: + $ref: '#/components/schemas/LegendOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + Tooltip: + $ref: '#/components/schemas/TooltipOptions' + additionalProperties: false + TreeMapFieldWells: + type: object + properties: + TreeMapAggregatedFieldWells: + $ref: '#/components/schemas/TreeMapAggregatedFieldWells' + additionalProperties: false + TreeMapSortConfiguration: + type: object + properties: + TreeMapSort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + TreeMapGroupItemsLimitConfiguration: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + TreeMapVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/TreeMapConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + TrendArrowOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + additionalProperties: false + URLTargetConfiguration: + type: string + enum: + - NEW_TAB + - NEW_WINDOW + - SAME_TAB + UnaggregatedField: + type: object + properties: + FieldId: + type: string + maxLength: 512 + minLength: 1 + Column: + $ref: '#/components/schemas/ColumnIdentifier' + FormatConfiguration: + $ref: '#/components/schemas/FormatConfiguration' + required: + - Column + - FieldId + additionalProperties: false + UniqueValuesComputation: + type: object + properties: + ComputationId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + Category: + $ref: '#/components/schemas/DimensionField' + required: + - ComputationId + additionalProperties: false + ValidationStrategy: + type: object + properties: + Mode: + $ref: '#/components/schemas/ValidationStrategyMode' + required: + - Mode + additionalProperties: false + ValidationStrategyMode: + type: string + enum: + - STRICT + - LENIENT + ValueWhenUnsetOption: + type: string + enum: + - RECOMMENDED_VALUE + - 'NULL' + VerticalTextAlignment: + type: string + enum: + - TOP + - MIDDLE + - BOTTOM + - AUTO + Visibility: + type: string + enum: + - HIDDEN + - VISIBLE + VisibleRangeOptions: + type: object + properties: + PercentRange: + $ref: '#/components/schemas/PercentVisibleRange' + additionalProperties: false + Visual: + type: object + properties: + TableVisual: + $ref: '#/components/schemas/TableVisual' + PivotTableVisual: + $ref: '#/components/schemas/PivotTableVisual' + BarChartVisual: + $ref: '#/components/schemas/BarChartVisual' + KPIVisual: + $ref: '#/components/schemas/KPIVisual' + PieChartVisual: + $ref: '#/components/schemas/PieChartVisual' + GaugeChartVisual: + $ref: '#/components/schemas/GaugeChartVisual' + LineChartVisual: + $ref: '#/components/schemas/LineChartVisual' + HeatMapVisual: + $ref: '#/components/schemas/HeatMapVisual' + TreeMapVisual: + $ref: '#/components/schemas/TreeMapVisual' + GeospatialMapVisual: + $ref: '#/components/schemas/GeospatialMapVisual' + FilledMapVisual: + $ref: '#/components/schemas/FilledMapVisual' + FunnelChartVisual: + $ref: '#/components/schemas/FunnelChartVisual' + ScatterPlotVisual: + $ref: '#/components/schemas/ScatterPlotVisual' + ComboChartVisual: + $ref: '#/components/schemas/ComboChartVisual' + BoxPlotVisual: + $ref: '#/components/schemas/BoxPlotVisual' + WaterfallVisual: + $ref: '#/components/schemas/WaterfallVisual' + HistogramVisual: + $ref: '#/components/schemas/HistogramVisual' + WordCloudVisual: + $ref: '#/components/schemas/WordCloudVisual' + InsightVisual: + $ref: '#/components/schemas/InsightVisual' + SankeyDiagramVisual: + $ref: '#/components/schemas/SankeyDiagramVisual' + CustomContentVisual: + $ref: '#/components/schemas/CustomContentVisual' + EmptyVisual: + $ref: '#/components/schemas/EmptyVisual' + RadarChartVisual: + $ref: '#/components/schemas/RadarChartVisual' + additionalProperties: false + VisualCustomAction: + type: object + properties: + CustomActionId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Name: + type: string + maxLength: 256 + minLength: 1 + Status: + $ref: '#/components/schemas/WidgetStatus' + Trigger: + $ref: '#/components/schemas/VisualCustomActionTrigger' + ActionOperations: + type: array + items: + $ref: '#/components/schemas/VisualCustomActionOperation' + maxItems: 2 + minItems: 1 + required: + - ActionOperations + - CustomActionId + - Name + - Trigger + additionalProperties: false + VisualCustomActionOperation: + type: object + properties: + FilterOperation: + $ref: '#/components/schemas/CustomActionFilterOperation' + NavigationOperation: + $ref: '#/components/schemas/CustomActionNavigationOperation' + URLOperation: + $ref: '#/components/schemas/CustomActionURLOperation' + SetParametersOperation: + $ref: '#/components/schemas/CustomActionSetParametersOperation' + additionalProperties: false + VisualCustomActionTrigger: + type: string + enum: + - DATA_POINT_CLICK + - DATA_POINT_MENU + VisualPalette: + type: object + properties: + ChartColor: + type: string + pattern: ^#[A-F0-9]{6}$ + ColorMap: + type: array + items: + $ref: '#/components/schemas/DataPathColor' + maxItems: 5000 + minItems: 0 + additionalProperties: false + VisualSubtitleLabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + FormatText: + $ref: '#/components/schemas/LongFormatText' + additionalProperties: false + VisualTitleLabelOptions: + type: object + properties: + Visibility: + $ref: '#/components/schemas/Visibility' + FormatText: + $ref: '#/components/schemas/ShortFormatText' + additionalProperties: false + WaterfallChartAggregatedFieldWells: + type: object + properties: + Categories: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + Values: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 200 + minItems: 0 + Breakdowns: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 200 + minItems: 0 + additionalProperties: false + WaterfallChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/WaterfallChartFieldWells' + SortConfiguration: + $ref: '#/components/schemas/WaterfallChartSortConfiguration' + WaterfallChartOptions: + $ref: '#/components/schemas/WaterfallChartOptions' + CategoryAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + CategoryAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + PrimaryYAxisLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + PrimaryYAxisDisplayOptions: + $ref: '#/components/schemas/AxisDisplayOptions' + Legend: + $ref: '#/components/schemas/LegendOptions' + DataLabels: + $ref: '#/components/schemas/DataLabelOptions' + VisualPalette: + $ref: '#/components/schemas/VisualPalette' + additionalProperties: false + WaterfallChartFieldWells: + type: object + properties: + WaterfallChartAggregatedFieldWells: + $ref: '#/components/schemas/WaterfallChartAggregatedFieldWells' + additionalProperties: false + WaterfallChartOptions: + type: object + properties: + TotalBarLabel: + type: string + additionalProperties: false + WaterfallChartSortConfiguration: + type: object + properties: + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + BreakdownItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + additionalProperties: false + WaterfallVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/WaterfallChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + WhatIfPointScenario: + type: object + properties: + Date: + type: string + format: date-time + Value: + type: number + default: 0 + required: + - Date + - Value + additionalProperties: false + WhatIfRangeScenario: + type: object + properties: + StartDate: + type: string + format: date-time + EndDate: + type: string + format: date-time + Value: + type: number + default: 0 + required: + - EndDate + - StartDate + - Value + additionalProperties: false + WidgetStatus: + type: string + enum: + - ENABLED + - DISABLED + WordCloudAggregatedFieldWells: + type: object + properties: + GroupBy: + type: array + items: + $ref: '#/components/schemas/DimensionField' + maxItems: 10 + minItems: 0 + Size: + type: array + items: + $ref: '#/components/schemas/MeasureField' + maxItems: 1 + minItems: 0 + additionalProperties: false + WordCloudChartConfiguration: + type: object + properties: + FieldWells: + $ref: '#/components/schemas/WordCloudFieldWells' + SortConfiguration: + $ref: '#/components/schemas/WordCloudSortConfiguration' + CategoryLabelOptions: + $ref: '#/components/schemas/ChartAxisLabelOptions' + WordCloudOptions: + $ref: '#/components/schemas/WordCloudOptions' + additionalProperties: false + WordCloudCloudLayout: + type: string + enum: + - FLUID + - NORMAL + WordCloudFieldWells: + type: object + properties: + WordCloudAggregatedFieldWells: + $ref: '#/components/schemas/WordCloudAggregatedFieldWells' + additionalProperties: false + WordCloudOptions: + type: object + properties: + WordOrientation: + $ref: '#/components/schemas/WordCloudWordOrientation' + WordScaling: + $ref: '#/components/schemas/WordCloudWordScaling' + CloudLayout: + $ref: '#/components/schemas/WordCloudCloudLayout' + WordCasing: + $ref: '#/components/schemas/WordCloudWordCasing' + WordPadding: + $ref: '#/components/schemas/WordCloudWordPadding' + MaximumStringLength: + type: number + maximum: 100 + minimum: 1 + additionalProperties: false + WordCloudSortConfiguration: + type: object + properties: + CategoryItemsLimit: + $ref: '#/components/schemas/ItemsLimitConfiguration' + CategorySort: + type: array + items: + $ref: '#/components/schemas/FieldSortOptions' + maxItems: 100 + minItems: 0 + additionalProperties: false + WordCloudVisual: + type: object + properties: + VisualId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Title: + $ref: '#/components/schemas/VisualTitleLabelOptions' + Subtitle: + $ref: '#/components/schemas/VisualSubtitleLabelOptions' + ChartConfiguration: + $ref: '#/components/schemas/WordCloudChartConfiguration' + Actions: + type: array + items: + $ref: '#/components/schemas/VisualCustomAction' + maxItems: 10 + minItems: 0 + ColumnHierarchies: + type: array + items: + $ref: '#/components/schemas/ColumnHierarchy' + maxItems: 2 + minItems: 0 + required: + - VisualId + additionalProperties: false + WordCloudWordCasing: + type: string + enum: + - LOWER_CASE + - EXISTING_CASE + WordCloudWordOrientation: + type: string + enum: + - HORIZONTAL + - HORIZONTAL_AND_VERTICAL + WordCloudWordPadding: + type: string + enum: + - NONE + - SMALL + - MEDIUM + - LARGE + WordCloudWordScaling: + type: string + enum: + - EMPHASIZE + - NORMAL + Analysis: + type: object + properties: + AnalysisId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Arn: + type: string + AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + CreatedTime: + type: string + format: date-time + DataSetArns: + type: array + items: + type: string + maxItems: 100 + minItems: 0 + Definition: + $ref: '#/components/schemas/AnalysisDefinition' + Errors: + type: array + items: + $ref: '#/components/schemas/AnalysisError' + minItems: 1 + LastUpdatedTime: + type: string + format: date-time + Name: + type: string + maxLength: 2048 + minLength: 1 + Parameters: + $ref: '#/components/schemas/Parameters' + Permissions: + type: array + items: + $ref: '#/components/schemas/ResourcePermission' + maxItems: 64 + minItems: 1 + Sheets: + type: array + items: + $ref: '#/components/schemas/Sheet' + maxItems: 20 + minItems: 0 + SourceEntity: + $ref: '#/components/schemas/AnalysisSourceEntity' + Status: + $ref: '#/components/schemas/ResourceStatus' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + ThemeArn: + type: string + ValidationStrategy: + $ref: '#/components/schemas/ValidationStrategy' + required: + - AwsAccountId + - AnalysisId + - Name + x-stackql-resource-name: analysis + x-stackql-primaryIdentifier: + - AnalysisId + - AwsAccountId + x-create-only-properties: + - AnalysisId + - AwsAccountId + x-read-only-properties: + - Arn + - CreatedTime + - DataSetArns + - LastUpdatedTime + x-required-permissions: + create: + - quicksight:DescribeAnalysis + - quicksight:DescribeAnalysisPermissions + - quicksight:CreateAnalysis + - quicksight:DescribeTemplate + - quicksight:DescribeTheme + - quicksight:PassDataSet + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + read: + - quicksight:DescribeAnalysis + - quicksight:DescribeAnalysisPermissions + - quicksight:ListTagsForResource + update: + - quicksight:DescribeAnalysis + - quicksight:DescribeAnalysisPermissions + - quicksight:UpdateAnalysis + - quicksight:UpdateAnalysisPermissions + - quicksight:DescribeTemplate + - quicksight:DescribeTheme + - quicksight:PassDataSet + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + delete: + - quicksight:DescribeAnalysis + - quicksight:DeleteAnalysis + list: + - quicksight:ListAnalyses + AdHocFilteringOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + DashboardBehavior: + type: string + enum: + - ENABLED + - DISABLED + DashboardError: + type: object + properties: + Type: + $ref: '#/components/schemas/DashboardErrorType' + Message: + type: string + pattern: .*\S.* + ViolatedEntities: + type: array + items: + $ref: '#/components/schemas/Entity' + maxItems: 200 + minItems: 0 + additionalProperties: false + DashboardErrorType: + type: string + enum: + - ACCESS_DENIED + - SOURCE_NOT_FOUND + - DATA_SET_NOT_FOUND + - INTERNAL_FAILURE + - PARAMETER_VALUE_INCOMPATIBLE + - PARAMETER_TYPE_INVALID + - PARAMETER_NOT_FOUND + - COLUMN_TYPE_MISMATCH + - COLUMN_GEOGRAPHIC_ROLE_MISMATCH + - COLUMN_REPLACEMENT_MISSING + DashboardPublishOptions: + type: object + properties: + AdHocFilteringOption: + $ref: '#/components/schemas/AdHocFilteringOption' + ExportToCSVOption: + $ref: '#/components/schemas/ExportToCSVOption' + SheetControlsOption: + $ref: '#/components/schemas/SheetControlsOption' + VisualPublishOptions: + $ref: '#/components/schemas/DashboardVisualPublishOptions' + SheetLayoutElementMaximizationOption: + $ref: '#/components/schemas/SheetLayoutElementMaximizationOption' + VisualMenuOption: + $ref: '#/components/schemas/VisualMenuOption' + VisualAxisSortOption: + $ref: '#/components/schemas/VisualAxisSortOption' + ExportWithHiddenFieldsOption: + $ref: '#/components/schemas/ExportWithHiddenFieldsOption' + DataPointDrillUpDownOption: + $ref: '#/components/schemas/DataPointDrillUpDownOption' + DataPointMenuLabelOption: + $ref: '#/components/schemas/DataPointMenuLabelOption' + DataPointTooltipOption: + $ref: '#/components/schemas/DataPointTooltipOption' + additionalProperties: false + DashboardSourceEntity: + type: object + properties: + SourceTemplate: + $ref: '#/components/schemas/DashboardSourceTemplate' + additionalProperties: false + DashboardSourceTemplate: + type: object + properties: + DataSetReferences: + type: array + items: + $ref: '#/components/schemas/DataSetReference' + minItems: 1 + Arn: + type: string + required: + - Arn + - DataSetReferences + additionalProperties: false + DashboardUIState: + type: string + enum: + - EXPANDED + - COLLAPSED + DashboardVersion: + type: object + properties: + CreatedTime: + type: string + format: date-time + Errors: + type: array + items: + $ref: '#/components/schemas/DashboardError' + minItems: 1 + VersionNumber: + type: number + minimum: 1 + Status: + $ref: '#/components/schemas/ResourceStatus' + Arn: + type: string + SourceEntityArn: + type: string + DataSetArns: + type: array + items: + type: string + maxItems: 100 + minItems: 0 + Description: + type: string + maxLength: 512 + minLength: 1 + ThemeArn: + type: string + Sheets: + type: array + items: + $ref: '#/components/schemas/Sheet' + maxItems: 20 + minItems: 0 + additionalProperties: false + DashboardVersionDefinition: + type: object + properties: + DataSetIdentifierDeclarations: + type: array + items: + $ref: '#/components/schemas/DataSetIdentifierDeclaration' + maxItems: 50 + minItems: 1 + Sheets: + type: array + items: + $ref: '#/components/schemas/SheetDefinition' + maxItems: 20 + minItems: 0 + CalculatedFields: + type: array + items: + $ref: '#/components/schemas/CalculatedField' + maxItems: 500 + minItems: 0 + ParameterDeclarations: + type: array + items: + $ref: '#/components/schemas/ParameterDeclaration' + maxItems: 200 + minItems: 0 + FilterGroups: + type: array + items: + $ref: '#/components/schemas/FilterGroup' + maxItems: 2000 + minItems: 0 + ColumnConfigurations: + type: array + items: + $ref: '#/components/schemas/ColumnConfiguration' + maxItems: 200 + minItems: 0 + AnalysisDefaults: + $ref: '#/components/schemas/AnalysisDefaults' + Options: + $ref: '#/components/schemas/AssetOptions' + required: + - DataSetIdentifierDeclarations + additionalProperties: false + DashboardVisualPublishOptions: + type: object + properties: + ExportHiddenFieldsOption: + $ref: '#/components/schemas/ExportHiddenFieldsOption' + additionalProperties: false + DataPointDrillUpDownOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + DataPointMenuLabelOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + DataPointTooltipOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + ExportHiddenFieldsOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + ExportToCSVOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + ExportWithHiddenFieldsOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + LinkSharingConfiguration: + type: object + properties: + Permissions: + type: array + items: + $ref: '#/components/schemas/ResourcePermission' + maxItems: 64 + minItems: 1 + additionalProperties: false + SheetControlsOption: + type: object + properties: + VisibilityState: + $ref: '#/components/schemas/DashboardUIState' + additionalProperties: false + SheetLayoutElementMaximizationOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + VisualAxisSortOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + VisualMenuOption: + type: object + properties: + AvailabilityStatus: + $ref: '#/components/schemas/DashboardBehavior' + additionalProperties: false + Dashboard: + type: object + properties: + Arn: + type: string + AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + CreatedTime: + type: string + format: date-time + DashboardId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + DashboardPublishOptions: + $ref: '#/components/schemas/DashboardPublishOptions' + Definition: + $ref: '#/components/schemas/DashboardVersionDefinition' + LastPublishedTime: + type: string + format: date-time + LastUpdatedTime: + type: string + format: date-time + LinkEntities: + type: array + items: + type: string + maxLength: 1024 + minLength: 1 + pattern: ^arn:aws[\w\-]*:quicksight:[\w\-]+:\d+:analysis/[\w\-]{1,512} + maxItems: 5 + minItems: 0 + LinkSharingConfiguration: + $ref: '#/components/schemas/LinkSharingConfiguration' + Name: + type: string + maxLength: 2048 + minLength: 1 + Parameters: + $ref: '#/components/schemas/Parameters' + Permissions: + type: array + items: + $ref: '#/components/schemas/ResourcePermission' + maxItems: 64 + minItems: 1 + SourceEntity: + $ref: '#/components/schemas/DashboardSourceEntity' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + ThemeArn: + type: string + ValidationStrategy: + $ref: '#/components/schemas/ValidationStrategy' + Version: + $ref: '#/components/schemas/DashboardVersion' + VersionDescription: + type: string + maxLength: 512 + minLength: 1 + required: + - AwsAccountId + - DashboardId + - Name + x-stackql-resource-name: dashboard + x-stackql-primaryIdentifier: + - AwsAccountId + - DashboardId + x-create-only-properties: + - AwsAccountId + - DashboardId + x-read-only-properties: + - Arn + - CreatedTime + - LastPublishedTime + - LastUpdatedTime + - Version + x-required-permissions: + create: + - quicksight:DescribeDashboard + - quicksight:DescribeDashboardPermissions + - quicksight:CreateDashboard + - quicksight:DescribeTemplate + - quicksight:DescribeTheme + - quicksight:PassDataSet + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + read: + - quicksight:DescribeDashboard + - quicksight:DescribeDashboardPermissions + - quicksight:ListTagsForResource + update: + - quicksight:DescribeDashboard + - quicksight:DescribeDashboardPermissions + - quicksight:UpdateDashboard + - quicksight:UpdateDashboardLinks + - quicksight:UpdateDashboardPermissions + - quicksight:UpdateDashboardPublishedVersion + - quicksight:DescribeTemplate + - quicksight:DescribeTheme + - quicksight:PassDataSet + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + delete: + - quicksight:DescribeDashboard + - quicksight:DeleteDashboard + list: + - quicksight:ListDashboards + CalculatedColumn: + type: object + description:

A calculated column for a dataset.

+ properties: + ColumnId: + type: string + maxLength: 64 + minLength: 1 + description: |- +

A unique ID to identify a calculated column. During a dataset update, if the column ID + of a calculated column matches that of an existing calculated column, Amazon QuickSight + preserves the existing calculated column.

+ ColumnName: + type: string + maxLength: 128 + minLength: 1 + description:

Column name.

+ Expression: + type: string + maxLength: 4096 + minLength: 1 + description:

An expression that defines the calculated column.

+ required: + - ColumnId + - ColumnName + - Expression + additionalProperties: false + CastColumnTypeOperation: + type: object + description:

A transform operation that casts a column to a different type.

+ properties: + ColumnName: + type: string + maxLength: 128 + minLength: 1 + description:

Column name.

+ Format: + type: string + maxLength: 32 + minLength: 0 + description: |- +

When casting a column from string to datetime type, you can supply a string in a + format supported by Amazon QuickSight to denote the source data format.

+ NewColumnType: + $ref: '#/components/schemas/ColumnDataType' + SubType: + $ref: '#/components/schemas/ColumnSubDataType' + required: + - ColumnName + - NewColumnType + additionalProperties: false + ColumnDataType: + type: string + enum: + - STRING + - INTEGER + - DECIMAL + - DATETIME + ColumnSubDataType: + type: string + enum: + - FIXED + - FLOAT + ColumnDescription: + type: object + description:

Metadata that contains a description for a column.

+ properties: + Text: + type: string + maxLength: 500 + minLength: 0 + description:

The text of a description for a column.

+ additionalProperties: false + ColumnGroup: + type: object + description: |- +

Groupings of columns that work together in certain Amazon QuickSight features. This is + a variant type structure. For this structure to be valid, only one of the attributes can + be non-null.

+ properties: + GeoSpatialColumnGroup: + $ref: '#/components/schemas/GeoSpatialColumnGroup' + additionalProperties: false + ColumnLevelPermissionRule: + type: object + properties: + ColumnNames: + type: array + items: + type: string + minItems: 1 + Principals: + type: array + items: + type: string + maxItems: 100 + minItems: 1 + additionalProperties: false + ColumnTag: + type: object + description: |- +

A tag for a column in a TagColumnOperation structure. This is a + variant type structure. For this structure to be valid, only one of the attributes can + be non-null.

+ properties: + ColumnGeographicRole: + $ref: '#/components/schemas/GeoSpatialDataRole' + ColumnDescription: + $ref: '#/components/schemas/ColumnDescription' + additionalProperties: false + CreateColumnsOperation: + type: object + description: |- +

A transform operation that creates calculated columns. Columns created in one such + operation form a lexical closure.

+ properties: + Columns: + type: array + items: + $ref: '#/components/schemas/CalculatedColumn' + maxItems: 128 + minItems: 1 + description:

Calculated columns to create.

+ required: + - Columns + additionalProperties: false + CustomSql: + type: object + description:

A physical table type built from the results of the custom SQL query.

+ properties: + DataSourceArn: + type: string + description:

The Amazon Resource Name (ARN) of the data source.

+ SqlQuery: + type: string + maxLength: 65536 + minLength: 1 + description:

The SQL query.

+ Columns: + type: array + items: + $ref: '#/components/schemas/InputColumn' + maxItems: 2048 + minItems: 1 + description:

The column schema from the SQL query result set.

+ Name: + type: string + maxLength: 128 + minLength: 1 + description:

A display name for the SQL query result.

+ required: + - Columns + - DataSourceArn + - Name + - SqlQuery + additionalProperties: false + DataSetImportMode: + type: string + enum: + - SPICE + - DIRECT_QUERY + DatasetParameter: + type: object + description:

A parameter created in the dataset that could be of any one data type such as string, integer, decimal or datetime.

+ properties: + StringDatasetParameter: + $ref: '#/components/schemas/StringDatasetParameter' + DecimalDatasetParameter: + $ref: '#/components/schemas/DecimalDatasetParameter' + IntegerDatasetParameter: + $ref: '#/components/schemas/IntegerDatasetParameter' + DateTimeDatasetParameter: + $ref: '#/components/schemas/DateTimeDatasetParameter' + additionalProperties: false + DatasetParameterId: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[a-zA-Z0-9-]+$ + description:

Identifier of the parameter created in the dataset.

+ DatasetParameterName: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + description:

Name of the parameter created in the dataset.

+ DatasetParameterValueType: + type: string + enum: + - MULTI_VALUED + - SINGLE_VALUED + description:

Every parameter value could be either a single value or multi value which helps to validate before evaluation.

+ DateTimeDatasetParameter: + type: object + description:

A parameter created in the dataset of date time data type.

+ properties: + Id: + $ref: '#/components/schemas/DatasetParameterId' + Name: + $ref: '#/components/schemas/DatasetParameterName' + ValueType: + $ref: '#/components/schemas/DatasetParameterValueType' + TimeGranularity: + $ref: '#/components/schemas/TimeGranularity' + DefaultValues: + $ref: '#/components/schemas/DateTimeDatasetParameterDefaultValues' + required: + - Id + - Name + - ValueType + additionalProperties: false + DateTimeDatasetParameterDefaultValues: + type: object + description:

List of default values defined for a given string date time parameter type. Currently only static values are supported.

+ properties: + StaticValues: + $ref: '#/components/schemas/DateTimeDatasetParameterValueList' + description:

List of static default values defined for a given string date time parameter type.

+ additionalProperties: false + DateTimeDatasetParameterValueList: + type: array + items: + type: string + description:

Default value defined for the dataset parameter of date time type.

+ maxItems: 32 + minItems: 1 + DecimalDatasetParameter: + type: object + description:

A parameter created in the dataset of decimal data type.

+ properties: + Id: + $ref: '#/components/schemas/DatasetParameterId' + Name: + $ref: '#/components/schemas/DatasetParameterName' + ValueType: + $ref: '#/components/schemas/DatasetParameterValueType' + DefaultValues: + $ref: '#/components/schemas/DecimalDatasetParameterDefaultValues' + required: + - Id + - Name + - ValueType + additionalProperties: false + DecimalDatasetParameterDefaultValues: + type: object + description:

List of default values defined for a given decimal dataset parameter type. Currently only static values are supported.

+ properties: + StaticValues: + $ref: '#/components/schemas/DecimalDatasetParameterValueList' + description:

List of static default values defined for a given decimal dataset parameter type.

+ additionalProperties: false + DecimalDatasetParameterValueList: + type: array + items: + type: number + description:

Default value defined for the dataset parameter of decimal type.

+ maxItems: 32 + minItems: 1 + IntegerDatasetParameter: + type: object + description:

A parameter created in the dataset of integer data type.

+ properties: + Id: + $ref: '#/components/schemas/DatasetParameterId' + Name: + $ref: '#/components/schemas/DatasetParameterName' + ValueType: + $ref: '#/components/schemas/DatasetParameterValueType' + DefaultValues: + $ref: '#/components/schemas/IntegerDatasetParameterDefaultValues' + required: + - Id + - Name + - ValueType + additionalProperties: false + IntegerDatasetParameterDefaultValues: + type: object + description:

List of default values defined for a given integer dataset parameter type. Currently only static values are supported.

+ properties: + StaticValues: + $ref: '#/components/schemas/IntegerDatasetParameterValueList' + description:

List of static default values defined for a given integer dataset parameter type.

+ additionalProperties: false + IntegerDatasetParameterValueList: + type: array + items: + type: number + description:

Default value defined for the dataset parameter of integer type.

+ maxItems: 32 + minItems: 1 + StringDatasetParameter: + type: object + description:

A parameter created in the dataset of string data type.

+ properties: + Id: + $ref: '#/components/schemas/DatasetParameterId' + Name: + $ref: '#/components/schemas/DatasetParameterName' + ValueType: + $ref: '#/components/schemas/DatasetParameterValueType' + DefaultValues: + $ref: '#/components/schemas/StringDatasetParameterDefaultValues' + required: + - Id + - Name + - ValueType + additionalProperties: false + StringDatasetParameterDefaultValues: + type: object + description:

List of default values defined for a given string dataset parameter type. Currently only static values are supported.

+ properties: + StaticValues: + $ref: '#/components/schemas/StringDatasetParameterValueList' + description:

List of static default values defined for a given string dataset parameter type.

+ additionalProperties: false + StringDatasetParameterValueList: + type: array + items: + type: string + description:

Default value defined for the dataset parameter of string type.

+ maxItems: 32 + minItems: 1 + FieldFolder: + type: object + properties: + Description: + type: string + maxLength: 500 + minLength: 0 + Columns: + type: array + items: + type: string + maxItems: 5000 + minItems: 0 + additionalProperties: false + FieldFolderMap: + type: object + x-patternProperties: + .+: + $ref: '#/components/schemas/FieldFolder' + additionalProperties: false + FileFormat: + type: string + enum: + - CSV + - TSV + - CLF + - ELF + - XLSX + - JSON + FilterOperation: + type: object + description:

A transform operation that filters rows based on a condition.

+ properties: + ConditionExpression: + type: string + maxLength: 4096 + minLength: 1 + description: |- +

An expression that must evaluate to a Boolean value. Rows for which the expression + evaluates to true are kept in the dataset.

+ required: + - ConditionExpression + additionalProperties: false + GeoSpatialColumnGroup: + type: object + description:

Geospatial column group that denotes a hierarchy.

+ properties: + Columns: + type: array + items: + type: string + maxLength: 128 + minLength: 1 + maxItems: 16 + minItems: 1 + description:

Columns in this hierarchy.

+ CountryCode: + $ref: '#/components/schemas/GeoSpatialCountryCode' + Name: + type: string + maxLength: 64 + minLength: 1 + description:

A display name for the hierarchy.

+ required: + - Columns + - Name + additionalProperties: false + GeoSpatialCountryCode: + type: string + enum: + - US + GeoSpatialDataRole: + type: string + enum: + - COUNTRY + - STATE + - COUNTY + - CITY + - POSTCODE + - LONGITUDE + - LATITUDE + - POLITICAL1 + InputColumn: + type: object + description:

Metadata for a column that is used as the input of a transform operation.

+ properties: + Type: + $ref: '#/components/schemas/InputColumnDataType' + SubType: + $ref: '#/components/schemas/ColumnSubDataType' + Name: + type: string + maxLength: 128 + minLength: 1 + description:

The name of this column in the underlying data source.

+ required: + - Name + - Type + additionalProperties: false + InputColumnDataType: + type: string + enum: + - STRING + - INTEGER + - DECIMAL + - DATETIME + - BIT + - BOOLEAN + - JSON + RefreshConfiguration: + type: object + description:

Refresh Configuration.

+ properties: + IncrementalRefresh: + $ref: '#/components/schemas/IncrementalRefresh' + additionalProperties: false + IncrementalRefresh: + type: object + description:

Incremental Refresh

+ properties: + LookbackWindow: + $ref: '#/components/schemas/LookbackWindow' + additionalProperties: false + LookbackWindow: + type: object + properties: + ColumnName: + type: string + description:

Column Name

+ Size: + type: number + description:

Size

+ minimum: 1 + SizeUnit: + $ref: '#/components/schemas/SizeUnit' + additionalProperties: false + SizeUnit: + type: string + enum: + - HOUR + - DAY + - WEEK + JoinInstruction: + type: object + description:

Join instruction.

+ properties: + OnClause: + type: string + maxLength: 512 + minLength: 1 + description:

On Clause.

+ Type: + $ref: '#/components/schemas/JoinType' + LeftJoinKeyProperties: + $ref: '#/components/schemas/JoinKeyProperties' + LeftOperand: + type: string + maxLength: 64 + minLength: 1 + pattern: '[0-9a-zA-Z-]*' + description:

Left operand.

+ RightOperand: + type: string + maxLength: 64 + minLength: 1 + pattern: '[0-9a-zA-Z-]*' + description:

Right operand.

+ RightJoinKeyProperties: + $ref: '#/components/schemas/JoinKeyProperties' + required: + - LeftOperand + - OnClause + - RightOperand + - Type + additionalProperties: false + JoinKeyProperties: + type: object + properties: + UniqueKey: + type: boolean + additionalProperties: false + JoinType: + type: string + enum: + - INNER + - OUTER + - LEFT + - RIGHT + LogicalTable: + type: object + description: |- +

A logical table is a unit that joins and that data + transformations operate on. A logical table has a source, which can be either a physical + table or result of a join. When a logical table points to a physical table, the logical + table acts as a mutable copy of that physical table through transform operations.

+ properties: + Alias: + type: string + maxLength: 64 + minLength: 1 + description:

A display name for the logical table.

+ DataTransforms: + type: array + items: + $ref: '#/components/schemas/TransformOperation' + maxItems: 2048 + minItems: 1 + description:

Transform operations that act on this logical table.

+ Source: + $ref: '#/components/schemas/LogicalTableSource' + required: + - Alias + - Source + additionalProperties: false + LogicalTableMap: + type: object + maxProperties: 64 + minProperties: 1 + x-patternProperties: + '[0-9a-zA-Z-]*': + $ref: '#/components/schemas/LogicalTable' + additionalProperties: false + LogicalTableSource: + type: object + description: |- +

Information about the source of a logical table. This is a variant type structure. For + this structure to be valid, only one of the attributes can be non-null.

+ properties: + PhysicalTableId: + type: string + maxLength: 64 + minLength: 1 + pattern: '[0-9a-zA-Z-]*' + description:

Physical table ID.

+ JoinInstruction: + $ref: '#/components/schemas/JoinInstruction' + DataSetArn: + type: string + description:

The Amazon Resource Name (ARN) for the dataset.

+ additionalProperties: false + NewDefaultValues: + type: object + properties: + StringStaticValues: + $ref: '#/components/schemas/StringDatasetParameterValueList' + DecimalStaticValues: + $ref: '#/components/schemas/DecimalDatasetParameterValueList' + DateTimeStaticValues: + $ref: '#/components/schemas/DateTimeDatasetParameterValueList' + IntegerStaticValues: + $ref: '#/components/schemas/IntegerDatasetParameterValueList' + additionalProperties: false + OutputColumn: + type: object + description:

Output column.

+ properties: + Type: + $ref: '#/components/schemas/ColumnDataType' + SubType: + $ref: '#/components/schemas/ColumnSubDataType' + Description: + type: string + maxLength: 500 + minLength: 0 + description:

A description for a column.

+ Name: + type: string + maxLength: 128 + minLength: 1 + description:

A display name for the dataset.

+ additionalProperties: false + OverrideDatasetParameterOperation: + type: object + description:

A transform operation that overrides the dataset parameter values defined in another dataset.

+ properties: + ParameterName: + $ref: '#/components/schemas/DatasetParameterName' + description:

The name of the parameter to be overridden with different values.

+ NewParameterName: + $ref: '#/components/schemas/DatasetParameterName' + description:

The new name for the parameter.

+ NewDefaultValues: + $ref: '#/components/schemas/NewDefaultValues' + description:

The new default values for the parameter.

+ required: + - ParameterName + additionalProperties: false + PhysicalTable: + type: object + description: |- +

A view of a data source that contains information about the shape of the data in the + underlying source. This is a variant type structure. For this structure to be valid, + only one of the attributes can be non-null.

+ properties: + RelationalTable: + $ref: '#/components/schemas/RelationalTable' + CustomSql: + $ref: '#/components/schemas/CustomSql' + S3Source: + $ref: '#/components/schemas/S3Source' + additionalProperties: false + PhysicalTableMap: + type: object + maxProperties: 32 + minProperties: 0 + x-patternProperties: + '[0-9a-zA-Z-]*': + $ref: '#/components/schemas/PhysicalTable' + additionalProperties: false + ProjectOperation: + type: object + description: |- +

A transform operation that projects columns. Operations that come after a projection + can only refer to projected columns.

+ properties: + ProjectedColumns: + type: array + items: + type: string + maxItems: 2000 + minItems: 1 + description:

Projected columns.

+ required: + - ProjectedColumns + additionalProperties: false + RelationalTable: + type: object + description:

A physical table type for relational data sources.

+ properties: + DataSourceArn: + type: string + description:

The Amazon Resource Name (ARN) for the data source.

+ InputColumns: + type: array + items: + $ref: '#/components/schemas/InputColumn' + maxItems: 2048 + minItems: 1 + description:

The column schema of the table.

+ Schema: + type: string + maxLength: 64 + minLength: 0 + description:

The schema name. This name applies to certain relational database engines.

+ Catalog: + type: string + description:

The catalog associated with a table.

+ maxLength: 256 + minLength: 0 + Name: + type: string + maxLength: 64 + minLength: 1 + description:

The name of the relational table.

+ required: + - DataSourceArn + - InputColumns + - Name + additionalProperties: false + RenameColumnOperation: + type: object + description:

A transform operation that renames a column.

+ properties: + NewColumnName: + type: string + maxLength: 128 + minLength: 1 + description:

The new name for the column.

+ ColumnName: + type: string + maxLength: 128 + minLength: 1 + description:

The name of the column to be renamed.

+ required: + - ColumnName + - NewColumnName + additionalProperties: false + RowLevelPermissionDataSet: + type: object + description:

The row-level security configuration for the dataset.

+ properties: + Arn: + type: string + description:

The Amazon Resource Name (ARN) of the permission dataset.

+ Namespace: + type: string + maxLength: 64 + minLength: 0 + pattern: ^[a-zA-Z0-9._-]*$ + description:

The namespace associated with the row-level permissions dataset.

+ PermissionPolicy: + $ref: '#/components/schemas/RowLevelPermissionPolicy' + FormatVersion: + $ref: '#/components/schemas/RowLevelPermissionFormatVersion' + Status: + $ref: '#/components/schemas/Status' + required: + - Arn + - PermissionPolicy + additionalProperties: false + RowLevelPermissionPolicy: + type: string + enum: + - GRANT_ACCESS + - DENY_ACCESS + RowLevelPermissionFormatVersion: + type: string + enum: + - VERSION_1 + - VERSION_2 + RowLevelPermissionTagConfiguration: + type: object + description:

The configuration of tags on a dataset to set row-level security.

+ properties: + Status: + $ref: '#/components/schemas/Status' + TagRules: + type: array + items: + $ref: '#/components/schemas/RowLevelPermissionTagRule' + maxItems: 50 + minItems: 1 + description:

A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.

+ TagRuleConfigurations: + type: array + items: + $ref: '#/components/schemas/RowLevelPermissionTagRuleConfiguration' + maxItems: 50 + minItems: 1 + description:

A list of tag configuration rules to apply to a dataset. All tag configurations have the OR condition. Tags within each tile will be joined (AND). At least one rule in this structure must have all tag values assigned to it to apply Row-level security (RLS) to the dataset.

+ required: + - TagRules + additionalProperties: false + Status: + type: string + enum: + - ENABLED + - DISABLED + RowLevelPermissionTagRule: + type: object + description:

Permission for the resource.

+ properties: + ColumnName: + type: string + description:

The column name that a tag key is assigned to.

+ TagKey: + type: string + maxLength: 128 + minLength: 1 + description:

The unique key for a tag.

+ MatchAllValue: + type: string + maxLength: 256 + minLength: 1 + description:

A string that you want to use to filter by all the values in a column in the dataset and don’t want to list the values one by one. For example, you can use an asterisk as your match all value.

+ TagMultiValueDelimiter: + type: string + maxLength: 10 + description:

A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.

+ required: + - ColumnName + - TagKey + additionalProperties: false + RowLevelPermissionTagRuleConfiguration: + type: array + items: + type: string + maxLength: 128 + minLength: 1 + maxItems: 50 + minItems: 1 + S3Source: + type: object + description:

A physical table type for as S3 data source.

+ properties: + DataSourceArn: + type: string + description:

The amazon Resource Name (ARN) for the data source.

+ InputColumns: + type: array + items: + $ref: '#/components/schemas/InputColumn' + maxItems: 2048 + minItems: 1 + description:

A physical table type for as S3 data source.

+ UploadSettings: + $ref: '#/components/schemas/UploadSettings' + required: + - DataSourceArn + - InputColumns + additionalProperties: false + TagColumnOperation: + type: object + description:

A transform operation that tags a column with additional information.

+ properties: + ColumnName: + type: string + maxLength: 128 + minLength: 1 + description:

The column that this operation acts on.

+ Tags: + type: array + items: + $ref: '#/components/schemas/ColumnTag' + maxItems: 16 + minItems: 1 + description: |- +

The dataset column tag, currently only used for geospatial type tagging. .

+ +

This is not tags for the AWS tagging feature. .

+ + required: + - ColumnName + - Tags + additionalProperties: false + TextQualifier: + type: string + enum: + - DOUBLE_QUOTE + - SINGLE_QUOTE + TransformOperation: + type: object + description: |- +

A data transformation on a logical table. This is a variant type structure. For this + structure to be valid, only one of the attributes can be non-null.

+ properties: + TagColumnOperation: + $ref: '#/components/schemas/TagColumnOperation' + FilterOperation: + $ref: '#/components/schemas/FilterOperation' + CastColumnTypeOperation: + $ref: '#/components/schemas/CastColumnTypeOperation' + CreateColumnsOperation: + $ref: '#/components/schemas/CreateColumnsOperation' + RenameColumnOperation: + $ref: '#/components/schemas/RenameColumnOperation' + ProjectOperation: + $ref: '#/components/schemas/ProjectOperation' + OverrideDatasetParameterOperation: + $ref: '#/components/schemas/OverrideDatasetParameterOperation' + additionalProperties: false + UploadSettings: + type: object + description:

Information about the format for a source file or files.

+ properties: + ContainsHeader: + type: boolean + description:

Whether the file has a header row, or the files each have a header row.

+ TextQualifier: + $ref: '#/components/schemas/TextQualifier' + Format: + $ref: '#/components/schemas/FileFormat' + StartFromRow: + type: number + minimum: 1 + description:

A row number to start reading data from.

+ Delimiter: + type: string + maxLength: 1 + minLength: 1 + description:

The delimiter between values in the file.

+ additionalProperties: false + IngestionWaitPolicy: + type: object + description:

Wait policy to use when creating/updating dataset. Default is to wait for SPICE ingestion to finish with timeout of 36 hours.

+ properties: + WaitForSpiceIngestion: + type: boolean + description: |- +

Wait for SPICE ingestion to finish to mark dataset creation/update successful. Default (true). + Applicable only when DataSetImportMode mode is set to SPICE.

+ default: true + IngestionWaitTimeInHours: + type: number + description: |- +

The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. + Applicable only when DataSetImportMode mode is set to SPICE and WaitForSpiceIngestion is set to true.

+ minimum: 1 + maximum: 36 + default: 36 + additionalProperties: false + DataSetUsageConfiguration: + type: object + description:

The dataset usage configuration for the dataset.

+ properties: + DisableUseAsDirectQuerySource: + type: boolean + DisableUseAsImportedSource: + type: boolean + additionalProperties: false + DataSetRefreshProperties: + type: object + description:

The dataset refresh properties for the dataset.

+ properties: + RefreshConfiguration: + $ref: '#/components/schemas/RefreshConfiguration' + additionalProperties: false + DataSet: + type: object + properties: + Arn: + type: string + description:

The Amazon Resource Name (ARN) of the resource.

+ AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + ColumnGroups: + type: array + items: + $ref: '#/components/schemas/ColumnGroup' + maxItems: 8 + minItems: 1 + description:

Groupings of columns that work together in certain QuickSight features. Currently, only geospatial hierarchy is supported.

+ ColumnLevelPermissionRules: + type: array + items: + $ref: '#/components/schemas/ColumnLevelPermissionRule' + minItems: 1 + ConsumedSpiceCapacityInBytes: + type: number + description: |- +

The amount of SPICE capacity used by this dataset. This is 0 if the dataset isn't + imported into SPICE.

+ CreatedTime: + type: string + description:

The time that this dataset was created.

+ format: string + DataSetId: + type: string + DatasetParameters: + type: array + items: + $ref: '#/components/schemas/DatasetParameter' + maxItems: 32 + minItems: 1 + description:

The parameters declared in the dataset.

+ FieldFolders: + $ref: '#/components/schemas/FieldFolderMap' + ImportMode: + $ref: '#/components/schemas/DataSetImportMode' + LastUpdatedTime: + type: string + description:

The last time that this dataset was updated.

+ format: string + LogicalTableMap: + $ref: '#/components/schemas/LogicalTableMap' + Name: + type: string + maxLength: 128 + minLength: 1 + description:

The display name for the dataset.

+ OutputColumns: + type: array + items: + $ref: '#/components/schemas/OutputColumn' + description: |- +

The list of columns after all transforms. These columns are available in templates, + analyses, and dashboards.

+ Permissions: + type: array + items: + $ref: '#/components/schemas/ResourcePermission' + maxItems: 64 + minItems: 1 + description:

A list of resource permissions on the dataset.

+ PhysicalTableMap: + $ref: '#/components/schemas/PhysicalTableMap' + RowLevelPermissionDataSet: + $ref: '#/components/schemas/RowLevelPermissionDataSet' + RowLevelPermissionTagConfiguration: + $ref: '#/components/schemas/RowLevelPermissionTagConfiguration' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + description:

Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.

+ IngestionWaitPolicy: + $ref: '#/components/schemas/IngestionWaitPolicy' + DataSetUsageConfiguration: + $ref: '#/components/schemas/DataSetUsageConfiguration' + DataSetRefreshProperties: + $ref: '#/components/schemas/DataSetRefreshProperties' + x-stackql-resource-name: data_set + x-stackql-primaryIdentifier: + - AwsAccountId + - DataSetId + x-create-only-properties: + - AwsAccountId + - DataSetId + x-read-only-properties: + - Arn + - ConsumedSpiceCapacityInBytes + - CreatedTime + - LastUpdatedTime + - OutputColumns + x-required-permissions: + create: + - quicksight:DescribeDataSet + - quicksight:DescribeDataSetPermissions + - quicksight:DescribeIngestion + - quicksight:ListIngestions + - quicksight:CreateDataSet + - quicksight:PassDataSource + - quicksight:PassDataSet + - quicksight:TagResource + - quicksight:ListTagsForResource + - quicksight:DescribeDataSetRefreshProperties + - quicksight:PutDataSetRefreshProperties + read: + - quicksight:DescribeDataSet + - quicksight:DescribeDataSetPermissions + - quicksight:ListTagsForResource + - quicksight:DescribeDataSetRefreshProperties + update: + - quicksight:DescribeDataSet + - quicksight:DescribeDataSetPermissions + - quicksight:PassDataSource + - quicksight:UpdateDataSet + - quicksight:UpdateDataSetPermissions + - quicksight:PassDataSet + - quicksight:DescribeIngestion + - quicksight:ListIngestions + - quicksight:CancelIngestion + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + - quicksight:PutDataSetRefreshProperties + - quicksight:DescribeDataSetRefreshProperties + - quicksight:DeleteDataSetRefreshProperties + delete: + - quicksight:DescribeDataSet + - quicksight:DeleteDataSet + - quicksight:ListTagsForResource + - quicksight:DescribeIngestion + - quicksight:DeleteDataSetRefreshProperties + - quicksight:DescribeDataSetRefreshProperties + list: + - quicksight:DescribeDataSet + - quicksight:ListDataSets + AmazonElasticsearchParameters: + type: object + description:

Amazon Elasticsearch Service parameters.

+ properties: + Domain: + type: string + maxLength: 64 + minLength: 1 + description:

The Amazon Elasticsearch Service domain.

+ required: + - Domain + AmazonOpenSearchParameters: + type: object + description:

Amazon OpenSearch Service parameters.

+ properties: + Domain: + type: string + maxLength: 64 + minLength: 1 + description:

The Amazon OpenSearch Service domain.

+ required: + - Domain + AthenaParameters: + type: object + description:

Amazon Athena parameters.

+ properties: + WorkGroup: + type: string + maxLength: 128 + minLength: 1 + description:

The workgroup that Amazon Athena uses.

+ RoleArn: + type: string + maxLength: 2048 + minLength: 20 + description:

Use the RoleArn structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use RoleArn to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.

+ AuroraParameters: + type: object + description:

Amazon Aurora parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Port + AuroraPostgreSqlParameters: + type: object + description:

Amazon Aurora with PostgreSQL compatibility parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Port + AwsIotAnalyticsParameters: + type: object + description:

AWS IoT Analytics parameters.

+ properties: + DataSetName: + type: string + maxLength: 128 + minLength: 1 + description:

Dataset name.

+ required: + - DataSetName + CredentialPair: + type: object + description:

The combination of user name and password that are used as credentials.

+ properties: + AlternateDataSourceParameters: + type: array + items: + $ref: '#/components/schemas/DataSourceParameters' + maxItems: 50 + minItems: 1 + description: |- +

A set of alternate data source parameters that you want to share for these + credentials. The credentials are applied in tandem with the data source parameters when + you copy a data source by using a create or update request. The API operation compares + the DataSourceParameters structure that's in the request with the + structures in the AlternateDataSourceParameters allow list. If the + structures are an exact match, the request is allowed to use the new data source with + the existing credentials. If the AlternateDataSourceParameters list is + null, the DataSourceParameters originally used with these + Credentials is automatically allowed.

+ Username: + type: string + maxLength: 64 + minLength: 1 + description:

User name.

+ Password: + type: string + maxLength: 1024 + minLength: 1 + description:

Password.

+ required: + - Password + - Username + DatabricksParameters: + type: object + description:

Databricks parameters.

+ properties: + Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ SqlEndpointPath: + type: string + maxLength: 4096 + minLength: 1 + description:

The HTTP Path of the Databricks data source.

+ required: + - Host + - Port + - SqlEndpointPath + DataSourceCredentials: + type: object + description: |- +

Data source credentials. This is a variant type structure. For this structure to be + valid, only one of the attributes can be non-null.

+ properties: + CopySourceArn: + type: string + pattern: ^arn:[-a-z0-9]*:quicksight:[-a-z0-9]*:[0-9]{12}:datasource/.+ + description: |- +

The Amazon Resource Name (ARN) of a data source that has the credential pair that you + want to use. When CopySourceArn is not null, the credential pair from the + data source in the ARN is used as the credentials for the + DataSourceCredentials structure.

+ CredentialPair: + $ref: '#/components/schemas/CredentialPair' + SecretArn: + type: string + pattern: ^arn:[-a-z0-9]*:secretsmanager:[-a-z0-9]*:[0-9]{12}:secret:.+ + maxLength: 2048 + minLength: 1 + description:

The Amazon Resource Name (ARN) of the secret associated with the data source in Amazon Secrets Manager.

+ DataSourceErrorInfo: + type: object + description:

Error information for the data source creation or update.

+ properties: + Type: + $ref: '#/components/schemas/DataSourceErrorInfoType' + Message: + type: string + description:

Error message.

+ DataSourceErrorInfoType: + type: string + enum: + - ACCESS_DENIED + - COPY_SOURCE_NOT_FOUND + - TIMEOUT + - ENGINE_VERSION_NOT_SUPPORTED + - UNKNOWN_HOST + - GENERIC_SQL_FAILURE + - CONFLICT + - UNKNOWN + DataSourceParameters: + type: object + description: |- +

The parameters that Amazon QuickSight uses to connect to your underlying data source. + This is a variant type structure. For this structure to be valid, only one of the + attributes can be non-null.

+ properties: + AuroraPostgreSqlParameters: + $ref: '#/components/schemas/AuroraPostgreSqlParameters' + TeradataParameters: + $ref: '#/components/schemas/TeradataParameters' + RdsParameters: + $ref: '#/components/schemas/RdsParameters' + AthenaParameters: + $ref: '#/components/schemas/AthenaParameters' + SparkParameters: + $ref: '#/components/schemas/SparkParameters' + MariaDbParameters: + $ref: '#/components/schemas/MariaDbParameters' + OracleParameters: + $ref: '#/components/schemas/OracleParameters' + PrestoParameters: + $ref: '#/components/schemas/PrestoParameters' + RedshiftParameters: + $ref: '#/components/schemas/RedshiftParameters' + MySqlParameters: + $ref: '#/components/schemas/MySqlParameters' + SqlServerParameters: + $ref: '#/components/schemas/SqlServerParameters' + SnowflakeParameters: + $ref: '#/components/schemas/SnowflakeParameters' + AmazonElasticsearchParameters: + $ref: '#/components/schemas/AmazonElasticsearchParameters' + AmazonOpenSearchParameters: + $ref: '#/components/schemas/AmazonOpenSearchParameters' + PostgreSqlParameters: + $ref: '#/components/schemas/PostgreSqlParameters' + AuroraParameters: + $ref: '#/components/schemas/AuroraParameters' + S3Parameters: + $ref: '#/components/schemas/S3Parameters' + DatabricksParameters: + $ref: '#/components/schemas/DatabricksParameters' + StarburstParameters: + $ref: '#/components/schemas/StarburstParameters' + TrinoParameters: + $ref: '#/components/schemas/TrinoParameters' + DataSourceType: + type: string + enum: + - ADOBE_ANALYTICS + - AMAZON_ELASTICSEARCH + - AMAZON_OPENSEARCH + - ATHENA + - AURORA + - AURORA_POSTGRESQL + - AWS_IOT_ANALYTICS + - DATABRICKS + - GITHUB + - JIRA + - MARIADB + - MYSQL + - ORACLE + - POSTGRESQL + - PRESTO + - REDSHIFT + - S3 + - SALESFORCE + - SERVICENOW + - SNOWFLAKE + - SPARK + - SQLSERVER + - TERADATA + - TWITTER + - TIMESTREAM + - STARBURST + - TRINO + ManifestFileLocation: + type: object + description:

Amazon S3 manifest file location.

+ properties: + Bucket: + type: string + maxLength: 1024 + minLength: 1 + description:

Amazon S3 bucket.

+ Key: + type: string + maxLength: 1024 + minLength: 1 + description:

Amazon S3 key that identifies an object.

+ required: + - Bucket + - Key + MariaDbParameters: + type: object + description:

MariaDB parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Port + MySqlParameters: + type: object + description:

MySQL parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Port + OracleParameters: + type: object + properties: + Port: + type: number + maximum: 65535 + minimum: 1 + Database: + type: string + maxLength: 128 + minLength: 1 + Host: + type: string + maxLength: 256 + minLength: 1 + required: + - Database + - Host + - Port + PostgreSqlParameters: + type: object + description:

PostgreSQL parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Port + PrestoParameters: + type: object + description:

Presto parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ Catalog: + type: string + maxLength: 128 + minLength: 0 + description:

Catalog.

+ required: + - Catalog + - Host + - Port + RdsParameters: + type: object + description:

Amazon RDS parameters.

+ properties: + InstanceId: + type: string + maxLength: 64 + minLength: 1 + description:

Instance ID.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ required: + - Database + - InstanceId + RedshiftParameters: + type: object + description: |- +

Amazon Redshift parameters. The ClusterId field can be blank if + Host and Port are both set. The Host and + Port fields can be blank if the ClusterId field is set.

+ properties: + ClusterId: + type: string + maxLength: 64 + minLength: 1 + description: |- +

Cluster ID. This field can be blank if the Host and Port are + provided.

+ Port: + type: number + maximum: 65535 + minimum: 0 + description:

Port. This field can be blank if the ClusterId is provided.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host. This field can be blank if ClusterId is provided.

+ required: + - Database + S3Parameters: + type: object + description:

S3 parameters.

+ properties: + ManifestFileLocation: + $ref: '#/components/schemas/ManifestFileLocation' + RoleArn: + type: string + maxLength: 2048 + minLength: 20 + description:

Use the RoleArn structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use RoleArn to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.

+ required: + - ManifestFileLocation + SnowflakeParameters: + type: object + description:

Snowflake parameters.

+ properties: + Warehouse: + type: string + maxLength: 128 + minLength: 0 + description:

Warehouse.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Warehouse + StarburstParameters: + type: object + description:

Starburst parameters.

+ properties: + Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Catalog: + type: string + maxLength: 128 + minLength: 0 + description:

Catalog.

+ ProductType: + $ref: '#/components/schemas/StarburstProductType' + required: + - Host + - Port + - Catalog + StarburstProductType: + type: string + enum: + - GALAXY + - ENTERPRISE + TrinoParameters: + type: object + description:

Trino parameters.

+ properties: + Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Catalog: + type: string + maxLength: 128 + minLength: 0 + description:

Catalog.

+ required: + - Host + - Port + - Catalog + SparkParameters: + type: object + description:

Spark parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Host + - Port + SqlServerParameters: + type: object + description:

SQL Server parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Port + SslProperties: + type: object + description: |- +

Secure Socket Layer (SSL) properties that apply when QuickSight connects to your + underlying data source.

+ properties: + DisableSsl: + type: boolean + description:

A Boolean option to control whether SSL should be disabled.

+ TeradataParameters: + type: object + description:

Teradata parameters.

+ properties: + Port: + type: number + maximum: 65535 + minimum: 1 + description:

Port.

+ Database: + type: string + maxLength: 128 + minLength: 1 + description:

Database.

+ Host: + type: string + maxLength: 256 + minLength: 1 + description:

Host.

+ required: + - Database + - Host + - Port + VpcConnectionProperties: + type: object + description:

VPC connection properties.

+ properties: + VpcConnectionArn: + type: string + description:

The Amazon Resource Name (ARN) for the VPC connection.

+ required: + - VpcConnectionArn + DataSource: + type: object + properties: + AlternateDataSourceParameters: + type: array + items: + $ref: '#/components/schemas/DataSourceParameters' + maxItems: 50 + minItems: 1 + description: |- +

A set of alternate data source parameters that you want to share for the credentials + stored with this data source. The credentials are applied in tandem with the data source + parameters when you copy a data source by using a create or update request. The API + operation compares the DataSourceParameters structure that's in the request + with the structures in the AlternateDataSourceParameters allow list. If the + structures are an exact match, the request is allowed to use the credentials from this + existing data source. If the AlternateDataSourceParameters list is null, + the Credentials originally used with this DataSourceParameters + are automatically allowed.

+ Arn: + type: string + description:

The Amazon Resource Name (ARN) of the data source.

+ AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + CreatedTime: + type: string + description:

The time that this data source was created.

+ format: date-time + Credentials: + $ref: '#/components/schemas/DataSourceCredentials' + DataSourceId: + type: string + DataSourceParameters: + $ref: '#/components/schemas/DataSourceParameters' + ErrorInfo: + $ref: '#/components/schemas/DataSourceErrorInfo' + LastUpdatedTime: + type: string + description:

The last time that this data source was updated.

+ format: date-time + Name: + type: string + maxLength: 128 + minLength: 1 + description:

A display name for the data source.

+ Permissions: + type: array + items: + $ref: '#/components/schemas/ResourcePermission' + maxItems: 64 + minItems: 1 + description:

A list of resource permissions on the data source.

+ SslProperties: + $ref: '#/components/schemas/SslProperties' + Status: + $ref: '#/components/schemas/ResourceStatus' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + description:

Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.

+ Type: + $ref: '#/components/schemas/DataSourceType' + VpcConnectionProperties: + $ref: '#/components/schemas/VpcConnectionProperties' + x-stackql-resource-name: data_source + x-stackql-primaryIdentifier: + - AwsAccountId + - DataSourceId + x-create-only-properties: + - AwsAccountId + - DataSourceId + - Type + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + - Status + x-required-permissions: + create: + - quicksight:CreateDataSource + - quicksight:DescribeDataSource + - quicksight:DescribeDataSourcePermissions + - quicksight:TagResource + - quicksight:ListTagsForResource + read: + - quicksight:DescribeDataSource + - quicksight:DescribeDataSourcePermissions + - quicksight:ListTagsForResource + update: + - quicksight:DescribeDataSource + - quicksight:DescribeDataSourcePermissions + - quicksight:UpdateDataSource + - quicksight:UpdateDataSourcePermissions + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + delete: + - quicksight:DescribeDataSource + - quicksight:DescribeDataSourcePermissions + - quicksight:DeleteDataSource + - quicksight:ListTagsForResource + list: + - quicksight:DescribeDataSource + - quicksight:ListDataSources + RefreshScheduleMap: + type: object + properties: + ScheduleId: + type: string + maxLength: 128 + minLength: 1 + description:

An unique identifier for the refresh schedule.

+ ScheduleFrequency: + type: object + description:

Information about the schedule frequency.

+ properties: + Interval: + type: string + enum: + - MINUTE15 + - MINUTE30 + - HOURLY + - DAILY + - WEEKLY + - MONTHLY + RefreshOnDay: + type: object + description:

The day scheduled for refresh.

+ properties: + DayOfWeek: + type: string + enum: + - SUNDAY + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + DayOfMonth: + type: string + maxLength: 128 + minLength: 1 + description:

The Day Of Month for scheduled refresh.

+ additionalProperties: false + required: [] + TimeZone: + type: string + maxLength: 128 + minLength: 1 + description:

The timezone for scheduled refresh.

+ TimeOfTheDay: + type: string + maxLength: 128 + minLength: 1 + description:

The time of the day for scheduled refresh.

+ additionalProperties: false + required: [] + StartAfterDateTime: + type: string + maxLength: 128 + minLength: 1 + description:

The date time after which refresh is to be scheduled

+ RefreshType: + type: string + enum: + - FULL_REFRESH + - INCREMENTAL_REFRESH + additionalProperties: false + required: [] + RefreshSchedule: + type: object + properties: + Arn: + type: string + description:

The Amazon Resource Name (ARN) of the data source.

+ AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + DataSetId: + type: string + Schedule: + $ref: '#/components/schemas/RefreshScheduleMap' + required: [] + x-stackql-resource-name: refresh_schedule + x-stackql-primaryIdentifier: + - AwsAccountId + - DataSetId + - Schedule/ScheduleId + x-create-only-properties: + - AwsAccountId + - DataSetId + - Schedule/ScheduleId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - quicksight:CreateRefreshSchedule + - quicksight:DescribeRefreshSchedule + update: + - quicksight:UpdateRefreshSchedule + - quicksight:DescribeRefreshSchedule + delete: + - quicksight:DeleteRefreshSchedule + - quicksight:DescribeRefreshSchedule + list: + - quicksight:ListRefreshSchedules + read: + - quicksight:DescribeRefreshSchedule + ColumnGroupColumnSchema: + type: object + properties: + Name: + type: string + additionalProperties: false + ColumnGroupSchema: + type: object + properties: + Name: + type: string + ColumnGroupColumnSchemaList: + type: array + items: + $ref: '#/components/schemas/ColumnGroupColumnSchema' + maxItems: 500 + minItems: 0 + additionalProperties: false + ColumnSchema: + type: object + properties: + Name: + type: string + DataType: + type: string + GeographicRole: + type: string + additionalProperties: false + DataSetConfiguration: + type: object + properties: + Placeholder: + type: string + DataSetSchema: + $ref: '#/components/schemas/DataSetSchema' + ColumnGroupSchemaList: + type: array + items: + $ref: '#/components/schemas/ColumnGroupSchema' + maxItems: 500 + minItems: 0 + additionalProperties: false + DataSetSchema: + type: object + properties: + ColumnSchemaList: + type: array + items: + $ref: '#/components/schemas/ColumnSchema' + maxItems: 500 + minItems: 0 + additionalProperties: false + TemplateError: + type: object + properties: + Type: + $ref: '#/components/schemas/TemplateErrorType' + Message: + type: string + pattern: .*\S.* + ViolatedEntities: + type: array + items: + $ref: '#/components/schemas/Entity' + maxItems: 200 + minItems: 0 + additionalProperties: false + TemplateErrorType: + type: string + enum: + - SOURCE_NOT_FOUND + - DATA_SET_NOT_FOUND + - INTERNAL_FAILURE + - ACCESS_DENIED + TemplateSourceAnalysis: + type: object + properties: + Arn: + type: string + DataSetReferences: + type: array + items: + $ref: '#/components/schemas/DataSetReference' + minItems: 1 + required: + - Arn + - DataSetReferences + additionalProperties: false + TemplateSourceEntity: + type: object + properties: + SourceAnalysis: + $ref: '#/components/schemas/TemplateSourceAnalysis' + SourceTemplate: + $ref: '#/components/schemas/TemplateSourceTemplate' + additionalProperties: false + TemplateSourceTemplate: + type: object + properties: + Arn: + type: string + required: + - Arn + additionalProperties: false + TemplateVersion: + type: object + properties: + CreatedTime: + type: string + format: date-time + Errors: + type: array + items: + $ref: '#/components/schemas/TemplateError' + minItems: 1 + VersionNumber: + type: number + minimum: 1 + Status: + $ref: '#/components/schemas/ResourceStatus' + DataSetConfigurations: + type: array + items: + $ref: '#/components/schemas/DataSetConfiguration' + maxItems: 30 + minItems: 0 + Description: + type: string + maxLength: 512 + minLength: 1 + SourceEntityArn: + type: string + ThemeArn: + type: string + Sheets: + type: array + items: + $ref: '#/components/schemas/Sheet' + maxItems: 20 + minItems: 0 + additionalProperties: false + TemplateVersionDefinition: + type: object + properties: + DataSetConfigurations: + type: array + items: + $ref: '#/components/schemas/DataSetConfiguration' + maxItems: 30 + minItems: 0 + Sheets: + type: array + items: + $ref: '#/components/schemas/SheetDefinition' + maxItems: 20 + minItems: 0 + CalculatedFields: + type: array + items: + $ref: '#/components/schemas/CalculatedField' + maxItems: 500 + minItems: 0 + ParameterDeclarations: + type: array + items: + $ref: '#/components/schemas/ParameterDeclaration' + maxItems: 200 + minItems: 0 + FilterGroups: + type: array + items: + $ref: '#/components/schemas/FilterGroup' + maxItems: 2000 + minItems: 0 + ColumnConfigurations: + type: array + items: + $ref: '#/components/schemas/ColumnConfiguration' + maxItems: 200 + minItems: 0 + AnalysisDefaults: + $ref: '#/components/schemas/AnalysisDefaults' + Options: + $ref: '#/components/schemas/AssetOptions' + required: + - DataSetConfigurations + additionalProperties: false + Template: + type: object + properties: + Arn: + type: string + AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + CreatedTime: + type: string + format: date-time + Definition: + $ref: '#/components/schemas/TemplateVersionDefinition' + LastUpdatedTime: + type: string + format: date-time + Name: + type: string + maxLength: 2048 + minLength: 1 + Permissions: + type: array + items: + $ref: '#/components/schemas/ResourcePermission' + maxItems: 64 + minItems: 1 + SourceEntity: + $ref: '#/components/schemas/TemplateSourceEntity' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + TemplateId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + ValidationStrategy: + $ref: '#/components/schemas/ValidationStrategy' + Version: + $ref: '#/components/schemas/TemplateVersion' + VersionDescription: + type: string + maxLength: 512 + minLength: 1 + required: + - AwsAccountId + - TemplateId + x-stackql-resource-name: template + x-stackql-primaryIdentifier: + - AwsAccountId + - TemplateId + x-create-only-properties: + - AwsAccountId + - TemplateId + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + - Version + x-required-permissions: + create: + - quicksight:DescribeTemplate + - quicksight:DescribeTemplatePermissions + - quicksight:CreateTemplate + - quicksight:DescribeAnalysis + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + read: + - quicksight:DescribeTemplate + - quicksight:DescribeTemplatePermissions + - quicksight:ListTagsForResource + update: + - quicksight:DescribeTemplate + - quicksight:DescribeTemplatePermissions + - quicksight:UpdateTemplate + - quicksight:UpdateTemplatePermissions + - quicksight:PassDataSet + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + delete: + - quicksight:DescribeTemplate + - quicksight:DeleteTemplate + list: + - quicksight:ListTemplates + BorderStyle: + type: object + properties: + Show: + type: boolean + default: null + additionalProperties: false + DataColorPalette: + type: object + properties: + Colors: + type: array + items: + type: string + pattern: ^#[A-F0-9]{6}$ + maxItems: 100 + minItems: 0 + MinMaxGradient: + type: array + items: + type: string + pattern: ^#[A-F0-9]{6}$ + maxItems: 100 + minItems: 0 + EmptyFillColor: + type: string + pattern: ^#[A-F0-9]{6}$ + additionalProperties: false + Font: + type: object + properties: + FontFamily: + type: string + additionalProperties: false + GutterStyle: + type: object + properties: + Show: + type: boolean + default: null + additionalProperties: false + MarginStyle: + type: object + properties: + Show: + type: boolean + default: null + additionalProperties: false + SheetStyle: + type: object + properties: + Tile: + $ref: '#/components/schemas/TileStyle' + TileLayout: + $ref: '#/components/schemas/TileLayoutStyle' + additionalProperties: false + ThemeConfiguration: + type: object + properties: + DataColorPalette: + $ref: '#/components/schemas/DataColorPalette' + UIColorPalette: + $ref: '#/components/schemas/UIColorPalette' + Sheet: + $ref: '#/components/schemas/SheetStyle' + Typography: + $ref: '#/components/schemas/Typography' + additionalProperties: false + ThemeError: + type: object + properties: + Type: + $ref: '#/components/schemas/ThemeErrorType' + Message: + type: string + pattern: .*\S.* + additionalProperties: false + ThemeErrorType: + type: string + enum: + - INTERNAL_FAILURE + ThemeType: + type: string + enum: + - QUICKSIGHT + - CUSTOM + - ALL + ThemeVersion: + type: object + properties: + VersionNumber: + type: number + minimum: 1 + Arn: + type: string + Description: + type: string + maxLength: 512 + minLength: 1 + BaseThemeId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + CreatedTime: + type: string + format: date-time + Configuration: + $ref: '#/components/schemas/ThemeConfiguration' + Errors: + type: array + items: + $ref: '#/components/schemas/ThemeError' + minItems: 1 + Status: + $ref: '#/components/schemas/ResourceStatus' + additionalProperties: false + TileLayoutStyle: + type: object + properties: + Gutter: + $ref: '#/components/schemas/GutterStyle' + Margin: + $ref: '#/components/schemas/MarginStyle' + additionalProperties: false + TileStyle: + type: object + properties: + Border: + $ref: '#/components/schemas/BorderStyle' + additionalProperties: false + Typography: + type: object + properties: + FontFamilies: + type: array + items: + $ref: '#/components/schemas/Font' + maxItems: 5 + minItems: 0 + additionalProperties: false + UIColorPalette: + type: object + properties: + PrimaryForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + PrimaryBackground: + type: string + pattern: ^#[A-F0-9]{6}$ + SecondaryForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + SecondaryBackground: + type: string + pattern: ^#[A-F0-9]{6}$ + Accent: + type: string + pattern: ^#[A-F0-9]{6}$ + AccentForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + Danger: + type: string + pattern: ^#[A-F0-9]{6}$ + DangerForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + Warning: + type: string + pattern: ^#[A-F0-9]{6}$ + WarningForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + Success: + type: string + pattern: ^#[A-F0-9]{6}$ + SuccessForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + Dimension: + type: string + pattern: ^#[A-F0-9]{6}$ + DimensionForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + Measure: + type: string + pattern: ^#[A-F0-9]{6}$ + MeasureForeground: + type: string + pattern: ^#[A-F0-9]{6}$ + additionalProperties: false + Theme: + type: object + properties: + Arn: + type: string + AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + BaseThemeId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Configuration: + $ref: '#/components/schemas/ThemeConfiguration' + CreatedTime: + type: string + format: date-time + LastUpdatedTime: + type: string + format: date-time + Name: + type: string + maxLength: 2048 + minLength: 1 + Permissions: + type: array + items: + $ref: '#/components/schemas/ResourcePermission' + maxItems: 64 + minItems: 1 + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + ThemeId: + type: string + maxLength: 512 + minLength: 1 + pattern: '[\w\-]+' + Type: + $ref: '#/components/schemas/ThemeType' + Version: + $ref: '#/components/schemas/ThemeVersion' + VersionDescription: + type: string + maxLength: 512 + minLength: 1 + required: + - AwsAccountId + - ThemeId + - BaseThemeId + - Configuration + - Name + x-stackql-resource-name: theme + x-stackql-primaryIdentifier: + - ThemeId + - AwsAccountId + x-create-only-properties: + - AwsAccountId + - ThemeId + x-read-only-properties: + - CreatedTime + - Version + - LastUpdatedTime + - Arn + - Type + x-required-permissions: + read: + - quicksight:DescribeTheme + - quicksight:DescribeThemePermissions + - quicksight:ListTagsForResource + create: + - quicksight:DescribeTheme + - quicksight:DescribeThemePermissions + - quicksight:CreateTheme + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + list: + - quicksight:ListThemes + update: + - quicksight:DescribeTheme + - quicksight:DescribeThemePermissions + - quicksight:UpdateTheme + - quicksight:UpdateThemePermissions + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + delete: + - quicksight:DescribeTheme + - quicksight:DeleteTheme + AggregationFunctionParameters: + type: object + x-patternProperties: + .+: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + AuthorSpecifiedAggregation: + type: string + enum: + - COUNT + - DISTINCT_COUNT + - MIN + - MAX + - MEDIAN + - SUM + - AVERAGE + - STDEV + - STDEVP + - VAR + - VARP + - PERCENTILE + CategoryFilterFunction: + type: string + enum: + - EXACT + - CONTAINS + CategoryFilterType: + type: string + enum: + - CUSTOM_FILTER + - CUSTOM_FILTER_LIST + - FILTER_LIST + CellValueSynonym: + type: object + properties: + CellValue: + type: string + maxLength: 256 + minLength: 0 + Synonyms: + type: array + items: + type: string + additionalProperties: false + CollectiveConstant: + type: object + properties: + ValueList: + type: array + items: + type: string + additionalProperties: false + ColumnDataRole: + type: string + enum: + - DIMENSION + - MEASURE + ColumnOrderingType: + type: string + enum: + - GREATER_IS_BETTER + - LESSER_IS_BETTER + - SPECIFIED + ComparativeOrder: + type: object + properties: + UseOrdering: + $ref: '#/components/schemas/ColumnOrderingType' + SpecifedOrder: + type: array + items: + type: string + TreatUndefinedSpecifiedValues: + $ref: '#/components/schemas/UndefinedSpecifiedValueType' + additionalProperties: false + ConstantType: + type: string + enum: + - SINGULAR + - RANGE + - COLLECTIVE + DataAggregation: + type: object + properties: + DatasetRowDateGranularity: + $ref: '#/components/schemas/TopicTimeGranularity' + DefaultDateColumnName: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + DatasetMetadata: + type: object + properties: + DatasetArn: + type: string + DatasetName: + type: string + maxLength: 256 + minLength: 0 + DatasetDescription: + type: string + maxLength: 256 + minLength: 0 + DataAggregation: + $ref: '#/components/schemas/DataAggregation' + Filters: + type: array + items: + $ref: '#/components/schemas/TopicFilter' + Columns: + type: array + items: + $ref: '#/components/schemas/TopicColumn' + CalculatedFields: + type: array + items: + $ref: '#/components/schemas/TopicCalculatedField' + NamedEntities: + type: array + items: + $ref: '#/components/schemas/TopicNamedEntity' + required: + - DatasetArn + additionalProperties: false + DefaultAggregation: + type: string + enum: + - SUM + - MAX + - MIN + - COUNT + - DISTINCT_COUNT + - AVERAGE + - MEDIAN + - STDEV + - STDEVP + - VAR + - VARP + DefaultFormatting: + type: object + properties: + DisplayFormat: + $ref: '#/components/schemas/DisplayFormat' + DisplayFormatOptions: + $ref: '#/components/schemas/DisplayFormatOptions' + additionalProperties: false + DisplayFormat: + type: string + enum: + - AUTO + - PERCENT + - CURRENCY + - NUMBER + - DATE + - STRING + DisplayFormatOptions: + type: object + properties: + UseBlankCellFormat: + type: boolean + default: false + BlankCellFormat: + type: string + maxLength: 256 + minLength: 0 + DateFormat: + type: string + maxLength: 256 + minLength: 0 + DecimalSeparator: + $ref: '#/components/schemas/TopicNumericSeparatorSymbol' + GroupingSeparator: + type: string + maxLength: 256 + minLength: 0 + UseGrouping: + type: boolean + default: false + FractionDigits: + type: number + default: 0 + Prefix: + type: string + maxLength: 256 + minLength: 0 + Suffix: + type: string + maxLength: 256 + minLength: 0 + UnitScaler: + $ref: '#/components/schemas/NumberScale' + NegativeFormat: + $ref: '#/components/schemas/NegativeFormat' + CurrencySymbol: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + FilterClass: + type: string + enum: + - ENFORCED_VALUE_FILTER + - CONDITIONAL_VALUE_FILTER + - NAMED_VALUE_FILTER + NamedEntityAggType: + type: string + enum: + - SUM + - MIN + - MAX + - COUNT + - AVERAGE + - DISTINCT_COUNT + - STDEV + - STDEVP + - VAR + - VARP + - PERCENTILE + - MEDIAN + - CUSTOM + NamedEntityDefinition: + type: object + properties: + FieldName: + type: string + maxLength: 256 + minLength: 0 + PropertyName: + type: string + maxLength: 256 + minLength: 0 + PropertyRole: + $ref: '#/components/schemas/PropertyRole' + PropertyUsage: + $ref: '#/components/schemas/PropertyUsage' + Metric: + $ref: '#/components/schemas/NamedEntityDefinitionMetric' + additionalProperties: false + NamedEntityDefinitionMetric: + type: object + properties: + Aggregation: + $ref: '#/components/schemas/NamedEntityAggType' + AggregationFunctionParameters: + $ref: '#/components/schemas/AggregationFunctionParameters' + additionalProperties: false + NamedFilterAggType: + type: string + enum: + - NO_AGGREGATION + - SUM + - AVERAGE + - COUNT + - DISTINCT_COUNT + - MAX + - MEDIAN + - MIN + - STDEV + - STDEVP + - VAR + - VARP + NamedFilterType: + type: string + enum: + - CATEGORY_FILTER + - NUMERIC_EQUALITY_FILTER + - NUMERIC_RANGE_FILTER + - DATE_RANGE_FILTER + - RELATIVE_DATE_FILTER + NegativeFormat: + type: object + properties: + Prefix: + type: string + maxLength: 256 + minLength: 0 + Suffix: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + PropertyRole: + type: string + enum: + - PRIMARY + - ID + PropertyUsage: + type: string + enum: + - INHERIT + - DIMENSION + - MEASURE + RangeConstant: + type: object + properties: + Minimum: + type: string + maxLength: 256 + minLength: 0 + Maximum: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + SemanticEntityType: + type: object + properties: + TypeName: + type: string + maxLength: 256 + minLength: 0 + SubTypeName: + type: string + maxLength: 256 + minLength: 0 + TypeParameters: + $ref: '#/components/schemas/TypeParameters' + additionalProperties: false + SemanticType: + type: object + properties: + TypeName: + type: string + maxLength: 256 + minLength: 0 + SubTypeName: + type: string + maxLength: 256 + minLength: 0 + TypeParameters: + $ref: '#/components/schemas/TypeParameters' + TruthyCellValue: + type: string + TruthyCellValueSynonyms: + type: array + items: + type: string + FalseyCellValue: + type: string + FalseyCellValueSynonyms: + type: array + items: + type: string + additionalProperties: false + TopicCalculatedField: + type: object + properties: + CalculatedFieldName: + type: string + maxLength: 256 + minLength: 0 + CalculatedFieldDescription: + type: string + maxLength: 256 + minLength: 0 + Expression: + type: string + maxLength: 4096 + minLength: 1 + CalculatedFieldSynonyms: + type: array + items: + type: string + maxLength: 256 + minLength: 0 + IsIncludedInTopic: + type: boolean + default: false + ColumnDataRole: + $ref: '#/components/schemas/ColumnDataRole' + TimeGranularity: + $ref: '#/components/schemas/TopicTimeGranularity' + DefaultFormatting: + $ref: '#/components/schemas/DefaultFormatting' + Aggregation: + $ref: '#/components/schemas/DefaultAggregation' + ComparativeOrder: + $ref: '#/components/schemas/ComparativeOrder' + SemanticType: + $ref: '#/components/schemas/SemanticType' + AllowedAggregations: + type: array + items: + $ref: '#/components/schemas/AuthorSpecifiedAggregation' + NotAllowedAggregations: + type: array + items: + $ref: '#/components/schemas/AuthorSpecifiedAggregation' + NeverAggregateInFilter: + type: boolean + default: false + NonAdditive: + type: boolean + default: false + CellValueSynonyms: + type: array + items: + $ref: '#/components/schemas/CellValueSynonym' + required: + - CalculatedFieldName + - Expression + additionalProperties: false + TopicCategoryFilter: + type: object + properties: + CategoryFilterFunction: + $ref: '#/components/schemas/CategoryFilterFunction' + CategoryFilterType: + $ref: '#/components/schemas/CategoryFilterType' + Constant: + $ref: '#/components/schemas/TopicCategoryFilterConstant' + Inverse: + type: boolean + default: false + additionalProperties: false + TopicCategoryFilterConstant: + type: object + properties: + ConstantType: + $ref: '#/components/schemas/ConstantType' + SingularConstant: + type: string + maxLength: 256 + minLength: 0 + CollectiveConstant: + $ref: '#/components/schemas/CollectiveConstant' + additionalProperties: false + TopicColumn: + type: object + properties: + ColumnName: + type: string + maxLength: 256 + minLength: 0 + ColumnFriendlyName: + type: string + maxLength: 256 + minLength: 0 + ColumnDescription: + type: string + maxLength: 256 + minLength: 0 + ColumnSynonyms: + type: array + items: + type: string + maxLength: 256 + minLength: 0 + ColumnDataRole: + $ref: '#/components/schemas/ColumnDataRole' + Aggregation: + $ref: '#/components/schemas/DefaultAggregation' + IsIncludedInTopic: + type: boolean + default: false + ComparativeOrder: + $ref: '#/components/schemas/ComparativeOrder' + SemanticType: + $ref: '#/components/schemas/SemanticType' + TimeGranularity: + $ref: '#/components/schemas/TopicTimeGranularity' + AllowedAggregations: + type: array + items: + $ref: '#/components/schemas/AuthorSpecifiedAggregation' + NotAllowedAggregations: + type: array + items: + $ref: '#/components/schemas/AuthorSpecifiedAggregation' + DefaultFormatting: + $ref: '#/components/schemas/DefaultFormatting' + NeverAggregateInFilter: + type: boolean + default: false + NonAdditive: + type: boolean + default: false + CellValueSynonyms: + type: array + items: + $ref: '#/components/schemas/CellValueSynonym' + required: + - ColumnName + additionalProperties: false + TopicDateRangeFilter: + type: object + properties: + Inclusive: + type: boolean + default: false + Constant: + $ref: '#/components/schemas/TopicRangeFilterConstant' + additionalProperties: false + TopicDetails: + type: object + properties: + Name: + type: string + maxLength: 128 + minLength: 1 + Description: + type: string + maxLength: 256 + minLength: 0 + DataSets: + type: array + items: + $ref: '#/components/schemas/DatasetMetadata' + UserExperienceVersion: + $ref: '#/components/schemas/TopicUserExperienceVersion' + additionalProperties: false + TopicFilter: + type: object + properties: + FilterDescription: + type: string + maxLength: 256 + minLength: 0 + FilterClass: + $ref: '#/components/schemas/FilterClass' + FilterName: + type: string + maxLength: 256 + minLength: 0 + FilterSynonyms: + type: array + items: + type: string + maxLength: 256 + minLength: 0 + OperandFieldName: + type: string + maxLength: 256 + minLength: 0 + FilterType: + $ref: '#/components/schemas/NamedFilterType' + CategoryFilter: + $ref: '#/components/schemas/TopicCategoryFilter' + NumericEqualityFilter: + $ref: '#/components/schemas/TopicNumericEqualityFilter' + NumericRangeFilter: + $ref: '#/components/schemas/TopicNumericRangeFilter' + DateRangeFilter: + $ref: '#/components/schemas/TopicDateRangeFilter' + RelativeDateFilter: + $ref: '#/components/schemas/TopicRelativeDateFilter' + required: + - FilterName + - OperandFieldName + additionalProperties: false + TopicNamedEntity: + type: object + properties: + EntityName: + type: string + maxLength: 256 + minLength: 0 + EntityDescription: + type: string + maxLength: 256 + minLength: 0 + EntitySynonyms: + type: array + items: + type: string + maxLength: 256 + minLength: 0 + SemanticEntityType: + $ref: '#/components/schemas/SemanticEntityType' + Definition: + type: array + items: + $ref: '#/components/schemas/NamedEntityDefinition' + required: + - EntityName + additionalProperties: false + TopicNumericEqualityFilter: + type: object + properties: + Constant: + $ref: '#/components/schemas/TopicSingularFilterConstant' + Aggregation: + $ref: '#/components/schemas/NamedFilterAggType' + additionalProperties: false + TopicNumericRangeFilter: + type: object + properties: + Inclusive: + type: boolean + default: false + Constant: + $ref: '#/components/schemas/TopicRangeFilterConstant' + Aggregation: + $ref: '#/components/schemas/NamedFilterAggType' + additionalProperties: false + TopicNumericSeparatorSymbol: + type: string + enum: + - COMMA + - DOT + TopicRangeFilterConstant: + type: object + properties: + ConstantType: + $ref: '#/components/schemas/ConstantType' + RangeConstant: + $ref: '#/components/schemas/RangeConstant' + additionalProperties: false + TopicRelativeDateFilter: + type: object + properties: + TimeGranularity: + $ref: '#/components/schemas/TopicTimeGranularity' + RelativeDateFilterFunction: + $ref: '#/components/schemas/TopicRelativeDateFilterFunction' + Constant: + $ref: '#/components/schemas/TopicSingularFilterConstant' + additionalProperties: false + TopicRelativeDateFilterFunction: + type: string + enum: + - PREVIOUS + - THIS + - LAST + - NEXT + - NOW + TopicSingularFilterConstant: + type: object + properties: + ConstantType: + $ref: '#/components/schemas/ConstantType' + SingularConstant: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + TopicTimeGranularity: + type: string + enum: + - SECOND + - MINUTE + - HOUR + - DAY + - WEEK + - MONTH + - QUARTER + - YEAR + TopicUserExperienceVersion: + type: string + enum: + - LEGACY + - NEW_READER_EXPERIENCE + TypeParameters: + type: object + x-patternProperties: + .+: + type: string + maxLength: 256 + minLength: 0 + additionalProperties: false + UndefinedSpecifiedValueType: + type: string + enum: + - LEAST + - MOST + Topic: + type: object + properties: + Arn: + type: string + AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + DataSets: + type: array + items: + $ref: '#/components/schemas/DatasetMetadata' + Description: + type: string + maxLength: 256 + minLength: 0 + Name: + type: string + maxLength: 128 + minLength: 1 + TopicId: + type: string + maxLength: 256 + minLength: 0 + pattern: ^[A-Za-z0-9-_.\\+]*$ + UserExperienceVersion: + $ref: '#/components/schemas/TopicUserExperienceVersion' + x-stackql-resource-name: topic + x-stackql-primaryIdentifier: + - AwsAccountId + - TopicId + x-create-only-properties: + - AwsAccountId + - TopicId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - quicksight:CreateTopic + - quicksight:PassDataSet + - quicksight:DescribeTopicRefresh + read: + - quicksight:DescribeTopic + update: + - quicksight:UpdateTopic + - quicksight:PassDataSet + - quicksight:DescribeTopicRefresh + delete: + - quicksight:DeleteTopic + list: + - quicksight:ListTopics + Arn: + type: string + DnsResolvers: + type: array + items: + type: string + x-insertionOrder: false + NetworkInterfaces: + type: array + items: + $ref: '#/components/schemas/NetworkInterface' + maxItems: 15 + x-insertionOrder: false + NetworkInterface: + type: object + properties: + SubnetId: + $ref: '#/components/schemas/SubnetId' + AvailabilityZone: + type: string + ErrorMessage: + type: string + Status: + type: string + enum: + - CREATING + - AVAILABLE + - CREATION_FAILED + - UPDATING + - UPDATE_FAILED + - DELETING + - DELETED + - DELETION_FAILED + - DELETION_SCHEDULED + - ATTACHMENT_FAILED_ROLLBACK_FAILED + NetworkInterfaceId: + $ref: '#/components/schemas/NetworkInterfaceId' + additionalProperties: false + required: [] + NetworkInterfaceId: + type: string + pattern: ^eni-[0-9a-z]*$ + maxLength: 255 + RoleArn: + type: string + SecurityGroupIds: + type: array + items: + $ref: '#/components/schemas/SecurityGroupId' + maxItems: 16 + minItems: 1 + x-insertionOrder: false + SecurityGroupId: + type: string + pattern: ^sg-[0-9a-z]*$ + maxItems: 255 + minItems: 1 + SubnetIds: + type: array + items: + $ref: '#/components/schemas/SubnetId' + maxItems: 15 + minItems: 2 + x-insertionOrder: false + SubnetId: + type: string + pattern: ^subnet-[0-9a-z]*$ + maxLength: 255 + minLength: 1 + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 1 + x-insertionOrder: false + VPCConnectionId: + type: string + maxLength: 1000 + minLength: 1 + pattern: '[\w\-]+' + VPCId: + type: string + VPCConnectionResourceStatus: + type: string + enum: + - CREATION_IN_PROGRESS + - CREATION_SUCCESSFUL + - CREATION_FAILED + - UPDATE_IN_PROGRESS + - UPDATE_SUCCESSFUL + - UPDATE_FAILED + - DELETION_IN_PROGRESS + - DELETION_FAILED + - DELETED + VPCConnectionAvailabilityStatus: + type: string + enum: + - AVAILABLE + - UNAVAILABLE + - PARTIALLY_AVAILABLE + VPCConnection: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + AwsAccountId: + type: string + maxLength: 12 + minLength: 12 + pattern: ^[0-9]{12}$ + Name: + type: string + maxLength: 128 + minLength: 1 + VPCConnectionId: + $ref: '#/components/schemas/VPCConnectionId' + VPCId: + $ref: '#/components/schemas/VPCId' + SecurityGroupIds: + $ref: '#/components/schemas/SecurityGroupIds' + SubnetIds: + $ref: '#/components/schemas/SubnetIds' + DnsResolvers: + $ref: '#/components/schemas/DnsResolvers' + Status: + $ref: '#/components/schemas/VPCConnectionResourceStatus' + AvailabilityStatus: + $ref: '#/components/schemas/VPCConnectionAvailabilityStatus' + NetworkInterfaces: + $ref: '#/components/schemas/NetworkInterfaces' + RoleArn: + $ref: '#/components/schemas/RoleArn' + CreatedTime: + type: string + format: date-time + LastUpdatedTime: + type: string + format: date-time + Tags: + $ref: '#/components/schemas/Tags' + x-stackql-resource-name: vpc_connection + x-stackql-primaryIdentifier: + - AwsAccountId + - VPCConnectionId + x-create-only-properties: + - AwsAccountId + - VPCConnectionId + x-read-only-properties: + - Arn + - CreatedTime + - LastUpdatedTime + - NetworkInterfaces + - Status + - VPCId + x-required-permissions: + create: + - quicksight:CreateVPCConnection + - quicksight:DescribeVPCConnection + - quicksight:ListTagsForResource + - quicksight:TagResource + - iam:PassRole + read: + - quicksight:DescribeVPCConnection + - quicksight:ListTagsForResource + update: + - quicksight:DescribeVPCConnection + - quicksight:UpdateVPCConnection + - quicksight:TagResource + - quicksight:UntagResource + - quicksight:ListTagsForResource + - iam:PassRole + delete: + - quicksight:DescribeVPCConnection + - quicksight:DeleteVPCConnection + - quicksight:ListTagsForResource + - iam:PassRole + list: + - quicksight:ListVPCConnections + x-stackQL-resources: + analyses: + name: analyses + id: awscc.quicksight.analyses + x-cfn-schema-name: Analysis + x-type: list + x-identifiers: + - AnalysisId + - AwsAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AnalysisId') as analysis_id, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Analysis' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AnalysisId') as analysis_id, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Analysis' + AND region = 'us-east-1' + analysis: + name: analysis + id: awscc.quicksight.analysis + x-cfn-schema-name: Analysis + x-type: get + x-identifiers: + - AnalysisId + - AwsAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AnalysisId') as analysis_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.DataSetArns') as data_set_arns, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.Errors') as errors, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.Sheets') as sheets, + JSON_EXTRACT(Properties, '$.SourceEntity') as source_entity, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ThemeArn') as theme_arn, + JSON_EXTRACT(Properties, '$.ValidationStrategy') as validation_strategy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Analysis' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AnalysisId') as analysis_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'DataSetArns') as data_set_arns, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'Errors') as errors, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'Sheets') as sheets, + json_extract_path_text(Properties, 'SourceEntity') as source_entity, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ThemeArn') as theme_arn, + json_extract_path_text(Properties, 'ValidationStrategy') as validation_strategy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Analysis' + AND data__Identifier = '' + AND region = 'us-east-1' + dashboards: + name: dashboards + id: awscc.quicksight.dashboards + x-cfn-schema-name: Dashboard + x-type: list + x-identifiers: + - AwsAccountId + - DashboardId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.DashboardId') as dashboard_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Dashboard' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'DashboardId') as dashboard_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Dashboard' + AND region = 'us-east-1' + dashboard: + name: dashboard + id: awscc.quicksight.dashboard + x-cfn-schema-name: Dashboard + x-type: get + x-identifiers: + - AwsAccountId + - DashboardId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.DashboardId') as dashboard_id, + JSON_EXTRACT(Properties, '$.DashboardPublishOptions') as dashboard_publish_options, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.LastPublishedTime') as last_published_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.LinkEntities') as link_entities, + JSON_EXTRACT(Properties, '$.LinkSharingConfiguration') as link_sharing_configuration, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.SourceEntity') as source_entity, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ThemeArn') as theme_arn, + JSON_EXTRACT(Properties, '$.ValidationStrategy') as validation_strategy, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.VersionDescription') as version_description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Dashboard' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'DashboardId') as dashboard_id, + json_extract_path_text(Properties, 'DashboardPublishOptions') as dashboard_publish_options, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'LastPublishedTime') as last_published_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'LinkEntities') as link_entities, + json_extract_path_text(Properties, 'LinkSharingConfiguration') as link_sharing_configuration, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'SourceEntity') as source_entity, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ThemeArn') as theme_arn, + json_extract_path_text(Properties, 'ValidationStrategy') as validation_strategy, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'VersionDescription') as version_description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Dashboard' + AND data__Identifier = '' + AND region = 'us-east-1' + data_sets: + name: data_sets + id: awscc.quicksight.data_sets + x-cfn-schema-name: DataSet + x-type: list + x-identifiers: + - AwsAccountId + - DataSetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.DataSetId') as data_set_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::DataSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'DataSetId') as data_set_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::DataSet' + AND region = 'us-east-1' + data_set: + name: data_set + id: awscc.quicksight.data_set + x-cfn-schema-name: DataSet + x-type: get + x-identifiers: + - AwsAccountId + - DataSetId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.ColumnGroups') as column_groups, + JSON_EXTRACT(Properties, '$.ColumnLevelPermissionRules') as column_level_permission_rules, + JSON_EXTRACT(Properties, '$.ConsumedSpiceCapacityInBytes') as consumed_spice_capacity_in_bytes, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.DataSetId') as data_set_id, + JSON_EXTRACT(Properties, '$.DatasetParameters') as dataset_parameters, + JSON_EXTRACT(Properties, '$.FieldFolders') as field_folders, + JSON_EXTRACT(Properties, '$.ImportMode') as import_mode, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.LogicalTableMap') as logical_table_map, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.OutputColumns') as output_columns, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.PhysicalTableMap') as physical_table_map, + JSON_EXTRACT(Properties, '$.RowLevelPermissionDataSet') as row_level_permission_data_set, + JSON_EXTRACT(Properties, '$.RowLevelPermissionTagConfiguration') as row_level_permission_tag_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.IngestionWaitPolicy') as ingestion_wait_policy, + JSON_EXTRACT(Properties, '$.DataSetUsageConfiguration') as data_set_usage_configuration, + JSON_EXTRACT(Properties, '$.DataSetRefreshProperties') as data_set_refresh_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::DataSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'ColumnGroups') as column_groups, + json_extract_path_text(Properties, 'ColumnLevelPermissionRules') as column_level_permission_rules, + json_extract_path_text(Properties, 'ConsumedSpiceCapacityInBytes') as consumed_spice_capacity_in_bytes, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'DataSetId') as data_set_id, + json_extract_path_text(Properties, 'DatasetParameters') as dataset_parameters, + json_extract_path_text(Properties, 'FieldFolders') as field_folders, + json_extract_path_text(Properties, 'ImportMode') as import_mode, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'LogicalTableMap') as logical_table_map, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'OutputColumns') as output_columns, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'PhysicalTableMap') as physical_table_map, + json_extract_path_text(Properties, 'RowLevelPermissionDataSet') as row_level_permission_data_set, + json_extract_path_text(Properties, 'RowLevelPermissionTagConfiguration') as row_level_permission_tag_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'IngestionWaitPolicy') as ingestion_wait_policy, + json_extract_path_text(Properties, 'DataSetUsageConfiguration') as data_set_usage_configuration, + json_extract_path_text(Properties, 'DataSetRefreshProperties') as data_set_refresh_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::DataSet' + AND data__Identifier = '' + AND region = 'us-east-1' + data_sources: + name: data_sources + id: awscc.quicksight.data_sources + x-cfn-schema-name: DataSource + x-type: list + x-identifiers: + - AwsAccountId + - DataSourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.DataSourceId') as data_source_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::DataSource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'DataSourceId') as data_source_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::DataSource' + AND region = 'us-east-1' + data_source: + name: data_source + id: awscc.quicksight.data_source + x-cfn-schema-name: DataSource + x-type: get + x-identifiers: + - AwsAccountId + - DataSourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AlternateDataSourceParameters') as alternate_data_source_parameters, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.Credentials') as credentials, + JSON_EXTRACT(Properties, '$.DataSourceId') as data_source_id, + JSON_EXTRACT(Properties, '$.DataSourceParameters') as data_source_parameters, + JSON_EXTRACT(Properties, '$.ErrorInfo') as error_info, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.SslProperties') as ssl_properties, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.VpcConnectionProperties') as vpc_connection_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::DataSource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AlternateDataSourceParameters') as alternate_data_source_parameters, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'Credentials') as credentials, + json_extract_path_text(Properties, 'DataSourceId') as data_source_id, + json_extract_path_text(Properties, 'DataSourceParameters') as data_source_parameters, + json_extract_path_text(Properties, 'ErrorInfo') as error_info, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'SslProperties') as ssl_properties, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'VpcConnectionProperties') as vpc_connection_properties + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::DataSource' + AND data__Identifier = '' + AND region = 'us-east-1' + refresh_schedules: + name: refresh_schedules + id: awscc.quicksight.refresh_schedules + x-cfn-schema-name: RefreshSchedule + x-type: list + x-identifiers: + - AwsAccountId + - DataSetId + - Schedule/ScheduleId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.DataSetId') as data_set_id, + JSON_EXTRACT(Properties, '$.Schedule.ScheduleId') as schedule__schedule_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::RefreshSchedule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'DataSetId') as data_set_id, + json_extract_path_text(Properties, 'Schedule', 'ScheduleId') as schedule__schedule_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::RefreshSchedule' + AND region = 'us-east-1' + refresh_schedule: + name: refresh_schedule + id: awscc.quicksight.refresh_schedule + x-cfn-schema-name: RefreshSchedule + x-type: get + x-identifiers: + - AwsAccountId + - DataSetId + - Schedule/ScheduleId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.DataSetId') as data_set_id, + JSON_EXTRACT(Properties, '$.Schedule') as schedule + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::RefreshSchedule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'DataSetId') as data_set_id, + json_extract_path_text(Properties, 'Schedule') as schedule + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::RefreshSchedule' + AND data__Identifier = '' + AND region = 'us-east-1' + templates: + name: templates + id: awscc.quicksight.templates + x-cfn-schema-name: Template + x-type: list + x-identifiers: + - AwsAccountId + - TemplateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.TemplateId') as template_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Template' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'TemplateId') as template_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Template' + AND region = 'us-east-1' + template: + name: template + id: awscc.quicksight.template + x-cfn-schema-name: Template + x-type: get + x-identifiers: + - AwsAccountId + - TemplateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.SourceEntity') as source_entity, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TemplateId') as template_id, + JSON_EXTRACT(Properties, '$.ValidationStrategy') as validation_strategy, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.VersionDescription') as version_description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Template' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'SourceEntity') as source_entity, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TemplateId') as template_id, + json_extract_path_text(Properties, 'ValidationStrategy') as validation_strategy, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'VersionDescription') as version_description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Template' + AND data__Identifier = '' + AND region = 'us-east-1' + themes: + name: themes + id: awscc.quicksight.themes + x-cfn-schema-name: Theme + x-type: list + x-identifiers: + - ThemeId + - AwsAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ThemeId') as theme_id, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Theme' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ThemeId') as theme_id, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Theme' + AND region = 'us-east-1' + theme: + name: theme + id: awscc.quicksight.theme + x-cfn-schema-name: Theme + x-type: get + x-identifiers: + - ThemeId + - AwsAccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.BaseThemeId') as base_theme_id, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Permissions') as permissions, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ThemeId') as theme_id, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.VersionDescription') as version_description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Theme' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'BaseThemeId') as base_theme_id, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Permissions') as permissions, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ThemeId') as theme_id, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'VersionDescription') as version_description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Theme' + AND data__Identifier = '' + AND region = 'us-east-1' + topics: + name: topics + id: awscc.quicksight.topics + x-cfn-schema-name: Topic + x-type: list + x-identifiers: + - AwsAccountId + - TopicId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.TopicId') as topic_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Topic' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'TopicId') as topic_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::Topic' + AND region = 'us-east-1' + topic: + name: topic + id: awscc.quicksight.topic + x-cfn-schema-name: Topic + x-type: get + x-identifiers: + - AwsAccountId + - TopicId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.DataSets') as data_sets, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.TopicId') as topic_id, + JSON_EXTRACT(Properties, '$.UserExperienceVersion') as user_experience_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Topic' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'DataSets') as data_sets, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'TopicId') as topic_id, + json_extract_path_text(Properties, 'UserExperienceVersion') as user_experience_version + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::Topic' + AND data__Identifier = '' + AND region = 'us-east-1' + vpc_connections: + name: vpc_connections + id: awscc.quicksight.vpc_connections + x-cfn-schema-name: VPCConnection + x-type: list + x-identifiers: + - AwsAccountId + - VPCConnectionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.VPCConnectionId') as v_pc_connection_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::VPCConnection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'VPCConnectionId') as v_pc_connection_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::QuickSight::VPCConnection' + AND region = 'us-east-1' + vpc_connection: + name: vpc_connection + id: awscc.quicksight.vpc_connection + x-cfn-schema-name: VPCConnection + x-type: get + x-identifiers: + - AwsAccountId + - VPCConnectionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AwsAccountId') as aws_account_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.VPCConnectionId') as v_pc_connection_id, + JSON_EXTRACT(Properties, '$.VPCId') as v_pc_id, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.DnsResolvers') as dns_resolvers, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.AvailabilityStatus') as availability_status, + JSON_EXTRACT(Properties, '$.NetworkInterfaces') as network_interfaces, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.CreatedTime') as created_time, + JSON_EXTRACT(Properties, '$.LastUpdatedTime') as last_updated_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::VPCConnection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AwsAccountId') as aws_account_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'VPCConnectionId') as v_pc_connection_id, + json_extract_path_text(Properties, 'VPCId') as v_pc_id, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'DnsResolvers') as dns_resolvers, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'AvailabilityStatus') as availability_status, + json_extract_path_text(Properties, 'NetworkInterfaces') as network_interfaces, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'CreatedTime') as created_time, + json_extract_path_text(Properties, 'LastUpdatedTime') as last_updated_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::QuickSight::VPCConnection' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ram.yaml b/providers/src/awscc/v00.00.00000/services/ram.yaml new file mode 100644 index 00000000..6e0b8e4d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ram.yaml @@ -0,0 +1,157 @@ +openapi: 3.0.0 +info: + title: RAM + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + Permission: + type: object + properties: + Arn: + type: string + Name: + description: The name of the permission. + type: string + Version: + description: Version of the permission. + type: string + IsResourceTypeDefault: + description: Set to true to use this as the default permission. + type: boolean + PermissionType: + type: string + ResourceType: + description: The resource type this permission can be used with. + type: string + PolicyTemplate: + description: Policy template for the permission. + type: object + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - ResourceType + - PolicyTemplate + x-stackql-resource-name: permission + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - ResourceType + - PolicyTemplate + x-read-only-properties: + - Arn + - Version + - IsResourceTypeDefault + - PermissionType + x-required-permissions: + create: + - ram:CreatePermission + - ram:TagResource + read: + - ram:GetPermission + update: + - ram:CreatePermissionVersion + - ram:DeletePermissionVersion + - ram:SetDefaultPermissionVersion + - ram:GetPermission + - ram:ReplacePermissionAssociations + - ram:ListReplacePermissionAssociationsWork + - ram:ListPermissionVersions + - ram:UntagResource + - ram:TagResource + delete: + - ram:DeletePermissionVersion + - ram:DeletePermission + list: + - ram:ListPermissions + - ram:ListPermissionVersions + x-stackQL-resources: + permissions: + name: permissions + id: awscc.ram.permissions + x-cfn-schema-name: Permission + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RAM::Permission' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RAM::Permission' + AND region = 'us-east-1' + permission: + name: permission + id: awscc.ram.permission + x-cfn-schema-name: Permission + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.IsResourceTypeDefault') as is_resource_type_default, + JSON_EXTRACT(Properties, '$.PermissionType') as permission_type, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type, + JSON_EXTRACT(Properties, '$.PolicyTemplate') as policy_template, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RAM::Permission' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'IsResourceTypeDefault') as is_resource_type_default, + json_extract_path_text(Properties, 'PermissionType') as permission_type, + json_extract_path_text(Properties, 'ResourceType') as resource_type, + json_extract_path_text(Properties, 'PolicyTemplate') as policy_template, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RAM::Permission' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/rds.yaml b/providers/src/awscc/v00.00.00000/services/rds.yaml new file mode 100644 index 00000000..d8a42450 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/rds.yaml @@ -0,0 +1,3254 @@ +openapi: 3.0.0 +info: + title: RDS + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + required: + - Key + CustomDBEngineVersion: + type: object + properties: + DatabaseInstallationFilesS3BucketName: + type: string + description: The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files`. + minLength: 3 + maxLength: 63 + DatabaseInstallationFilesS3Prefix: + type: string + description: The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1`. If this setting isn't specified, no prefix is assumed. + minLength: 1 + maxLength: 255 + Description: + type: string + description: An optional description of your CEV. + minLength: 1 + maxLength: 1000 + Engine: + type: string + description: The database engine to use for your custom engine version (CEV). The only supported value is `custom-oracle-ee`. + minLength: 1 + maxLength: 35 + EngineVersion: + type: string + description: The name of your CEV. The name format is 19.customized_string . For example, a valid name is 19.my_cev1. This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Region. + minLength: 1 + maxLength: 60 + KMSKeyId: + type: string + description: The AWS KMS key identifier for an encrypted CEV. A symmetric KMS key is required for RDS Custom, but optional for Amazon RDS. + minLength: 1 + maxLength: 2048 + Manifest: + type: string + description: The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed. + minLength: 1 + maxLength: 51000 + DBEngineVersionArn: + type: string + description: The ARN of the custom engine version. + Status: + type: string + description: The availability status to be assigned to the CEV. + default: available + enum: + - available + - inactive + - inactive-except-restore + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DatabaseInstallationFilesS3BucketName + - Engine + - EngineVersion + x-stackql-resource-name: customdb_engine_version + x-stackql-primaryIdentifier: + - Engine + - EngineVersion + x-create-only-properties: + - Engine + - EngineVersion + - DatabaseInstallationFilesS3BucketName + - DatabaseInstallationFilesS3Prefix + - KMSKeyId + - Manifest + x-read-only-properties: + - DBEngineVersionArn + x-required-permissions: + create: + - kms:CreateGrant + - kms:DescribeKey + - mediaimport:CreateDatabaseBinarySnapshot + - rds:AddTagsToResource + - rds:CreateCustomDBEngineVersion + - rds:DescribeDBEngineVersions + - rds:ModifyCustomDBEngineVersion + - s3:CreateBucket + - s3:GetObject + - s3:GetObjectAcl + - s3:GetObjectTagging + - s3:ListBucket + - s3:PutBucketObjectLockConfiguration + - s3:PutBucketPolicy + - s3:PutBucketVersioning + read: + - rds:DescribeDBEngineVersions + update: + - rds:AddTagsToResource + - rds:DescribeDBEngineVersions + - rds:ModifyCustomDBEngineVersion + - rds:RemoveTagsFromResource + delete: + - rds:DeleteCustomDBEngineVersion + - rds:DescribeDBEngineVersions + list: + - rds:DescribeDBEngineVersions + Endpoint: + type: object + additionalProperties: false + properties: + Address: + type: string + description: Specifies the DNS address of the DB instance. + Port: + type: string + description: Specifies the port that the database engine is listening on. + HostedZoneId: + type: string + description: Specifies the ID that Amazon Route 53 assigns when you create a hosted zone. + description: |- + This data type represents the information you need to connect to an Amazon RDS DB instance. This data type is used as a response element in the following actions: + + ``CreateDBInstance`` + + ``DescribeDBInstances`` + + ``DeleteDBInstance`` + + For the data structure that represents Amazon Aurora DB cluster endpoints, see ``DBClusterEndpoint``. + ReadEndpoint: + type: object + additionalProperties: false + properties: + Address: + description: The reader endpoint for the DB cluster. + type: string + DBClusterRole: + description: Describes an AWS Identity and Access Management (IAM) role that is associated with a DB cluster. + type: object + additionalProperties: false + properties: + FeatureName: + description: The name of the feature associated with the AWS Identity and Access Management (IAM) role. For the list of supported feature names, see DBEngineVersion in the Amazon RDS API Reference. + type: string + RoleArn: + description: The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster. + type: string + required: + - RoleArn + ServerlessV2ScalingConfiguration: + description: Contains the scaling configuration of an Aurora Serverless v2 DB cluster. + type: object + additionalProperties: false + properties: + MinCapacity: + description: The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value that you can use is 0.5. + type: number + MaxCapacity: + description: The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128. + type: number + ScalingConfiguration: + description: The ScalingConfiguration property type specifies the scaling configuration of an Aurora Serverless DB cluster. + type: object + additionalProperties: false + properties: + AutoPause: + description: A value that indicates whether to allow or disallow automatic pause for an Aurora DB cluster in serverless DB engine mode. A DB cluster can be paused only when it's idle (it has no connections). + type: boolean + MaxCapacity: + description: |- + The maximum capacity for an Aurora DB cluster in serverless DB engine mode. + For Aurora MySQL, valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, and 256. + For Aurora PostgreSQL, valid capacity values are 2, 4, 8, 16, 32, 64, 192, and 384. + The maximum capacity must be greater than or equal to the minimum capacity. + type: integer + MinCapacity: + description: |- + The minimum capacity for an Aurora DB cluster in serverless DB engine mode. + For Aurora MySQL, valid capacity values are 1, 2, 4, 8, 16, 32, 64, 128, and 256. + For Aurora PostgreSQL, valid capacity values are 2, 4, 8, 16, 32, 64, 192, and 384. + The minimum capacity must be less than or equal to the maximum capacity. + type: integer + SecondsBeforeTimeout: + description: |- + The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. + The default is 300. + type: integer + SecondsUntilAutoPause: + description: The time, in seconds, before an Aurora DB cluster in serverless mode is paused. + type: integer + TimeoutAction: + description: |- + The action to take when the timeout is reached, either ForceApplyCapacityChange or RollbackCapacityChange. + ForceApplyCapacityChange sets the capacity to the specified value as soon as possible. + RollbackCapacityChange, the default, ignores the capacity change if a scaling point isn't found in the timeout period. + + For more information, see Autoscaling for Aurora Serverless v1 in the Amazon Aurora User Guide. + type: string + MasterUserSecret: + type: object + additionalProperties: false + properties: + SecretArn: + type: string + description: The Amazon Resource Name (ARN) of the secret. + KmsKeyId: + type: string + description: The AWS KMS key identifier that is used to encrypt the secret. + description: |- + The ``MasterUserSecret`` return value specifies the secret managed by RDS in AWS Secrets Manager for the master user password. + For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.* + DBCluster: + type: object + properties: + Endpoint: + $ref: '#/components/schemas/Endpoint' + ReadEndpoint: + $ref: '#/components/schemas/ReadEndpoint' + AllocatedStorage: + description: The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster. + type: integer + AssociatedRoles: + description: Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/DBClusterRole' + AvailabilityZones: + description: A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see Choosing the Regions and Availability Zones in the Amazon Aurora User Guide. + type: array + uniqueItems: true + items: + type: string + AutoMinorVersionUpgrade: + description: A value that indicates whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically. + type: boolean + BacktrackWindow: + description: The target backtrack window, in seconds. To disable backtracking, set this value to 0. + default: 0 + minimum: 0 + type: integer + BackupRetentionPeriod: + description: The number of days for which automated backups are retained. + default: 1 + minimum: 1 + type: integer + CopyTagsToSnapshot: + description: A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them. + type: boolean + DatabaseName: + description: The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see Naming Constraints in the Amazon RDS User Guide. + type: string + DBClusterArn: + type: string + description: The Amazon Resource Name (ARN) for the DB cluster. + DBClusterInstanceClass: + description: The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6g.xlarge. + type: string + DBClusterResourceId: + description: The AWS Region-unique, immutable identifier for the DB cluster. + type: string + DBInstanceParameterGroupName: + description: The name of the DB parameter group to apply to all instances of the DB cluster. + type: string + DBSystemId: + description: Reserved for future use. + type: string + GlobalClusterIdentifier: + description: |- + If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the AWS::RDS::GlobalCluster resource. + + If you aren't configuring a global database cluster, don't specify this property. + type: string + pattern: ^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$ + minLength: 0 + maxLength: 63 + DBClusterIdentifier: + description: The DB cluster identifier. This parameter is stored as a lowercase string. + type: string + pattern: ^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$ + minLength: 1 + maxLength: 63 + DBClusterParameterGroupName: + description: The name of the DB cluster parameter group to associate with this DB cluster. + type: string + default: default.aurora5.6 + DBSubnetGroupName: + description: A DB subnet group that you want to associate with this DB cluster. + type: string + DeletionProtection: + description: A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. + type: boolean + Domain: + description: The Active Directory directory ID to create the DB cluster in. + type: string + DomainIAMRoleName: + description: Specify the name of the IAM role to be used when making API calls to the Directory Service. + type: string + EnableCloudwatchLogsExports: + description: The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide. + type: array + uniqueItems: true + items: + type: string + EnableGlobalWriteForwarding: + description: Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database. + type: boolean + EnableHttpEndpoint: + description: A value that indicates whether to enable the HTTP endpoint for DB cluster. By default, the HTTP endpoint is disabled. + type: boolean + EnableIAMDatabaseAuthentication: + description: A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. + type: boolean + Engine: + description: 'The name of the database engine to be used for this DB cluster. Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible Aurora), and aurora-postgresql' + type: string + EngineMode: + description: The DB engine mode of the DB cluster, either provisioned, serverless, parallelquery, global, or multimaster. + type: string + EngineVersion: + description: The version number of the database engine to use. + type: string + ManageMasterUserPassword: + description: A value that indicates whether to manage the master user password with AWS Secrets Manager. + type: boolean + Iops: + description: The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. + type: integer + KmsKeyId: + description: The Amazon Resource Name (ARN) of the AWS Key Management Service master key that is used to encrypt the database instances in the DB cluster, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. If you enable the StorageEncrypted property but don't specify this property, the default master key is used. If you specify this property, you must set the StorageEncrypted property to true. + type: string + MasterUsername: + description: The name of the master user for the DB cluster. You must specify MasterUsername, unless you specify SnapshotIdentifier. In that case, don't specify MasterUsername. + type: string + pattern: ^[a-zA-Z]{1}[a-zA-Z0-9_]*$ + minLength: 1 + MasterUserPassword: + description: The master password for the DB instance. + type: string + MasterUserSecret: + $ref: '#/components/schemas/MasterUserSecret' + description: Contains the secret managed by RDS in AWS Secrets Manager for the master user password. + MonitoringInterval: + description: The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0. + type: integer + default: 0 + MonitoringRoleArn: + description: The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. + type: string + NetworkType: + description: The network type of the DB cluster. + type: string + PerformanceInsightsEnabled: + description: A value that indicates whether to turn on Performance Insights for the DB cluster. + type: boolean + PerformanceInsightsKmsKeyId: + description: The Amazon Web Services KMS key identifier for encryption of Performance Insights data. + type: string + PerformanceInsightsRetentionPeriod: + description: The amount of time, in days, to retain Performance Insights data. + type: integer + Port: + description: 'The port number on which the instances in the DB cluster accept connections. Default: 3306 if engine is set as aurora or 5432 if set to aurora-postgresql.' + type: integer + PreferredBackupWindow: + description: The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter. The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide. + type: string + PreferredMaintenanceWindow: + description: The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide. + type: string + PubliclyAccessible: + description: A value that indicates whether the DB cluster is publicly accessible. + type: boolean + ReplicationSourceIdentifier: + description: The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a Read Replica. + type: string + RestoreToTime: + description: 'The date and time to restore the DB cluster to. Value must be a time in Universal Coordinated Time (UTC) format. An example: 2015-03-07T23:45:00Z' + type: string + RestoreType: + description: |- + The type of restore to be performed. You can specify one of the following values: + full-copy - The new DB cluster is restored as a full copy of the source DB cluster. + copy-on-write - The new DB cluster is restored as a clone of the source DB cluster. + type: string + default: full-copy + ServerlessV2ScalingConfiguration: + description: Contains the scaling configuration of an Aurora Serverless v2 DB cluster. + $ref: '#/components/schemas/ServerlessV2ScalingConfiguration' + ScalingConfiguration: + description: The ScalingConfiguration property type specifies the scaling configuration of an Aurora Serverless DB cluster. + $ref: '#/components/schemas/ScalingConfiguration' + SnapshotIdentifier: + description: >- + The identifier for the DB snapshot or DB cluster snapshot to restore from. + + You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot. + + After you restore a DB cluster with a SnapshotIdentifier property, you must specify the same SnapshotIdentifier property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the SnapshotIdentifier property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different + from the previous snapshot restore property, the DB cluster is restored from the specified SnapshotIdentifier property, and the original DB cluster is deleted. + type: string + SourceDBClusterIdentifier: + description: The identifier of the source DB cluster from which to restore. + type: string + SourceRegion: + description: The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, us-east-1. + type: string + StorageEncrypted: + description: |- + Indicates whether the DB instance is encrypted. + If you specify the DBClusterIdentifier, SnapshotIdentifier, or SourceDBInstanceIdentifier property, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance. + type: boolean + StorageType: + description: Specifies the storage type to be associated with the DB cluster. + type: string + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + UseLatestRestorableTime: + description: A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time. + type: boolean + VpcSecurityGroupIds: + description: A list of EC2 VPC security groups to associate with this DB cluster. + uniqueItems: true + items: + type: string + type: array + x-stackql-resource-name: db_cluster + x-stackql-primaryIdentifier: + - DBClusterIdentifier + x-create-only-properties: + - AvailabilityZones + - DBClusterIdentifier + - DBSubnetGroupName + - DBSystemId + - DatabaseName + - EngineMode + - KmsKeyId + - PubliclyAccessible + - RestoreToTime + - RestoreType + - SnapshotIdentifier + - SourceDBClusterIdentifier + - SourceRegion + - StorageEncrypted + - UseLatestRestorableTime + x-read-only-properties: + - DBClusterArn + - DBClusterResourceId + - Endpoint + - Endpoint/Address + - Endpoint/Port + - ReadEndpoint/Port + - ReadEndpoint/Address + - MasterUserSecret/SecretArn + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - iam:PassRole + - rds:AddRoleToDBCluster + - rds:AddTagsToResource + - rds:CreateDBCluster + - rds:CreateDBInstance + - rds:DescribeDBClusters + - rds:DescribeEvents + - rds:EnableHttpEndpoint + - rds:ModifyDBCluster + - rds:RestoreDBClusterFromSnapshot + - rds:RestoreDBClusterToPointInTime + - secretsmanager:CreateSecret + - secretsmanager:TagResource + read: + - rds:DescribeDBClusters + update: + - ec2:DescribeSecurityGroups + - iam:PassRole + - rds:AddRoleToDBCluster + - rds:AddTagsToResource + - rds:DescribeDBClusters + - rds:DescribeDBSubnetGroups + - rds:DescribeEvents + - rds:DescribeGlobalClusters + - rds:DisableHttpEndpoint + - rds:EnableHttpEndpoint + - rds:ModifyDBCluster + - rds:ModifyDBInstance + - rds:RemoveFromGlobalCluster + - rds:RemoveRoleFromDBCluster + - rds:RemoveTagsFromResource + - secretsmanager:CreateSecret + - secretsmanager:TagResource + delete: + - rds:CreateDBClusterSnapshot + - rds:DeleteDBCluster + - rds:DeleteDBInstance + - rds:DescribeDBClusters + - rds:DescribeGlobalClusters + - rds:RemoveFromGlobalCluster + list: + - rds:DescribeDBClusters + DBClusterParameterGroup: + type: object + properties: + Description: + description: A friendly description for this DB cluster parameter group. + type: string + Family: + description: The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a DB engine and engine version compatible with that DB cluster parameter group family. + type: string + Parameters: + description: An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request. + type: object + DBClusterParameterGroupName: + type: string + pattern: ^[a-zA-Z]{1}(?:-?[a-zA-Z0-9])*$ + Tags: + description: The list of tags for the cluster parameter group. + type: array + maxItems: 50 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Description + - Family + - Parameters + x-stackql-resource-name: db_cluster_parameter_group + x-stackql-primaryIdentifier: + - DBClusterParameterGroupName + x-create-only-properties: + - DBClusterParameterGroupName + - Description + - Family + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - rds:AddTagsToResource + - rds:CreateDBClusterParameterGroup + - rds:DescribeDBClusterParameterGroups + - rds:DescribeDBClusterParameters + - rds:DescribeDBClusters + - rds:DescribeEngineDefaultClusterParameters + - rds:ListTagsForResource + - rds:ModifyDBClusterParameterGroup + - rds:RemoveTagsFromResource + read: + - rds:DescribeDBClusterParameterGroups + - rds:DescribeDBClusterParameters + - rds:DescribeEngineDefaultClusterParameters + - rds:ListTagsForResource + update: + - rds:AddTagsToResource + - rds:DescribeDBClusterParameterGroups + - rds:DescribeDBClusterParameters + - rds:DescribeDBClusters + - rds:DescribeEngineDefaultClusterParameters + - rds:ListTagsForResource + - rds:ModifyDBClusterParameterGroup + - rds:RemoveTagsFromResource + - rds:ResetDBClusterParameterGroup + delete: + - rds:DeleteDBClusterParameterGroup + list: + - rds:DescribeDBClusterParameterGroups + CertificateDetails: + type: object + additionalProperties: false + properties: + CAIdentifier: + type: string + description: The CA identifier of the CA certificate used for the DB instance's server certificate. + ValidTill: + type: string + format: date-time + description: The expiration date of the DB instance’s server certificate. + description: |- + Returns the details of the DB instance’s server certificate. + For more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide*. + DBInstanceRole: + type: object + additionalProperties: false + properties: + FeatureName: + type: string + description: The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the ``SupportedFeatureNames`` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference*. + RoleArn: + type: string + description: The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance. + required: + - FeatureName + - RoleArn + description: Information about an AWS Identity and Access Management (IAM) role that is associated with a DB instance. + ProcessorFeature: + type: object + additionalProperties: false + properties: + Name: + type: string + enum: + - coreCount + - threadsPerCore + description: The name of the processor feature. Valid names are ``coreCount`` and ``threadsPerCore``. + Value: + type: string + description: The value of a processor feature name. + description: The ``ProcessorFeature`` property type specifies the processor features of a DB instance class status. + DBInstance: + type: object + properties: + AllocatedStorage: + type: string + description: |- + The amount of storage in gibibytes (GiB) to be initially allocated for the database instance. + If any value is set in the ``Iops`` parameter, ``AllocatedStorage`` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the ``Iops`` value (in 1,000 IOPS increments), then you must also increase the ``AllocatedStorage`` value (in 100-GiB increments). + *Amazon Aurora* + Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume. + *Db2* + Constraints to the amount of storage for each storage type are the following: + + General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000. + + Provisioned IOPS storage (io1): Must be an integer from 100 to 64000. + + *MySQL* + Constraints to the amount of storage for each storage type are the following: + + General Purpose (SSD) storage (gp2): Must be an integer fro + pattern: ^[0-9]*$ + AllowMajorVersionUpgrade: + type: boolean + description: |- + A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. + Constraints: Major version upgrades must be allowed when specifying a value for the ``EngineVersion`` parameter that is a different major version than the DB instance's current version. + AssociatedRoles: + type: array + items: + $ref: '#/components/schemas/DBInstanceRole' + description: |- + The IAMlong (IAM) roles associated with the DB instance. + *Amazon Aurora* + Not applicable. The associated roles are managed by the DB cluster. + AutoMinorVersionUpgrade: + type: boolean + description: A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically. + AutomaticBackupReplicationRegion: + type: string + description: The destination region for the backup replication of the DB instance. For more info, see [Replicating automated backups to another Region](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReplicateBackups.html) in the *Amazon RDS User Guide*. + AvailabilityZone: + type: string + description: |- + The Availability Zone (AZ) where the database will be created. For information on AWS-Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html). + For Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one. + Default: A random, system-chosen Availability Zone in the endpoint's AWS-Region. + Constraints: + + The ``AvailabilityZone`` parameter can't be specified if the DB instance is a Multi-AZ deployment. + + The specified Availability Zone must be in the same AWS-Region as the current endpoint. + + Example: ``us-east-1d`` + BackupRetentionPeriod: + type: integer + minimum: 0 + default: 1 + description: |- + The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups. + *Amazon Aurora* + Not applicable. The retention period for automated backups is managed by the DB cluster. + Default: 1 + Constraints: + + Must be a value from 0 to 35 + + Can't be set to 0 if the DB instance is a source to read replicas + CACertificateIdentifier: + type: string + description: |- + The identifier of the CA certificate for this DB instance. + Specifying or updating this property triggers a reboot. For more information about CA certificate identifiers for RDS DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide*. For more information about CA certificate identifiers for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide*. + CertificateDetails: + $ref: '#/components/schemas/CertificateDetails' + description: The details of the DB instance's server certificate. + CertificateRotationRestart: + type: boolean + description: |- + Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate. + By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted. + Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. + If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate: + + For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.* + + For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Gui + CharacterSetName: + type: string + description: |- + For supported engines, indicates that the DB instance should be associated with the specified character set. + *Amazon Aurora* + Not applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html). + CopyTagsToSnapshot: + type: boolean + description: |- + Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied. + This setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting. + CustomIAMInstanceProfile: + type: string + description: |- + The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. + This setting is required for RDS Custom. + Constraints: + + The profile must exist in your account. + + The profile must have an IAM role that Amazon EC2 has permissions to assume. + + The instance profile name and the associated IAM role name must start with the prefix ``AWSRDSCustom``. + + For the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide*. + DBClusterIdentifier: + type: string + description: The identifier of the DB cluster that the instance will belong to. + DBClusterSnapshotIdentifier: + type: string + description: |- + The identifier for the Multi-AZ DB cluster snapshot to restore from. + For more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide*. + Constraints: + + Must match the identifier of an existing Multi-AZ DB cluster snapshot. + + Can't be specified when ``DBSnapshotIdentifier`` is specified. + + Must be specified when ``DBSnapshotIdentifier`` isn't specified. + + If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the ``DBClusterSnapshotIdentifier`` must be the ARN of the shared snapshot. + + Can't be the identifier of an Aurora DB cluster snapshot. + DBInstanceArn: + type: string + description: '' + DBInstanceClass: + type: string + description: |- + The compute and memory capacity of the DB instance, for example, ``db.m4.large``. Not all DB instance classes are available in all AWS Regions, or for all database engines. + For the full list of DB instance classes, and availability for your engine, see [DB Instance Class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide.* For more information about DB instance class pricing and AWS Region support for DB instance classes, see [Amazon RDS Pricing](https://docs.aws.amazon.com/rds/pricing/). + DBInstanceIdentifier: + type: string + pattern: ^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$ + minLength: 1 + maxLength: 63 + description: |- + A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html). + For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide*. + If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. + DbiResourceId: + type: string + description: '' + DBName: + type: string + description: |- + The meaning of this parameter differs according to the database engine you use. + If you specify the ``DBSnapshotIdentifier`` property, this property only applies to RDS for Oracle. + *Amazon Aurora* + Not applicable. The database name is managed by the DB cluster. + *Db2* + The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance. + Constraints: + + Must contain 1 to 64 letters or numbers. + + Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9). + + Can't be a word reserved by the specified database engine. + + *MySQL* + The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance. + Constraints: + + Must contain 1 to 64 letters or numbers. + + Can't be a word reserved by the specified database engine + + *MariaDB* + The name of the database to create when the DB instance is + DBParameterGroupName: + type: string + description: |- + The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template. + To list all of the available DB parameter group names, use the following command: + ``aws rds describe-db-parameter-groups --query "DBParameterGroups[].DBParameterGroupName" --output text`` + If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. + If you don't specify a value for ``DBParameterGroupName`` property, the default DB parameter group for the specified engine and engine version is used. + DBSecurityGroups: + type: array + uniqueItems: true + items: + type: string + description: |- + A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template. + If you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups. + If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations: + + ``AllocatedStorage`` + + ``AutoMinorVersionUpgrade`` + + ``AvailabilityZone`` + + ``BackupRetentionPeriod`` + + ``CharacterSetName`` + + ``DBInstanceClass`` + + ``DBName`` + + ``DBParameterGroupName`` + + ``DBSecurityGroups`` + + ``DBSubnetGroupName`` + + ``Engine`` + + ``EngineVersion`` + + ``Iops`` + + ``LicenseModel`` + + + DBSnapshotIdentifier: + type: string + description: |- + The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot. + By specifying this property, you can create a DB instance from the specified DB snapshot. If the ``DBSnapshotIdentifier`` property is an empty string or the ``AWS::RDS::DBInstance`` declaration has no ``DBSnapshotIdentifier`` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack. + Some DB instance properties aren't valid when you restore from a snapshot, such as the ``MasterUsername`` and ``MasterUserPassword`` properties. For information about the properties that you can specify, see the ``RestoreDBInstanceFromDBSnapshot`` action in the *Amazo + DBSubnetGroupName: + type: string + description: |- + A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC. + If there's no DB subnet group, then the DB instance isn't a VPC DB instance. + For more information about using Amazon RDS in a VPC, see [Using Amazon RDS with Amazon Virtual Private Cloud (VPC)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*. + *Amazon Aurora* + Not applicable. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting. + DBSystemId: + type: string + description: The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term "Oracle database instance" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to ``RDSCDB``. The Oracle SID is also the name of your CDB. + DedicatedLogVolume: + type: boolean + description: Indicates whether the DB instance has a dedicated log volume (DLV) enabled. + DeleteAutomatedBackups: + type: boolean + description: |- + A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted. + *Amazon Aurora* + Not applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted. + DeletionProtection: + type: boolean + description: |- + A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). + *Amazon Aurora* + Not applicable. You can enable or disable deletion protection for the DB cluster. For more information, see ``CreateDBCluster``. DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster. + Domain: + type: string + description: |- + The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain. + For more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide*. + DomainAuthSecretArn: + type: string + description: |- + The ARN for the Secrets Manager secret with the credentials for the user joining the domain. + Example: ``arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`` + DomainDnsIps: + type: array + items: + type: string + description: |- + The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers. + Constraints: + + Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list. + + Example: ``123.124.125.126,234.235.236.237`` + DomainFqdn: + type: string + description: |- + The fully qualified domain name (FQDN) of an Active Directory domain. + Constraints: + + Can't be longer than 64 characters. + + Example: ``mymanagedADtest.mymanagedAD.mydomain`` + DomainIAMRoleName: + type: string + description: |- + The name of the IAM role to use when making API calls to the Directory Service. + This setting doesn't apply to the following DB instances: + + Amazon Aurora (The domain is managed by the DB cluster.) + + RDS Custom + DomainOu: + type: string + description: |- + The Active Directory organizational unit for your DB instance to join. + Constraints: + + Must be in the distinguished name format. + + Can't be longer than 64 characters. + + Example: ``OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`` + EnableCloudwatchLogsExports: + type: array + items: + type: string + description: |- + The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide*. + *Amazon Aurora* + Not applicable. CloudWatch Logs exports are managed by the DB cluster. + *Db2* + Valid values: ``diag.log``, ``notify.log`` + *MariaDB* + Valid values: ``audit``, ``error``, ``general``, ``slowquery`` + *Microsoft SQL Server* + Valid values: ``agent``, ``error`` + *MySQL* + Valid values: ``audit``, ``error``, ``general``, ``slowquery`` + *Oracle* + Valid values: ``alert``, ``audit``, ``listener``, ``trace``, ``oemagent`` + *PostgreSQL* + Valid values: ``postgresql``, ``upgrade`` + EnableIAMDatabaseAuthentication: + type: boolean + description: |- + A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled. + This property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.* + *Amazon Aurora* + Not applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster. + EnablePerformanceInsights: + type: boolean + description: |- + Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide*. + This setting doesn't apply to RDS Custom DB instances. + Endpoint: + $ref: '#/components/schemas/Endpoint' + description: |- + The connection endpoint for the DB instance. + The endpoint might not be shown for instances with the status of ``creating``. + Engine: + type: string + description: |- + The name of the database engine that you want to use for this DB instance. + Not every database engine is available in every AWS Region. + When you are creating a DB instance, the ``Engine`` property is required. + Valid Values: + + ``aurora-mysql`` (for Aurora MySQL DB instances) + + ``aurora-postgresql`` (for Aurora PostgreSQL DB instances) + + ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances) + + ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances) + + ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances) + + ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances) + + ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances) + + ``db2-ae`` + + ``db2-se`` + + ``mariadb`` + + ``mysql`` + + ``oracle-ee`` + + ``oracle-ee-cdb`` + + ``oracle-se2`` + + ``oracle-se2-cdb`` + + ``postgres`` + + ``sqlserver-ee`` + + ``sqlserver-se`` + + ``sqlserver-ex`` + + ``sqlserver-web`` + EngineVersion: + type: string + description: |- + The version number of the database engine to use. + For a list of valid engine versions, use the ``DescribeDBEngineVersions`` action. + The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region. + *Amazon Aurora* + Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster. + *Db2* + See [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* + *MariaDB* + See [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* + *Microsoft SQL Server* + See [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSu + ManageMasterUserPassword: + type: boolean + description: |- + Specifies whether to manage the master user password with AWS Secrets Manager. + For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.* + Constraints: + + Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified. + Iops: + type: integer + description: |- + The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000. + If you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide*. + If you specify ``io1`` for the ``StorageType`` property, then you must also specify the ``Iops`` property. + Constraints: + + For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance. + + For RDS for SQL Server - Must be a multip + KmsKeyId: + type: string + description: |- + The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef``. If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. + If you specify the ``SourceDBInstanceIdentifier`` property, the value is inherited from the source DB instance if the read replica is created in the same region. + If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region. + If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is us + LicenseModel: + type: string + description: |- + License model information for this DB instance. + Valid Values: + + Aurora MySQL - ``general-public-license`` + + Aurora PostgreSQL - ``postgresql-license`` + + RDS for Db2 - ``bring-your-own-license``. For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.* + + RDS for MariaDB - ``general-public-license`` + + RDS for Microsoft SQL Server - ``license-included`` + + RDS for MySQL - ``general-public-license`` + + RDS for Oracle - ``bring-your-own-license`` or ``license-included`` + + RDS for PostgreSQL - ``postgresql-license`` + + If you've specified ``DBSecurityGroups`` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability. + MasterUsername: + type: string + pattern: ^[a-zA-Z][a-zA-Z0-9_]{0,127}$ + description: |- + The master user name for the DB instance. + If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot. + When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. + *Amazon Aurora* + Not applicable. The name for the master user is managed by the DB cluster. + *RDS for Db2* + Constraints: + + Must be 1 to 16 letters or numbers. + + First character must be a letter. + + Can't be a reserved word for the chosen database engine. + + *RDS for MariaDB* + Constraints: + + Must be 1 to 16 letters or numbers. + + Can't be a reserved word for the chosen database engine. + + *RDS for Microsoft SQL Server* + Constraints: + + Must be 1 to 128 letters or numbers. + + First character must be a letter. + + Can't be a reserved word for the chosen database engine. + + *RDS for MySQL* + Constrain + minLength: 1 + maxLength: 128 + MasterUserPassword: + type: string + description: |- + The password for the master user. The password can include any printable ASCII character except "/", """, or "@". + *Amazon Aurora* + Not applicable. The password for the master user is managed by the DB cluster. + *RDS for Db2* + Must contain from 8 to 255 characters. + *RDS for MariaDB* + Constraints: Must contain from 8 to 41 characters. + *RDS for Microsoft SQL Server* + Constraints: Must contain from 8 to 128 characters. + *RDS for MySQL* + Constraints: Must contain from 8 to 41 characters. + *RDS for Oracle* + Constraints: Must contain from 8 to 30 characters. + *RDS for PostgreSQL* + Constraints: Must contain from 8 to 128 characters. + MasterUserSecret: + $ref: '#/components/schemas/MasterUserSecret' + description: |- + The secret managed by RDS in AWS Secrets Manager for the master user password. + For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.* + MaxAllocatedStorage: + type: integer + description: |- + The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance. + For more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide*. + This setting doesn't apply to the following DB instances: + + Amazon Aurora (Storage is managed by the DB cluster.) + + RDS Custom + MonitoringInterval: + type: integer + default: 0 + description: |- + The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0. + If ``MonitoringRoleArn`` is specified, then you must set ``MonitoringInterval`` to a value other than 0. + This setting doesn't apply to RDS Custom. + Valid Values: ``0, 1, 5, 10, 15, 30, 60`` + MonitoringRoleArn: + type: string + description: |- + The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, ``arn:aws:iam:123456789012:role/emaccess``. For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide*. + If ``MonitoringInterval`` is set to a value other than ``0``, then you must supply a ``MonitoringRoleArn`` value. + This setting doesn't apply to RDS Custom DB instances. + MultiAZ: + type: boolean + description: |- + Specifies whether the database instance is a Multi-AZ DB instance deployment. You can't set the ``AvailabilityZone`` parameter if the ``MultiAZ`` parameter is set to true. + For more information, see [Multi-AZ deployments for high availability](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html) in the *Amazon RDS User Guide*. + *Amazon Aurora* + Not applicable. Amazon Aurora storage is replicated across all of the Availability Zones and doesn't require the ``MultiAZ`` option to be set. + NcharCharacterSetName: + type: string + description: |- + The name of the NCHAR character set for the Oracle DB instance. + This setting doesn't apply to RDS Custom DB instances. + NetworkType: + description: |- + The network type of the DB instance. + Valid values: + + ``IPV4`` + + ``DUAL`` + + The network type is determined by the ``DBSubnetGroup`` specified for the DB instance. A ``DBSubnetGroup`` can support only the IPv4 protocol or the IPv4 and IPv6 protocols (``DUAL``). + For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.* + type: string + OptionGroupName: + type: string + description: |- + Indicates that the DB instance should be associated with the specified option group. + Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance. + PerformanceInsightsKMSKeyId: + type: string + description: |- + The AWS KMS key identifier for encryption of Performance Insights data. + The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. + If you do not specify a value for ``PerformanceInsightsKMSKeyId``, then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region. + For information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights). + PerformanceInsightsRetentionPeriod: + type: integer + description: |- + The number of days to retain Performance Insights data. + This setting doesn't apply to RDS Custom DB instances. + Valid Values: + + ``7`` + + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31) + + ``731`` + + Default: ``7`` days + If you specify a retention period that isn't valid, such as ``94``, Amazon RDS returns an error. + Port: + type: string + description: |- + The port number on which the database accepts connections. + *Amazon Aurora* + Not applicable. The port number is managed by the DB cluster. + *Db2* + Default value: ``50000`` + pattern: ^\d*$ + PreferredBackupWindow: + type: string + description: |- + The daily time range during which automated backups are created if automated backups are enabled, using the ``BackupRetentionPeriod`` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.* + Constraints: + + Must be in the format ``hh24:mi-hh24:mi``. + + Must be in Universal Coordinated Time (UTC). + + Must not conflict with the preferred maintenance window. + + Must be at least 30 minutes. + + *Amazon Aurora* + Not applicable. The daily time range for creating automated backups is managed by the DB cluster. + PreferredMaintenanceWindow: + type: string + description: |- + The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). + Format: ``ddd:hh24:mi-ddd:hh24:mi`` + The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.* + This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. + Constraints: Minimum 30-minute window. + ProcessorFeatures: + type: array + items: + $ref: '#/components/schemas/ProcessorFeature' + description: |- + The number of CPU cores and the number of threads per core for the DB instance class of the DB instance. + This setting doesn't apply to Amazon Aurora or RDS Custom DB instances. + PromotionTier: + type: integer + minimum: 0 + default: 1 + description: |- + The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide*. + This setting doesn't apply to RDS Custom DB instances. + Default: ``1`` + Valid Values: ``0 - 15`` + PubliclyAccessible: + type: boolean + description: |- + Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address. + The default behavior value depends on your VPC setup and the database subnet group. For more information, see the ``PubliclyAccessible`` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference*. + ReplicaMode: + description: |- + The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide*. + This setting is only supported in RDS for Oracle. + Default: ``open-read-only`` + Valid Values: ``open-read-only`` or ``mounted`` + type: string + RestoreTime: + description: |- + The date and time to restore from. + Constraints: + + Must be a time in Universal Coordinated Time (UTC) format. + + Must be before the latest restorable time for the DB instance. + + Can't be specified if the ``UseLatestRestorableTime`` parameter is enabled. + + Example: ``2009-09-07T23:45:00Z`` + type: string + format: date-time + SourceDBClusterIdentifier: + description: |- + The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas. + Constraints: + + Must be the identifier of an existing Multi-AZ DB cluster. + + Can't be specified if the ``SourceDBInstanceIdentifier`` parameter is also specified. + + The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0. + + The source DB cluster must be in the same AWS-Region as the read replica. Cross-Region replication isn't supported. + type: string + SourceDbiResourceId: + type: string + description: The resource ID of the source DB instance from which to restore. + SourceDBInstanceAutomatedBackupsArn: + type: string + description: |- + The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, ``arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE``. + This setting doesn't apply to RDS Custom. + SourceDBInstanceIdentifier: + type: string + description: |- + If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide*. + For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide*. + The ``SourceDBInstanceIdentifier`` property determines whether a DB instance is a read replica. If you remove the ``SourceDBInstanceIdentifier`` property from your template and then update your stack, AWS CloudFormation promotes the Read Replica to a standalone DB instance. + + If you specify a source DB instance that uses VPC security groups, we recommend that you specify the ``VPCSecurityGroups`` property. If you don't specify the + SourceRegion: + type: string + description: The ID of the region that contains the source DB instance for the read replica. + StorageEncrypted: + type: boolean + description: |- + A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted. + If you specify the ``KmsKeyId`` property, then you must enable encryption. + If you specify the ``SourceDBInstanceIdentifier`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. + If you specify the ``DBSnapshotIdentifier`` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified ``KmsKeyId`` property is used. + If you specify the ``DBSnapshotIdentifier`` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB instance is encrypted. Specify the ``KmsKeyId`` property for the KMS key to use for encryption. If you don't want the restored DB instance to be encrypted, then don't set this property or set it to ``false``. + *Amazon Aurora* + Not applicable. The encrypt + StorageType: + type: string + description: |- + Specifies the storage type to be associated with the DB instance. + Valid values: ``gp2 | gp3 | io1 | standard`` + The ``standard`` value is also known as magnetic. + If you specify ``io1`` or ``gp3``, you must also include a value for the ``Iops`` parameter. + Default: ``io1`` if the ``Iops`` parameter is specified, otherwise ``gp2`` + For more information, see [Amazon RDS DB Instance Storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html) in the *Amazon RDS User Guide*. + *Amazon Aurora* + Not applicable. Aurora data is stored in the cluster volume, which is a single, virtual volume that uses solid state drives (SSDs). + StorageThroughput: + type: integer + description: |- + Specifies the storage throughput value for the DB instance. This setting applies only to the ``gp3`` storage type. + This setting doesn't apply to RDS Custom or Amazon Aurora. + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + description: An optional array of key-value pairs to apply to this DB instance. + TdeCredentialArn: + type: string + description: '' + TdeCredentialPassword: + type: string + description: '' + Timezone: + type: string + description: The time zone of the DB instance. The time zone parameter is currently supported only by [Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone). + UseDefaultProcessorFeatures: + type: boolean + description: |- + Specifies whether the DB instance class of the DB instance uses its default processor features. + This setting doesn't apply to RDS Custom DB instances. + UseLatestRestorableTime: + type: boolean + description: |- + Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. + Constraints: + + Can't be specified if the ``RestoreTime`` parameter is provided. + VPCSecurityGroups: + type: array + uniqueItems: true + items: + type: string + description: |- + A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template. + If you plan to update the resource, don't specify VPC security groups in a shared VPC. + If you set ``VPCSecurityGroups``, you must not set [DBSecurityGroups](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups), and vice versa. + You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind: + + You can't revert to using an RDS security group after you establish a VPC security group membership. + + When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instanc + x-stackql-resource-name: db_instance + x-stackql-primaryIdentifier: + - DBInstanceIdentifier + x-create-only-properties: + - CharacterSetName + - CustomIAMInstanceProfile + - DBClusterIdentifier + - DBInstanceIdentifier + - DBName + - DBSubnetGroupName + - KmsKeyId + - MasterUsername + - NcharCharacterSetName + - Port + - SourceRegion + - StorageEncrypted + - Timezone + x-read-only-properties: + - Endpoint/Address + - Endpoint/Port + - Endpoint/HostedZoneId + - DbiResourceId + - DBInstanceArn + - DBSystemId + - MasterUserSecret/SecretArn + - CertificateDetails/CAIdentifier + - CertificateDetails/ValidTill + x-required-permissions: + create: + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - iam:CreateServiceLinkedRole + - iam:GetRole + - iam:ListRoles + - iam:PassRole + - kms:CreateGrant + - kms:DescribeKey + - rds:AddRoleToDBInstance + - rds:AddTagsToResource + - rds:CreateDBInstance + - rds:CreateDBInstanceReadReplica + - rds:DescribeDBInstances + - rds:DescribeDBClusters + - rds:DescribeDBClusterSnapshots + - rds:DescribeDBInstanceAutomatedBackups + - rds:DescribeDBSnapshots + - rds:DescribeEvents + - rds:ModifyDBInstance + - rds:RebootDBInstance + - rds:RestoreDBInstanceFromDBSnapshot + - rds:RestoreDBInstanceToPointInTime + - rds:StartDBInstanceAutomatedBackupsReplication + - secretsmanager:CreateSecret + - secretsmanager:TagResource + read: + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - rds:DescribeDBInstances + update: + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcAttribute + - ec2:DescribeVpcs + - iam:CreateServiceLinkedRole + - iam:GetRole + - iam:ListRoles + - iam:PassRole + - kms:CreateGrant + - kms:DescribeKey + - rds:AddRoleToDBInstance + - rds:AddTagsToResource + - rds:DescribeDBClusters + - rds:DescribeDBEngineVersions + - rds:DescribeDBInstances + - rds:DescribeDBParameterGroups + - rds:DescribeEvents + - rds:ModifyDBInstance + - rds:PromoteReadReplica + - rds:RebootDBInstance + - rds:RemoveRoleFromDBInstance + - rds:RemoveTagsFromResource + - rds:StartDBInstanceAutomatedBackupsReplication + - rds:StopDBInstanceAutomatedBackupsReplication + - secretsmanager:CreateSecret + - secretsmanager:TagResource + delete: + - rds:CreateDBSnapshot + - rds:DeleteDBInstance + - rds:DescribeDBInstances + list: + - rds:DescribeDBInstances + DBParameterGroup: + type: object + properties: + DBParameterGroupName: + description: |- + The name of the DB parameter group. + Constraints: + + Must be 1 to 255 letters, numbers, or hyphens. + + First character must be a letter + + Can't end with a hyphen or contain two consecutive hyphens + + If you don't specify a value for ``DBParameterGroupName`` property, a name is automatically created for the DB parameter group. + This value is stored as a lowercase string. + type: string + pattern: ^[a-zA-Z]{1}(?:-?[a-zA-Z0-9])*$ + Description: + description: Provides the customer-specified description for this DB parameter group. + type: string + Family: + description: |- + The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a DB engine and engine version compatible with that DB parameter group family. + The DB parameter group family can't be changed when updating a DB parameter group. + To list all of the available parameter group families, use the following command: + ``aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily"`` + The output contains duplicates. + For more information, see ``CreateDBParameterGroup``. + type: string + Parameters: + description: |- + An array of parameter names and values for the parameter update. At least one parameter name and value must be supplied. Subsequent arguments are optional. + RDS for Db2 requires you to bring your own Db2 license. You must enter your IBM customer ID (``rds.ibm_customer_id``) and site number (``rds.ibm_site_id``) before starting a Db2 instance. + For more information about DB parameters and DB parameter groups for Amazon RDS DB engines, see [Working with DB Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide*. + For more information about DB cluster and DB instance parameters and parameter groups for Amazon Aurora DB engines, see [Working with DB Parameter Groups and DB Cluster Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide*. + AWS CloudFormation doesn't support specifying an apply method for each individual + type: object + Tags: + description: |- + An optional array of key-value pairs to apply to this DB parameter group. + Currently, this is the only property that supports drift detection. + type: array + maxItems: 50 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Family + - Description + x-stackql-resource-name: db_parameter_group + x-stackql-primaryIdentifier: + - DBParameterGroupName + x-create-only-properties: + - DBParameterGroupName + - Description + - Family + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - rds:AddTagsToResource + - rds:CreateDBParameterGroup + - rds:DescribeDBParameterGroups + - rds:DescribeDBParameters + - rds:DescribeEngineDefaultParameters + - rds:ListTagsForResource + - rds:ModifyDBParameterGroup + - rds:RemoveTagsFromResource + read: + - rds:DescribeDBParameterGroups + - rds:DescribeDBParameters + - rds:DescribeEngineDefaultParameters + - rds:ListTagsForResource + update: + - rds:AddTagsToResource + - rds:DescribeDBParameterGroups + - rds:DescribeDBParameters + - rds:DescribeEngineDefaultParameters + - rds:ListTagsForResource + - rds:ModifyDBParameterGroup + - rds:ResetDBParameterGroup + - rds:RemoveTagsFromResource + delete: + - rds:DeleteDBParameterGroup + list: + - rds:DescribeDBParameterGroups + AuthFormat: + type: object + properties: + AuthScheme: + description: 'The type of authentication that the proxy uses for connections from the proxy to the underlying database. ' + type: string + enum: + - SECRETS + Description: + description: 'A user-specified description about the authentication used by a proxy to log in as a specific database user. ' + type: string + IAMAuth: + description: Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server. + type: string + enum: + - DISABLED + - REQUIRED + - ENABLED + SecretArn: + description: 'The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager. ' + type: string + ClientPasswordAuthType: + description: The type of authentication the proxy uses for connections from clients. + type: string + enum: + - MYSQL_NATIVE_PASSWORD + - POSTGRES_SCRAM_SHA_256 + - POSTGRES_MD5 + - SQL_SERVER_AUTHENTICATION + additionalProperties: false + TagFormat: + type: object + properties: + Key: + type: string + pattern: (\w|\d|\s|\\|-|\.:=+-)* + maxLength: 128 + Value: + type: string + pattern: (\w|\d|\s|\\|-|\.:=+-)* + maxLength: 128 + additionalProperties: false + DBProxy: + type: object + properties: + Auth: + description: The authorization mechanism that the proxy uses. + type: array + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/AuthFormat' + DBProxyArn: + description: The Amazon Resource Name (ARN) for the proxy. + type: string + DBProxyName: + description: The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. + type: string + pattern: '[0-z]*' + maxLength: 64 + DebugLogging: + description: Whether the proxy includes detailed information about SQL statements in its logs. + type: boolean + Endpoint: + description: The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application. + type: string + EngineFamily: + description: The kinds of databases that the proxy can connect to. + type: string + enum: + - MYSQL + - POSTGRESQL + - SQLSERVER + IdleClientTimeout: + description: The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. + type: integer + RequireTLS: + description: A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. + type: boolean + RoleArn: + description: The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager. + type: string + Tags: + description: An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/TagFormat' + VpcId: + description: VPC ID to associate with the new DB proxy. + type: string + VpcSecurityGroupIds: + description: VPC security group IDs to associate with the new proxy. + type: array + x-insertionOrder: false + minItems: 1 + items: + type: string + VpcSubnetIds: + description: VPC subnet IDs to associate with the new proxy. + type: array + x-insertionOrder: false + minItems: 2 + items: + type: string + required: + - Auth + - DBProxyName + - EngineFamily + - RoleArn + - VpcSubnetIds + x-stackql-resource-name: db_proxy + x-stackql-primaryIdentifier: + - DBProxyName + x-create-only-properties: + - DBProxyName + - EngineFamily + - VpcSubnetIds + x-read-only-properties: + - DBProxyArn + - Endpoint + - VpcId + x-required-permissions: + create: + - rds:CreateDBProxy + - rds:DescribeDBProxies + - iam:PassRole + read: + - rds:DescribeDBProxies + update: + - rds:ModifyDBProxy + - rds:AddTagsToResource + - rds:RemoveTagsFromResource + - iam:PassRole + delete: + - rds:DescribeDBProxies + - rds:DeleteDBProxy + list: + - rds:DescribeDBProxies + DBProxyEndpoint: + type: object + properties: + DBProxyEndpointName: + description: The identifier for the DB proxy endpoint. This name must be unique for all DB proxy endpoints owned by your AWS account in the specified AWS Region. + type: string + pattern: '[0-z]*' + maxLength: 64 + DBProxyEndpointArn: + description: The Amazon Resource Name (ARN) for the DB proxy endpoint. + type: string + pattern: arn:aws[A-Za-z0-9-]{0,64}:rds:[A-Za-z0-9-]{1,64}:[0-9]{12}:.* + DBProxyName: + description: The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region. + type: string + pattern: '[0-z]*' + maxLength: 64 + VpcId: + description: VPC ID to associate with the new DB proxy endpoint. + type: string + VpcSecurityGroupIds: + description: VPC security group IDs to associate with the new DB proxy endpoint. + type: array + x-insertionOrder: false + minItems: 1 + items: + type: string + VpcSubnetIds: + description: VPC subnet IDs to associate with the new DB proxy endpoint. + type: array + minItems: 2 + x-insertionOrder: false + items: + type: string + Endpoint: + description: The endpoint that you can use to connect to the DB proxy. You include the endpoint value in the connection string for a database client application. + type: string + maxLength: 256 + TargetRole: + description: A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations. + type: string + enum: + - READ_WRITE + - READ_ONLY + IsDefault: + description: A value that indicates whether this endpoint is the default endpoint for the associated DB proxy. Default DB proxy endpoints always have read/write capability. Other endpoints that you associate with the DB proxy can be either read/write or read-only. + type: boolean + Tags: + description: An optional set of key-value pairs to associate arbitrary data of your choosing with the DB proxy endpoint. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/TagFormat' + required: + - DBProxyName + - DBProxyEndpointName + - VpcSubnetIds + x-stackql-resource-name: db_proxy_endpoint + x-stackql-primaryIdentifier: + - DBProxyEndpointName + x-create-only-properties: + - DBProxyName + - DBProxyEndpointName + - VpcSubnetIds + x-read-only-properties: + - DBProxyEndpointArn + - Endpoint + - VpcId + - IsDefault + x-required-permissions: + create: + - rds:CreateDBProxyEndpoint + - rds:DescribeDBProxyEndpoints + read: + - rds:DescribeDBProxyEndpoints + - rds:ListTagsForResource + update: + - rds:ModifyDBProxyEndpoint + - rds:AddTagsToResource + - rds:RemoveTagsFromResource + delete: + - rds:DescribeDBProxyEndpoints + - rds:DeleteDBProxyEndpoint + list: + - rds:DescribeDBProxyEndpoints + ConnectionPoolConfigurationInfoFormat: + type: object + properties: + MaxConnectionsPercent: + description: The maximum size of the connection pool for each target in a target group. + type: integer + minimum: 0 + maximum: 100 + MaxIdleConnectionsPercent: + description: Controls how actively the proxy closes idle database connections in the connection pool. + type: integer + minimum: 0 + maximum: 100 + ConnectionBorrowTimeout: + description: The number of seconds for a proxy to wait for a connection to become available in the connection pool. + type: integer + SessionPinningFilters: + description: Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. + type: array + x-insertionOrder: false + items: + type: string + InitQuery: + description: One or more SQL statements for the proxy to run when opening each new database connection. + type: string + additionalProperties: false + DBProxyTargetGroup: + type: object + properties: + DBProxyName: + description: The identifier for the proxy. + type: string + pattern: '[A-z][0-z]*' + maxLength: 64 + TargetGroupArn: + description: The Amazon Resource Name (ARN) representing the target group. + type: string + TargetGroupName: + description: The identifier for the DBProxyTargetGroup + type: string + enum: + - default + ConnectionPoolConfigurationInfo: + $ref: '#/components/schemas/ConnectionPoolConfigurationInfoFormat' + DBInstanceIdentifiers: + type: array + x-insertionOrder: false + items: + type: string + DBClusterIdentifiers: + type: array + x-insertionOrder: false + items: + type: string + required: + - DBProxyName + - TargetGroupName + x-stackql-resource-name: db_proxy_target_group + x-stackql-primaryIdentifier: + - TargetGroupArn + x-create-only-properties: + - DBProxyName + - TargetGroupName + x-read-only-properties: + - TargetGroupArn + x-required-permissions: + create: + - rds:DescribeDBProxies + - rds:DescribeDBProxyTargetGroups + - rds:ModifyDBProxyTargetGroup + - rds:RegisterDBProxyTargets + read: + - rds:DescribeDBProxyTargetGroups + - rds:DescribeDBProxyTargets + update: + - rds:DescribeDBProxyTargetGroups + - rds:ModifyDBProxyTargetGroup + - rds:RegisterDBProxyTargets + - rds:DeregisterDBProxyTargets + delete: + - rds:DeregisterDBProxyTargets + list: + - rds:DescribeDBProxyTargetGroups + DBSubnetGroup: + type: object + properties: + DBSubnetGroupDescription: + type: string + description: The description for the DB subnet group. + DBSubnetGroupName: + type: string + pattern: ^(?!default$)[a-zA-Z]{1}[a-zA-Z0-9-_\.\s]{0,254}$ + description: |- + The name for the DB subnet group. This value is stored as a lowercase string. + Constraints: Must contain no more than 255 lowercase alphanumeric characters or hyphens. Must not be "Default". + Example: ``mysubnetgroup`` + SubnetIds: + type: array + uniqueItems: false + items: + type: string + description: The EC2 Subnet IDs for the DB subnet group. + Tags: + type: array + maxItems: 50 + uniqueItems: false + x-insertionOrder: false + description: An optional array of key-value pairs to apply to this DB subnet group. + items: + $ref: '#/components/schemas/Tag' + required: + - DBSubnetGroupDescription + - SubnetIds + x-stackql-resource-name: db_subnet_group + x-stackql-primaryIdentifier: + - DBSubnetGroupName + x-create-only-properties: + - DBSubnetGroupName + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - rds:CreateDBSubnetGroup + - rds:DescribeDBSubnetGroups + - rds:AddTagsToResource + - rds:RemoveTagsFromResource + - rds:ListTagsForResource + read: + - rds:DescribeDBSubnetGroups + - rds:ListTagsForResource + update: + - rds:ModifyDBSubnetGroup + - rds:DescribeDBSubnetGroups + - rds:AddTagsToResource + - rds:RemoveTagsFromResource + - rds:ListTagsForResource + delete: + - rds:DeleteDBSubnetGroup + - rds:DescribeDBSubnetGroups + - rds:ListTagsForResource + list: + - rds:DescribeDBSubnetGroups + EventSubscription: + type: object + properties: + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + SubscriptionName: + description: The name of the subscription. + type: string + maxLength: 255 + Enabled: + description: A Boolean value; set to true to activate the subscription, set to false to create the subscription but not active it. + type: boolean + default: true + EventCategories: + description: A list of event categories for a SourceType that you want to subscribe to. You can see a list of the categories for a given SourceType in the Events topic in the Amazon RDS User Guide or by using the DescribeEventCategories action. + type: array + uniqueItems: true + items: + type: string + SnsTopicArn: + description: The Amazon Resource Name (ARN) of the SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it. + type: string + SourceIds: + description: The list of identifiers of the event sources for which events will be returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it cannot end with a hyphen or contain two consecutive hyphens. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + SourceType: + description: The type of source that will be generating the events. For example, if you want to be notified of events generated by a DB instance, you would set this parameter to db-instance. if this value is not specified, all events are returned. + type: string + required: + - SnsTopicArn + x-stackql-resource-name: event_subscription + x-stackql-primaryIdentifier: + - SubscriptionName + x-create-only-properties: + - SubscriptionName + - SnsTopicArn + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - rds:CreateEventSubscription + - rds:DescribeEventSubscriptions + - rds:ListTagsForResource + - rds:AddTagsToResource + - rds:RemoveTagsFromResource + read: + - rds:DescribeEventSubscriptions + - rds:ListTagsForResource + update: + - rds:ModifyEventSubscription + - rds:AddSourceIdentifierToSubscription + - rds:RemoveSourceIdentifierFromSubscription + - rds:DescribeEventSubscriptions + - rds:ListTagsForResource + - rds:AddTagsToResource + - rds:RemoveTagsFromResource + delete: + - rds:DeleteEventSubscription + - rds:DescribeEventSubscriptions + list: + - rds:DescribeEventSubscriptions + GlobalCluster: + type: object + properties: + Engine: + description: |- + The name of the database engine to be used for this DB cluster. Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible Aurora). + If you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster. + type: string + enum: + - aurora + - aurora-mysql + - aurora-postgresql + EngineVersion: + description: The version number of the database engine to use. If you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster. + type: string + DeletionProtection: + description: The deletion protection setting for the new global database. The global database can't be deleted when deletion protection is enabled. + type: boolean + GlobalClusterIdentifier: + description: The cluster identifier of the new global database cluster. This parameter is stored as a lowercase string. + type: string + pattern: ^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$ + SourceDBClusterIdentifier: + description: The Amazon Resource Name (ARN) to use as the primary cluster of the global database. This parameter is optional. This parameter is stored as a lowercase string. + type: string + oneOf: + - pattern: ^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$ + - pattern: ^(?=.{40,128}$)arn.* + StorageEncrypted: + description: |2- + The storage encryption setting for the new global database cluster. + If you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster. + type: boolean + x-stackql-resource-name: global_cluster + x-stackql-primaryIdentifier: + - GlobalClusterIdentifier + x-create-only-properties: + - GlobalClusterIdentifier + - SourceDBClusterIdentifier + - StorageEncrypted + - Engine + x-required-permissions: + create: + - rds:CreateGlobalCluster + - rds:DescribeDBClusters + - rds:DescribeGlobalClusters + read: + - rds:DescribeGlobalClusters + update: + - rds:ModifyGlobalCluster + - rds:DescribeGlobalClusters + delete: + - rds:DescribeGlobalClusters + - rds:DeleteGlobalCluster + - rds:RemoveFromGlobalCluster + - rds:DescribeDBClusters + list: + - rds:DescribeGlobalClusters + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + EncryptionContextMap: + type: object + x-patternProperties: + ^[\s\S]*$: + type: string + maxLength: 131072 + minLength: 0 + description: An optional set of non-secret key–value pairs that contains additional contextual information about the data. + additionalProperties: false + Integration: + type: object + properties: + IntegrationName: + description: The name of the integration. + type: string + minLength: 1 + maxLength: 64 + Tags: + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + SourceArn: + type: string + description: The Amazon Resource Name (ARN) of the Aurora DB cluster to use as the source for replication. + TargetArn: + type: string + description: The ARN of the Redshift data warehouse to use as the target for replication. + IntegrationArn: + type: string + description: The ARN of the integration. + KMSKeyId: + type: string + description: An optional AWS Key Management System (AWS KMS) key ARN for the key used to to encrypt the integration. The resource accepts the key ID and the key ARN forms. The key ID form can be used if the KMS key is owned by te same account. If the KMS key belongs to a different account than the calling account, the full key ARN must be specified. Do not use the key alias or the key alias ARN as this will cause a false drift of the resource. + AdditionalEncryptionContext: + $ref: '#/components/schemas/EncryptionContextMap' + CreateTime: + type: string + required: + - SourceArn + - TargetArn + x-stackql-resource-name: integration + x-stackql-primaryIdentifier: + - IntegrationArn + x-create-only-properties: + - SourceArn + - TargetArn + - KMSKeyId + - AdditionalEncryptionContext + - IntegrationName + x-read-only-properties: + - IntegrationArn + - CreateTime + x-required-permissions: + create: + - rds:CreateIntegration + - rds:DescribeIntegrations + - rds:AddTagsToResource + - kms:CreateGrant + - kms:DescribeKey + - redshift:CreateInboundIntegration + read: + - rds:DescribeIntegrations + update: + - rds:DescribeIntegrations + - rds:AddTagsToResource + - rds:RemoveTagsFromResource + delete: + - rds:DeleteIntegration + - rds:DescribeIntegrations + list: + - rds:DescribeIntegrations + OptionConfiguration: + description: The OptionConfiguration property type specifies an individual option, and its settings, within an AWS::RDS::OptionGroup resource. + type: object + properties: + DBSecurityGroupMemberships: + description: A list of DBSecurityGroupMembership name strings used for this option. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + OptionName: + description: The configuration of options to include in a group. + type: string + OptionSettings: + description: The option settings to include in an option group. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/OptionSetting' + OptionVersion: + description: The version for the option. + type: string + Port: + description: The optional port for the option. + type: integer + VpcSecurityGroupMemberships: + description: A list of VpcSecurityGroupMembership name strings used for this option. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + additionalProperties: false + required: + - OptionName + OptionSetting: + description: The OptionSetting property type specifies the value for an option within an OptionSetting property. + type: object + properties: + Name: + description: The name of the option that has settings that you can set. + type: string + Value: + description: The current value of the option setting. + type: string + additionalProperties: false + OptionGroup: + type: object + properties: + OptionGroupName: + description: Specifies the name of the option group. + type: string + OptionGroupDescription: + description: Provides a description of the option group. + type: string + EngineName: + description: Indicates the name of the engine that this option group can be applied to. + type: string + MajorEngineVersion: + description: Indicates the major engine version associated with this option group. + type: string + OptionConfigurations: + description: Indicates what options are available in the option group. + type: array + x-arrayType: AttributeList + x-insertionOrder: false + items: + $ref: '#/components/schemas/OptionConfiguration' + Tags: + type: array + description: An array of key-value pairs to apply to this resource. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - EngineName + - MajorEngineVersion + - OptionGroupDescription + x-stackql-resource-name: option_group + x-stackql-primaryIdentifier: + - OptionGroupName + x-create-only-properties: + - EngineName + - MajorEngineVersion + - OptionGroupDescription + - OptionGroupName + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - rds:AddTagsToResource + - rds:CreateOptionGroup + - rds:DescribeOptionGroups + - rds:ListTagsForResource + - rds:ModifyOptionGroup + - rds:RemoveTagsFromResource + read: + - rds:DescribeOptionGroups + - rds:ListTagsForResource + update: + - rds:AddTagsToResource + - rds:DescribeOptionGroups + - rds:ListTagsForResource + - rds:ModifyOptionGroup + - rds:RemoveTagsFromResource + delete: + - rds:DeleteOptionGroup + - rds:DescribeOptionGroups + - rds:ListTagsForResource + - rds:RemoveTagsFromResource + list: + - rds:DescribeOptionGroups + x-stackQL-resources: + customdb_engine_versions: + name: customdb_engine_versions + id: awscc.rds.customdb_engine_versions + x-cfn-schema-name: CustomDBEngineVersion + x-type: list + x-identifiers: + - Engine + - EngineVersion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::CustomDBEngineVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'EngineVersion') as engine_version + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::CustomDBEngineVersion' + AND region = 'us-east-1' + customdb_engine_version: + name: customdb_engine_version + id: awscc.rds.customdb_engine_version + x-cfn-schema-name: CustomDBEngineVersion + x-type: get + x-identifiers: + - Engine + - EngineVersion + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatabaseInstallationFilesS3BucketName') as database_installation_files_s3_bucket_name, + JSON_EXTRACT(Properties, '$.DatabaseInstallationFilesS3Prefix') as database_installation_files_s3_prefix, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.KMSKeyId') as k_ms_key_id, + JSON_EXTRACT(Properties, '$.Manifest') as manifest, + JSON_EXTRACT(Properties, '$.DBEngineVersionArn') as d_bengine_version_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::CustomDBEngineVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatabaseInstallationFilesS3BucketName') as database_installation_files_s3_bucket_name, + json_extract_path_text(Properties, 'DatabaseInstallationFilesS3Prefix') as database_installation_files_s3_prefix, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'KMSKeyId') as k_ms_key_id, + json_extract_path_text(Properties, 'Manifest') as manifest, + json_extract_path_text(Properties, 'DBEngineVersionArn') as d_bengine_version_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::CustomDBEngineVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + db_clusters: + name: db_clusters + id: awscc.rds.db_clusters + x-cfn-schema-name: DBCluster + x-type: list + x-identifiers: + - DBClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBClusterIdentifier') as d_bcluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBCluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBClusterIdentifier') as d_bcluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBCluster' + AND region = 'us-east-1' + db_cluster: + name: db_cluster + id: awscc.rds.db_cluster + x-cfn-schema-name: DBCluster + x-type: get + x-identifiers: + - DBClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.ReadEndpoint') as read_endpoint, + JSON_EXTRACT(Properties, '$.AllocatedStorage') as allocated_storage, + JSON_EXTRACT(Properties, '$.AssociatedRoles') as associated_roles, + JSON_EXTRACT(Properties, '$.AvailabilityZones') as availability_zones, + JSON_EXTRACT(Properties, '$.AutoMinorVersionUpgrade') as auto_minor_version_upgrade, + JSON_EXTRACT(Properties, '$.BacktrackWindow') as backtrack_window, + JSON_EXTRACT(Properties, '$.BackupRetentionPeriod') as backup_retention_period, + JSON_EXTRACT(Properties, '$.CopyTagsToSnapshot') as copy_tags_to_snapshot, + JSON_EXTRACT(Properties, '$.DatabaseName') as database_name, + JSON_EXTRACT(Properties, '$.DBClusterArn') as d_bcluster_arn, + JSON_EXTRACT(Properties, '$.DBClusterInstanceClass') as d_bcluster_instance_class, + JSON_EXTRACT(Properties, '$.DBClusterResourceId') as d_bcluster_resource_id, + JSON_EXTRACT(Properties, '$.DBInstanceParameterGroupName') as d_binstance_parameter_group_name, + JSON_EXTRACT(Properties, '$.DBSystemId') as d_bsystem_id, + JSON_EXTRACT(Properties, '$.GlobalClusterIdentifier') as global_cluster_identifier, + JSON_EXTRACT(Properties, '$.DBClusterIdentifier') as d_bcluster_identifier, + JSON_EXTRACT(Properties, '$.DBClusterParameterGroupName') as d_bcluster_parameter_group_name, + JSON_EXTRACT(Properties, '$.DBSubnetGroupName') as d_bsubnet_group_name, + JSON_EXTRACT(Properties, '$.DeletionProtection') as deletion_protection, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.DomainIAMRoleName') as domain_ia_mrole_name, + JSON_EXTRACT(Properties, '$.EnableCloudwatchLogsExports') as enable_cloudwatch_logs_exports, + JSON_EXTRACT(Properties, '$.EnableGlobalWriteForwarding') as enable_global_write_forwarding, + JSON_EXTRACT(Properties, '$.EnableHttpEndpoint') as enable_http_endpoint, + JSON_EXTRACT(Properties, '$.EnableIAMDatabaseAuthentication') as enable_ia_mdatabase_authentication, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.EngineMode') as engine_mode, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.ManageMasterUserPassword') as manage_master_user_password, + JSON_EXTRACT(Properties, '$.Iops') as iops, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.MasterUsername') as master_username, + JSON_EXTRACT(Properties, '$.MasterUserPassword') as master_user_password, + JSON_EXTRACT(Properties, '$.MasterUserSecret') as master_user_secret, + JSON_EXTRACT(Properties, '$.MonitoringInterval') as monitoring_interval, + JSON_EXTRACT(Properties, '$.MonitoringRoleArn') as monitoring_role_arn, + JSON_EXTRACT(Properties, '$.NetworkType') as network_type, + JSON_EXTRACT(Properties, '$.PerformanceInsightsEnabled') as performance_insights_enabled, + JSON_EXTRACT(Properties, '$.PerformanceInsightsKmsKeyId') as performance_insights_kms_key_id, + JSON_EXTRACT(Properties, '$.PerformanceInsightsRetentionPeriod') as performance_insights_retention_period, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.PreferredBackupWindow') as preferred_backup_window, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.PubliclyAccessible') as publicly_accessible, + JSON_EXTRACT(Properties, '$.ReplicationSourceIdentifier') as replication_source_identifier, + JSON_EXTRACT(Properties, '$.RestoreToTime') as restore_to_time, + JSON_EXTRACT(Properties, '$.RestoreType') as restore_type, + JSON_EXTRACT(Properties, '$.ServerlessV2ScalingConfiguration') as serverless_v2_scaling_configuration, + JSON_EXTRACT(Properties, '$.ScalingConfiguration') as scaling_configuration, + JSON_EXTRACT(Properties, '$.SnapshotIdentifier') as snapshot_identifier, + JSON_EXTRACT(Properties, '$.SourceDBClusterIdentifier') as source_db_cluster_identifier, + JSON_EXTRACT(Properties, '$.SourceRegion') as source_region, + JSON_EXTRACT(Properties, '$.StorageEncrypted') as storage_encrypted, + JSON_EXTRACT(Properties, '$.StorageType') as storage_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UseLatestRestorableTime') as use_latest_restorable_time, + JSON_EXTRACT(Properties, '$.VpcSecurityGroupIds') as vpc_security_group_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'ReadEndpoint') as read_endpoint, + json_extract_path_text(Properties, 'AllocatedStorage') as allocated_storage, + json_extract_path_text(Properties, 'AssociatedRoles') as associated_roles, + json_extract_path_text(Properties, 'AvailabilityZones') as availability_zones, + json_extract_path_text(Properties, 'AutoMinorVersionUpgrade') as auto_minor_version_upgrade, + json_extract_path_text(Properties, 'BacktrackWindow') as backtrack_window, + json_extract_path_text(Properties, 'BackupRetentionPeriod') as backup_retention_period, + json_extract_path_text(Properties, 'CopyTagsToSnapshot') as copy_tags_to_snapshot, + json_extract_path_text(Properties, 'DatabaseName') as database_name, + json_extract_path_text(Properties, 'DBClusterArn') as d_bcluster_arn, + json_extract_path_text(Properties, 'DBClusterInstanceClass') as d_bcluster_instance_class, + json_extract_path_text(Properties, 'DBClusterResourceId') as d_bcluster_resource_id, + json_extract_path_text(Properties, 'DBInstanceParameterGroupName') as d_binstance_parameter_group_name, + json_extract_path_text(Properties, 'DBSystemId') as d_bsystem_id, + json_extract_path_text(Properties, 'GlobalClusterIdentifier') as global_cluster_identifier, + json_extract_path_text(Properties, 'DBClusterIdentifier') as d_bcluster_identifier, + json_extract_path_text(Properties, 'DBClusterParameterGroupName') as d_bcluster_parameter_group_name, + json_extract_path_text(Properties, 'DBSubnetGroupName') as d_bsubnet_group_name, + json_extract_path_text(Properties, 'DeletionProtection') as deletion_protection, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'DomainIAMRoleName') as domain_ia_mrole_name, + json_extract_path_text(Properties, 'EnableCloudwatchLogsExports') as enable_cloudwatch_logs_exports, + json_extract_path_text(Properties, 'EnableGlobalWriteForwarding') as enable_global_write_forwarding, + json_extract_path_text(Properties, 'EnableHttpEndpoint') as enable_http_endpoint, + json_extract_path_text(Properties, 'EnableIAMDatabaseAuthentication') as enable_ia_mdatabase_authentication, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'EngineMode') as engine_mode, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'ManageMasterUserPassword') as manage_master_user_password, + json_extract_path_text(Properties, 'Iops') as iops, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'MasterUsername') as master_username, + json_extract_path_text(Properties, 'MasterUserPassword') as master_user_password, + json_extract_path_text(Properties, 'MasterUserSecret') as master_user_secret, + json_extract_path_text(Properties, 'MonitoringInterval') as monitoring_interval, + json_extract_path_text(Properties, 'MonitoringRoleArn') as monitoring_role_arn, + json_extract_path_text(Properties, 'NetworkType') as network_type, + json_extract_path_text(Properties, 'PerformanceInsightsEnabled') as performance_insights_enabled, + json_extract_path_text(Properties, 'PerformanceInsightsKmsKeyId') as performance_insights_kms_key_id, + json_extract_path_text(Properties, 'PerformanceInsightsRetentionPeriod') as performance_insights_retention_period, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'PreferredBackupWindow') as preferred_backup_window, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'PubliclyAccessible') as publicly_accessible, + json_extract_path_text(Properties, 'ReplicationSourceIdentifier') as replication_source_identifier, + json_extract_path_text(Properties, 'RestoreToTime') as restore_to_time, + json_extract_path_text(Properties, 'RestoreType') as restore_type, + json_extract_path_text(Properties, 'ServerlessV2ScalingConfiguration') as serverless_v2_scaling_configuration, + json_extract_path_text(Properties, 'ScalingConfiguration') as scaling_configuration, + json_extract_path_text(Properties, 'SnapshotIdentifier') as snapshot_identifier, + json_extract_path_text(Properties, 'SourceDBClusterIdentifier') as source_db_cluster_identifier, + json_extract_path_text(Properties, 'SourceRegion') as source_region, + json_extract_path_text(Properties, 'StorageEncrypted') as storage_encrypted, + json_extract_path_text(Properties, 'StorageType') as storage_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UseLatestRestorableTime') as use_latest_restorable_time, + json_extract_path_text(Properties, 'VpcSecurityGroupIds') as vpc_security_group_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + db_cluster_parameter_groups: + name: db_cluster_parameter_groups + id: awscc.rds.db_cluster_parameter_groups + x-cfn-schema-name: DBClusterParameterGroup + x-type: list + x-identifiers: + - DBClusterParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBClusterParameterGroupName') as d_bcluster_parameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBClusterParameterGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBClusterParameterGroupName') as d_bcluster_parameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBClusterParameterGroup' + AND region = 'us-east-1' + db_cluster_parameter_group: + name: db_cluster_parameter_group + id: awscc.rds.db_cluster_parameter_group + x-cfn-schema-name: DBClusterParameterGroup + x-type: get + x-identifiers: + - DBClusterParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Family') as family, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.DBClusterParameterGroupName') as d_bcluster_parameter_group_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBClusterParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Family') as family, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'DBClusterParameterGroupName') as d_bcluster_parameter_group_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBClusterParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + db_instances: + name: db_instances + id: awscc.rds.db_instances + x-cfn-schema-name: DBInstance + x-type: list + x-identifiers: + - DBInstanceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBInstanceIdentifier') as d_binstance_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBInstance' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBInstanceIdentifier') as d_binstance_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBInstance' + AND region = 'us-east-1' + db_instance: + name: db_instance + id: awscc.rds.db_instance + x-cfn-schema-name: DBInstance + x-type: get + x-identifiers: + - DBInstanceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AllocatedStorage') as allocated_storage, + JSON_EXTRACT(Properties, '$.AllowMajorVersionUpgrade') as allow_major_version_upgrade, + JSON_EXTRACT(Properties, '$.AssociatedRoles') as associated_roles, + JSON_EXTRACT(Properties, '$.AutoMinorVersionUpgrade') as auto_minor_version_upgrade, + JSON_EXTRACT(Properties, '$.AutomaticBackupReplicationRegion') as automatic_backup_replication_region, + JSON_EXTRACT(Properties, '$.AvailabilityZone') as availability_zone, + JSON_EXTRACT(Properties, '$.BackupRetentionPeriod') as backup_retention_period, + JSON_EXTRACT(Properties, '$.CACertificateIdentifier') as c_acertificate_identifier, + JSON_EXTRACT(Properties, '$.CertificateDetails') as certificate_details, + JSON_EXTRACT(Properties, '$.CertificateRotationRestart') as certificate_rotation_restart, + JSON_EXTRACT(Properties, '$.CharacterSetName') as character_set_name, + JSON_EXTRACT(Properties, '$.CopyTagsToSnapshot') as copy_tags_to_snapshot, + JSON_EXTRACT(Properties, '$.CustomIAMInstanceProfile') as custom_ia_minstance_profile, + JSON_EXTRACT(Properties, '$.DBClusterIdentifier') as d_bcluster_identifier, + JSON_EXTRACT(Properties, '$.DBClusterSnapshotIdentifier') as d_bcluster_snapshot_identifier, + JSON_EXTRACT(Properties, '$.DBInstanceArn') as d_binstance_arn, + JSON_EXTRACT(Properties, '$.DBInstanceClass') as d_binstance_class, + JSON_EXTRACT(Properties, '$.DBInstanceIdentifier') as d_binstance_identifier, + JSON_EXTRACT(Properties, '$.DbiResourceId') as dbi_resource_id, + JSON_EXTRACT(Properties, '$.DBName') as d_bname, + JSON_EXTRACT(Properties, '$.DBParameterGroupName') as d_bparameter_group_name, + JSON_EXTRACT(Properties, '$.DBSecurityGroups') as d_bsecurity_groups, + JSON_EXTRACT(Properties, '$.DBSnapshotIdentifier') as d_bsnapshot_identifier, + JSON_EXTRACT(Properties, '$.DBSubnetGroupName') as d_bsubnet_group_name, + JSON_EXTRACT(Properties, '$.DBSystemId') as d_bsystem_id, + JSON_EXTRACT(Properties, '$.DedicatedLogVolume') as dedicated_log_volume, + JSON_EXTRACT(Properties, '$.DeleteAutomatedBackups') as delete_automated_backups, + JSON_EXTRACT(Properties, '$.DeletionProtection') as deletion_protection, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.DomainAuthSecretArn') as domain_auth_secret_arn, + JSON_EXTRACT(Properties, '$.DomainDnsIps') as domain_dns_ips, + JSON_EXTRACT(Properties, '$.DomainFqdn') as domain_fqdn, + JSON_EXTRACT(Properties, '$.DomainIAMRoleName') as domain_ia_mrole_name, + JSON_EXTRACT(Properties, '$.DomainOu') as domain_ou, + JSON_EXTRACT(Properties, '$.EnableCloudwatchLogsExports') as enable_cloudwatch_logs_exports, + JSON_EXTRACT(Properties, '$.EnableIAMDatabaseAuthentication') as enable_ia_mdatabase_authentication, + JSON_EXTRACT(Properties, '$.EnablePerformanceInsights') as enable_performance_insights, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.ManageMasterUserPassword') as manage_master_user_password, + JSON_EXTRACT(Properties, '$.Iops') as iops, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.LicenseModel') as license_model, + JSON_EXTRACT(Properties, '$.MasterUsername') as master_username, + JSON_EXTRACT(Properties, '$.MasterUserPassword') as master_user_password, + JSON_EXTRACT(Properties, '$.MasterUserSecret') as master_user_secret, + JSON_EXTRACT(Properties, '$.MaxAllocatedStorage') as max_allocated_storage, + JSON_EXTRACT(Properties, '$.MonitoringInterval') as monitoring_interval, + JSON_EXTRACT(Properties, '$.MonitoringRoleArn') as monitoring_role_arn, + JSON_EXTRACT(Properties, '$.MultiAZ') as multi_az, + JSON_EXTRACT(Properties, '$.NcharCharacterSetName') as nchar_character_set_name, + JSON_EXTRACT(Properties, '$.NetworkType') as network_type, + JSON_EXTRACT(Properties, '$.OptionGroupName') as option_group_name, + JSON_EXTRACT(Properties, '$.PerformanceInsightsKMSKeyId') as performance_insights_km_skey_id, + JSON_EXTRACT(Properties, '$.PerformanceInsightsRetentionPeriod') as performance_insights_retention_period, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.PreferredBackupWindow') as preferred_backup_window, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.ProcessorFeatures') as processor_features, + JSON_EXTRACT(Properties, '$.PromotionTier') as promotion_tier, + JSON_EXTRACT(Properties, '$.PubliclyAccessible') as publicly_accessible, + JSON_EXTRACT(Properties, '$.ReplicaMode') as replica_mode, + JSON_EXTRACT(Properties, '$.RestoreTime') as restore_time, + JSON_EXTRACT(Properties, '$.SourceDBClusterIdentifier') as source_db_cluster_identifier, + JSON_EXTRACT(Properties, '$.SourceDbiResourceId') as source_dbi_resource_id, + JSON_EXTRACT(Properties, '$.SourceDBInstanceAutomatedBackupsArn') as source_db_instance_automated_backups_arn, + JSON_EXTRACT(Properties, '$.SourceDBInstanceIdentifier') as source_db_instance_identifier, + JSON_EXTRACT(Properties, '$.SourceRegion') as source_region, + JSON_EXTRACT(Properties, '$.StorageEncrypted') as storage_encrypted, + JSON_EXTRACT(Properties, '$.StorageType') as storage_type, + JSON_EXTRACT(Properties, '$.StorageThroughput') as storage_throughput, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TdeCredentialArn') as tde_credential_arn, + JSON_EXTRACT(Properties, '$.TdeCredentialPassword') as tde_credential_password, + JSON_EXTRACT(Properties, '$.Timezone') as timezone, + JSON_EXTRACT(Properties, '$.UseDefaultProcessorFeatures') as use_default_processor_features, + JSON_EXTRACT(Properties, '$.UseLatestRestorableTime') as use_latest_restorable_time, + JSON_EXTRACT(Properties, '$.VPCSecurityGroups') as v_pc_security_groups + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBInstance' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AllocatedStorage') as allocated_storage, + json_extract_path_text(Properties, 'AllowMajorVersionUpgrade') as allow_major_version_upgrade, + json_extract_path_text(Properties, 'AssociatedRoles') as associated_roles, + json_extract_path_text(Properties, 'AutoMinorVersionUpgrade') as auto_minor_version_upgrade, + json_extract_path_text(Properties, 'AutomaticBackupReplicationRegion') as automatic_backup_replication_region, + json_extract_path_text(Properties, 'AvailabilityZone') as availability_zone, + json_extract_path_text(Properties, 'BackupRetentionPeriod') as backup_retention_period, + json_extract_path_text(Properties, 'CACertificateIdentifier') as c_acertificate_identifier, + json_extract_path_text(Properties, 'CertificateDetails') as certificate_details, + json_extract_path_text(Properties, 'CertificateRotationRestart') as certificate_rotation_restart, + json_extract_path_text(Properties, 'CharacterSetName') as character_set_name, + json_extract_path_text(Properties, 'CopyTagsToSnapshot') as copy_tags_to_snapshot, + json_extract_path_text(Properties, 'CustomIAMInstanceProfile') as custom_ia_minstance_profile, + json_extract_path_text(Properties, 'DBClusterIdentifier') as d_bcluster_identifier, + json_extract_path_text(Properties, 'DBClusterSnapshotIdentifier') as d_bcluster_snapshot_identifier, + json_extract_path_text(Properties, 'DBInstanceArn') as d_binstance_arn, + json_extract_path_text(Properties, 'DBInstanceClass') as d_binstance_class, + json_extract_path_text(Properties, 'DBInstanceIdentifier') as d_binstance_identifier, + json_extract_path_text(Properties, 'DbiResourceId') as dbi_resource_id, + json_extract_path_text(Properties, 'DBName') as d_bname, + json_extract_path_text(Properties, 'DBParameterGroupName') as d_bparameter_group_name, + json_extract_path_text(Properties, 'DBSecurityGroups') as d_bsecurity_groups, + json_extract_path_text(Properties, 'DBSnapshotIdentifier') as d_bsnapshot_identifier, + json_extract_path_text(Properties, 'DBSubnetGroupName') as d_bsubnet_group_name, + json_extract_path_text(Properties, 'DBSystemId') as d_bsystem_id, + json_extract_path_text(Properties, 'DedicatedLogVolume') as dedicated_log_volume, + json_extract_path_text(Properties, 'DeleteAutomatedBackups') as delete_automated_backups, + json_extract_path_text(Properties, 'DeletionProtection') as deletion_protection, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'DomainAuthSecretArn') as domain_auth_secret_arn, + json_extract_path_text(Properties, 'DomainDnsIps') as domain_dns_ips, + json_extract_path_text(Properties, 'DomainFqdn') as domain_fqdn, + json_extract_path_text(Properties, 'DomainIAMRoleName') as domain_ia_mrole_name, + json_extract_path_text(Properties, 'DomainOu') as domain_ou, + json_extract_path_text(Properties, 'EnableCloudwatchLogsExports') as enable_cloudwatch_logs_exports, + json_extract_path_text(Properties, 'EnableIAMDatabaseAuthentication') as enable_ia_mdatabase_authentication, + json_extract_path_text(Properties, 'EnablePerformanceInsights') as enable_performance_insights, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'ManageMasterUserPassword') as manage_master_user_password, + json_extract_path_text(Properties, 'Iops') as iops, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'LicenseModel') as license_model, + json_extract_path_text(Properties, 'MasterUsername') as master_username, + json_extract_path_text(Properties, 'MasterUserPassword') as master_user_password, + json_extract_path_text(Properties, 'MasterUserSecret') as master_user_secret, + json_extract_path_text(Properties, 'MaxAllocatedStorage') as max_allocated_storage, + json_extract_path_text(Properties, 'MonitoringInterval') as monitoring_interval, + json_extract_path_text(Properties, 'MonitoringRoleArn') as monitoring_role_arn, + json_extract_path_text(Properties, 'MultiAZ') as multi_az, + json_extract_path_text(Properties, 'NcharCharacterSetName') as nchar_character_set_name, + json_extract_path_text(Properties, 'NetworkType') as network_type, + json_extract_path_text(Properties, 'OptionGroupName') as option_group_name, + json_extract_path_text(Properties, 'PerformanceInsightsKMSKeyId') as performance_insights_km_skey_id, + json_extract_path_text(Properties, 'PerformanceInsightsRetentionPeriod') as performance_insights_retention_period, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'PreferredBackupWindow') as preferred_backup_window, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'ProcessorFeatures') as processor_features, + json_extract_path_text(Properties, 'PromotionTier') as promotion_tier, + json_extract_path_text(Properties, 'PubliclyAccessible') as publicly_accessible, + json_extract_path_text(Properties, 'ReplicaMode') as replica_mode, + json_extract_path_text(Properties, 'RestoreTime') as restore_time, + json_extract_path_text(Properties, 'SourceDBClusterIdentifier') as source_db_cluster_identifier, + json_extract_path_text(Properties, 'SourceDbiResourceId') as source_dbi_resource_id, + json_extract_path_text(Properties, 'SourceDBInstanceAutomatedBackupsArn') as source_db_instance_automated_backups_arn, + json_extract_path_text(Properties, 'SourceDBInstanceIdentifier') as source_db_instance_identifier, + json_extract_path_text(Properties, 'SourceRegion') as source_region, + json_extract_path_text(Properties, 'StorageEncrypted') as storage_encrypted, + json_extract_path_text(Properties, 'StorageType') as storage_type, + json_extract_path_text(Properties, 'StorageThroughput') as storage_throughput, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TdeCredentialArn') as tde_credential_arn, + json_extract_path_text(Properties, 'TdeCredentialPassword') as tde_credential_password, + json_extract_path_text(Properties, 'Timezone') as timezone, + json_extract_path_text(Properties, 'UseDefaultProcessorFeatures') as use_default_processor_features, + json_extract_path_text(Properties, 'UseLatestRestorableTime') as use_latest_restorable_time, + json_extract_path_text(Properties, 'VPCSecurityGroups') as v_pc_security_groups + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBInstance' + AND data__Identifier = '' + AND region = 'us-east-1' + db_parameter_groups: + name: db_parameter_groups + id: awscc.rds.db_parameter_groups + x-cfn-schema-name: DBParameterGroup + x-type: list + x-identifiers: + - DBParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBParameterGroupName') as d_bparameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBParameterGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBParameterGroupName') as d_bparameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBParameterGroup' + AND region = 'us-east-1' + db_parameter_group: + name: db_parameter_group + id: awscc.rds.db_parameter_group + x-cfn-schema-name: DBParameterGroup + x-type: get + x-identifiers: + - DBParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBParameterGroupName') as d_bparameter_group_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Family') as family, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBParameterGroupName') as d_bparameter_group_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Family') as family, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + db_proxies: + name: db_proxies + id: awscc.rds.db_proxies + x-cfn-schema-name: DBProxy + x-type: list + x-identifiers: + - DBProxyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBProxyName') as d_bproxy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBProxy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBProxyName') as d_bproxy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBProxy' + AND region = 'us-east-1' + db_proxy: + name: db_proxy + id: awscc.rds.db_proxy + x-cfn-schema-name: DBProxy + x-type: get + x-identifiers: + - DBProxyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Auth') as auth, + JSON_EXTRACT(Properties, '$.DBProxyArn') as d_bproxy_arn, + JSON_EXTRACT(Properties, '$.DBProxyName') as d_bproxy_name, + JSON_EXTRACT(Properties, '$.DebugLogging') as debug_logging, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.EngineFamily') as engine_family, + JSON_EXTRACT(Properties, '$.IdleClientTimeout') as idle_client_timeout, + JSON_EXTRACT(Properties, '$.RequireTLS') as require_tl_s, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.VpcSecurityGroupIds') as vpc_security_group_ids, + JSON_EXTRACT(Properties, '$.VpcSubnetIds') as vpc_subnet_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBProxy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Auth') as auth, + json_extract_path_text(Properties, 'DBProxyArn') as d_bproxy_arn, + json_extract_path_text(Properties, 'DBProxyName') as d_bproxy_name, + json_extract_path_text(Properties, 'DebugLogging') as debug_logging, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'EngineFamily') as engine_family, + json_extract_path_text(Properties, 'IdleClientTimeout') as idle_client_timeout, + json_extract_path_text(Properties, 'RequireTLS') as require_tl_s, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'VpcSecurityGroupIds') as vpc_security_group_ids, + json_extract_path_text(Properties, 'VpcSubnetIds') as vpc_subnet_ids + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBProxy' + AND data__Identifier = '' + AND region = 'us-east-1' + db_proxy_endpoints: + name: db_proxy_endpoints + id: awscc.rds.db_proxy_endpoints + x-cfn-schema-name: DBProxyEndpoint + x-type: list + x-identifiers: + - DBProxyEndpointName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBProxyEndpointName') as d_bproxy_endpoint_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBProxyEndpoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBProxyEndpointName') as d_bproxy_endpoint_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBProxyEndpoint' + AND region = 'us-east-1' + db_proxy_endpoint: + name: db_proxy_endpoint + id: awscc.rds.db_proxy_endpoint + x-cfn-schema-name: DBProxyEndpoint + x-type: get + x-identifiers: + - DBProxyEndpointName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBProxyEndpointName') as d_bproxy_endpoint_name, + JSON_EXTRACT(Properties, '$.DBProxyEndpointArn') as d_bproxy_endpoint_arn, + JSON_EXTRACT(Properties, '$.DBProxyName') as d_bproxy_name, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.VpcSecurityGroupIds') as vpc_security_group_ids, + JSON_EXTRACT(Properties, '$.VpcSubnetIds') as vpc_subnet_ids, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.TargetRole') as target_role, + JSON_EXTRACT(Properties, '$.IsDefault') as is_default, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBProxyEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBProxyEndpointName') as d_bproxy_endpoint_name, + json_extract_path_text(Properties, 'DBProxyEndpointArn') as d_bproxy_endpoint_arn, + json_extract_path_text(Properties, 'DBProxyName') as d_bproxy_name, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'VpcSecurityGroupIds') as vpc_security_group_ids, + json_extract_path_text(Properties, 'VpcSubnetIds') as vpc_subnet_ids, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'TargetRole') as target_role, + json_extract_path_text(Properties, 'IsDefault') as is_default, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBProxyEndpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + db_proxy_target_groups: + name: db_proxy_target_groups + id: awscc.rds.db_proxy_target_groups + x-cfn-schema-name: DBProxyTargetGroup + x-type: list + x-identifiers: + - TargetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TargetGroupArn') as target_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBProxyTargetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TargetGroupArn') as target_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBProxyTargetGroup' + AND region = 'us-east-1' + db_proxy_target_group: + name: db_proxy_target_group + id: awscc.rds.db_proxy_target_group + x-cfn-schema-name: DBProxyTargetGroup + x-type: get + x-identifiers: + - TargetGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBProxyName') as d_bproxy_name, + JSON_EXTRACT(Properties, '$.TargetGroupArn') as target_group_arn, + JSON_EXTRACT(Properties, '$.TargetGroupName') as target_group_name, + JSON_EXTRACT(Properties, '$.ConnectionPoolConfigurationInfo') as connection_pool_configuration_info, + JSON_EXTRACT(Properties, '$.DBInstanceIdentifiers') as d_binstance_identifiers, + JSON_EXTRACT(Properties, '$.DBClusterIdentifiers') as d_bcluster_identifiers + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBProxyTargetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBProxyName') as d_bproxy_name, + json_extract_path_text(Properties, 'TargetGroupArn') as target_group_arn, + json_extract_path_text(Properties, 'TargetGroupName') as target_group_name, + json_extract_path_text(Properties, 'ConnectionPoolConfigurationInfo') as connection_pool_configuration_info, + json_extract_path_text(Properties, 'DBInstanceIdentifiers') as d_binstance_identifiers, + json_extract_path_text(Properties, 'DBClusterIdentifiers') as d_bcluster_identifiers + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBProxyTargetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + db_subnet_groups: + name: db_subnet_groups + id: awscc.rds.db_subnet_groups + x-cfn-schema-name: DBSubnetGroup + x-type: list + x-identifiers: + - DBSubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBSubnetGroupName') as d_bsubnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBSubnetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBSubnetGroupName') as d_bsubnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::DBSubnetGroup' + AND region = 'us-east-1' + db_subnet_group: + name: db_subnet_group + id: awscc.rds.db_subnet_group + x-cfn-schema-name: DBSubnetGroup + x-type: get + x-identifiers: + - DBSubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DBSubnetGroupDescription') as d_bsubnet_group_description, + JSON_EXTRACT(Properties, '$.DBSubnetGroupName') as d_bsubnet_group_name, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBSubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DBSubnetGroupDescription') as d_bsubnet_group_description, + json_extract_path_text(Properties, 'DBSubnetGroupName') as d_bsubnet_group_name, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::DBSubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + event_subscriptions: + name: event_subscriptions + id: awscc.rds.event_subscriptions + x-cfn-schema-name: EventSubscription + x-type: list + x-identifiers: + - SubscriptionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SubscriptionName') as subscription_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::EventSubscription' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SubscriptionName') as subscription_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::EventSubscription' + AND region = 'us-east-1' + event_subscription: + name: event_subscription + id: awscc.rds.event_subscription + x-cfn-schema-name: EventSubscription + x-type: get + x-identifiers: + - SubscriptionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.SubscriptionName') as subscription_name, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.EventCategories') as event_categories, + JSON_EXTRACT(Properties, '$.SnsTopicArn') as sns_topic_arn, + JSON_EXTRACT(Properties, '$.SourceIds') as source_ids, + JSON_EXTRACT(Properties, '$.SourceType') as source_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::EventSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'SubscriptionName') as subscription_name, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'EventCategories') as event_categories, + json_extract_path_text(Properties, 'SnsTopicArn') as sns_topic_arn, + json_extract_path_text(Properties, 'SourceIds') as source_ids, + json_extract_path_text(Properties, 'SourceType') as source_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::EventSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + global_clusters: + name: global_clusters + id: awscc.rds.global_clusters + x-cfn-schema-name: GlobalCluster + x-type: list + x-identifiers: + - GlobalClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GlobalClusterIdentifier') as global_cluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::GlobalCluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GlobalClusterIdentifier') as global_cluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::GlobalCluster' + AND region = 'us-east-1' + global_cluster: + name: global_cluster + id: awscc.rds.global_cluster + x-cfn-schema-name: GlobalCluster + x-type: get + x-identifiers: + - GlobalClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Engine') as engine, + JSON_EXTRACT(Properties, '$.EngineVersion') as engine_version, + JSON_EXTRACT(Properties, '$.DeletionProtection') as deletion_protection, + JSON_EXTRACT(Properties, '$.GlobalClusterIdentifier') as global_cluster_identifier, + JSON_EXTRACT(Properties, '$.SourceDBClusterIdentifier') as source_db_cluster_identifier, + JSON_EXTRACT(Properties, '$.StorageEncrypted') as storage_encrypted + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::GlobalCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Engine') as engine, + json_extract_path_text(Properties, 'EngineVersion') as engine_version, + json_extract_path_text(Properties, 'DeletionProtection') as deletion_protection, + json_extract_path_text(Properties, 'GlobalClusterIdentifier') as global_cluster_identifier, + json_extract_path_text(Properties, 'SourceDBClusterIdentifier') as source_db_cluster_identifier, + json_extract_path_text(Properties, 'StorageEncrypted') as storage_encrypted + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::GlobalCluster' + AND data__Identifier = '' + AND region = 'us-east-1' + integrations: + name: integrations + id: awscc.rds.integrations + x-cfn-schema-name: Integration + x-type: list + x-identifiers: + - IntegrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IntegrationArn') as integration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::Integration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IntegrationArn') as integration_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::Integration' + AND region = 'us-east-1' + integration: + name: integration + id: awscc.rds.integration + x-cfn-schema-name: Integration + x-type: get + x-identifiers: + - IntegrationArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IntegrationName') as integration_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.SourceArn') as source_arn, + JSON_EXTRACT(Properties, '$.TargetArn') as target_arn, + JSON_EXTRACT(Properties, '$.IntegrationArn') as integration_arn, + JSON_EXTRACT(Properties, '$.KMSKeyId') as k_ms_key_id, + JSON_EXTRACT(Properties, '$.AdditionalEncryptionContext') as additional_encryption_context, + JSON_EXTRACT(Properties, '$.CreateTime') as create_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::Integration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IntegrationName') as integration_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'SourceArn') as source_arn, + json_extract_path_text(Properties, 'TargetArn') as target_arn, + json_extract_path_text(Properties, 'IntegrationArn') as integration_arn, + json_extract_path_text(Properties, 'KMSKeyId') as k_ms_key_id, + json_extract_path_text(Properties, 'AdditionalEncryptionContext') as additional_encryption_context, + json_extract_path_text(Properties, 'CreateTime') as create_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::Integration' + AND data__Identifier = '' + AND region = 'us-east-1' + option_groups: + name: option_groups + id: awscc.rds.option_groups + x-cfn-schema-name: OptionGroup + x-type: list + x-identifiers: + - OptionGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OptionGroupName') as option_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::OptionGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OptionGroupName') as option_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RDS::OptionGroup' + AND region = 'us-east-1' + option_group: + name: option_group + id: awscc.rds.option_group + x-cfn-schema-name: OptionGroup + x-type: get + x-identifiers: + - OptionGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OptionGroupName') as option_group_name, + JSON_EXTRACT(Properties, '$.OptionGroupDescription') as option_group_description, + JSON_EXTRACT(Properties, '$.EngineName') as engine_name, + JSON_EXTRACT(Properties, '$.MajorEngineVersion') as major_engine_version, + JSON_EXTRACT(Properties, '$.OptionConfigurations') as option_configurations, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::OptionGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OptionGroupName') as option_group_name, + json_extract_path_text(Properties, 'OptionGroupDescription') as option_group_description, + json_extract_path_text(Properties, 'EngineName') as engine_name, + json_extract_path_text(Properties, 'MajorEngineVersion') as major_engine_version, + json_extract_path_text(Properties, 'OptionConfigurations') as option_configurations, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RDS::OptionGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/redshift.yaml b/providers/src/awscc/v00.00.00000/services/redshift.yaml new file mode 100644 index 00000000..cee07934 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/redshift.yaml @@ -0,0 +1,1622 @@ +openapi: 3.0.0 +info: + title: Redshift + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + LoggingProperties: + type: object + additionalProperties: false + properties: + BucketName: + type: string + S3KeyPrefix: + type: string + Endpoint: + type: object + additionalProperties: false + properties: + Port: + type: string + Address: + type: string + Cluster: + type: object + properties: + ClusterIdentifier: + description: A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. All alphabetical characters must be lower case, no hypens at the end, no two consecutive hyphens. Cluster name should be unique for all clusters within an AWS account + type: string + maxLength: 63 + ClusterNamespaceArn: + description: The Amazon Resource Name (ARN) of the cluster namespace. + type: string + MasterUsername: + description: The user name associated with the master user account for the cluster that is being created. The user name can't be PUBLIC and first character must be a letter. + type: string + maxLength: 128 + MasterUserPassword: + description: The password associated with the master user account for the cluster that is being created. You can't use MasterUserPassword if ManageMasterPassword is true. Password must be between 8 and 64 characters in length, should have at least one uppercase letter.Must contain at least one lowercase letter.Must contain one number.Can be any printable ASCII character. + type: string + maxLength: 64 + NodeType: + description: 'The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge' + type: string + AllowVersionUpgrade: + description: Major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default value is True + type: boolean + AutomatedSnapshotRetentionPeriod: + description: The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Default value is 1 + type: integer + AvailabilityZone: + description: 'The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. Default: A random, system-chosen Availability Zone in the region that is specified by the endpoint' + type: string + ClusterParameterGroupName: + description: The name of the parameter group to be associated with this cluster. + type: string + maxLength: 255 + ClusterType: + description: The type of the cluster. When cluster type is specified as single-node, the NumberOfNodes parameter is not required and if multi-node, the NumberOfNodes parameter is required + type: string + ClusterVersion: + description: The version of the Amazon Redshift engine software that you want to deploy on the cluster.The version selected runs on all the nodes in the cluster. + type: string + ClusterSubnetGroupName: + description: The name of a cluster subnet group to be associated with this cluster. + type: string + DBName: + description: The name of the first database to be created when the cluster is created. To create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. + type: string + ElasticIp: + description: The Elastic IP (EIP) address for the cluster. + type: string + Encrypted: + description: If true, the data in the cluster is encrypted at rest. + type: boolean + HsmClientCertificateIdentifier: + description: Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM + type: string + HsmConfigurationIdentifier: + description: Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM. + type: string + KmsKeyId: + description: The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster. + type: string + NumberOfNodes: + description: The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node. + type: integer + Port: + description: The port number on which the cluster accepts incoming connections. The cluster is accessible only via the JDBC and ODBC connection strings + type: integer + PreferredMaintenanceWindow: + description: The weekly time range (in UTC) during which automated cluster maintenance can occur. + type: string + PubliclyAccessible: + description: If true, the cluster can be accessed from a public network. + type: boolean + ClusterSecurityGroups: + description: A list of security groups to be associated with this cluster. + type: array + x-insertionOrder: false + uniqueItems: false + items: + type: string + IamRoles: + description: A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. You can supply up to 50 IAM roles in a single request + type: array + x-insertionOrder: false + maxItems: 50 + items: + type: string + Tags: + description: The list of tags for the cluster parameter group. + type: array + x-insertionOrder: false + maxItems: 50 + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + VpcSecurityGroupIds: + description: A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster. + type: array + x-insertionOrder: false + uniqueItems: false + items: + type: string + SnapshotClusterIdentifier: + description: The name of the cluster the source snapshot was created from. This parameter is required if your IAM user has a policy containing a snapshot resource element that specifies anything other than * for the cluster name. + type: string + SnapshotIdentifier: + description: The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. + type: string + OwnerAccount: + type: string + LoggingProperties: + $ref: '#/components/schemas/LoggingProperties' + Endpoint: + $ref: '#/components/schemas/Endpoint' + DestinationRegion: + description: 'The destination AWS Region that you want to copy snapshots to. Constraints: Must be the name of a valid AWS Region. For more information, see Regions and Endpoints in the Amazon Web Services [https://docs.aws.amazon.com/general/latest/gr/rande.html#redshift_region] General Reference' + type: string + SnapshotCopyRetentionPeriod: + description: |- + The number of days to retain automated snapshots in the destination region after they are copied from the source region. + + Default is 7. + + Constraints: Must be at least 1 and no more than 35. + type: integer + SnapshotCopyGrantName: + description: The name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region. + type: string + ManualSnapshotRetentionPeriod: + description: |- + The number of days to retain newly copied snapshots in the destination AWS Region after they are copied from the source AWS Region. If the value is -1, the manual snapshot is retained indefinitely. + + The value must be either -1 or an integer between 1 and 3,653. + type: integer + SnapshotCopyManual: + description: Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots. + type: boolean + AvailabilityZoneRelocation: + description: The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster modification is complete. + type: boolean + AvailabilityZoneRelocationStatus: + description: The availability zone relocation status of the cluster + type: string + AquaConfigurationStatus: + description: | + The value represents how the cluster is configured to use AQUA (Advanced Query Accelerator) after the cluster is restored. Possible values include the following. + + enabled - Use AQUA if it is available for the current Region and Amazon Redshift node type. + disabled - Don't use AQUA. + auto - Amazon Redshift determines whether to use AQUA. + type: string + Classic: + description: A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to false , the resize type is elastic. + type: boolean + EnhancedVpcRouting: + description: |- + An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see Enhanced VPC Routing in the Amazon Redshift Cluster Management Guide. + + If this option is true , enhanced VPC routing is enabled. + + Default: false + type: boolean + MaintenanceTrackName: + description: The name for the maintenance track that you want to assign for the cluster. This name change is asynchronous. The new track name stays in the PendingModifiedValues for the cluster until the next maintenance window. When the maintenance track changes, the cluster is switched to the latest cluster release available for the maintenance track. At this point, the maintenance track name is applied. + type: string + DeferMaintenance: + description: A boolean indicating whether to enable the deferred maintenance window. + type: boolean + DeferMaintenanceIdentifier: + description: A unique identifier for the deferred maintenance window. + type: string + DeferMaintenanceStartTime: + description: A timestamp indicating the start time for the deferred maintenance window. + type: string + DeferMaintenanceEndTime: + description: A timestamp indicating end time for the deferred maintenance window. If you specify an end time, you can't specify a duration. + type: string + DeferMaintenanceDuration: + description: An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less. + type: integer + RevisionTarget: + description: The identifier of the database revision. You can retrieve this value from the response to the DescribeClusterDbRevisions request. + type: string + ResourceAction: + description: The Redshift operation to be performed. Resource Action supports pause-cluster, resume-cluster, failover-primary-compute APIs + type: string + RotateEncryptionKey: + description: A boolean indicating if we want to rotate Encryption Keys. + type: boolean + MultiAZ: + description: A boolean indicating if the redshift cluster is multi-az or not. If you don't provide this parameter or set the value to false, the redshift cluster will be single-az. + type: boolean + NamespaceResourcePolicy: + description: The namespace resource policy document that will be attached to a Redshift cluster. + type: object + ManageMasterPassword: + description: A boolean indicating if the redshift cluster's admin user credentials is managed by Redshift or not. You can't use MasterUserPassword if ManageMasterPassword is true. If ManageMasterPassword is false or not set, Amazon Redshift uses MasterUserPassword for the admin user account's password. + type: boolean + MasterPasswordSecretKmsKeyId: + description: The ID of the Key Management Service (KMS) key used to encrypt and store the cluster's admin user credentials secret. + type: string + MasterPasswordSecretArn: + description: The Amazon Resource Name (ARN) for the cluster's admin user credentials secret. + type: string + required: + - NodeType + - MasterUsername + - DBName + - ClusterType + x-stackql-resource-name: cluster + x-stackql-primaryIdentifier: + - ClusterIdentifier + x-create-only-properties: + - ClusterIdentifier + - OwnerAccount + - SnapshotIdentifier + - DBName + - SnapshotClusterIdentifier + - ClusterSubnetGroupName + - MasterUsername + x-read-only-properties: + - DeferMaintenanceIdentifier + - Endpoint/Port + - Endpoint/Address + - ClusterNamespaceArn + - MasterPasswordSecretArn + x-required-permissions: + create: + - iam:PassRole + - iam:CreateServiceLinkedRole + - redshift:DescribeClusters + - redshift:CreateCluster + - redshift:RestoreFromClusterSnapshot + - redshift:EnableLogging + - redshift:DescribeLoggingStatus + - redshift:CreateTags + - redshift:DescribeTags + - redshift:GetResourcePolicy + - redshift:PutResourcePolicy + - redshift:ModifyClusterMaintenance + - ec2:DescribeVpcs + - ec2:DescribeSubnets + - ec2:DescribeNetworkInterfaces + - ec2:DescribeAddresses + - ec2:AssociateAddress + - ec2:CreateNetworkInterface + - ec2:ModifyNetworkInterfaceAttribute + - ec2:CreateVpcEndpoint + - ec2:DescribeVpcEndpoints + - ec2:ModifyVpcEndpoint + - ec2:AllocateAddress + - ec2:CreateSecurityGroup + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroupRules + - ec2:DescribeAvailabilityZones + - ec2:DescribeNetworkAcls + - ec2:DescribeRouteTables + - cloudwatch:PutMetricData + read: + - redshift:DescribeClusters + - redshift:DescribeLoggingStatus + - redshift:DescribeSnapshotCopyGrant + - redshift:DescribeClusterDbRevisions + - redshift:DescribeTags + - redshift:GetResourcePolicy + update: + - iam:PassRole + - redshift:DescribeClusters + - redshift:ModifyCluster + - redshift:ModifyClusterIamRoles + - redshift:EnableLogging + - redshift:CreateTags + - redshift:DeleteTags + - redshift:DescribeTags + - redshift:DisableLogging + - redshift:DescribeLoggingStatus + - redshift:RebootCluster + - redshift:EnableSnapshotCopy + - redshift:DisableSnapshotCopy + - redshift:ModifySnapshotCopyRetentionPeriod + - redshift:ModifyAquaConfiguration + - redshift:ResizeCluster + - redshift:ModifyClusterMaintenance + - redshift:DescribeClusterDbRevisions + - redshift:ModifyClusterDbRevisions + - redshift:PauseCluster + - redshift:ResumeCluster + - redshift:RotateEncryptionKey + - redshift:FailoverPrimaryCompute + - redshift:PutResourcePolicy + - redshift:GetResourcePolicy + - redshift:DeleteResourcePolicy + - cloudwatch:PutMetricData + delete: + - redshift:DescribeTags + - redshift:DescribeClusters + - redshift:DeleteCluster + list: + - redshift:DescribeTags + - redshift:DescribeClusters + Parameter: + type: object + additionalProperties: false + properties: + ParameterName: + type: string + description: The name of the parameter. + ParameterValue: + type: string + description: The value of the parameter. If `ParameterName` is `wlm_json_configuration`, then the maximum size of `ParameterValue` is 8000 characters. + required: + - ParameterValue + - ParameterName + ClusterParameterGroup: + type: object + properties: + ParameterGroupName: + type: string + description: The name of the cluster parameter group. + maxLength: 255 + Description: + type: string + description: A description of the parameter group. + ParameterGroupFamily: + type: string + description: The Amazon Redshift engine version to which the cluster parameter group applies. The cluster engine version determines the set of parameters. + Parameters: + type: array + description: An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Parameter' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - Description + - ParameterGroupFamily + x-stackql-resource-name: cluster_parameter_group + x-stackql-primaryIdentifier: + - ParameterGroupName + x-create-only-properties: + - ParameterGroupName + - ParameterGroupFamily + - Description + x-required-permissions: + create: + - redshift:CreateClusterParameterGroup + - redshift:ModifyClusterParameterGroup + - redshift:DescribeClusterParameterGroups + - redshift:DescribeClusterParameters + - redshift:DescribeTags + - redshift:CreateTags + - ec2:AllocateAddress + - ec2:AssociateAddress + - ec2:AttachNetworkInterface + - ec2:DescribeAccountAttributes + - ec2:DescribeAddresses + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + read: + - redshift:DescribeClusterParameterGroups + - initech:DescribeReport + - redshift:DescribeClusterParameters + - redshift:DescribeTags + update: + - redshift:DescribeClusterParameterGroups + - redshift:ResetClusterParameterGroup + - redshift:ModifyClusterParameterGroup + - redshift:DescribeClusterParameters + - redshift:DescribeTags + - redshift:CreateTags + - redshift:DeleteTags + - initech:UpdateReport + delete: + - redshift:DescribeTags + - redshift:DescribeClusterParameterGroups + - redshift:DeleteClusterParameterGroup + - redshift:DescribeClusterParameters + - initech:DeleteReport + list: + - redshift:DescribeTags + - redshift:DescribeClusterParameterGroups + - redshift:DescribeClusterParameters + - initech:ListReports + ClusterSubnetGroup: + type: object + properties: + Description: + description: The description of the parameter group. + type: string + SubnetIds: + description: The list of VPC subnet IDs + type: array + x-insertionOrder: false + maxItems: 20 + items: + type: string + Tags: + description: The list of tags for the cluster parameter group. + type: array + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + ClusterSubnetGroupName: + description: 'This name must be unique for all subnet groups that are created by your AWS account. If costumer do not provide it, cloudformation will generate it. Must not be "Default". ' + type: string + maxLength: 255 + required: + - Description + - SubnetIds + x-stackql-resource-name: cluster_subnet_group + x-stackql-primaryIdentifier: + - ClusterSubnetGroupName + x-read-only-properties: + - ClusterSubnetGroupName + x-required-permissions: + create: + - redshift:CreateClusterSubnetGroup + - redshift:CreateTags + - redshift:DescribeClusterSubnetGroups + - redshift:DescribeTags + - ec2:AllocateAddress + - ec2:AssociateAddress + - ec2:AttachNetworkInterface + - ec2:DescribeAccountAttributes + - ec2:DescribeAddresses + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + read: + - redshift:DescribeClusterSubnetGroups + - redshift:DescribeTags + - ec2:AllocateAddress + - ec2:AssociateAddress + - ec2:AttachNetworkInterface + - ec2:DescribeAccountAttributes + - ec2:DescribeAddresses + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + update: + - redshift:ModifyClusterSubnetGroup + - redshift:DescribeClusterSubnetGroups + - redshift:DescribeTags + - redshift:CreateTags + - redshift:DeleteTags + - ec2:AllocateAddress + - ec2:AssociateAddress + - ec2:AttachNetworkInterface + - ec2:DescribeAccountAttributes + - ec2:DescribeAddresses + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + delete: + - redshift:DeleteClusterSubnetGroup + - redshift:DescribeClusterSubnetGroups + - redshift:DescribeTags + - ec2:AllocateAddress + - ec2:AssociateAddress + - ec2:AttachNetworkInterface + - ec2:DescribeAccountAttributes + - ec2:DescribeAddresses + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + list: + - redshift:DescribeClusterSubnetGroups + - redshift:DescribeTags + - ec2:AllocateAddress + - ec2:AssociateAddress + - ec2:AttachNetworkInterface + - ec2:DescribeAccountAttributes + - ec2:DescribeAddresses + - ec2:DescribeAvailabilityZones + - ec2:DescribeInternetGateways + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeVpcs + VpcSecurityGroup: + description: Describes the members of a VPC security group. + type: object + properties: + VpcSecurityGroupId: + type: string + description: The identifier of the VPC security group. + Status: + type: string + description: The status of the VPC security group. + additionalProperties: false + NetworkInterface: + description: Describes a network interface. + type: object + properties: + NetworkInterfaceId: + type: string + description: The network interface identifier. + SubnetId: + type: string + description: The subnet identifier. + PrivateIpAddress: + type: string + description: The IPv4 address of the network interface within the subnet. + AvailabilityZone: + type: string + description: The Availability Zone. + additionalProperties: false + EndpointAccess: + type: object + properties: + Address: + description: The DNS address of the endpoint. + type: string + ClusterIdentifier: + description: A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. All alphabetical characters must be lower case, no hypens at the end, no two consecutive hyphens. Cluster name should be unique for all clusters within an AWS account + type: string + VpcSecurityGroups: + description: A list of Virtual Private Cloud (VPC) security groups to be associated with the endpoint. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/VpcSecurityGroup' + ResourceOwner: + description: The AWS account ID of the owner of the cluster. + type: string + pattern: ^\d{12}$ + EndpointStatus: + description: The status of the endpoint. + type: string + EndpointName: + description: The name of the endpoint. + type: string + pattern: ^(?=^[a-z][a-z0-9]*(-[a-z0-9]+)*$).{1,30}$ + EndpointCreateTime: + description: The time (UTC) that the endpoint was created. + type: string + SubnetGroupName: + description: The subnet group name where Amazon Redshift chooses to deploy the endpoint. + type: string + pattern: ^(?=^[a-zA-Z0-9-]+$).{1,255}$ + Port: + description: The port number on which the cluster accepts incoming connections. + type: integer + VpcSecurityGroupIds: + description: A list of vpc security group ids to apply to the created endpoint access. + type: array + x-insertionOrder: false + items: + type: string + VpcEndpoint: + description: The connection endpoint for connecting to an Amazon Redshift cluster through the proxy. + type: object + properties: + VpcEndpointId: + type: string + description: The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy. + VpcId: + type: string + description: The VPC identifier that the endpoint is associated. + NetworkInterfaces: + type: array + x-insertionOrder: false + description: One or more network interfaces of the endpoint. Also known as an interface endpoint. + items: + $ref: '#/components/schemas/NetworkInterface' + additionalProperties: false + required: + - ClusterIdentifier + - SubnetGroupName + - EndpointName + - VpcSecurityGroupIds + x-stackql-resource-name: endpoint_access + x-stackql-primaryIdentifier: + - EndpointName + x-create-only-properties: + - EndpointName + - ClusterIdentifier + - ResourceOwner + - SubnetGroupName + x-read-only-properties: + - Address + - EndpointStatus + - EndpointCreateTime + - Port + - VpcSecurityGroups + - VpcSecurityGroups/*/VpcSecurityGroupId + - VpcSecurityGroups/*/Status + - VpcEndpoint + - VpcEndpoint/VpcEndpointId + - VpcEndpoint/VpcId + - VpcEndpoint/NetworkInterfaces/*/NetworkInterfaceId + - VpcEndpoint/NetworkInterfaces/*/PrivateIpAddress + - VpcEndpoint/NetworkInterfaces/*/SubnetId + - VpcEndpoint/NetworkInterfaces/*/AvailabilityZone + x-required-permissions: + create: + - redshift:CreateEndpointAccess + - redshift:DescribeEndpointAccess + - ec2:CreateClientVpnEndpoint + - ec2:CreateVpcEndpoint + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + read: + - redshift:DescribeEndpointAccess + - ec2:DescribeClientVpnEndpoints + - ec2:DescribeVpcEndpoint + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + update: + - redshift:DescribeEndpointAccess + - redshift:ModifyEndpointAccess + - ec2:ModifyClientVpnEndpoint + - ec2:ModifyVpcEndpoint + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + delete: + - redshift:DeleteEndpointAccess + - redshift:DescribeEndpointAccess + - ec2:DeleteClientVpnEndpoint + - ec2:DeleteVpcEndpoint + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + - ec2:DescribeVpcEndpoint + list: + - redshift:DescribeEndpointAccess + - ec2:DescribeClientVpnEndpoints + - ec2:DescribeVpcEndpoints + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + AwsAccount: + type: string + pattern: ^\d{12}$ + VpcId: + type: string + pattern: ^vpc-[A-Za-z0-9]{1,17}$ + EndpointAuthorization: + type: object + properties: + Grantor: + description: The AWS account ID of the cluster owner. + $ref: '#/components/schemas/AwsAccount' + Grantee: + description: The AWS account ID of the grantee of the cluster. + $ref: '#/components/schemas/AwsAccount' + ClusterIdentifier: + description: The cluster identifier. + type: string + pattern: ^(?=^[a-z][a-z0-9]*(-[a-z0-9]+)*$).{1,63}$ + AuthorizeTime: + description: The time (UTC) when the authorization was created. + type: string + ClusterStatus: + description: The status of the cluster. + type: string + Status: + description: The status of the authorization action. + type: string + AllowedAllVPCs: + description: Indicates whether all VPCs in the grantee account are allowed access to the cluster. + type: boolean + AllowedVPCs: + description: The VPCs allowed access to the cluster. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/VpcId' + EndpointCount: + description: The number of Redshift-managed VPC endpoints created for the authorization. + type: integer + Account: + description: The target AWS account ID to grant or revoke access for. + $ref: '#/components/schemas/AwsAccount' + VpcIds: + description: The virtual private cloud (VPC) identifiers to grant or revoke access to. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/VpcId' + Force: + description: ' Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.' + type: boolean + required: + - ClusterIdentifier + - Account + x-stackql-resource-name: endpoint_authorization + x-stackql-primaryIdentifier: + - ClusterIdentifier + - Account + x-create-only-properties: + - ClusterIdentifier + - Account + x-read-only-properties: + - Grantor + - Grantee + - AuthorizeTime + - ClusterStatus + - Status + - AllowedAllVPCs + - AllowedVPCs + - EndpointCount + x-required-permissions: + create: + - redshift:AuthorizeEndpointAccess + - redshift:DescribeEndpointAuthorization + read: + - redshift:DescribeEndpointAuthorization + update: + - redshift:AuthorizeEndpointAccess + - redshift:DescribeEndpointAuthorization + - redshift:RevokeEndpointAccess + delete: + - redshift:RevokeEndpointAccess + - redshift:DeleteEndpointAccess + - redshift:DescribeEndpointAuthorization + - ec2:DeleteClientVpnEndpoint + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + list: + - redshift:DescribeEndpointAuthorization + EventSubscription: + type: object + properties: + SubscriptionName: + description: The name of the Amazon Redshift event notification subscription + type: string + pattern: ^(?=^[a-z][a-z0-9]*(-[a-z0-9]+)*$).{1,255}$ + SnsTopicArn: + description: The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. + type: string + SourceType: + description: The type of source that will be generating the events. + type: string + enum: + - cluster + - cluster-parameter-group + - cluster-security-group + - cluster-snapshot + - scheduled-action + SourceIds: + description: A list of one or more identifiers of Amazon Redshift source objects. + type: array + x-insertionOrder: false + items: + type: string + EventCategories: + description: Specifies the Amazon Redshift event categories to be published by the event notification subscription. + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + enum: + - configuration + - management + - monitoring + - security + - pending + Severity: + description: Specifies the Amazon Redshift event severity to be published by the event notification subscription. + type: string + enum: + - ERROR + - INFO + Enabled: + description: A boolean value; set to true to activate the subscription, and set to false to create the subscription but not activate it. + type: boolean + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + CustomerAwsId: + description: The AWS account associated with the Amazon Redshift event notification subscription. + type: string + CustSubscriptionId: + description: The name of the Amazon Redshift event notification subscription. + type: string + Status: + description: The status of the Amazon Redshift event notification subscription. + type: string + enum: + - active + - no-permission + - topic-not-exist + SubscriptionCreationTime: + description: The date and time the Amazon Redshift event notification subscription was created. + type: string + SourceIdsList: + description: A list of the sources that publish events to the Amazon Redshift event notification subscription. + type: array + x-insertionOrder: false + items: + type: string + EventCategoriesList: + description: The list of Amazon Redshift event categories specified in the event notification subscription. + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + required: + - SubscriptionName + x-stackql-resource-name: event_subscription + x-stackql-primaryIdentifier: + - SubscriptionName + x-create-only-properties: + - SubscriptionName + x-read-only-properties: + - CustomerAwsId + - CustSubscriptionId + - Status + - SubscriptionCreationTime + - SourceIdsList + - EventCategoriesList + x-required-permissions: + create: + - redshift:CreateEventSubscription + - redshift:CreateTags + - redshift:DescribeTags + - redshift:DescribeEventSubscriptions + read: + - redshift:DescribeEventSubscriptions + - redshift:DescribeTags + update: + - redshift:ModifyEventSubscription + - redshift:CreateTags + - redshift:DescribeTags + - redshift:DescribeEventSubscriptions + - redshift:DeleteTags + delete: + - redshift:DescribeEventSubscriptions + - redshift:DeleteEventSubscription + - redshift:DescribeTags + - redshift:DeleteTags + list: + - redshift:DescribeTags + - redshift:DescribeEventSubscriptions + ResizeClusterMessage: + description: Describes a resize cluster operation. For example, a scheduled action to run the `ResizeCluster` API operation. + type: object + properties: + ClusterIdentifier: + type: string + ClusterType: + type: string + NodeType: + type: string + NumberOfNodes: + type: integer + Classic: + type: boolean + required: + - ClusterIdentifier + additionalProperties: false + PauseClusterMessage: + description: Describes a pause cluster operation. For example, a scheduled action to run the `PauseCluster` API operation. + type: object + properties: + ClusterIdentifier: + type: string + required: + - ClusterIdentifier + additionalProperties: false + ResumeClusterMessage: + description: Describes a resume cluster operation. For example, a scheduled action to run the `ResumeCluster` API operation. + type: object + properties: + ClusterIdentifier: + type: string + required: + - ClusterIdentifier + additionalProperties: false + ScheduledActionType: + type: object + oneOf: + - properties: + ResizeCluster: + $ref: '#/components/schemas/ResizeClusterMessage' + additionalProperties: false + - properties: + PauseCluster: + $ref: '#/components/schemas/PauseClusterMessage' + additionalProperties: false + - properties: + ResumeCluster: + $ref: '#/components/schemas/ResumeClusterMessage' + additionalProperties: false + timestamp: + type: string + ScheduledAction: + type: object + properties: + ScheduledActionName: + description: The name of the scheduled action. The name must be unique within an account. + type: string + pattern: ^(?=^[a-z][a-z0-9]*(-[a-z0-9]+)*$).{1,60}$ + TargetAction: + description: A JSON format string of the Amazon Redshift API operation with input parameters. + $ref: '#/components/schemas/ScheduledActionType' + Schedule: + description: The schedule in `at( )` or `cron( )` format. + type: string + IamRole: + description: The IAM role to assume to run the target action. + type: string + ScheduledActionDescription: + description: The description of the scheduled action. + type: string + pattern: ^(?=^[\x09\x0a\x0d\x20-\xff]*$).{1,255}$ + StartTime: + description: The start time in UTC of the scheduled action. Before this time, the scheduled action does not trigger. + $ref: '#/components/schemas/timestamp' + EndTime: + description: The end time in UTC of the scheduled action. After this time, the scheduled action does not trigger. + $ref: '#/components/schemas/timestamp' + Enable: + description: If true, the schedule is enabled. If false, the scheduled action does not trigger. + type: boolean + State: + description: The state of the scheduled action. + type: string + enum: + - ACTIVE + - DISABLED + NextInvocations: + description: List of times when the scheduled action will run. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/timestamp' + required: + - ScheduledActionName + x-stackql-resource-name: scheduled_action + x-stackql-primaryIdentifier: + - ScheduledActionName + x-create-only-properties: + - ScheduledActionName + x-read-only-properties: + - State + - NextInvocations + x-required-permissions: + create: + - redshift:CreateScheduledAction + - redshift:DescribeScheduledActions + - redshift:DescribeTags + - redshift:PauseCluster + - redshift:ResumeCluster + - redshift:ResizeCluster + - iam:PassRole + read: + - redshift:DescribeScheduledActions + - redshift:DescribeTags + update: + - redshift:DescribeScheduledActions + - redshift:ModifyScheduledAction + - redshift:PauseCluster + - redshift:ResumeCluster + - redshift:ResizeCluster + - redshift:DescribeTags + - iam:PassRole + delete: + - redshift:DescribeTags + - redshift:DescribeScheduledActions + - redshift:DeleteScheduledAction + list: + - redshift:DescribeTags + - redshift:DescribeScheduledActions + x-stackQL-resources: + clusters: + name: clusters + id: awscc.redshift.clusters + x-cfn-schema-name: Cluster + x-type: list + x-identifiers: + - ClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterIdentifier') as cluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::Cluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterIdentifier') as cluster_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::Cluster' + AND region = 'us-east-1' + cluster: + name: cluster + id: awscc.redshift.cluster + x-cfn-schema-name: Cluster + x-type: get + x-identifiers: + - ClusterIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterIdentifier') as cluster_identifier, + JSON_EXTRACT(Properties, '$.ClusterNamespaceArn') as cluster_namespace_arn, + JSON_EXTRACT(Properties, '$.MasterUsername') as master_username, + JSON_EXTRACT(Properties, '$.MasterUserPassword') as master_user_password, + JSON_EXTRACT(Properties, '$.NodeType') as node_type, + JSON_EXTRACT(Properties, '$.AllowVersionUpgrade') as allow_version_upgrade, + JSON_EXTRACT(Properties, '$.AutomatedSnapshotRetentionPeriod') as automated_snapshot_retention_period, + JSON_EXTRACT(Properties, '$.AvailabilityZone') as availability_zone, + JSON_EXTRACT(Properties, '$.ClusterParameterGroupName') as cluster_parameter_group_name, + JSON_EXTRACT(Properties, '$.ClusterType') as cluster_type, + JSON_EXTRACT(Properties, '$.ClusterVersion') as cluster_version, + JSON_EXTRACT(Properties, '$.ClusterSubnetGroupName') as cluster_subnet_group_name, + JSON_EXTRACT(Properties, '$.DBName') as d_bname, + JSON_EXTRACT(Properties, '$.ElasticIp') as elastic_ip, + JSON_EXTRACT(Properties, '$.Encrypted') as encrypted, + JSON_EXTRACT(Properties, '$.HsmClientCertificateIdentifier') as hsm_client_certificate_identifier, + JSON_EXTRACT(Properties, '$.HsmConfigurationIdentifier') as hsm_configuration_identifier, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.NumberOfNodes') as number_of_nodes, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.PreferredMaintenanceWindow') as preferred_maintenance_window, + JSON_EXTRACT(Properties, '$.PubliclyAccessible') as publicly_accessible, + JSON_EXTRACT(Properties, '$.ClusterSecurityGroups') as cluster_security_groups, + JSON_EXTRACT(Properties, '$.IamRoles') as iam_roles, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcSecurityGroupIds') as vpc_security_group_ids, + JSON_EXTRACT(Properties, '$.SnapshotClusterIdentifier') as snapshot_cluster_identifier, + JSON_EXTRACT(Properties, '$.SnapshotIdentifier') as snapshot_identifier, + JSON_EXTRACT(Properties, '$.OwnerAccount') as owner_account, + JSON_EXTRACT(Properties, '$.LoggingProperties') as logging_properties, + JSON_EXTRACT(Properties, '$.Endpoint') as endpoint, + JSON_EXTRACT(Properties, '$.DestinationRegion') as destination_region, + JSON_EXTRACT(Properties, '$.SnapshotCopyRetentionPeriod') as snapshot_copy_retention_period, + JSON_EXTRACT(Properties, '$.SnapshotCopyGrantName') as snapshot_copy_grant_name, + JSON_EXTRACT(Properties, '$.ManualSnapshotRetentionPeriod') as manual_snapshot_retention_period, + JSON_EXTRACT(Properties, '$.SnapshotCopyManual') as snapshot_copy_manual, + JSON_EXTRACT(Properties, '$.AvailabilityZoneRelocation') as availability_zone_relocation, + JSON_EXTRACT(Properties, '$.AvailabilityZoneRelocationStatus') as availability_zone_relocation_status, + JSON_EXTRACT(Properties, '$.AquaConfigurationStatus') as aqua_configuration_status, + JSON_EXTRACT(Properties, '$.Classic') as classic, + JSON_EXTRACT(Properties, '$.EnhancedVpcRouting') as enhanced_vpc_routing, + JSON_EXTRACT(Properties, '$.MaintenanceTrackName') as maintenance_track_name, + JSON_EXTRACT(Properties, '$.DeferMaintenance') as defer_maintenance, + JSON_EXTRACT(Properties, '$.DeferMaintenanceIdentifier') as defer_maintenance_identifier, + JSON_EXTRACT(Properties, '$.DeferMaintenanceStartTime') as defer_maintenance_start_time, + JSON_EXTRACT(Properties, '$.DeferMaintenanceEndTime') as defer_maintenance_end_time, + JSON_EXTRACT(Properties, '$.DeferMaintenanceDuration') as defer_maintenance_duration, + JSON_EXTRACT(Properties, '$.RevisionTarget') as revision_target, + JSON_EXTRACT(Properties, '$.ResourceAction') as resource_action, + JSON_EXTRACT(Properties, '$.RotateEncryptionKey') as rotate_encryption_key, + JSON_EXTRACT(Properties, '$.MultiAZ') as multi_az, + JSON_EXTRACT(Properties, '$.NamespaceResourcePolicy') as namespace_resource_policy, + JSON_EXTRACT(Properties, '$.ManageMasterPassword') as manage_master_password, + JSON_EXTRACT(Properties, '$.MasterPasswordSecretKmsKeyId') as master_password_secret_kms_key_id, + JSON_EXTRACT(Properties, '$.MasterPasswordSecretArn') as master_password_secret_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterIdentifier') as cluster_identifier, + json_extract_path_text(Properties, 'ClusterNamespaceArn') as cluster_namespace_arn, + json_extract_path_text(Properties, 'MasterUsername') as master_username, + json_extract_path_text(Properties, 'MasterUserPassword') as master_user_password, + json_extract_path_text(Properties, 'NodeType') as node_type, + json_extract_path_text(Properties, 'AllowVersionUpgrade') as allow_version_upgrade, + json_extract_path_text(Properties, 'AutomatedSnapshotRetentionPeriod') as automated_snapshot_retention_period, + json_extract_path_text(Properties, 'AvailabilityZone') as availability_zone, + json_extract_path_text(Properties, 'ClusterParameterGroupName') as cluster_parameter_group_name, + json_extract_path_text(Properties, 'ClusterType') as cluster_type, + json_extract_path_text(Properties, 'ClusterVersion') as cluster_version, + json_extract_path_text(Properties, 'ClusterSubnetGroupName') as cluster_subnet_group_name, + json_extract_path_text(Properties, 'DBName') as d_bname, + json_extract_path_text(Properties, 'ElasticIp') as elastic_ip, + json_extract_path_text(Properties, 'Encrypted') as encrypted, + json_extract_path_text(Properties, 'HsmClientCertificateIdentifier') as hsm_client_certificate_identifier, + json_extract_path_text(Properties, 'HsmConfigurationIdentifier') as hsm_configuration_identifier, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'NumberOfNodes') as number_of_nodes, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'PreferredMaintenanceWindow') as preferred_maintenance_window, + json_extract_path_text(Properties, 'PubliclyAccessible') as publicly_accessible, + json_extract_path_text(Properties, 'ClusterSecurityGroups') as cluster_security_groups, + json_extract_path_text(Properties, 'IamRoles') as iam_roles, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcSecurityGroupIds') as vpc_security_group_ids, + json_extract_path_text(Properties, 'SnapshotClusterIdentifier') as snapshot_cluster_identifier, + json_extract_path_text(Properties, 'SnapshotIdentifier') as snapshot_identifier, + json_extract_path_text(Properties, 'OwnerAccount') as owner_account, + json_extract_path_text(Properties, 'LoggingProperties') as logging_properties, + json_extract_path_text(Properties, 'Endpoint') as endpoint, + json_extract_path_text(Properties, 'DestinationRegion') as destination_region, + json_extract_path_text(Properties, 'SnapshotCopyRetentionPeriod') as snapshot_copy_retention_period, + json_extract_path_text(Properties, 'SnapshotCopyGrantName') as snapshot_copy_grant_name, + json_extract_path_text(Properties, 'ManualSnapshotRetentionPeriod') as manual_snapshot_retention_period, + json_extract_path_text(Properties, 'SnapshotCopyManual') as snapshot_copy_manual, + json_extract_path_text(Properties, 'AvailabilityZoneRelocation') as availability_zone_relocation, + json_extract_path_text(Properties, 'AvailabilityZoneRelocationStatus') as availability_zone_relocation_status, + json_extract_path_text(Properties, 'AquaConfigurationStatus') as aqua_configuration_status, + json_extract_path_text(Properties, 'Classic') as classic, + json_extract_path_text(Properties, 'EnhancedVpcRouting') as enhanced_vpc_routing, + json_extract_path_text(Properties, 'MaintenanceTrackName') as maintenance_track_name, + json_extract_path_text(Properties, 'DeferMaintenance') as defer_maintenance, + json_extract_path_text(Properties, 'DeferMaintenanceIdentifier') as defer_maintenance_identifier, + json_extract_path_text(Properties, 'DeferMaintenanceStartTime') as defer_maintenance_start_time, + json_extract_path_text(Properties, 'DeferMaintenanceEndTime') as defer_maintenance_end_time, + json_extract_path_text(Properties, 'DeferMaintenanceDuration') as defer_maintenance_duration, + json_extract_path_text(Properties, 'RevisionTarget') as revision_target, + json_extract_path_text(Properties, 'ResourceAction') as resource_action, + json_extract_path_text(Properties, 'RotateEncryptionKey') as rotate_encryption_key, + json_extract_path_text(Properties, 'MultiAZ') as multi_az, + json_extract_path_text(Properties, 'NamespaceResourcePolicy') as namespace_resource_policy, + json_extract_path_text(Properties, 'ManageMasterPassword') as manage_master_password, + json_extract_path_text(Properties, 'MasterPasswordSecretKmsKeyId') as master_password_secret_kms_key_id, + json_extract_path_text(Properties, 'MasterPasswordSecretArn') as master_password_secret_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + cluster_parameter_groups: + name: cluster_parameter_groups + id: awscc.redshift.cluster_parameter_groups + x-cfn-schema-name: ClusterParameterGroup + x-type: list + x-identifiers: + - ParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ParameterGroupName') as parameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::ClusterParameterGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ParameterGroupName') as parameter_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::ClusterParameterGroup' + AND region = 'us-east-1' + cluster_parameter_group: + name: cluster_parameter_group + id: awscc.redshift.cluster_parameter_group + x-cfn-schema-name: ClusterParameterGroup + x-type: get + x-identifiers: + - ParameterGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ParameterGroupName') as parameter_group_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ParameterGroupFamily') as parameter_group_family, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::ClusterParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ParameterGroupName') as parameter_group_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ParameterGroupFamily') as parameter_group_family, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::ClusterParameterGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + cluster_subnet_groups: + name: cluster_subnet_groups + id: awscc.redshift.cluster_subnet_groups + x-cfn-schema-name: ClusterSubnetGroup + x-type: list + x-identifiers: + - ClusterSubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterSubnetGroupName') as cluster_subnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::ClusterSubnetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterSubnetGroupName') as cluster_subnet_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::ClusterSubnetGroup' + AND region = 'us-east-1' + cluster_subnet_group: + name: cluster_subnet_group + id: awscc.redshift.cluster_subnet_group + x-cfn-schema-name: ClusterSubnetGroup + x-type: get + x-identifiers: + - ClusterSubnetGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ClusterSubnetGroupName') as cluster_subnet_group_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::ClusterSubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ClusterSubnetGroupName') as cluster_subnet_group_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::ClusterSubnetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + endpoint_accesses: + name: endpoint_accesses + id: awscc.redshift.endpoint_accesses + x-cfn-schema-name: EndpointAccess + x-type: list + x-identifiers: + - EndpointName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::EndpointAccess' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::EndpointAccess' + AND region = 'us-east-1' + endpoint_access: + name: endpoint_access + id: awscc.redshift.endpoint_access + x-cfn-schema-name: EndpointAccess + x-type: get + x-identifiers: + - EndpointName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Address') as address, + JSON_EXTRACT(Properties, '$.ClusterIdentifier') as cluster_identifier, + JSON_EXTRACT(Properties, '$.VpcSecurityGroups') as vpc_security_groups, + JSON_EXTRACT(Properties, '$.ResourceOwner') as resource_owner, + JSON_EXTRACT(Properties, '$.EndpointStatus') as endpoint_status, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.EndpointCreateTime') as endpoint_create_time, + JSON_EXTRACT(Properties, '$.SubnetGroupName') as subnet_group_name, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.VpcSecurityGroupIds') as vpc_security_group_ids, + JSON_EXTRACT(Properties, '$.VpcEndpoint') as vpc_endpoint + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::EndpointAccess' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Address') as address, + json_extract_path_text(Properties, 'ClusterIdentifier') as cluster_identifier, + json_extract_path_text(Properties, 'VpcSecurityGroups') as vpc_security_groups, + json_extract_path_text(Properties, 'ResourceOwner') as resource_owner, + json_extract_path_text(Properties, 'EndpointStatus') as endpoint_status, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'EndpointCreateTime') as endpoint_create_time, + json_extract_path_text(Properties, 'SubnetGroupName') as subnet_group_name, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'VpcSecurityGroupIds') as vpc_security_group_ids, + json_extract_path_text(Properties, 'VpcEndpoint') as vpc_endpoint + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::EndpointAccess' + AND data__Identifier = '' + AND region = 'us-east-1' + endpoint_authorizations: + name: endpoint_authorizations + id: awscc.redshift.endpoint_authorizations + x-cfn-schema-name: EndpointAuthorization + x-type: list + x-identifiers: + - ClusterIdentifier + - Account + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterIdentifier') as cluster_identifier, + JSON_EXTRACT(Properties, '$.Account') as account + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::EndpointAuthorization' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterIdentifier') as cluster_identifier, + json_extract_path_text(Properties, 'Account') as account + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::EndpointAuthorization' + AND region = 'us-east-1' + endpoint_authorization: + name: endpoint_authorization + id: awscc.redshift.endpoint_authorization + x-cfn-schema-name: EndpointAuthorization + x-type: get + x-identifiers: + - ClusterIdentifier + - Account + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Grantor') as grantor, + JSON_EXTRACT(Properties, '$.Grantee') as grantee, + JSON_EXTRACT(Properties, '$.ClusterIdentifier') as cluster_identifier, + JSON_EXTRACT(Properties, '$.AuthorizeTime') as authorize_time, + JSON_EXTRACT(Properties, '$.ClusterStatus') as cluster_status, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.AllowedAllVPCs') as allowed_all_vp_cs, + JSON_EXTRACT(Properties, '$.AllowedVPCs') as allowed_vp_cs, + JSON_EXTRACT(Properties, '$.EndpointCount') as endpoint_count, + JSON_EXTRACT(Properties, '$.Account') as account, + JSON_EXTRACT(Properties, '$.VpcIds') as vpc_ids, + JSON_EXTRACT(Properties, '$.Force') as _force + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::EndpointAuthorization' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Grantor') as grantor, + json_extract_path_text(Properties, 'Grantee') as grantee, + json_extract_path_text(Properties, 'ClusterIdentifier') as cluster_identifier, + json_extract_path_text(Properties, 'AuthorizeTime') as authorize_time, + json_extract_path_text(Properties, 'ClusterStatus') as cluster_status, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'AllowedAllVPCs') as allowed_all_vp_cs, + json_extract_path_text(Properties, 'AllowedVPCs') as allowed_vp_cs, + json_extract_path_text(Properties, 'EndpointCount') as endpoint_count, + json_extract_path_text(Properties, 'Account') as account, + json_extract_path_text(Properties, 'VpcIds') as vpc_ids, + json_extract_path_text(Properties, 'Force') as _force + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::EndpointAuthorization' + AND data__Identifier = '' + AND region = 'us-east-1' + event_subscriptions: + name: event_subscriptions + id: awscc.redshift.event_subscriptions + x-cfn-schema-name: EventSubscription + x-type: list + x-identifiers: + - SubscriptionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SubscriptionName') as subscription_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::EventSubscription' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SubscriptionName') as subscription_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::EventSubscription' + AND region = 'us-east-1' + event_subscription: + name: event_subscription + id: awscc.redshift.event_subscription + x-cfn-schema-name: EventSubscription + x-type: get + x-identifiers: + - SubscriptionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SubscriptionName') as subscription_name, + JSON_EXTRACT(Properties, '$.SnsTopicArn') as sns_topic_arn, + JSON_EXTRACT(Properties, '$.SourceType') as source_type, + JSON_EXTRACT(Properties, '$.SourceIds') as source_ids, + JSON_EXTRACT(Properties, '$.EventCategories') as event_categories, + JSON_EXTRACT(Properties, '$.Severity') as severity, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CustomerAwsId') as customer_aws_id, + JSON_EXTRACT(Properties, '$.CustSubscriptionId') as cust_subscription_id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.SubscriptionCreationTime') as subscription_creation_time, + JSON_EXTRACT(Properties, '$.SourceIdsList') as source_ids_list, + JSON_EXTRACT(Properties, '$.EventCategoriesList') as event_categories_list + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::EventSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SubscriptionName') as subscription_name, + json_extract_path_text(Properties, 'SnsTopicArn') as sns_topic_arn, + json_extract_path_text(Properties, 'SourceType') as source_type, + json_extract_path_text(Properties, 'SourceIds') as source_ids, + json_extract_path_text(Properties, 'EventCategories') as event_categories, + json_extract_path_text(Properties, 'Severity') as severity, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CustomerAwsId') as customer_aws_id, + json_extract_path_text(Properties, 'CustSubscriptionId') as cust_subscription_id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'SubscriptionCreationTime') as subscription_creation_time, + json_extract_path_text(Properties, 'SourceIdsList') as source_ids_list, + json_extract_path_text(Properties, 'EventCategoriesList') as event_categories_list + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::EventSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + scheduled_actions: + name: scheduled_actions + id: awscc.redshift.scheduled_actions + x-cfn-schema-name: ScheduledAction + x-type: list + x-identifiers: + - ScheduledActionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScheduledActionName') as scheduled_action_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::ScheduledAction' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScheduledActionName') as scheduled_action_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Redshift::ScheduledAction' + AND region = 'us-east-1' + scheduled_action: + name: scheduled_action + id: awscc.redshift.scheduled_action + x-cfn-schema-name: ScheduledAction + x-type: get + x-identifiers: + - ScheduledActionName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ScheduledActionName') as scheduled_action_name, + JSON_EXTRACT(Properties, '$.TargetAction') as target_action, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.IamRole') as iam_role, + JSON_EXTRACT(Properties, '$.ScheduledActionDescription') as scheduled_action_description, + JSON_EXTRACT(Properties, '$.StartTime') as start_time, + JSON_EXTRACT(Properties, '$.EndTime') as end_time, + JSON_EXTRACT(Properties, '$.Enable') as enable, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.NextInvocations') as next_invocations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::ScheduledAction' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ScheduledActionName') as scheduled_action_name, + json_extract_path_text(Properties, 'TargetAction') as target_action, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'IamRole') as iam_role, + json_extract_path_text(Properties, 'ScheduledActionDescription') as scheduled_action_description, + json_extract_path_text(Properties, 'StartTime') as start_time, + json_extract_path_text(Properties, 'EndTime') as end_time, + json_extract_path_text(Properties, 'Enable') as enable, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'NextInvocations') as next_invocations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Redshift::ScheduledAction' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/redshiftserverless.yaml b/providers/src/awscc/v00.00.00000/services/redshiftserverless.yaml new file mode 100644 index 00000000..0c72c687 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/redshiftserverless.yaml @@ -0,0 +1,598 @@ +openapi: 3.0.0 +info: + title: RedshiftServerless + version: 1.0.0 +paths: {} +components: + schemas: + LogExport: + type: string + enum: + - useractivitylog + - userlog + - connectionlog + Namespace: + type: object + properties: + AdminPasswordSecretKmsKeyId: + description: The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if manageAdminPassword is true. + type: string + AdminUserPassword: + description: The password associated with the admin user for the namespace that is being created. Password must be at least 8 characters in length, should be any printable ASCII character. Must contain at least one lowercase letter, one uppercase letter and one decimal digit. You can't use adminUserPassword if manageAdminPassword is true. + type: string + maxLength: 64 + minLength: 8 + pattern: ^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[^\x00-\x20\x22\x27\x2f\x40\x5c\x7f-\uffff]+ + AdminUsername: + description: The user name associated with the admin user for the namespace that is being created. Only alphanumeric characters and underscores are allowed. It should start with an alphabet. + type: string + pattern: '[a-zA-Z][a-zA-Z_0-9+.@-]*' + DbName: + description: The database name associated for the namespace that is being created. Only alphanumeric characters and underscores are allowed. It should start with an alphabet. + type: string + pattern: '[a-zA-Z][a-zA-Z_0-9+.@-]*' + maxLength: 127 + DefaultIamRoleArn: + description: The default IAM role ARN for the namespace that is being created. + type: string + IamRoles: + description: A list of AWS Identity and Access Management (IAM) roles that can be used by the namespace to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. The Default role limit for each request is 10. + type: array + x-insertionOrder: false + items: + type: string + maxLength: 512 + minLength: 0 + KmsKeyId: + description: The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the namespace. + type: string + LogExports: + description: 'The collection of log types to be exported provided by the customer. Should only be one of the three supported log types: userlog, useractivitylog and connectionlog' + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/LogExport' + maxItems: 16 + minItems: 0 + ManageAdminPassword: + description: If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use adminUserPassword if manageAdminPassword is true. If manageAdminPassword is false or not set, Amazon Redshift uses adminUserPassword for the admin user account's password. + type: boolean + Namespace: + $ref: '#/components/schemas/Namespace' + description: Definition of Namespace resource. + NamespaceName: + description: A unique identifier for the namespace. You use this identifier to refer to the namespace for any subsequent namespace operations such as deleting or modifying. All alphabetical characters must be lower case. Namespace name should be unique for all namespaces within an AWS account. + type: string + maxLength: 64 + minLength: 3 + pattern: ^[a-z0-9-]+$ + Tags: + description: The list of tags for the namespace. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + FinalSnapshotName: + description: The name of the namespace the source snapshot was created from. Please specify the name if needed before deleting namespace + type: string + pattern: '[a-z][a-z0-9]*(-[a-z0-9]+)*' + maxLength: 255 + FinalSnapshotRetentionPeriod: + description: The number of days to retain automated snapshot in the destination region after they are copied from the source region. If the value is -1, the manual snapshot is retained indefinitely. The value must be either -1 or an integer between 1 and 3,653. + type: integer + NamespaceResourcePolicy: + description: The resource policy document that will be attached to the namespace. + type: object + RedshiftIdcApplicationArn: + description: The ARN for the Redshift application that integrates with IAM Identity Center. + type: string + SnapshotCopyConfigurations: + description: The snapshot copy configurations for the namespace. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SnapshotCopyConfiguration' + maxItems: 1 + minItems: 0 + required: + - NamespaceName + x-stackql-resource-name: namespace + x-stackql-primaryIdentifier: + - NamespaceName + x-create-only-properties: + - NamespaceName + - Tags + x-read-only-properties: + - Namespace + - Namespace/NamespaceArn + - Namespace/NamespaceId + - Namespace/NamespaceName + - Namespace/AdminUsername + - Namespace/DbName + - Namespace/KmsKeyId + - Namespace/DefaultIamRoleArn + - Namespace/IamRoles + - Namespace/LogExports + - Namespace/Status + - Namespace/CreationDate + x-required-permissions: + create: + - iam:PassRole + - kms:TagResource + - kms:UntagResource + - kms:ScheduleKeyDeletion + - kms:CancelKeyDeletion + - kms:Encrypt + - kms:Decrypt + - kms:DescribeKey + - kms:GenerateDataKeyPair + - kms:GenerateDataKey + - kms:CreateGrant + - kms:ListGrants + - kms:RevokeGrant + - kms:RetireGrant + - redshift-serverless:CreateNamespace + - redshift-serverless:GetNamespace + - redshift-serverless:ListSnapshotCopyConfigurations + - redshift-serverless:CreateSnapshotCopyConfiguration + - redshift:GetResourcePolicy + - redshift:PutResourcePolicy + - secretsmanager:CreateSecret + - secretsmanager:TagResource + - secretsmanager:RotateSecret + - secretsmanager:DescribeSecret + read: + - iam:PassRole + - redshift-serverless:GetNamespace + - redshift:GetResourcePolicy + - redshift-serverless:ListSnapshotCopyConfigurations + update: + - iam:PassRole + - kms:TagResource + - kms:UntagResource + - kms:ScheduleKeyDeletion + - kms:CancelKeyDeletion + - kms:Encrypt + - kms:Decrypt + - kms:DescribeKey + - kms:CreateGrant + - kms:ListGrants + - kms:RevokeGrant + - kms:RetireGrant + - kms:GenerateDataKeyPair + - kms:GenerateDataKey + - redshift-serverless:UpdateNamespace + - redshift-serverless:GetNamespace + - redshift-serverless:ListSnapshotCopyConfigurations + - redshift-serverless:CreateSnapshotCopyConfiguration + - redshift-serverless:UpdateSnapshotCopyConfiguration + - redshift-serverless:DeleteSnapshotCopyConfiguration + - redshift:GetResourcePolicy + - redshift:PutResourcePolicy + - redshift:DeleteResourcePolicy + - secretsmanager:CreateSecret + - secretsmanager:TagResource + - secretsmanager:RotateSecret + - secretsmanager:DescribeSecret + - secretsmanager:UpdateSecret + - secretsmanager:DeleteSecret + delete: + - iam:PassRole + - redshift-serverless:DeleteNamespace + - redshift-serverless:GetNamespace + - kms:RetireGrant + - secretsmanager:DescribeSecret + - secretsmanager:DeleteSecret + - redshift:DeleteResourcePolicy + list: + - iam:PassRole + - redshift-serverless:ListNamespaces + NamespaceStatus: + type: string + enum: + - AVAILABLE + - MODIFYING + - DELETING + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + Value: + type: string + maxLength: 256 + minLength: 0 + required: + - Key + - Value + additionalProperties: false + SnapshotCopyConfiguration: + type: object + properties: + DestinationRegion: + type: string + DestinationKmsKeyId: + type: string + SnapshotRetentionPeriod: + type: integer + required: + - DestinationRegion + additionalProperties: false + ConfigParameter: + type: object + properties: + ParameterKey: + type: string + maxLength: 255 + minLength: 0 + ParameterValue: + type: string + maxLength: 15000 + minLength: 0 + additionalProperties: false + Endpoint: + type: object + properties: + Address: + type: string + Port: + type: integer + VpcEndpoints: + type: array + items: + $ref: '#/components/schemas/VpcEndpoint' + x-insertionOrder: false + additionalProperties: false + NetworkInterface: + type: object + properties: + NetworkInterfaceId: + type: string + SubnetId: + type: string + PrivateIpAddress: + type: string + AvailabilityZone: + type: string + additionalProperties: false + VpcEndpoint: + type: object + properties: + VpcEndpointId: + type: string + VpcId: + type: string + NetworkInterfaces: + type: array + items: + $ref: '#/components/schemas/NetworkInterface' + x-insertionOrder: false + additionalProperties: false + Workgroup: + type: object + properties: + WorkgroupName: + description: The name of the workgroup. + type: string + pattern: ^(?=^[a-z0-9-]+$).{3,64}$ + maxLength: 64 + minLength: 3 + NamespaceName: + description: The namespace the workgroup is associated with. + type: string + pattern: ^(?=^[a-z0-9-]+$).{3,64}$ + maxLength: 64 + minLength: 3 + BaseCapacity: + description: The base compute capacity of the workgroup in Redshift Processing Units (RPUs). + type: integer + MaxCapacity: + description: The max compute capacity of the workgroup in Redshift Processing Units (RPUs). + type: integer + EnhancedVpcRouting: + description: The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC. + type: boolean + default: false + ConfigParameters: + description: A list of parameters to set for finer control over a database. Available options are datestyle, enable_user_activity_logging, query_group, search_path, max_query_execution_time, and require_ssl. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/ConfigParameter' + minItems: 1 + SecurityGroupIds: + description: A list of security group IDs to associate with the workgroup. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^sg-[0-9a-fA-F]{8,}$ + maxLength: 255 + minLength: 0 + maxItems: 32 + minItems: 1 + SubnetIds: + description: A list of subnet IDs the workgroup is associated with. + type: array + x-insertionOrder: false + items: + type: string + pattern: ^subnet-[0-9a-fA-F]{8,}$ + maxLength: 255 + minLength: 0 + maxItems: 32 + minItems: 1 + PubliclyAccessible: + description: A value that specifies whether the workgroup can be accessible from a public network. + type: boolean + default: false + Port: + description: The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439. + type: integer + Tags: + description: The map of the key-value pairs used to tag the workgroup. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + Workgroup: + description: Definition for workgroup resource + $ref: '#/components/schemas/Workgroup' + required: + - WorkgroupName + x-stackql-resource-name: workgroup + x-stackql-primaryIdentifier: + - WorkgroupName + x-create-only-properties: + - WorkgroupName + - NamespaceName + x-read-only-properties: + - Workgroup + - Workgroup/WorkgroupId + - Workgroup/WorkgroupArn + - Workgroup/WorkgroupName + - Workgroup/NamespaceName + - Workgroup/BaseCapacity + - Workgroup/MaxCapacity + - Workgroup/EnhancedVpcRouting + - Workgroup/ConfigParameters/*/ParameterKey + - Workgroup/ConfigParameters/*/ParameterValue + - Workgroup/SecurityGroupIds + - Workgroup/SubnetIds + - Workgroup/Status + - Workgroup/Endpoint/Address + - Workgroup/Endpoint/Port + - Workgroup/Endpoint/VpcEndpoints/*/VpcEndpointId + - Workgroup/Endpoint/VpcEndpoints/*/VpcId + - Workgroup/Endpoint/VpcEndpoints/*/NetworkInterfaces/*/NetworkInterfaceId + - Workgroup/Endpoint/VpcEndpoints/*/NetworkInterfaces/*/SubnetId + - Workgroup/Endpoint/VpcEndpoints/*/NetworkInterfaces/*/PrivateIpAddress + - Workgroup/Endpoint/VpcEndpoints/*/NetworkInterfaces/*/AvailabilityZone + - Workgroup/PubliclyAccessible + - Workgroup/CreationDate + x-required-permissions: + create: + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - redshift-serverless:CreateNamespace + - redshift-serverless:CreateWorkgroup + - redshift-serverless:GetWorkgroup + read: + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - redshift-serverless:GetWorkgroup + update: + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - redshift-serverless:ListTagsForResource + - redshift-serverless:TagResource + - redshift-serverless:UntagResource + - redshift-serverless:GetWorkgroup + - redshift-serverless:UpdateWorkgroup + delete: + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - redshift-serverless:GetWorkgroup + - redshift-serverless:DeleteWorkgroup + list: + - ec2:DescribeVpcAttribute + - ec2:DescribeSecurityGroups + - ec2:DescribeAddresses + - ec2:DescribeInternetGateways + - ec2:DescribeSubnets + - ec2:DescribeAccountAttributes + - ec2:DescribeAvailabilityZones + - redshift-serverless:ListWorkgroups + WorkgroupStatus: + type: string + enum: + - CREATING + - AVAILABLE + - MODIFYING + - DELETING + x-stackQL-resources: + namespaces: + name: namespaces + id: awscc.redshiftserverless.namespaces + x-cfn-schema-name: Namespace + x-type: list + x-identifiers: + - NamespaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.NamespaceName') as namespace_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RedshiftServerless::Namespace' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'NamespaceName') as namespace_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RedshiftServerless::Namespace' + AND region = 'us-east-1' + namespace: + name: namespace + id: awscc.redshiftserverless.namespace + x-cfn-schema-name: Namespace + x-type: get + x-identifiers: + - NamespaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdminPasswordSecretKmsKeyId') as admin_password_secret_kms_key_id, + JSON_EXTRACT(Properties, '$.AdminUserPassword') as admin_user_password, + JSON_EXTRACT(Properties, '$.AdminUsername') as admin_username, + JSON_EXTRACT(Properties, '$.DbName') as db_name, + JSON_EXTRACT(Properties, '$.DefaultIamRoleArn') as default_iam_role_arn, + JSON_EXTRACT(Properties, '$.IamRoles') as iam_roles, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.LogExports') as log_exports, + JSON_EXTRACT(Properties, '$.ManageAdminPassword') as manage_admin_password, + JSON_EXTRACT(Properties, '$.Namespace') as namespace, + JSON_EXTRACT(Properties, '$.NamespaceName') as namespace_name, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.FinalSnapshotName') as final_snapshot_name, + JSON_EXTRACT(Properties, '$.FinalSnapshotRetentionPeriod') as final_snapshot_retention_period, + JSON_EXTRACT(Properties, '$.NamespaceResourcePolicy') as namespace_resource_policy, + JSON_EXTRACT(Properties, '$.RedshiftIdcApplicationArn') as redshift_idc_application_arn, + JSON_EXTRACT(Properties, '$.SnapshotCopyConfigurations') as snapshot_copy_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RedshiftServerless::Namespace' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdminPasswordSecretKmsKeyId') as admin_password_secret_kms_key_id, + json_extract_path_text(Properties, 'AdminUserPassword') as admin_user_password, + json_extract_path_text(Properties, 'AdminUsername') as admin_username, + json_extract_path_text(Properties, 'DbName') as db_name, + json_extract_path_text(Properties, 'DefaultIamRoleArn') as default_iam_role_arn, + json_extract_path_text(Properties, 'IamRoles') as iam_roles, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'LogExports') as log_exports, + json_extract_path_text(Properties, 'ManageAdminPassword') as manage_admin_password, + json_extract_path_text(Properties, 'Namespace') as namespace, + json_extract_path_text(Properties, 'NamespaceName') as namespace_name, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'FinalSnapshotName') as final_snapshot_name, + json_extract_path_text(Properties, 'FinalSnapshotRetentionPeriod') as final_snapshot_retention_period, + json_extract_path_text(Properties, 'NamespaceResourcePolicy') as namespace_resource_policy, + json_extract_path_text(Properties, 'RedshiftIdcApplicationArn') as redshift_idc_application_arn, + json_extract_path_text(Properties, 'SnapshotCopyConfigurations') as snapshot_copy_configurations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RedshiftServerless::Namespace' + AND data__Identifier = '' + AND region = 'us-east-1' + workgroups: + name: workgroups + id: awscc.redshiftserverless.workgroups + x-cfn-schema-name: Workgroup + x-type: list + x-identifiers: + - WorkgroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkgroupName') as workgroup_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RedshiftServerless::Workgroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkgroupName') as workgroup_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RedshiftServerless::Workgroup' + AND region = 'us-east-1' + workgroup: + name: workgroup + id: awscc.redshiftserverless.workgroup + x-cfn-schema-name: Workgroup + x-type: get + x-identifiers: + - WorkgroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkgroupName') as workgroup_name, + JSON_EXTRACT(Properties, '$.NamespaceName') as namespace_name, + JSON_EXTRACT(Properties, '$.BaseCapacity') as base_capacity, + JSON_EXTRACT(Properties, '$.MaxCapacity') as max_capacity, + JSON_EXTRACT(Properties, '$.EnhancedVpcRouting') as enhanced_vpc_routing, + JSON_EXTRACT(Properties, '$.ConfigParameters') as config_parameters, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.PubliclyAccessible') as publicly_accessible, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Workgroup') as workgroup + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RedshiftServerless::Workgroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkgroupName') as workgroup_name, + json_extract_path_text(Properties, 'NamespaceName') as namespace_name, + json_extract_path_text(Properties, 'BaseCapacity') as base_capacity, + json_extract_path_text(Properties, 'MaxCapacity') as max_capacity, + json_extract_path_text(Properties, 'EnhancedVpcRouting') as enhanced_vpc_routing, + json_extract_path_text(Properties, 'ConfigParameters') as config_parameters, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'PubliclyAccessible') as publicly_accessible, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Workgroup') as workgroup + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RedshiftServerless::Workgroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/refactorspaces.yaml b/providers/src/awscc/v00.00.00000/services/refactorspaces.yaml new file mode 100644 index 00000000..2b5b0a84 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/refactorspaces.yaml @@ -0,0 +1,929 @@ +openapi: 3.0.0 +info: + title: RefactorSpaces + version: 1.0.0 +paths: {} +components: + schemas: + ApiGatewayEndpointType: + type: string + enum: + - REGIONAL + - PRIVATE + ApiGatewayProxyInput: + type: object + properties: + StageName: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[-a-zA-Z0-9_]*$ + EndpointType: + $ref: '#/components/schemas/ApiGatewayEndpointType' + additionalProperties: false + ProxyType: + type: string + enum: + - API_GATEWAY + Tag: + description: A label for tagging Environment resource + type: object + properties: + Key: + description: A string used to identify this tag + type: string + minLength: 1 + maxLength: 128 + pattern: ^(?!aws:).+ + Value: + description: A string containing the value for the tag + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Application: + type: object + properties: + ApiGatewayProxy: + $ref: '#/components/schemas/ApiGatewayProxyInput' + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:(aws[a-zA-Z-]*)?:refactor-spaces:[a-zA-Z0-9\-]+:\w{12}:[a-zA-Z_0-9+=,.@\-_/]+$ + ApiGatewayId: + type: string + maxLength: 10 + minLength: 10 + pattern: ^[a-z0-9]{10}$ + VpcLinkId: + type: string + maxLength: 10 + minLength: 10 + pattern: ^[a-z0-9]{10}$ + NlbArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:(aws[a-zA-Z-]*)?:elasticloadbalancing:[a-zA-Z0-9\\-]+:\\w{12}:[a-zA-Z_0-9+=,.@\\-_\/]+$ + NlbName: + type: string + maxLength: 32 + minLength: 1 + pattern: ^(?!internal-)[a-zA-Z0-9]+[a-zA-Z0-9-_ ]+.*[^-]$ + ApplicationIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^app-([0-9A-Za-z]{10}$) + EnvironmentIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^env-([0-9A-Za-z]{10}$) + Name: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!app-)[a-zA-Z0-9]+[a-zA-Z0-9-_ ]+$ + ProxyType: + $ref: '#/components/schemas/ProxyType' + VpcId: + type: string + maxLength: 21 + minLength: 12 + pattern: ^vpc-[-a-f0-9]{8}([-a-f0-9]{9})?$ + StageName: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[-a-zA-Z0-9_]*$ + ProxyUrl: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^http://[-a-zA-Z0-9+\x38@#/%?=~_|!:,.;]*[-a-zA-Z0-9+\x38@#/%=~_|]$ + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + description: Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair. + required: + - EnvironmentIdentifier + - VpcId + - Name + - ProxyType + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - EnvironmentIdentifier + - ApplicationIdentifier + x-create-only-properties: + - ApiGatewayProxy + - EnvironmentIdentifier + - Name + - ProxyType + - VpcId + x-read-only-properties: + - ApplicationIdentifier + - Arn + - ApiGatewayId + - VpcLinkId + - NlbArn + - NlbName + - ProxyUrl + - StageName + x-required-permissions: + create: + - refactor-spaces:GetApplication + - refactor-spaces:CreateApplication + - refactor-spaces:TagResource + - ec2:CreateTags + - ec2:CreateVpcEndpointServiceConfiguration + - ec2:DescribeVpcs + - ec2:DescribeSubnets + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:DescribeAccountAttributes + - ec2:DescribeInternetGateways + - ec2:ModifyVpcEndpointServicePermissions + - apigateway:DELETE + - apigateway:GET + - apigateway:PATCH + - apigateway:POST + - apigateway:PUT + - apigateway:UpdateRestApiPolicy + - apigateway:Update* + - apigateway:Delete* + - apigateway:Get* + - apigateway:Put* + - elasticloadbalancing:CreateLoadBalancer + - elasticloadbalancing:DescribeLoadBalancers + - elasticloadbalancing:DescribeTags + - elasticloadbalancing:AddTags + - iam:CreateServiceLinkedRole + read: + - refactor-spaces:GetApplication + - refactor-spaces:ListTagsForResource + delete: + - refactor-spaces:GetApplication + - refactor-spaces:DeleteApplication + - refactor-spaces:UntagResource + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:DeleteRoute + - ec2:DeleteSecurityGroup + - ec2:DeleteTransitGateway + - ec2:DeleteTransitGatewayVpcAttachment + - ec2:DeleteVpcEndpointServiceConfigurations + - ec2:DeleteTags + - ec2:RevokeSecurityGroupIngress + - elasticloadbalancing:DeleteLoadBalancer + - apigateway:Update* + - apigateway:Delete* + - apigateway:Get* + - apigateway:Put* + list: + - refactor-spaces:ListApplications + - refactor-spaces:ListTagsForResource + NetworkFabricType: + type: string + enum: + - TRANSIT_GATEWAY + - NONE + Environment: + type: object + properties: + Description: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9-_\s\.\!\*\#\@\']+$ + EnvironmentIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^env-([0-9A-Za-z]{10}$) + Name: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!env-)[a-zA-Z0-9]+[a-zA-Z0-9-_ ]+$ + NetworkFabricType: + $ref: '#/components/schemas/NetworkFabricType' + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:(aws[a-zA-Z-]*)?:refactor-spaces:[a-zA-Z0-9\-]+:\w{12}:[a-zA-Z_0-9+=,.@\-_/]+$ + TransitGatewayId: + type: string + maxLength: 21 + minLength: 21 + pattern: ^tgw-[-a-f0-9]{17}$ + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + description: Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair. + required: + - Name + - NetworkFabricType + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - EnvironmentIdentifier + x-create-only-properties: + - Description + - Name + - NetworkFabricType + x-read-only-properties: + - EnvironmentIdentifier + - Arn + - TransitGatewayId + x-required-permissions: + create: + - refactor-spaces:CreateEnvironment + - refactor-spaces:GetEnvironment + - refactor-spaces:TagResource + - ec2:CreateTransitGateway + - ec2:AuthorizeSecurityGroupIngress + - ec2:CreateSecurityGroup + - ec2:CreateTags + - ec2:DescribeNetworkInterfaces + - ec2:DescribeRouteTables + - ec2:DescribeSecurityGroups + - ec2:DescribeSubnets + - ec2:DescribeTags + - ec2:DescribeTransitGateways + - ec2:DescribeTransitGatewayVpcAttachments + - ec2:DescribeVpcEndpointServiceConfigurations + - ec2:ModifyVpcEndpointServicePermissions + - ec2:RevokeSecurityGroupIngress + - ram:AssociateResourceShare + - ram:CreateResourceShare + - ram:GetResourceShareAssociations + - ram:GetResourceShares + - ram:TagResource + - ram:GetResourceShareInvitations + - ram:AcceptResourceShareInvitation + - ram:DisassociateResourceShare + - tag:GetResources + - iam:CreateServiceLinkedRole + read: + - refactor-spaces:GetEnvironment + - refactor-spaces:ListTagsForResource + delete: + - refactor-spaces:GetEnvironment + - refactor-spaces:DeleteEnvironment + - refactor-spaces:UntagResource + - ec2:DescribeTransitGateways + - ec2:DescribeTransitGatewayVpcAttachments + - ec2:DeleteTransitGateway + - ec2:DeleteTransitGatewayVpcAttachment + - ec2:DeleteTags + - ram:GetResourceShareAssociations + - ram:DeleteResourceShare + list: + - refactor-spaces:ListEnvironments + - refactor-spaces:ListTagsForResource + RouteActivationState: + type: string + enum: + - INACTIVE + - ACTIVE + Method: + type: string + enum: + - DELETE + - GET + - HEAD + - OPTIONS + - PATCH + - POST + - PUT + RouteType: + type: string + enum: + - DEFAULT + - URI_PATH + DefaultRouteInput: + type: object + properties: + ActivationState: + $ref: '#/components/schemas/RouteActivationState' + required: + - ActivationState + additionalProperties: false + UriPathRouteInput: + type: object + properties: + SourcePath: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^(/([a-zA-Z0-9._:-]+|\{[a-zA-Z0-9._:-]+\}))+$ + ActivationState: + $ref: '#/components/schemas/RouteActivationState' + Methods: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Method' + IncludeChildPaths: + type: boolean + AppendSourcePath: + type: boolean + required: + - ActivationState + additionalProperties: false + Route: + type: object + properties: + PathResourceToId: + type: string + Arn: + type: string + minLength: 20 + maxLength: 2048 + pattern: ^arn:(aws[a-zA-Z-]*)?:refactor-spaces:[a-zA-Z0-9\-]+:\w{12}:[a-zA-Z_0-9+=,.@\-_/]+$ + ApplicationIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^app-([0-9A-Za-z]{10}$) + EnvironmentIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^env-([0-9A-Za-z]{10}$) + RouteIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^rte-([0-9A-Za-z]{10}$) + RouteType: + $ref: '#/components/schemas/RouteType' + ServiceIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^svc-([0-9A-Za-z]{10}$) + DefaultRoute: + $ref: '#/components/schemas/DefaultRouteInput' + UriPathRoute: + $ref: '#/components/schemas/UriPathRouteInput' + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + description: Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair. + required: + - EnvironmentIdentifier + - ApplicationIdentifier + - ServiceIdentifier + - RouteType + x-stackql-resource-name: route + x-stackql-primaryIdentifier: + - EnvironmentIdentifier + - ApplicationIdentifier + - RouteIdentifier + x-create-only-properties: + - ApplicationIdentifier + - EnvironmentIdentifier + - RouteType + - ServiceIdentifier + - UriPathRoute/SourcePath + - UriPathRoute/Methods + - UriPathRoute/IncludeChildPaths + - UriPathRoute/AppendSourcePath + x-read-only-properties: + - RouteIdentifier + - PathResourceToId + - Arn + x-required-permissions: + create: + - refactor-spaces:CreateRoute + - refactor-spaces:GetRoute + - refactor-spaces:TagResource + - iam:CreateServiceLinkedRole + - apigateway:GET + - apigateway:PATCH + - apigateway:POST + - apigateway:PUT + - apigateway:DELETE + - apigateway:UpdateRestApiPolicy + - lambda:GetFunctionConfiguration + - lambda:AddPermission + - elasticloadbalancing:DescribeListeners + - elasticloadbalancing:DescribeTargetGroups + - elasticloadbalancing:CreateListener + - elasticloadbalancing:CreateTargetGroup + - elasticloadbalancing:DescribeTags + - elasticloadbalancing:AddTags + - elasticloadbalancing:RegisterTargets + - elasticloadbalancing:DescribeTargetHealth + - ec2:DescribeSubnets + - tag:GetResources + read: + - refactor-spaces:GetRoute + - refactor-spaces:ListTagsForResource + delete: + - refactor-spaces:DeleteRoute + - refactor-spaces:GetRoute + - refactor-spaces:UntagResource + - apigateway:GET + - apigateway:PATCH + - apigateway:POST + - apigateway:PUT + - apigateway:DELETE + - apigateway:UpdateRestApiPolicy + - lambda:GetFunctionConfiguration + - lambda:AddPermission + - elasticloadbalancing:DescribeListeners + - elasticloadbalancing:DescribeTargetGroups + - elasticloadbalancing:CreateListener + - elasticloadbalancing:CreateTargetGroup + - elasticloadbalancing:DeleteListener + - elasticloadbalancing:DeleteTargetGroup + - elasticloadbalancing:DescribeTags + - elasticloadbalancing:AddTags + - elasticloadbalancing:RegisterTargets + - elasticloadbalancing:DescribeTargetHealth + - ec2:DescribeSubnets + - tag:GetResources + list: + - refactor-spaces:ListRoutes + - refactor-spaces:ListTagsForResource + update: + - refactor-spaces:UpdateRoute + - refactor-spaces:GetRoute + - refactor-spaces:TagResource + - iam:CreateServiceLinkedRole + - apigateway:GET + - apigateway:PATCH + - apigateway:POST + - apigateway:PUT + - apigateway:DELETE + - apigateway:UpdateRestApiPolicy + - lambda:GetFunctionConfiguration + - lambda:AddPermission + - elasticloadbalancing:DescribeListeners + - elasticloadbalancing:DescribeTargetGroups + - elasticloadbalancing:CreateListener + - elasticloadbalancing:CreateTargetGroup + - elasticloadbalancing:DeleteListener + - elasticloadbalancing:DeleteTargetGroup + - elasticloadbalancing:DescribeTags + - elasticloadbalancing:AddTags + - elasticloadbalancing:RegisterTargets + - elasticloadbalancing:DescribeTargetHealth + - ec2:DescribeSubnets + - ec2:DescribeSubnets + - tag:GetResources + LambdaEndpointInput: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$ + required: + - Arn + additionalProperties: false + ServiceEndpointType: + type: string + enum: + - LAMBDA + - URL + UrlEndpointInput: + type: object + properties: + HealthUrl: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^https?://[-a-zA-Z0-9+\x38@#/%?=~_|!:,.;]*[-a-zA-Z0-9+\x38@#/%=~_|]$ + Url: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^https?://[-a-zA-Z0-9+\x38@#/%?=~_|!:,.;]*[-a-zA-Z0-9+\x38@#/%=~_|]$ + required: + - Url + additionalProperties: false + Service: + type: object + properties: + Arn: + type: string + minLength: 20 + maxLength: 2048 + pattern: ^arn:(aws[a-zA-Z-]*)?:refactor-spaces:[a-zA-Z0-9\-]+:\w{12}:[a-zA-Z_0-9+=,.@\-_/]+$ + ApplicationIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^app-([0-9A-Za-z]{10}$) + Description: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9-_\s\.\!\*\#\@\']+$ + EndpointType: + $ref: '#/components/schemas/ServiceEndpointType' + EnvironmentIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^env-([0-9A-Za-z]{10}$) + LambdaEndpoint: + $ref: '#/components/schemas/LambdaEndpointInput' + Name: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!svc-)[a-zA-Z0-9]+[a-zA-Z0-9-_ ]+$ + ServiceIdentifier: + type: string + maxLength: 14 + minLength: 14 + pattern: ^svc-([0-9A-Za-z]{10}$) + UrlEndpoint: + $ref: '#/components/schemas/UrlEndpointInput' + VpcId: + type: string + maxLength: 21 + minLength: 12 + pattern: ^vpc-[-a-f0-9]{8}([-a-f0-9]{9})?$ + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + description: Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair. + required: + - EnvironmentIdentifier + - ApplicationIdentifier + - EndpointType + - Name + x-stackql-resource-name: service + x-stackql-primaryIdentifier: + - EnvironmentIdentifier + - ApplicationIdentifier + - ServiceIdentifier + x-create-only-properties: + - Description + - EndpointType + - EnvironmentIdentifier + - ApplicationIdentifier + - LambdaEndpoint + - Name + - UrlEndpoint + - VpcId + x-read-only-properties: + - ServiceIdentifier + - Arn + x-required-permissions: + create: + - refactor-spaces:CreateService + - refactor-spaces:GetService + - refactor-spaces:TagResource + - ec2:DescribeVpcs + - ec2:DescribeSubnets + - ec2:DescribeRouteTables + - ec2:CreateTags + - ec2:CreateTransitGatewayVpcAttachment + - ec2:DescribeTransitGatewayVpcAttachments + - ec2:CreateSecurityGroup + - ec2:AuthorizeSecurityGroupIngress + - ec2:CreateRoute + - lambda:GetFunctionConfiguration + read: + - refactor-spacess:GetService + - refactor-spaces:ListTagsForResource + delete: + - refactor-spaces:DeleteService + - refactor-spaces:GetService + - refactor-spaces:UntagResource + - ram:DisassociateResourceShare + - ec2:DescribeNetworkInterfaces + - ec2:DescribeRouteTables + - ec2:DescribeTransitGatewayVpcAttachments + - ec2:DescribeSecurityGroups + - ec2:DeleteSecurityGroup + - ec2:DeleteRoute + - ec2:RevokeSecurityGroupIngress + - ec2:DeleteTransitGatewayVpcAttachment + - ec2:DeleteTags + list: + - refactor-spaces:ListServices + - refactor-spaces:ListTagsForResource + x-stackQL-resources: + applications: + name: applications + id: awscc.refactorspaces.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - EnvironmentIdentifier + - ApplicationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.refactorspaces.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - EnvironmentIdentifier + - ApplicationIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApiGatewayProxy') as api_gateway_proxy, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ApiGatewayId') as api_gateway_id, + JSON_EXTRACT(Properties, '$.VpcLinkId') as vpc_link_id, + JSON_EXTRACT(Properties, '$.NlbArn') as nlb_arn, + JSON_EXTRACT(Properties, '$.NlbName') as nlb_name, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ProxyType') as proxy_type, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.StageName') as stage_name, + JSON_EXTRACT(Properties, '$.ProxyUrl') as proxy_url, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApiGatewayProxy') as api_gateway_proxy, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ApiGatewayId') as api_gateway_id, + json_extract_path_text(Properties, 'VpcLinkId') as vpc_link_id, + json_extract_path_text(Properties, 'NlbArn') as nlb_arn, + json_extract_path_text(Properties, 'NlbName') as nlb_name, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ProxyType') as proxy_type, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'StageName') as stage_name, + json_extract_path_text(Properties, 'ProxyUrl') as proxy_url, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + environments: + name: environments + id: awscc.refactorspaces.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - EnvironmentIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.refactorspaces.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - EnvironmentIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.NetworkFabricType') as network_fabric_type, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.TransitGatewayId') as transit_gateway_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'NetworkFabricType') as network_fabric_type, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'TransitGatewayId') as transit_gateway_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + routes: + name: routes + id: awscc.refactorspaces.routes + x-cfn-schema-name: Route + x-type: list + x-identifiers: + - EnvironmentIdentifier + - ApplicationIdentifier + - RouteIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier, + JSON_EXTRACT(Properties, '$.RouteIdentifier') as route_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Route' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier, + json_extract_path_text(Properties, 'RouteIdentifier') as route_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Route' + AND region = 'us-east-1' + route: + name: route + id: awscc.refactorspaces.route + x-cfn-schema-name: Route + x-type: get + x-identifiers: + - EnvironmentIdentifier + - ApplicationIdentifier + - RouteIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PathResourceToId') as path_resource_to_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.RouteIdentifier') as route_identifier, + JSON_EXTRACT(Properties, '$.RouteType') as route_type, + JSON_EXTRACT(Properties, '$.ServiceIdentifier') as service_identifier, + JSON_EXTRACT(Properties, '$.DefaultRoute') as default_route, + JSON_EXTRACT(Properties, '$.UriPathRoute') as uri_path_route, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Route' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PathResourceToId') as path_resource_to_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'RouteIdentifier') as route_identifier, + json_extract_path_text(Properties, 'RouteType') as route_type, + json_extract_path_text(Properties, 'ServiceIdentifier') as service_identifier, + json_extract_path_text(Properties, 'DefaultRoute') as default_route, + json_extract_path_text(Properties, 'UriPathRoute') as uri_path_route, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Route' + AND data__Identifier = '' + AND region = 'us-east-1' + services: + name: services + id: awscc.refactorspaces.services + x-cfn-schema-name: Service + x-type: list + x-identifiers: + - EnvironmentIdentifier + - ApplicationIdentifier + - ServiceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier, + JSON_EXTRACT(Properties, '$.ServiceIdentifier') as service_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Service' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier, + json_extract_path_text(Properties, 'ServiceIdentifier') as service_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RefactorSpaces::Service' + AND region = 'us-east-1' + service: + name: service + id: awscc.refactorspaces.service + x-cfn-schema-name: Service + x-type: get + x-identifiers: + - EnvironmentIdentifier + - ApplicationIdentifier + - ServiceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ApplicationIdentifier') as application_identifier, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EndpointType') as endpoint_type, + JSON_EXTRACT(Properties, '$.EnvironmentIdentifier') as environment_identifier, + JSON_EXTRACT(Properties, '$.LambdaEndpoint') as lambda_endpoint, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ServiceIdentifier') as service_identifier, + JSON_EXTRACT(Properties, '$.UrlEndpoint') as url_endpoint, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Service' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ApplicationIdentifier') as application_identifier, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EndpointType') as endpoint_type, + json_extract_path_text(Properties, 'EnvironmentIdentifier') as environment_identifier, + json_extract_path_text(Properties, 'LambdaEndpoint') as lambda_endpoint, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ServiceIdentifier') as service_identifier, + json_extract_path_text(Properties, 'UrlEndpoint') as url_endpoint, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RefactorSpaces::Service' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/rekognition.yaml b/providers/src/awscc/v00.00.00000/services/rekognition.yaml new file mode 100644 index 00000000..3c3ee403 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/rekognition.yaml @@ -0,0 +1,560 @@ +openapi: 3.0.0 +info: + title: Rekognition + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + description: The ARN of the stream processor + type: string + maxLength: 2048 + CollectionId: + description: The name of the collection + type: string + maxLength: 255 + pattern: \A[a-zA-Z0-9_\.\-]+$ + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + pattern: \A(?!aws:)[a-zA-Z0-9+\-=\._\:\/@]+$ + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + pattern: \A[a-zA-Z0-9+\-=\._\:\/@]+$ + required: + - Key + - Value + additionalProperties: false + Collection: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + CollectionId: + $ref: '#/components/schemas/CollectionId' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - CollectionId + x-stackql-resource-name: collection + x-stackql-primaryIdentifier: + - CollectionId + x-create-only-properties: + - CollectionId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - rekognition:CreateCollection + - rekognition:DescribeCollection + - rekognition:ListTagsForResource + - rekognition:TagResource + read: + - rekognition:DescribeCollection + - rekognition:ListTagsForResource + update: + - rekognition:TagResource + - rekognition:UntagResource + - rekognition:DescribeCollection + - rekognition:ListTagsForResource + delete: + - rekognition:DeleteCollection + list: + - rekognition:ListCollections + ProjectName: + description: The name of the project + type: string + minLength: 1 + maxLength: 255 + pattern: '[a-zA-Z0-9][a-zA-Z0-9_\-]*' + Project: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + ProjectName: + $ref: '#/components/schemas/ProjectName' + required: + - ProjectName + x-stackql-resource-name: project + x-stackql-primaryIdentifier: + - ProjectName + x-create-only-properties: + - ProjectName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - rekognition:CreateProject + read: + - rekognition:DescribeProjects + update: [] + delete: + - rekognition:DescribeProjects + - rekognition:DeleteProject + list: + - rekognition:DescribeProjects + KinesisVideoStream: + description: The Kinesis Video Stream that streams the source video. + type: object + properties: + Arn: + description: ARN of the Kinesis Video Stream that streams the source video. + type: string + maxLength: 2048 + pattern: (^arn:([a-z\d-]+):kinesisvideo:([a-z\d-]+):\d{12}:.+$) + required: + - Arn + additionalProperties: false + S3Destination: + description: The S3 location in customer's account where inference output & artifacts are stored, as part of connected home feature. + type: object + properties: + BucketName: + description: Name of the S3 bucket. + type: string + maxLength: 63 + ObjectKeyPrefix: + description: The object key prefix path where the results will be stored. Default is no prefix path + type: string + maxLength: 256 + required: + - BucketName + additionalProperties: false + KinesisDataStream: + description: The Amazon Kinesis Data Stream stream to which the Amazon Rekognition stream processor streams the analysis results, as part of face search feature. + type: object + properties: + Arn: + description: ARN of the Kinesis Data Stream stream. + type: string + maxLength: 2048 + pattern: (^arn:([a-z\d-]+):kinesis:([a-z\d-]+):\d{12}:.+$) + required: + - Arn + additionalProperties: false + Labels: + description: List of labels that need to be detected in the video stream. Current supported values are PERSON, PET, PACKAGE, ALL. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 1 + items: + type: string + minLength: 1 + maxLength: 128 + ConnectedHomeSettings: + description: Connected home settings to use on a streaming video. Note that either ConnectedHomeSettings or FaceSearchSettings should be set. Not both + type: object + properties: + Labels: + $ref: '#/components/schemas/Labels' + MinConfidence: + description: Minimum object class match confidence score that must be met to return a result for a recognized object. + type: number + minimum: 0 + maximum: 100 + required: + - Labels + additionalProperties: false + FaceSearchSettings: + description: Face search settings to use on a streaming video. Note that either FaceSearchSettings or ConnectedHomeSettings should be set. Not both + type: object + properties: + CollectionId: + description: The ID of a collection that contains faces that you want to search for. + type: string + maxLength: 255 + pattern: \A[a-zA-Z0-9_\.\-]+$ + FaceMatchThreshold: + description: Minimum face match confidence score percentage that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted. + type: number + minimum: 0 + maximum: 100 + required: + - CollectionId + additionalProperties: false + NotificationChannel: + description: The ARN of the SNS notification channel where events of interests are published, as part of connected home feature. + type: object + properties: + Arn: + description: ARN of the SNS topic. + type: string + maxLength: 2048 + required: + - Arn + additionalProperties: false + Point: + description: An (X, Y) cartesian coordinate denoting a point on the frame + type: object + properties: + X: + description: The X coordinate of the point. + type: number + 'Y': + description: The Y coordinate of the point. + type: number + required: + - X + - 'Y' + additionalProperties: false + Polygon: + description: A polygon showing a region of interest. Note that the ordering of the Point entries matter in defining the polygon + type: array + uniqueItems: true + x-insertionOrder: true + minItems: 3 + items: + $ref: '#/components/schemas/Point' + BoundingBox: + description: A bounding box denoting a region of interest in the frame to be analyzed. + type: object + properties: + Height: + type: number + minimum: 0 + maximum: 100 + Width: + type: number + minimum: 0 + maximum: 100 + Left: + type: number + minimum: 0 + maximum: 100 + Top: + type: number + minimum: 0 + maximum: 100 + required: + - Height + - Width + - Left + - Top + additionalProperties: false + DataSharingPreference: + description: Indicates whether Rekognition is allowed to store the video stream data for model-training. + properties: + OptIn: + description: Flag to enable data-sharing + type: boolean + required: + - OptIn + type: object + additionalProperties: false + StreamProcessor: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + Name: + description: Name of the stream processor. It's an identifier you assign to the stream processor. You can use it to manage the stream processor. + type: string + minLength: 1 + maxLength: 128 + pattern: '[a-zA-Z0-9_.\-]+' + KmsKeyId: + description: The KMS key that is used by Rekognition to encrypt any intermediate customer metadata and store in the customer's S3 bucket. + type: string + RoleArn: + description: ARN of the IAM role that allows access to the stream processor, and provides Rekognition read permissions for KVS stream and write permissions to S3 bucket and SNS topic. + type: string + maxLength: 2048 + pattern: arn:aws(-[\w]+)*:iam::[0-9]{12}:role/.* + KinesisVideoStream: + $ref: '#/components/schemas/KinesisVideoStream' + FaceSearchSettings: + $ref: '#/components/schemas/FaceSearchSettings' + ConnectedHomeSettings: + $ref: '#/components/schemas/ConnectedHomeSettings' + KinesisDataStream: + $ref: '#/components/schemas/KinesisDataStream' + S3Destination: + $ref: '#/components/schemas/S3Destination' + NotificationChannel: + $ref: '#/components/schemas/NotificationChannel' + DataSharingPreference: + $ref: '#/components/schemas/DataSharingPreference' + PolygonRegionsOfInterest: + description: The PolygonRegionsOfInterest specifies a set of polygon areas of interest in the video frames to analyze, as part of connected home feature. Each polygon is in turn, an ordered list of Point + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + items: + $ref: '#/components/schemas/Polygon' + BoundingBoxRegionsOfInterest: + description: The BoundingBoxRegionsOfInterest specifies an array of bounding boxes of interest in the video frames to analyze, as part of connected home feature. If an object is partially in a region of interest, Rekognition will tag it as detected if the overlap of the object with the region-of-interest is greater than 20%. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + items: + $ref: '#/components/schemas/BoundingBox' + Status: + description: Current status of the stream processor. + type: string + StatusMessage: + description: Detailed status message about the stream processor. + type: string + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - RoleArn + - KinesisVideoStream + x-stackql-resource-name: stream_processor + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - KmsKeyId + - RoleArn + - KinesisVideoStream + - ConnectedHomeSettings + - FaceSearchSettings + - KinesisDataStream + - S3Destination + - NotificationChannel + - BoundingBoxRegionsOfInterest + - PolygonRegionsOfInterest + - DataSharingPreference + x-read-only-properties: + - Arn + - Status + - StatusMessage + x-required-permissions: + create: + - rekognition:CreateStreamProcessor + - iam:PassRole + - rekognition:DescribeStreamProcessor + - rekognition:ListTagsForResource + - rekognition:TagResource + read: + - rekognition:DescribeStreamProcessor + - rekognition:ListTagsForResource + update: + - rekognition:TagResource + - rekognition:UntagResource + - rekognition:ListTagsForResource + - rekognition:DescribeStreamProcessor + delete: + - rekognition:DeleteStreamProcessor + list: + - rekognition:ListStreamProcessors + x-stackQL-resources: + collections: + name: collections + id: awscc.rekognition.collections + x-cfn-schema-name: Collection + x-type: list + x-identifiers: + - CollectionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CollectionId') as collection_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Rekognition::Collection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CollectionId') as collection_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Rekognition::Collection' + AND region = 'us-east-1' + collection: + name: collection + id: awscc.rekognition.collection + x-cfn-schema-name: Collection + x-type: get + x-identifiers: + - CollectionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CollectionId') as collection_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Rekognition::Collection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CollectionId') as collection_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Rekognition::Collection' + AND data__Identifier = '' + AND region = 'us-east-1' + projects: + name: projects + id: awscc.rekognition.projects + x-cfn-schema-name: Project + x-type: list + x-identifiers: + - ProjectName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProjectName') as project_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Rekognition::Project' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProjectName') as project_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Rekognition::Project' + AND region = 'us-east-1' + project: + name: project + id: awscc.rekognition.project + x-cfn-schema-name: Project + x-type: get + x-identifiers: + - ProjectName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ProjectName') as project_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Rekognition::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ProjectName') as project_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Rekognition::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + stream_processors: + name: stream_processors + id: awscc.rekognition.stream_processors + x-cfn-schema-name: StreamProcessor + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Rekognition::StreamProcessor' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Rekognition::StreamProcessor' + AND region = 'us-east-1' + stream_processor: + name: stream_processor + id: awscc.rekognition.stream_processor + x-cfn-schema-name: StreamProcessor + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.KinesisVideoStream') as kinesis_video_stream, + JSON_EXTRACT(Properties, '$.FaceSearchSettings') as face_search_settings, + JSON_EXTRACT(Properties, '$.ConnectedHomeSettings') as connected_home_settings, + JSON_EXTRACT(Properties, '$.KinesisDataStream') as kinesis_data_stream, + JSON_EXTRACT(Properties, '$.S3Destination') as s3_destination, + JSON_EXTRACT(Properties, '$.NotificationChannel') as notification_channel, + JSON_EXTRACT(Properties, '$.DataSharingPreference') as data_sharing_preference, + JSON_EXTRACT(Properties, '$.PolygonRegionsOfInterest') as polygon_regions_of_interest, + JSON_EXTRACT(Properties, '$.BoundingBoxRegionsOfInterest') as bounding_box_regions_of_interest, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusMessage') as status_message, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Rekognition::StreamProcessor' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'KinesisVideoStream') as kinesis_video_stream, + json_extract_path_text(Properties, 'FaceSearchSettings') as face_search_settings, + json_extract_path_text(Properties, 'ConnectedHomeSettings') as connected_home_settings, + json_extract_path_text(Properties, 'KinesisDataStream') as kinesis_data_stream, + json_extract_path_text(Properties, 'S3Destination') as s3_destination, + json_extract_path_text(Properties, 'NotificationChannel') as notification_channel, + json_extract_path_text(Properties, 'DataSharingPreference') as data_sharing_preference, + json_extract_path_text(Properties, 'PolygonRegionsOfInterest') as polygon_regions_of_interest, + json_extract_path_text(Properties, 'BoundingBoxRegionsOfInterest') as bounding_box_regions_of_interest, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusMessage') as status_message, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Rekognition::StreamProcessor' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/resiliencehub.yaml b/providers/src/awscc/v00.00.00000/services/resiliencehub.yaml new file mode 100644 index 00000000..f6f168f6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/resiliencehub.yaml @@ -0,0 +1,450 @@ +openapi: 3.0.0 +info: + title: ResilienceHub + version: 1.0.0 +paths: {} +components: + schemas: + TagValue: + type: string + maxLength: 256 + TagMap: + type: object + x-patternProperties: + .{1,128}: + $ref: '#/components/schemas/TagValue' + additionalProperties: false + PhysicalResourceId: + type: object + additionalProperties: false + properties: + AwsAccountId: + type: string + pattern: ^[0-9]{12}$ + AwsRegion: + type: string + pattern: ^[a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]$ + Identifier: + type: string + minLength: 1 + maxLength: 255 + Type: + type: string + pattern: Arn|Native + required: + - Identifier + - Type + ResourceMapping: + description: Resource mapping is used to map logical resources from template to physical resource + type: object + additionalProperties: false + properties: + LogicalStackName: + type: string + MappingType: + type: string + pattern: CfnStack|Resource|Terraform|EKS + ResourceName: + type: string + pattern: ^[A-Za-z0-9][A-Za-z0-9_\-]{1,59}$ + TerraformSourceName: + type: string + EksSourceName: + type: string + PhysicalResourceId: + $ref: '#/components/schemas/PhysicalResourceId' + required: + - MappingType + - PhysicalResourceId + IamRoleArn: + type: string + pattern: arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):iam::[0-9]{12}:role\/(([\u0021-\u007E]+\u002F){1,511})?[A-Za-z0-9+=,.@_/-]{1,64}$ + PermissionModel: + description: Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment. + type: object + additionalProperties: false + properties: + Type: + description: Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user. + type: string + enum: + - LegacyIAMUser + - RoleBased + InvokerRoleName: + description: Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment. + type: string + pattern: ((\u002F[\u0021-\u007E]+\u002F){1,511})?[A-Za-z0-9+=,.@_/-]{1,64} + CrossAccountRoleArns: + description: Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/IamRoleArn' + required: + - Type + EventSubscription: + description: Indicates an event you would like to subscribe and get notification for. + type: object + additionalProperties: false + properties: + Name: + description: Unique name to identify an event subscription. + type: string + maxLength: 256 + EventType: + description: The type of event you would like to subscribe and get notification for. + type: string + enum: + - ScheduledAssessmentFailure + - DriftDetected + SnsTopicArn: + description: Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. + type: string + pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9/][A-Za-z0-9:_/+.-]{0,1023}$ + required: + - Name + - EventType + App: + type: object + properties: + Name: + description: Name of the app. + type: string + pattern: ^[A-Za-z0-9][A-Za-z0-9_\-]{1,59}$ + Description: + description: App description. + type: string + minLength: 0 + maxLength: 500 + AppArn: + type: string + description: Amazon Resource Name (ARN) of the App. + pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + ResiliencyPolicyArn: + type: string + description: Amazon Resource Name (ARN) of the Resiliency Policy. + pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + Tags: + $ref: '#/components/schemas/TagMap' + AppTemplateBody: + description: A string containing full ResilienceHub app template body. + type: string + minLength: 0 + maxLength: 409600 + pattern: ^[\w\s:,-\.'\/{}\[\]:"]+$ + ResourceMappings: + description: An array of ResourceMapping objects. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ResourceMapping' + AppAssessmentSchedule: + description: Assessment execution schedule. + type: string + enum: + - Disabled + - Daily + PermissionModel: + $ref: '#/components/schemas/PermissionModel' + EventSubscriptions: + description: The list of events you would like to subscribe and get notification for. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/EventSubscription' + DriftStatus: + description: Indicates if compliance drifts (deviations) were detected while running an assessment for your application. + type: string + enum: + - NotChecked + - NotDetected + - Detected + required: + - Name + - AppTemplateBody + - ResourceMappings + x-stackql-resource-name: app + x-stackql-primaryIdentifier: + - AppArn + x-create-only-properties: + - Name + x-read-only-properties: + - AppArn + - DriftStatus + x-required-permissions: + create: + - cloudformation:DescribeStacks + - cloudformation:ListStackResources + - s3:GetBucketLocation + - s3:GetObject + - s3:ListAllMyBuckets + - autoscaling:DescribeAutoScalingGroups + - apigateway:GET + - ec2:Describe* + - ecs:DescribeServices + - eks:DescribeCluster + - elasticfilesystem:DescribeFileSystems + - elasticloadbalancing:DescribeLoadBalancers + - lambda:GetFunction* + - rds:Describe* + - dynamodb:Describe* + - sqs:GetQueueAttributes + - sns:GetTopicAttributes + - route53:List* + - iam:PassRole + - resiliencehub:* + read: + - resiliencehub:DescribeApp + - resiliencehub:DescribeAppVersionTemplate + - resiliencehub:ListAppVersionResourceMappings + - resiliencehub:ListTagsForResource + update: + - cloudformation:DescribeStacks + - cloudformation:ListStackResources + - s3:GetBucketLocation + - s3:GetObject + - s3:ListAllMyBuckets + - autoscaling:DescribeAutoScalingGroups + - apigateway:GET + - ec2:Describe* + - ecs:DescribeServices + - eks:DescribeCluster + - elasticfilesystem:DescribeFileSystems + - elasticloadbalancing:DescribeLoadBalancers + - lambda:GetFunction* + - rds:Describe* + - dynamodb:Describe* + - sqs:GetQueueAttributes + - sns:GetTopicAttributes + - route53:List* + - iam:PassRole + - resiliencehub:* + delete: + - resiliencehub:DeleteApp + - resiliencehub:UntagResource + - resiliencehub:ListApps + list: + - resiliencehub:ListApps + FailurePolicy: + description: Failure Policy. + type: object + properties: + RtoInSecs: + description: RTO in seconds. + type: integer + RpoInSecs: + description: RPO in seconds. + type: integer + required: + - RtoInSecs + - RpoInSecs + additionalProperties: false + PolicyMap: + type: object + x-patternProperties: + .*{1,8}: + $ref: '#/components/schemas/FailurePolicy' + additionalProperties: false + ResiliencyPolicy: + type: object + properties: + PolicyName: + description: Name of Resiliency Policy. + type: string + pattern: ^[A-Za-z0-9][A-Za-z0-9_\-]{1,59}$ + PolicyDescription: + description: Description of Resiliency Policy. + type: string + maxLength: 500 + DataLocationConstraint: + type: string + description: Data Location Constraint of the Policy. + enum: + - AnyLocation + - SameContinent + - SameCountry + Tier: + type: string + description: Resiliency Policy Tier. + enum: + - MissionCritical + - Critical + - Important + - CoreServices + - NonCritical + Policy: + $ref: '#/components/schemas/PolicyMap' + PolicyArn: + type: string + description: Amazon Resource Name (ARN) of the Resiliency Policy. + pattern: ^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$ + Tags: + $ref: '#/components/schemas/TagMap' + required: + - PolicyName + - Tier + - Policy + x-stackql-resource-name: resiliency_policy + x-stackql-primaryIdentifier: + - PolicyArn + x-read-only-properties: + - PolicyArn + x-required-permissions: + create: + - resiliencehub:CreateResiliencyPolicy + - resiliencehub:DescribeResiliencyPolicy + - resiliencehub:TagResource + update: + - resiliencehub:DescribeResiliencyPolicy + - resiliencehub:UpdateResiliencyPolicy + - resiliencehub:TagResource + - resiliencehub:UntagResource + - resiliencehub:ListTagsForResource + read: + - resiliencehub:DescribeResiliencyPolicy + - resiliencehub:ListTagsForResource + delete: + - resiliencehub:DeleteResiliencyPolicy + - resiliencehub:UntagResource + list: + - resiliencehub:ListResiliencyPolicies + x-stackQL-resources: + apps: + name: apps + id: awscc.resiliencehub.apps + x-cfn-schema-name: App + x-type: list + x-identifiers: + - AppArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppArn') as app_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResilienceHub::App' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppArn') as app_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResilienceHub::App' + AND region = 'us-east-1' + app: + name: app + id: awscc.resiliencehub.app + x-cfn-schema-name: App + x-type: get + x-identifiers: + - AppArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.AppArn') as app_arn, + JSON_EXTRACT(Properties, '$.ResiliencyPolicyArn') as resiliency_policy_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AppTemplateBody') as app_template_body, + JSON_EXTRACT(Properties, '$.ResourceMappings') as resource_mappings, + JSON_EXTRACT(Properties, '$.AppAssessmentSchedule') as app_assessment_schedule, + JSON_EXTRACT(Properties, '$.PermissionModel') as permission_model, + JSON_EXTRACT(Properties, '$.EventSubscriptions') as event_subscriptions, + JSON_EXTRACT(Properties, '$.DriftStatus') as drift_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResilienceHub::App' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'AppArn') as app_arn, + json_extract_path_text(Properties, 'ResiliencyPolicyArn') as resiliency_policy_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AppTemplateBody') as app_template_body, + json_extract_path_text(Properties, 'ResourceMappings') as resource_mappings, + json_extract_path_text(Properties, 'AppAssessmentSchedule') as app_assessment_schedule, + json_extract_path_text(Properties, 'PermissionModel') as permission_model, + json_extract_path_text(Properties, 'EventSubscriptions') as event_subscriptions, + json_extract_path_text(Properties, 'DriftStatus') as drift_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResilienceHub::App' + AND data__Identifier = '' + AND region = 'us-east-1' + resiliency_policies: + name: resiliency_policies + id: awscc.resiliencehub.resiliency_policies + x-cfn-schema-name: ResiliencyPolicy + x-type: list + x-identifiers: + - PolicyArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyArn') as policy_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResilienceHub::ResiliencyPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyArn') as policy_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResilienceHub::ResiliencyPolicy' + AND region = 'us-east-1' + resiliency_policy: + name: resiliency_policy + id: awscc.resiliencehub.resiliency_policy + x-cfn-schema-name: ResiliencyPolicy + x-type: get + x-identifiers: + - PolicyArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.PolicyDescription') as policy_description, + JSON_EXTRACT(Properties, '$.DataLocationConstraint') as data_location_constraint, + JSON_EXTRACT(Properties, '$.Tier') as tier, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.PolicyArn') as policy_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResilienceHub::ResiliencyPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'PolicyDescription') as policy_description, + json_extract_path_text(Properties, 'DataLocationConstraint') as data_location_constraint, + json_extract_path_text(Properties, 'Tier') as tier, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'PolicyArn') as policy_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResilienceHub::ResiliencyPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/resourceexplorer2.yaml b/providers/src/awscc/v00.00.00000/services/resourceexplorer2.yaml new file mode 100644 index 00000000..c1062174 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/resourceexplorer2.yaml @@ -0,0 +1,335 @@ +openapi: 3.0.0 +info: + title: ResourceExplorer2 + version: 1.0.0 +paths: {} +components: + schemas: + DefaultViewAssociation: + type: object + properties: + ViewArn: + type: string + AssociatedAwsPrincipal: + description: The AWS principal that the default view is associated with, used as the unique identifier for this resource. + type: string + pattern: ^[0-9]{12}$ + required: + - ViewArn + x-stackql-resource-name: default_view_association + x-stackql-primaryIdentifier: + - AssociatedAwsPrincipal + x-read-only-properties: + - AssociatedAwsPrincipal + x-required-permissions: + create: + - resource-explorer-2:GetDefaultView + - resource-explorer-2:AssociateDefaultView + update: + - resource-explorer-2:GetDefaultView + - resource-explorer-2:AssociateDefaultView + read: + - resource-explorer-2:GetDefaultView + delete: + - resource-explorer-2:GetDefaultView + - resource-explorer-2:DisassociateDefaultView + IndexType: + type: string + enum: + - LOCAL + - AGGREGATOR + TagMap: + type: object + x-patternProperties: + .+: + type: string + additionalProperties: false + IndexState: + type: string + enum: + - ACTIVE + - CREATING + - DELETING + - DELETED + - UPDATING + Index: + type: object + properties: + Arn: + type: string + Tags: + $ref: '#/components/schemas/TagMap' + Type: + $ref: '#/components/schemas/IndexType' + IndexState: + $ref: '#/components/schemas/IndexState' + required: + - Type + x-stackql-resource-name: index + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + - IndexState + x-required-permissions: + create: + - resource-explorer-2:CreateIndex + - resource-explorer-2:GetIndex + - resource-explorer-2:TagResource + - resource-explorer-2:UpdateIndexType + - resource-explorer-2:DeleteIndex + - iam:CreateServiceLinkedRole + update: + - resource-explorer-2:GetIndex + - resource-explorer-2:UpdateIndexType + - resource-explorer-2:TagResource + - resource-explorer-2:UntagResource + - resource-explorer-2:ListTagsForResource + delete: + - resource-explorer-2:DeleteIndex + - resource-explorer-2:GetIndex + - resource-explorer-2:UntagResource + list: + - resource-explorer-2:ListIndexes + read: + - resource-explorer-2:GetIndex + IncludedProperty: + type: object + properties: + Name: + type: string + maxLength: 1011 + minLength: 1 + required: + - Name + additionalProperties: false + SearchFilter: + type: object + properties: + FilterString: + type: string + maxLength: 2048 + minLength: 0 + required: + - FilterString + additionalProperties: false + View: + type: object + properties: + Filters: + $ref: '#/components/schemas/SearchFilter' + IncludedProperties: + type: array + items: + $ref: '#/components/schemas/IncludedProperty' + Scope: + type: string + Tags: + $ref: '#/components/schemas/TagMap' + ViewArn: + type: string + ViewName: + type: string + pattern: ^[a-zA-Z0-9\-]{1,64}$ + required: + - ViewName + x-stackql-resource-name: view + x-stackql-primaryIdentifier: + - ViewArn + x-create-only-properties: + - Scope + - ViewName + x-read-only-properties: + - ViewArn + x-required-permissions: + create: + - resource-explorer-2:CreateView + - resource-explorer-2:TagResource + read: + - resource-explorer-2:GetView + update: + - resource-explorer-2:UpdateView + - resource-explorer-2:TagResource + - resource-explorer-2:UntagResource + - resource-explorer-2:ListTagsForResource + delete: + - resource-explorer-2:DeleteView + - resource-explorer-2:GetView + - resource-explorer-2:UntagResource + list: + - resource-explorer-2:ListViews + x-stackQL-resources: + default_view_associations: + name: default_view_associations + id: awscc.resourceexplorer2.default_view_associations + x-cfn-schema-name: DefaultViewAssociation + x-type: list + x-identifiers: + - AssociatedAwsPrincipal + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociatedAwsPrincipal') as associated_aws_principal + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceExplorer2::DefaultViewAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociatedAwsPrincipal') as associated_aws_principal + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceExplorer2::DefaultViewAssociation' + AND region = 'us-east-1' + default_view_association: + name: default_view_association + id: awscc.resourceexplorer2.default_view_association + x-cfn-schema-name: DefaultViewAssociation + x-type: get + x-identifiers: + - AssociatedAwsPrincipal + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ViewArn') as view_arn, + JSON_EXTRACT(Properties, '$.AssociatedAwsPrincipal') as associated_aws_principal + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceExplorer2::DefaultViewAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ViewArn') as view_arn, + json_extract_path_text(Properties, 'AssociatedAwsPrincipal') as associated_aws_principal + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceExplorer2::DefaultViewAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + indices: + name: indices + id: awscc.resourceexplorer2.indices + x-cfn-schema-name: Index + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceExplorer2::Index' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceExplorer2::Index' + AND region = 'us-east-1' + index: + name: index + id: awscc.resourceexplorer2.index + x-cfn-schema-name: Index + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.IndexState') as index_state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceExplorer2::Index' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'IndexState') as index_state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceExplorer2::Index' + AND data__Identifier = '' + AND region = 'us-east-1' + views: + name: views + id: awscc.resourceexplorer2.views + x-cfn-schema-name: View + x-type: list + x-identifiers: + - ViewArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ViewArn') as view_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceExplorer2::View' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ViewArn') as view_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceExplorer2::View' + AND region = 'us-east-1' + view: + name: view + id: awscc.resourceexplorer2.view + x-cfn-schema-name: View + x-type: get + x-identifiers: + - ViewArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Filters') as filters, + JSON_EXTRACT(Properties, '$.IncludedProperties') as included_properties, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ViewArn') as view_arn, + JSON_EXTRACT(Properties, '$.ViewName') as view_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceExplorer2::View' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Filters') as filters, + json_extract_path_text(Properties, 'IncludedProperties') as included_properties, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ViewArn') as view_arn, + json_extract_path_text(Properties, 'ViewName') as view_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceExplorer2::View' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/resourcegroups.yaml b/providers/src/awscc/v00.00.00000/services/resourcegroups.yaml new file mode 100644 index 00000000..c3804aa5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/resourcegroups.yaml @@ -0,0 +1,206 @@ +openapi: 3.0.0 +info: + title: ResourceGroups + version: 1.0.0 +paths: {} +components: + schemas: + ResourceQuery: + type: object + properties: + Type: + type: string + enum: + - TAG_FILTERS_1_0 + - CLOUDFORMATION_STACK_1_0 + Query: + $ref: '#/components/schemas/Query' + additionalProperties: false + Query: + type: object + properties: + ResourceTypeFilters: + type: array + items: + type: string + StackIdentifier: + type: string + TagFilters: + type: array + items: + $ref: '#/components/schemas/TagFilter' + additionalProperties: false + TagFilter: + type: object + properties: + Key: + type: string + Values: + type: array + items: + type: string + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + pattern: ^(?!aws:).+ + Value: + type: string + additionalProperties: false + Configuration: + type: array + items: + $ref: '#/components/schemas/ConfigurationItem' + ConfigurationItem: + type: object + properties: + Type: + type: string + Parameters: + type: array + items: + $ref: '#/components/schemas/ConfigurationParameter' + additionalProperties: false + ConfigurationParameter: + type: object + properties: + Name: + type: string + Values: + type: array + items: + type: string + additionalProperties: false + Group: + type: object + properties: + Name: + description: The name of the resource group + type: string + maxLength: 128 + Description: + description: The description of the resource group + type: string + maxLength: 512 + ResourceQuery: + $ref: '#/components/schemas/ResourceQuery' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + Arn: + description: The Resource Group ARN. + type: string + Configuration: + $ref: '#/components/schemas/Configuration' + Resources: + type: array + items: + type: string + required: + - Name + x-stackql-resource-name: group + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - resource-groups:CreateGroup + - resource-groups:Tag + - cloudformation:DescribeStacks + - cloudformation:ListStackResources + - resource-groups:ListGroupResources + - resource-groups:GroupResources + read: + - resource-groups:GetGroup + - resource-groups:GetGroupQuery + - resource-groups:GetTags + - resource-groups:GetGroupConfiguration + - resource-groups:ListGroupResources + update: + - resource-groups:UpdateGroup + - resource-groups:GetTags + - resource-groups:GetGroupQuery + - resource-groups:UpdateGroupQuery + - resource-groups:Tag + - resource-groups:Untag + - resource-groups:PutGroupConfiguration + - resource-groups:GetGroupConfiguration + - resource-groups:ListGroupResources + - resource-groups:GroupResources + - resource-groups:UnGroupResources + delete: + - resource-groups:DeleteGroup + - resource-groups:UnGroupResources + list: + - resource-groups:ListGroups + x-stackQL-resources: + groups: + name: groups + id: awscc.resourcegroups.groups + x-cfn-schema-name: Group + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceGroups::Group' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ResourceGroups::Group' + AND region = 'us-east-1' + group: + name: group + id: awscc.resourcegroups.group + x-cfn-schema-name: Group + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ResourceQuery') as resource_query, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.Resources') as resources + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceGroups::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ResourceQuery') as resource_query, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'Resources') as resources + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ResourceGroups::Group' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/robomaker.yaml b/providers/src/awscc/v00.00.00000/services/robomaker.yaml new file mode 100644 index 00000000..ab5b40ba --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/robomaker.yaml @@ -0,0 +1,777 @@ +openapi: 3.0.0 +info: + title: RoboMaker + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + type: string + pattern: arn:[\w+=/,.@-]+:[\w+=/,.@-]+:[\w+=/,.@-]*:[0-9]*:[\w+=,.@-]+(/[\w+=,.@-]+)* + Tags: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + x-patternProperties: + ^[a-zA-Z0-9-]{1,128}$: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 256 + Fleet: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + Tags: + $ref: '#/components/schemas/Tags' + Name: + description: The name of the fleet. + type: string + minLength: 1 + maxLength: 255 + pattern: '[a-zA-Z0-9_\-]{1,255}$' + required: [] + x-stackql-resource-name: fleet + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - robomaker:CreateFleet + read: + - robomaker:DescribeFleet + delete: + - robomaker:DeleteFleet + update: + - robomaker:TagResource + - robomaker:UntagResource + list: + - robomaker:ListFleets + Robot: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + Fleet: + description: The Amazon Resource Name (ARN) of the fleet. + type: string + minLength: 1 + maxLength: 1224 + Architecture: + description: The target architecture of the robot. + type: string + enum: + - X86_64 + - ARM64 + - ARMHF + GreengrassGroupId: + description: The Greengrass group id. + type: string + minLength: 1 + maxLength: 1224 + Tags: + $ref: '#/components/schemas/Tags' + Name: + description: The name for the robot. + type: string + minLength: 1 + maxLength: 255 + required: + - GreengrassGroupId + - Architecture + x-stackql-resource-name: robot + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - GreengrassGroupId + - Name + - Architecture + - Fleet + x-read-only-properties: + - Arn + x-required-permissions: + create: + - robomaker:CreateRobot + - robomaker:RegisterRobot + read: + - robomaker:DescribeRobot + delete: + - robomaker:DescribeRobot + - robomaker:DeleteRobot + - robomaker:DeregisterRobot + list: + - robomaker:ListRobots + update: + - robomaker:TagResource + - robomaker:UntagResource + SourceConfig: + type: object + description: Information about a source configuration. + properties: + S3Bucket: + type: string + description: The Amazon S3 bucket name. + pattern: '[a-z0-9][a-z0-9.\-]*[a-z0-9]' + S3Key: + type: string + description: The s3 object key. + minLength: 1 + maxLength: 1024 + Architecture: + type: string + description: The target processor architecture for the application. + enum: + - X86_64 + - ARM64 + - ARMHF + required: + - S3Bucket + - S3Key + - Architecture + additionalProperties: false + RobotSoftwareSuite: + description: Information about a robot software suite. + type: object + properties: + Name: + type: string + description: The name of the robot software suite. + enum: + - ROS + - ROS2 + - General + Version: + type: string + description: The version of the robot software suite. + enum: + - Kinetic + - Melodic + - Dashing + - Foxy + required: + - Name + additionalProperties: false + RobotApplication: + type: object + properties: + Name: + description: The name of the robot application. + type: string + minLength: 1 + maxLength: 255 + Sources: + description: The sources of the robot application. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SourceConfig' + Environment: + description: The URI of the Docker image for the robot application. + type: string + RobotSoftwareSuite: + $ref: '#/components/schemas/RobotSoftwareSuite' + CurrentRevisionId: + description: The revision ID of robot application. + type: string + minLength: 1 + maxLength: 40 + Arn: + $ref: '#/components/schemas/Arn' + Tags: + $ref: '#/components/schemas/Tags' + required: + - RobotSoftwareSuite + x-stackql-resource-name: robot_application + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - robomaker:CreateRobotApplication + - robomaker:TagResource + - robomaker:UntagResource + - ecr:BatchGetImage + - ecr:GetAuthorizationToken + - ecr:BatchCheckLayerAvailability + - ecr-public:GetAuthorizationToken + - sts:GetServiceBearerToken + read: + - robomaker:DescribeRobotApplication + update: + - robomaker:TagResource + - robomaker:UntagResource + - robomaker:UpdateRobotApplication + - ecr:BatchGetImage + - ecr:GetAuthorizationToken + - ecr:BatchCheckLayerAvailability + - ecr-public:GetAuthorizationToken + delete: + - robomaker:DescribeRobotApplication + - robomaker:DeleteRobotApplication + list: + - robomaker:ListRobotApplications + RobotApplicationVersion: + type: object + properties: + Application: + $ref: '#/components/schemas/Arn' + CurrentRevisionId: + description: The revision ID of robot application. + type: string + minLength: 1 + maxLength: 40 + pattern: '[a-zA-Z0-9_.\-]*' + ApplicationVersion: + type: string + Arn: + $ref: '#/components/schemas/Arn' + required: + - Application + x-stackql-resource-name: robot_application_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Application + - CurrentRevisionId + x-read-only-properties: + - ApplicationVersion + - Arn + x-required-permissions: + create: + - robomaker:CreateRobotApplicationVersion + - s3:GetObject + - ecr:BatchGetImage + - ecr:GetAuthorizationToken + - ecr:BatchCheckLayerAvailability + - ecr-public:GetAuthorizationToken + - sts:GetServiceBearerToken + delete: + - robomaker:DeleteRobotApplication + - robomaker:DescribeRobotApplication + read: + - robomaker:DescribeRobotApplication + RenderingEngine: + description: Information about a rendering engine. + type: object + properties: + Name: + type: string + description: The name of the rendering engine. + enum: + - OGRE + Version: + type: string + description: The version of the rendering engine. + pattern: 1.x + required: + - Name + - Version + additionalProperties: false + SimulationSoftwareSuite: + description: Information about a simulation software suite. + type: object + properties: + Name: + type: string + description: The name of the simulation software suite. + enum: + - Gazebo + - RosbagPlay + - SimulationRuntime + Version: + type: string + description: The version of the simulation software suite. + enum: + - '7' + - '9' + - '11' + - Kinetic + - Melodic + - Dashing + - Foxy + required: + - Name + additionalProperties: false + SimulationApplication: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + Name: + description: The name of the simulation application. + type: string + minLength: 1 + maxLength: 255 + pattern: '[a-zA-Z0-9_\-]*' + CurrentRevisionId: + description: The current revision id. + type: string + RenderingEngine: + description: The rendering engine for the simulation application. + $ref: '#/components/schemas/RenderingEngine' + RobotSoftwareSuite: + description: The robot software suite used by the simulation application. + $ref: '#/components/schemas/RobotSoftwareSuite' + SimulationSoftwareSuite: + description: The simulation software suite used by the simulation application. + $ref: '#/components/schemas/SimulationSoftwareSuite' + Sources: + description: The sources of the simulation application. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/SourceConfig' + Environment: + description: The URI of the Docker image for the robot application. + type: string + Tags: + $ref: '#/components/schemas/Tags' + required: + - RobotSoftwareSuite + - SimulationSoftwareSuite + x-stackql-resource-name: simulation_application + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - robomaker:CreateSimulationApplication + - robomaker:TagResource + - robomaker:UntagResource + - ecr:BatchGetImage + - ecr:GetAuthorizationToken + - ecr:BatchCheckLayerAvailability + - ecr-public:GetAuthorizationToken + - sts:GetServiceBearerToken + read: + - robomaker:DescribeSimulationApplication + update: + - robomaker:TagResource + - robomaker:UntagResource + - robomaker:UpdateSimulationApplication + - ecr:BatchGetImage + - ecr:GetAuthorizationToken + - ecr:BatchCheckLayerAvailability + - ecr-public:GetAuthorizationToken + delete: + - robomaker:DescribeSimulationApplication + - robomaker:DeleteSimulationApplication + list: + - robomaker:ListSimulationApplications + SimulationApplicationVersion: + type: object + properties: + Application: + $ref: '#/components/schemas/Arn' + CurrentRevisionId: + description: The revision ID of robot application. + type: string + minLength: 1 + maxLength: 40 + pattern: '[a-zA-Z0-9_.\-]*' + ApplicationVersion: + type: string + Arn: + $ref: '#/components/schemas/Arn' + required: + - Application + x-stackql-resource-name: simulation_application_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Application + - CurrentRevisionId + x-read-only-properties: + - ApplicationVersion + - Arn + x-required-permissions: + create: + - robomaker:CreateSimulationApplicationVersion + - s3:GetObject + - ecr:BatchGetImage + - ecr:GetAuthorizationToken + - ecr:BatchCheckLayerAvailability + - ecr-public:GetAuthorizationToken + - sts:GetServiceBearerToken + delete: + - robomaker:DeleteSimulationApplication + - robomaker:DescribeSimulationApplication + read: + - robomaker:DescribeSimulationApplication + x-stackQL-resources: + fleets: + name: fleets + id: awscc.robomaker.fleets + x-cfn-schema-name: Fleet + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::Fleet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::Fleet' + AND region = 'us-east-1' + fleet: + name: fleet + id: awscc.robomaker.fleet + x-cfn-schema-name: Fleet + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::Fleet' + AND data__Identifier = '' + AND region = 'us-east-1' + robots: + name: robots + id: awscc.robomaker.robots + x-cfn-schema-name: Robot + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::Robot' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::Robot' + AND region = 'us-east-1' + robot: + name: robot + id: awscc.robomaker.robot + x-cfn-schema-name: Robot + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Fleet') as fleet, + JSON_EXTRACT(Properties, '$.Architecture') as architecture, + JSON_EXTRACT(Properties, '$.GreengrassGroupId') as greengrass_group_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::Robot' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Fleet') as fleet, + json_extract_path_text(Properties, 'Architecture') as architecture, + json_extract_path_text(Properties, 'GreengrassGroupId') as greengrass_group_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::Robot' + AND data__Identifier = '' + AND region = 'us-east-1' + robot_applications: + name: robot_applications + id: awscc.robomaker.robot_applications + x-cfn-schema-name: RobotApplication + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::RobotApplication' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::RobotApplication' + AND region = 'us-east-1' + robot_application: + name: robot_application + id: awscc.robomaker.robot_application + x-cfn-schema-name: RobotApplication + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Sources') as sources, + JSON_EXTRACT(Properties, '$.Environment') as environment, + JSON_EXTRACT(Properties, '$.RobotSoftwareSuite') as robot_software_suite, + JSON_EXTRACT(Properties, '$.CurrentRevisionId') as current_revision_id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::RobotApplication' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Sources') as sources, + json_extract_path_text(Properties, 'Environment') as environment, + json_extract_path_text(Properties, 'RobotSoftwareSuite') as robot_software_suite, + json_extract_path_text(Properties, 'CurrentRevisionId') as current_revision_id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::RobotApplication' + AND data__Identifier = '' + AND region = 'us-east-1' + robot_application_versions: + name: robot_application_versions + id: awscc.robomaker.robot_application_versions + x-cfn-schema-name: RobotApplicationVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::RobotApplicationVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::RobotApplicationVersion' + AND region = 'us-east-1' + robot_application_version: + name: robot_application_version + id: awscc.robomaker.robot_application_version + x-cfn-schema-name: RobotApplicationVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Application') as application, + JSON_EXTRACT(Properties, '$.CurrentRevisionId') as current_revision_id, + JSON_EXTRACT(Properties, '$.ApplicationVersion') as application_version, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::RobotApplicationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Application') as application, + json_extract_path_text(Properties, 'CurrentRevisionId') as current_revision_id, + json_extract_path_text(Properties, 'ApplicationVersion') as application_version, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::RobotApplicationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + simulation_applications: + name: simulation_applications + id: awscc.robomaker.simulation_applications + x-cfn-schema-name: SimulationApplication + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplication' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplication' + AND region = 'us-east-1' + simulation_application: + name: simulation_application + id: awscc.robomaker.simulation_application + x-cfn-schema-name: SimulationApplication + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.CurrentRevisionId') as current_revision_id, + JSON_EXTRACT(Properties, '$.RenderingEngine') as rendering_engine, + JSON_EXTRACT(Properties, '$.RobotSoftwareSuite') as robot_software_suite, + JSON_EXTRACT(Properties, '$.SimulationSoftwareSuite') as simulation_software_suite, + JSON_EXTRACT(Properties, '$.Sources') as sources, + JSON_EXTRACT(Properties, '$.Environment') as environment, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplication' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'CurrentRevisionId') as current_revision_id, + json_extract_path_text(Properties, 'RenderingEngine') as rendering_engine, + json_extract_path_text(Properties, 'RobotSoftwareSuite') as robot_software_suite, + json_extract_path_text(Properties, 'SimulationSoftwareSuite') as simulation_software_suite, + json_extract_path_text(Properties, 'Sources') as sources, + json_extract_path_text(Properties, 'Environment') as environment, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplication' + AND data__Identifier = '' + AND region = 'us-east-1' + simulation_application_versions: + name: simulation_application_versions + id: awscc.robomaker.simulation_application_versions + x-cfn-schema-name: SimulationApplicationVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplicationVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplicationVersion' + AND region = 'us-east-1' + simulation_application_version: + name: simulation_application_version + id: awscc.robomaker.simulation_application_version + x-cfn-schema-name: SimulationApplicationVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Application') as application, + JSON_EXTRACT(Properties, '$.CurrentRevisionId') as current_revision_id, + JSON_EXTRACT(Properties, '$.ApplicationVersion') as application_version, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplicationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Application') as application, + json_extract_path_text(Properties, 'CurrentRevisionId') as current_revision_id, + json_extract_path_text(Properties, 'ApplicationVersion') as application_version, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RoboMaker::SimulationApplicationVersion' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/rolesanywhere.yaml b/providers/src/awscc/v00.00.00000/services/rolesanywhere.yaml new file mode 100644 index 00000000..883bb4ea --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/rolesanywhere.yaml @@ -0,0 +1,458 @@ +openapi: 3.0.0 +info: + title: RolesAnywhere + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + Value: + type: string + maxLength: 256 + minLength: 0 + required: + - Key + - Value + additionalProperties: false + CRL: + type: object + properties: + CrlData: + type: string + CrlId: + type: string + pattern: '[a-f0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}' + Enabled: + type: boolean + Name: + type: string + TrustAnchorArn: + type: string + pattern: ^arn:aws(-[^:]+)?:rolesanywhere(:.*){2}(:trust-anchor.*)$ + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + required: + - Name + - CrlData + x-stackql-resource-name: crl + x-stackql-primaryIdentifier: + - CrlId + x-read-only-properties: + - CrlId + x-required-permissions: + create: + - rolesanywhere:ImportCrl + - rolesanywhere:TagResource + - rolesanywhere:ListTagsForResource + read: + - rolesanywhere:GetCrl + - rolesanywhere:ListTagsForResource + update: + - rolesanywhere:EnableCrl + - rolesanywhere:DisableCrl + - rolesanywhere:UpdateCrl + - rolesanywhere:TagResource + - rolesanywhere:UntagResource + - rolesanywhere:ListTagsForResource + delete: + - rolesanywhere:DeleteCrl + list: + - rolesanywhere:ListCrls + - rolesanywhere:ListTagsForResource + Profile: + type: object + properties: + DurationSeconds: + type: number + maximum: 43200 + minimum: 900 + Enabled: + type: boolean + ManagedPolicyArns: + type: array + items: + type: string + Name: + type: string + ProfileArn: + type: string + ProfileId: + type: string + pattern: '[a-f0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}' + RequireInstanceProperties: + type: boolean + RoleArns: + type: array + items: + type: string + maxLength: 1011 + minLength: 1 + SessionPolicy: + type: string + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + required: + - Name + - RoleArns + x-stackql-resource-name: profile + x-stackql-primaryIdentifier: + - ProfileId + x-read-only-properties: + - ProfileId + - ProfileArn + x-required-permissions: + create: + - iam:GetRole + - iam:GetPolicy + - iam:PassRole + - rolesanywhere:CreateProfile + - rolesanywhere:TagResource + - rolesanywhere:ListTagsForResource + read: + - rolesanywhere:GetProfile + - rolesanywhere:ListTagsForResource + update: + - iam:GetRole + - iam:GetPolicy + - iam:PassRole + - rolesanywhere:UpdateProfile + - rolesanywhere:EnableProfile + - rolesanywhere:DisableProfile + - rolesanywhere:TagResource + - rolesanywhere:UntagResource + - rolesanywhere:ListTagsForResource + delete: + - rolesanywhere:DeleteProfile + list: + - rolesanywhere:ListProfiles + - rolesanywhere:ListTagsForResource + NotificationChannel: + type: string + enum: + - ALL + NotificationEvent: + type: string + enum: + - CA_CERTIFICATE_EXPIRY + - END_ENTITY_CERTIFICATE_EXPIRY + NotificationSetting: + type: object + properties: + Enabled: + type: boolean + Event: + $ref: '#/components/schemas/NotificationEvent' + Threshold: + type: number + maximum: 360 + minimum: 1 + Channel: + $ref: '#/components/schemas/NotificationChannel' + required: + - Enabled + - Event + additionalProperties: false + Source: + type: object + properties: + SourceType: + $ref: '#/components/schemas/TrustAnchorType' + SourceData: + $ref: '#/components/schemas/SourceData' + additionalProperties: false + SourceData: + oneOf: + - type: object + title: X509CertificateData + properties: + X509CertificateData: + type: string + required: + - X509CertificateData + additionalProperties: false + - type: object + title: AcmPcaArn + properties: + AcmPcaArn: + type: string + required: + - AcmPcaArn + additionalProperties: false + TrustAnchorType: + type: string + enum: + - AWS_ACM_PCA + - CERTIFICATE_BUNDLE + - SELF_SIGNED_REPOSITORY + TrustAnchor: + type: object + properties: + Enabled: + type: boolean + Name: + type: string + NotificationSettings: + type: array + items: + $ref: '#/components/schemas/NotificationSetting' + maxItems: 50 + minItems: 0 + Source: + $ref: '#/components/schemas/Source' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + TrustAnchorId: + type: string + pattern: '[a-f0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}' + TrustAnchorArn: + type: string + pattern: '[a-f0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}' + required: + - Name + - Source + x-stackql-resource-name: trust_anchor + x-stackql-primaryIdentifier: + - TrustAnchorId + x-read-only-properties: + - TrustAnchorId + - TrustAnchorArn + x-required-permissions: + create: + - iam:CreateServiceLinkedRole + - rolesanywhere:CreateTrustAnchor + - rolesanywhere:TagResource + - rolesanywhere:ListTagsForResource + read: + - rolesanywhere:GetTrustAnchor + - rolesanywhere:ListTagsForResource + update: + - acm-pca:GetCertificateAuthorityCertificate + - rolesanywhere:ListTagsForResource + - rolesanywhere:TagResource + - rolesanywhere:UntagResource + - rolesanywhere:EnableTrustAnchor + - rolesanywhere:DisableTrustAnchor + - rolesanywhere:UpdateTrustAnchor + - rolesanywhere:GetTrustAnchor + - rolesanywhere:PutNotificationSettings + - rolesanywhere:ResetNotificationSettings + delete: + - rolesanywhere:DeleteTrustAnchor + list: + - rolesanywhere:ListTrustAnchors + - rolesanywhere:ListTagsForResource + x-stackQL-resources: + crls: + name: crls + id: awscc.rolesanywhere.crls + x-cfn-schema-name: CRL + x-type: list + x-identifiers: + - CrlId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CrlId') as crl_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RolesAnywhere::CRL' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CrlId') as crl_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RolesAnywhere::CRL' + AND region = 'us-east-1' + crl: + name: crl + id: awscc.rolesanywhere.crl + x-cfn-schema-name: CRL + x-type: get + x-identifiers: + - CrlId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CrlData') as crl_data, + JSON_EXTRACT(Properties, '$.CrlId') as crl_id, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.TrustAnchorArn') as trust_anchor_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RolesAnywhere::CRL' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CrlData') as crl_data, + json_extract_path_text(Properties, 'CrlId') as crl_id, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'TrustAnchorArn') as trust_anchor_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RolesAnywhere::CRL' + AND data__Identifier = '' + AND region = 'us-east-1' + profiles: + name: profiles + id: awscc.rolesanywhere.profiles + x-cfn-schema-name: Profile + x-type: list + x-identifiers: + - ProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProfileId') as profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RolesAnywhere::Profile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProfileId') as profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RolesAnywhere::Profile' + AND region = 'us-east-1' + profile: + name: profile + id: awscc.rolesanywhere.profile + x-cfn-schema-name: Profile + x-type: get + x-identifiers: + - ProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DurationSeconds') as duration_seconds, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.ManagedPolicyArns') as managed_policy_arns, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ProfileArn') as profile_arn, + JSON_EXTRACT(Properties, '$.ProfileId') as profile_id, + JSON_EXTRACT(Properties, '$.RequireInstanceProperties') as require_instance_properties, + JSON_EXTRACT(Properties, '$.RoleArns') as role_arns, + JSON_EXTRACT(Properties, '$.SessionPolicy') as session_policy, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RolesAnywhere::Profile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DurationSeconds') as duration_seconds, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'ManagedPolicyArns') as managed_policy_arns, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ProfileArn') as profile_arn, + json_extract_path_text(Properties, 'ProfileId') as profile_id, + json_extract_path_text(Properties, 'RequireInstanceProperties') as require_instance_properties, + json_extract_path_text(Properties, 'RoleArns') as role_arns, + json_extract_path_text(Properties, 'SessionPolicy') as session_policy, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RolesAnywhere::Profile' + AND data__Identifier = '' + AND region = 'us-east-1' + trust_anchors: + name: trust_anchors + id: awscc.rolesanywhere.trust_anchors + x-cfn-schema-name: TrustAnchor + x-type: list + x-identifiers: + - TrustAnchorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TrustAnchorId') as trust_anchor_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RolesAnywhere::TrustAnchor' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TrustAnchorId') as trust_anchor_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RolesAnywhere::TrustAnchor' + AND region = 'us-east-1' + trust_anchor: + name: trust_anchor + id: awscc.rolesanywhere.trust_anchor + x-cfn-schema-name: TrustAnchor + x-type: get + x-identifiers: + - TrustAnchorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Enabled') as enabled, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.NotificationSettings') as notification_settings, + JSON_EXTRACT(Properties, '$.Source') as source, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TrustAnchorId') as trust_anchor_id, + JSON_EXTRACT(Properties, '$.TrustAnchorArn') as trust_anchor_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RolesAnywhere::TrustAnchor' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Enabled') as enabled, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'NotificationSettings') as notification_settings, + json_extract_path_text(Properties, 'Source') as source, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TrustAnchorId') as trust_anchor_id, + json_extract_path_text(Properties, 'TrustAnchorArn') as trust_anchor_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RolesAnywhere::TrustAnchor' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/route53.yaml b/providers/src/awscc/v00.00.00000/services/route53.yaml new file mode 100644 index 00000000..6b726b97 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/route53.yaml @@ -0,0 +1,745 @@ +openapi: 3.0.0 +info: + title: Route53 + version: 1.0.0 +paths: {} +components: + schemas: + Location: + type: object + additionalProperties: false + properties: + LocationName: + description: The name of the location that is associated with the CIDR collection. + type: string + minLength: 1 + maxLength: 16 + CidrList: + description: A list of CIDR blocks. + type: array + uniqueItems: true + x-insertionOrder: false + items: + type: string + required: + - LocationName + - CidrList + CidrCollection: + type: object + properties: + Id: + description: UUID of the CIDR collection. + type: string + Name: + description: A unique name for the CIDR collection. + type: string + pattern: ^[0-9A-Za-z_\-]+$ + minLength: 1 + maxLength: 64 + Arn: + description: The Amazon resource name (ARN) to uniquely identify the AWS resource. + type: string + Locations: + description: A complex type that contains information about the list of CIDR locations. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Location' + required: + - Name + x-stackql-resource-name: cidr_collection + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - route53:CreateCidrCollection + - route53:ChangeCidrCollection + read: + - route53:ListCidrCollections + - route53:ListCidrBlocks + update: + - route53:ChangeCidrCollection + delete: + - route53:DeleteCidrCollection + - route53:ChangeCidrCollection + list: + - route53:ListCidrCollections + - route53:ListCidrBlocks + DNSSEC: + type: object + properties: + HostedZoneId: + description: The unique string (ID) used to identify a hosted zone. + type: string + pattern: ^[A-Z0-9]{1,32}$ + required: + - HostedZoneId + x-stackql-resource-name: dnssec + x-stackql-primaryIdentifier: + - HostedZoneId + x-create-only-properties: + - HostedZoneId + x-required-permissions: + create: + - route53:GetDNSSEC + - route53:EnableHostedZoneDNSSEC + - kms:DescribeKey + - kms:GetPublicKey + - kms:Sign + - kms:CreateGrant + read: + - route53:GetDNSSEC + delete: + - route53:GetDNSSEC + - route53:DisableHostedZoneDNSSEC + - kms:DescribeKey + - kms:GetPublicKey + - kms:Sign + - kms:CreateGrant + list: + - route53:GetDNSSEC + - route53:ListHostedZones + AlarmIdentifier: + description: A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy. + type: object + additionalProperties: false + properties: + Name: + description: The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy. + type: string + minLength: 1 + maxLength: 256 + Region: + description: For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in. + type: string + required: + - Name + - Region + HealthCheckTag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: The key name of the tag. + maxLength: 128 + Value: + type: string + description: The value for the tag. + maxLength: 256 + required: + - Value + - Key + HealthCheck: + type: object + properties: + HealthCheckId: + type: string + HealthCheckConfig: + description: A complex type that contains information about the health check. + type: object + properties: + AlarmIdentifier: + $ref: '#/components/schemas/AlarmIdentifier' + ChildHealthChecks: + type: array + items: + type: string + maxItems: 256 + x-insertionOrder: false + EnableSNI: + type: boolean + FailureThreshold: + type: integer + minimum: 1 + maximum: 10 + FullyQualifiedDomainName: + type: string + maxLength: 255 + HealthThreshold: + type: integer + minimum: 0 + maximum: 256 + InsufficientDataHealthStatus: + type: string + enum: + - Healthy + - LastKnownStatus + - Unhealthy + Inverted: + type: boolean + IPAddress: + type: string + maxLength: 45 + pattern: >- + ^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$ + MeasureLatency: + type: boolean + Port: + type: integer + minimum: 1 + maximum: 65535 + Regions: + type: array + items: + type: string + maxItems: 64 + x-insertionOrder: false + RequestInterval: + type: integer + minimum: 10 + maximum: 30 + ResourcePath: + type: string + maxLength: 255 + SearchString: + type: string + maxLength: 255 + RoutingControlArn: + type: string + minLength: 1 + maxLength: 255 + Type: + type: string + enum: + - CALCULATED + - CLOUDWATCH_METRIC + - HTTP + - HTTP_STR_MATCH + - HTTPS + - HTTPS_STR_MATCH + - TCP + - RECOVERY_CONTROL + required: + - Type + additionalProperties: false + HealthCheckTags: + type: array + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/HealthCheckTag' + required: + - HealthCheckConfig + x-stackql-resource-name: health_check + x-stackql-primaryIdentifier: + - HealthCheckId + x-create-only-properties: + - HealthCheckConfig/Type + - HealthCheckConfig/MeasureLatency + - HealthCheckConfig/RequestInterval + x-read-only-properties: + - HealthCheckId + x-required-permissions: + create: + - route53:CreateHealthCheck + - route53:ChangeTagsForResource + - cloudwatch:DescribeAlarms + - route53-recovery-control-config:DescribeRoutingControl + read: + - route53:GetHealthCheck + - route53:ListTagsForResource + update: + - route53:UpdateHealthCheck + - route53:ChangeTagsForResource + - route53:ListTagsForResource + - cloudwatch:DescribeAlarms + delete: + - route53:DeleteHealthCheck + list: + - route53:ListHealthChecks + - route53:ListTagsForResource + HostedZoneConfig: + description: |- + A complex type that contains an optional comment. + + If you don't want to specify a comment, omit the HostedZoneConfig and Comment elements. + type: object + additionalProperties: false + properties: + Comment: + description: Any comments that you want to include about the hosted zone. + type: string + maxLength: 256 + HostedZoneTag: + description: A complex type that contains information about a tag that you want to add or edit for the specified health check or hosted zone. + type: object + additionalProperties: false + properties: + Key: + type: string + description: The key name of the tag. + maxLength: 128 + Value: + type: string + description: The value for the tag. + maxLength: 256 + required: + - Value + - Key + QueryLoggingConfig: + description: A complex type that contains information about a configuration for DNS query logging. + type: object + additionalProperties: false + properties: + CloudWatchLogsLogGroupArn: + description: The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to. + type: string + required: + - CloudWatchLogsLogGroupArn + VPC: + description: A complex type that contains information about an Amazon VPC. Route 53 Resolver uses the records in the private hosted zone to route traffic in that VPC. + type: object + additionalProperties: false + properties: + VPCId: + description: The ID of an Amazon VPC. + type: string + VPCRegion: + description: The region that an Amazon VPC was created in. See https://docs.aws.amazon.com/general/latest/gr/rande.html for a list of up to date regions. + type: string + required: + - VPCId + - VPCRegion + HostedZone: + type: object + properties: + Id: + type: string + HostedZoneConfig: + $ref: '#/components/schemas/HostedZoneConfig' + HostedZoneTags: + description: |- + Adds, edits, or deletes tags for a health check or a hosted zone. + + For information about using tags for cost allocation, see Using Cost Allocation Tags in the AWS Billing and Cost Management User Guide. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/HostedZoneTag' + Name: + description: |- + The name of the domain. Specify a fully qualified domain name, for example, www.example.com. The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats www.example.com (without a trailing dot) and www.example.com. (with a trailing dot) as identical. + + If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of NameServers that are returned by the Fn::GetAtt intrinsic function. + type: string + maxLength: 1024 + QueryLoggingConfig: + $ref: '#/components/schemas/QueryLoggingConfig' + VPCs: + description: A complex type that contains information about the VPCs that are associated with the specified hosted zone. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/VPC' + NameServers: + type: array + uniqueItems: false + items: + type: string + x-stackql-resource-name: hosted_zone + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + x-read-only-properties: + - Id + - NameServers + x-required-permissions: + create: + - route53:CreateHostedZone + - route53:CreateQueryLoggingConfig + - route53:ChangeTagsForResource + - route53:GetChange + - route53:AssociateVPCWithHostedZone + - ec2:DescribeVpcs + read: + - route53:GetHostedZone + - route53:ListTagsForResource + - route53:ListQueryLoggingConfigs + update: + - route53:GetChange + - route53:ListTagsForResource + - route53:UpdateHostedZoneComment + - route53:ChangeTagsForResource + - route53:AssociateVPCWithHostedZone + - route53:DisassociateVPCFromHostedZone + - route53:CreateQueryLoggingConfig + - route53:DeleteQueryLoggingConfig + - ec2:DescribeVpcs + delete: + - route53:DeleteHostedZone + - route53:DeleteQueryLoggingConfig + - route53:ListQueryLoggingConfigs + - route53:GetChange + list: + - route53:GetHostedZone + - route53:ListHostedZones + - route53:ListHostedZonesByName + - route53:ListQueryLoggingConfigs + - route53:ListTagsForResource + KeySigningKey: + type: object + properties: + HostedZoneId: + description: The unique string (ID) used to identify a hosted zone. + type: string + pattern: ^[A-Z0-9]{1,32}$ + Status: + description: A string specifying the initial status of the key signing key (KSK). You can set the value to ACTIVE or INACTIVE. + type: string + enum: + - ACTIVE + - INACTIVE + Name: + description: An alphanumeric string used to identify a key signing key (KSK). Name must be unique for each key signing key in the same hosted zone. + type: string + pattern: ^[a-zA-Z0-9_]{3,128}$ + KeyManagementServiceArn: + description: The Amazon resource name (ARN) for a customer managed key (CMK) in AWS Key Management Service (KMS). The KeyManagementServiceArn must be unique for each key signing key (KSK) in a single hosted zone. + type: string + minLength: 1 + maxLength: 256 + required: + - Status + - HostedZoneId + - Name + - KeyManagementServiceArn + x-stackql-resource-name: key_signing_key + x-stackql-primaryIdentifier: + - HostedZoneId + - Name + x-create-only-properties: + - HostedZoneId + - Name + - KeyManagementServiceArn + x-required-permissions: + create: + - route53:CreateKeySigningKey + - kms:DescribeKey + - kms:GetPublicKey + - kms:Sign + - kms:CreateGrant + read: + - route53:GetDNSSEC + update: + - route53:GetDNSSEC + - route53:ActivateKeySigningKey + - route53:DeactivateKeySigningKey + - kms:DescribeKey + - kms:GetPublicKey + - kms:Sign + - kms:CreateGrant + delete: + - route53:DeactivateKeySigningKey + - route53:DeleteKeySigningKey + - kms:DescribeKey + - kms:GetPublicKey + - kms:Sign + - kms:CreateGrant + list: + - route53:GetDNSSEC + - route53:ListHostedZones + x-stackQL-resources: + cidr_collections: + name: cidr_collections + id: awscc.route53.cidr_collections + x-cfn-schema-name: CidrCollection + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::CidrCollection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::CidrCollection' + AND region = 'us-east-1' + cidr_collection: + name: cidr_collection + id: awscc.route53.cidr_collection + x-cfn-schema-name: CidrCollection + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Locations') as locations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::CidrCollection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Locations') as locations + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::CidrCollection' + AND data__Identifier = '' + AND region = 'us-east-1' + dnssecs: + name: dnssecs + id: awscc.route53.dnssecs + x-cfn-schema-name: DNSSEC + x-type: list + x-identifiers: + - HostedZoneId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HostedZoneId') as hosted_zone_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::DNSSEC' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HostedZoneId') as hosted_zone_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::DNSSEC' + AND region = 'us-east-1' + dnssec: + name: dnssec + id: awscc.route53.dnssec + x-cfn-schema-name: DNSSEC + x-type: get + x-identifiers: + - HostedZoneId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HostedZoneId') as hosted_zone_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::DNSSEC' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HostedZoneId') as hosted_zone_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::DNSSEC' + AND data__Identifier = '' + AND region = 'us-east-1' + health_checks: + name: health_checks + id: awscc.route53.health_checks + x-cfn-schema-name: HealthCheck + x-type: list + x-identifiers: + - HealthCheckId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HealthCheckId') as health_check_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::HealthCheck' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HealthCheckId') as health_check_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::HealthCheck' + AND region = 'us-east-1' + health_check: + name: health_check + id: awscc.route53.health_check + x-cfn-schema-name: HealthCheck + x-type: get + x-identifiers: + - HealthCheckId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HealthCheckId') as health_check_id, + JSON_EXTRACT(Properties, '$.HealthCheckConfig') as health_check_config, + JSON_EXTRACT(Properties, '$.HealthCheckTags') as health_check_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::HealthCheck' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HealthCheckId') as health_check_id, + json_extract_path_text(Properties, 'HealthCheckConfig') as health_check_config, + json_extract_path_text(Properties, 'HealthCheckTags') as health_check_tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::HealthCheck' + AND data__Identifier = '' + AND region = 'us-east-1' + hosted_zones: + name: hosted_zones + id: awscc.route53.hosted_zones + x-cfn-schema-name: HostedZone + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::HostedZone' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::HostedZone' + AND region = 'us-east-1' + hosted_zone: + name: hosted_zone + id: awscc.route53.hosted_zone + x-cfn-schema-name: HostedZone + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.HostedZoneConfig') as hosted_zone_config, + JSON_EXTRACT(Properties, '$.HostedZoneTags') as hosted_zone_tags, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.QueryLoggingConfig') as query_logging_config, + JSON_EXTRACT(Properties, '$.VPCs') as v_pcs, + JSON_EXTRACT(Properties, '$.NameServers') as name_servers + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::HostedZone' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'HostedZoneConfig') as hosted_zone_config, + json_extract_path_text(Properties, 'HostedZoneTags') as hosted_zone_tags, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'QueryLoggingConfig') as query_logging_config, + json_extract_path_text(Properties, 'VPCs') as v_pcs, + json_extract_path_text(Properties, 'NameServers') as name_servers + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::HostedZone' + AND data__Identifier = '' + AND region = 'us-east-1' + key_signing_keys: + name: key_signing_keys + id: awscc.route53.key_signing_keys + x-cfn-schema-name: KeySigningKey + x-type: list + x-identifiers: + - HostedZoneId + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HostedZoneId') as hosted_zone_id, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::KeySigningKey' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HostedZoneId') as hosted_zone_id, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53::KeySigningKey' + AND region = 'us-east-1' + key_signing_key: + name: key_signing_key + id: awscc.route53.key_signing_key + x-cfn-schema-name: KeySigningKey + x-type: get + x-identifiers: + - HostedZoneId + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.HostedZoneId') as hosted_zone_id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.KeyManagementServiceArn') as key_management_service_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::KeySigningKey' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'HostedZoneId') as hosted_zone_id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'KeyManagementServiceArn') as key_management_service_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53::KeySigningKey' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/route53recoverycontrol.yaml b/providers/src/awscc/v00.00.00000/services/route53recoverycontrol.yaml new file mode 100644 index 00000000..a33bcd13 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/route53recoverycontrol.yaml @@ -0,0 +1,598 @@ +openapi: 3.0.0 +info: + title: Route53RecoveryControl + version: 1.0.0 +paths: {} +components: + schemas: + ClusterEndpoint: + type: object + properties: + Endpoint: + type: string + minLength: 1 + maxLength: 128 + Region: + type: string + minLength: 1 + maxLength: 32 + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + maxLength: 256 + required: + - Value + - Key + additionalProperties: false + Cluster: + type: object + properties: + Name: + description: Name of a Cluster. You can use any non-white space character in the name + type: string + minLength: 1 + maxLength: 64 + ClusterArn: + description: The Amazon Resource Name (ARN) of the cluster. + type: string + minLength: 1 + maxLength: 2048 + Status: + description: 'Deployment status of a resource. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION.' + type: string + enum: + - PENDING + - DEPLOYED + - PENDING_DELETION + ClusterEndpoints: + description: Endpoints for the cluster. + type: array + items: + $ref: '#/components/schemas/ClusterEndpoint' + x-insertionOrder: false + Tags: + description: A collection of tags associated with a resource + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 20 + x-insertionOrder: false + required: + - Name + x-stackql-resource-name: cluster + x-stackql-primaryIdentifier: + - ClusterArn + x-create-only-properties: + - Name + - Tags + x-read-only-properties: + - ClusterArn + - ClusterEndpoints + - Status + x-required-permissions: + create: + - route53-recovery-control-config:CreateCluster + - route53-recovery-control-config:DescribeCluster + - route53-recovery-control-config:ListTagsForResource + - route53-recovery-control-config:TagResource + read: + - route53-recovery-control-config:DescribeCluster + - route53-recovery-control-config:ListTagsForResource + delete: + - route53-recovery-control-config:DescribeCluster + - route53-recovery-control-config:DeleteCluster + list: + - route53-recovery-control-config:ListClusters + ControlPanel: + type: object + properties: + ClusterArn: + description: Cluster to associate with the Control Panel + type: string + ControlPanelArn: + description: The Amazon Resource Name (ARN) of the cluster. + type: string + Name: + description: The name of the control panel. You can use any non-white space character in the name. + type: string + minLength: 1 + maxLength: 64 + Status: + description: 'The deployment status of control panel. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION.' + type: string + enum: + - PENDING + - DEPLOYED + - PENDING_DELETION + DefaultControlPanel: + description: A flag that Amazon Route 53 Application Recovery Controller sets to true to designate the default control panel for a cluster. When you create a cluster, Amazon Route 53 Application Recovery Controller creates a control panel, and sets this flag for that control panel. If you create a control panel yourself, this flag is set to false. + type: boolean + RoutingControlCount: + description: Count of associated routing controls + type: integer + Tags: + description: A collection of tags associated with a resource + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 20 + x-insertionOrder: false + required: + - Name + x-stackql-resource-name: control_panel + x-stackql-primaryIdentifier: + - ControlPanelArn + x-create-only-properties: + - ClusterArn + - Tags + x-read-only-properties: + - ControlPanelArn + - Status + - RoutingControlCount + - DefaultControlPanel + x-required-permissions: + create: + - route53-recovery-control-config:CreateControlPanel + - route53-recovery-control-config:DescribeCluster + - route53-recovery-control-config:DescribeControlPanel + - route53-recovery-control-config:ListTagsForResource + - route53-recovery-control-config:TagResource + read: + - route53-recovery-control-config:DescribeControlPanel + - route53-recovery-control-config:ListTagsForResource + update: + - route53-recovery-control-config:UpdateControlPanel + - route53-recovery-control-config:DescribeControlPanel + - route53-recovery-control-config:ListTagsForResource + - route53-recovery-control-config:TagResource + - route53-recovery-control-config:UntagResource + delete: + - route53-recovery-control-config:DeleteControlPanel + - route53-recovery-control-config:DescribeControlPanel + list: + - route53-recovery-control-config:ListControlPanels + RoutingControl: + type: object + properties: + RoutingControlArn: + description: The Amazon Resource Name (ARN) of the routing control. + type: string + ControlPanelArn: + description: The Amazon Resource Name (ARN) of the control panel. + type: string + Name: + description: The name of the routing control. You can use any non-white space character in the name. + type: string + minLength: 1 + maxLength: 64 + Status: + description: 'The deployment status of the routing control. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION.' + type: string + enum: + - PENDING + - DEPLOYED + - PENDING_DELETION + ClusterArn: + description: Arn associated with Control Panel + type: string + required: + - Name + x-stackql-resource-name: routing_control + x-stackql-primaryIdentifier: + - RoutingControlArn + x-create-only-properties: + - ControlPanelArn + - ClusterArn + x-read-only-properties: + - RoutingControlArn + - Status + x-required-permissions: + create: + - route53-recovery-control-config:CreateRoutingControl + - route53-recovery-control-config:DescribeRoutingControl + - route53-recovery-control-config:DescribeControlPanel + - route53-recovery-control-config:DescribeCluster + read: + - route53-recovery-control-config:DescribeRoutingControl + update: + - route53-recovery-control-config:UpdateRoutingControl + - route53-recovery-control-config:DescribeRoutingControl + - route53-recovery-control-config:DescribeControlPanel + delete: + - route53-recovery-control-config:DescribeRoutingControl + - route53-recovery-control-config:DeleteRoutingControl + list: + - route53-recovery-control-config:ListRoutingControls + SafetyRuleName: + description: The name for the safety rule. + type: string + RuleType: + description: 'A rule can be one of the following: ATLEAST, AND, or OR.' + type: string + enum: + - AND + - OR + - ATLEAST + RuleConfig: + description: The rule configuration for an assertion rule or gating rule. This is the criteria that you set for specific assertion controls (routing controls) or gating controls. This configuration specifies how many controls must be enabled after a transaction completes. + type: object + properties: + Type: + $ref: '#/components/schemas/RuleType' + Threshold: + description: The value of N, when you specify an ATLEAST rule type. That is, Threshold is the number of controls that must be set when you specify an ATLEAST type. + type: integer + Inverted: + description: Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa. + type: boolean + required: + - Type + - Threshold + - Inverted + additionalProperties: false + GatingRule: + description: A gating rule verifies that a set of gating controls evaluates as true, based on a rule configuration that you specify. If the gating rule evaluates to true, Amazon Route 53 Application Recovery Controller allows a set of routing control state changes to run and complete against the set of target controls. + type: object + properties: + GatingControls: + description: The gating controls for the gating rule. That is, routing controls that are evaluated by the rule configuration that you specify. + type: array + items: + type: string + x-insertionOrder: false + TargetControls: + description: |- + Routing controls that can only be set or unset if the specified RuleConfig evaluates to true for the specified GatingControls. For example, say you have three gating controls, one for each of three AWS Regions. Now you specify AtLeast 2 as your RuleConfig. With these settings, you can only change (set or unset) the routing controls that you have specified as TargetControls if that rule evaluates to true. + In other words, your ability to change the routing controls that you have specified as TargetControls is gated by the rule that you set for the routing controls in GatingControls. + type: array + items: + type: string + x-insertionOrder: false + WaitPeriodMs: + description: An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent "flapping" of state. The wait period is 5000 ms by default, but you can choose a custom value. + type: integer + required: + - WaitPeriodMs + - TargetControls + - GatingControls + additionalProperties: false + AssertionRule: + description: An assertion rule enforces that, when a routing control state is changed, that the criteria set by the rule configuration is met. Otherwise, the change to the routing control is not accepted. + type: object + properties: + WaitPeriodMs: + description: An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent "flapping" of state. The wait period is 5000 ms by default, but you can choose a custom value. + type: integer + AssertedControls: + description: The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions. + type: array + items: + type: string + x-insertionOrder: false + required: + - AssertedControls + - WaitPeriodMs + additionalProperties: false + SafetyRule: + type: object + properties: + AssertionRule: + $ref: '#/components/schemas/AssertionRule' + GatingRule: + $ref: '#/components/schemas/GatingRule' + Name: + $ref: '#/components/schemas/SafetyRuleName' + SafetyRuleArn: + description: The Amazon Resource Name (ARN) of the safety rule. + type: string + ControlPanelArn: + description: The Amazon Resource Name (ARN) of the control panel. + type: string + Status: + description: 'The deployment status of the routing control. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION.' + type: string + enum: + - PENDING + - DEPLOYED + - PENDING_DELETION + RuleConfig: + $ref: '#/components/schemas/RuleConfig' + Tags: + description: A collection of tags associated with a resource + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 20 + x-insertionOrder: false + required: [] + x-stackql-resource-name: safety_rule + x-stackql-primaryIdentifier: + - SafetyRuleArn + x-create-only-properties: + - ControlPanelArn + - RuleConfig + - ControlPanelArn + - Tags + x-read-only-properties: + - SafetyRuleArn + - Status + x-required-permissions: + create: + - route53-recovery-control-config:CreateSafetyRule + - route53-recovery-control-config:DescribeSafetyRule + - route53-recovery-control-config:DescribeControlPanel + - route53-recovery-control-config:DescribeRoutingControl + - route53-recovery-control-config:ListTagsForResource + - route53-recovery-control-config:TagResource + read: + - route53-recovery-control-config:DescribeSafetyRule + - route53-recovery-control-config:ListTagsForResource + update: + - route53-recovery-control-config:UpdateSafetyRule + - route53-recovery-control-config:DescribeSafetyRule + - route53-recovery-control-config:ListTagsForResource + - route53-recovery-control-config:TagResource + - route53-recovery-control-config:UntagResource + delete: + - route53-recovery-control-config:DescribeSafetyRule + - route53-recovery-control-config:DeleteSafetyRule + list: + - route53-recovery-control-config:ListSafetyRules + x-stackQL-resources: + clusters: + name: clusters + id: awscc.route53recoverycontrol.clusters + x-cfn-schema-name: Cluster + x-type: list + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::Cluster' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::Cluster' + AND region = 'us-east-1' + cluster: + name: cluster + id: awscc.route53recoverycontrol.cluster + x-cfn-schema-name: Cluster + x-type: get + x-identifiers: + - ClusterArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.ClusterEndpoints') as cluster_endpoints, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'ClusterEndpoints') as cluster_endpoints, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::Cluster' + AND data__Identifier = '' + AND region = 'us-east-1' + control_panels: + name: control_panels + id: awscc.route53recoverycontrol.control_panels + x-cfn-schema-name: ControlPanel + x-type: list + x-identifiers: + - ControlPanelArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ControlPanelArn') as control_panel_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::ControlPanel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ControlPanelArn') as control_panel_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::ControlPanel' + AND region = 'us-east-1' + control_panel: + name: control_panel + id: awscc.route53recoverycontrol.control_panel + x-cfn-schema-name: ControlPanel + x-type: get + x-identifiers: + - ControlPanelArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn, + JSON_EXTRACT(Properties, '$.ControlPanelArn') as control_panel_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.DefaultControlPanel') as default_control_panel, + JSON_EXTRACT(Properties, '$.RoutingControlCount') as routing_control_count, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::ControlPanel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn, + json_extract_path_text(Properties, 'ControlPanelArn') as control_panel_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'DefaultControlPanel') as default_control_panel, + json_extract_path_text(Properties, 'RoutingControlCount') as routing_control_count, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::ControlPanel' + AND data__Identifier = '' + AND region = 'us-east-1' + routing_controls: + name: routing_controls + id: awscc.route53recoverycontrol.routing_controls + x-cfn-schema-name: RoutingControl + x-type: list + x-identifiers: + - RoutingControlArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoutingControlArn') as routing_control_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::RoutingControl' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoutingControlArn') as routing_control_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::RoutingControl' + AND region = 'us-east-1' + routing_control: + name: routing_control + id: awscc.route53recoverycontrol.routing_control + x-cfn-schema-name: RoutingControl + x-type: get + x-identifiers: + - RoutingControlArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RoutingControlArn') as routing_control_arn, + JSON_EXTRACT(Properties, '$.ControlPanelArn') as control_panel_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.ClusterArn') as cluster_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::RoutingControl' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RoutingControlArn') as routing_control_arn, + json_extract_path_text(Properties, 'ControlPanelArn') as control_panel_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'ClusterArn') as cluster_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::RoutingControl' + AND data__Identifier = '' + AND region = 'us-east-1' + safety_rules: + name: safety_rules + id: awscc.route53recoverycontrol.safety_rules + x-cfn-schema-name: SafetyRule + x-type: list + x-identifiers: + - SafetyRuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SafetyRuleArn') as safety_rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::SafetyRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SafetyRuleArn') as safety_rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryControl::SafetyRule' + AND region = 'us-east-1' + safety_rule: + name: safety_rule + id: awscc.route53recoverycontrol.safety_rule + x-cfn-schema-name: SafetyRule + x-type: get + x-identifiers: + - SafetyRuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssertionRule') as assertion_rule, + JSON_EXTRACT(Properties, '$.GatingRule') as gating_rule, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.SafetyRuleArn') as safety_rule_arn, + JSON_EXTRACT(Properties, '$.ControlPanelArn') as control_panel_arn, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.RuleConfig') as rule_config, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::SafetyRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssertionRule') as assertion_rule, + json_extract_path_text(Properties, 'GatingRule') as gating_rule, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'SafetyRuleArn') as safety_rule_arn, + json_extract_path_text(Properties, 'ControlPanelArn') as control_panel_arn, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'RuleConfig') as rule_config, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryControl::SafetyRule' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/route53recoveryreadiness.yaml b/providers/src/awscc/v00.00.00000/services/route53recoveryreadiness.yaml new file mode 100644 index 00000000..e9b4f0e4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/route53recoveryreadiness.yaml @@ -0,0 +1,569 @@ +openapi: 3.0.0 +info: + title: Route53RecoveryReadiness + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + required: + - Value + - Key + Cell: + type: object + properties: + CellName: + description: The name of the cell to create. + type: string + pattern: '[a-zA-Z0-9_]+' + maxLength: 64 + CellArn: + description: The Amazon Resource Name (ARN) of the cell. + type: string + maxLength: 256 + Cells: + description: A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific Regions. + type: array + items: + type: string + maxItems: 5 + x-insertionOrder: false + ParentReadinessScopes: + description: The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element. + type: array + items: + type: string + maxItems: 5 + x-insertionOrder: false + Tags: + description: A collection of tags associated with a resource + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 20 + x-insertionOrder: false + x-stackql-resource-name: cell + x-stackql-primaryIdentifier: + - CellName + x-create-only-properties: + - CellName + x-read-only-properties: + - CellArn + - ParentReadinessScopes + x-required-permissions: + create: + - route53-recovery-readiness:CreateCell + - route53-recovery-readiness:GetCell + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + read: + - route53-recovery-readiness:GetCell + - route53-recovery-readiness:ListTagsForResources + update: + - route53-recovery-readiness:GetCell + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + - route53-recovery-readiness:UntagResource + - route53-recovery-readiness:UpdateCell + delete: + - route53-recovery-readiness:DeleteCell + - route53-recovery-readiness:GetCell + list: + - route53-recovery-readiness:ListCells + ReadinessCheck: + type: object + properties: + ResourceSetName: + description: The name of the resource set to check. + type: string + pattern: '[a-zA-Z0-9_]+' + minLength: 1 + maxLength: 64 + ReadinessCheckName: + description: Name of the ReadinessCheck to create. + type: string + pattern: '[a-zA-Z0-9_]+' + minLength: 1 + maxLength: 64 + ReadinessCheckArn: + description: The Amazon Resource Name (ARN) of the readiness check. + type: string + maxLength: 256 + Tags: + description: A collection of tags associated with a resource. + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 20 + x-insertionOrder: false + x-stackql-resource-name: readiness_check + x-stackql-primaryIdentifier: + - ReadinessCheckName + x-create-only-properties: + - ReadinessCheckName + x-read-only-properties: + - ReadinessCheckArn + x-required-permissions: + create: + - route53-recovery-readiness:CreateReadinessCheck + - route53-recovery-readiness:GetResourceSet + - route53-recovery-readiness:GetReadinessCheck + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + read: + - route53-recovery-readiness:GetReadinessCheck + - route53-recovery-readiness:ListTagsForResources + update: + - route53-recovery-readiness:UpdateReadinessCheck + - route53-recovery-readiness:GetResourceSet + - route53-recovery-readiness:GetReadinessCheck + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + - route53-recovery-readiness:UntagResource + delete: + - route53-recovery-readiness:DeleteReadinessCheck + - route53-recovery-readiness:GetReadinessCheck + list: + - route53-recovery-readiness:ListReadinessChecks + - route53-recovery-readiness:GetReadinessChecks + RecoveryGroup: + type: object + properties: + RecoveryGroupName: + description: The name of the recovery group to create. + type: string + pattern: '[a-zA-Z0-9_]+' + minLength: 1 + maxLength: 64 + Cells: + description: A list of the cell Amazon Resource Names (ARNs) in the recovery group. + type: array + items: + type: string + minLength: 1 + maxLength: 256 + maxItems: 5 + x-insertionOrder: false + RecoveryGroupArn: + description: A collection of tags associated with a resource. + type: string + maxLength: 256 + Tags: + description: A collection of tags associated with a resource. + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 20 + x-insertionOrder: false + x-stackql-resource-name: recovery_group + x-stackql-primaryIdentifier: + - RecoveryGroupName + x-create-only-properties: + - RecoveryGroupName + x-read-only-properties: + - RecoveryGroupArn + x-required-permissions: + create: + - route53-recovery-readiness:CreateRecoveryGroup + - route53-recovery-readiness:GetRecoveryGroup + - route53-recovery-readiness:GetCell + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + read: + - route53-recovery-readiness:GetRecoveryGroup + - route53-recovery-readiness:ListTagsForResources + update: + - route53-recovery-readiness:UpdateRecoveryGroup + - route53-recovery-readiness:GetRecoveryGroup + - route53-recovery-readiness:GetCell + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + - route53-recovery-readiness:UntagResource + delete: + - route53-recovery-readiness:DeleteRecoveryGroup + - route53-recovery-readiness:GetRecoveryGroup + list: + - route53-recovery-readiness:ListRecoveryGroups + NLBResource: + description: The Network Load Balancer resource that a DNS target resource points to. + type: object + properties: + Arn: + description: A Network Load Balancer resource Amazon Resource Name (ARN). + type: string + additionalProperties: false + R53ResourceRecord: + description: The Route 53 resource that a DNS target resource record points to. + type: object + properties: + DomainName: + description: The DNS target domain name. + type: string + RecordSetId: + description: The Resource Record set id. + type: string + additionalProperties: false + TargetResource: + description: The target resource that the Route 53 record points to. + type: object + properties: + NLBResource: + $ref: '#/components/schemas/NLBResource' + R53Resource: + $ref: '#/components/schemas/R53ResourceRecord' + oneOf: + - required: + - NLBResource + - required: + - R53Resource + additionalProperties: false + DNSTargetResource: + description: A component for DNS/routing control readiness checks. + type: object + properties: + DomainName: + description: The domain name that acts as an ingress point to a portion of the customer application. + type: string + RecordSetId: + description: The Route 53 record set ID that will uniquely identify a DNS record, given a name and a type. + type: string + HostedZoneArn: + description: The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource. + type: string + RecordType: + description: The type of DNS record of the target resource. + type: string + TargetResource: + $ref: '#/components/schemas/TargetResource' + additionalProperties: false + Resource: + description: The resource element of a ResourceSet + type: object + properties: + ResourceArn: + description: The Amazon Resource Name (ARN) of the AWS resource. + type: string + ComponentId: + description: The component identifier of the resource, generated when DNS target resource is used. + type: string + DnsTargetResource: + $ref: '#/components/schemas/DNSTargetResource' + ReadinessScopes: + description: A list of recovery group Amazon Resource Names (ARNs) and cell ARNs that this resource is contained within. + type: array + items: + type: string + maxItems: 5 + x-insertionOrder: false + additionalProperties: false + ResourceSet: + type: object + properties: + ResourceSetName: + description: The name of the resource set to create. + type: string + Resources: + description: A list of resource objects in the resource set. + type: array + items: + $ref: '#/components/schemas/Resource' + minItems: 1 + maxItems: 6 + x-insertionOrder: false + ResourceSetArn: + description: The Amazon Resource Name (ARN) of the resource set. + type: string + minLength: 1 + maxLength: 256 + ResourceSetType: + description: |- + The resource type of the resources in the resource set. Enter one of the following values for resource type: + + AWS: :AutoScaling: :AutoScalingGroup, AWS: :CloudWatch: :Alarm, AWS: :EC2: :CustomerGateway, AWS: :DynamoDB: :Table, AWS: :EC2: :Volume, AWS: :ElasticLoadBalancing: :LoadBalancer, AWS: :ElasticLoadBalancingV2: :LoadBalancer, AWS: :MSK: :Cluster, AWS: :RDS: :DBCluster, AWS: :Route53: :HealthCheck, AWS: :SQS: :Queue, AWS: :SNS: :Topic, AWS: :SNS: :Subscription, AWS: :EC2: :VPC, AWS: :EC2: :VPNConnection, AWS: :EC2: :VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource + type: string + Tags: + description: A tag to associate with the parameters for a resource set. + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 20 + x-insertionOrder: false + required: + - ResourceSetType + - Resources + x-stackql-resource-name: resource_set + x-stackql-primaryIdentifier: + - ResourceSetName + x-create-only-properties: + - ResourceSetName + - ResourceSetType + x-read-only-properties: + - ResourceSetArn + x-required-permissions: + create: + - route53-recovery-readiness:CreateResourceSet + - route53-recovery-readiness:GetResourceSet + - route53-recovery-readiness:GetRecoveryGroup + - route53-recovery-readiness:GetCell + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + read: + - route53-recovery-readiness:GetResourceSet + - route53-recovery-readiness:ListTagsForResources + update: + - route53-recovery-readiness:UpdateResourceSet + - route53-recovery-readiness:GetResourceSet + - route53-recovery-readiness:GetRecoveryGroup + - route53-recovery-readiness:GetCell + - route53-recovery-readiness:ListTagsForResources + - route53-recovery-readiness:TagResource + - route53-recovery-readiness:UntagResource + delete: + - route53-recovery-readiness:DeleteResourceSet + - route53-recovery-readiness:GetResourceSet + list: + - route53-recovery-readiness:ListResourceSets + x-stackQL-resources: + cells: + name: cells + id: awscc.route53recoveryreadiness.cells + x-cfn-schema-name: Cell + x-type: list + x-identifiers: + - CellName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CellName') as cell_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::Cell' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CellName') as cell_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::Cell' + AND region = 'us-east-1' + cell: + name: cell + id: awscc.route53recoveryreadiness.cell + x-cfn-schema-name: Cell + x-type: get + x-identifiers: + - CellName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CellName') as cell_name, + JSON_EXTRACT(Properties, '$.CellArn') as cell_arn, + JSON_EXTRACT(Properties, '$.Cells') as cells, + JSON_EXTRACT(Properties, '$.ParentReadinessScopes') as parent_readiness_scopes, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::Cell' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CellName') as cell_name, + json_extract_path_text(Properties, 'CellArn') as cell_arn, + json_extract_path_text(Properties, 'Cells') as cells, + json_extract_path_text(Properties, 'ParentReadinessScopes') as parent_readiness_scopes, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::Cell' + AND data__Identifier = '' + AND region = 'us-east-1' + readiness_checks: + name: readiness_checks + id: awscc.route53recoveryreadiness.readiness_checks + x-cfn-schema-name: ReadinessCheck + x-type: list + x-identifiers: + - ReadinessCheckName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ReadinessCheckName') as readiness_check_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ReadinessCheck' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ReadinessCheckName') as readiness_check_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ReadinessCheck' + AND region = 'us-east-1' + readiness_check: + name: readiness_check + id: awscc.route53recoveryreadiness.readiness_check + x-cfn-schema-name: ReadinessCheck + x-type: get + x-identifiers: + - ReadinessCheckName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceSetName') as resource_set_name, + JSON_EXTRACT(Properties, '$.ReadinessCheckName') as readiness_check_name, + JSON_EXTRACT(Properties, '$.ReadinessCheckArn') as readiness_check_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ReadinessCheck' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceSetName') as resource_set_name, + json_extract_path_text(Properties, 'ReadinessCheckName') as readiness_check_name, + json_extract_path_text(Properties, 'ReadinessCheckArn') as readiness_check_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ReadinessCheck' + AND data__Identifier = '' + AND region = 'us-east-1' + recovery_groups: + name: recovery_groups + id: awscc.route53recoveryreadiness.recovery_groups + x-cfn-schema-name: RecoveryGroup + x-type: list + x-identifiers: + - RecoveryGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RecoveryGroupName') as recovery_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::RecoveryGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RecoveryGroupName') as recovery_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::RecoveryGroup' + AND region = 'us-east-1' + recovery_group: + name: recovery_group + id: awscc.route53recoveryreadiness.recovery_group + x-cfn-schema-name: RecoveryGroup + x-type: get + x-identifiers: + - RecoveryGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RecoveryGroupName') as recovery_group_name, + JSON_EXTRACT(Properties, '$.Cells') as cells, + JSON_EXTRACT(Properties, '$.RecoveryGroupArn') as recovery_group_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::RecoveryGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RecoveryGroupName') as recovery_group_name, + json_extract_path_text(Properties, 'Cells') as cells, + json_extract_path_text(Properties, 'RecoveryGroupArn') as recovery_group_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::RecoveryGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_sets: + name: resource_sets + id: awscc.route53recoveryreadiness.resource_sets + x-cfn-schema-name: ResourceSet + x-type: list + x-identifiers: + - ResourceSetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceSetName') as resource_set_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ResourceSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceSetName') as resource_set_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ResourceSet' + AND region = 'us-east-1' + resource_set: + name: resource_set + id: awscc.route53recoveryreadiness.resource_set + x-cfn-schema-name: ResourceSet + x-type: get + x-identifiers: + - ResourceSetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceSetName') as resource_set_name, + JSON_EXTRACT(Properties, '$.Resources') as resources, + JSON_EXTRACT(Properties, '$.ResourceSetArn') as resource_set_arn, + JSON_EXTRACT(Properties, '$.ResourceSetType') as resource_set_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ResourceSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceSetName') as resource_set_name, + json_extract_path_text(Properties, 'Resources') as resources, + json_extract_path_text(Properties, 'ResourceSetArn') as resource_set_arn, + json_extract_path_text(Properties, 'ResourceSetType') as resource_set_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53RecoveryReadiness::ResourceSet' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/route53resolver.yaml b/providers/src/awscc/v00.00.00000/services/route53resolver.yaml new file mode 100644 index 00000000..763cf25c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/route53resolver.yaml @@ -0,0 +1,1671 @@ +openapi: 3.0.0 +info: + title: Route53Resolver + version: 1.0.0 +paths: {} +components: + schemas: + Domains: + description: An inline list of domains to use for this domain list. + type: array + uniqueItems: true + items: + description: FirewallDomainName + type: string + minLength: 1 + maxLength: 255 + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + required: + - Value + - Key + FirewallDomainList: + type: object + properties: + Id: + description: ResourceId + type: string + minLength: 1 + maxLength: 64 + Arn: + description: Arn + type: string + minLength: 1 + maxLength: 600 + Name: + description: FirewallDomainListName + type: string + pattern: (?!^[0-9]+$)([a-zA-Z0-9\-_' ']+) + minLength: 1 + maxLength: 64 + DomainCount: + description: Count + type: integer + minimum: 0 + Status: + description: ResolverFirewallDomainList, possible values are COMPLETE, DELETING, UPDATING, COMPLETE_IMPORT_FAILED, IMPORTING, and INACTIVE_OWNER_ACCOUNT_CLOSED. + type: string + enum: + - COMPLETE + - DELETING + - UPDATING + - COMPLETE_IMPORT_FAILED + - IMPORTING + - INACTIVE_OWNER_ACCOUNT_CLOSED + StatusMessage: + description: FirewallDomainListAssociationStatus + type: string + ManagedOwnerName: + description: ServicePrincipal + type: string + minLength: 1 + maxLength: 512 + CreatorRequestId: + description: The id of the creator request. + type: string + minLength: 1 + maxLength: 255 + CreationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + ModificationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + Domains: + $ref: '#/components/schemas/Domains' + DomainFileUrl: + description: S3 URL to import domains from. + type: string + minLength: 1 + maxLength: 1024 + Tags: + description: Tags + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: firewall_domain_list + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + x-read-only-properties: + - Id + - Arn + - DomainCount + - Status + - StatusMessage + - ManagedOwnerName + - CreatorRequestId + - CreationTime + - ModificationTime + x-required-permissions: + create: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + list: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + read: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + delete: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + update: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + FirewallRule: + description: Firewall Rule associating the Rule Group to a Domain List + type: object + properties: + FirewallDomainListId: + description: ResourceId + type: string + minLength: 1 + maxLength: 64 + Priority: + description: Rule Priority + type: integer + Action: + description: Rule Action + type: string + enum: + - ALLOW + - BLOCK + - ALERT + BlockResponse: + description: BlockResponse + type: string + enum: + - NODATA + - NXDOMAIN + - OVERRIDE + BlockOverrideDomain: + description: BlockOverrideDomain + type: string + minLength: 1 + maxLength: 255 + BlockOverrideDnsType: + description: BlockOverrideDnsType + type: string + enum: + - CNAME + BlockOverrideTtl: + description: BlockOverrideTtl + type: integer + minimum: 0 + maximum: 604800 + Qtype: + description: Qtype + type: string + minLength: 1 + maxLength: 16 + required: + - FirewallDomainListId + - Priority + - Action + additionalProperties: false + FirewallRuleGroup: + type: object + properties: + Id: + description: ResourceId + type: string + minLength: 1 + maxLength: 64 + Arn: + description: Arn + type: string + minLength: 1 + maxLength: 600 + Name: + description: FirewallRuleGroupName + type: string + pattern: (?!^[0-9]+$)([a-zA-Z0-9\-_' ']+) + minLength: 1 + maxLength: 64 + RuleCount: + description: Count + type: integer + Status: + description: ResolverFirewallRuleGroupAssociation, possible values are COMPLETE, DELETING, UPDATING, and INACTIVE_OWNER_ACCOUNT_CLOSED. + type: string + enum: + - COMPLETE + - DELETING + - UPDATING + - INACTIVE_OWNER_ACCOUNT_CLOSED + StatusMessage: + description: FirewallRuleGroupStatus + type: string + OwnerId: + description: AccountId + type: string + minLength: 12 + maxLength: 32 + ShareStatus: + description: ShareStatus, possible values are NOT_SHARED, SHARED_WITH_ME, SHARED_BY_ME. + type: string + enum: + - NOT_SHARED + - SHARED_WITH_ME + - SHARED_BY_ME + CreatorRequestId: + description: The id of the creator request. + type: string + minLength: 1 + maxLength: 255 + CreationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + ModificationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + FirewallRules: + description: FirewallRules + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/FirewallRule' + Tags: + description: Tags + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: firewall_rule_group + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + x-read-only-properties: + - Id + - Arn + - RuleCount + - Status + - StatusMessage + - OwnerId + - ShareStatus + - CreatorRequestId + - CreationTime + - ModificationTime + x-required-permissions: + create: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + read: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + list: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + delete: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + update: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + FirewallRuleGroupAssociation: + type: object + properties: + Id: + description: Id + type: string + minLength: 1 + maxLength: 64 + Arn: + description: Arn + type: string + minLength: 1 + maxLength: 600 + FirewallRuleGroupId: + description: FirewallRuleGroupId + type: string + minLength: 1 + maxLength: 64 + VpcId: + description: VpcId + type: string + minLength: 1 + maxLength: 64 + Name: + description: FirewallRuleGroupAssociationName + type: string + pattern: (?!^[0-9]+$)([a-zA-Z0-9\-_' ']+) + minLength: 0 + maxLength: 64 + Priority: + description: Priority + type: integer + MutationProtection: + description: MutationProtectionStatus + type: string + enum: + - ENABLED + - DISABLED + ManagedOwnerName: + description: ServicePrincipal + type: string + minLength: 1 + maxLength: 512 + Status: + description: ResolverFirewallRuleGroupAssociation, possible values are COMPLETE, DELETING, UPDATING, and INACTIVE_OWNER_ACCOUNT_CLOSED. + type: string + enum: + - COMPLETE + - DELETING + - UPDATING + - INACTIVE_OWNER_ACCOUNT_CLOSED + StatusMessage: + description: FirewallDomainListAssociationStatus + type: string + CreatorRequestId: + description: The id of the creator request. + type: string + minLength: 1 + maxLength: 255 + CreationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + ModificationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + Tags: + description: Tags + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: + - FirewallRuleGroupId + - VpcId + - Priority + x-stackql-resource-name: firewall_rule_group_association + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - FirewallRuleGroupId + - VpcId + x-read-only-properties: + - Id + - Arn + - ManagedOwnerName + - Status + - StatusMessage + - CreatorRequestId + - CreationTime + - ModificationTime + x-required-permissions: + create: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + read: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + list: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + delete: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + update: + - route53resolver:* + - ec2:* + - logs:* + - iam:* + - lambda:* + - s3:* + OutpostResolver: + type: object + properties: + Id: + description: Id + type: string + minLength: 1 + maxLength: 64 + CreatorRequestId: + description: The id of the creator request. + type: string + minLength: 1 + maxLength: 255 + Name: + description: The OutpostResolver name. + type: string + minLength: 1 + maxLength: 255 + Arn: + description: The OutpostResolver ARN. + type: string + minLength: 1 + maxLength: 1024 + OutpostArn: + description: The Outpost ARN. + type: string + minLength: 1 + maxLength: 1024 + PreferredInstanceType: + description: The OutpostResolver instance type. + type: string + minLength: 1 + maxLength: 255 + Status: + description: The OutpostResolver status, possible values are CREATING, OPERATIONAL, UPDATING, DELETING, ACTION_NEEDED, FAILED_CREATION and FAILED_DELETION. + type: string + enum: + - CREATING + - OPERATIONAL + - DELETING + - UPDATING + - ACTION_NEEDED + - FAILED_CREATION + - FAILED_DELETION + StatusMessage: + description: The OutpostResolver status message. + type: string + InstanceCount: + description: The number of OutpostResolvers. + type: integer + minimum: 4 + maximum: 256 + CreationTime: + description: The OutpostResolver creation time + type: string + minLength: 20 + maxLength: 40 + ModificationTime: + description: The OutpostResolver last modified time + type: string + minLength: 20 + maxLength: 40 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - OutpostArn + - PreferredInstanceType + - Name + x-stackql-resource-name: outpost_resolver + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - OutpostArn + x-read-only-properties: + - Id + - Arn + - Status + - StatusMessage + - CreationTime + - ModificationTime + - CreatorRequestId + x-required-permissions: + create: + - route53resolver:CreateOutpostResolver + - route53resolver:GetOutpostResolver + - route53resolver:ListTagsForResource + - outposts:GetOutpost + read: + - route53resolver:GetOutpostResolver + - route53resolver:ListTagsForResource + update: + - route53resolver:UpdateOutpostResolver + - route53resolver:GetOutpostResolver + - route53resolver:UntagResource + - route53resolver:TagResource + - route53resolver:ListTagsForResource + delete: + - route53resolver:DeleteOutpostResolver + - route53resolver:GetOutpostResolver + - route53resolver:ListOutpostResolvers + - route53resolver:ListResolverEndpoints + list: + - route53resolver:ListOutpostResolvers + - route53resolver:ListTagsForResource + ResolverConfig: + type: object + properties: + Id: + description: Id + type: string + minLength: 1 + maxLength: 64 + OwnerId: + description: AccountId + type: string + minLength: 12 + maxLength: 32 + ResourceId: + description: ResourceId + type: string + minLength: 1 + maxLength: 64 + AutodefinedReverse: + description: ResolverAutodefinedReverseStatus, possible values are ENABLING, ENABLED, DISABLING AND DISABLED. + type: string + enum: + - ENABLING + - ENABLED + - DISABLING + - DISABLED + AutodefinedReverseFlag: + description: Represents the desired status of AutodefinedReverse. The only supported value on creation is DISABLE. Deletion of this resource will return AutodefinedReverse to its default value (ENABLED). + type: string + enum: + - DISABLE + required: + - ResourceId + - AutodefinedReverseFlag + x-stackql-resource-name: resolver_config + x-stackql-primaryIdentifier: + - ResourceId + x-create-only-properties: + - ResourceId + - AutodefinedReverseFlag + x-read-only-properties: + - OwnerId + - Id + - AutodefinedReverse + x-required-permissions: + create: + - route53resolver:UpdateResolverConfig + - route53resolver:GetResolverConfig + - ec2:DescribeVpcs + read: + - route53resolver:GetResolverConfig + - ec2:DescribeVpcs + delete: + - route53resolver:UpdateResolverConfig + - route53resolver:ListResolverConfigs + - ec2:DescribeVpcs + list: + - route53resolver:ListResolverConfigs + - ec2:DescribeVpcs + ResolverDNSSECConfig: + type: object + properties: + Id: + description: Id + type: string + minLength: 1 + maxLength: 64 + OwnerId: + description: AccountId + type: string + minLength: 12 + maxLength: 32 + ResourceId: + description: ResourceId + type: string + minLength: 1 + maxLength: 64 + ValidationStatus: + description: ResolverDNSSECValidationStatus, possible values are ENABLING, ENABLED, DISABLING AND DISABLED. + type: string + enum: + - ENABLING + - ENABLED + - DISABLING + - DISABLED + x-stackql-resource-name: resolverdnssec_config + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ResourceId + x-read-only-properties: + - OwnerId + - Id + - ValidationStatus + x-required-permissions: + create: + - resolverdnssec:CreateConfig + - route53resolver:UpdateResolverDnssecConfig + - route53resolver:GetResolverDnssecConfig + - ec2:DescribeVpcs + read: + - resolverdnssec:GetConfig + - route53resolver:ListResolverDnssecConfigs + delete: + - resolverdnssec:DeleteConfig + - route53resolver:UpdateResolverDnssecConfig + - route53resolver:ListResolverDnssecConfigs + - ec2:DescribeVpcs + list: + - resolverdnssec:ListConfig + - route53resolver:ListResolverDnssecConfigs + ResolverQueryLoggingConfig: + type: object + properties: + Id: + description: ResourceId + type: string + minLength: 1 + maxLength: 64 + OwnerId: + description: AccountId + type: string + minLength: 12 + maxLength: 32 + Status: + description: ResolverQueryLogConfigStatus, possible values are CREATING, CREATED, DELETED AND FAILED. + type: string + enum: + - CREATING + - CREATED + - DELETING + - FAILED + ShareStatus: + description: ShareStatus, possible values are NOT_SHARED, SHARED_WITH_ME, SHARED_BY_ME. + type: string + enum: + - NOT_SHARED + - SHARED_WITH_ME + - SHARED_BY_ME + AssociationCount: + description: Count + type: integer + Arn: + description: Arn + type: string + minLength: 1 + maxLength: 600 + Name: + description: ResolverQueryLogConfigName + type: string + pattern: (?!^[0-9]+$)([a-zA-Z0-9\-_' ']+) + minLength: 1 + maxLength: 64 + CreatorRequestId: + description: The id of the creator request. + type: string + minLength: 1 + maxLength: 255 + DestinationArn: + description: destination arn + type: string + minLength: 1 + maxLength: 600 + CreationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + x-stackql-resource-name: resolver_query_logging_config + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + - DestinationArn + x-read-only-properties: + - OwnerId + - Status + - ShareStatus + - AssociationCount + - Arn + - CreatorRequestId + - CreationTime + - Id + x-required-permissions: + create: + - resolverquerylogging:CreateConfig + - resolverquerylogging:GetConfig + - route53resolver:CreateResolverQueryLogConfig + - route53resolver:GetResolverQueryLogConfig + - logs:CreateLogDelivery + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:DeleteLogDelivery + - logs:ListLogDeliveries + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - iam:CreateServiceLinkedRole + read: + - resolverquerylogging:GetConfig + - route53resolver:GetResolverQueryLogConfig + delete: + - resolverquerylogging:DeleteConfig + - resolverquerylogging:ListConfig + - route53resolver:DeleteResolverQueryLogConfig + - route53resolver:ListResolverQueryLogConfigs + list: + - resolverquerylogging:ListConfig + - route53resolver:ListResolverQueryLogConfigs + ResolverQueryLoggingConfigAssociation: + type: object + properties: + Id: + description: Id + type: string + minLength: 1 + maxLength: 64 + ResolverQueryLogConfigId: + description: ResolverQueryLogConfigId + type: string + minLength: 1 + maxLength: 64 + ResourceId: + description: ResourceId + type: string + minLength: 1 + maxLength: 64 + Status: + description: ResolverQueryLogConfigAssociationStatus + type: string + enum: + - CREATING + - ACTIVE + - ACTION_NEEDED + - DELETING + - FAILED + - OVERRIDDEN + Error: + description: ResolverQueryLogConfigAssociationError + type: string + enum: + - NONE + - DESTINATION_NOT_FOUND + - ACCESS_DENIED + ErrorMessage: + description: ResolverQueryLogConfigAssociationErrorMessage + type: string + CreationTime: + description: Rfc3339TimeString + type: string + minLength: 20 + maxLength: 40 + x-stackql-resource-name: resolver_query_logging_config_association + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ResolverQueryLogConfigId + - ResourceId + x-read-only-properties: + - Status + - Error + - ErrorMessage + - CreationTime + - Id + x-required-permissions: + create: + - resolverquerylogging:AssociateConfig + - resolverquerylogging:GetConfigAssociation + - route53resolver:AssociateResolverQueryLogConfig + - ec2:DescribeVpcs + - route53resolver:GetResolverQueryLogConfigAssociation + read: + - resolverquerylogging:GetConfigAssociation + - route53resolver:GetResolverQueryLogConfigAssociation + delete: + - resolverquerylogging:DisassociateConfig + - resolverquerylogging:ListConfigAssociation + - route53resolver:DisassociateResolverQueryLogConfig + - route53resolver:ListResolverQueryLogConfigAssociations + - route53resolver:GetResolverQueryLogConfigAssociation + list: + - resolverquerylogging:ListConfigAssociations + - route53resolver:ListResolverQueryLogConfigAssociations + TargetAddress: + type: object + additionalProperties: false + properties: + Ip: + type: string + description: 'One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses. ' + Ipv6: + type: string + description: 'One IPv6 address that you want to forward DNS queries to. You can specify only IPv6 addresses. ' + Port: + type: string + description: 'The port at Ip that you want to forward DNS queries to. ' + minLength: 0 + maxLength: 65535 + Protocol: + type: string + description: 'The protocol that you want to use to forward DNS queries. ' + enum: + - Do53 + - DoH + ResolverRule: + type: object + properties: + ResolverEndpointId: + type: string + description: The ID of the endpoint that the rule is associated with. + minLength: 1 + maxLength: 64 + DomainName: + type: string + description: DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps + minLength: 1 + maxLength: 256 + Name: + type: string + description: The name for the Resolver rule + minLength: 0 + maxLength: 64 + RuleType: + type: string + description: When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD. When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify SYSTEM. + enum: + - FORWARD + - SYSTEM + - RECURSIVE + Tags: + type: array + description: An array of key-value pairs to apply to this resource. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TargetIps: + type: array + description: An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network. Specify IPv4 addresses. IPv6 is not supported. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/TargetAddress' + Arn: + type: string + description: The Amazon Resource Name (ARN) of the resolver rule. + ResolverRuleId: + type: string + description: The ID of the endpoint that the rule is associated with. + required: + - DomainName + - RuleType + x-stackql-resource-name: resolver_rule + x-stackql-primaryIdentifier: + - ResolverRuleId + x-create-only-properties: + - RuleType + x-read-only-properties: + - Arn + - ResolverRuleId + x-required-permissions: + create: + - route53resolver:CreateResolverRule + - route53resolver:GetResolverRule + - route53resolver:ListTagsForResource + - route53resolver:TagResource + read: + - route53resolver:GetResolverRule + - route53resolver:ListTagsForResource + update: + - route53resolver:UpdateResolverRule + - route53resolver:GetResolverRule + - route53resolver:ListTagsForResource + - route53resolver:TagResource + - route53resolver:UntagResource + delete: + - route53resolver:DeleteResolverRule + - route53resolver:GetResolverRule + list: + - route53resolver:ListResolverRules + ResolverRuleAssociation: + type: object + properties: + VPCId: + description: The ID of the VPC that you associated the Resolver rule with. + type: string + ResolverRuleId: + description: The ID of the Resolver rule that you associated with the VPC that is specified by ``VPCId``. + type: string + ResolverRuleAssociationId: + description: '' + type: string + Name: + description: The name of an association between a Resolver rule and a VPC. + type: string + required: + - VPCId + - ResolverRuleId + x-stackql-resource-name: resolver_rule_association + x-stackql-primaryIdentifier: + - ResolverRuleAssociationId + x-create-only-properties: + - Name + - VPCId + - ResolverRuleId + x-read-only-properties: + - ResolverRuleAssociationId + x-required-permissions: + create: + - route53resolver:AssociateResolverRule + - route53resolver:GetResolverRuleAssociation + - ec2:DescribeVpcs + read: + - route53resolver:GetResolverRuleAssociation + delete: + - route53resolver:DisassociateResolverRule + - route53resolver:GetResolverRuleAssociation + list: + - route53resolver:ListResolverRuleAssociations + x-stackQL-resources: + firewall_domain_lists: + name: firewall_domain_lists + id: awscc.route53resolver.firewall_domain_lists + x-cfn-schema-name: FirewallDomainList + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::FirewallDomainList' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::FirewallDomainList' + AND region = 'us-east-1' + firewall_domain_list: + name: firewall_domain_list + id: awscc.route53resolver.firewall_domain_list + x-cfn-schema-name: FirewallDomainList + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DomainCount') as domain_count, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusMessage') as status_message, + JSON_EXTRACT(Properties, '$.ManagedOwnerName') as managed_owner_name, + JSON_EXTRACT(Properties, '$.CreatorRequestId') as creator_request_id, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.ModificationTime') as modification_time, + JSON_EXTRACT(Properties, '$.Domains') as domains, + JSON_EXTRACT(Properties, '$.DomainFileUrl') as domain_file_url, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::FirewallDomainList' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DomainCount') as domain_count, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusMessage') as status_message, + json_extract_path_text(Properties, 'ManagedOwnerName') as managed_owner_name, + json_extract_path_text(Properties, 'CreatorRequestId') as creator_request_id, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'ModificationTime') as modification_time, + json_extract_path_text(Properties, 'Domains') as domains, + json_extract_path_text(Properties, 'DomainFileUrl') as domain_file_url, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::FirewallDomainList' + AND data__Identifier = '' + AND region = 'us-east-1' + firewall_rule_groups: + name: firewall_rule_groups + id: awscc.route53resolver.firewall_rule_groups + x-cfn-schema-name: FirewallRuleGroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroup' + AND region = 'us-east-1' + firewall_rule_group: + name: firewall_rule_group + id: awscc.route53resolver.firewall_rule_group + x-cfn-schema-name: FirewallRuleGroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RuleCount') as rule_count, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusMessage') as status_message, + JSON_EXTRACT(Properties, '$.OwnerId') as owner_id, + JSON_EXTRACT(Properties, '$.ShareStatus') as share_status, + JSON_EXTRACT(Properties, '$.CreatorRequestId') as creator_request_id, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.ModificationTime') as modification_time, + JSON_EXTRACT(Properties, '$.FirewallRules') as firewall_rules, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RuleCount') as rule_count, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusMessage') as status_message, + json_extract_path_text(Properties, 'OwnerId') as owner_id, + json_extract_path_text(Properties, 'ShareStatus') as share_status, + json_extract_path_text(Properties, 'CreatorRequestId') as creator_request_id, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'ModificationTime') as modification_time, + json_extract_path_text(Properties, 'FirewallRules') as firewall_rules, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + firewall_rule_group_associations: + name: firewall_rule_group_associations + id: awscc.route53resolver.firewall_rule_group_associations + x-cfn-schema-name: FirewallRuleGroupAssociation + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroupAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroupAssociation' + AND region = 'us-east-1' + firewall_rule_group_association: + name: firewall_rule_group_association + id: awscc.route53resolver.firewall_rule_group_association + x-cfn-schema-name: FirewallRuleGroupAssociation + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.FirewallRuleGroupId') as firewall_rule_group_id, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Priority') as priority, + JSON_EXTRACT(Properties, '$.MutationProtection') as mutation_protection, + JSON_EXTRACT(Properties, '$.ManagedOwnerName') as managed_owner_name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusMessage') as status_message, + JSON_EXTRACT(Properties, '$.CreatorRequestId') as creator_request_id, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.ModificationTime') as modification_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroupAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'FirewallRuleGroupId') as firewall_rule_group_id, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Priority') as priority, + json_extract_path_text(Properties, 'MutationProtection') as mutation_protection, + json_extract_path_text(Properties, 'ManagedOwnerName') as managed_owner_name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusMessage') as status_message, + json_extract_path_text(Properties, 'CreatorRequestId') as creator_request_id, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'ModificationTime') as modification_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::FirewallRuleGroupAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + outpost_resolvers: + name: outpost_resolvers + id: awscc.route53resolver.outpost_resolvers + x-cfn-schema-name: OutpostResolver + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::OutpostResolver' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::OutpostResolver' + AND region = 'us-east-1' + outpost_resolver: + name: outpost_resolver + id: awscc.route53resolver.outpost_resolver + x-cfn-schema-name: OutpostResolver + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.CreatorRequestId') as creator_request_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.OutpostArn') as outpost_arn, + JSON_EXTRACT(Properties, '$.PreferredInstanceType') as preferred_instance_type, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusMessage') as status_message, + JSON_EXTRACT(Properties, '$.InstanceCount') as instance_count, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.ModificationTime') as modification_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::OutpostResolver' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'CreatorRequestId') as creator_request_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'OutpostArn') as outpost_arn, + json_extract_path_text(Properties, 'PreferredInstanceType') as preferred_instance_type, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusMessage') as status_message, + json_extract_path_text(Properties, 'InstanceCount') as instance_count, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'ModificationTime') as modification_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::OutpostResolver' + AND data__Identifier = '' + AND region = 'us-east-1' + resolver_configs: + name: resolver_configs + id: awscc.route53resolver.resolver_configs + x-cfn-schema-name: ResolverConfig + x-type: list + x-identifiers: + - ResourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceId') as resource_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverConfig' + AND region = 'us-east-1' + resolver_config: + name: resolver_config + id: awscc.route53resolver.resolver_config + x-cfn-schema-name: ResolverConfig + x-type: get + x-identifiers: + - ResourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.OwnerId') as owner_id, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.AutodefinedReverse') as autodefined_reverse, + JSON_EXTRACT(Properties, '$.AutodefinedReverseFlag') as autodefined_reverse_flag + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'OwnerId') as owner_id, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'AutodefinedReverse') as autodefined_reverse, + json_extract_path_text(Properties, 'AutodefinedReverseFlag') as autodefined_reverse_flag + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + resolverdnssec_configs: + name: resolverdnssec_configs + id: awscc.route53resolver.resolverdnssec_configs + x-cfn-schema-name: ResolverDNSSECConfig + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverDNSSECConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverDNSSECConfig' + AND region = 'us-east-1' + resolverdnssec_config: + name: resolverdnssec_config + id: awscc.route53resolver.resolverdnssec_config + x-cfn-schema-name: ResolverDNSSECConfig + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.OwnerId') as owner_id, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.ValidationStatus') as validation_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverDNSSECConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'OwnerId') as owner_id, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'ValidationStatus') as validation_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverDNSSECConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + resolver_query_logging_configs: + name: resolver_query_logging_configs + id: awscc.route53resolver.resolver_query_logging_configs + x-cfn-schema-name: ResolverQueryLoggingConfig + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfig' + AND region = 'us-east-1' + resolver_query_logging_config: + name: resolver_query_logging_config + id: awscc.route53resolver.resolver_query_logging_config + x-cfn-schema-name: ResolverQueryLoggingConfig + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.OwnerId') as owner_id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.ShareStatus') as share_status, + JSON_EXTRACT(Properties, '$.AssociationCount') as association_count, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.CreatorRequestId') as creator_request_id, + JSON_EXTRACT(Properties, '$.DestinationArn') as destination_arn, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'OwnerId') as owner_id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'ShareStatus') as share_status, + json_extract_path_text(Properties, 'AssociationCount') as association_count, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'CreatorRequestId') as creator_request_id, + json_extract_path_text(Properties, 'DestinationArn') as destination_arn, + json_extract_path_text(Properties, 'CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + resolver_query_logging_config_associations: + name: resolver_query_logging_config_associations + id: awscc.route53resolver.resolver_query_logging_config_associations + x-cfn-schema-name: ResolverQueryLoggingConfigAssociation + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation' + AND region = 'us-east-1' + resolver_query_logging_config_association: + name: resolver_query_logging_config_association + id: awscc.route53resolver.resolver_query_logging_config_association + x-cfn-schema-name: ResolverQueryLoggingConfigAssociation + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ResolverQueryLogConfigId') as resolver_query_log_config_id, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Error') as error, + JSON_EXTRACT(Properties, '$.ErrorMessage') as error_message, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ResolverQueryLogConfigId') as resolver_query_log_config_id, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Error') as error, + json_extract_path_text(Properties, 'ErrorMessage') as error_message, + json_extract_path_text(Properties, 'CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + resolver_rules: + name: resolver_rules + id: awscc.route53resolver.resolver_rules + x-cfn-schema-name: ResolverRule + x-type: list + x-identifiers: + - ResolverRuleId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResolverRuleId') as resolver_rule_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResolverRuleId') as resolver_rule_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRule' + AND region = 'us-east-1' + resolver_rule: + name: resolver_rule + id: awscc.route53resolver.resolver_rule + x-cfn-schema-name: ResolverRule + x-type: get + x-identifiers: + - ResolverRuleId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResolverEndpointId') as resolver_endpoint_id, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RuleType') as rule_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TargetIps') as target_ips, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ResolverRuleId') as resolver_rule_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResolverEndpointId') as resolver_endpoint_id, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RuleType') as rule_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TargetIps') as target_ips, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ResolverRuleId') as resolver_rule_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRule' + AND data__Identifier = '' + AND region = 'us-east-1' + resolver_rule_associations: + name: resolver_rule_associations + id: awscc.route53resolver.resolver_rule_associations + x-cfn-schema-name: ResolverRuleAssociation + x-type: list + x-identifiers: + - ResolverRuleAssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResolverRuleAssociationId') as resolver_rule_association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRuleAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResolverRuleAssociationId') as resolver_rule_association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRuleAssociation' + AND region = 'us-east-1' + resolver_rule_association: + name: resolver_rule_association + id: awscc.route53resolver.resolver_rule_association + x-cfn-schema-name: ResolverRuleAssociation + x-type: get + x-identifiers: + - ResolverRuleAssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VPCId') as v_pc_id, + JSON_EXTRACT(Properties, '$.ResolverRuleId') as resolver_rule_id, + JSON_EXTRACT(Properties, '$.ResolverRuleAssociationId') as resolver_rule_association_id, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRuleAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VPCId') as v_pc_id, + json_extract_path_text(Properties, 'ResolverRuleId') as resolver_rule_id, + json_extract_path_text(Properties, 'ResolverRuleAssociationId') as resolver_rule_association_id, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Route53Resolver::ResolverRuleAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/rum.yaml b/providers/src/awscc/v00.00.00000/services/rum.yaml new file mode 100644 index 00000000..7361f39d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/rum.yaml @@ -0,0 +1,451 @@ +openapi: 3.0.0 +info: + title: RUM + version: 1.0.0 +paths: {} +components: + schemas: + AppMonitorConfiguration: + description: AppMonitor configuration + type: object + additionalProperties: false + properties: + IdentityPoolId: + description: The ID of the identity pool that is used to authorize the sending of data to RUM. + minLength: 1 + maxLength: 55 + pattern: '[\w-]+:[0-9a-f-]+' + type: string + ExcludedPages: + description: A list of URLs in your website or application to exclude from RUM data collection. You can't include both ExcludedPages and IncludedPages in the same operation. + $ref: '#/components/schemas/Pages' + IncludedPages: + description: If this app monitor is to collect data from only certain pages in your application, this structure lists those pages. You can't include both ExcludedPages and IncludedPages in the same operation. + $ref: '#/components/schemas/Pages' + FavoritePages: + description: A list of pages in the RUM console that are to be displayed with a favorite icon. + $ref: '#/components/schemas/FavoritePages' + SessionSampleRate: + description: Specifies the percentage of user sessions to use for RUM data collection. Choosing a higher percentage gives you more data but also incurs more costs. The number you specify is the percentage of user sessions that will be used. If you omit this parameter, the default of 10 is used. + type: number + minimum: 0 + maximum: 1 + GuestRoleArn: + description: The ARN of the guest IAM role that is attached to the identity pool that is used to authorize the sending of data to RUM. + $ref: '#/components/schemas/Arn' + AllowCookies: + description: If you set this to true, the RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page. + type: boolean + Telemetries: + description: An array that lists the types of telemetry data that this app monitor is to collect. + type: array + items: + $ref: '#/components/schemas/Telemetry' + x-insertionOrder: false + EnableXRay: + description: If you set this to true, RUM enables xray tracing for the user sessions that RUM samples. RUM adds an xray trace header to allowed HTTP requests. It also records an xray segment for allowed HTTP requests. You can see traces and segments from these user sessions in the xray console and the CW ServiceLens console. + type: boolean + MetricDestinations: + description: An array of structures which define the destinations and the metrics that you want to send. + type: array + minItems: 0 + maxItems: 20 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/MetricDestination' + TagDef: + description: Assigns one or more tags (key-value pairs) to the app monitor. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values. Tags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.You can associate as many as 50 tags with an app monitor. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Tag: + description: A key-value pair to associate with a resource. + additionalProperties: false + type: object + properties: + Key: + type: string + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + required: + - Value + - Key + Pages: + type: array + description: List of url pages + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Url' + x-insertionOrder: false + FavoritePages: + type: array + description: List of favorite pages + minItems: 0 + maxItems: 50 + items: + type: string + x-insertionOrder: false + Url: + description: Page Url + type: string + pattern: https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*) + minLength: 1 + maxLength: 1260 + Arn: + description: Resource ARN + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:.* + Telemetry: + type: string + enum: + - errors + - performance + - http + MetricDestination: + description: An structure which defines the destination and the metrics that you want to send. + additionalProperties: false + type: object + properties: + Destination: + description: Defines the destination to send the metrics to. Valid values are CloudWatch and Evidently. If you specify Evidently, you must also specify the ARN of the Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment. + type: string + enum: + - CloudWatch + - Evidently + DestinationArn: + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:.* + description: Use this parameter only if Destination is Evidently. This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics. + IamRoleArn: + type: string + pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:.* + description: |- + This parameter is required if Destination is Evidently. If Destination is CloudWatch, do not use this parameter. + + This parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment. + MetricDefinitions: + description: An array of structures which define the metrics that you want to send. + type: array + uniqueItems: true + x-insertionOrder: false + minItems: 0 + maxItems: 2000 + items: + $ref: '#/components/schemas/MetricDefinition' + required: + - Destination + MetricDefinition: + description: A single metric definition + additionalProperties: false + type: object + properties: + Name: + description: |- + The name for the metric that is defined in this structure. For extended metrics, valid values are the following: + + PerformanceNavigationDuration + + PerformanceResourceDuration + + NavigationSatisfiedTransaction + + NavigationToleratedTransaction + + NavigationFrustratedTransaction + + WebVitalsCumulativeLayoutShift + + WebVitalsFirstInputDelay + + WebVitalsLargestContentfulPaint + + JsErrorCount + + HttpErrorCount + + SessionCount + type: string + minLength: 1 + maxLength: 255 + Namespace: + description: The namespace used by CloudWatch Metrics for the metric that is defined in this structure + type: string + pattern: '[a-zA-Z0-9-._/#:]+$' + minLength: 1 + maxLength: 237 + ValueKey: + description: |- + The field within the event object that the metric value is sourced from. + + If you omit this field, a hardcoded value of 1 is pushed as the metric value. This is useful if you just want to count the number of events that the filter catches. + + If this metric is sent to Evidently, this field will be passed to Evidently raw and Evidently will handle data extraction from the event. + type: string + pattern: .* + minLength: 1 + maxLength: 256 + UnitLabel: + description: The CloudWatch metric unit to use for this metric. If you omit this field, the metric is recorded with no unit. + type: string + minLength: 1 + maxLength: 256 + DimensionKeys: + description: |- + Use this field only if you are sending the metric to CloudWatch. + + This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch. For extended metrics, valid values for the entries in this field are the following: + + "metadata.pageId": "PageId" + + "metadata.browserName": "BrowserName" + + "metadata.deviceType": "DeviceType" + + "metadata.osName": "OSName" + + "metadata.countryCode": "CountryCode" + + "event_details.fileType": "FileType" + + All dimensions listed in this field must also be included in EventPattern. + type: object + x-patternProperties: + ^(?!:).*[^\s].*: + type: string + pattern: .*[^\s].* + minLength: 1 + maxLength: 255 + additionalProperties: false + EventPattern: + description: |- + The pattern that defines the metric, specified as a JSON object. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination. + + When you define extended metrics, the metric definition is not valid if EventPattern is omitted. + + Example event patterns: + + '{ "event_type": ["com.amazon.rum.js_error_event"], "metadata": { "browserName": [ "Chrome", "Safari" ], } }' + + '{ "event_type": ["com.amazon.rum.performance_navigation_event"], "metadata": { "browserName": [ "Chrome", "Firefox" ] }, "event_details": { "duration": [{ "numeric": [ "<", 2000 ] }] } }' + + '{ "event_type": ["com.amazon.rum.performance_navigation_event"], "metadata": { "browserName": [ "Chrome", "Safari" ], "countryCode": [ "US" ] }, "event_details": { "duration": [{ "numeric": [ ">=", 2000, "<", 8000 ] }] } }' + + If the metrics destination' is CloudWatch and the event also matches a value in DimensionKeys, then the metric is published with the specified dimensions. + type: string + minLength: 1 + maxLength: 4000 + required: + - Name + CustomEventsStatus: + type: string + enum: + - ENABLED + - DISABLED + CustomEvents: + description: AppMonitor custom events configuration + type: object + additionalProperties: false + properties: + Status: + description: Indicates whether AppMonitor accepts custom events. + $ref: '#/components/schemas/CustomEventsStatus' + AppMonitor: + type: object + properties: + Id: + description: The unique ID of the new app monitor. + type: string + pattern: ^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$ + minLength: 36 + maxLength: 36 + Name: + description: A name for the app monitor + type: string + pattern: '[\.\-_/#A-Za-z0-9]+' + minLength: 1 + maxLength: 255 + Domain: + description: The top-level internet domain name for which your application has administrative authority. + type: string + pattern: ^(localhost)|^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^(?![-.])([A-Za-z0-9-\.\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))|^(\*\.)(?![-.])([A-Za-z0-9-\.\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1})) + minLength: 1 + maxLength: 253 + CwLogEnabled: + description: Data collected by RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether RUM sends a copy of this telemetry data to CWLlong in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur CWLlong charges. If you omit this parameter, the default is false + type: boolean + Tags: + $ref: '#/components/schemas/TagDef' + AppMonitorConfiguration: + $ref: '#/components/schemas/AppMonitorConfiguration' + CustomEvents: + $ref: '#/components/schemas/CustomEvents' + required: + - Name + - Domain + x-stackql-resource-name: app_monitor + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Id + x-required-permissions: + create: + - rum:CreateAppMonitor + - dynamodb:GetItem + - dynamodb:PutItem + - s3:GetObject + - s3:PutObject + - s3:GetObjectAcl + - s3:DoesObjectExist + - logs:CreateLogDelivery + - logs:CreateLogGroup + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - logs:PutRetentionPolicy + - rum:TagResource + - cognito-identity:DescribeIdentityPool + - iam:GetRole + - iam:CreateServiceLinkedRole + - rum:PutRumMetricsDestination + - rum:BatchCreateRumMetricDefinitions + read: + - rum:GetAppMonitor + - dynamodb:GetItem + - s3:GetObject + - s3:DoesObjectExist + - s3:GetObjectAcl + - rum:ListTagsForResource + - rum:ListRumMetricsDestinations + - rum:BatchGetRumMetricDefinitions + update: + - rum:UpdateAppMonitor + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + - dynamodb:Query + - s3:GetObject + - s3:PutObject + - s3:GetObjectAcl + - s3:DoesObjectExist + - logs:CreateLogDelivery + - logs:CreateLogGroup + - logs:GetLogDelivery + - logs:UpdateLogDelivery + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - logs:PutRetentionPolicy + - rum:TagResource + - rum:UntagResource + - rum:ListTagsForResource + - iam:GetRole + - iam:CreateServiceLinkedRole + - rum:PutRumMetricsDestination + - rum:DeleteRumMetricsDestination + - rum:ListRumMetricsDestinations + - rum:BatchCreateRumMetricDefinitions + - rum:BatchDeleteRumMetricDefinitions + - rum:BatchGetRumMetricDefinitions + - rum:UpdateRumMetricDefinition + delete: + - rum:DeleteAppMonitor + - dynamodb:DeleteItem + - dynamodb:Query + - logs:DeleteLogDelivery + - s3:DeleteObject + - s3:DoesObjectExist + - rum:UntagResource + - rum:DeleteRumMetricsDestination + - rum:BatchDeleteRumMetricDefinitions + list: + - rum:ListAppMonitors + - dynamodb:DescribeTable + - rum:GetAppMonitor + - dynamodb:GetItem + - dynamodb:BatchGetItem + - dynamodb:Query + - s3:GetObject + - s3:DoesObjectExist + - s3:GetObjectAcl + - logs:DescribeLogGroups + - rum:ListTagsForResource + x-stackQL-resources: + app_monitors: + name: app_monitors + id: awscc.rum.app_monitors + x-cfn-schema-name: AppMonitor + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RUM::AppMonitor' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::RUM::AppMonitor' + AND region = 'us-east-1' + app_monitor: + name: app_monitor + id: awscc.rum.app_monitor + x-cfn-schema-name: AppMonitor + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.CwLogEnabled') as cw_log_enabled, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AppMonitorConfiguration') as app_monitor_configuration, + JSON_EXTRACT(Properties, '$.CustomEvents') as custom_events + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RUM::AppMonitor' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'CwLogEnabled') as cw_log_enabled, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AppMonitorConfiguration') as app_monitor_configuration, + json_extract_path_text(Properties, 'CustomEvents') as custom_events + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::RUM::AppMonitor' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/s3.yaml b/providers/src/awscc/v00.00.00000/services/s3.yaml new file mode 100644 index 00000000..89cd21ec --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/s3.yaml @@ -0,0 +1,2965 @@ +openapi: 3.0.0 +info: + title: S3 + version: 1.0.0 +paths: {} +components: + schemas: + Grantee: + type: object + additionalProperties: false + properties: + GranteeType: + description: Configures the transfer acceleration state for an Amazon S3 bucket. + type: string + enum: + - IAM + - DIRECTORY_USER + - DIRECTORY_GROUP + GranteeIdentifier: + description: The unique identifier of the Grantee + type: string + required: + - GranteeType + - GranteeIdentifier + AccessGrantsLocationConfiguration: + type: object + additionalProperties: false + properties: + S3SubPrefix: + description: The S3 sub prefix of a registered location in your S3 Access Grants instance + type: string + required: + - S3SubPrefix + AccessGrantArn: + description: the Amazon Resource Name (ARN) of the specified access grant. + type: string + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + AccessGrant: + type: object + properties: + AccessGrantId: + description: The ID assigned to this access grant. + type: string + x-examples: + - 7c89cbd1-0f4e-40e3-861d-afb906952b77 + AccessGrantsLocationId: + description: The custom S3 location to be accessed by the grantee + type: string + x-examples: + - 125f332b-a499-4eb6-806f-8a6a1aa4cb96 + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + Permission: + description: The level of access to be afforded to the grantee + type: string + enum: + - READ + - WRITE + - READWRITE + ApplicationArn: + description: The ARN of the application grantees will use to access the location + type: string + S3PrefixType: + description: The type of S3SubPrefix. + type: string + enum: + - Object + GrantScope: + description: The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix. + type: string + AccessGrantArn: + $ref: '#/components/schemas/AccessGrantArn' + description: The Amazon Resource Name (ARN) of the specified access grant. + x-examples: + - arn:aws:s3:us-east-2:111122223333:access-grants/default/grant/7c89cbd1-0f4e-40e3-861d-afb906952b77 + Grantee: + $ref: '#/components/schemas/Grantee' + description: The principal who will be granted permission to access S3. + AccessGrantsLocationConfiguration: + $ref: '#/components/schemas/AccessGrantsLocationConfiguration' + description: The configuration options of the grant location, which is the S3 path to the data to which you are granting access. + required: + - Grantee + - Permission + - AccessGrantsLocationId + x-stackql-resource-name: access_grant + x-stackql-primaryIdentifier: + - AccessGrantId + x-create-only-properties: + - S3PrefixType + - Tags + x-read-only-properties: + - AccessGrantId + - AccessGrantArn + - GrantScope + x-required-permissions: + create: + - s3:CreateAccessGrant + - s3:TagResource + read: + - s3:GetAccessGrant + delete: + - s3:DeleteAccessGrant + list: + - s3:ListAccessGrants + update: + - s3:TagResource + AccessGrantsInstanceArn: + description: The Amazon Resource Name (ARN) of the specified Access Grants instance. + type: string + IdentityCenterArn: + description: The Amazon Resource Name (ARN) of the specified AWS Identity Center. + type: string + AccessGrantsInstance: + type: object + properties: + AccessGrantsInstanceArn: + $ref: '#/components/schemas/AccessGrantsInstanceArn' + description: The Amazon Resource Name (ARN) of the specified Access Grants instance. + x-examples: + - arn:aws:s3:us-east-2:479290226168:access-grants/default + IdentityCenterArn: + $ref: '#/components/schemas/IdentityCenterArn' + description: The Amazon Resource Name (ARN) of the specified AWS Identity Center. + x-examples: + - arn:aws:sso:::instance/ssoins-6987e6a2fc43873b + AccessGrantsInstanceId: + type: string + description: A unique identifier for the specified access grants instance. + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: [] + x-stackql-resource-name: access_grants_instance + x-stackql-primaryIdentifier: + - AccessGrantsInstanceArn + x-create-only-properties: + - Tags + x-read-only-properties: + - AccessGrantsInstanceArn + - AccessGrantsInstanceId + x-required-permissions: + create: + - s3:CreateAccessGrantsInstance + - s3:TagResource + read: + - s3:GetAccessGrantsInstance + delete: + - s3:DeleteAccessGrantsInstance + update: + - s3:TagResource + list: + - s3:ListAccessGrantsInstances + AccessGrantsLocation: + type: object + properties: + AccessGrantsLocationArn: + description: The Amazon Resource Name (ARN) of the specified Access Grants location. + type: string + x-examples: + - arn:aws:s3:us-east-2:479290226168:access-grants/default/location/125f332b-a499-4eb6-806f-8a6a1aa4cb96 + AccessGrantsLocationId: + type: string + description: The unique identifier for the specified Access Grants location. + IamRoleArn: + description: The Amazon Resource Name (ARN) of the access grant location's associated IAM role. + type: string + x-examples: + - arn:aws:iamw::123456789012:role/rolename + LocationScope: + type: string + description: Descriptor for where the location actually points + x-examples: + - s3://test-bucket-access-grants-cmh/prefixA + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + required: [] + x-stackql-resource-name: access_grants_location + x-stackql-primaryIdentifier: + - AccessGrantsLocationId + x-create-only-properties: + - Tags + x-read-only-properties: + - AccessGrantsLocationArn + - AccessGrantsLocationId + x-required-permissions: + create: + - s3:CreateAccessGrantsLocation + - iam:PassRole + - s3:TagResource + read: + - s3:GetAccessGrantsLocation + delete: + - s3:DeleteAccessGrantsLocation + list: + - s3:ListAccessGrantsLocations + update: + - s3:UpdateAccessGrantsLocation + - s3:TagResource + - iam:PassRole + VpcConfiguration: + description: The Virtual Private Cloud (VPC) configuration for a bucket access point. + type: object + properties: + VpcId: + description: If this field is specified, this access point will only allow connections from the specified VPC ID. + type: string + minLength: 1 + maxLength: 1024 + PublicAccessBlockConfiguration: + type: object + properties: + BlockPublicAcls: + type: boolean + description: |- + Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior: + - PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public. + - PUT Object calls fail if the request includes a public ACL. + . - PUT Bucket calls fail if the request includes a public ACL. + Enabling this setting doesn't affect existing policies or ACLs. + IgnorePublicAcls: + type: boolean + description: Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. + BlockPublicPolicy: + type: boolean + description: Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. + RestrictPublicBuckets: + type: boolean + description: |- + Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. + Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. + additionalProperties: false + Arn: + description: The Amazon Resource Name (ARN) of the specified resource. + type: string + AccessPoint: + type: object + properties: + Name: + description: The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name. + type: string + pattern: ^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$ + minLength: 3 + maxLength: 50 + Alias: + description: The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications. + type: string + pattern: ^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$ + minLength: 3 + maxLength: 63 + Bucket: + description: The name of the bucket that you want to associate this Access Point with. + type: string + minLength: 3 + maxLength: 255 + BucketAccountId: + description: The AWS account ID associated with the S3 bucket associated with this access point. + type: string + pattern: ^\d{12}$ + maxLength: 64 + VpcConfiguration: + description: If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC). + $ref: '#/components/schemas/VpcConfiguration' + PublicAccessBlockConfiguration: + description: The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide. + $ref: '#/components/schemas/PublicAccessBlockConfiguration' + Policy: + description: The Access Point Policy you want to apply to this access point. + type: object + NetworkOrigin: + description: Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies. + type: string + enum: + - Internet + - VPC + Arn: + $ref: '#/components/schemas/Arn' + description: The Amazon Resource Name (ARN) of the specified accesspoint. + x-examples: + - arn:aws:s3:us-west-2:123456789012:accesspoint/test + required: + - Bucket + x-stackql-resource-name: access_point + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Bucket + - BucketAccountId + - VpcConfiguration + x-read-only-properties: + - Alias + - NetworkOrigin + - Arn + x-required-permissions: + create: + - s3:CreateAccessPoint + - s3:PutAccessPointPolicy + - s3:PutAccessPointPublicAccessBlock + read: + - s3:GetAccessPoint + - s3:GetAccessPointPolicy + update: + - s3:PutAccessPointPolicy + - s3:PutAccessPointPublicAccessBlock + - s3:DeleteAccessPointPolicy + - s3:GetAccessPoint + - s3:GetAccessPointPolicy + delete: + - s3:DeleteAccessPointPolicy + - s3:DeleteAccessPoint + list: + - s3:ListAccessPoints + TagFilter: + description: Specifies tags to use to identify a subset of objects for an Amazon S3 bucket. + type: object + additionalProperties: false + properties: + Value: + type: string + description: The tag value. + Key: + type: string + description: The tag key. + required: + - Value + - Key + Destination: + description: Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket. + type: object + additionalProperties: false + properties: + BucketArn: + description: The Amazon Resource Name (ARN) of the bucket to which data is exported. + type: string + BucketAccountId: + description: |- + The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. + Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes. + type: string + Format: + description: |- + Specifies the file format used when exporting data to Amazon S3. + *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet`` + type: string + enum: + - CSV + - ORC + - Parquet + Prefix: + description: The prefix to use when exporting data. The prefix is prepended to all results. + type: string + required: + - BucketArn + - Format + AccelerateConfiguration: + type: object + additionalProperties: false + properties: + AccelerationStatus: + description: Specifies the transfer acceleration status of the bucket. + type: string + enum: + - Enabled + - Suspended + required: + - AccelerationStatus + description: Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*. + AnalyticsConfiguration: + description: Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket. + type: object + additionalProperties: false + properties: + TagFilters: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/TagFilter' + description: |- + The tags to use when evaluating an analytics filter. + The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis. + StorageClassAnalysis: + $ref: '#/components/schemas/StorageClassAnalysis' + description: Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes. + Id: + description: The ID that identifies the analytics configuration. + type: string + Prefix: + description: The prefix that an object must have to be included in the analytics results. + type: string + required: + - StorageClassAnalysis + - Id + StorageClassAnalysis: + description: Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket. + type: object + additionalProperties: false + properties: + DataExport: + $ref: '#/components/schemas/DataExport' + description: Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported. + DataExport: + description: Specifies how Amazon S3 Storage Lens metrics should be exported. + type: object + additionalProperties: false + properties: + S3BucketDestination: + $ref: '#/components/schemas/S3BucketDestination' + CloudWatchMetrics: + $ref: '#/components/schemas/CloudWatchMetrics' + BucketEncryption: + description: Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*. + type: object + additionalProperties: false + properties: + ServerSideEncryptionConfiguration: + description: Specifies the default server-side-encryption configuration. + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/ServerSideEncryptionRule' + required: + - ServerSideEncryptionConfiguration + ServerSideEncryptionRule: + description: Specifies the default server-side encryption configuration. + type: object + additionalProperties: false + properties: + BucketKeyEnabled: + description: |- + Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled. + For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*. + type: boolean + ServerSideEncryptionByDefault: + $ref: '#/components/schemas/ServerSideEncryptionByDefault' + description: Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. + ServerSideEncryptionByDefault: + description: >- + Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more information, see [PUT Bucket + encryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) in the *Amazon S3 API Reference*. + type: object + properties: + KMSMasterKeyID: + description: |- + AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``. + You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key. + + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` + + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` + + Key Alias: ``alias/alias-name`` + + If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. + If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy). + Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*. + type: string + SSEAlgorithm: + type: string + enum: + - aws:kms + - AES256 + - aws:kms:dsse + description: Server-side encryption algorithm to use for the default encryption. + additionalProperties: false + required: + - SSEAlgorithm + CorsConfiguration: + type: object + additionalProperties: false + properties: + CorsRules: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/CorsRule' + maxLength: 100 + description: A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration. + required: + - CorsRules + description: Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*. + CorsRule: + type: object + description: Specifies a cross-origin access rule for an Amazon S3 bucket. + additionalProperties: false + properties: + AllowedHeaders: + description: Headers that are specified in the ``Access-Control-Request-Headers`` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. + type: array + uniqueItems: true + x-insertionOrder: true + items: + type: string + AllowedMethods: + description: |- + An HTTP method that you allow the origin to run. + *Allowed values*: ``GET`` | ``PUT`` | ``HEAD`` | ``POST`` | ``DELETE`` + type: array + uniqueItems: true + x-insertionOrder: true + items: + type: string + enum: + - GET + - PUT + - HEAD + - POST + - DELETE + AllowedOrigins: + description: One or more origins you want customers to be able to access the bucket from. + type: array + uniqueItems: true + x-insertionOrder: true + items: + type: string + ExposedHeaders: + description: One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object). + type: array + uniqueItems: true + x-insertionOrder: true + items: + type: string + Id: + description: A unique identifier for this rule. The value must be no more than 255 characters. + type: string + maxLength: 255 + MaxAge: + description: The time in seconds that your browser is to cache the preflight response for the specified resource. + type: integer + minimum: 0 + required: + - AllowedMethods + - AllowedOrigins + IntelligentTieringConfiguration: + type: object + additionalProperties: false + properties: + Id: + description: The ID used to identify the S3 Intelligent-Tiering configuration. + type: string + Prefix: + description: An object key name prefix that identifies the subset of objects to which the rule applies. + type: string + Status: + description: Specifies the status of the configuration. + type: string + enum: + - Disabled + - Enabled + TagFilters: + description: A container for a key-value pair. + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/TagFilter' + Tierings: + description: |- + Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ``ARCHIVE_ACCESS`` and ``DEEP_ARCHIVE_ACCESS``. + You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/Tiering' + required: + - Id + - Status + - Tierings + description: |- + Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket. + For information about the S3 Intelligent-Tiering storage class, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). + Tiering: + type: object + additionalProperties: false + properties: + AccessTier: + description: S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class. + type: string + enum: + - ARCHIVE_ACCESS + - DEEP_ARCHIVE_ACCESS + Days: + description: The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days). + type: integer + required: + - AccessTier + - Days + description: The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead. + InventoryConfiguration: + type: object + additionalProperties: false + properties: + Destination: + $ref: '#/components/schemas/Destination' + description: Contains information about where to publish the inventory results. + Enabled: + description: Specifies whether the inventory is enabled or disabled. If set to ``True``, an inventory list is generated. If set to ``False``, no inventory list is generated. + type: boolean + Id: + description: The ID used to identify the inventory configuration. + type: string + IncludedObjectVersions: + description: Object versions to include in the inventory list. If set to ``All``, the list includes all the object versions, which adds the version-related fields ``VersionId``, ``IsLatest``, and ``DeleteMarker`` to the list. If set to ``Current``, the list does not contain these version-related fields. + type: string + enum: + - All + - Current + OptionalFields: + description: Contains the optional fields that are included in the inventory results. + type: array + uniqueItems: true + x-insertionOrder: true + items: + type: string + enum: + - Size + - LastModifiedDate + - StorageClass + - ETag + - IsMultipartUploaded + - ReplicationStatus + - EncryptionStatus + - ObjectLockRetainUntilDate + - ObjectLockMode + - ObjectLockLegalHoldStatus + - IntelligentTieringAccessTier + - BucketKeyStatus + - ChecksumAlgorithm + - ObjectAccessControlList + - ObjectOwner + Prefix: + description: Specifies the inventory filter prefix. + type: string + ScheduleFrequency: + description: Specifies the schedule for generating inventory results. + type: string + enum: + - Daily + - Weekly + required: + - Destination + - Enabled + - Id + - IncludedObjectVersions + - ScheduleFrequency + description: Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*. + LifecycleConfiguration: + type: object + additionalProperties: false + properties: + Rules: + description: A lifecycle rule for individual objects in an Amazon S3 bucket. + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/Rule' + required: + - Rules + description: Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*. + Rule: + type: object + description: |- + Specifies lifecycle rules for an Amazon S3 bucket. For more information, see [Put Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html) in the *Amazon S3 API Reference*. + You must specify at least one of the following properties: ``AbortIncompleteMultipartUpload``, ``ExpirationDate``, ``ExpirationInDays``, ``NoncurrentVersionExpirationInDays``, ``NoncurrentVersionTransition``, ``NoncurrentVersionTransitions``, ``Transition``, or ``Transitions``. + additionalProperties: false + properties: + AbortIncompleteMultipartUpload: + $ref: '#/components/schemas/AbortIncompleteMultipartUpload' + description: Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket. + ExpirationDate: + $ref: '#/components/schemas/iso8601UTC' + description: Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. + ExpirationInDays: + type: integer + description: Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. + ExpiredObjectDeleteMarker: + type: boolean + description: Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ``ExpirationInDays``, ``ExpirationDate``, or ``TagFilters``. + Id: + type: string + maxLength: 255 + description: Unique identifier for the rule. The value can't be longer than 255 characters. + NoncurrentVersionExpirationInDays: + type: integer + description: (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time. + NoncurrentVersionExpiration: + $ref: '#/components/schemas/NoncurrentVersionExpiration' + description: Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime. + NoncurrentVersionTransition: + $ref: '#/components/schemas/NoncurrentVersionTransition' + description: (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property. + NoncurrentVersionTransitions: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/NoncurrentVersionTransition' + description: For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransition`` property. + Prefix: + type: string + description: |- + Object key prefix that identifies one or more objects to which this rule applies. + Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + Status: + type: string + enum: + - Enabled + - Disabled + description: If ``Enabled``, the rule is currently being applied. If ``Disabled``, the rule is not currently being applied. + TagFilters: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/TagFilter' + description: Tags to use to identify a subset of objects to which the lifecycle rule applies. + ObjectSizeGreaterThan: + type: string + maxLength: 20 + pattern: '[0-9]+' + description: Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*. + ObjectSizeLessThan: + type: string + maxLength: 20 + pattern: '[0-9]+' + description: Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*. + Transition: + $ref: '#/components/schemas/Transition' + description: (Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transitions`` property. + Transitions: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/Transition' + description: One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transition`` property. + required: + - Status + AbortIncompleteMultipartUpload: + description: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. For more information, see [Stopping Incomplete Multipart Uploads Using a Bucket Lifecycle Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) in the *Amazon S3 User Guide*. + type: object + additionalProperties: false + properties: + DaysAfterInitiation: + description: Specifies the number of days after which Amazon S3 stops an incomplete multipart upload. + type: integer + minimum: 0 + required: + - DaysAfterInitiation + iso8601UTC: + description: The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ) + type: string + pattern: ^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$ + NoncurrentVersionExpiration: + type: object + description: >- + Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime. For more information about setting a lifecycle rule configuration, see [AWS::S3::Bucket + Rule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule.html). + additionalProperties: false + properties: + NoncurrentDays: + description: Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*. + type: integer + NewerNoncurrentVersions: + description: Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*. + type: integer + required: + - NoncurrentDays + NoncurrentVersionTransition: + type: object + description: >- + Container for the transition rule that describes when noncurrent objects transition to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage + class at a specific period in the object's lifetime. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property. + additionalProperties: false + properties: + StorageClass: + description: The class of storage used to store the object. + type: string + enum: + - DEEP_ARCHIVE + - GLACIER + - Glacier + - GLACIER_IR + - INTELLIGENT_TIERING + - ONEZONE_IA + - STANDARD_IA + TransitionInDays: + description: Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*. + type: integer + NewerNoncurrentVersions: + description: Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*. + type: integer + required: + - StorageClass + - TransitionInDays + Transition: + type: object + properties: + StorageClass: + type: string + enum: + - DEEP_ARCHIVE + - GLACIER + - Glacier + - GLACIER_IR + - INTELLIGENT_TIERING + - ONEZONE_IA + - STANDARD_IA + description: The storage class to which you want the object to transition. + TransitionDate: + $ref: '#/components/schemas/iso8601UTC' + description: Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC. + TransitionInDays: + type: integer + description: Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer. + additionalProperties: false + description: Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see [Transitioning Objects Using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the *Amazon S3 User Guide*. + required: + - StorageClass + LoggingConfiguration: + type: object + properties: + DestinationBucketName: + type: string + description: The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the ``LoggingConfiguration`` property is defined. + LogFilePrefix: + type: string + description: A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket. + TargetObjectKeyFormat: + $ref: '#/components/schemas/TargetObjectKeyFormat' + description: Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed. + additionalProperties: false + description: |- + Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For examples and more information, see [PUT Bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the *Amazon S3 API Reference*. + To successfully complete the ``AWS::S3::Bucket LoggingConfiguration`` request, you must have ``s3:PutObject`` and ``s3:PutObjectAcl`` in your IAM permissions. + TargetObjectKeyFormat: + type: object + description: Describes the key format for server access log file in the target bucket. You can choose between SimplePrefix and PartitionedPrefix. + oneOf: + - additionalProperties: false + properties: + SimplePrefix: + description: This format defaults the prefix to the given log file prefix for delivering server access log file. + type: object + additionalProperties: false + required: + - SimplePrefix + - additionalProperties: false + properties: + PartitionedPrefix: + $ref: '#/components/schemas/PartitionedPrefix' + required: + - PartitionedPrefix + PartitionedPrefix: + type: object + description: |- + Amazon S3 keys for log objects are partitioned in the following format: + ``[DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]`` + PartitionedPrefix defaults to EventTime delivery when server access logs are delivered. + properties: + PartitionDateSource: + type: string + description: Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime. + enum: + - EventTime + - DeliveryTime + additionalProperties: false + MetricsConfiguration: + type: object + additionalProperties: false + properties: + AccessPointArn: + type: string + description: The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria. + Id: + type: string + description: The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration. + Prefix: + type: string + description: The prefix that an object must have to be included in the metrics results. + TagFilters: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/TagFilter' + description: Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria. + required: + - Id + description: >- + Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For examples, see + [AWS::S3::Bucket](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#aws-properties-s3-bucket--examples). For more information, see [PUT Bucket metrics](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) in the *Amazon S3 API Reference*. + NotificationConfiguration: + description: |- + Describes the notification configuration for an Amazon S3 bucket. + If you create the target resource and related permissions in the same template, you might have a circular dependency. + For example, you might use the ``AWS::Lambda::Permission`` resource to grant the bucket permission to invoke an AWS Lambda function. However, AWS CloudFormation can't create the bucket until the bucket has permission to invoke the function (AWS CloudFormation checks whether the bucket can invoke the function). If you're using Refs to pass the bucket name, this leads to a circular dependency. + To avoid this dependency, you can create all resources without specifying the notification configuration. Then, update the stack with a notification configuration. + For more information on permissions, see [AWS::Lambda::Permission](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html) and [Granting Permissions to Publish Event Notification Messages to a Destination](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#grant-destinations-permissions-to-s3). + type: object + additionalProperties: false + properties: + EventBridgeConfiguration: + $ref: '#/components/schemas/EventBridgeConfiguration' + description: Enables delivery of events to Amazon EventBridge. + LambdaConfigurations: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/LambdaConfiguration' + description: Describes the LAMlong functions to invoke and the events for which to invoke them. + QueueConfigurations: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/QueueConfiguration' + description: The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages. + TopicConfigurations: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/TopicConfiguration' + description: The topic to which notifications are sent and the events for which notifications are generated. + EventBridgeConfiguration: + type: object + description: |- + Amazon S3 can send events to Amazon EventBridge whenever certain events happen in your bucket, see [Using EventBridge](https://docs.aws.amazon.com/AmazonS3/latest/userguide/EventBridge.html) in the *Amazon S3 User Guide*. + Unlike other destinations, delivery of events to EventBridge can be either enabled or disabled for a bucket. If enabled, all events will be sent to EventBridge and you can use EventBridge rules to route events to additional targets. For more information, see [What Is Amazon EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html) in the *Amazon EventBridge User Guide* + additionalProperties: false + properties: + EventBridgeEnabled: + description: Enables delivery of events to Amazon EventBridge. + type: boolean + default: 'true' + required: + - EventBridgeEnabled + LambdaConfiguration: + type: object + description: Describes the LAMlong functions to invoke and the events for which to invoke them. + additionalProperties: false + properties: + Event: + description: The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. + type: string + Filter: + description: The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a ``.jpg`` extension invoke the function when they are added to the Amazon S3 bucket. + $ref: '#/components/schemas/NotificationFilter' + Function: + description: The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs. + type: string + required: + - Function + - Event + QueueConfiguration: + type: object + description: Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events. + additionalProperties: false + properties: + Event: + description: The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. + type: string + Filter: + description: The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*. + $ref: '#/components/schemas/NotificationFilter' + Queue: + description: The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination. + type: string + required: + - Event + - Queue + TopicConfiguration: + type: object + description: A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events. + additionalProperties: false + properties: + Event: + description: The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. + type: string + Filter: + description: The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. + $ref: '#/components/schemas/NotificationFilter' + Topic: + description: The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type. + type: string + required: + - Event + - Topic + NotificationFilter: + type: object + description: Specifies object key name filtering rules. For information about key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*. + additionalProperties: false + properties: + S3Key: + $ref: '#/components/schemas/S3KeyFilter' + description: A container for object key name prefix and suffix filtering rules. + required: + - S3Key + S3KeyFilter: + type: object + description: |- + A container for object key name prefix and suffix filtering rules. For more information about object key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*. + The same type of filter rule cannot be used more than once. For example, you cannot specify two prefix rules. + additionalProperties: false + properties: + Rules: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/FilterRule' + description: A list of containers for the key-value pair that defines the criteria for the filter rule. + required: + - Rules + FilterRule: + type: object + description: >- + Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as ``2023-`` or ``engineering/``. Then, you can use ``FilterRule`` to find + objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning. + additionalProperties: false + properties: + Name: + type: string + maxLength: 1024 + description: The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. + Value: + type: string + description: The value that the filter searches for in object key names. + required: + - Value + - Name + ObjectLockConfiguration: + type: object + additionalProperties: false + properties: + ObjectLockEnabled: + type: string + x-const: Enabled + description: Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket. + Rule: + $ref: '#/components/schemas/ObjectLockRule' + description: >- + Specifies the Object Lock rule for the specified object. Enable this rule when you apply ``ObjectLockConfiguration`` to a bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and + [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html). + description: Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + ObjectLockRule: + type: object + description: Specifies the Object Lock rule for the specified object. Enable the this rule when you apply ``ObjectLockConfiguration`` to a bucket. + additionalProperties: false + properties: + DefaultRetention: + $ref: '#/components/schemas/DefaultRetention' + description: >- + The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information about allowable values for mode and period, see + [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html). + DefaultRetention: + type: object + description: |- + The container element for specifying the default Object Lock retention settings for new objects placed in the specified bucket. + + The ``DefaultRetention`` settings require both a mode and a period. + + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time. + additionalProperties: false + properties: + Years: + type: integer + description: The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``. + Days: + type: integer + description: The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``. + Mode: + type: string + enum: + - COMPLIANCE + - GOVERNANCE + description: The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``. + OwnershipControls: + type: object + additionalProperties: false + properties: + Rules: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/OwnershipControlsRule' + description: Specifies the container element for Object Ownership rules. + required: + - Rules + description: |- + Specifies the container element for Object Ownership rules. + S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. + OwnershipControlsRule: + type: object + additionalProperties: false + properties: + ObjectOwnership: + description: Specifies an object ownership rule. + type: string + enum: + - ObjectWriter + - BucketOwnerPreferred + - BucketOwnerEnforced + description: |- + Specifies an Object Ownership rule. + S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. + ReplicationConfiguration: + type: object + description: A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB. The latest version of the replication configuration XML is V2. For more information about XML V2 replication configurations, see [Replication configuration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-add-config.html) in the *Amazon S3 User Guide*. + additionalProperties: false + properties: + Role: + description: The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*. + type: string + Rules: + description: A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules. + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/ReplicationRule' + maxLength: 1000 + minLength: 1 + required: + - Role + - Rules + ReplicationRule: + type: object + description: Specifies which Amazon S3 objects to replicate and where to store the replicas. + additionalProperties: false + properties: + DeleteMarkerReplication: + $ref: '#/components/schemas/DeleteMarkerReplication' + description: >- + Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule + Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). + For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). + If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations). + Destination: + $ref: '#/components/schemas/ReplicationDestination' + description: A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC). + Filter: + $ref: '#/components/schemas/ReplicationRuleFilter' + description: |- + A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. + V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element. + Id: + description: A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID". + type: string + maxLength: 255 + Prefix: + description: |- + An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element. + Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + type: string + maxLength: 1024 + Priority: + type: integer + description: |- + The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. + For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*. + SourceSelectionCriteria: + $ref: '#/components/schemas/SourceSelectionCriteria' + description: A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. + Status: + description: Specifies whether the rule is enabled. + type: string + enum: + - Disabled + - Enabled + required: + - Destination + - Status + DeleteMarkerReplication: + type: object + additionalProperties: false + properties: + Status: + type: string + enum: + - Disabled + - Enabled + description: Indicates whether to replicate delete markers. Disabled by default. + description: >- + Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule + Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). + For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). + If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations). + ReplicationDestination: + type: object + description: A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC). + additionalProperties: false + properties: + AccessControlTranslation: + $ref: '#/components/schemas/AccessControlTranslation' + description: Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object. + Account: + type: string + description: |- + Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the ``AccessControlTranslation`` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide*. + If you specify the ``AccessControlTranslation`` property, the ``Account`` property is required. + Bucket: + type: string + description: The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results. + EncryptionConfiguration: + $ref: '#/components/schemas/EncryptionConfiguration' + description: Specifies encryption-related information. + Metrics: + $ref: '#/components/schemas/Metrics' + description: A container specifying replication metrics-related settings enabling replication metrics and events. + ReplicationTime: + $ref: '#/components/schemas/ReplicationTime' + description: A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block. + StorageClass: + description: |- + The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. + For valid values, see the ``StorageClass`` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference*. + type: string + enum: + - DEEP_ARCHIVE + - GLACIER + - GLACIER_IR + - INTELLIGENT_TIERING + - ONEZONE_IA + - REDUCED_REDUNDANCY + - STANDARD + - STANDARD_IA + required: + - Bucket + AccessControlTranslation: + type: object + description: Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object. + additionalProperties: false + properties: + Owner: + type: string + x-const: Destination + description: Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference*. + required: + - Owner + EncryptionConfiguration: + type: object + description: Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects. + additionalProperties: false + properties: + ReplicaKmsKeyID: + description: Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*. + type: string + required: + - ReplicaKmsKeyID + Metrics: + type: object + additionalProperties: false + properties: + EventThreshold: + $ref: '#/components/schemas/ReplicationTimeValue' + description: A container specifying the time threshold for emitting the ``s3:Replication:OperationMissedThreshold`` event. + Status: + type: string + enum: + - Disabled + - Enabled + description: Specifies whether the replication metrics are enabled. + required: + - Status + description: A container specifying replication metrics-related settings enabling replication metrics and events. + ReplicationTimeValue: + type: object + additionalProperties: false + properties: + Minutes: + type: integer + description: |- + Contains an integer specifying time in minutes. + Valid value: 15 + required: + - Minutes + description: A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics ``EventThreshold``. + ReplicationTime: + type: object + additionalProperties: false + properties: + Status: + type: string + enum: + - Disabled + - Enabled + description: Specifies whether the replication time is enabled. + Time: + $ref: '#/components/schemas/ReplicationTimeValue' + description: A container specifying the time by which replication should be complete for all objects and operations on objects. + required: + - Status + - Time + description: A container specifying S3 Replication Time Control (S3 RTC) related information, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block. + ReplicationRuleFilter: + type: object + additionalProperties: false + properties: + And: + $ref: '#/components/schemas/ReplicationRuleAndOperator' + description: |- + A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example: + + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag. + + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag. + Prefix: + type: string + description: |- + An object key name prefix that identifies the subset of objects to which the rule applies. + Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + TagFilter: + $ref: '#/components/schemas/TagFilter' + description: |- + A container for specifying a tag key and value. + The rule applies only to objects that have the tag in their tag set. + description: A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. + ReplicationRuleAndOperator: + type: object + additionalProperties: false + properties: + Prefix: + type: string + description: An object key name prefix that identifies the subset of objects to which the rule applies. + TagFilters: + type: array + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/TagFilter' + description: An array of tags containing key and value pairs. + description: |- + A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. + For example: + + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag. + + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag + SourceSelectionCriteria: + description: A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. + type: object + additionalProperties: false + properties: + ReplicaModifications: + description: A filter that you can specify for selection for modifications on replicas. + $ref: '#/components/schemas/ReplicaModifications' + SseKmsEncryptedObjects: + description: A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. + $ref: '#/components/schemas/SseKmsEncryptedObjects' + ReplicaModifications: + type: object + additionalProperties: false + properties: + Status: + description: |- + Specifies whether Amazon S3 replicates modifications on replicas. + *Allowed values*: ``Enabled`` | ``Disabled`` + type: string + enum: + - Enabled + - Disabled + required: + - Status + description: A filter that you can specify for selection for modifications on replicas. + SseKmsEncryptedObjects: + type: object + description: A container for filter information for the selection of S3 objects encrypted with AWS KMS. + additionalProperties: false + properties: + Status: + description: Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service. + type: string + enum: + - Disabled + - Enabled + required: + - Status + VersioningConfiguration: + description: Describes the versioning state of an Amazon S3 bucket. For more information, see [PUT Bucket versioning](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html) in the *Amazon S3 API Reference*. + type: object + additionalProperties: false + properties: + Status: + description: The versioning state of the bucket. + type: string + default: Suspended + enum: + - Enabled + - Suspended + required: + - Status + WebsiteConfiguration: + type: object + description: Specifies website configuration parameters for an Amazon S3 bucket. + additionalProperties: false + properties: + ErrorDocument: + description: The name of the error document for the website. + type: string + IndexDocument: + description: The name of the index document for the website. + type: string + RoutingRules: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/RoutingRule' + description: Rules that define when a redirect is applied and the redirect behavior. + RedirectAllRequestsTo: + $ref: '#/components/schemas/RedirectAllRequestsTo' + description: |- + The redirect behavior for every request to this bucket's website endpoint. + If you specify this property, you can't specify any other property. + RoutingRule: + description: Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see [Configuring advanced conditional redirects](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the *Amazon S3 User Guide*. + type: object + additionalProperties: false + properties: + RedirectRule: + description: Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return. + $ref: '#/components/schemas/RedirectRule' + RoutingRuleCondition: + $ref: '#/components/schemas/RoutingRuleCondition' + description: A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error. + required: + - RedirectRule + RedirectRule: + type: object + description: Specifies how requests are redirected. In the event of an error, you can specify a different error code to return. + additionalProperties: false + properties: + HostName: + description: The host name to use in the redirect request. + type: string + HttpRedirectCode: + description: The HTTP redirect code to use on the response. Not required if one of the siblings is present. + type: string + Protocol: + description: Protocol to use when redirecting requests. The default is the protocol that is used in the original request. + enum: + - http + - https + type: string + ReplaceKeyPrefixWith: + description: |- + The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix ``docs/`` (objects in the ``docs/`` folder) to ``documents/``, you can set a condition block with ``KeyPrefixEquals`` set to ``docs/`` and in the Redirect set ``ReplaceKeyPrefixWith`` to ``/documents``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyWith`` is not provided. + Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + type: string + ReplaceKeyWith: + description: |- + The specific object key to use in the redirect request. For example, redirect request to ``error.html``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyPrefixWith`` is not provided. + Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + type: string + RoutingRuleCondition: + description: A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error. + type: object + additionalProperties: false + properties: + KeyPrefixEquals: + description: |- + The object key name prefix when the redirect is applied. For example, to redirect requests for ``ExamplePage.html``, the key prefix will be ``ExamplePage.html``. To redirect request for all pages with the prefix ``docs/``, the key prefix will be ``/docs``, which identifies all objects in the docs/ folder. + Required when the parent element ``Condition`` is specified and sibling ``HttpErrorCodeReturnedEquals`` is not specified. If both conditions are specified, both must be true for the redirect to be applied. + type: string + HttpErrorCodeReturnedEquals: + description: |- + The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. + Required when parent element ``Condition`` is specified and sibling ``KeyPrefixEquals`` is not specified. If both are specified, then both must be true for the redirect to be applied. + type: string + RedirectAllRequestsTo: + description: Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket. + type: object + additionalProperties: false + properties: + HostName: + description: Name of the host where requests are redirected. + type: string + Protocol: + description: Protocol to use when redirecting requests. The default is the protocol that is used in the original request. + type: string + enum: + - http + - https + required: + - HostName + Bucket: + type: object + properties: + AccelerateConfiguration: + $ref: '#/components/schemas/AccelerateConfiguration' + description: Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*. + AccessControl: + description: |- + This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. + A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide*. + S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon. + The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html). For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide*. + enum: + - AuthenticatedRead + - AwsExecRead + - BucketOwnerFullControl + - BucketOwnerRead + - LogDeliveryWrite + - Private + - PublicRead + - PublicReadWrite + type: string + AnalyticsConfigurations: + description: Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket. + items: + $ref: '#/components/schemas/AnalyticsConfiguration' + type: array + uniqueItems: true + x-insertionOrder: true + BucketEncryption: + $ref: '#/components/schemas/BucketEncryption' + description: Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*. + BucketName: + description: >- + A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 + buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*. + If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name. + maxLength: 63 + minLength: 3 + pattern: ^[a-z0-9][a-z0-9//.//-]*[a-z0-9]$ + type: string + CorsConfiguration: + $ref: '#/components/schemas/CorsConfiguration' + description: Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*. + IntelligentTieringConfigurations: + description: Defines how Amazon S3 handles Intelligent-Tiering storage. + items: + $ref: '#/components/schemas/IntelligentTieringConfiguration' + type: array + uniqueItems: true + x-insertionOrder: true + InventoryConfigurations: + description: Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*. + items: + $ref: '#/components/schemas/InventoryConfiguration' + type: array + uniqueItems: true + x-insertionOrder: true + LifecycleConfiguration: + $ref: '#/components/schemas/LifecycleConfiguration' + description: Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*. + LoggingConfiguration: + $ref: '#/components/schemas/LoggingConfiguration' + description: Settings that define where logs are stored. + MetricsConfigurations: + description: Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html). + items: + $ref: '#/components/schemas/MetricsConfiguration' + type: array + uniqueItems: true + x-insertionOrder: true + NotificationConfiguration: + $ref: '#/components/schemas/NotificationConfiguration' + description: Configuration that defines how Amazon S3 handles bucket notifications. + ObjectLockConfiguration: + $ref: '#/components/schemas/ObjectLockConfiguration' + description: |- + This operation is not supported by directory buckets. + Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + + The ``DefaultRetention`` settings require both a mode and a period. + + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time. + + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html). + ObjectLockEnabled: + description: Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket. + type: boolean + OwnershipControls: + description: Configuration that defines how Amazon S3 handles Object Ownership rules. + $ref: '#/components/schemas/OwnershipControls' + PublicAccessBlockConfiguration: + $ref: '#/components/schemas/PublicAccessBlockConfiguration' + description: Configuration that defines how Amazon S3 handles public access. + ReplicationConfiguration: + $ref: '#/components/schemas/ReplicationConfiguration' + description: |- + Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property. + Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. + Tags: + description: An arbitrary set of tags (key-value pairs) for this S3 bucket. + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + type: array + VersioningConfiguration: + $ref: '#/components/schemas/VersioningConfiguration' + description: Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. + WebsiteConfiguration: + $ref: '#/components/schemas/WebsiteConfiguration' + description: Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). + Arn: + $ref: '#/components/schemas/Arn' + description: The Amazon Resource Name (ARN) of the specified bucket. + x-examples: + - arn:aws:s3:::mybucket + DomainName: + description: The IPv4 DNS name of the specified bucket. + x-examples: + - mystack-mybucket-kdwwxmddtr2g.s3.amazonaws.com + type: string + DualStackDomainName: + description: The IPv6 DNS name of the specified bucket. For more information about dual-stack endpoints, see [Using Amazon S3 Dual-Stack Endpoints](https://docs.aws.amazon.com/AmazonS3/latest/dev/dual-stack-endpoints.html). + x-examples: + - mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com + type: string + RegionalDomainName: + description: Returns the regional domain name of the specified bucket. + x-examples: + - mystack-mybucket-kdwwxmddtr2g.s3.us-east-2.amazonaws.com + type: string + WebsiteURL: + description: The Amazon S3 website endpoint for the specified bucket. + x-examples: + - 'Example (IPv4): http://mystack-mybucket-kdwwxmddtr2g.s3-website-us-east-2.amazonaws.com/' + - 'Example (IPv6): http://mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com/' + format: uri + type: string + x-stackql-resource-name: bucket + x-stackql-primaryIdentifier: + - BucketName + x-create-only-properties: + - BucketName + - ObjectLockEnabled + x-read-only-properties: + - Arn + - DomainName + - DualStackDomainName + - RegionalDomainName + - WebsiteURL + x-required-permissions: + create: + - s3:CreateBucket + - s3:PutBucketTagging + - s3:PutAnalyticsConfiguration + - s3:PutEncryptionConfiguration + - s3:PutBucketCORS + - s3:PutInventoryConfiguration + - s3:PutLifecycleConfiguration + - s3:PutMetricsConfiguration + - s3:PutBucketNotification + - s3:PutBucketReplication + - s3:PutBucketWebsite + - s3:PutAccelerateConfiguration + - s3:PutBucketPublicAccessBlock + - s3:PutReplicationConfiguration + - s3:PutObjectAcl + - s3:PutBucketObjectLockConfiguration + - s3:GetBucketAcl + - s3:ListBucket + - iam:PassRole + - s3:DeleteObject + - s3:PutBucketLogging + - s3:PutBucketVersioning + - s3:PutObjectLockConfiguration + - s3:PutBucketOwnershipControls + - s3:PutIntelligentTieringConfiguration + read: + - s3:GetAccelerateConfiguration + - s3:GetLifecycleConfiguration + - s3:GetBucketPublicAccessBlock + - s3:GetAnalyticsConfiguration + - s3:GetBucketCORS + - s3:GetEncryptionConfiguration + - s3:GetInventoryConfiguration + - s3:GetBucketLogging + - s3:GetMetricsConfiguration + - s3:GetBucketNotification + - s3:GetBucketVersioning + - s3:GetReplicationConfiguration + - S3:GetBucketWebsite + - s3:GetBucketPublicAccessBlock + - s3:GetBucketObjectLockConfiguration + - s3:GetBucketTagging + - s3:GetBucketOwnershipControls + - s3:GetIntelligentTieringConfiguration + - s3:ListBucket + update: + - s3:PutBucketAcl + - s3:PutBucketTagging + - s3:PutAnalyticsConfiguration + - s3:PutEncryptionConfiguration + - s3:PutBucketCORS + - s3:PutInventoryConfiguration + - s3:PutLifecycleConfiguration + - s3:PutMetricsConfiguration + - s3:PutBucketNotification + - s3:PutBucketReplication + - s3:PutBucketWebsite + - s3:PutAccelerateConfiguration + - s3:PutBucketPublicAccessBlock + - s3:PutReplicationConfiguration + - s3:PutBucketOwnershipControls + - s3:PutIntelligentTieringConfiguration + - s3:DeleteBucketWebsite + - s3:PutBucketLogging + - s3:PutBucketVersioning + - s3:PutObjectLockConfiguration + - s3:PutBucketObjectLockConfiguration + - s3:DeleteBucketAnalyticsConfiguration + - s3:DeleteBucketCors + - s3:DeleteBucketMetricsConfiguration + - s3:DeleteBucketEncryption + - s3:DeleteBucketLifecycle + - s3:DeleteBucketReplication + - iam:PassRole + - s3:ListBucket + delete: + - s3:DeleteBucket + - s3:ListBucket + list: + - s3:ListAllMyBuckets + BucketPolicy: + type: object + properties: + Bucket: + description: The name of the Amazon S3 bucket to which the policy applies. + type: string + PolicyDocument: + description: >- + A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource + description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide*. + type: object + required: + - Bucket + - PolicyDocument + x-stackql-resource-name: bucket_policy + x-stackql-primaryIdentifier: + - Bucket + x-create-only-properties: + - Bucket + x-required-permissions: + create: + - s3:GetBucketPolicy + - s3:PutBucketPolicy + read: + - s3:GetBucketPolicy + update: + - s3:GetBucketPolicy + - s3:PutBucketPolicy + delete: + - s3:GetBucketPolicy + - s3:DeleteBucketPolicy + list: + - s3:GetBucketPolicy + - s3:ListAllMyBuckets + Region: + type: object + properties: + Bucket: + type: string + minLength: 3 + maxLength: 63 + pattern: ^[a-z0-9][a-z0-9//.//-]*[a-z0-9]$ + BucketAccountId: + type: string + minLength: 12 + maxLength: 12 + pattern: ^[0-9]{12}$ + required: + - Bucket + additionalProperties: false + MultiRegionAccessPoint: + type: object + properties: + Name: + description: The name you want to assign to this Multi Region Access Point. + type: string + pattern: ^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$ + minLength: 3 + maxLength: 50 + Alias: + description: The alias is a unique identifier to, and is part of the public DNS name for this Multi Region Access Point + type: string + CreatedAt: + description: The timestamp of the when the Multi Region Access Point is created + type: string + PublicAccessBlockConfiguration: + description: The PublicAccessBlock configuration that you want to apply to this Multi Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide. + $ref: '#/components/schemas/PublicAccessBlockConfiguration' + Regions: + description: The list of buckets that you want to associate this Multi Region Access Point with. + type: array + uniqueItems: true + minItems: 1 + items: + description: The name of the bucket that represents of the region belonging to this Multi Region Access Point. + $ref: '#/components/schemas/Region' + required: + - Regions + x-stackql-resource-name: multi_region_access_point + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - PublicAccessBlockConfiguration + - Regions + x-read-only-properties: + - Alias + - CreatedAt + x-required-permissions: + create: + - s3:CreateMultiRegionAccessPoint + - s3:DescribeMultiRegionAccessPointOperation + - s3:GetMultiRegionAccessPoint + read: + - s3:GetMultiRegionAccessPoint + delete: + - s3:DeleteMultiRegionAccessPoint + - s3:DescribeMultiRegionAccessPointOperation + - s3:GetMultiRegionAccessPoint + list: + - s3:ListMultiRegionAccessPoints + MultiRegionAccessPointPolicy: + type: object + properties: + MrapName: + description: The name of the Multi Region Access Point to apply policy + type: string + pattern: ^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$ + minLength: 3 + maxLength: 50 + Policy: + description: Policy document to apply to a Multi Region Access Point + type: object + PolicyStatus: + description: The Policy Status associated with this Multi Region Access Point + type: object + properties: + IsPublic: + type: string + description: Specifies whether the policy is public or not. + enum: + - 'true' + - 'false' + additionalProperties: false + required: + - IsPublic + required: + - Policy + - MrapName + x-stackql-resource-name: multi_region_access_point_policy + x-stackql-primaryIdentifier: + - MrapName + x-create-only-properties: + - MrapName + x-read-only-properties: + - PolicyStatus + - PolicyStatus/IsPublic + x-required-permissions: + update: + - s3:PutMultiRegionAccessPointPolicy + - s3:DescribeMultiRegionAccessPointOperation + read: + - s3:GetMultiRegionAccessPointPolicy + - s3:GetMultiRegionAccessPointPolicyStatus + list: [] + delete: + - s3:GetMultiRegionAccessPointPolicy + - s3:GetMultiRegionAccessPoint + create: + - s3:PutMultiRegionAccessPointPolicy + - s3:DescribeMultiRegionAccessPointOperation + Id: + description: The ID that identifies the Amazon S3 Storage Lens configuration. + type: string + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9\-_.]+$ + BucketsAndRegions: + description: S3 buckets and Regions to include/exclude in the Amazon S3 Storage Lens configuration. + type: object + additionalProperties: false + properties: + Buckets: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Arn' + Regions: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + description: An AWS Region. + AwsOrg: + description: The AWS Organizations ARN to use in the Amazon S3 Storage Lens configuration. + type: object + additionalProperties: false + properties: + Arn: + $ref: '#/components/schemas/Arn' + required: + - Arn + ActivityMetrics: + description: Enables activity metrics. + type: object + additionalProperties: false + properties: + IsEnabled: + description: Specifies whether activity metrics are enabled or disabled. + type: boolean + AdvancedCostOptimizationMetrics: + description: Enables advanced cost optimization metrics. + type: object + additionalProperties: false + properties: + IsEnabled: + description: Specifies whether advanced cost optimization metrics are enabled or disabled. + type: boolean + AdvancedDataProtectionMetrics: + description: Enables advanced data protection metrics. + type: object + additionalProperties: false + properties: + IsEnabled: + description: Specifies whether advanced data protection metrics are enabled or disabled. + type: boolean + DetailedStatusCodesMetrics: + description: Enables detailed status codes metrics. + type: object + additionalProperties: false + properties: + IsEnabled: + description: Specifies whether detailed status codes metrics are enabled or disabled. + type: boolean + SelectionCriteria: + description: Selection criteria for prefix-level metrics. + type: object + additionalProperties: false + properties: + MaxDepth: + description: Max depth of prefixes of S3 key that Amazon S3 Storage Lens will analyze. + type: integer + Delimiter: + description: Delimiter to divide S3 key into hierarchy of prefixes. + type: string + MinStorageBytesPercentage: + description: The minimum storage bytes threshold for the prefixes to be included in the analysis. + type: number + PrefixLevelStorageMetrics: + type: object + additionalProperties: false + properties: + IsEnabled: + description: Specifies whether prefix-level storage metrics are enabled or disabled. + type: boolean + SelectionCriteria: + $ref: '#/components/schemas/SelectionCriteria' + PrefixLevel: + description: Prefix-level metrics configurations. + type: object + additionalProperties: false + properties: + StorageMetrics: + $ref: '#/components/schemas/PrefixLevelStorageMetrics' + required: + - StorageMetrics + BucketLevel: + description: Bucket-level metrics configurations. + type: object + additionalProperties: false + properties: + ActivityMetrics: + $ref: '#/components/schemas/ActivityMetrics' + AdvancedCostOptimizationMetrics: + $ref: '#/components/schemas/AdvancedCostOptimizationMetrics' + AdvancedDataProtectionMetrics: + $ref: '#/components/schemas/AdvancedDataProtectionMetrics' + DetailedStatusCodesMetrics: + $ref: '#/components/schemas/DetailedStatusCodesMetrics' + PrefixLevel: + $ref: '#/components/schemas/PrefixLevel' + StorageLensGroupArn: + description: The ARN for the Amazon S3 Storage Lens Group configuration. + type: string + StorageLensGroupSelectionCriteria: + description: Selection criteria for Storage Lens Group level metrics + type: object + additionalProperties: false + properties: + Include: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/StorageLensGroupArn' + Exclude: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/StorageLensGroupArn' + StorageLensGroupLevel: + description: Specifies the details of Amazon S3 Storage Lens Group configuration. + type: object + additionalProperties: false + properties: + StorageLensGroupSelectionCriteria: + $ref: '#/components/schemas/StorageLensGroupSelectionCriteria' + AccountLevel: + description: Account-level metrics configurations. + type: object + additionalProperties: false + properties: + ActivityMetrics: + $ref: '#/components/schemas/ActivityMetrics' + AdvancedCostOptimizationMetrics: + $ref: '#/components/schemas/AdvancedCostOptimizationMetrics' + AdvancedDataProtectionMetrics: + $ref: '#/components/schemas/AdvancedDataProtectionMetrics' + DetailedStatusCodesMetrics: + $ref: '#/components/schemas/DetailedStatusCodesMetrics' + BucketLevel: + $ref: '#/components/schemas/BucketLevel' + StorageLensGroupLevel: + $ref: '#/components/schemas/StorageLensGroupLevel' + required: + - BucketLevel + SSEKMS: + description: AWS KMS server-side encryption. + type: object + additionalProperties: false + properties: + KeyId: + description: The ARN of the KMS key to use for encryption. + type: string + required: + - KeyId + Encryption: + description: Configures the server-side encryption for Amazon S3 Storage Lens report files with either S3-managed keys (SSE-S3) or KMS-managed keys (SSE-KMS). + type: object + oneOf: + - additionalProperties: false + properties: + SSES3: + description: S3 default server-side encryption. + type: object + additionalProperties: false + required: + - SSES3 + - additionalProperties: false + properties: + SSEKMS: + $ref: '#/components/schemas/SSEKMS' + required: + - SSEKMS + S3BucketDestination: + description: S3 bucket destination settings for the Amazon S3 Storage Lens metrics export. + type: object + additionalProperties: false + properties: + OutputSchemaVersion: + description: The version of the output schema to use when exporting Amazon S3 Storage Lens metrics. + type: string + enum: + - V_1 + Format: + description: Specifies the file format to use when exporting Amazon S3 Storage Lens metrics export. + type: string + enum: + - CSV + - Parquet + AccountId: + description: The AWS account ID that owns the destination S3 bucket. + type: string + Arn: + description: The ARN of the bucket to which Amazon S3 Storage Lens exports will be placed. + type: string + Prefix: + description: The prefix to use for Amazon S3 Storage Lens export. + type: string + Encryption: + $ref: '#/components/schemas/Encryption' + required: + - OutputSchemaVersion + - Format + - AccountId + - Arn + CloudWatchMetrics: + description: CloudWatch metrics settings for the Amazon S3 Storage Lens metrics export. + type: object + additionalProperties: false + properties: + IsEnabled: + description: Specifies whether CloudWatch metrics are enabled or disabled. + type: boolean + required: + - IsEnabled + StorageLensConfiguration: + description: Specifies the details of Amazon S3 Storage Lens configuration. + type: object + additionalProperties: false + properties: + Id: + $ref: '#/components/schemas/Id' + Include: + $ref: '#/components/schemas/BucketsAndRegions' + Exclude: + $ref: '#/components/schemas/BucketsAndRegions' + AwsOrg: + $ref: '#/components/schemas/AwsOrg' + AccountLevel: + $ref: '#/components/schemas/AccountLevel' + DataExport: + $ref: '#/components/schemas/DataExport' + IsEnabled: + description: Specifies whether the Amazon S3 Storage Lens configuration is enabled or disabled. + type: boolean + StorageLensArn: + description: The ARN for the Amazon S3 Storage Lens configuration. + type: string + required: + - Id + - AccountLevel + - IsEnabled + StorageLens: + type: object + properties: + StorageLensConfiguration: + $ref: '#/components/schemas/StorageLensConfiguration' + Tags: + description: A set of tags (key-value pairs) for this Amazon S3 Storage Lens configuration. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + required: + - StorageLensConfiguration + x-stackql-resource-name: storage_lens + x-stackql-primaryIdentifier: + - StorageLensConfiguration/Id + x-create-only-properties: + - StorageLensConfiguration/Id + x-read-only-properties: + - StorageLensConfiguration/StorageLensArn + x-required-permissions: + create: + - s3:PutStorageLensConfiguration + - s3:PutStorageLensConfigurationTagging + - s3:GetStorageLensConfiguration + - s3:GetStorageLensConfigurationTagging + - organizations:DescribeOrganization + - organizations:ListAccounts + - organizations:ListAWSServiceAccessForOrganization + - organizations:ListDelegatedAdministrators + - iam:CreateServiceLinkedRole + read: + - s3:GetStorageLensConfiguration + - s3:GetStorageLensConfigurationTagging + update: + - s3:PutStorageLensConfiguration + - s3:PutStorageLensConfigurationTagging + - s3:GetStorageLensConfiguration + - s3:GetStorageLensConfigurationTagging + - organizations:DescribeOrganization + - organizations:ListAccounts + - organizations:ListAWSServiceAccessForOrganization + - organizations:ListDelegatedAdministrators + - iam:CreateServiceLinkedRole + delete: + - s3:DeleteStorageLensConfiguration + - s3:DeleteStorageLensConfigurationTagging + list: + - s3:ListStorageLensConfigurations + Name: + description: The name that identifies the Amazon S3 Storage Lens Group. + type: string + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9\-_]+$ + MatchAnyPrefix: + description: Filter to match any of the specified prefixes. + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + maxLength: 1024 + MatchAnySuffix: + description: Filter to match any of the specified suffixes. + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + maxLength: 1024 + MatchAnyTag: + description: Filter to match any of the specified object tags. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + MatchObjectAge: + description: Filter to match all of the specified values for the minimum and maximum object age. + type: object + additionalProperties: false + properties: + DaysGreaterThan: + description: Minimum object age to which the rule applies. + type: integer + minimum: 1 + DaysLessThan: + description: Maximum object age to which the rule applies. + type: integer + minimum: 1 + MatchObjectSize: + description: Filter to match all of the specified values for the minimum and maximum object size. + type: object + additionalProperties: false + properties: + BytesGreaterThan: + description: Minimum object size to which the rule applies. + type: integer + format: int64 + minimum: 1 + BytesLessThan: + description: Maximum object size to which the rule applies. + type: integer + format: int64 + minimum: 1 + And: + description: The Storage Lens group will include objects that match all of the specified filter values. + type: object + uniqueItems: true + additionalProperties: false + minProperties: 2 + properties: + MatchAnyPrefix: + $ref: '#/components/schemas/MatchAnyPrefix' + MatchAnySuffix: + $ref: '#/components/schemas/MatchAnySuffix' + MatchAnyTag: + $ref: '#/components/schemas/MatchAnyTag' + MatchObjectSize: + $ref: '#/components/schemas/MatchObjectSize' + MatchObjectAge: + $ref: '#/components/schemas/MatchObjectAge' + Or: + description: The Storage Lens group will include objects that match any of the specified filter values. + type: object + uniqueItems: true + additionalProperties: false + minProperties: 2 + properties: + MatchAnyPrefix: + $ref: '#/components/schemas/MatchAnyPrefix' + MatchAnySuffix: + $ref: '#/components/schemas/MatchAnySuffix' + MatchAnyTag: + $ref: '#/components/schemas/MatchAnyTag' + MatchObjectSize: + $ref: '#/components/schemas/MatchObjectSize' + MatchObjectAge: + $ref: '#/components/schemas/MatchObjectAge' + Filter: + description: Sets the Storage Lens Group filter. + type: object + properties: + MatchAnyPrefix: + $ref: '#/components/schemas/MatchAnyPrefix' + MatchAnySuffix: + $ref: '#/components/schemas/MatchAnySuffix' + MatchAnyTag: + $ref: '#/components/schemas/MatchAnyTag' + MatchObjectSize: + $ref: '#/components/schemas/MatchObjectSize' + MatchObjectAge: + $ref: '#/components/schemas/MatchObjectAge' + And: + $ref: '#/components/schemas/And' + Or: + $ref: '#/components/schemas/Or' + additionalProperties: false + StorageLensGroup: + type: object + properties: + Name: + $ref: '#/components/schemas/Name' + Filter: + $ref: '#/components/schemas/Filter' + StorageLensGroupArn: + description: The ARN for the Amazon S3 Storage Lens Group. + type: string + Tags: + description: A set of tags (key-value pairs) for this Amazon S3 Storage Lens Group. + type: array + x-insertionOrder: true + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - Filter + x-stackql-resource-name: storage_lens_group + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - StorageLensGroupArn + x-required-permissions: + create: + - s3:CreateStorageLensGroup + - s3:GetStorageLensGroup + - s3:TagResource + - s3:ListTagsForResource + read: + - s3:GetStorageLensGroup + - s3:ListTagsForResource + update: + - s3:GetStorageLensGroup + - s3:UpdateStorageLensGroup + - s3:TagResource + - s3:UntagResource + - s3:ListTagsForResource + delete: + - s3:DeleteStorageLensGroup + list: + - s3:ListStorageLensGroups + x-stackQL-resources: + access_grants: + name: access_grants + id: awscc.s3.access_grants + x-cfn-schema-name: AccessGrant + x-type: list + x-identifiers: + - AccessGrantId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessGrantId') as access_grant_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessGrant' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessGrantId') as access_grant_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessGrant' + AND region = 'us-east-1' + access_grant: + name: access_grant + id: awscc.s3.access_grant + x-cfn-schema-name: AccessGrant + x-type: get + x-identifiers: + - AccessGrantId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessGrantId') as access_grant_id, + JSON_EXTRACT(Properties, '$.AccessGrantsLocationId') as access_grants_location_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Permission') as permission, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn, + JSON_EXTRACT(Properties, '$.S3PrefixType') as s3_prefix_type, + JSON_EXTRACT(Properties, '$.GrantScope') as grant_scope, + JSON_EXTRACT(Properties, '$.AccessGrantArn') as access_grant_arn, + JSON_EXTRACT(Properties, '$.Grantee') as grantee, + JSON_EXTRACT(Properties, '$.AccessGrantsLocationConfiguration') as access_grants_location_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessGrant' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessGrantId') as access_grant_id, + json_extract_path_text(Properties, 'AccessGrantsLocationId') as access_grants_location_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Permission') as permission, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn, + json_extract_path_text(Properties, 'S3PrefixType') as s3_prefix_type, + json_extract_path_text(Properties, 'GrantScope') as grant_scope, + json_extract_path_text(Properties, 'AccessGrantArn') as access_grant_arn, + json_extract_path_text(Properties, 'Grantee') as grantee, + json_extract_path_text(Properties, 'AccessGrantsLocationConfiguration') as access_grants_location_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessGrant' + AND data__Identifier = '' + AND region = 'us-east-1' + access_grants_instances: + name: access_grants_instances + id: awscc.s3.access_grants_instances + x-cfn-schema-name: AccessGrantsInstance + x-type: list + x-identifiers: + - AccessGrantsInstanceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessGrantsInstanceArn') as access_grants_instance_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessGrantsInstance' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessGrantsInstanceArn') as access_grants_instance_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessGrantsInstance' + AND region = 'us-east-1' + access_grants_instance: + name: access_grants_instance + id: awscc.s3.access_grants_instance + x-cfn-schema-name: AccessGrantsInstance + x-type: get + x-identifiers: + - AccessGrantsInstanceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessGrantsInstanceArn') as access_grants_instance_arn, + JSON_EXTRACT(Properties, '$.IdentityCenterArn') as identity_center_arn, + JSON_EXTRACT(Properties, '$.AccessGrantsInstanceId') as access_grants_instance_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessGrantsInstance' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessGrantsInstanceArn') as access_grants_instance_arn, + json_extract_path_text(Properties, 'IdentityCenterArn') as identity_center_arn, + json_extract_path_text(Properties, 'AccessGrantsInstanceId') as access_grants_instance_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessGrantsInstance' + AND data__Identifier = '' + AND region = 'us-east-1' + access_grants_locations: + name: access_grants_locations + id: awscc.s3.access_grants_locations + x-cfn-schema-name: AccessGrantsLocation + x-type: list + x-identifiers: + - AccessGrantsLocationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessGrantsLocationId') as access_grants_location_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessGrantsLocation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessGrantsLocationId') as access_grants_location_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessGrantsLocation' + AND region = 'us-east-1' + access_grants_location: + name: access_grants_location + id: awscc.s3.access_grants_location + x-cfn-schema-name: AccessGrantsLocation + x-type: get + x-identifiers: + - AccessGrantsLocationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessGrantsLocationArn') as access_grants_location_arn, + JSON_EXTRACT(Properties, '$.AccessGrantsLocationId') as access_grants_location_id, + JSON_EXTRACT(Properties, '$.IamRoleArn') as iam_role_arn, + JSON_EXTRACT(Properties, '$.LocationScope') as location_scope, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessGrantsLocation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessGrantsLocationArn') as access_grants_location_arn, + json_extract_path_text(Properties, 'AccessGrantsLocationId') as access_grants_location_id, + json_extract_path_text(Properties, 'IamRoleArn') as iam_role_arn, + json_extract_path_text(Properties, 'LocationScope') as location_scope, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessGrantsLocation' + AND data__Identifier = '' + AND region = 'us-east-1' + access_points: + name: access_points + id: awscc.s3.access_points + x-cfn-schema-name: AccessPoint + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessPoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::AccessPoint' + AND region = 'us-east-1' + access_point: + name: access_point + id: awscc.s3.access_point + x-cfn-schema-name: AccessPoint + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Alias') as alias, + JSON_EXTRACT(Properties, '$.Bucket') as bucket, + JSON_EXTRACT(Properties, '$.BucketAccountId') as bucket_account_id, + JSON_EXTRACT(Properties, '$.VpcConfiguration') as vpc_configuration, + JSON_EXTRACT(Properties, '$.PublicAccessBlockConfiguration') as public_access_block_configuration, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.NetworkOrigin') as network_origin, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Alias') as alias, + json_extract_path_text(Properties, 'Bucket') as bucket, + json_extract_path_text(Properties, 'BucketAccountId') as bucket_account_id, + json_extract_path_text(Properties, 'VpcConfiguration') as vpc_configuration, + json_extract_path_text(Properties, 'PublicAccessBlockConfiguration') as public_access_block_configuration, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'NetworkOrigin') as network_origin, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + buckets: + name: buckets + id: awscc.s3.buckets + x-cfn-schema-name: Bucket + x-type: list + x-identifiers: + - BucketName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::Bucket' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BucketName') as bucket_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::Bucket' + AND region = 'us-east-1' + bucket: + name: bucket + id: awscc.s3.bucket + x-cfn-schema-name: Bucket + x-type: get + x-identifiers: + - BucketName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccelerateConfiguration') as accelerate_configuration, + JSON_EXTRACT(Properties, '$.AccessControl') as access_control, + JSON_EXTRACT(Properties, '$.AnalyticsConfigurations') as analytics_configurations, + JSON_EXTRACT(Properties, '$.BucketEncryption') as bucket_encryption, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name, + JSON_EXTRACT(Properties, '$.CorsConfiguration') as cors_configuration, + JSON_EXTRACT(Properties, '$.IntelligentTieringConfigurations') as intelligent_tiering_configurations, + JSON_EXTRACT(Properties, '$.InventoryConfigurations') as inventory_configurations, + JSON_EXTRACT(Properties, '$.LifecycleConfiguration') as lifecycle_configuration, + JSON_EXTRACT(Properties, '$.LoggingConfiguration') as logging_configuration, + JSON_EXTRACT(Properties, '$.MetricsConfigurations') as metrics_configurations, + JSON_EXTRACT(Properties, '$.NotificationConfiguration') as notification_configuration, + JSON_EXTRACT(Properties, '$.ObjectLockConfiguration') as object_lock_configuration, + JSON_EXTRACT(Properties, '$.ObjectLockEnabled') as object_lock_enabled, + JSON_EXTRACT(Properties, '$.OwnershipControls') as ownership_controls, + JSON_EXTRACT(Properties, '$.PublicAccessBlockConfiguration') as public_access_block_configuration, + JSON_EXTRACT(Properties, '$.ReplicationConfiguration') as replication_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VersioningConfiguration') as versioning_configuration, + JSON_EXTRACT(Properties, '$.WebsiteConfiguration') as website_configuration, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DomainName') as domain_name, + JSON_EXTRACT(Properties, '$.DualStackDomainName') as dual_stack_domain_name, + JSON_EXTRACT(Properties, '$.RegionalDomainName') as regional_domain_name, + JSON_EXTRACT(Properties, '$.WebsiteURL') as website_ur_l + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::Bucket' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccelerateConfiguration') as accelerate_configuration, + json_extract_path_text(Properties, 'AccessControl') as access_control, + json_extract_path_text(Properties, 'AnalyticsConfigurations') as analytics_configurations, + json_extract_path_text(Properties, 'BucketEncryption') as bucket_encryption, + json_extract_path_text(Properties, 'BucketName') as bucket_name, + json_extract_path_text(Properties, 'CorsConfiguration') as cors_configuration, + json_extract_path_text(Properties, 'IntelligentTieringConfigurations') as intelligent_tiering_configurations, + json_extract_path_text(Properties, 'InventoryConfigurations') as inventory_configurations, + json_extract_path_text(Properties, 'LifecycleConfiguration') as lifecycle_configuration, + json_extract_path_text(Properties, 'LoggingConfiguration') as logging_configuration, + json_extract_path_text(Properties, 'MetricsConfigurations') as metrics_configurations, + json_extract_path_text(Properties, 'NotificationConfiguration') as notification_configuration, + json_extract_path_text(Properties, 'ObjectLockConfiguration') as object_lock_configuration, + json_extract_path_text(Properties, 'ObjectLockEnabled') as object_lock_enabled, + json_extract_path_text(Properties, 'OwnershipControls') as ownership_controls, + json_extract_path_text(Properties, 'PublicAccessBlockConfiguration') as public_access_block_configuration, + json_extract_path_text(Properties, 'ReplicationConfiguration') as replication_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VersioningConfiguration') as versioning_configuration, + json_extract_path_text(Properties, 'WebsiteConfiguration') as website_configuration, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DomainName') as domain_name, + json_extract_path_text(Properties, 'DualStackDomainName') as dual_stack_domain_name, + json_extract_path_text(Properties, 'RegionalDomainName') as regional_domain_name, + json_extract_path_text(Properties, 'WebsiteURL') as website_ur_l + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::Bucket' + AND data__Identifier = '' + AND region = 'us-east-1' + bucket_policies: + name: bucket_policies + id: awscc.s3.bucket_policies + x-cfn-schema-name: BucketPolicy + x-type: list + x-identifiers: + - Bucket + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Bucket') as bucket + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::BucketPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Bucket') as bucket + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::BucketPolicy' + AND region = 'us-east-1' + bucket_policy: + name: bucket_policy + id: awscc.s3.bucket_policy + x-cfn-schema-name: BucketPolicy + x-type: get + x-identifiers: + - Bucket + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Bucket') as bucket, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::BucketPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Bucket') as bucket, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::BucketPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + multi_region_access_points: + name: multi_region_access_points + id: awscc.s3.multi_region_access_points + x-cfn-schema-name: MultiRegionAccessPoint + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPoint' + AND region = 'us-east-1' + multi_region_access_point: + name: multi_region_access_point + id: awscc.s3.multi_region_access_point + x-cfn-schema-name: MultiRegionAccessPoint + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Alias') as alias, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.PublicAccessBlockConfiguration') as public_access_block_configuration, + JSON_EXTRACT(Properties, '$.Regions') as regions + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Alias') as alias, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'PublicAccessBlockConfiguration') as public_access_block_configuration, + json_extract_path_text(Properties, 'Regions') as regions + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + multi_region_access_point_policies: + name: multi_region_access_point_policies + id: awscc.s3.multi_region_access_point_policies + x-cfn-schema-name: MultiRegionAccessPointPolicy + x-type: list + x-identifiers: + - MrapName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MrapName') as mrap_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPointPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MrapName') as mrap_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPointPolicy' + AND region = 'us-east-1' + multi_region_access_point_policy: + name: multi_region_access_point_policy + id: awscc.s3.multi_region_access_point_policy + x-cfn-schema-name: MultiRegionAccessPointPolicy + x-type: get + x-identifiers: + - MrapName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MrapName') as mrap_name, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.PolicyStatus') as policy_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPointPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MrapName') as mrap_name, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'PolicyStatus') as policy_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::MultiRegionAccessPointPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + storage_lens: + name: storage_lens + id: awscc.s3.storage_lens + x-cfn-schema-name: StorageLens + x-type: get + x-identifiers: + - StorageLensConfiguration/Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StorageLensConfiguration') as storage_lens_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::StorageLens' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StorageLensConfiguration') as storage_lens_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::StorageLens' + AND data__Identifier = '' + AND region = 'us-east-1' + storage_lens_groups: + name: storage_lens_groups + id: awscc.s3.storage_lens_groups + x-cfn-schema-name: StorageLensGroup + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::StorageLensGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3::StorageLensGroup' + AND region = 'us-east-1' + storage_lens_group: + name: storage_lens_group + id: awscc.s3.storage_lens_group + x-cfn-schema-name: StorageLensGroup + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Filter') as filter, + JSON_EXTRACT(Properties, '$.StorageLensGroupArn') as storage_lens_group_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::StorageLensGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Filter') as filter, + json_extract_path_text(Properties, 'StorageLensGroupArn') as storage_lens_group_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3::StorageLensGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/s3express.yaml b/providers/src/awscc/v00.00.00000/services/s3express.yaml new file mode 100644 index 00000000..c5b6633c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/s3express.yaml @@ -0,0 +1,199 @@ +openapi: 3.0.0 +info: + title: S3Express + version: 1.0.0 +paths: {} +components: + schemas: + BucketPolicy: + type: object + properties: + Bucket: + description: The name of the S3 directory bucket to which the policy applies. + type: string + PolicyDocument: + description: A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. + type: object + required: + - Bucket + - PolicyDocument + x-stackql-resource-name: bucket_policy + x-stackql-primaryIdentifier: + - Bucket + x-create-only-properties: + - Bucket + x-required-permissions: + create: + - s3express:GetBucketPolicy + - s3express:PutBucketPolicy + read: + - s3express:GetBucketPolicy + update: + - s3express:GetBucketPolicy + - s3express:PutBucketPolicy + delete: + - s3express:GetBucketPolicy + - s3express:DeleteBucketPolicy + list: + - s3express:GetBucketPolicy + - s3express:ListAllMyDirectoryBuckets + Arn: + description: The Amazon Resource Name (ARN) of the specified bucket. + type: string + DirectoryBucket: + type: object + properties: + BucketName: + description: Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone. The bucket name must also follow the format 'bucket_base_name--az_id--x-s3' (for example, 'DOC-EXAMPLE-BUCKET--usw2-az1--x-s3'). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name. + maxLength: 63 + pattern: ^[a-z0-9][a-z0-9//.//-]*[a-z0-9]$ + type: string + LocationName: + description: Specifies the AZ ID of the Availability Zone where the directory bucket will be created. An example AZ ID value is 'use1-az5'. + type: string + DataRedundancy: + description: Specifies the number of Availability Zone that's used for redundancy for the bucket. + type: string + enum: + - SingleAvailabilityZone + Arn: + $ref: '#/components/schemas/Arn' + description: Returns the Amazon Resource Name (ARN) of the specified bucket. + x-examples: + - arn:aws:s3express:us-west-2:123456789123:bucket/DOC-EXAMPLE-BUCKET--usw2-az1--x-s3 + required: + - LocationName + - DataRedundancy + x-stackql-resource-name: directory_bucket + x-stackql-primaryIdentifier: + - BucketName + x-create-only-properties: + - BucketName + - LocationName + - DataRedundancy + x-read-only-properties: + - Arn + x-required-permissions: + create: + - s3express:CreateBucket + - s3express:ListAllMyDirectoryBuckets + read: + - s3express:ListAllMyDirectoryBuckets + delete: + - s3express:DeleteBucket + - s3express:ListAllMyDirectoryBuckets + list: + - s3express:ListAllMyDirectoryBuckets + x-stackQL-resources: + bucket_policies: + name: bucket_policies + id: awscc.s3express.bucket_policies + x-cfn-schema-name: BucketPolicy + x-type: list + x-identifiers: + - Bucket + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Bucket') as bucket + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Express::BucketPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Bucket') as bucket + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Express::BucketPolicy' + AND region = 'us-east-1' + bucket_policy: + name: bucket_policy + id: awscc.s3express.bucket_policy + x-cfn-schema-name: BucketPolicy + x-type: get + x-identifiers: + - Bucket + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Bucket') as bucket, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Express::BucketPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Bucket') as bucket, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Express::BucketPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + directory_buckets: + name: directory_buckets + id: awscc.s3express.directory_buckets + x-cfn-schema-name: DirectoryBucket + x-type: list + x-identifiers: + - BucketName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Express::DirectoryBucket' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BucketName') as bucket_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Express::DirectoryBucket' + AND region = 'us-east-1' + directory_bucket: + name: directory_bucket + id: awscc.s3express.directory_bucket + x-cfn-schema-name: DirectoryBucket + x-type: get + x-identifiers: + - BucketName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name, + JSON_EXTRACT(Properties, '$.LocationName') as location_name, + JSON_EXTRACT(Properties, '$.DataRedundancy') as data_redundancy, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Express::DirectoryBucket' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'BucketName') as bucket_name, + json_extract_path_text(Properties, 'LocationName') as location_name, + json_extract_path_text(Properties, 'DataRedundancy') as data_redundancy, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Express::DirectoryBucket' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/s3objectlambda.yaml b/providers/src/awscc/v00.00.00000/services/s3objectlambda.yaml new file mode 100644 index 00000000..3dfd6463 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/s3objectlambda.yaml @@ -0,0 +1,327 @@ +openapi: 3.0.0 +info: + title: S3ObjectLambda + version: 1.0.0 +paths: {} +components: + schemas: + PublicAccessBlockConfiguration: + type: object + additionalProperties: false + description: The Public Access Block Configuration is used to block policies that would allow public access to this Object lambda Access Point. All public access to Object lambda Access Points are blocked by default, and any policy that would give public access to them will be also blocked. This behavior cannot be changed for Object lambda Access Points. + properties: + BlockPublicAcls: + type: boolean + description: |- + Specifies whether Amazon S3 should block public access control lists (ACLs) to this object lambda access point. Setting this element to TRUE causes the following behavior: + - PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public. + - PUT Object calls fail if the request includes a public ACL. + . - PUT Bucket calls fail if the request includes a public ACL. + Enabling this setting doesn't affect existing policies or ACLs. + IgnorePublicAcls: + type: boolean + description: Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. + BlockPublicPolicy: + type: boolean + description: Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. + RestrictPublicBuckets: + type: boolean + description: |- + Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. + Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. + ObjectLambdaConfiguration: + type: object + additionalProperties: false + description: Configuration to be applied to this Object lambda Access Point. It specifies Supporting Access Point, Transformation Configurations. Customers can also set if they like to enable Cloudwatch metrics for accesses to this Object lambda Access Point. Default setting for Cloudwatch metrics is disable. + properties: + SupportingAccessPoint: + type: string + minLength: 1 + maxLength: 2048 + AllowedFeatures: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + CloudWatchMetricsEnabled: + type: boolean + TransformationConfigurations: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/TransformationConfiguration' + required: + - SupportingAccessPoint + - TransformationConfigurations + TransformationConfiguration: + type: object + additionalProperties: false + description: Configuration to define what content transformation will be applied on which S3 Action. + properties: + Actions: + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Action' + ContentTransformation: + type: object + oneOf: + - additionalProperties: false + properties: + AwsLambda: + $ref: '#/components/schemas/AwsLambda' + required: + - AwsLambda + required: + - Actions + - ContentTransformation + AwsLambda: + type: object + additionalProperties: false + properties: + FunctionArn: + type: string + minLength: 1 + maxLength: 2048 + FunctionPayload: + type: string + required: + - FunctionArn + Action: + type: string + Alias: + type: object + additionalProperties: false + properties: + Status: + type: string + description: The status of the Object Lambda alias. + pattern: ^[A-Z]*$ + Value: + type: string + description: The value of the Object Lambda alias. + pattern: ^[a-z0-9\-]*$ + required: + - Value + PolicyStatus: + type: object + additionalProperties: false + properties: + IsPublic: + type: boolean + description: Specifies whether the Object lambda Access Point Policy is Public or not. Object lambda Access Points are private by default. + AccessPoint: + type: object + properties: + Name: + description: The name you want to assign to this Object lambda Access Point. + type: string + pattern: ^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$ + minLength: 3 + maxLength: 45 + Alias: + $ref: '#/components/schemas/Alias' + Arn: + type: string + pattern: arn:[^:]+:s3-object-lambda:[^:]*:\d{12}:accesspoint/.* + CreationDate: + description: The date and time when the Object lambda Access Point was created. + type: string + PublicAccessBlockConfiguration: + description: The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide. + $ref: '#/components/schemas/PublicAccessBlockConfiguration' + PolicyStatus: + $ref: '#/components/schemas/PolicyStatus' + ObjectLambdaConfiguration: + description: The Object lambda Access Point Configuration that configures transformations to be applied on the objects on specified S3 Actions + $ref: '#/components/schemas/ObjectLambdaConfiguration' + required: + - ObjectLambdaConfiguration + x-stackql-resource-name: access_point + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - Alias + - Alias/Value + - Alias/Status + - PolicyStatus + - PolicyStatus/IsPublic + - CreationDate + - PublicAccessBlockConfiguration + x-required-permissions: + create: + - s3:CreateAccessPointForObjectLambda + - s3:PutAccessPointConfigurationForObjectLambda + - s3:GetAccessPointForObjectLambda + - s3:GetAccessPointPolicyStatusForObjectLambda + - s3:GetAccessPointConfigurationForObjectLambda + read: + - s3:GetAccessPointForObjectLambda + - s3:GetAccessPointPolicyStatusForObjectLambda + - s3:GetAccessPointConfigurationForObjectLambda + update: + - s3:PutAccessPointConfigurationForObjectLambda + - s3:GetAccessPointForObjectLambda + - s3:GetAccessPointPolicyStatusForObjectLambda + - s3:GetAccessPointConfigurationForObjectLambda + delete: + - s3:DeleteAccessPointForObjectLambda + list: + - s3:ListAccessPointsForObjectLambda + AccessPointPolicy: + type: object + properties: + ObjectLambdaAccessPoint: + description: The name of the Amazon S3 ObjectLambdaAccessPoint to which the policy applies. + type: string + pattern: ^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$ + minLength: 3 + maxLength: 45 + PolicyDocument: + description: 'A policy document containing permissions to add to the specified ObjectLambdaAccessPoint. For more information, see Access Policy Language Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the Amazon Simple Storage Service Developer Guide. ' + type: object + required: + - ObjectLambdaAccessPoint + - PolicyDocument + x-stackql-resource-name: access_point_policy + x-stackql-primaryIdentifier: + - ObjectLambdaAccessPoint + x-create-only-properties: + - ObjectLambdaAccessPoint + x-required-permissions: + create: + - s3:PutAccessPointPolicyForObjectLambda + - s3:GetAccessPointPolicyForObjectLambda + read: + - s3:GetAccessPointPolicyForObjectLambda + update: + - s3:PutAccessPointPolicyForObjectLambda + - s3:GetAccessPointPolicyForObjectLambda + delete: + - s3:DeleteAccessPointPolicyForObjectLambda + - s3:GetAccessPointPolicyForObjectLambda + x-stackQL-resources: + access_points: + name: access_points + id: awscc.s3objectlambda.access_points + x-cfn-schema-name: AccessPoint + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPoint' + AND region = 'us-east-1' + access_point: + name: access_point + id: awscc.s3objectlambda.access_point + x-cfn-schema-name: AccessPoint + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Alias') as alias, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.PublicAccessBlockConfiguration') as public_access_block_configuration, + JSON_EXTRACT(Properties, '$.PolicyStatus') as policy_status, + JSON_EXTRACT(Properties, '$.ObjectLambdaConfiguration') as object_lambda_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Alias') as alias, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'PublicAccessBlockConfiguration') as public_access_block_configuration, + json_extract_path_text(Properties, 'PolicyStatus') as policy_status, + json_extract_path_text(Properties, 'ObjectLambdaConfiguration') as object_lambda_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + access_point_policies: + name: access_point_policies + id: awscc.s3objectlambda.access_point_policies + x-cfn-schema-name: AccessPointPolicy + x-type: list + x-identifiers: + - ObjectLambdaAccessPoint + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ObjectLambdaAccessPoint') as object_lambda_access_point + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPointPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ObjectLambdaAccessPoint') as object_lambda_access_point + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPointPolicy' + AND region = 'us-east-1' + access_point_policy: + name: access_point_policy + id: awscc.s3objectlambda.access_point_policy + x-cfn-schema-name: AccessPointPolicy + x-type: get + x-identifiers: + - ObjectLambdaAccessPoint + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ObjectLambdaAccessPoint') as object_lambda_access_point, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPointPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ObjectLambdaAccessPoint') as object_lambda_access_point, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3ObjectLambda::AccessPointPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/s3outposts.yaml b/providers/src/awscc/v00.00.00000/services/s3outposts.yaml new file mode 100644 index 00000000..0fac6242 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/s3outposts.yaml @@ -0,0 +1,670 @@ +openapi: 3.0.0 +info: + title: S3Outposts + version: 1.0.0 +paths: {} +components: + schemas: + VpcConfiguration: + type: object + additionalProperties: false + properties: + VpcId: + description: Virtual Private Cloud (VPC) Id from which AccessPoint will allow requests. + type: string + minLength: 1 + maxLength: 1024 + AccessPoint: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the specified AccessPoint. + maxLength: 2048 + minLength: 20 + pattern: ^arn:[^:]+:s3-outposts:[a-zA-Z0-9\-]+:\d{12}:outpost\/[^:]+\/accesspoint\/[^:]+$ + type: string + Bucket: + description: The Amazon Resource Name (ARN) of the bucket you want to associate this AccessPoint with. + maxLength: 2048 + minLength: 20 + pattern: ^arn:[^:]+:s3-outposts:[a-zA-Z0-9\-]+:\d{12}:outpost\/[^:]+\/bucket\/[^:]+$ + type: string + Name: + description: A name for the AccessPoint. + maxLength: 50 + minLength: 3 + pattern: ^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$ + type: string + VpcConfiguration: + description: Virtual Private Cloud (VPC) from which requests can be made to the AccessPoint. + $ref: '#/components/schemas/VpcConfiguration' + Policy: + description: The access point policy associated with this access point. + type: object + required: + - Bucket + - Name + - VpcConfiguration + x-stackql-resource-name: access_point + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Bucket + - Name + - VpcConfiguration + x-read-only-properties: + - Arn + x-required-permissions: + create: + - s3-outposts:CreateAccessPoint + - s3-outposts:GetAccessPoint + - s3-outposts:PutAccessPointPolicy + - s3-outposts:GetAccessPointPolicy + read: + - s3-outposts:GetAccessPoint + - s3-outposts:GetAccessPointPolicy + update: + - s3-outposts:GetAccessPoint + - s3-outposts:PutAccessPointPolicy + - s3-outposts:GetAccessPointPolicy + - s3-outposts:DeleteAccessPointPolicy + delete: + - s3-outposts:DeleteAccessPoint + - s3-outposts:DeleteAccessPointPolicy + list: + - s3-outposts:ListAccessPoints + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 1024 + pattern: ^(?!aws:.*)([\p{L}\p{Z}\p{N}_.:=+\/\-@%]*)$ + Value: + type: string + minLength: 1 + maxLength: 1024 + pattern: ^([\p{L}\p{Z}\p{N}_.:=+\/\-@%]*)$ + required: + - Key + - Value + LifecycleConfiguration: + type: object + additionalProperties: false + properties: + Rules: + description: A list of lifecycle rules for individual objects in an Amazon S3Outposts bucket. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Rule' + required: + - Rules + Rule: + description: 'Specifies lifecycle rules for an Amazon S3Outposts bucket. You must specify at least one of the following: AbortIncompleteMultipartUpload, ExpirationDate, ExpirationInDays.' + type: object + additionalProperties: false + properties: + Status: + type: string + enum: + - Enabled + - Disabled + Id: + type: string + maxLength: 255 + description: Unique identifier for the lifecycle rule. The value can't be longer than 255 characters. + AbortIncompleteMultipartUpload: + description: Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3Outposts bucket. + $ref: '#/components/schemas/AbortIncompleteMultipartUpload' + ExpirationDate: + description: Indicates when objects are deleted from Amazon S3Outposts. The date value must be in ISO 8601 format. The time is always midnight UTC. + $ref: '#/components/schemas/iso8601UTC' + ExpirationInDays: + description: Indicates the number of days after creation when objects are deleted from Amazon S3Outposts. + type: integer + minimum: 1 + Filter: + description: The container for the filter of the lifecycle rule. + type: object + additionalProperties: false + properties: + Prefix: + description: Object key prefix that identifies one or more objects to which this rule applies. + $ref: '#/components/schemas/FilterPrefix' + Tag: + description: Specifies a tag used to identify a subset of objects for an Amazon S3Outposts bucket. + $ref: '#/components/schemas/FilterTag' + AndOperator: + description: The container for the AND condition for the lifecycle rule. A combination of Prefix and 1 or more Tags OR a minimum of 2 or more tags. + $ref: '#/components/schemas/FilterAndOperator' + oneOf: + - required: + - Prefix + - required: + - Tag + - required: + - AndOperator + anyOf: + - required: + - Status + - AbortIncompleteMultipartUpload + - required: + - Status + - ExpirationDate + - required: + - Status + - ExpirationInDays + iso8601UTC: + description: The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ) + type: string + pattern: ^([0-2]\d{3})-(0[0-9]|1[0-2])-([0-2]\d|3[01])T([01]\d|2[0-4]):([0-5]\d):([0-6]\d)((\.\d{3})?)Z$ + AbortIncompleteMultipartUpload: + description: Specifies the days since the initiation of an incomplete multipart upload that Amazon S3Outposts will wait before permanently removing all parts of the upload. + type: object + additionalProperties: false + properties: + DaysAfterInitiation: + description: Specifies the number of days after which Amazon S3Outposts aborts an incomplete multipart upload. + type: integer + minimum: 0 + required: + - DaysAfterInitiation + FilterPrefix: + description: Prefix identifies one or more objects to which the rule applies. + type: string + FilterTag: + description: Tag used to identify a subset of objects for an Amazon S3Outposts bucket. + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 1024 + pattern: ^([\p{L}\p{Z}\p{N}_.:=+\/\-@%]*)$ + Value: + type: string + minLength: 1 + maxLength: 1024 + pattern: ^([\p{L}\p{Z}\p{N}_.:=+\/\-@%]*)$ + required: + - Key + - Value + FilterAndOperator: + oneOf: + - type: object + additionalProperties: false + required: + - Tags + properties: + Prefix: + description: Prefix identifies one or more objects to which the rule applies. + $ref: '#/components/schemas/FilterPrefix' + Tags: + description: All of these tags must exist in the object's tag set in order for the rule to apply. + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 1 + items: + $ref: '#/components/schemas/FilterTag' + Bucket: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the specified bucket. + maxLength: 2048 + minLength: 20 + pattern: ^arn:[^:]+:s3-outposts:[a-zA-Z0-9\-]+:\d{12}:outpost\/[^:]+\/bucket\/[^:]+$ + type: string + BucketName: + description: A name for the bucket. + maxLength: 63 + minLength: 3 + pattern: (?=^.{3,63}$)(?!^(\d+\.)+\d+$)(^(([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])$) + type: string + OutpostId: + description: The id of the customer outpost on which the bucket resides. + pattern: ^(op-[a-f0-9]{17}|\d{12}|ec2)$ + type: string + Tags: + description: An arbitrary set of tags (key-value pairs) for this S3Outposts bucket. + items: + $ref: '#/components/schemas/Tag' + type: array + x-insertionOrder: false + uniqueItems: true + LifecycleConfiguration: + description: Rules that define how Amazon S3Outposts manages objects during their lifetime. + $ref: '#/components/schemas/LifecycleConfiguration' + required: + - BucketName + - OutpostId + x-stackql-resource-name: bucket + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - BucketName + - OutpostId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - s3-outposts:CreateBucket + - s3-outposts:PutBucketTagging + - s3-outposts:PutLifecycleConfiguration + read: + - s3-outposts:GetBucket + - s3-outposts:GetBucketTagging + - s3-outposts:GetLifecycleConfiguration + update: + - s3-outposts:PutBucketTagging + - s3-outposts:DeleteBucketTagging + - s3-outposts:PutLifecycleConfiguration + delete: + - s3-outposts:DeleteBucket + list: + - s3-outposts:ListRegionalBuckets + BucketPolicy: + type: object + properties: + Bucket: + description: The Amazon Resource Name (ARN) of the specified bucket. + maxLength: 2048 + minLength: 20 + pattern: ^arn:[^:]+:s3-outposts:[a-zA-Z0-9\-]+:\d{12}:outpost\/[^:]+\/bucket\/[^:]+$ + type: string + PolicyDocument: + description: A policy document containing permissions to add to the specified bucket. + type: object + required: + - Bucket + - PolicyDocument + x-stackql-resource-name: bucket_policy + x-stackql-primaryIdentifier: + - Bucket + x-create-only-properties: + - Bucket + x-required-permissions: + create: + - s3-outposts:PutBucketPolicy + - s3-outposts:GetBucketPolicy + read: + - s3-outposts:GetBucketPolicy + update: + - s3-outposts:PutBucketPolicy + - s3-outposts:GetBucketPolicy + delete: + - s3-outposts:DeleteBucketPolicy + - s3-outposts:GetBucketPolicy + NetworkInterface: + description: The container for the network interface. + type: object + additionalProperties: false + properties: + NetworkInterfaceId: + type: string + minLength: 1 + maxLength: 100 + required: + - NetworkInterfaceId + FailedReason: + type: object + additionalProperties: false + properties: + ErrorCode: + type: string + description: The failure code, if any, for a create or delete endpoint operation. + Message: + type: string + description: Additional error details describing the endpoint failure and recommended action. + Endpoint: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the endpoint. + minLength: 5 + maxLength: 500 + type: string + pattern: ^arn:[^:]+:s3-outposts:[a-zA-Z0-9\-]+:\d{12}:outpost\/[^:]+\/endpoint/[a-zA-Z0-9]{19}$ + CidrBlock: + description: The VPC CIDR committed by this endpoint. + minLength: 1 + maxLength: 20 + type: string + CreationTime: + description: The time the endpoint was created. + $ref: '#/components/schemas/iso8601UTC' + Id: + description: The ID of the endpoint. + minLength: 5 + maxLength: 500 + type: string + pattern: ^[a-zA-Z0-9]{19}$ + NetworkInterfaces: + description: The network interfaces of the endpoint. + type: array + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/NetworkInterface' + OutpostId: + description: The id of the customer outpost on which the bucket resides. + pattern: ^(op-[a-f0-9]{17}|\d{12}|ec2)$ + type: string + SecurityGroupId: + description: The ID of the security group to use with the endpoint. + minLength: 1 + maxLength: 100 + type: string + pattern: ^sg-([0-9a-f]{8}|[0-9a-f]{17})$ + Status: + type: string + enum: + - Available + - Pending + - Deleting + - Create_Failed + - Delete_Failed + SubnetId: + description: The ID of the subnet in the selected VPC. The subnet must belong to the Outpost. + minLength: 1 + maxLength: 100 + type: string + pattern: ^subnet-([0-9a-f]{8}|[0-9a-f]{17})$ + AccessType: + description: The type of access for the on-premise network connectivity for the Outpost endpoint. To access endpoint from an on-premises network, you must specify the access type and provide the customer owned Ipv4 pool. + type: string + enum: + - CustomerOwnedIp + - Private + default: Private + CustomerOwnedIpv4Pool: + description: The ID of the customer-owned IPv4 pool for the Endpoint. IP addresses will be allocated from this pool for the endpoint. + type: string + pattern: ^ipv4pool-coip-([0-9a-f]{17})$ + FailedReason: + description: The failure reason, if any, for a create or delete endpoint operation. + $ref: '#/components/schemas/FailedReason' + required: + - OutpostId + - SecurityGroupId + - SubnetId + x-stackql-resource-name: endpoint + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - OutpostId + - SecurityGroupId + - SubnetId + - AccessType + - CustomerOwnedIpv4Pool + x-read-only-properties: + - Arn + - CidrBlock + - CreationTime + - Id + - NetworkInterfaces + - Status + x-required-permissions: + create: + - s3-outposts:CreateEndpoint + read: + - s3-outposts:ListEndpoints + delete: + - s3-outposts:DeleteEndpoint + list: + - s3-outposts:ListEndpoints + x-stackQL-resources: + access_points: + name: access_points + id: awscc.s3outposts.access_points + x-cfn-schema-name: AccessPoint + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::AccessPoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::AccessPoint' + AND region = 'us-east-1' + access_point: + name: access_point + id: awscc.s3outposts.access_point + x-cfn-schema-name: AccessPoint + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Bucket') as bucket, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.VpcConfiguration') as vpc_configuration, + JSON_EXTRACT(Properties, '$.Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Bucket') as bucket, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'VpcConfiguration') as vpc_configuration, + json_extract_path_text(Properties, 'Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::AccessPoint' + AND data__Identifier = '' + AND region = 'us-east-1' + buckets: + name: buckets + id: awscc.s3outposts.buckets + x-cfn-schema-name: Bucket + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::Bucket' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::Bucket' + AND region = 'us-east-1' + bucket: + name: bucket + id: awscc.s3outposts.bucket + x-cfn-schema-name: Bucket + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name, + JSON_EXTRACT(Properties, '$.OutpostId') as outpost_id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LifecycleConfiguration') as lifecycle_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::Bucket' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'BucketName') as bucket_name, + json_extract_path_text(Properties, 'OutpostId') as outpost_id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LifecycleConfiguration') as lifecycle_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::Bucket' + AND data__Identifier = '' + AND region = 'us-east-1' + bucket_policies: + name: bucket_policies + id: awscc.s3outposts.bucket_policies + x-cfn-schema-name: BucketPolicy + x-type: list + x-identifiers: + - Bucket + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Bucket') as bucket + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::BucketPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Bucket') as bucket + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::BucketPolicy' + AND region = 'us-east-1' + bucket_policy: + name: bucket_policy + id: awscc.s3outposts.bucket_policy + x-cfn-schema-name: BucketPolicy + x-type: get + x-identifiers: + - Bucket + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Bucket') as bucket, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::BucketPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Bucket') as bucket, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::BucketPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + endpoints: + name: endpoints + id: awscc.s3outposts.endpoints + x-cfn-schema-name: Endpoint + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::Endpoint' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::S3Outposts::Endpoint' + AND region = 'us-east-1' + endpoint: + name: endpoint + id: awscc.s3outposts.endpoint + x-cfn-schema-name: Endpoint + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CidrBlock') as cidr_block, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.NetworkInterfaces') as network_interfaces, + JSON_EXTRACT(Properties, '$.OutpostId') as outpost_id, + JSON_EXTRACT(Properties, '$.SecurityGroupId') as security_group_id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.SubnetId') as subnet_id, + JSON_EXTRACT(Properties, '$.AccessType') as access_type, + JSON_EXTRACT(Properties, '$.CustomerOwnedIpv4Pool') as customer_owned_ipv4_pool, + JSON_EXTRACT(Properties, '$.FailedReason') as failed_reason + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::Endpoint' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CidrBlock') as cidr_block, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'NetworkInterfaces') as network_interfaces, + json_extract_path_text(Properties, 'OutpostId') as outpost_id, + json_extract_path_text(Properties, 'SecurityGroupId') as security_group_id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'SubnetId') as subnet_id, + json_extract_path_text(Properties, 'AccessType') as access_type, + json_extract_path_text(Properties, 'CustomerOwnedIpv4Pool') as customer_owned_ipv4_pool, + json_extract_path_text(Properties, 'FailedReason') as failed_reason + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::S3Outposts::Endpoint' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/sagemaker.yaml b/providers/src/awscc/v00.00.00000/services/sagemaker.yaml new file mode 100644 index 00000000..59f04c06 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/sagemaker.yaml @@ -0,0 +1,6563 @@ +openapi: 3.0.0 +info: + title: SageMaker + version: 1.0.0 +paths: {} +components: + schemas: + ResourceSpec: + type: object + additionalProperties: false + properties: + InstanceType: + type: string + description: The instance type that the image version runs on. + enum: + - system + - ml.t3.micro + - ml.t3.small + - ml.t3.medium + - ml.t3.large + - ml.t3.xlarge + - ml.t3.2xlarge + - ml.m5.large + - ml.m5.xlarge + - ml.m5.2xlarge + - ml.m5.4xlarge + - ml.m5.8xlarge + - ml.m5.12xlarge + - ml.m5.16xlarge + - ml.m5.24xlarge + - ml.c5.large + - ml.c5.xlarge + - ml.c5.2xlarge + - ml.c5.4xlarge + - ml.c5.9xlarge + - ml.c5.12xlarge + - ml.c5.18xlarge + - ml.c5.24xlarge + - ml.p3.2xlarge + - ml.p3.8xlarge + - ml.p3.16xlarge + - ml.g4dn.xlarge + - ml.g4dn.2xlarge + - ml.g4dn.4xlarge + - ml.g4dn.8xlarge + - ml.g4dn.12xlarge + - ml.g4dn.16xlarge + - ml.r5.large + - ml.r5.xlarge + - ml.r5.2xlarge + - ml.r5.4xlarge + - ml.r5.8xlarge + - ml.r5.12xlarge + - ml.r5.16xlarge + - ml.r5.24xlarge + - ml.p3dn.24xlarge + - ml.m5d.large + - ml.m5d.xlarge + - ml.m5d.2xlarge + - ml.m5d.4xlarge + - ml.m5d.8xlarge + - ml.m5d.12xlarge + - ml.m5d.16xlarge + - ml.m5d.24xlarge + - ml.g5.xlarge + - ml.g5.2xlarge + - ml.g5.4xlarge + - ml.g5.8xlarge + - ml.g5.12xlarge + - ml.g5.16xlarge + - ml.g5.24xlarge + - ml.g5.48xlarge + - ml.p4d.24xlarge + - ml.p4de.24xlarge + - ml.geospatial.interactive + - ml.trn1.2xlarge + - ml.trn1.32xlarge + - ml.trn1n.32xlarge + SageMakerImageArn: + type: string + description: The ARN of the SageMaker image that the image version belongs to. + maxLength: 256 + pattern: ^arn:aws(-[\w]+)*:sagemaker:.+:[0-9]{12}:image/[a-z0-9]([-.]?[a-z0-9])*$ + SageMakerImageVersionArn: + type: string + description: The ARN of the image version created on the instance. + maxLength: 256 + pattern: ^arn:aws(-[\w]+)*:sagemaker:.+:[0-9]{12}:image-version/[a-z0-9]([-.]?[a-z0-9])*/[0-9]+$ + Tag: + type: object + additionalProperties: false + properties: + Value: + type: string + minLength: 1 + maxLength: 128 + Key: + type: string + minLength: 1 + maxLength: 128 + required: + - Key + - Value + App: + type: object + properties: + AppArn: + type: string + description: The Amazon Resource Name (ARN) of the app. + minLength: 1 + maxLength: 256 + pattern: arn:aws[a-z\-]*:sagemaker:[a-z0-9\-]*:[0-9]{12}:app/.* + AppName: + type: string + description: The name of the app. + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62} + AppType: + type: string + description: The type of app. + enum: + - JupyterServer + - KernelGateway + - RStudioServerPro + - RSessionGateway + - Canvas + DomainId: + type: string + description: The domain ID. + minLength: 1 + maxLength: 63 + ResourceSpec: + $ref: '#/components/schemas/ResourceSpec' + description: The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. + Tags: + type: array + description: A list of tags to apply to the app. + uniqueItems: false + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + UserProfileName: + type: string + description: The user profile name. + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62} + required: + - AppName + - AppType + - DomainId + - UserProfileName + x-stackql-resource-name: app + x-stackql-primaryIdentifier: + - AppName + - AppType + - DomainId + - UserProfileName + x-create-only-properties: + - AppName + - AppType + - DomainId + - UserProfileName + - Tags + - ResourceSpec + x-read-only-properties: + - AppArn + x-required-permissions: + create: + - sagemaker:CreateApp + - sagemaker:DescribeApp + read: + - sagemaker:DescribeApp + - sagemaker:DescribeApp + delete: + - sagemaker:DeleteApp + - sagemaker:DescribeApp + list: + - sagemaker:ListApps + KernelGatewayImageConfig: + type: object + description: The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app. + additionalProperties: false + properties: + FileSystemConfig: + $ref: '#/components/schemas/FileSystemConfig' + description: The Amazon Elastic File System (EFS) storage configuration for a SageMaker image. + KernelSpecs: + type: array + description: The specification of the Jupyter kernels in the image. + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/KernelSpec' + required: + - KernelSpecs + JupyterLabAppImageConfig: + type: object + description: The configuration for the kernels in a SageMaker image running as a JupyterLab app. + additionalProperties: false + properties: + ContainerConfig: + $ref: '#/components/schemas/ContainerConfig' + description: The container configuration for a SageMaker image. + ContainerConfig: + type: object + description: The container configuration for a SageMaker image. + additionalProperties: false + properties: + ContainerArguments: + type: array + description: A list of arguments to apply to the container. + uniqueItems: false + items: + $ref: '#/components/schemas/CustomImageContainerArguments' + minItems: 0 + maxItems: 50 + ContainerEntrypoint: + type: array + description: The custom entry point to use on container. + uniqueItems: false + items: + $ref: '#/components/schemas/CustomImageContainerEntrypoint' + minItems: 0 + maxItems: 1 + ContainerEnvironmentVariables: + type: array + description: A list of variables to apply to the custom container. + uniqueItems: false + items: + $ref: '#/components/schemas/CustomImageContainerEnvironmentVariable' + minItems: 0 + maxItems: 25 + CustomImageContainerArguments: + type: string + description: The container image arguments + minLength: 1 + maxLength: 64 + pattern: ^(?!\s*$).+ + CustomImageContainerEntrypoint: + type: string + description: The container entry point + minLength: 1 + maxLength: 256 + pattern: ^(?!\s*$).+ + CustomImageContainerEnvironmentVariable: + type: object + additionalProperties: false + properties: + Value: + type: string + minLength: 1 + maxLength: 256 + pattern: ^(?!\s*$).+ + Key: + type: string + minLength: 1 + maxLength: 256 + pattern: ^(?!\s*$).+ + required: + - Key + - Value + FileSystemConfig: + type: object + description: The Amazon Elastic File System (EFS) storage configuration for a SageMaker image. + additionalProperties: false + properties: + DefaultGid: + type: integer + description: The default POSIX group ID (GID). If not specified, defaults to 100. + minimum: 0 + maximum: 65535 + DefaultUid: + type: integer + description: The default POSIX user ID (UID). If not specified, defaults to 1000. + minimum: 0 + maximum: 65535 + MountPath: + type: string + description: The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to /home/sagemaker-user. + minLength: 1 + maxLength: 1024 + pattern: ^/.* + KernelSpec: + type: object + additionalProperties: false + properties: + DisplayName: + type: string + description: The display name of the kernel. + minLength: 1 + maxLength: 1024 + Name: + type: string + description: The name of the kernel. + minLength: 1 + maxLength: 1024 + required: + - Name + AppImageConfig: + type: object + properties: + AppImageConfigArn: + type: string + description: The Amazon Resource Name (ARN) of the AppImageConfig. + minLength: 1 + maxLength: 256 + pattern: arn:aws[a-z\-]*:sagemaker:[a-z0-9\-]*:[0-9]{12}:app-image-config/.* + AppImageConfigName: + type: string + description: The Name of the AppImageConfig. + minLength: 1 + maxLength: 63 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62} + KernelGatewayImageConfig: + $ref: '#/components/schemas/KernelGatewayImageConfig' + description: The KernelGatewayImageConfig. + JupyterLabAppImageConfig: + $ref: '#/components/schemas/JupyterLabAppImageConfig' + description: The JupyterLabAppImageConfig. + Tags: + type: array + description: A list of tags to apply to the AppImageConfig. + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + required: + - AppImageConfigName + x-stackql-resource-name: app_image_config + x-stackql-primaryIdentifier: + - AppImageConfigName + x-create-only-properties: + - AppImageConfigName + - Tags + x-read-only-properties: + - AppImageConfigArn + x-required-permissions: + create: + - sagemaker:CreateAppImageConfig + - sagemaker:DescribeAppImageConfig + read: + - sagemaker:DescribeAppImageConfig + update: + - sagemaker:UpdateAppImageConfig + - sagemaker:DescribeAppImageConfig + delete: + - sagemaker:DeleteAppImageConfig + - sagemaker:DescribeAppImageConfig + list: + - sagemaker:ListAppImageConfigs + DataQualityBaselineConfig: + type: object + additionalProperties: false + description: Baseline configuration used to validate that the data conforms to the specified constraints and statistics. + properties: + BaseliningJobName: + $ref: '#/components/schemas/ProcessingJobName' + ConstraintsResource: + $ref: '#/components/schemas/ConstraintsResource' + StatisticsResource: + $ref: '#/components/schemas/StatisticsResource' + ConstraintsResource: + type: object + additionalProperties: false + description: The baseline constraints resource for a monitoring job. + properties: + S3Uri: + description: The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against. + $ref: '#/components/schemas/S3Uri' + StatisticsResource: + type: object + additionalProperties: false + description: The baseline statistics resource for a monitoring job. + properties: + S3Uri: + description: The Amazon S3 URI for the baseline statistics file in Amazon S3 that the current monitoring job should be validated against. + $ref: '#/components/schemas/S3Uri' + S3Uri: + type: string + description: The Amazon S3 URI. + pattern: ^(https|s3)://([^/]+)/?(.*)$ + maxLength: 1024 + DataQualityAppSpecification: + type: object + additionalProperties: false + description: Container image configuration object for the monitoring job. + properties: + ContainerArguments: + type: array + description: An array of arguments for the container used to run the monitoring job. + maxItems: 50 + items: + type: string + minLength: 1 + maxLength: 256 + ContainerEntrypoint: + type: array + description: Specifies the entrypoint for a container used to run the monitoring job. + maxItems: 100 + items: + type: string + minLength: 1 + maxLength: 256 + ImageUri: + type: string + description: The container image to be run by the monitoring job. + pattern: .* + maxLength: 255 + PostAnalyticsProcessorSourceUri: + description: An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers. + $ref: '#/components/schemas/S3Uri' + RecordPreprocessorSourceUri: + description: An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers + $ref: '#/components/schemas/S3Uri' + Environment: + type: object + additionalProperties: false + description: Sets the environment variables in the Docker container + x-patternProperties: + '[a-zA-Z_][a-zA-Z0-9_]*': + type: string + minLength: 1 + maxLength: 256 + '[\S\s]*': + type: string + maxLength: 256 + required: + - ImageUri + DataQualityJobInput: + type: object + additionalProperties: false + description: The inputs for a monitoring job. + properties: + EndpointInput: + $ref: '#/components/schemas/EndpointInput' + BatchTransformInput: + $ref: '#/components/schemas/BatchTransformInput' + EndpointInput: + type: object + additionalProperties: false + description: The endpoint for a monitoring job. + properties: + EndpointName: + $ref: '#/components/schemas/EndpointName' + LocalPath: + type: string + description: Path to the filesystem where the endpoint data is available to the container. + pattern: .* + maxLength: 256 + S3DataDistributionType: + type: string + description: Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated + enum: + - FullyReplicated + - ShardedByS3Key + S3InputMode: + type: string + description: Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. + enum: + - Pipe + - File + ExcludeFeaturesAttribute: + type: string + description: Indexes or names of the features to be excluded from analysis + maxLength: 100 + required: + - EndpointName + - LocalPath + BatchTransformInput: + type: object + additionalProperties: false + description: The batch transform input for a monitoring job. + properties: + DataCapturedDestinationS3Uri: + type: string + description: A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data. + pattern: ^(https|s3)://([^/]+)/?(.*)$ + maxLength: 512 + DatasetFormat: + $ref: '#/components/schemas/DatasetFormat' + LocalPath: + type: string + description: Path to the filesystem where the endpoint data is available to the container. + pattern: .* + maxLength: 256 + S3DataDistributionType: + type: string + description: Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated + enum: + - FullyReplicated + - ShardedByS3Key + S3InputMode: + type: string + description: Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. + enum: + - Pipe + - File + ExcludeFeaturesAttribute: + type: string + description: Indexes or names of the features to be excluded from analysis + maxLength: 100 + required: + - DataCapturedDestinationS3Uri + - DatasetFormat + - LocalPath + MonitoringOutputConfig: + type: object + additionalProperties: false + description: The output configuration for monitoring jobs. + properties: + KmsKeyId: + type: string + description: The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. + pattern: .* + maxLength: 2048 + MonitoringOutputs: + type: array + description: Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded. + minLength: 1 + maxLength: 1 + items: + $ref: '#/components/schemas/MonitoringOutput' + required: + - MonitoringOutputs + MonitoringOutput: + type: object + additionalProperties: false + description: The output object for a monitoring job. + properties: + S3Output: + $ref: '#/components/schemas/S3Output' + required: + - S3Output + S3Output: + type: object + additionalProperties: false + description: Information about where and how to store the results of a monitoring job. + properties: + LocalPath: + type: string + description: The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data. + pattern: .* + maxLength: 256 + S3UploadMode: + type: string + description: Whether to upload the results of the monitoring job continuously or after the job completes. + enum: + - Continuous + - EndOfJob + S3Uri: + type: string + description: A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. + pattern: ^(https|s3)://([^/]+)/?(.*)$ + maxLength: 512 + required: + - LocalPath + - S3Uri + MonitoringResources: + type: object + additionalProperties: false + description: Identifies the resources to deploy for a monitoring job. + properties: + ClusterConfig: + $ref: '#/components/schemas/ClusterConfig' + required: + - ClusterConfig + ClusterConfig: + type: object + additionalProperties: false + description: Configuration for the cluster used to run model monitoring jobs. + properties: + InstanceCount: + description: The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1. + type: integer + minimum: 1 + maximum: 100 + InstanceType: + description: The ML compute instance type for the processing job. + type: string + VolumeKmsKeyId: + description: The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job. + type: string + minimum: 1 + maximum: 2048 + VolumeSizeInGB: + description: The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario. + type: integer + minimum: 1 + maximum: 16384 + required: + - InstanceCount + - InstanceType + - VolumeSizeInGB + NetworkConfig: + type: object + additionalProperties: false + description: Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. + properties: + EnableInterContainerTrafficEncryption: + description: Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer. + type: boolean + EnableNetworkIsolation: + description: Whether to allow inbound and outbound network calls to and from the containers used for the processing job. + type: boolean + VpcConfig: + $ref: '#/components/schemas/VpcConfig' + VpcConfig: + type: object + additionalProperties: false + description: Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. + properties: + SecurityGroupIds: + description: The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field. + type: array + minItems: 1 + maxItems: 5 + items: + type: string + maxLength: 32 + pattern: '[-0-9a-zA-Z]+' + Subnets: + description: The ID of the subnets in the VPC to which you want to connect to your monitoring jobs. + type: array + minItems: 1 + maxItems: 16 + items: + type: string + maxLength: 32 + pattern: '[-0-9a-zA-Z]+' + required: + - SecurityGroupIds + - Subnets + StoppingCondition: + type: object + additionalProperties: false + description: Specifies a time limit for how long the monitoring job is allowed to run. + properties: + MaxRuntimeInSeconds: + description: The maximum runtime allowed in seconds. + type: integer + minimum: 1 + maximum: 86400 + required: + - MaxRuntimeInSeconds + EndpointName: + type: string + description: The name of the endpoint used to run the monitoring job. + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])* + maxLength: 63 + JobDefinitionName: + type: string + description: The name of the job definition. + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + maxLength: 63 + ProcessingJobName: + type: string + description: The name of a processing job + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + minLength: 1 + maxLength: 63 + DatasetFormat: + description: The dataset format of the data to monitor + type: object + properties: + Csv: + $ref: '#/components/schemas/Csv' + Json: + $ref: '#/components/schemas/Json' + Parquet: + $ref: '#/components/schemas/Parquet' + Csv: + description: The CSV format + type: object + properties: + Header: + description: A boolean flag indicating if given CSV has header + type: boolean + Json: + description: The Json format + type: object + properties: + Line: + description: A boolean flag indicating if it is JSON line format + type: boolean + Parquet: + description: A flag indicating if the dataset format is Parquet + type: boolean + DataQualityJobDefinition: + type: object + properties: + JobDefinitionArn: + description: The Amazon Resource Name (ARN) of job definition. + type: string + minLength: 1 + maxLength: 256 + JobDefinitionName: + $ref: '#/components/schemas/JobDefinitionName' + DataQualityBaselineConfig: + $ref: '#/components/schemas/DataQualityBaselineConfig' + DataQualityAppSpecification: + $ref: '#/components/schemas/DataQualityAppSpecification' + DataQualityJobInput: + $ref: '#/components/schemas/DataQualityJobInput' + DataQualityJobOutputConfig: + $ref: '#/components/schemas/MonitoringOutputConfig' + JobResources: + $ref: '#/components/schemas/MonitoringResources' + NetworkConfig: + $ref: '#/components/schemas/NetworkConfig' + EndpointName: + $ref: '#/components/schemas/EndpointName' + RoleArn: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf. + type: string + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + minLength: 20 + maxLength: 2048 + StoppingCondition: + $ref: '#/components/schemas/StoppingCondition' + Tags: + type: array + maxItems: 50 + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + CreationTime: + description: The time at which the job definition was created. + type: string + required: + - DataQualityAppSpecification + - DataQualityJobInput + - DataQualityJobOutputConfig + - JobResources + - RoleArn + x-stackql-resource-name: data_quality_job_definition + x-stackql-primaryIdentifier: + - JobDefinitionArn + x-create-only-properties: + - JobDefinitionName + - DataQualityAppSpecification + - DataQualityBaselineConfig + - DataQualityJobInput + - DataQualityJobOutputConfig + - JobResources + - NetworkConfig + - RoleArn + - StoppingCondition + - Tags + - EndpointName + x-read-only-properties: + - CreationTime + - JobDefinitionArn + x-required-permissions: + create: + - sagemaker:CreateDataQualityJobDefinition + - sagemaker:DescribeDataQualityJobDefinition + - sagemaker:AddTags + - iam:PassRole + delete: + - sagemaker:DeleteDataQualityJobDefinition + read: + - sagemaker:DescribeDataQualityJobDefinition + list: + - sagemaker:ListDataQualityJobDefinitions + - sagemaker:ListTags + Device: + type: object + properties: + DeviceFleetName: + description: The name of the edge device fleet + type: string + pattern: ^[a-zA-Z0-9](-*_*[a-zA-Z0-9])*$ + minLength: 1 + maxLength: 63 + Device: + description: The Edge Device you want to register against a device fleet + $ref: '#/components/schemas/Device' + Tags: + description: Associate tags with the resource + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - DeviceFleetName + x-stackql-resource-name: device + x-stackql-primaryIdentifier: + - Device/DeviceName + x-create-only-properties: + - Device/DeviceName + x-required-permissions: + create: + - sagemaker:RegisterDevices + read: + - sagemaker:DescribeDevice + update: + - sagemaker:UpdateDevices + delete: + - sagemaker:DeregisterDevices + EdgeOutputConfig: + type: object + properties: + S3OutputLocation: + description: The Amazon Simple Storage (S3) bucket URI + type: string + pattern: ^s3://([^/]+)/?(.*)$ + maxLength: 1024 + KmsKeyId: + description: The KMS key id used for encryption on the S3 bucket + type: string + pattern: '[a-zA-Z0-9:_-]+' + minLength: 1 + maxLength: 2048 + required: + - S3OutputLocation + additionalProperties: false + DeviceFleet: + type: object + properties: + Description: + description: Description for the edge device fleet + type: string + pattern: '[\S\s]+' + minLength: 0 + maxLength: 800 + DeviceFleetName: + description: The name of the edge device fleet + type: string + pattern: ^[a-zA-Z0-9](-*_*[a-zA-Z0-9])*$ + minLength: 1 + maxLength: 63 + OutputConfig: + description: S3 bucket and an ecryption key id (if available) to store outputs for the fleet + $ref: '#/components/schemas/EdgeOutputConfig' + RoleArn: + description: Role associated with the device fleet + type: string + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + minLength: 20 + maxLength: 2048 + Tags: + description: Associate tags with the resource + type: array + items: + $ref: '#/components/schemas/Tag' + required: + - DeviceFleetName + - OutputConfig + - RoleArn + x-stackql-resource-name: device_fleet + x-stackql-primaryIdentifier: + - DeviceFleetName + x-create-only-properties: + - DeviceFleetName + x-required-permissions: + create: + - sagemaker:CreateDeviceFleet + - iam:PassRole + read: + - sagemaker:DescribeDeviceFleet + update: + - sagemaker:UpdateDeviceFleet + - iam:PassRole + delete: + - sagemaker:DeleteDeviceFleet + UserSettings: + type: object + description: A collection of settings that apply to users of Amazon SageMaker Studio. These settings are specified when the CreateUserProfile API is called, and as DefaultUserSettings when the CreateDomain API is called. + additionalProperties: false + properties: + ExecutionRole: + type: string + description: The user profile Amazon Resource Name (ARN). + minLength: 20 + maxLength: 2048 + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + JupyterServerAppSettings: + $ref: '#/components/schemas/JupyterServerAppSettings' + description: The Jupyter server's app settings. + KernelGatewayAppSettings: + $ref: '#/components/schemas/KernelGatewayAppSettings' + description: The kernel gateway app settings. + RStudioServerProAppSettings: + $ref: '#/components/schemas/RStudioServerProAppSettings' + JupyterLabAppSettings: + $ref: '#/components/schemas/JupyterLabAppSettings' + SpaceStorageSettings: + $ref: '#/components/schemas/DefaultSpaceStorageSettings' + CodeEditorAppSettings: + $ref: '#/components/schemas/CodeEditorAppSettings' + DefaultLandingUri: + type: string + description: Defines which Amazon SageMaker application users are directed to by default. + maxLength: 1023 + StudioWebPortal: + type: string + description: Indicates whether the Studio experience is available to users. If not, users cannot access Studio. + enum: + - ENABLED + - DISABLED + CustomPosixUserConfig: + $ref: '#/components/schemas/CustomPosixUserConfig' + CustomFileSystemConfigs: + type: array + uniqueItems: true + minItems: 0 + maxItems: 2 + items: + $ref: '#/components/schemas/CustomFileSystemConfig' + SecurityGroups: + type: array + description: The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication. + uniqueItems: false + minItems: 0 + maxItems: 5 + items: + type: string + maxLength: 32 + pattern: '[-0-9a-zA-Z]+' + SharingSettings: + $ref: '#/components/schemas/SharingSettings' + description: The sharing settings. + DefaultSpaceSettings: + type: object + description: A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the Create/Update Domain API is called. + additionalProperties: false + properties: + ExecutionRole: + type: string + description: The execution role for the space. + minLength: 20 + maxLength: 2048 + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + JupyterServerAppSettings: + $ref: '#/components/schemas/JupyterServerAppSettings' + description: The Jupyter server's app settings. + KernelGatewayAppSettings: + $ref: '#/components/schemas/KernelGatewayAppSettings' + description: The kernel gateway app settings. + SecurityGroups: + type: array + description: The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication. + uniqueItems: false + x-insertionOrder: false + minItems: 0 + maxItems: 5 + items: + type: string + maxLength: 32 + pattern: '[-0-9a-zA-Z]+' + required: + - ExecutionRole + JupyterServerAppSettings: + type: object + description: The JupyterServer app settings. + additionalProperties: false + properties: + DefaultResourceSpec: + $ref: '#/components/schemas/ResourceSpec' + KernelGatewayAppSettings: + type: object + description: The kernel gateway app settings. + additionalProperties: false + properties: + CustomImages: + type: array + description: A list of custom SageMaker images that are configured to run as a KernelGateway app. + uniqueItems: false + minItems: 0 + maxItems: 30 + items: + $ref: '#/components/schemas/CustomImage' + DefaultResourceSpec: + $ref: '#/components/schemas/ResourceSpec' + description: The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app. + JupyterLabAppSettings: + type: object + description: The JupyterLab app settings. + additionalProperties: false + properties: + DefaultResourceSpec: + $ref: '#/components/schemas/ResourceSpec' + description: The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. + LifecycleConfigArns: + type: array + description: A list of LifecycleConfigArns available for use with JupyterLab apps. + uniqueItems: false + minItems: 0 + maxItems: 30 + items: + $ref: '#/components/schemas/StudioLifecycleConfigArn' + CodeRepositories: + type: array + description: A list of CodeRepositories available for use with JupyterLab apps. + uniqueItems: false + minItems: 0 + maxItems: 30 + items: + $ref: '#/components/schemas/CodeRepository' + CustomImages: + type: array + description: A list of custom images available for use for JupyterLab apps + uniqueItems: false + minItems: 0 + maxItems: 30 + items: + $ref: '#/components/schemas/CustomImage' + CodeRepository: + type: object + additionalProperties: false + properties: + RepositoryUrl: + type: string + description: A CodeRepository (valid URL) to be used within Jupyter's Git extension. + maxLength: 256 + pattern: ^https://([.\-_a-zA-Z0-9]+/?){3,1016}$ + required: + - RepositoryUrl + DefaultSpaceStorageSettings: + type: object + description: Default storage settings for a space. + additionalProperties: false + properties: + DefaultEbsStorageSettings: + $ref: '#/components/schemas/DefaultEbsStorageSettings' + DefaultEbsStorageSettings: + type: object + description: Properties related to the Amazon Elastic Block Store volume. + additionalProperties: false + properties: + DefaultEbsVolumeSizeInGb: + description: Default size of the Amazon EBS volume in Gb + $ref: '#/components/schemas/SpaceEbsVolumeSizeInGb' + MaximumEbsVolumeSizeInGb: + description: Maximum size of the Amazon EBS volume in Gb. Must be greater than or equal to the DefaultEbsVolumeSizeInGb. + $ref: '#/components/schemas/SpaceEbsVolumeSizeInGb' + required: + - DefaultEbsVolumeSizeInGb + - MaximumEbsVolumeSizeInGb + SpaceEbsVolumeSizeInGb: + type: integer + minimum: 5 + maximum: 16384 + CodeEditorAppSettings: + type: object + description: The CodeEditor app settings. + additionalProperties: false + properties: + DefaultResourceSpec: + $ref: '#/components/schemas/ResourceSpec' + description: The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app. + LifecycleConfigArns: + type: array + description: A list of LifecycleConfigArns available for use with CodeEditor apps. + uniqueItems: false + minItems: 0 + maxItems: 30 + items: + $ref: '#/components/schemas/StudioLifecycleConfigArn' + StudioLifecycleConfigArn: + type: string + description: The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource. + maxLength: 256 + pattern: arn:aws[a-z\-]*:sagemaker:[a-z0-9\-]*:[0-9]{12}:studio-lifecycle-config/.* + CustomPosixUserConfig: + type: object + additionalProperties: false + properties: + Uid: + type: integer + minimum: 10000 + maximum: 4000000 + Gid: + type: integer + minimum: 1001 + maximum: 4000000 + required: + - Uid + - Gid + CustomFileSystemConfig: + type: object + additionalProperties: false + properties: + EFSFileSystemConfig: + $ref: '#/components/schemas/EFSFileSystemConfig' + EFSFileSystemConfig: + type: object + additionalProperties: false + properties: + FileSystemPath: + type: string + pattern: ^\/\S*$ + minLength: 1 + maxLength: 256 + FileSystemId: + type: string + minLength: 11 + maxLength: 21 + pattern: ^(fs-[0-9a-f]{8,})$ + required: + - FileSystemId + CustomImage: + type: object + description: A custom SageMaker image. + additionalProperties: false + properties: + AppImageConfigName: + type: string + description: The Name of the AppImageConfig. + maxLength: 63 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62} + ImageName: + type: string + description: The name of the CustomImage. Must be unique to your account. + maxLength: 63 + pattern: ^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$ + ImageVersionNumber: + type: integer + description: The version number of the CustomImage. + minimum: 0 + required: + - AppImageConfigName + - ImageName + SharingSettings: + type: object + description: Specifies options when sharing an Amazon SageMaker Studio notebook. These settings are specified as part of DefaultUserSettings when the CreateDomain API is called, and as part of UserSettings when the CreateUserProfile API is called. + additionalProperties: false + properties: + NotebookOutputOption: + type: string + description: Whether to include the notebook cell output when sharing the notebook. The default is Disabled. + enum: + - Allowed + - Disabled + S3KmsKeyId: + type: string + description: When NotebookOutputOption is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket. + maxLength: 2048 + pattern: .* + S3OutputPath: + type: string + description: When NotebookOutputOption is Allowed, the Amazon S3 bucket used to store the shared notebook snapshots. + maxLength: 1024 + pattern: ^(https|s3)://([^/]+)/?(.*)$ + DomainSettings: + type: object + description: A collection of Domain settings. + additionalProperties: false + properties: + SecurityGroupIds: + type: array + description: The security groups for the Amazon Virtual Private Cloud that the Domain uses for communication between Domain-level apps and user apps. + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 3 + items: + type: string + maxLength: 32 + pattern: '[-0-9a-zA-Z]+' + RStudioServerProDomainSettings: + $ref: '#/components/schemas/RStudioServerProDomainSettings' + DockerSettings: + $ref: '#/components/schemas/DockerSettings' + DockerSettings: + type: object + description: A collection of settings that are required to start docker-proxy server. + additionalProperties: false + properties: + EnableDockerAccess: + type: string + description: The flag to enable/disable docker-proxy server + enum: + - ENABLED + - DISABLED + VpcOnlyTrustedAccounts: + type: array + description: A list of account id's that would be used to pull images from in VpcOnly mode + uniqueItems: false + x-insertionOrder: false + minItems: 0 + maxItems: 10 + items: + type: string + maxLength: 12 + pattern: ^[0-9]$ + RStudioServerProDomainSettings: + type: object + description: A collection of settings that update the current configuration for the RStudioServerPro Domain-level app. + additionalProperties: false + properties: + DomainExecutionRoleArn: + type: string + description: The ARN of the execution role for the RStudioServerPro Domain-level app. + minLength: 20 + maxLength: 2048 + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + RStudioConnectUrl: + type: string + description: A URL pointing to an RStudio Connect server. + pattern: ^(https:|http:|www\.)\S* + RStudioPackageManagerUrl: + type: string + description: A URL pointing to an RStudio Package Manager server. + pattern: ^(https:|http:|www\.)\S* + DefaultResourceSpec: + $ref: '#/components/schemas/ResourceSpec' + required: + - DomainExecutionRoleArn + RSessionAppSettings: + type: object + description: A collection of settings that apply to an RSessionGateway app. + additionalProperties: false + properties: + CustomImages: + type: array + description: A list of custom SageMaker images that are configured to run as a KernelGateway app. + x-insertionOrder: false + uniqueItems: false + minItems: 0 + maxItems: 30 + items: + $ref: '#/components/schemas/CustomImage' + DefaultResourceSpec: + $ref: '#/components/schemas/ResourceSpec' + RStudioServerProAppSettings: + type: object + description: A collection of settings that configure user interaction with the RStudioServerPro app. + additionalProperties: false + properties: + AccessStatus: + type: string + description: Indicates whether the current user has access to the RStudioServerPro app. + enum: + - ENABLED + - DISABLED + UserGroup: + type: string + description: The level of permissions that the user has within the RStudioServerPro app. This value defaults to User. The Admin value allows the user access to the RStudio Administrative Dashboard. + enum: + - R_STUDIO_ADMIN + - R_STUDIO_USER + Domain: + description: The machine learning domain of the model package you specified. + type: string + FeatureDefinition: + type: object + additionalProperties: false + properties: + FeatureName: + type: string + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,63} + FeatureType: + type: string + enum: + - Integral + - Fractional + - String + required: + - FeatureName + - FeatureType + KmsKeyId: + type: string + maxLength: 2048 + StorageType: + type: string + enum: + - Standard + - InMemory + TtlDuration: + type: object + description: TTL configuration of the feature group + additionalProperties: false + properties: + Unit: + $ref: '#/components/schemas/Unit' + Value: + $ref: '#/components/schemas/Value' + Unit: + type: string + description: Unit of ttl configuration + enum: + - Seconds + - Minutes + - Hours + - Days + - Weeks + Value: + type: integer + description: Value of ttl configuration + OnlineStoreSecurityConfig: + type: object + additionalProperties: false + properties: + KmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + S3StorageConfig: + type: object + additionalProperties: false + properties: + S3Uri: + type: string + maxLength: 1024 + pattern: ^(https|s3)://([^/]+)/?(.*)$ + KmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + required: + - S3Uri + DataCatalogConfig: + type: object + additionalProperties: false + properties: + TableName: + type: string + minLength: 1 + maxLength: 255 + pattern: "[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\t]*" + Catalog: + type: string + minLength: 1 + maxLength: 255 + pattern: "[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\t]*" + Database: + type: string + minLength: 1 + maxLength: 255 + pattern: "[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\t]*" + required: + - TableName + - Catalog + - Database + TableFormat: + type: string + description: Format for the offline store feature group. Iceberg is the optimal format for feature groups shared between offline and online stores. + enum: + - Iceberg + - Glue + ThroughputMode: + type: string + description: Throughput mode configuration of the feature group + enum: + - OnDemand + - Provisioned + ThroughputConfig: + type: object + additionalProperties: false + properties: + ThroughputMode: + $ref: '#/components/schemas/ThroughputMode' + ProvisionedReadCapacityUnits: + type: integer + description: For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling. + ProvisionedWriteCapacityUnits: + type: integer + description: For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling. + required: + - ThroughputMode + FeatureGroup: + type: object + properties: + FeatureGroupName: + type: string + description: The Name of the FeatureGroup. + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,63} + RecordIdentifierFeatureName: + type: string + description: The Record Identifier Feature Name. + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,63} + EventTimeFeatureName: + type: string + description: The Event Time Feature Name. + minLength: 1 + maxLength: 64 + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,63} + FeatureDefinitions: + type: array + description: An Array of Feature Definition + uniqueItems: false + x-insertionOrder: false + minItems: 1 + maxItems: 2500 + items: + $ref: '#/components/schemas/FeatureDefinition' + OnlineStoreConfig: + type: object + additionalProperties: false + properties: + SecurityConfig: + $ref: '#/components/schemas/OnlineStoreSecurityConfig' + EnableOnlineStore: + type: boolean + StorageType: + $ref: '#/components/schemas/StorageType' + TtlDuration: + $ref: '#/components/schemas/TtlDuration' + OfflineStoreConfig: + type: object + additionalProperties: false + properties: + S3StorageConfig: + $ref: '#/components/schemas/S3StorageConfig' + DisableGlueTableCreation: + type: boolean + DataCatalogConfig: + $ref: '#/components/schemas/DataCatalogConfig' + TableFormat: + $ref: '#/components/schemas/TableFormat' + required: + - S3StorageConfig + ThroughputConfig: + $ref: '#/components/schemas/ThroughputConfig' + RoleArn: + type: string + description: Role Arn + minLength: 20 + maxLength: 2048 + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + Description: + type: string + description: Description about the FeatureGroup. + maxLength: 128 + CreationTime: + description: A timestamp of FeatureGroup creation time. + type: string + FeatureGroupStatus: + description: The status of the feature group. + type: string + Tags: + type: array + description: An array of key-value pair to apply to this resource. + uniqueItems: false + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - FeatureGroupName + - RecordIdentifierFeatureName + - EventTimeFeatureName + - FeatureDefinitions + x-stackql-resource-name: feature_group + x-stackql-primaryIdentifier: + - FeatureGroupName + x-create-only-properties: + - FeatureGroupName + - RecordIdentifierFeatureName + - EventTimeFeatureName + - OnlineStoreConfig/SecurityConfig + - OnlineStoreConfig/EnableOnlineStore + - OnlineStoreConfig/StorageType + - OfflineStoreConfig + - RoleArn + - Description + - Tags + x-read-only-properties: + - CreationTime + - FeatureGroupStatus + x-required-permissions: + create: + - iam:PassRole + - kms:CreateGrant + - kms:DescribeKey + - glue:CreateTable + - glue:GetTable + - glue:CreateDatabase + - glue:GetDatabase + - sagemaker:CreateFeatureGroup + - sagemaker:DescribeFeatureGroup + - sagemaker:AddTags + - sagemaker:ListTags + update: + - sagemaker:UpdateFeatureGroup + - sagemaker:DescribeFeatureGroup + - sagemaker:AddTags + - sagemaker:ListTags + - sagemaker:DeleteTags + read: + - sagemaker:DescribeFeatureGroup + - sagemaker:ListTags + delete: + - sagemaker:DeleteFeatureGroup + - sagemaker:DescribeFeatureGroup + list: + - sagemaker:ListFeatureGroups + ImageName: + type: string + description: The name of the image this version belongs to. + pattern: ^[A-Za-z0-9]([-.]?[A-Za-z0-9])*$ + minLength: 1 + maxLength: 63 + ImageArn: + type: string + description: The Amazon Resource Name (ARN) of the parent image. + minLength: 1 + maxLength: 256 + pattern: ^arn:aws(-[\w]+)*:sagemaker:[a-z0-9\-]*:[0-9]{12}:image\/[a-zA-Z0-9]([-.]?[a-zA-Z0-9])*$ + ImageRoleArn: + description: The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on behalf of the customer. + type: string + minLength: 1 + maxLength: 256 + pattern: ^arn:aws(-[\w]+)*:iam::[0-9]{12}:role/.*$ + ImageDisplayName: + type: string + description: The display name of the image. + pattern: ^[A-Za-z0-9 -_]+$ + minLength: 1 + maxLength: 128 + ImageDescription: + type: string + description: A description of the image. + pattern: .+ + minLength: 1 + maxLength: 512 + Image: + type: object + properties: + ImageName: + $ref: '#/components/schemas/ImageName' + ImageArn: + $ref: '#/components/schemas/ImageArn' + ImageRoleArn: + $ref: '#/components/schemas/ImageRoleArn' + ImageDisplayName: + $ref: '#/components/schemas/ImageDisplayName' + ImageDescription: + $ref: '#/components/schemas/ImageDescription' + Tags: + type: array + maxItems: 50 + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - ImageName + - ImageRoleArn + x-stackql-resource-name: image + x-stackql-primaryIdentifier: + - ImageArn + x-create-only-properties: + - ImageName + x-read-only-properties: + - ImageArn + x-required-permissions: + create: + - sagemaker:CreateImage + - sagemaker:DescribeImage + - iam:PassRole + - sagemaker:AddTags + - sagemaker:ListTags + read: + - sagemaker:DescribeImage + - sagemaker:ListTags + update: + - sagemaker:UpdateImage + - sagemaker:DescribeImage + - sagemaker:ListTags + - sagemaker:AddTags + - sagemaker:DeleteTags + - iam:PassRole + delete: + - sagemaker:DeleteImage + - sagemaker:DescribeImage + list: + - sagemaker:ListImages + ImageVersionArn: + type: string + description: The Amazon Resource Name (ARN) of the image version. + minLength: 1 + maxLength: 256 + pattern: ^arn:aws(-[\w]+)*:sagemaker:[a-z0-9\-]*:[0-9]{12}:image-version\/[a-zA-Z0-9]([-.]?[a-zA-Z0-9])*\/[0-9]+$ + BaseImage: + type: string + description: The registry path of the container image on which this image version is based. + minLength: 1 + maxLength: 255 + pattern: .+ + ContainerImage: + description: The image to use for the container that will be materialized for the inference component + type: string + pattern: '[\S]+' + maxLength: 255 + Alias: + type: string + description: The alias of the image version. + minLength: 1 + maxLength: 128 + pattern: (?!^[.-])^([a-zA-Z0-9-_.]+)$ + Aliases: + type: array + description: List of aliases for the image version. + items: + $ref: '#/components/schemas/Alias' + Version: + type: integer + description: The version number of the image version. + minimum: 1 + VendorGuidance: + type: string + description: The availability of the image version specified by the maintainer. + enum: + - NOT_PROVIDED + - STABLE + - TO_BE_ARCHIVED + - ARCHIVED + JobType: + type: string + description: Indicates SageMaker job type compatibility. + enum: + - TRAINING + - INFERENCE + - NOTEBOOK_KERNEL + MLFramework: + type: string + description: The machine learning framework vended in the image version. + pattern: ^[a-zA-Z]+ ?\d+\.\d+(\.\d+)?$ + minLength: 1 + maxLength: 128 + ProgrammingLang: + type: string + description: The supported programming language and its version. + pattern: ^[a-zA-Z]+ ?\d+\.\d+(\.\d+)?$ + minLength: 1 + maxLength: 128 + Processor: + type: string + description: Indicates CPU or GPU compatibility. + enum: + - CPU + - GPU + Horovod: + type: boolean + description: Indicates Horovod compatibility. + ReleaseNotes: + type: string + description: The maintainer description of the image version. + pattern: .* + minLength: 1 + maxLength: 255 + ImageVersion: + type: object + properties: + ImageName: + $ref: '#/components/schemas/ImageName' + ImageArn: + $ref: '#/components/schemas/ImageArn' + ImageVersionArn: + $ref: '#/components/schemas/ImageVersionArn' + BaseImage: + $ref: '#/components/schemas/BaseImage' + ContainerImage: + $ref: '#/components/schemas/ContainerImage' + Version: + $ref: '#/components/schemas/Version' + Alias: + $ref: '#/components/schemas/Alias' + Aliases: + $ref: '#/components/schemas/Aliases' + VendorGuidance: + $ref: '#/components/schemas/VendorGuidance' + JobType: + $ref: '#/components/schemas/JobType' + MLFramework: + $ref: '#/components/schemas/MLFramework' + ProgrammingLang: + $ref: '#/components/schemas/ProgrammingLang' + Processor: + $ref: '#/components/schemas/Processor' + Horovod: + $ref: '#/components/schemas/Horovod' + ReleaseNotes: + $ref: '#/components/schemas/ReleaseNotes' + required: + - ImageName + - BaseImage + x-stackql-resource-name: image_version + x-stackql-primaryIdentifier: + - ImageVersionArn + x-create-only-properties: + - ImageName + - BaseImage + x-read-only-properties: + - ImageVersionArn + - ImageArn + - Version + - ContainerImage + x-required-permissions: + create: + - sagemaker:CreateImageVersion + - sagemaker:DescribeImageVersion + read: + - sagemaker:DescribeImageVersion + update: + - sagemaker:UpdateImageVersion + - sagemaker:DescribeImageVersion + - sagemaker:ListAliases + delete: + - sagemaker:DeleteImageVersion + - sagemaker:DescribeImageVersion + list: + - sagemaker:ListImageVersions + InferenceComponentArn: + description: The Amazon Resource Name (ARN) of the inference component + type: string + minLength: 1 + maxLength: 256 + InferenceComponentName: + description: The name of the inference component + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + maxLength: 63 + EndpointArn: + description: The Amazon Resource Name (ARN) of the endpoint the inference component is associated with + type: string + minLength: 1 + maxLength: 256 + VariantName: + description: The name of the endpoint variant the inference component is associated with + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + maxLength: 63 + FailureReason: + description: The failure reason if the inference component is in a failed state + type: string + maxLength: 63 + ModelName: + description: The name of the model to use with the inference component + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*$ + maxLength: 63 + Timestamp: + type: string + DeployedImage: + description: '' + type: object + additionalProperties: false + properties: + SpecifiedImage: + $ref: '#/components/schemas/ContainerImage' + ResolvedImage: + $ref: '#/components/schemas/ContainerImage' + ResolutionTime: + $ref: '#/components/schemas/Timestamp' + Url: + type: string + pattern: ^(https|s3)://([^/]+)/?(.*)$ + maxLength: 1024 + EnvironmentMap: + description: Environment variables to specify on the container + type: object + additionalProperties: false + maxProperties: 16 + x-patternProperties: + ^[a-zA-Z_][a-zA-Z0-9_]{1,1024}$: + type: string + pattern: ^[\S\s]*$ + maxLength: 1024 + InferenceComponentContainerSpecification: + description: '' + type: object + additionalProperties: false + properties: + DeployedImage: + $ref: '#/components/schemas/DeployedImage' + Image: + $ref: '#/components/schemas/ContainerImage' + ArtifactUrl: + $ref: '#/components/schemas/Url' + Environment: + $ref: '#/components/schemas/EnvironmentMap' + StartupParameterTimeoutInSeconds: + type: integer + minimum: 60 + maximum: 3600 + InferenceComponentStartupParameters: + description: '' + type: object + additionalProperties: false + properties: + ModelDataDownloadTimeoutInSeconds: + $ref: '#/components/schemas/StartupParameterTimeoutInSeconds' + ContainerStartupHealthCheckTimeoutInSeconds: + $ref: '#/components/schemas/StartupParameterTimeoutInSeconds' + NumberOfCpuCores: + type: number + minimum: 0.25 + NumberOfAcceleratorDevices: + type: number + minimum: 1 + MemoryInMb: + type: integer + minimum: 128 + InferenceComponentComputeResourceRequirements: + description: '' + type: object + additionalProperties: false + properties: + NumberOfCpuCoresRequired: + $ref: '#/components/schemas/NumberOfCpuCores' + NumberOfAcceleratorDevicesRequired: + $ref: '#/components/schemas/NumberOfAcceleratorDevices' + MinMemoryRequiredInMb: + $ref: '#/components/schemas/MemoryInMb' + MaxMemoryRequiredInMb: + $ref: '#/components/schemas/MemoryInMb' + InferenceComponentSpecification: + description: The specification for the inference component + type: object + additionalProperties: false + properties: + ModelName: + $ref: '#/components/schemas/ModelName' + Container: + $ref: '#/components/schemas/InferenceComponentContainerSpecification' + StartupParameters: + $ref: '#/components/schemas/InferenceComponentStartupParameters' + ComputeResourceRequirements: + $ref: '#/components/schemas/InferenceComponentComputeResourceRequirements' + required: + - ComputeResourceRequirements + InferenceComponentCopyCount: + description: The number of copies for the inference component + type: integer + minimum: 0 + InferenceComponentRuntimeConfig: + description: The runtime config for the inference component + type: object + additionalProperties: false + properties: + CopyCount: + $ref: '#/components/schemas/InferenceComponentCopyCount' + DesiredCopyCount: + $ref: '#/components/schemas/InferenceComponentCopyCount' + CurrentCopyCount: + $ref: '#/components/schemas/InferenceComponentCopyCount' + InferenceComponentStatus: + type: string + enum: + - InService + - Creating + - Updating + - Failed + - Deleting + TagList: + type: array + maxItems: 50 + description: An array of tags to apply to the resource + items: + $ref: '#/components/schemas/Tag' + InferenceComponent: + type: object + properties: + InferenceComponentArn: + $ref: '#/components/schemas/InferenceComponentArn' + InferenceComponentName: + $ref: '#/components/schemas/InferenceComponentName' + EndpointArn: + $ref: '#/components/schemas/EndpointArn' + EndpointName: + $ref: '#/components/schemas/EndpointName' + VariantName: + $ref: '#/components/schemas/VariantName' + FailureReason: + $ref: '#/components/schemas/FailureReason' + Specification: + $ref: '#/components/schemas/InferenceComponentSpecification' + RuntimeConfig: + $ref: '#/components/schemas/InferenceComponentRuntimeConfig' + InferenceComponentStatus: + $ref: '#/components/schemas/InferenceComponentStatus' + CreationTime: + $ref: '#/components/schemas/Timestamp' + LastModifiedTime: + $ref: '#/components/schemas/Timestamp' + Tags: + $ref: '#/components/schemas/TagList' + required: + - EndpointName + - VariantName + - Specification + - RuntimeConfig + x-stackql-resource-name: inference_component + x-stackql-primaryIdentifier: + - InferenceComponentArn + x-read-only-properties: + - InferenceComponentArn + - Specification/Container/DeployedImage + - RuntimeConfig/DesiredCopyCount + - RuntimeConfig/CurrentCopyCount + - CreationTime + - LastModifiedTime + - FailureReason + - InferenceComponentStatus + x-required-permissions: + create: + - sagemaker:AddTags + - sagemaker:ListTags + - sagemaker:CreateInferenceComponent + - sagemaker:DescribeInferenceComponent + update: + - sagemaker:UpdateInferenceComponent + - sagemaker:UpdateInferenceComponentRuntimeConfig + - sagemaker:DescribeInferenceComponent + - sagemaker:AddTags + - sagemaker:ListTags + - sagemaker:DeleteTags + delete: + - sagemaker:DescribeInferenceComponent + - sagemaker:DeleteInferenceComponent + - sagemaker:DeleteTags + read: + - sagemaker:DescribeInferenceComponent + - sagemaker:ListTags + list: + - sagemaker:ListInferenceComponents + - sagemaker:DescribeInferenceComponent + - sagemaker:ListTags + EndpointMetadata: + description: The metadata of the endpoint on which the inference experiment ran. + type: object + additionalProperties: false + properties: + EndpointName: + $ref: '#/components/schemas/EndpointName' + EndpointConfigName: + description: The name of the endpoint configuration. + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])* + maxLength: 63 + EndpointStatus: + description: The status of the endpoint. For possible values of the status of an endpoint. + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])* + enum: + - Creating + - Updating + - SystemUpdating + - RollingBack + - InService + - OutOfService + - Deleting + - Failed + required: + - EndpointName + CaptureContentTypeHeader: + description: Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data. + type: object + additionalProperties: false + properties: + CsvContentTypes: + description: The list of all content type headers that SageMaker will treat as CSV and capture accordingly. + type: array + minItems: 1 + maxItems: 10 + items: + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*/[a-zA-Z0-9](-*[a-zA-Z0-9.])* + minLength: 1 + maxLength: 256 + JsonContentTypes: + description: The list of all content type headers that SageMaker will treat as JSON and capture accordingly. + type: array + minItems: 1 + maxItems: 10 + items: + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])*/[a-zA-Z0-9](-*[a-zA-Z0-9.])* + minLength: 1 + maxLength: 256 + DataStorageConfig: + description: The Amazon S3 location and configuration for storing inference request and response data. + type: object + additionalProperties: false + properties: + Destination: + description: The Amazon S3 bucket where the inference request and response data is stored. + type: string + pattern: ^(https|s3)://([^/])/?(.*)$ + maxLength: 512 + KmsKey: + description: The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption. + type: string + pattern: .* + maxLength: 2048 + ContentType: + $ref: '#/components/schemas/CaptureContentTypeHeader' + required: + - Destination + InferenceExperimentSchedule: + description: The duration for which you want the inference experiment to run. + type: object + additionalProperties: false + properties: + StartTime: + description: The timestamp at which the inference experiment started or will start. + type: string + EndTime: + description: The timestamp at which the inference experiment ended or will end. + type: string + RealTimeInferenceConfig: + description: The infrastructure configuration for deploying the model to a real-time inference endpoint. + type: object + additionalProperties: false + properties: + InstanceType: + description: The instance type the model is deployed to. + type: string + InstanceCount: + description: The number of instances of the type specified by InstanceType. + type: integer + required: + - InstanceType + - InstanceCount + ModelInfrastructureConfig: + description: The configuration for the infrastructure that the model will be deployed to. + type: object + additionalProperties: false + properties: + InfrastructureType: + description: The type of the inference experiment that you want to run. + type: string + enum: + - RealTimeInference + RealTimeInferenceConfig: + $ref: '#/components/schemas/RealTimeInferenceConfig' + required: + - InfrastructureType + - RealTimeInferenceConfig + ModelVariantConfig: + description: Contains information about the deployment options of a model. + type: object + additionalProperties: false + properties: + ModelName: + description: The name of the Amazon SageMaker Model entity. + type: string + pattern: ^[a-zA-Z0-9](-*[a-zA-Z0-9])* + maxLength: 63 + VariantName: + description: The name of the variant. + type: string + pattern: ^[a-zA-Z0-9]([\-a-zA-Z0-9]*[a-zA-Z0-9])? + maxLength: 63 + InfrastructureConfig: + $ref: '#/components/schemas/ModelInfrastructureConfig' + required: + - ModelName + - VariantName + - InfrastructureConfig + ShadowModelVariantConfig: + description: The name and sampling percentage of a shadow variant. + type: object + additionalProperties: false + properties: + ShadowModelVariantName: + description: The name of the shadow variant. + type: string + pattern: ^[a-zA-Z0-9]([\-a-zA-Z0-9]*[a-zA-Z0-9])? + maxLength: 63 + SamplingPercentage: + description: The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant. + type: integer + maximum: 100 + required: + - ShadowModelVariantName + - SamplingPercentage + ShadowModeConfig: + description: The configuration of ShadowMode inference experiment type. Use this field to specify a production variant which takes all the inference requests, and a shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant also specify the percentage of requests that Amazon SageMaker replicates. + type: object + additionalProperties: false + properties: + SourceModelVariantName: + description: The name of the production variant, which takes all the inference requests. + type: string + pattern: ^[a-zA-Z0-9]([\-a-zA-Z0-9]*[a-zA-Z0-9])? + maxLength: 63 + ShadowModelVariants: + description: List of shadow variant configurations. + type: array + minItems: 1 + maxItems: 1 + items: + $ref: '#/components/schemas/ShadowModelVariantConfig' + required: + - SourceModelVariantName + - ShadowModelVariants + InferenceExperiment: + type: object + properties: + Arn: + description: The Amazon Resource Name (ARN) of the inference experiment. + type: string + pattern: ^arn:aws[a-z\-]*:sagemaker:[a-z0-9\-]*:[0-9]{12}:inference-experiment/[a-zA-Z_0-9+=,.@\-_/]+$ + minLength: 20 + maxLength: 256 + Name: + description: The name for the inference experiment. + type: string + minLength: 1 + maxLength: 120 + Type: + description: The type of the inference experiment that you want to run. + type: string + enum: + - ShadowMode + Description: + description: The description of the inference experiment. + type: string + pattern: .* + minLength: 1 + maxLength: 1024 + RoleArn: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment. + type: string + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + minLength: 20 + maxLength: 2048 + EndpointName: + $ref: '#/components/schemas/EndpointName' + EndpointMetadata: + $ref: '#/components/schemas/EndpointMetadata' + Schedule: + $ref: '#/components/schemas/InferenceExperimentSchedule' + KmsKey: + type: string + description: The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint. + pattern: .* + maxLength: 2048 + DataStorageConfig: + $ref: '#/components/schemas/DataStorageConfig' + ModelVariants: + type: array + description: An array of ModelVariantConfig objects. Each ModelVariantConfig object in the array describes the infrastructure configuration for the corresponding variant. + maxItems: 2 + items: + $ref: '#/components/schemas/ModelVariantConfig' + ShadowModeConfig: + $ref: '#/components/schemas/ShadowModeConfig' + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + CreationTime: + description: The timestamp at which you created the inference experiment. + type: string + LastModifiedTime: + description: The timestamp at which you last modified the inference experiment. + type: string + Status: + description: The status of the inference experiment. + type: string + enum: + - Creating + - Created + - Updating + - Starting + - Stopping + - Running + - Completed + - Cancelled + StatusReason: + description: The error message or client-specified reason from the StopInferenceExperiment API, that explains the status of the inference experiment. + type: string + pattern: .* + minLength: 1 + maxLength: 1024 + DesiredState: + description: The desired state of the experiment after starting or stopping operation. + type: string + enum: + - Running + - Completed + - Cancelled + required: + - Name + - Type + - RoleArn + - EndpointName + - ModelVariants + x-stackql-resource-name: inference_experiment + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - Type + - RoleArn + - EndpointName + - KmsKey + x-read-only-properties: + - Arn + - CreationTime + - LastModifiedTime + - EndpointMetadata + - Status + x-required-permissions: + create: + - sagemaker:CreateInferenceExperiment + - sagemaker:DescribeInferenceExperiment + - sagemaker:AddTags + - sagemaker:ListTags + - iam:PassRole + delete: + - sagemaker:DeleteInferenceExperiment + - sagemaker:DescribeInferenceExperiment + - sagemaker:StopInferenceExperiment + - sagemaker:ListTags + list: + - sagemaker:ListInferenceExperiments + read: + - sagemaker:DescribeInferenceExperiment + - sagemaker:ListTags + update: + - sagemaker:UpdateInferenceExperiment + - sagemaker:StartInferenceExperiment + - sagemaker:StopInferenceExperiment + - sagemaker:DescribeInferenceExperiment + - sagemaker:AddTags + - sagemaker:DeleteTags + - sagemaker:ListTags + ModelBiasBaselineConfig: + type: object + additionalProperties: false + description: Baseline configuration used to validate that the data conforms to the specified constraints and statistics. + properties: + BaseliningJobName: + $ref: '#/components/schemas/ProcessingJobName' + ConstraintsResource: + $ref: '#/components/schemas/ConstraintsResource' + ModelBiasAppSpecification: + type: object + additionalProperties: false + description: Container image configuration object for the monitoring job. + properties: + ImageUri: + type: string + description: The container image to be run by the monitoring job. + pattern: .* + maxLength: 255 + ConfigUri: + description: The S3 URI to an analysis configuration file + $ref: '#/components/schemas/S3Uri' + Environment: + type: object + additionalProperties: false + description: Sets the environment variables in the Docker container + x-patternProperties: + '[a-zA-Z_][a-zA-Z0-9_]*': + type: string + minLength: 1 + maxLength: 256 + '[\S\s]*': + type: string + maxLength: 256 + required: + - ImageUri + - ConfigUri + ModelBiasJobInput: + type: object + additionalProperties: false + description: The inputs for a monitoring job. + properties: + EndpointInput: + $ref: '#/components/schemas/EndpointInput' + BatchTransformInput: + $ref: '#/components/schemas/BatchTransformInput' + GroundTruthS3Input: + $ref: '#/components/schemas/MonitoringGroundTruthS3Input' + required: + - GroundTruthS3Input + MonitoringTimeOffsetString: + type: string + description: The time offsets in ISO duration format + pattern: ^.?P.* + minLength: 1 + maxLength: 15 + MonitoringGroundTruthS3Input: + type: object + additionalProperties: false + description: 'Ground truth input provided in S3 ' + properties: + S3Uri: + type: string + description: A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. + pattern: ^(https|s3)://([^/]+)/?(.*)$ + maxLength: 512 + required: + - S3Uri + ModelBiasJobDefinition: + type: object + properties: + JobDefinitionArn: + description: The Amazon Resource Name (ARN) of job definition. + type: string + minLength: 1 + maxLength: 256 + JobDefinitionName: + $ref: '#/components/schemas/JobDefinitionName' + ModelBiasBaselineConfig: + $ref: '#/components/schemas/ModelBiasBaselineConfig' + ModelBiasAppSpecification: + $ref: '#/components/schemas/ModelBiasAppSpecification' + ModelBiasJobInput: + $ref: '#/components/schemas/ModelBiasJobInput' + ModelBiasJobOutputConfig: + $ref: '#/components/schemas/MonitoringOutputConfig' + JobResources: + $ref: '#/components/schemas/MonitoringResources' + NetworkConfig: + $ref: '#/components/schemas/NetworkConfig' + EndpointName: + $ref: '#/components/schemas/EndpointName' + RoleArn: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf. + type: string + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + minLength: 20 + maxLength: 2048 + StoppingCondition: + $ref: '#/components/schemas/StoppingCondition' + Tags: + type: array + maxItems: 50 + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + CreationTime: + description: The time at which the job definition was created. + type: string + required: + - ModelBiasAppSpecification + - ModelBiasJobInput + - ModelBiasJobOutputConfig + - JobResources + - RoleArn + x-stackql-resource-name: model_bias_job_definition + x-stackql-primaryIdentifier: + - JobDefinitionArn + x-create-only-properties: + - JobDefinitionName + - ModelBiasAppSpecification + - ModelBiasBaselineConfig + - ModelBiasJobInput + - ModelBiasJobOutputConfig + - JobResources + - NetworkConfig + - RoleArn + - StoppingCondition + - Tags + - EndpointName + x-read-only-properties: + - CreationTime + - JobDefinitionArn + x-required-permissions: + create: + - sagemaker:CreateModelBiasJobDefinition + - sagemaker:DescribeModelBiasJobDefinition + - iam:PassRole + - sagemaker:AddTags + delete: + - sagemaker:DeleteModelBiasJobDefinition + read: + - sagemaker:DescribeModelBiasJobDefinition + list: + - sagemaker:ListModelBiasJobDefinitions + - sagemaker:ListTags + SecurityConfig: + type: object + description: |+ + An optional Key Management Service key to encrypt, decrypt, and re-encrypt model card content for regulated workloads with highly sensitive data. + + additionalProperties: false + properties: + KmsKeyId: + type: string + description: A Key Management Service key ID to use for encrypting a model card. + maxLength: 2048 + pattern: .* + UserContext: + description: Information about the user who created or modified an experiment, trial, trial component, lineage group, project, or model card. + type: object + additionalProperties: false + properties: + UserProfileArn: + description: The Amazon Resource Name (ARN) of the user's profile. + type: string + default: UnsetValue + UserProfileName: + description: The name of the user's profile. + type: string + default: UnsetValue + DomainId: + description: The domain associated with the user. + type: string + default: UnsetValue + Content: + type: object + description: The content of the model card. + additionalProperties: false + properties: + ModelOverview: + $ref: '#/components/schemas/ModelOverview' + ModelPackageDetails: + $ref: '#/components/schemas/ModelPackageDetails' + IntendedUses: + $ref: '#/components/schemas/IntendedUses' + BusinessDetails: + $ref: '#/components/schemas/BusinessDetails' + TrainingDetails: + $ref: '#/components/schemas/TrainingDetails' + EvaluationDetails: + $ref: '#/components/schemas/EvaluationDetails' + AdditionalInformation: + $ref: '#/components/schemas/AdditionalInformation' + ModelOverview: + type: object + description: Overview about the model. + additionalProperties: false + properties: + ModelDescription: + description: description of model. + type: string + maxLength: 1024 + ModelOwner: + description: Owner of model. + type: string + maxLength: 1024 + ModelCreator: + description: Creator of model. + type: string + maxLength: 1024 + ProblemType: + description: Problem being solved with the model. + type: string + maxLength: 1024 + AlgorithmType: + description: Algorithm used to solve the problem. + type: string + maxLength: 1024 + ModelId: + description: SageMaker Model Arn or Non SageMaker Model id. + type: string + maxLength: 1024 + ModelArtifact: + description: Location of the model artifact. + type: array + x-insertionOrder: true + maxItems: 15 + items: + type: string + maxLength: 1024 + ModelName: + description: Name of the model. + type: string + maxLength: 1024 + ModelVersion: + description: Version of the model. + type: number + minimum: 1 + InferenceEnvironment: + description: Overview about the inference. + type: object + additionalProperties: false + properties: + ContainerImage: + description: SageMaker inference image uri. + type: array + x-insertionOrder: true + maxItems: 15 + items: + type: string + maxLength: 1024 + ModelPackageDetails: + description: Metadata information related to model package version + type: object + additionalProperties: false + properties: + ModelPackageDescription: + description: A brief summary of the model package + type: string + maxLength: 1024 + ModelPackageArn: + description: The Amazon Resource Name (ARN) of the model package + type: string + minLength: 1 + maxLength: 2048 + CreatedBy: + description: Information about the user who created model package. + $ref: '#/components/schemas/ModelPackageCreator' + ModelPackageStatus: + description: Current status of model package + type: string + enum: + - Pending + - InProgress + - Completed + - Failed + - Deleting + ModelApprovalStatus: + description: Current approval status of model package + type: string + enum: + - Approved + - Rejected + - PendingManualApproval + ApprovalDescription: + description: A description provided for the model approval + type: string + maxLength: 1024 + ModelPackageGroupName: + description: If the model is a versioned model, the name of the model group that the versioned model belongs to. + type: string + minLength: 1 + maxLength: 63 + ModelPackageName: + description: Name of the model package + type: string + minLength: 1 + maxLength: 63 + ModelPackageVersion: + description: Version of the model package + type: number + minimum: 1 + Domain: + description: The machine learning domain of the model package you specified. Common machine learning domains include computer vision and natural language processing. + type: string + Task: + description: The machine learning task you specified that your model package accomplishes. Common machine learning tasks include object detection and image classification. + type: string + SourceAlgorithms: + description: A list of algorithms that were used to create a model package. + $ref: '#/components/schemas/SourceAlgorithms' + InferenceSpecification: + description: Details about inference jobs that can be run with models based on this model package. + $ref: '#/components/schemas/InferenceSpecification' + IntendedUses: + description: Intended usage of model. + type: object + additionalProperties: false + properties: + PurposeOfModel: + description: Why the model was developed? + type: string + maxLength: 2048 + IntendedUses: + description: intended use cases. + type: string + maxLength: 2048 + FactorsAffectingModelEfficiency: + type: string + maxLength: 2048 + RiskRating: + $ref: '#/components/schemas/RiskRating' + ExplanationsForRiskRating: + type: string + maxLength: 2048 + BusinessDetails: + description: Business details. + type: object + additionalProperties: false + properties: + BusinessProblem: + type: string + description: What business problem does the model solve? + maxLength: 2048 + BusinessStakeholders: + type: string + description: Business stakeholders. + maxLength: 2048 + LineOfBusiness: + type: string + description: Line of business. + maxLength: 2048 + TrainingDetails: + description: Overview about the training. + type: object + additionalProperties: false + properties: + ObjectiveFunction: + $ref: '#/components/schemas/ObjectiveFunction' + TrainingObservations: + type: string + maxLength: 1024 + TrainingJobDetails: + type: object + additionalProperties: false + properties: + TrainingArn: + description: SageMaker Training job arn. + type: string + maxLength: 1024 + TrainingDatasets: + description: Location of the model datasets. + type: array + x-insertionOrder: true + maxItems: 15 + items: + type: string + maxLength: 1024 + TrainingEnvironment: + type: object + additionalProperties: false + properties: + ContainerImage: + description: SageMaker training image uri. + type: array + x-insertionOrder: true + maxItems: 15 + items: + type: string + maxLength: 1024 + TrainingMetrics: + type: array + x-insertionOrder: true + items: + maxItems: 50 + $ref: '#/components/schemas/TrainingMetric' + UserProvidedTrainingMetrics: + type: array + x-insertionOrder: true + items: + maxItems: 50 + $ref: '#/components/schemas/TrainingMetric' + HyperParameters: + type: array + x-insertionOrder: true + items: + maxItems: 100 + $ref: '#/components/schemas/TrainingHyperParameter' + UserProvidedHyperParameters: + type: array + x-insertionOrder: true + items: + maxItems: 100 + $ref: '#/components/schemas/TrainingHyperParameter' + EvaluationDetails: + type: array + default: [] + x-insertionOrder: true + items: + $ref: '#/components/schemas/EvaluationDetail' + EvaluationDetail: + description: item of evaluation details + type: object + required: + - Name + additionalProperties: false + properties: + Name: + type: string + pattern: .{1,63} + EvaluationObservation: + type: string + maxLength: 2096 + EvaluationJobArn: + type: string + maxLength: 256 + Datasets: + type: array + x-insertionOrder: true + items: + type: string + maxLength: 1024 + maxItems: 10 + Metadata: + description: additional attributes associated with the evaluation results. + type: object + additionalProperties: false + x-patternProperties: + '[a-zA-Z_][a-zA-Z0-9_]*': + type: string + maxLength: 1024 + MetricGroups: + type: array + x-insertionOrder: true + default: [] + items: + $ref: '#/components/schemas/MetricGroup' + MetricGroup: + type: object + description: item in metric groups + additionalProperties: false + required: + - Name + - MetricData + properties: + Name: + type: string + pattern: .{1,63} + MetricData: + type: array + x-insertionOrder: true + items: + anyOf: + - $ref: '#/components/schemas/SimpleMetric' + - $ref: '#/components/schemas/LinearGraphMetric' + - $ref: '#/components/schemas/BarChartMetric' + - $ref: '#/components/schemas/MatrixMetric' + AdditionalInformation: + type: object + additionalProperties: false + properties: + EthicalConsiderations: + description: Any ethical considerations that the author wants to provide. + type: string + maxLength: 2048 + CaveatsAndRecommendations: + description: Caveats and recommendations for people who might use this model in their applications. + type: string + maxLength: 2048 + CustomDetails: + type: object + description: customer details. + additionalProperties: false + x-patternProperties: + '[a-zA-Z_][a-zA-Z0-9_]*': + type: string + maxLength: 1024 + ModelPackageCreator: + type: object + additionalProperties: false + properties: + UserProfileName: + description: The name of the user's profile in Studio + type: string + maxLength: 63 + SourceAlgorithms: + type: array + minItems: 1 + maxItems: 1 + x-insertionOrder: true + items: + $ref: '#/components/schemas/SourceAlgorithm' + SourceAlgorithm: + description: Specifies an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your Amazon SageMaker account or an algorithm in AWS Marketplace that you are subscribed to. + type: object + additionalProperties: false + properties: + AlgorithmName: + description: The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your Amazon SageMaker account or an algorithm in AWS Marketplace that you are subscribed to. + type: string + minLength: 1 + maxLength: 170 + pattern: (arn:aws[a-z\-]*:sagemaker:[a-z0-9\-]*:[0-9]{12}:[a-z\-]*\/)?([a-zA-Z0-9]([a-zA-Z0-9-]){0,62})(?' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppArn') as app_arn, + json_extract_path_text(Properties, 'AppName') as app_name, + json_extract_path_text(Properties, 'AppType') as app_type, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'ResourceSpec') as resource_spec, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UserProfileName') as user_profile_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::App' + AND data__Identifier = '' + AND region = 'us-east-1' + app_image_configs: + name: app_image_configs + id: awscc.sagemaker.app_image_configs + x-cfn-schema-name: AppImageConfig + x-type: list + x-identifiers: + - AppImageConfigName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppImageConfigName') as app_image_config_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::AppImageConfig' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppImageConfigName') as app_image_config_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::AppImageConfig' + AND region = 'us-east-1' + app_image_config: + name: app_image_config + id: awscc.sagemaker.app_image_config + x-cfn-schema-name: AppImageConfig + x-type: get + x-identifiers: + - AppImageConfigName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AppImageConfigArn') as app_image_config_arn, + JSON_EXTRACT(Properties, '$.AppImageConfigName') as app_image_config_name, + JSON_EXTRACT(Properties, '$.KernelGatewayImageConfig') as kernel_gateway_image_config, + JSON_EXTRACT(Properties, '$.JupyterLabAppImageConfig') as jupyter_lab_app_image_config, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::AppImageConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AppImageConfigArn') as app_image_config_arn, + json_extract_path_text(Properties, 'AppImageConfigName') as app_image_config_name, + json_extract_path_text(Properties, 'KernelGatewayImageConfig') as kernel_gateway_image_config, + json_extract_path_text(Properties, 'JupyterLabAppImageConfig') as jupyter_lab_app_image_config, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::AppImageConfig' + AND data__Identifier = '' + AND region = 'us-east-1' + data_quality_job_definitions: + name: data_quality_job_definitions + id: awscc.sagemaker.data_quality_job_definitions + x-cfn-schema-name: DataQualityJobDefinition + x-type: list + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::DataQualityJobDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::DataQualityJobDefinition' + AND region = 'us-east-1' + data_quality_job_definition: + name: data_quality_job_definition + id: awscc.sagemaker.data_quality_job_definition + x-cfn-schema-name: DataQualityJobDefinition + x-type: get + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn, + JSON_EXTRACT(Properties, '$.JobDefinitionName') as job_definition_name, + JSON_EXTRACT(Properties, '$.DataQualityBaselineConfig') as data_quality_baseline_config, + JSON_EXTRACT(Properties, '$.DataQualityAppSpecification') as data_quality_app_specification, + JSON_EXTRACT(Properties, '$.DataQualityJobInput') as data_quality_job_input, + JSON_EXTRACT(Properties, '$.DataQualityJobOutputConfig') as data_quality_job_output_config, + JSON_EXTRACT(Properties, '$.JobResources') as job_resources, + JSON_EXTRACT(Properties, '$.NetworkConfig') as network_config, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.StoppingCondition') as stopping_condition, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::DataQualityJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn, + json_extract_path_text(Properties, 'JobDefinitionName') as job_definition_name, + json_extract_path_text(Properties, 'DataQualityBaselineConfig') as data_quality_baseline_config, + json_extract_path_text(Properties, 'DataQualityAppSpecification') as data_quality_app_specification, + json_extract_path_text(Properties, 'DataQualityJobInput') as data_quality_job_input, + json_extract_path_text(Properties, 'DataQualityJobOutputConfig') as data_quality_job_output_config, + json_extract_path_text(Properties, 'JobResources') as job_resources, + json_extract_path_text(Properties, 'NetworkConfig') as network_config, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'StoppingCondition') as stopping_condition, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::DataQualityJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + devices: + name: devices + id: awscc.sagemaker.devices + x-cfn-schema-name: Device + x-type: list + x-identifiers: + - Device/DeviceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Device.DeviceName') as device__device_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Device' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Device', 'DeviceName') as device__device_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Device' + AND region = 'us-east-1' + device: + name: device + id: awscc.sagemaker.device + x-cfn-schema-name: Device + x-type: get + x-identifiers: + - Device/DeviceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeviceFleetName') as device_fleet_name, + JSON_EXTRACT(Properties, '$.Device') as device, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Device' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeviceFleetName') as device_fleet_name, + json_extract_path_text(Properties, 'Device') as device, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Device' + AND data__Identifier = '' + AND region = 'us-east-1' + device_fleets: + name: device_fleets + id: awscc.sagemaker.device_fleets + x-cfn-schema-name: DeviceFleet + x-type: list + x-identifiers: + - DeviceFleetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DeviceFleetName') as device_fleet_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::DeviceFleet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DeviceFleetName') as device_fleet_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::DeviceFleet' + AND region = 'us-east-1' + device_fleet: + name: device_fleet + id: awscc.sagemaker.device_fleet + x-cfn-schema-name: DeviceFleet + x-type: get + x-identifiers: + - DeviceFleetName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DeviceFleetName') as device_fleet_name, + JSON_EXTRACT(Properties, '$.OutputConfig') as output_config, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::DeviceFleet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DeviceFleetName') as device_fleet_name, + json_extract_path_text(Properties, 'OutputConfig') as output_config, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::DeviceFleet' + AND data__Identifier = '' + AND region = 'us-east-1' + feature_groups: + name: feature_groups + id: awscc.sagemaker.feature_groups + x-cfn-schema-name: FeatureGroup + x-type: list + x-identifiers: + - FeatureGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FeatureGroupName') as feature_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::FeatureGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FeatureGroupName') as feature_group_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::FeatureGroup' + AND region = 'us-east-1' + feature_group: + name: feature_group + id: awscc.sagemaker.feature_group + x-cfn-schema-name: FeatureGroup + x-type: get + x-identifiers: + - FeatureGroupName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FeatureGroupName') as feature_group_name, + JSON_EXTRACT(Properties, '$.RecordIdentifierFeatureName') as record_identifier_feature_name, + JSON_EXTRACT(Properties, '$.EventTimeFeatureName') as event_time_feature_name, + JSON_EXTRACT(Properties, '$.FeatureDefinitions') as feature_definitions, + JSON_EXTRACT(Properties, '$.OnlineStoreConfig') as online_store_config, + JSON_EXTRACT(Properties, '$.OfflineStoreConfig') as offline_store_config, + JSON_EXTRACT(Properties, '$.ThroughputConfig') as throughput_config, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.FeatureGroupStatus') as feature_group_status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::FeatureGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FeatureGroupName') as feature_group_name, + json_extract_path_text(Properties, 'RecordIdentifierFeatureName') as record_identifier_feature_name, + json_extract_path_text(Properties, 'EventTimeFeatureName') as event_time_feature_name, + json_extract_path_text(Properties, 'FeatureDefinitions') as feature_definitions, + json_extract_path_text(Properties, 'OnlineStoreConfig') as online_store_config, + json_extract_path_text(Properties, 'OfflineStoreConfig') as offline_store_config, + json_extract_path_text(Properties, 'ThroughputConfig') as throughput_config, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'FeatureGroupStatus') as feature_group_status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::FeatureGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + images: + name: images + id: awscc.sagemaker.images + x-cfn-schema-name: Image + x-type: list + x-identifiers: + - ImageArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ImageArn') as image_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Image' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ImageArn') as image_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Image' + AND region = 'us-east-1' + image: + name: image + id: awscc.sagemaker.image + x-cfn-schema-name: Image + x-type: get + x-identifiers: + - ImageArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ImageName') as image_name, + JSON_EXTRACT(Properties, '$.ImageArn') as image_arn, + JSON_EXTRACT(Properties, '$.ImageRoleArn') as image_role_arn, + JSON_EXTRACT(Properties, '$.ImageDisplayName') as image_display_name, + JSON_EXTRACT(Properties, '$.ImageDescription') as image_description, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Image' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ImageName') as image_name, + json_extract_path_text(Properties, 'ImageArn') as image_arn, + json_extract_path_text(Properties, 'ImageRoleArn') as image_role_arn, + json_extract_path_text(Properties, 'ImageDisplayName') as image_display_name, + json_extract_path_text(Properties, 'ImageDescription') as image_description, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Image' + AND data__Identifier = '' + AND region = 'us-east-1' + image_versions: + name: image_versions + id: awscc.sagemaker.image_versions + x-cfn-schema-name: ImageVersion + x-type: list + x-identifiers: + - ImageVersionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ImageVersionArn') as image_version_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ImageVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ImageVersionArn') as image_version_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ImageVersion' + AND region = 'us-east-1' + image_version: + name: image_version + id: awscc.sagemaker.image_version + x-cfn-schema-name: ImageVersion + x-type: get + x-identifiers: + - ImageVersionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ImageName') as image_name, + JSON_EXTRACT(Properties, '$.ImageArn') as image_arn, + JSON_EXTRACT(Properties, '$.ImageVersionArn') as image_version_arn, + JSON_EXTRACT(Properties, '$.BaseImage') as base_image, + JSON_EXTRACT(Properties, '$.ContainerImage') as container_image, + JSON_EXTRACT(Properties, '$.Version') as version, + JSON_EXTRACT(Properties, '$.Alias') as alias, + JSON_EXTRACT(Properties, '$.Aliases') as aliases, + JSON_EXTRACT(Properties, '$.VendorGuidance') as vendor_guidance, + JSON_EXTRACT(Properties, '$.JobType') as job_type, + JSON_EXTRACT(Properties, '$.MLFramework') as m_lframework, + JSON_EXTRACT(Properties, '$.ProgrammingLang') as programming_lang, + JSON_EXTRACT(Properties, '$.Processor') as processor, + JSON_EXTRACT(Properties, '$.Horovod') as horovod, + JSON_EXTRACT(Properties, '$.ReleaseNotes') as release_notes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ImageVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ImageName') as image_name, + json_extract_path_text(Properties, 'ImageArn') as image_arn, + json_extract_path_text(Properties, 'ImageVersionArn') as image_version_arn, + json_extract_path_text(Properties, 'BaseImage') as base_image, + json_extract_path_text(Properties, 'ContainerImage') as container_image, + json_extract_path_text(Properties, 'Version') as version, + json_extract_path_text(Properties, 'Alias') as alias, + json_extract_path_text(Properties, 'Aliases') as aliases, + json_extract_path_text(Properties, 'VendorGuidance') as vendor_guidance, + json_extract_path_text(Properties, 'JobType') as job_type, + json_extract_path_text(Properties, 'MLFramework') as m_lframework, + json_extract_path_text(Properties, 'ProgrammingLang') as programming_lang, + json_extract_path_text(Properties, 'Processor') as processor, + json_extract_path_text(Properties, 'Horovod') as horovod, + json_extract_path_text(Properties, 'ReleaseNotes') as release_notes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ImageVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + inference_components: + name: inference_components + id: awscc.sagemaker.inference_components + x-cfn-schema-name: InferenceComponent + x-type: list + x-identifiers: + - InferenceComponentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InferenceComponentArn') as inference_component_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::InferenceComponent' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InferenceComponentArn') as inference_component_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::InferenceComponent' + AND region = 'us-east-1' + inference_component: + name: inference_component + id: awscc.sagemaker.inference_component + x-cfn-schema-name: InferenceComponent + x-type: get + x-identifiers: + - InferenceComponentArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InferenceComponentArn') as inference_component_arn, + JSON_EXTRACT(Properties, '$.InferenceComponentName') as inference_component_name, + JSON_EXTRACT(Properties, '$.EndpointArn') as endpoint_arn, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.VariantName') as variant_name, + JSON_EXTRACT(Properties, '$.FailureReason') as failure_reason, + JSON_EXTRACT(Properties, '$.Specification') as specification, + JSON_EXTRACT(Properties, '$.RuntimeConfig') as runtime_config, + JSON_EXTRACT(Properties, '$.InferenceComponentStatus') as inference_component_status, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::InferenceComponent' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InferenceComponentArn') as inference_component_arn, + json_extract_path_text(Properties, 'InferenceComponentName') as inference_component_name, + json_extract_path_text(Properties, 'EndpointArn') as endpoint_arn, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'VariantName') as variant_name, + json_extract_path_text(Properties, 'FailureReason') as failure_reason, + json_extract_path_text(Properties, 'Specification') as specification, + json_extract_path_text(Properties, 'RuntimeConfig') as runtime_config, + json_extract_path_text(Properties, 'InferenceComponentStatus') as inference_component_status, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::InferenceComponent' + AND data__Identifier = '' + AND region = 'us-east-1' + inference_experiments: + name: inference_experiments + id: awscc.sagemaker.inference_experiments + x-cfn-schema-name: InferenceExperiment + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::InferenceExperiment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::InferenceExperiment' + AND region = 'us-east-1' + inference_experiment: + name: inference_experiment + id: awscc.sagemaker.inference_experiment + x-cfn-schema-name: InferenceExperiment + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.EndpointMetadata') as endpoint_metadata, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.KmsKey') as kms_key, + JSON_EXTRACT(Properties, '$.DataStorageConfig') as data_storage_config, + JSON_EXTRACT(Properties, '$.ModelVariants') as model_variants, + JSON_EXTRACT(Properties, '$.ShadowModeConfig') as shadow_mode_config, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.StatusReason') as status_reason, + JSON_EXTRACT(Properties, '$.DesiredState') as desired_state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::InferenceExperiment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'EndpointMetadata') as endpoint_metadata, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'KmsKey') as kms_key, + json_extract_path_text(Properties, 'DataStorageConfig') as data_storage_config, + json_extract_path_text(Properties, 'ModelVariants') as model_variants, + json_extract_path_text(Properties, 'ShadowModeConfig') as shadow_mode_config, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'StatusReason') as status_reason, + json_extract_path_text(Properties, 'DesiredState') as desired_state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::InferenceExperiment' + AND data__Identifier = '' + AND region = 'us-east-1' + model_bias_job_definitions: + name: model_bias_job_definitions + id: awscc.sagemaker.model_bias_job_definitions + x-cfn-schema-name: ModelBiasJobDefinition + x-type: list + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelBiasJobDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelBiasJobDefinition' + AND region = 'us-east-1' + model_bias_job_definition: + name: model_bias_job_definition + id: awscc.sagemaker.model_bias_job_definition + x-cfn-schema-name: ModelBiasJobDefinition + x-type: get + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn, + JSON_EXTRACT(Properties, '$.JobDefinitionName') as job_definition_name, + JSON_EXTRACT(Properties, '$.ModelBiasBaselineConfig') as model_bias_baseline_config, + JSON_EXTRACT(Properties, '$.ModelBiasAppSpecification') as model_bias_app_specification, + JSON_EXTRACT(Properties, '$.ModelBiasJobInput') as model_bias_job_input, + JSON_EXTRACT(Properties, '$.ModelBiasJobOutputConfig') as model_bias_job_output_config, + JSON_EXTRACT(Properties, '$.JobResources') as job_resources, + JSON_EXTRACT(Properties, '$.NetworkConfig') as network_config, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.StoppingCondition') as stopping_condition, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelBiasJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn, + json_extract_path_text(Properties, 'JobDefinitionName') as job_definition_name, + json_extract_path_text(Properties, 'ModelBiasBaselineConfig') as model_bias_baseline_config, + json_extract_path_text(Properties, 'ModelBiasAppSpecification') as model_bias_app_specification, + json_extract_path_text(Properties, 'ModelBiasJobInput') as model_bias_job_input, + json_extract_path_text(Properties, 'ModelBiasJobOutputConfig') as model_bias_job_output_config, + json_extract_path_text(Properties, 'JobResources') as job_resources, + json_extract_path_text(Properties, 'NetworkConfig') as network_config, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'StoppingCondition') as stopping_condition, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelBiasJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + model_cards: + name: model_cards + id: awscc.sagemaker.model_cards + x-cfn-schema-name: ModelCard + x-type: list + x-identifiers: + - ModelCardName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ModelCardName') as model_card_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelCard' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ModelCardName') as model_card_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelCard' + AND region = 'us-east-1' + model_card: + name: model_card + id: awscc.sagemaker.model_card + x-cfn-schema-name: ModelCard + x-type: get + x-identifiers: + - ModelCardName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ModelCardArn') as model_card_arn, + JSON_EXTRACT(Properties, '$.ModelCardVersion') as model_card_version, + JSON_EXTRACT(Properties, '$.ModelCardName') as model_card_name, + JSON_EXTRACT(Properties, '$.SecurityConfig') as security_config, + JSON_EXTRACT(Properties, '$.ModelCardStatus') as model_card_status, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.CreatedBy') as created_by, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.LastModifiedBy') as last_modified_by, + JSON_EXTRACT(Properties, '$.ModelCardProcessingStatus') as model_card_processing_status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelCard' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ModelCardArn') as model_card_arn, + json_extract_path_text(Properties, 'ModelCardVersion') as model_card_version, + json_extract_path_text(Properties, 'ModelCardName') as model_card_name, + json_extract_path_text(Properties, 'SecurityConfig') as security_config, + json_extract_path_text(Properties, 'ModelCardStatus') as model_card_status, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'CreatedBy') as created_by, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'LastModifiedBy') as last_modified_by, + json_extract_path_text(Properties, 'ModelCardProcessingStatus') as model_card_processing_status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelCard' + AND data__Identifier = '' + AND region = 'us-east-1' + model_explainability_job_definitions: + name: model_explainability_job_definitions + id: awscc.sagemaker.model_explainability_job_definitions + x-cfn-schema-name: ModelExplainabilityJobDefinition + x-type: list + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelExplainabilityJobDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelExplainabilityJobDefinition' + AND region = 'us-east-1' + model_explainability_job_definition: + name: model_explainability_job_definition + id: awscc.sagemaker.model_explainability_job_definition + x-cfn-schema-name: ModelExplainabilityJobDefinition + x-type: get + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn, + JSON_EXTRACT(Properties, '$.JobDefinitionName') as job_definition_name, + JSON_EXTRACT(Properties, '$.ModelExplainabilityBaselineConfig') as model_explainability_baseline_config, + JSON_EXTRACT(Properties, '$.ModelExplainabilityAppSpecification') as model_explainability_app_specification, + JSON_EXTRACT(Properties, '$.ModelExplainabilityJobInput') as model_explainability_job_input, + JSON_EXTRACT(Properties, '$.ModelExplainabilityJobOutputConfig') as model_explainability_job_output_config, + JSON_EXTRACT(Properties, '$.JobResources') as job_resources, + JSON_EXTRACT(Properties, '$.NetworkConfig') as network_config, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.StoppingCondition') as stopping_condition, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelExplainabilityJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn, + json_extract_path_text(Properties, 'JobDefinitionName') as job_definition_name, + json_extract_path_text(Properties, 'ModelExplainabilityBaselineConfig') as model_explainability_baseline_config, + json_extract_path_text(Properties, 'ModelExplainabilityAppSpecification') as model_explainability_app_specification, + json_extract_path_text(Properties, 'ModelExplainabilityJobInput') as model_explainability_job_input, + json_extract_path_text(Properties, 'ModelExplainabilityJobOutputConfig') as model_explainability_job_output_config, + json_extract_path_text(Properties, 'JobResources') as job_resources, + json_extract_path_text(Properties, 'NetworkConfig') as network_config, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'StoppingCondition') as stopping_condition, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelExplainabilityJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + model_packages: + name: model_packages + id: awscc.sagemaker.model_packages + x-cfn-schema-name: ModelPackage + x-type: list + x-identifiers: + - ModelPackageArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ModelPackageArn') as model_package_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelPackage' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ModelPackageArn') as model_package_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelPackage' + AND region = 'us-east-1' + model_package: + name: model_package + id: awscc.sagemaker.model_package + x-cfn-schema-name: ModelPackage + x-type: get + x-identifiers: + - ModelPackageArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AdditionalInferenceSpecifications') as additional_inference_specifications, + JSON_EXTRACT(Properties, '$.CertifyForMarketplace') as certify_for_marketplace, + JSON_EXTRACT(Properties, '$.ClientToken') as client_token, + JSON_EXTRACT(Properties, '$.CustomerMetadataProperties') as customer_metadata_properties, + JSON_EXTRACT(Properties, '$.Domain') as domain, + JSON_EXTRACT(Properties, '$.DriftCheckBaselines') as drift_check_baselines, + JSON_EXTRACT(Properties, '$.InferenceSpecification') as inference_specification, + JSON_EXTRACT(Properties, '$.MetadataProperties') as metadata_properties, + JSON_EXTRACT(Properties, '$.ModelApprovalStatus') as model_approval_status, + JSON_EXTRACT(Properties, '$.ModelMetrics') as model_metrics, + JSON_EXTRACT(Properties, '$.ModelPackageDescription') as model_package_description, + JSON_EXTRACT(Properties, '$.ModelPackageGroupName') as model_package_group_name, + JSON_EXTRACT(Properties, '$.ModelPackageName') as model_package_name, + JSON_EXTRACT(Properties, '$.SamplePayloadUrl') as sample_payload_url, + JSON_EXTRACT(Properties, '$.SkipModelValidation') as skip_model_validation, + JSON_EXTRACT(Properties, '$.SourceAlgorithmSpecification') as source_algorithm_specification, + JSON_EXTRACT(Properties, '$.Task') as task, + JSON_EXTRACT(Properties, '$.ValidationSpecification') as validation_specification, + JSON_EXTRACT(Properties, '$.ModelPackageArn') as model_package_arn, + JSON_EXTRACT(Properties, '$.ApprovalDescription') as approval_description, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.ModelPackageStatus') as model_package_status, + JSON_EXTRACT(Properties, '$.ModelPackageVersion') as model_package_version, + JSON_EXTRACT(Properties, '$.AdditionalInferenceSpecificationsToAdd') as additional_inference_specifications_to_add, + JSON_EXTRACT(Properties, '$.ModelPackageStatusDetails') as model_package_status_details + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelPackage' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AdditionalInferenceSpecifications') as additional_inference_specifications, + json_extract_path_text(Properties, 'CertifyForMarketplace') as certify_for_marketplace, + json_extract_path_text(Properties, 'ClientToken') as client_token, + json_extract_path_text(Properties, 'CustomerMetadataProperties') as customer_metadata_properties, + json_extract_path_text(Properties, 'Domain') as domain, + json_extract_path_text(Properties, 'DriftCheckBaselines') as drift_check_baselines, + json_extract_path_text(Properties, 'InferenceSpecification') as inference_specification, + json_extract_path_text(Properties, 'MetadataProperties') as metadata_properties, + json_extract_path_text(Properties, 'ModelApprovalStatus') as model_approval_status, + json_extract_path_text(Properties, 'ModelMetrics') as model_metrics, + json_extract_path_text(Properties, 'ModelPackageDescription') as model_package_description, + json_extract_path_text(Properties, 'ModelPackageGroupName') as model_package_group_name, + json_extract_path_text(Properties, 'ModelPackageName') as model_package_name, + json_extract_path_text(Properties, 'SamplePayloadUrl') as sample_payload_url, + json_extract_path_text(Properties, 'SkipModelValidation') as skip_model_validation, + json_extract_path_text(Properties, 'SourceAlgorithmSpecification') as source_algorithm_specification, + json_extract_path_text(Properties, 'Task') as task, + json_extract_path_text(Properties, 'ValidationSpecification') as validation_specification, + json_extract_path_text(Properties, 'ModelPackageArn') as model_package_arn, + json_extract_path_text(Properties, 'ApprovalDescription') as approval_description, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'ModelPackageStatus') as model_package_status, + json_extract_path_text(Properties, 'ModelPackageVersion') as model_package_version, + json_extract_path_text(Properties, 'AdditionalInferenceSpecificationsToAdd') as additional_inference_specifications_to_add, + json_extract_path_text(Properties, 'ModelPackageStatusDetails') as model_package_status_details + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelPackage' + AND data__Identifier = '' + AND region = 'us-east-1' + model_package_groups: + name: model_package_groups + id: awscc.sagemaker.model_package_groups + x-cfn-schema-name: ModelPackageGroup + x-type: list + x-identifiers: + - ModelPackageGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ModelPackageGroupArn') as model_package_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelPackageGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ModelPackageGroupArn') as model_package_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelPackageGroup' + AND region = 'us-east-1' + model_package_group: + name: model_package_group + id: awscc.sagemaker.model_package_group + x-cfn-schema-name: ModelPackageGroup + x-type: get + x-identifiers: + - ModelPackageGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ModelPackageGroupArn') as model_package_group_arn, + JSON_EXTRACT(Properties, '$.ModelPackageGroupName') as model_package_group_name, + JSON_EXTRACT(Properties, '$.ModelPackageGroupDescription') as model_package_group_description, + JSON_EXTRACT(Properties, '$.ModelPackageGroupPolicy') as model_package_group_policy, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.ModelPackageGroupStatus') as model_package_group_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelPackageGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ModelPackageGroupArn') as model_package_group_arn, + json_extract_path_text(Properties, 'ModelPackageGroupName') as model_package_group_name, + json_extract_path_text(Properties, 'ModelPackageGroupDescription') as model_package_group_description, + json_extract_path_text(Properties, 'ModelPackageGroupPolicy') as model_package_group_policy, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'ModelPackageGroupStatus') as model_package_group_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelPackageGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + model_quality_job_definitions: + name: model_quality_job_definitions + id: awscc.sagemaker.model_quality_job_definitions + x-cfn-schema-name: ModelQualityJobDefinition + x-type: list + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelQualityJobDefinition' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::ModelQualityJobDefinition' + AND region = 'us-east-1' + model_quality_job_definition: + name: model_quality_job_definition + id: awscc.sagemaker.model_quality_job_definition + x-cfn-schema-name: ModelQualityJobDefinition + x-type: get + x-identifiers: + - JobDefinitionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.JobDefinitionArn') as job_definition_arn, + JSON_EXTRACT(Properties, '$.JobDefinitionName') as job_definition_name, + JSON_EXTRACT(Properties, '$.ModelQualityBaselineConfig') as model_quality_baseline_config, + JSON_EXTRACT(Properties, '$.ModelQualityAppSpecification') as model_quality_app_specification, + JSON_EXTRACT(Properties, '$.ModelQualityJobInput') as model_quality_job_input, + JSON_EXTRACT(Properties, '$.ModelQualityJobOutputConfig') as model_quality_job_output_config, + JSON_EXTRACT(Properties, '$.JobResources') as job_resources, + JSON_EXTRACT(Properties, '$.NetworkConfig') as network_config, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.StoppingCondition') as stopping_condition, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelQualityJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'JobDefinitionArn') as job_definition_arn, + json_extract_path_text(Properties, 'JobDefinitionName') as job_definition_name, + json_extract_path_text(Properties, 'ModelQualityBaselineConfig') as model_quality_baseline_config, + json_extract_path_text(Properties, 'ModelQualityAppSpecification') as model_quality_app_specification, + json_extract_path_text(Properties, 'ModelQualityJobInput') as model_quality_job_input, + json_extract_path_text(Properties, 'ModelQualityJobOutputConfig') as model_quality_job_output_config, + json_extract_path_text(Properties, 'JobResources') as job_resources, + json_extract_path_text(Properties, 'NetworkConfig') as network_config, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'StoppingCondition') as stopping_condition, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreationTime') as creation_time + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::ModelQualityJobDefinition' + AND data__Identifier = '' + AND region = 'us-east-1' + monitoring_schedules: + name: monitoring_schedules + id: awscc.sagemaker.monitoring_schedules + x-cfn-schema-name: MonitoringSchedule + x-type: list + x-identifiers: + - MonitoringScheduleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MonitoringScheduleArn') as monitoring_schedule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::MonitoringSchedule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MonitoringScheduleArn') as monitoring_schedule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::MonitoringSchedule' + AND region = 'us-east-1' + monitoring_schedule: + name: monitoring_schedule + id: awscc.sagemaker.monitoring_schedule + x-cfn-schema-name: MonitoringSchedule + x-type: get + x-identifiers: + - MonitoringScheduleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.MonitoringScheduleArn') as monitoring_schedule_arn, + JSON_EXTRACT(Properties, '$.MonitoringScheduleName') as monitoring_schedule_name, + JSON_EXTRACT(Properties, '$.MonitoringScheduleConfig') as monitoring_schedule_config, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.EndpointName') as endpoint_name, + JSON_EXTRACT(Properties, '$.FailureReason') as failure_reason, + JSON_EXTRACT(Properties, '$.LastModifiedTime') as last_modified_time, + JSON_EXTRACT(Properties, '$.LastMonitoringExecutionSummary') as last_monitoring_execution_summary, + JSON_EXTRACT(Properties, '$.MonitoringScheduleStatus') as monitoring_schedule_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::MonitoringSchedule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'MonitoringScheduleArn') as monitoring_schedule_arn, + json_extract_path_text(Properties, 'MonitoringScheduleName') as monitoring_schedule_name, + json_extract_path_text(Properties, 'MonitoringScheduleConfig') as monitoring_schedule_config, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'EndpointName') as endpoint_name, + json_extract_path_text(Properties, 'FailureReason') as failure_reason, + json_extract_path_text(Properties, 'LastModifiedTime') as last_modified_time, + json_extract_path_text(Properties, 'LastMonitoringExecutionSummary') as last_monitoring_execution_summary, + json_extract_path_text(Properties, 'MonitoringScheduleStatus') as monitoring_schedule_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::MonitoringSchedule' + AND data__Identifier = '' + AND region = 'us-east-1' + pipelines: + name: pipelines + id: awscc.sagemaker.pipelines + x-cfn-schema-name: Pipeline + x-type: list + x-identifiers: + - PipelineName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PipelineName') as pipeline_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Pipeline' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PipelineName') as pipeline_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Pipeline' + AND region = 'us-east-1' + pipeline: + name: pipeline + id: awscc.sagemaker.pipeline + x-cfn-schema-name: Pipeline + x-type: get + x-identifiers: + - PipelineName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PipelineName') as pipeline_name, + JSON_EXTRACT(Properties, '$.PipelineDisplayName') as pipeline_display_name, + JSON_EXTRACT(Properties, '$.PipelineDescription') as pipeline_description, + JSON_EXTRACT(Properties, '$.PipelineDefinition') as pipeline_definition, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ParallelismConfiguration') as parallelism_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PipelineName') as pipeline_name, + json_extract_path_text(Properties, 'PipelineDisplayName') as pipeline_display_name, + json_extract_path_text(Properties, 'PipelineDescription') as pipeline_description, + json_extract_path_text(Properties, 'PipelineDefinition') as pipeline_definition, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ParallelismConfiguration') as parallelism_configuration + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Pipeline' + AND data__Identifier = '' + AND region = 'us-east-1' + projects: + name: projects + id: awscc.sagemaker.projects + x-cfn-schema-name: Project + x-type: list + x-identifiers: + - ProjectArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProjectArn') as project_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Project' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProjectArn') as project_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Project' + AND region = 'us-east-1' + project: + name: project + id: awscc.sagemaker.project + x-cfn-schema-name: Project + x-type: get + x-identifiers: + - ProjectArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ProjectArn') as project_arn, + JSON_EXTRACT(Properties, '$.ProjectId') as project_id, + JSON_EXTRACT(Properties, '$.ProjectName') as project_name, + JSON_EXTRACT(Properties, '$.ProjectDescription') as project_description, + JSON_EXTRACT(Properties, '$.CreationTime') as creation_time, + JSON_EXTRACT(Properties, '$.ServiceCatalogProvisioningDetails') as service_catalog_provisioning_details, + JSON_EXTRACT(Properties, '$.ServiceCatalogProvisionedProductDetails') as service_catalog_provisioned_product_details, + JSON_EXTRACT(Properties, '$.ProjectStatus') as project_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ProjectArn') as project_arn, + json_extract_path_text(Properties, 'ProjectId') as project_id, + json_extract_path_text(Properties, 'ProjectName') as project_name, + json_extract_path_text(Properties, 'ProjectDescription') as project_description, + json_extract_path_text(Properties, 'CreationTime') as creation_time, + json_extract_path_text(Properties, 'ServiceCatalogProvisioningDetails') as service_catalog_provisioning_details, + json_extract_path_text(Properties, 'ServiceCatalogProvisionedProductDetails') as service_catalog_provisioned_product_details, + json_extract_path_text(Properties, 'ProjectStatus') as project_status + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Project' + AND data__Identifier = '' + AND region = 'us-east-1' + spaces: + name: spaces + id: awscc.sagemaker.spaces + x-cfn-schema-name: Space + x-type: list + x-identifiers: + - DomainId + - SpaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.SpaceName') as space_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Space' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'SpaceName') as space_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::Space' + AND region = 'us-east-1' + space: + name: space + id: awscc.sagemaker.space + x-cfn-schema-name: Space + x-type: get + x-identifiers: + - DomainId + - SpaceName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SpaceArn') as space_arn, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.SpaceName') as space_name, + JSON_EXTRACT(Properties, '$.SpaceSettings') as space_settings, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.OwnershipSettings') as ownership_settings, + JSON_EXTRACT(Properties, '$.SpaceSharingSettings') as space_sharing_settings, + JSON_EXTRACT(Properties, '$.SpaceDisplayName') as space_display_name, + JSON_EXTRACT(Properties, '$.Url') as url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Space' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SpaceArn') as space_arn, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'SpaceName') as space_name, + json_extract_path_text(Properties, 'SpaceSettings') as space_settings, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'OwnershipSettings') as ownership_settings, + json_extract_path_text(Properties, 'SpaceSharingSettings') as space_sharing_settings, + json_extract_path_text(Properties, 'SpaceDisplayName') as space_display_name, + json_extract_path_text(Properties, 'Url') as url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::Space' + AND data__Identifier = '' + AND region = 'us-east-1' + user_profiles: + name: user_profiles + id: awscc.sagemaker.user_profiles + x-cfn-schema-name: UserProfile + x-type: list + x-identifiers: + - UserProfileName + - DomainId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserProfileName') as user_profile_name, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::UserProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserProfileName') as user_profile_name, + json_extract_path_text(Properties, 'DomainId') as domain_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SageMaker::UserProfile' + AND region = 'us-east-1' + user_profile: + name: user_profile + id: awscc.sagemaker.user_profile + x-cfn-schema-name: UserProfile + x-type: get + x-identifiers: + - UserProfileName + - DomainId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.UserProfileArn') as user_profile_arn, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.SingleSignOnUserIdentifier') as single_sign_on_user_identifier, + JSON_EXTRACT(Properties, '$.SingleSignOnUserValue') as single_sign_on_user_value, + JSON_EXTRACT(Properties, '$.UserProfileName') as user_profile_name, + JSON_EXTRACT(Properties, '$.UserSettings') as user_settings, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::UserProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'UserProfileArn') as user_profile_arn, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'SingleSignOnUserIdentifier') as single_sign_on_user_identifier, + json_extract_path_text(Properties, 'SingleSignOnUserValue') as single_sign_on_user_value, + json_extract_path_text(Properties, 'UserProfileName') as user_profile_name, + json_extract_path_text(Properties, 'UserSettings') as user_settings, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SageMaker::UserProfile' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/scheduler.yaml b/providers/src/awscc/v00.00.00000/services/scheduler.yaml new file mode 100644 index 00000000..17920b53 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/scheduler.yaml @@ -0,0 +1,671 @@ +openapi: 3.0.0 +info: + title: Scheduler + version: 1.0.0 +paths: {} +components: + schemas: + AssignPublicIp: + type: string + description: Specifies whether the task's elastic network interface receives a public IP address. You can specify ENABLED only when LaunchType in EcsParameters is set to FARGATE. + enum: + - ENABLED + - DISABLED + AwsVpcConfiguration: + type: object + description: This structure specifies the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode. + properties: + Subnets: + type: array + items: + type: string + maxLength: 1000 + minLength: 1 + description: Specifies the subnet associated with the task. + maxItems: 16 + minItems: 1 + description: Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets. + x-insertionOrder: false + SecurityGroups: + type: array + items: + type: string + maxLength: 1000 + minLength: 1 + description: Specifies the security group associated with the task. + maxItems: 5 + minItems: 1 + description: Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used. + x-insertionOrder: false + AssignPublicIp: + $ref: '#/components/schemas/AssignPublicIp' + required: + - Subnets + additionalProperties: false + CapacityProviderStrategyItem: + type: object + description: The details of a capacity provider strategy. + properties: + CapacityProvider: + type: string + maxLength: 255 + minLength: 1 + description: The short name of the capacity provider. + Weight: + type: number + default: 0 + maximum: 1000 + minimum: 0 + description: The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. + Base: + type: number + default: 0 + maximum: 100000 + minimum: 0 + description: The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used. + required: + - CapacityProvider + additionalProperties: false + DeadLetterConfig: + type: object + description: A DeadLetterConfig object that contains information about a dead-letter queue configuration. + properties: + Arn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:aws(-[a-z]+)?:sqs:[a-z0-9\-]+:\d{12}:[a-zA-Z0-9\-_]+$ + description: The ARN of the SQS queue specified as the target for the dead-letter queue. + additionalProperties: false + EcsParameters: + type: object + description: The custom parameters to be used when the target is an Amazon ECS task. + properties: + TaskDefinitionArn: + type: string + maxLength: 1600 + minLength: 1 + description: The ARN of the task definition to use if the event target is an Amazon ECS task. + TaskCount: + type: number + maximum: 10 + minimum: 1 + description: The number of tasks to create based on TaskDefinition. The default is 1. + LaunchType: + $ref: '#/components/schemas/LaunchType' + NetworkConfiguration: + $ref: '#/components/schemas/NetworkConfiguration' + PlatformVersion: + type: string + maxLength: 64 + minLength: 1 + description: Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. + Group: + type: string + maxLength: 255 + minLength: 1 + description: Specifies an ECS task group for the task. The maximum length is 255 characters. + CapacityProviderStrategy: + type: array + items: + $ref: '#/components/schemas/CapacityProviderStrategyItem' + maxItems: 6 + description: The capacity provider strategy to use for the task. + x-insertionOrder: false + EnableECSManagedTags: + type: boolean + description: Specifies whether to enable Amazon ECS managed tags for the task. For more information, see Tagging Your Amazon ECS Resources in the Amazon Elastic Container Service Developer Guide. + EnableExecuteCommand: + type: boolean + description: Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task. + PlacementConstraints: + type: array + items: + $ref: '#/components/schemas/PlacementConstraint' + maxItems: 10 + description: An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). + x-insertionOrder: false + PlacementStrategy: + type: array + items: + $ref: '#/components/schemas/PlacementStrategy' + maxItems: 5 + description: The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task. + x-insertionOrder: false + PropagateTags: + $ref: '#/components/schemas/PropagateTags' + ReferenceId: + type: string + maxLength: 1024 + description: The reference ID to use for the task. + Tags: + type: array + items: + $ref: '#/components/schemas/TagMap' + maxItems: 50 + minItems: 0 + description: The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see RunTask in the Amazon ECS API Reference. + x-insertionOrder: false + required: + - TaskDefinitionArn + additionalProperties: false + EventBridgeParameters: + type: object + description: EventBridge PutEvent predefined target type. + properties: + DetailType: + type: string + maxLength: 128 + minLength: 1 + description: Free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail. + Source: + type: string + maxLength: 256 + minLength: 1 + pattern: ^(?=[/\.\-_A-Za-z0-9]+)((?!aws\.).*)|(\$(\.[\w_-]+(\[(\d+|\*)\])*)*)$ + description: The source of the event. + required: + - DetailType + - Source + additionalProperties: false + FlexibleTimeWindow: + type: object + description: Flexible time window allows configuration of a window within which a schedule can be invoked + properties: + Mode: + $ref: '#/components/schemas/FlexibleTimeWindowMode' + MaximumWindowInMinutes: + type: number + maximum: 1440 + minimum: 1 + description: The maximum time window during which a schedule can be invoked. + required: + - Mode + additionalProperties: false + FlexibleTimeWindowMode: + type: string + description: Determines whether the schedule is executed within a flexible time window. + enum: + - 'OFF' + - FLEXIBLE + KinesisParameters: + type: object + description: The custom parameter you can use to control the shard to which EventBridge Scheduler sends the event. + properties: + PartitionKey: + type: string + maxLength: 256 + minLength: 1 + description: The custom parameter used as the Kinesis partition key. For more information, see Amazon Kinesis Streams Key Concepts in the Amazon Kinesis Streams Developer Guide. + required: + - PartitionKey + additionalProperties: false + LaunchType: + type: string + description: Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The FARGATE value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see AWS Fargate on Amazon ECS in the Amazon Elastic Container Service Developer Guide. + enum: + - EC2 + - FARGATE + - EXTERNAL + NetworkConfiguration: + type: object + description: This structure specifies the network configuration for an ECS task. + properties: + AwsvpcConfiguration: + $ref: '#/components/schemas/AwsVpcConfiguration' + additionalProperties: false + PlacementConstraint: + type: object + description: An object representing a constraint on task placement. + properties: + Type: + $ref: '#/components/schemas/PlacementConstraintType' + Expression: + type: string + maxLength: 2000 + description: A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is distinctInstance. To learn more, see Cluster Query Language in the Amazon Elastic Container Service Developer Guide. + additionalProperties: false + PlacementConstraintType: + type: string + description: The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates. + enum: + - distinctInstance + - memberOf + PlacementStrategy: + type: object + description: The task placement strategy for a task or service. + properties: + Type: + $ref: '#/components/schemas/PlacementStrategyType' + Field: + type: string + maxLength: 255 + description: The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used. + additionalProperties: false + PlacementStrategyType: + type: string + description: >- + The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory + (but still enough to run the task). + enum: + - random + - spread + - binpack + PropagateTags: + type: string + description: Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action. + enum: + - TASK_DEFINITION + RetryPolicy: + type: object + description: A RetryPolicy object that includes information about the retry policy settings. + properties: + MaximumEventAgeInSeconds: + type: number + maximum: 86400 + minimum: 60 + description: The maximum amount of time, in seconds, to continue to make retry attempts. + MaximumRetryAttempts: + type: number + maximum: 185 + minimum: 0 + description: The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the MaximumEventAgeInSeconds is reached. + additionalProperties: false + SageMakerPipelineParameter: + type: object + description: Name/Value pair of a parameter to start execution of a SageMaker Model Building Pipeline. + properties: + Name: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[A-Za-z0-9\-_]*$ + description: Name of parameter to start execution of a SageMaker Model Building Pipeline. + Value: + type: string + maxLength: 1024 + minLength: 1 + description: Value of parameter to start execution of a SageMaker Model Building Pipeline. + required: + - Name + - Value + additionalProperties: false + SageMakerPipelineParameters: + type: object + description: These are custom parameters to use when the target is a SageMaker Model Building Pipeline that starts based on AWS EventBridge Scheduler schedules. + properties: + PipelineParameterList: + type: array + items: + $ref: '#/components/schemas/SageMakerPipelineParameter' + maxItems: 200 + minItems: 0 + description: List of Parameter names and values for SageMaker Model Building Pipeline execution. + x-insertionOrder: false + additionalProperties: false + ScheduleState: + type: string + description: Specifies whether the schedule is enabled or disabled. + enum: + - ENABLED + - DISABLED + SqsParameters: + type: object + description: Contains the message group ID to use when the target is a FIFO queue. If you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled. + properties: + MessageGroupId: + type: string + maxLength: 128 + minLength: 1 + description: The FIFO message group ID to use as the target. + additionalProperties: false + TagMap: + type: object + x-patternProperties: + .+: + type: string + maxLength: 256 + minLength: 1 + additionalProperties: false + Target: + type: object + description: The schedule target. + properties: + Arn: + type: string + maxLength: 1600 + minLength: 1 + description: The Amazon Resource Name (ARN) of the target. + RoleArn: + type: string + maxLength: 1600 + minLength: 1 + pattern: ^arn:aws(-[a-z]+)?:iam::\d{12}:role\/[\w+=,.@\/-]+$ + description: The Amazon Resource Name (ARN) of the IAM role to be used for this target when the schedule is triggered. + DeadLetterConfig: + $ref: '#/components/schemas/DeadLetterConfig' + RetryPolicy: + $ref: '#/components/schemas/RetryPolicy' + Input: + type: string + minLength: 1 + description: The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda, AWS Step Functions, or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, EventBridge Scheduler delivers a default notification to the target. + EcsParameters: + $ref: '#/components/schemas/EcsParameters' + EventBridgeParameters: + $ref: '#/components/schemas/EventBridgeParameters' + KinesisParameters: + $ref: '#/components/schemas/KinesisParameters' + SageMakerPipelineParameters: + $ref: '#/components/schemas/SageMakerPipelineParameters' + SqsParameters: + $ref: '#/components/schemas/SqsParameters' + required: + - Arn + - RoleArn + additionalProperties: false + Schedule: + type: object + properties: + Arn: + type: string + maxLength: 1224 + minLength: 1 + pattern: ^arn:aws(-[a-z]+)?:scheduler:[a-z0-9\-]+:\d{12}:schedule\/[0-9a-zA-Z-_.]+\/[0-9a-zA-Z-_.]+$ + description: The Amazon Resource Name (ARN) of the schedule. + Description: + type: string + maxLength: 512 + minLength: 0 + description: The description of the schedule. + EndDate: + type: string + description: The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the EndDate you specify. + format: date-time + FlexibleTimeWindow: + $ref: '#/components/schemas/FlexibleTimeWindow' + GroupName: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[0-9a-zA-Z-_.]+$ + description: The name of the schedule group to associate with this schedule. If you omit this, the default schedule group is used. + KmsKeyArn: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^arn:aws(-[a-z]+)?:kms:[a-z0-9\-]+:\d{12}:(key|alias)\/[0-9a-zA-Z-_]*$ + description: The ARN for a KMS Key that will be used to encrypt customer data. + Name: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[0-9a-zA-Z-_.]+$ + ScheduleExpression: + type: string + maxLength: 256 + minLength: 1 + description: The scheduling expression. + ScheduleExpressionTimezone: + type: string + maxLength: 50 + minLength: 1 + description: The timezone in which the scheduling expression is evaluated. + StartDate: + type: string + description: The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the StartDate you specify. + format: date-time + State: + $ref: '#/components/schemas/ScheduleState' + Target: + $ref: '#/components/schemas/Target' + required: + - FlexibleTimeWindow + - ScheduleExpression + - Target + x-stackql-resource-name: schedule + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - scheduler:CreateSchedule + - scheduler:GetSchedule + - iam:PassRole + read: + - scheduler:GetSchedule + update: + - scheduler:UpdateSchedule + - scheduler:GetSchedule + - iam:PassRole + delete: + - scheduler:DeleteSchedule + - scheduler:GetSchedule + list: + - scheduler:ListSchedules + ScheduleGroupState: + type: string + description: Specifies the state of the schedule group. + enum: + - ACTIVE + - DELETING + Tag: + type: object + description: Tag to associate with the resource. + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + description: Key for the tag + Value: + type: string + maxLength: 256 + minLength: 1 + description: Value for the tag + required: + - Key + - Value + additionalProperties: false + ScheduleGroup: + type: object + properties: + Arn: + type: string + maxLength: 1224 + minLength: 1 + pattern: ^arn:aws(-[a-z]+)?:scheduler:[a-z0-9\-]+:\d{12}:schedule-group\/[0-9a-zA-Z-_.]+$ + description: The Amazon Resource Name (ARN) of the schedule group. + CreationDate: + type: string + description: The time at which the schedule group was created. + format: date-time + LastModificationDate: + type: string + description: The time at which the schedule group was last modified. + format: date-time + Name: + type: string + maxLength: 64 + minLength: 1 + pattern: ^[0-9a-zA-Z-_.]+$ + State: + $ref: '#/components/schemas/ScheduleGroupState' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + description: The list of tags to associate with the schedule group. + x-insertionOrder: false + x-stackql-resource-name: schedule_group + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreationDate + - LastModificationDate + - State + x-required-permissions: + create: + - scheduler:TagResource + - scheduler:CreateScheduleGroup + - scheduler:GetScheduleGroup + - scheduler:ListTagsForResource + read: + - scheduler:GetScheduleGroup + - scheduler:ListTagsForResource + update: + - scheduler:TagResource + - scheduler:UntagResource + - scheduler:ListTagsForResource + - scheduler:GetScheduleGroup + delete: + - scheduler:DeleteScheduleGroup + - scheduler:GetScheduleGroup + - scheduler:DeleteSchedule + list: + - scheduler:ListScheduleGroups + x-stackQL-resources: + schedules: + name: schedules + id: awscc.scheduler.schedules + x-cfn-schema-name: Schedule + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Scheduler::Schedule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Scheduler::Schedule' + AND region = 'us-east-1' + schedule: + name: schedule + id: awscc.scheduler.schedule + x-cfn-schema-name: Schedule + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.EndDate') as end_date, + JSON_EXTRACT(Properties, '$.FlexibleTimeWindow') as flexible_time_window, + JSON_EXTRACT(Properties, '$.GroupName') as group_name, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ScheduleExpression') as schedule_expression, + JSON_EXTRACT(Properties, '$.ScheduleExpressionTimezone') as schedule_expression_timezone, + JSON_EXTRACT(Properties, '$.StartDate') as start_date, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Target') as target + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Scheduler::Schedule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'EndDate') as end_date, + json_extract_path_text(Properties, 'FlexibleTimeWindow') as flexible_time_window, + json_extract_path_text(Properties, 'GroupName') as group_name, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ScheduleExpression') as schedule_expression, + json_extract_path_text(Properties, 'ScheduleExpressionTimezone') as schedule_expression_timezone, + json_extract_path_text(Properties, 'StartDate') as start_date, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Target') as target + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Scheduler::Schedule' + AND data__Identifier = '' + AND region = 'us-east-1' + schedule_groups: + name: schedule_groups + id: awscc.scheduler.schedule_groups + x-cfn-schema-name: ScheduleGroup + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Scheduler::ScheduleGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Scheduler::ScheduleGroup' + AND region = 'us-east-1' + schedule_group: + name: schedule_group + id: awscc.scheduler.schedule_group + x-cfn-schema-name: ScheduleGroup + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.LastModificationDate') as last_modification_date, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Scheduler::ScheduleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'LastModificationDate') as last_modification_date, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Scheduler::ScheduleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/secretsmanager.yaml b/providers/src/awscc/v00.00.00000/services/secretsmanager.yaml new file mode 100644 index 00000000..4dd9a9a1 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/secretsmanager.yaml @@ -0,0 +1,217 @@ +openapi: 3.0.0 +info: + title: SecretsManager + version: 1.0.0 +paths: {} +components: + schemas: + GenerateSecretString: + type: object + additionalProperties: false + properties: + ExcludeUppercase: + type: boolean + description: Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters. + RequireEachIncludedType: + type: boolean + description: Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type. + IncludeSpace: + type: boolean + description: Specifies whether to include the space character. If you include this switch, the password can contain space characters. + ExcludeCharacters: + type: string + description: A string of the characters that you don't want in the password. + GenerateStringKey: + type: string + description: The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the ``SecretStringTemplate`` parameter. If you specify this parameter, then you must also specify ``SecretStringTemplate``. + PasswordLength: + type: integer + description: The length of the password. If you don't include this parameter, the default length is 32 characters. + ExcludePunctuation: + type: boolean + description: 'Specifies whether to exclude the following punctuation characters from the password: ``! " # $ % & '' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~``. If you don''t include this switch, the password can contain punctuation.' + ExcludeLowercase: + type: boolean + description: Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters. + SecretStringTemplate: + type: string + description: A template that the generated string must match. When you make a change to this property, a new secret version is created. + ExcludeNumbers: + type: boolean + description: Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers. + description: |- + Generates a random password. We recommend that you specify the maximum length and include every character type that the system you are generating a password for can support. + *Required permissions:* ``secretsmanager:GetRandomPassword``. For more information, see [IAM policy actions for Secrets Manager](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions) and [Authentication and access control in Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). + ReplicaRegion: + type: object + description: Specifies a ``Region`` and the ``KmsKeyId`` for a replica secret. + additionalProperties: false + properties: + KmsKeyId: + type: string + description: The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses ``aws/secretsmanager``. + Region: + type: string + description: A string that represents a ``Region``, for example "us-east-1". + required: + - Region + Tag: + type: object + description: A structure that contains information about a tag. + additionalProperties: false + properties: + Value: + type: string + description: The string value associated with the key of the tag. + Key: + type: string + description: The key identifier, or name, of the tag. + required: + - Value + - Key + Secret: + type: object + properties: + Description: + type: string + description: The description of the secret. + KmsKeyId: + type: string + description: |- + The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by ``alias/``, for example ``alias/aws/secretsmanager``. For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html). + To use a KMS key in a different account, use the key ARN or the alias ARN. + If you don't specify this value, then Secrets Manager uses the key ``aws/secretsmanager``. If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value. + If the secret is in a different AWS account from the credentials calling the API, then you can't use ``aws/secretsmanager`` to encrypt the secret, and you must create and use a customer managed KMS key. + SecretString: + type: string + description: The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use ``GenerateSecretString`` instead. If you omit both ``GenerateSecretString`` and ``SecretString``, you create an empty secret. When you make a change to this property, a new secret version is created. + GenerateSecretString: + $ref: '#/components/schemas/GenerateSecretString' + description: |- + A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use ``SecretString`` instead. If you omit both ``GenerateSecretString`` and ``SecretString``, you create an empty secret. When you make a change to this property, a new secret version is created. + We recommend that you specify the maximum length and include every character type that the system you are generating a password for can support. + ReplicaRegions: + type: array + description: A custom type that specifies a ``Region`` and the ``KmsKeyId`` for a replica secret. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/ReplicaRegion' + Id: + type: string + description: '' + Tags: + type: array + description: |- + A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example: + ``[{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}]`` + Secrets Manager tag key names are case sensitive. A tag with the key "ABC" is a different tag from one with key "abc". + Stack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret. + If you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an ``Access Denied`` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazo + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Name: + type: string + description: |- + The name of the new secret. + The secret name can contain ASCII letters, numbers, and the following characters: /_+=.@- + Do not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN. + x-stackql-resource-name: secret + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Name + x-read-only-properties: + - Id + x-required-permissions: + create: + - secretsmanager:DescribeSecret + - secretsmanager:GetRandomPassword + - secretsmanager:CreateSecret + - secretsmanager:TagResource + delete: + - secretsmanager:DeleteSecret + - secretsmanager:DescribeSecret + - secretsmanager:RemoveRegionsFromReplication + list: + - secretsmanager:ListSecrets + read: + - secretsmanager:DescribeSecret + - secretsmanager:GetSecretValue + update: + - secretsmanager:UpdateSecret + - secretsmanager:TagResource + - secretsmanager:UntagResource + - secretsmanager:GetRandomPassword + - secretsmanager:GetSecretValue + - secretsmanager:ReplicateSecretToRegions + - secretsmanager:RemoveRegionsFromReplication + x-stackQL-resources: + secrets: + name: secrets + id: awscc.secretsmanager.secrets + x-cfn-schema-name: Secret + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecretsManager::Secret' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecretsManager::Secret' + AND region = 'us-east-1' + secret: + name: secret + id: awscc.secretsmanager.secret + x-cfn-schema-name: Secret + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.SecretString') as secret_string, + JSON_EXTRACT(Properties, '$.GenerateSecretString') as generate_secret_string, + JSON_EXTRACT(Properties, '$.ReplicaRegions') as replica_regions, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecretsManager::Secret' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'SecretString') as secret_string, + json_extract_path_text(Properties, 'GenerateSecretString') as generate_secret_string, + json_extract_path_text(Properties, 'ReplicaRegions') as replica_regions, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecretsManager::Secret' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/securityhub.yaml b/providers/src/awscc/v00.00.00000/services/securityhub.yaml new file mode 100644 index 00000000..2f421bf1 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/securityhub.yaml @@ -0,0 +1,903 @@ +openapi: 3.0.0 +info: + title: SecurityHub + version: 1.0.0 +paths: {} +components: + schemas: + Tags: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + x-patternProperties: + ^[a-zA-Z0-9-_]{1,128}$: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + NonEmptyString: + type: string + minLength: 1 + DateFilter: + description: '' + properties: + DateRange: + $ref: '#/components/schemas/DateRange' + description: '' + End: + $ref: '#/components/schemas/ISO8601DateString' + description: '' + Start: + $ref: '#/components/schemas/ISO8601DateString' + description: '' + type: object + oneOf: + - required: + - DateRange + - allOf: + - required: + - Start + - required: + - End + additionalProperties: false + DateRange: + description: '' + properties: + Unit: + description: '' + enum: + - DAYS + type: string + Value: + description: '' + type: number + required: + - Unit + - Value + type: object + additionalProperties: false + BooleanFilter: + description: '' + properties: + Value: + description: The value of the boolean. + type: boolean + required: + - Value + type: object + additionalProperties: false + MapFilter: + description: '' + properties: + Comparison: + description: '' + enum: + - EQUALS + - NOT_EQUALS + - CONTAINS + - NOT_CONTAINS + type: string + Key: + description: '' + type: string + Value: + description: '' + type: string + required: + - Comparison + - Key + - Value + type: object + additionalProperties: false + NumberFilter: + description: '' + properties: + Eq: + description: '' + type: number + Gte: + description: '' + type: number + Lte: + description: '' + type: number + oneOf: + - required: + - Eq + - anyOf: + - required: + - Gte + - required: + - Lte + type: object + additionalProperties: false + StringFilter: + description: '' + properties: + Comparison: + $ref: '#/components/schemas/StringFilterComparison' + description: '' + Value: + description: '' + type: string + required: + - Comparison + - Value + type: object + additionalProperties: false + StringFilterComparison: + description: The condition to apply to a string value when filtering Security Hub findings. + enum: + - EQUALS + - PREFIX + - NOT_EQUALS + - PREFIX_NOT_EQUALS + - CONTAINS + - NOT_CONTAINS + type: string + ISO8601DateString: + description: The date and time, in UTC and ISO 8601 format. + type: string + pattern: ^(\d\d\d\d)-([0][1-9]|[1][0-2])-([0][1-9]|[1-2](\d)|[3][0-1])[T](?:([0-1](\d)|[2][0-3]):[0-5](\d):[0-5](\d)|23:59:60)(?:\.(\d)+)?([Z]|[+-](\d\d)(:?(\d\d))?)$ + arn: + description: The Amazon Resource Name (ARN) of the automation rule. + type: string + minLength: 12 + maxLength: 2048 + pattern: ^arn:(aws|aws-cn|aws-us-gov|aws-iso-?[a-z]{0,2}):[A-Za-z0-9]{1,63}:[a-z]+-([a-z]{1,10}-)?[a-z]+-[0-9]+:([0-9]{12})?:.+$ + arnOrId: + description: The Amazon Resource Name (ARN) or Id of the automation rule. + anyOf: + - type: string + minLength: 1 + maxLength: 512 + - $ref: '#/components/schemas/arn' + timestamp: + type: string + format: date-time + pattern: (\d\d\d\d)-[0-1](\d)-[0-3](\d)[Tt](?:[0-2](\d):[0-5](\d):[0-5](\d)|23:59:60)(?:\.(\d)+)?(?:[Zz]|[+-](\d\d)(?::?(\d\d))?)$ + int100: + description: Integer from 0 to 100. + type: integer + minimum: 0 + maximum: 100 + map: + description: An object of user-defined name and value string pair added to a finding. + type: object + minProperties: 1 + maxProperties: 50 + x-patternProperties: + ^[-_+=.:/@\w\s]{1,128}$: + description: The value for the key in the map + type: string + minLength: 0 + maxLength: 1024 + additionalProperties: false + RelatedFinding: + description: Provides details about a list of findings that the current finding relates to. + type: object + properties: + ProductArn: + $ref: '#/components/schemas/arn' + description: The Amazon Resource Name (ARN) for the product that generated a related finding. + Id: + $ref: '#/components/schemas/arnOrId' + description: '' + additionalProperties: false + required: + - ProductArn + - Id + NoteUpdate: + description: '' + type: object + properties: + Text: + description: '' + type: string + minLength: 1 + maxLength: 512 + UpdatedBy: + $ref: '#/components/schemas/arnOrId' + description: '' + additionalProperties: false + required: + - Text + - UpdatedBy + WorkflowUpdate: + description: '' + type: object + properties: + Status: + description: '' + type: string + enum: + - NEW + - NOTIFIED + - RESOLVED + - SUPPRESSED + required: + - Status + additionalProperties: false + SeverityUpdate: + description: '' + type: object + properties: + Product: + description: '' + type: number + Label: + description: '' + type: string + enum: + - INFORMATIONAL + - LOW + - MEDIUM + - HIGH + - CRITICAL + Normalized: + $ref: '#/components/schemas/int100' + description: '' + additionalProperties: false + AutomationRulesFindingFieldsUpdate: + description: The rule action will update the ``Note`` field of a finding. + type: object + properties: + Types: + description: '' + type: array + maxItems: 50 + uniqueItems: true + items: + type: string + pattern: ^([^/]+)(/[^/]+){0,2}$ + Severity: + type: object + description: The rule action will update the ``Severity`` field of a finding. + $ref: '#/components/schemas/SeverityUpdate' + Confidence: + $ref: '#/components/schemas/int100' + description: '' + Criticality: + $ref: '#/components/schemas/int100' + description: '' + UserDefinedFields: + $ref: '#/components/schemas/map' + description: '' + VerificationState: + description: '' + type: string + enum: + - UNKNOWN + - TRUE_POSITIVE + - FALSE_POSITIVE + - BENIGN_POSITIVE + RelatedFindings: + description: The rule action will update the ``RelatedFindings`` field of a finding. + type: array + minItems: 1 + maxItems: 10 + items: + $ref: '#/components/schemas/RelatedFinding' + Note: + type: object + description: The rule action will update the ``Note`` field of a finding. + $ref: '#/components/schemas/NoteUpdate' + Workflow: + type: object + description: The rule action will update the ``Workflow`` field of a finding. + $ref: '#/components/schemas/WorkflowUpdate' + AutomationRulesAction: + description: '' + type: object + properties: + Type: + description: '' + type: string + enum: + - FINDING_FIELDS_UPDATE + FindingFieldsUpdate: + $ref: '#/components/schemas/AutomationRulesFindingFieldsUpdate' + description: '' + required: + - Type + - FindingFieldsUpdate + AutomationRulesFindingFilters: + description: '' + type: object + additionalProperties: false + properties: + ProductArn: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + AwsAccountId: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 100 + Id: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + GeneratorId: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 100 + Type: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + FirstObservedAt: + description: '' + items: + $ref: '#/components/schemas/DateFilter' + type: array + maxItems: 20 + LastObservedAt: + description: '' + items: + $ref: '#/components/schemas/DateFilter' + type: array + maxItems: 20 + CreatedAt: + description: '' + items: + $ref: '#/components/schemas/DateFilter' + type: array + maxItems: 20 + UpdatedAt: + description: '' + items: + $ref: '#/components/schemas/DateFilter' + type: array + maxItems: 20 + Confidence: + description: '' + items: + $ref: '#/components/schemas/NumberFilter' + type: array + maxItems: 20 + Criticality: + description: '' + items: + $ref: '#/components/schemas/NumberFilter' + type: array + maxItems: 20 + Title: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 100 + Description: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + SourceUrl: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + ProductName: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + CompanyName: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + SeverityLabel: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + ResourceType: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + ResourceId: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 100 + ResourcePartition: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + ResourceRegion: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + ResourceTags: + description: '' + items: + $ref: '#/components/schemas/MapFilter' + type: array + maxItems: 20 + ResourceDetailsOther: + description: '' + items: + $ref: '#/components/schemas/MapFilter' + type: array + maxItems: 20 + ComplianceStatus: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + ComplianceSecurityControlId: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + ComplianceAssociatedStandardsId: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + VerificationState: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + WorkflowStatus: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + RecordState: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + RelatedFindingsProductArn: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + RelatedFindingsId: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + NoteText: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + NoteUpdatedAt: + description: '' + items: + $ref: '#/components/schemas/DateFilter' + type: array + maxItems: 20 + NoteUpdatedBy: + description: '' + items: + $ref: '#/components/schemas/StringFilter' + type: array + maxItems: 20 + UserDefinedFields: + description: '' + items: + $ref: '#/components/schemas/MapFilter' + type: array + maxItems: 20 + AutomationRule: + type: object + properties: + RuleArn: + description: '' + type: string + pattern: arn:aws\S*:securityhub:\S* + RuleStatus: + description: Whether the rule is active after it is created. If this parameter is equal to ``ENABLED``, ASH applies the rule to findings and finding updates after the rule is created. + type: string + enum: + - ENABLED + - DISABLED + RuleOrder: + description: '' + type: integer + minimum: 1 + maximum: 1000 + Description: + description: '' + type: string + minLength: 1 + maxLength: 1024 + RuleName: + description: '' + type: string + minLength: 1 + maxLength: 256 + CreatedAt: + description: '' + $ref: '#/components/schemas/ISO8601DateString' + UpdatedAt: + description: '' + $ref: '#/components/schemas/ISO8601DateString' + CreatedBy: + description: '' + type: string + minLength: 1 + maxLength: 256 + IsTerminal: + description: '' + type: boolean + Actions: + type: array + description: '' + items: + $ref: '#/components/schemas/AutomationRulesAction' + minItems: 1 + maxItems: 1 + Criteria: + description: A set of [Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding. + $ref: '#/components/schemas/AutomationRulesFindingFilters' + Tags: + description: '' + $ref: '#/components/schemas/Tags' + x-stackql-resource-name: automation_rule + x-stackql-primaryIdentifier: + - RuleArn + x-read-only-properties: + - RuleArn + - CreatedAt + - UpdatedAt + - CreatedBy + x-required-permissions: + create: + - securityhub:CreateAutomationRule + - securityhub:TagResource + - securityhub:ListTagsForResource + read: + - securityhub:ListAutomationRules + - securityhub:BatchGetAutomationRules + - securityhub:ListTagsForResource + update: + - securityhub:BatchUpdateAutomationRules + - securityhub:TagResource + - securityhub:UntagResource + - securityhub:ListTagsForResource + delete: + - securityhub:BatchDeleteAutomationRules + - securityhub:BatchGetAutomationRules + list: + - securityhub:ListAutomationRules + - securityhub:ListTagsForResource + Hub: + type: object + properties: + ARN: + description: An ARN is automatically created for the customer. + type: string + pattern: ^arn:.* + EnableDefaultStandards: + description: Whether to enable the security standards that Security Hub has designated as automatically enabled. + type: boolean + ControlFindingGenerator: + description: This field, used when enabling Security Hub, specifies whether the calling account has consolidated control findings turned on. If the value for this field is set to SECURITY_CONTROL, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to STANDARD_CONTROL, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. + type: string + pattern: ^(SECURITY_CONTROL|STANDARD_CONTROL)$ + AutoEnableControls: + description: Whether to automatically enable new controls when they are added to standards that are enabled + type: boolean + Tags: + $ref: '#/components/schemas/Tags' + SubscribedAt: + description: The date and time when Security Hub was enabled in the account. + type: string + x-stackql-resource-name: hub + x-stackql-primaryIdentifier: + - ARN + x-read-only-properties: + - ARN + - SubscribedAt + x-required-permissions: + create: + - securityhub:EnableSecurityHub + - securityhub:UpdateSecurityHubConfiguration + - securityhub:TagResource + - securityhub:ListTagsForResource + read: + - securityhub:DescribeHub + - securityhub:ListTagsForResource + update: + - securityhub:DescribeHub + - securityhub:UpdateSecurityHubConfiguration + - securityhub:TagResource + - securityhub:UntagResource + - securityhub:ListTagsForResource + delete: + - securityhub:DisableSecurityHub + list: + - securityhub:DescribeHub + - securityhub:ListTagsForResource + StandardsControl: + description: Provides details about an individual security control. For a list of ASH controls, see [controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the *User Guide*. + type: object + properties: + StandardsControlArn: + type: string + description: The Amazon Resource Name (ARN) of the control. + pattern: arn:aws\S*:securityhub:\S* + Reason: + type: string + description: A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required. + required: + - StandardsControlArn + additionalProperties: false + Standard: + type: object + properties: + StandardsSubscriptionArn: + description: '' + type: string + pattern: arn:aws\S*:securityhub:\S* + StandardsArn: + description: The ARN of the standard that you want to enable. To view a list of available ASH standards and their ARNs, use the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation. + type: string + pattern: arn:aws\S*:securityhub:\S + DisabledStandardsControls: + description: |- + Specifies which controls are to be disabled in a standard. + *Maximum*: ``100`` + type: array + minItems: 0 + maxItems: 100 + items: + $ref: '#/components/schemas/StandardsControl' + x-insertionOrder: true + uniqueItems: true + required: + - StandardsArn + x-stackql-resource-name: standard + x-stackql-primaryIdentifier: + - StandardsSubscriptionArn + x-create-only-properties: + - StandardsArn + x-read-only-properties: + - StandardsSubscriptionArn + x-required-permissions: + create: + - securityhub:GetEnabledStandards + - securityhub:BatchEnableStandards + - securityhub:UpdateStandardsControl + read: + - securityhub:GetEnabledStandards + - securityhub:DescribeStandardsControls + update: + - securityhub:GetEnabledStandards + - securityhub:UpdateStandardsControl + delete: + - securityhub:GetEnabledStandards + - securityhub:BatchDisableStandards + list: + - securityhub:GetEnabledStandards + x-stackQL-resources: + automation_rules: + name: automation_rules + id: awscc.securityhub.automation_rules + x-cfn-schema-name: AutomationRule + x-type: list + x-identifiers: + - RuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleArn') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecurityHub::AutomationRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleArn') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecurityHub::AutomationRule' + AND region = 'us-east-1' + automation_rule: + name: automation_rule + id: awscc.securityhub.automation_rule + x-cfn-schema-name: AutomationRule + x-type: get + x-identifiers: + - RuleArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleArn') as rule_arn, + JSON_EXTRACT(Properties, '$.RuleStatus') as rule_status, + JSON_EXTRACT(Properties, '$.RuleOrder') as rule_order, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RuleName') as rule_name, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.CreatedBy') as created_by, + JSON_EXTRACT(Properties, '$.IsTerminal') as is_terminal, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.Criteria') as criteria, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecurityHub::AutomationRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleArn') as rule_arn, + json_extract_path_text(Properties, 'RuleStatus') as rule_status, + json_extract_path_text(Properties, 'RuleOrder') as rule_order, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RuleName') as rule_name, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'CreatedBy') as created_by, + json_extract_path_text(Properties, 'IsTerminal') as is_terminal, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'Criteria') as criteria, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecurityHub::AutomationRule' + AND data__Identifier = '' + AND region = 'us-east-1' + hubs: + name: hubs + id: awscc.securityhub.hubs + x-cfn-schema-name: Hub + x-type: list + x-identifiers: + - ARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ARN') as a_rn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecurityHub::Hub' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ARN') as a_rn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecurityHub::Hub' + AND region = 'us-east-1' + hub: + name: hub + id: awscc.securityhub.hub + x-cfn-schema-name: Hub + x-type: get + x-identifiers: + - ARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ARN') as a_rn, + JSON_EXTRACT(Properties, '$.EnableDefaultStandards') as enable_default_standards, + JSON_EXTRACT(Properties, '$.ControlFindingGenerator') as control_finding_generator, + JSON_EXTRACT(Properties, '$.AutoEnableControls') as auto_enable_controls, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.SubscribedAt') as subscribed_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecurityHub::Hub' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ARN') as a_rn, + json_extract_path_text(Properties, 'EnableDefaultStandards') as enable_default_standards, + json_extract_path_text(Properties, 'ControlFindingGenerator') as control_finding_generator, + json_extract_path_text(Properties, 'AutoEnableControls') as auto_enable_controls, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'SubscribedAt') as subscribed_at + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecurityHub::Hub' + AND data__Identifier = '' + AND region = 'us-east-1' + standards: + name: standards + id: awscc.securityhub.standards + x-cfn-schema-name: Standard + x-type: list + x-identifiers: + - StandardsSubscriptionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StandardsSubscriptionArn') as standards_subscription_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecurityHub::Standard' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StandardsSubscriptionArn') as standards_subscription_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SecurityHub::Standard' + AND region = 'us-east-1' + standard: + name: standard + id: awscc.securityhub.standard + x-cfn-schema-name: Standard + x-type: get + x-identifiers: + - StandardsSubscriptionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StandardsSubscriptionArn') as standards_subscription_arn, + JSON_EXTRACT(Properties, '$.StandardsArn') as standards_arn, + JSON_EXTRACT(Properties, '$.DisabledStandardsControls') as disabled_standards_controls + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecurityHub::Standard' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StandardsSubscriptionArn') as standards_subscription_arn, + json_extract_path_text(Properties, 'StandardsArn') as standards_arn, + json_extract_path_text(Properties, 'DisabledStandardsControls') as disabled_standards_controls + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SecurityHub::Standard' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/servicecatalog.yaml b/providers/src/awscc/v00.00.00000/services/servicecatalog.yaml new file mode 100644 index 00000000..d560b989 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/servicecatalog.yaml @@ -0,0 +1,484 @@ +openapi: 3.0.0 +info: + title: ServiceCatalog + version: 1.0.0 +paths: {} +components: + schemas: + ProvisioningPreferences: + type: object + properties: + StackSetAccounts: + type: array + uniqueItems: true + items: + type: string + pattern: ^[0-9]{12}$ + StackSetFailureToleranceCount: + type: integer + minimum: 0 + StackSetFailureTolerancePercentage: + type: integer + minimum: 0 + maximum: 100 + StackSetMaxConcurrencyCount: + type: integer + minimum: 1 + StackSetMaxConcurrencyPercentage: + type: integer + minimum: 1 + maximum: 100 + StackSetOperationType: + type: string + enum: + - CREATE + - UPDATE + - DELETE + StackSetRegions: + type: array + uniqueItems: true + items: + type: string + pattern: ^[a-z]{2}-([a-z]+-)+[1-9] + additionalProperties: false + ProvisioningParameter: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 1000 + Value: + type: string + maxLength: 4096 + additionalProperties: false + required: + - Key + - Value + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + Value: + type: string + minLength: 1 + maxLength: 256 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + additionalProperties: false + required: + - Key + - Value + OutputType: + type: string + CloudFormationProvisionedProduct: + type: object + properties: + AcceptLanguage: + type: string + enum: + - en + - jp + - zh + NotificationArns: + type: array + uniqueItems: true + items: + type: string + maxItems: 5 + PathId: + type: string + minLength: 1 + maxLength: 100 + PathName: + type: string + minLength: 1 + maxLength: 100 + ProductId: + type: string + minLength: 1 + maxLength: 100 + ProductName: + type: string + minLength: 1 + maxLength: 128 + ProvisionedProductName: + type: string + minLength: 1 + maxLength: 128 + ProvisioningArtifactId: + type: string + minLength: 1 + maxLength: 100 + ProvisioningArtifactName: + type: string + ProvisioningParameters: + type: array + items: + $ref: '#/components/schemas/ProvisioningParameter' + ProvisioningPreferences: + $ref: '#/components/schemas/ProvisioningPreferences' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + ProvisionedProductId: + type: string + minLength: 1 + maxLength: 50 + RecordId: + type: string + minLength: 1 + maxLength: 50 + CloudformationStackArn: + type: string + minLength: 1 + maxLength: 256 + Outputs: + description: List of key-value pair outputs. + type: object + x-patternProperties: + ^[A-Za-z0-9]{1,64}$: + $ref: '#/components/schemas/OutputType' + additionalProperties: false + maxProperties: 100 + x-stackql-resource-name: cloud_formation_provisioned_product + x-stackql-primaryIdentifier: + - ProvisionedProductId + x-create-only-properties: + - NotificationArns + - ProvisionedProductName + x-read-only-properties: + - RecordId + - CloudformationStackArn + - Outputs + - ProvisionedProductId + x-required-permissions: + create: + - '*' + read: + - '*' + update: + - '*' + delete: + - '*' + DefinitionParameter: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 1000 + Value: + type: string + maxLength: 4096 + additionalProperties: false + required: + - Key + - Value + ServiceAction: + type: object + properties: + AcceptLanguage: + type: string + enum: + - en + - jp + - zh + Name: + type: string + minLength: 1 + maxLength: 256 + DefinitionType: + type: string + enum: + - SSM_AUTOMATION + Definition: + type: array + items: + $ref: '#/components/schemas/DefinitionParameter' + Description: + type: string + maxLength: 1024 + Id: + type: string + minLength: 1 + maxLength: 100 + required: + - Name + - DefinitionType + - Definition + x-stackql-resource-name: service_action + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - servicecatalog:CreateServiceAction + - ssm:DescribeDocument + - iam:GetRole + read: + - servicecatalog:DescribeServiceAction + update: + - servicecatalog:UpdateServiceAction + - iam:GetRole + - ssm:DescribeDocument + delete: + - servicecatalog:DeleteServiceAction + list: + - servicecatalog:ListServiceActions + ServiceActionAssociation: + type: object + properties: + ProductId: + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_-]{1,99}\Z + minLength: 1 + maxLength: 100 + ProvisioningArtifactId: + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_-]{1,99}\Z + minLength: 1 + maxLength: 100 + ServiceActionId: + type: string + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_-]{1,99}\Z + minLength: 1 + maxLength: 100 + required: + - ProductId + - ProvisioningArtifactId + - ServiceActionId + x-stackql-resource-name: service_action_association + x-stackql-primaryIdentifier: + - ProductId + - ProvisioningArtifactId + - ServiceActionId + x-create-only-properties: + - ProductId + - ProvisioningArtifactId + - ServiceActionId + x-required-permissions: + create: + - servicecatalog:AssociateServiceActionWithProvisioningArtifact + - servicecatalog:ListServiceActionsForProvisioningArtifact + read: + - servicecatalog:ListServiceActionsForProvisioningArtifact + delete: + - servicecatalog:DisassociateServiceActionFromProvisioningArtifact + - servicecatalog:ListServiceActionsForProvisioningArtifact + list: + - servicecatalog:ListServiceActionsForProvisioningArtifact + x-stackQL-resources: + cloud_formation_provisioned_products: + name: cloud_formation_provisioned_products + id: awscc.servicecatalog.cloud_formation_provisioned_products + x-cfn-schema-name: CloudFormationProvisionedProduct + x-type: list + x-identifiers: + - ProvisionedProductId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProvisionedProductId') as provisioned_product_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalog::CloudFormationProvisionedProduct' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProvisionedProductId') as provisioned_product_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalog::CloudFormationProvisionedProduct' + AND region = 'us-east-1' + cloud_formation_provisioned_product: + name: cloud_formation_provisioned_product + id: awscc.servicecatalog.cloud_formation_provisioned_product + x-cfn-schema-name: CloudFormationProvisionedProduct + x-type: get + x-identifiers: + - ProvisionedProductId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AcceptLanguage') as accept_language, + JSON_EXTRACT(Properties, '$.NotificationArns') as notification_arns, + JSON_EXTRACT(Properties, '$.PathId') as path_id, + JSON_EXTRACT(Properties, '$.PathName') as path_name, + JSON_EXTRACT(Properties, '$.ProductId') as product_id, + JSON_EXTRACT(Properties, '$.ProductName') as product_name, + JSON_EXTRACT(Properties, '$.ProvisionedProductName') as provisioned_product_name, + JSON_EXTRACT(Properties, '$.ProvisioningArtifactId') as provisioning_artifact_id, + JSON_EXTRACT(Properties, '$.ProvisioningArtifactName') as provisioning_artifact_name, + JSON_EXTRACT(Properties, '$.ProvisioningParameters') as provisioning_parameters, + JSON_EXTRACT(Properties, '$.ProvisioningPreferences') as provisioning_preferences, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ProvisionedProductId') as provisioned_product_id, + JSON_EXTRACT(Properties, '$.RecordId') as record_id, + JSON_EXTRACT(Properties, '$.CloudformationStackArn') as cloudformation_stack_arn, + JSON_EXTRACT(Properties, '$.Outputs') as outputs + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalog::CloudFormationProvisionedProduct' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AcceptLanguage') as accept_language, + json_extract_path_text(Properties, 'NotificationArns') as notification_arns, + json_extract_path_text(Properties, 'PathId') as path_id, + json_extract_path_text(Properties, 'PathName') as path_name, + json_extract_path_text(Properties, 'ProductId') as product_id, + json_extract_path_text(Properties, 'ProductName') as product_name, + json_extract_path_text(Properties, 'ProvisionedProductName') as provisioned_product_name, + json_extract_path_text(Properties, 'ProvisioningArtifactId') as provisioning_artifact_id, + json_extract_path_text(Properties, 'ProvisioningArtifactName') as provisioning_artifact_name, + json_extract_path_text(Properties, 'ProvisioningParameters') as provisioning_parameters, + json_extract_path_text(Properties, 'ProvisioningPreferences') as provisioning_preferences, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ProvisionedProductId') as provisioned_product_id, + json_extract_path_text(Properties, 'RecordId') as record_id, + json_extract_path_text(Properties, 'CloudformationStackArn') as cloudformation_stack_arn, + json_extract_path_text(Properties, 'Outputs') as outputs + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalog::CloudFormationProvisionedProduct' + AND data__Identifier = '' + AND region = 'us-east-1' + service_actions: + name: service_actions + id: awscc.servicecatalog.service_actions + x-cfn-schema-name: ServiceAction + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceAction' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceAction' + AND region = 'us-east-1' + service_action: + name: service_action + id: awscc.servicecatalog.service_action + x-cfn-schema-name: ServiceAction + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AcceptLanguage') as accept_language, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DefinitionType') as definition_type, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceAction' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AcceptLanguage') as accept_language, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DefinitionType') as definition_type, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceAction' + AND data__Identifier = '' + AND region = 'us-east-1' + service_action_associations: + name: service_action_associations + id: awscc.servicecatalog.service_action_associations + x-cfn-schema-name: ServiceActionAssociation + x-type: list + x-identifiers: + - ProductId + - ProvisioningArtifactId + - ServiceActionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProductId') as product_id, + JSON_EXTRACT(Properties, '$.ProvisioningArtifactId') as provisioning_artifact_id, + JSON_EXTRACT(Properties, '$.ServiceActionId') as service_action_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceActionAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProductId') as product_id, + json_extract_path_text(Properties, 'ProvisioningArtifactId') as provisioning_artifact_id, + json_extract_path_text(Properties, 'ServiceActionId') as service_action_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceActionAssociation' + AND region = 'us-east-1' + service_action_association: + name: service_action_association + id: awscc.servicecatalog.service_action_association + x-cfn-schema-name: ServiceActionAssociation + x-type: get + x-identifiers: + - ProductId + - ProvisioningArtifactId + - ServiceActionId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProductId') as product_id, + JSON_EXTRACT(Properties, '$.ProvisioningArtifactId') as provisioning_artifact_id, + JSON_EXTRACT(Properties, '$.ServiceActionId') as service_action_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceActionAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProductId') as product_id, + json_extract_path_text(Properties, 'ProvisioningArtifactId') as provisioning_artifact_id, + json_extract_path_text(Properties, 'ServiceActionId') as service_action_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalog::ServiceActionAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/servicecatalogappregistry.yaml b/providers/src/awscc/v00.00.00000/services/servicecatalogappregistry.yaml new file mode 100644 index 00000000..2ede7460 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/servicecatalogappregistry.yaml @@ -0,0 +1,481 @@ +openapi: 3.0.0 +info: + title: ServiceCatalogAppRegistry + version: 1.0.0 +paths: {} +components: + schemas: + Tags: + type: object + x-patternProperties: + ^[a-zA-Z+-=._:/]+$: + type: string + maxLength: 256 + maxProperties: 50 + additionalProperties: false + Application: + type: object + properties: + Id: + type: string + pattern: '[a-z0-9]{26}' + Arn: + type: string + pattern: arn:aws[-a-z]*:servicecatalog:[a-z]{2}(-gov)?-[a-z]+-\d:\d{12}:/applications/[a-z0-9]+ + Name: + type: string + description: 'The name of the application. ' + minLength: 1 + maxLength: 256 + pattern: \w+ + Description: + type: string + description: 'The description of the application. ' + maxLength: 1024 + Tags: + $ref: '#/components/schemas/Tags' + ApplicationTagKey: + type: string + description: The key of the AWS application tag, which is awsApplication. Applications created before 11/13/2023 or applications without the AWS application tag resource group return no value. + maxLength: 128 + pattern: \w+ + ApplicationTagValue: + type: string + description: 'The value of the AWS application tag, which is the identifier of an associated resource. Applications created before 11/13/2023 or applications without the AWS application tag resource group return no value. ' + maxLength: 256 + pattern: \[a-zA-Z0-9_-:/]+ + ApplicationName: + type: string + description: 'The name of the application. ' + minLength: 1 + maxLength: 256 + pattern: \w+ + required: + - Name + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + - ApplicationName + - ApplicationTagKey + - ApplicationTagValue + x-required-permissions: + create: + - servicecatalog:CreateApplication + - servicecatalog:TagResource + - iam:CreateServiceLinkedRole + read: + - servicecatalog:GetApplication + update: + - servicecatalog:GetApplication + - servicecatalog:ListTagsForResource + - servicecatalog:TagResource + - servicecatalog:UntagResource + - servicecatalog:UpdateApplication + - iam:CreateServiceLinkedRole + delete: + - servicecatalog:DeleteApplication + list: + - servicecatalog:ListApplications + AttributeGroup: + type: object + properties: + Id: + type: string + pattern: '[a-z0-9]{12}' + Arn: + type: string + pattern: arn:aws[-a-z]*:servicecatalog:[a-z]{2}(-gov)?-[a-z]+-\d:\d{12}:/attribute-groups/[a-z0-9]+ + Name: + type: string + description: 'The name of the attribute group. ' + minLength: 1 + maxLength: 256 + pattern: \w+ + Description: + type: string + description: 'The description of the attribute group. ' + maxLength: 1024 + Attributes: + type: object + Tags: + $ref: '#/components/schemas/Tags' + required: + - Name + - Attributes + x-stackql-resource-name: attribute_group + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + - Arn + x-required-permissions: + create: + - servicecatalog:CreateAttributeGroup + - servicecatalog:TagResource + read: + - servicecatalog:GetAttributeGroup + update: + - servicecatalog:GetAttributeGroup + - servicecatalog:UpdateAttributeGroup + - servicecatalog:ListTagsForResource + - servicecatalog:TagResource + - servicecatalog:UntagResource + delete: + - servicecatalog:DeleteAttributeGroup + list: + - servicecatalog:ListAttributeGroups + AttributeGroupAssociation: + type: object + properties: + Application: + type: string + description: The name or the Id of the Application. + minLength: 1 + maxLength: 256 + pattern: \w+|[a-z0-9]{12} + AttributeGroup: + type: string + description: The name or the Id of the AttributeGroup. + minLength: 1 + maxLength: 256 + pattern: \w+|[a-z0-9]{12} + ApplicationArn: + type: string + pattern: arn:aws[-a-z]*:servicecatalog:[a-z]{2}(-gov)?-[a-z]+-\d:\d{12}:/applications/[a-z0-9]+ + AttributeGroupArn: + type: string + pattern: arn:aws[-a-z]*:servicecatalog:[a-z]{2}(-gov)?-[a-z]+-\d:\d{12}:/attribute-groups/[a-z0-9]+ + required: + - Application + - AttributeGroup + x-stackql-resource-name: attribute_group_association + x-stackql-primaryIdentifier: + - ApplicationArn + - AttributeGroupArn + x-create-only-properties: + - Application + - AttributeGroup + x-read-only-properties: + - ApplicationArn + - AttributeGroupArn + x-required-permissions: + create: + - servicecatalog:AssociateAttributeGroup + read: + - servicecatalog:ListAttributeGroupsForApplication + delete: + - servicecatalog:DisassociateAttributeGroup + list: + - servicecatalog:ListAttributeGroupsForApplication + ResourceAssociation: + type: object + properties: + Application: + type: string + description: The name or the Id of the Application. + minLength: 1 + maxLength: 256 + pattern: \w+|[a-z0-9]{12} + Resource: + type: string + description: The name or the Id of the Resource. + pattern: \w+|arn:aws[-a-z]*:cloudformation:[a-z]{2}(-gov)?-[a-z]+-\d:\d{12}:stack/[a-zA-Z][-A-Za-z0-9]{0,127}/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12} + ResourceType: + type: string + description: The type of the CFN Resource for now it's enum CFN_STACK. + enum: + - CFN_STACK + ApplicationArn: + type: string + pattern: arn:aws[-a-z]*:servicecatalog:[a-z]{2}(-gov)?-[a-z]+-\d:\d{12}:/applications/[a-z0-9]+ + ResourceArn: + type: string + pattern: arn:aws[-a-z]*:cloudformation:[a-z]{2}(-gov)?-[a-z]+-\d:\d{12}:stack/[a-zA-Z][-A-Za-z0-9]{0,127}/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12} + required: + - Application + - Resource + - ResourceType + x-stackql-resource-name: resource_association + x-stackql-primaryIdentifier: + - ApplicationArn + - ResourceArn + - ResourceType + x-create-only-properties: + - Application + - Resource + - ResourceType + x-read-only-properties: + - ApplicationArn + - ResourceArn + x-required-permissions: + create: + - servicecatalog:AssociateResource + - cloudformation:DescribeStacks + read: + - servicecatalog:ListAssociatedResources + delete: + - servicecatalog:DisassociateResource + list: + - servicecatalog:ListAssociatedResources + x-stackQL-resources: + applications: + name: applications + id: awscc.servicecatalogappregistry.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.servicecatalogappregistry.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ApplicationTagKey') as application_tag_key, + JSON_EXTRACT(Properties, '$.ApplicationTagValue') as application_tag_value, + JSON_EXTRACT(Properties, '$.ApplicationName') as application_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ApplicationTagKey') as application_tag_key, + json_extract_path_text(Properties, 'ApplicationTagValue') as application_tag_value, + json_extract_path_text(Properties, 'ApplicationName') as application_name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + attribute_groups: + name: attribute_groups + id: awscc.servicecatalogappregistry.attribute_groups + x-cfn-schema-name: AttributeGroup + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroup' + AND region = 'us-east-1' + attribute_group: + name: attribute_group + id: awscc.servicecatalogappregistry.attribute_group + x-cfn-schema-name: AttributeGroup + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Attributes') as attributes, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Attributes') as attributes, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + attribute_group_associations: + name: attribute_group_associations + id: awscc.servicecatalogappregistry.attribute_group_associations + x-cfn-schema-name: AttributeGroupAssociation + x-type: list + x-identifiers: + - ApplicationArn + - AttributeGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn, + JSON_EXTRACT(Properties, '$.AttributeGroupArn') as attribute_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn, + json_extract_path_text(Properties, 'AttributeGroupArn') as attribute_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation' + AND region = 'us-east-1' + attribute_group_association: + name: attribute_group_association + id: awscc.servicecatalogappregistry.attribute_group_association + x-cfn-schema-name: AttributeGroupAssociation + x-type: get + x-identifiers: + - ApplicationArn + - AttributeGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Application') as application, + JSON_EXTRACT(Properties, '$.AttributeGroup') as attribute_group, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn, + JSON_EXTRACT(Properties, '$.AttributeGroupArn') as attribute_group_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Application') as application, + json_extract_path_text(Properties, 'AttributeGroup') as attribute_group, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn, + json_extract_path_text(Properties, 'AttributeGroupArn') as attribute_group_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_associations: + name: resource_associations + id: awscc.servicecatalogappregistry.resource_associations + x-cfn-schema-name: ResourceAssociation + x-type: list + x-identifiers: + - ApplicationArn + - ResourceArn + - ResourceType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::ResourceAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'ResourceType') as resource_type + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::ResourceAssociation' + AND region = 'us-east-1' + resource_association: + name: resource_association + id: awscc.servicecatalogappregistry.resource_association + x-cfn-schema-name: ResourceAssociation + x-type: get + x-identifiers: + - ApplicationArn + - ResourceArn + - ResourceType + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Application') as application, + JSON_EXTRACT(Properties, '$.Resource') as resource, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type, + JSON_EXTRACT(Properties, '$.ApplicationArn') as application_arn, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::ResourceAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Application') as application, + json_extract_path_text(Properties, 'Resource') as resource, + json_extract_path_text(Properties, 'ResourceType') as resource_type, + json_extract_path_text(Properties, 'ApplicationArn') as application_arn, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::ServiceCatalogAppRegistry::ResourceAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ses.yaml b/providers/src/awscc/v00.00.00000/services/ses.yaml new file mode 100644 index 00000000..a2543f14 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ses.yaml @@ -0,0 +1,954 @@ +openapi: 3.0.0 +info: + title: SES + version: 1.0.0 +paths: {} +components: + schemas: + TrackingOptions: + description: An object that defines the open and click tracking options for emails that you send using the configuration set. + type: object + additionalProperties: false + properties: + CustomRedirectDomain: + type: string + description: The domain to use for tracking open and click events. + DeliveryOptions: + description: An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set. + type: object + additionalProperties: false + properties: + TlsPolicy: + type: string + description: Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is Require , messages are only delivered if a TLS connection can be established. If the value is Optional , messages can be delivered in plain text if a TLS connection can't be established. + pattern: REQUIRE|OPTIONAL + SendingPoolName: + type: string + description: The name of the dedicated IP pool to associate with the configuration set. + ReputationOptions: + description: An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set. + type: object + additionalProperties: false + properties: + ReputationMetricsEnabled: + type: boolean + description: If true , tracking of reputation metrics is enabled for the configuration set. If false , tracking of reputation metrics is disabled for the configuration set. + pattern: true|false + SendingOptions: + description: An object that defines whether or not Amazon SES can send email that you send using the configuration set. + type: object + additionalProperties: false + properties: + SendingEnabled: + type: boolean + pattern: true|false + SuppressionOptions: + description: An object that contains information about the suppression list preferences for your account. + type: object + additionalProperties: false + properties: + SuppressedReasons: + type: array + uniqueItems: false + x-insertionOrder: false + description: A list that contains the reasons that email addresses are automatically added to the suppression list for your account. + items: + type: string + description: The reason that the address was added to the suppression list for your account + pattern: BOUNCE|COMPLAINT + DashboardOptions: + type: object + description: Preferences regarding the Dashboard feature. + additionalProperties: false + properties: + EngagementMetrics: + type: string + description: Whether emails sent with this configuration set have engagement tracking enabled. + pattern: ENABLED|DISABLED + required: + - EngagementMetrics + GuardianOptions: + type: object + description: Preferences regarding the Guardian feature. + additionalProperties: false + properties: + OptimizedSharedDelivery: + type: string + description: Whether emails sent with this configuration set have optimized delivery algorithm enabled. + pattern: ENABLED|DISABLED + required: + - OptimizedSharedDelivery + VdmOptions: + description: An object that contains Virtual Deliverability Manager (VDM) settings for this configuration set. + type: object + additionalProperties: false + properties: + DashboardOptions: + $ref: '#/components/schemas/DashboardOptions' + GuardianOptions: + $ref: '#/components/schemas/GuardianOptions' + ConfigurationSet: + type: object + properties: + Name: + description: The name of the configuration set. + type: string + pattern: ^[a-zA-Z0-9_-]{1,64}$ + TrackingOptions: + $ref: '#/components/schemas/TrackingOptions' + DeliveryOptions: + $ref: '#/components/schemas/DeliveryOptions' + ReputationOptions: + $ref: '#/components/schemas/ReputationOptions' + SendingOptions: + $ref: '#/components/schemas/SendingOptions' + SuppressionOptions: + $ref: '#/components/schemas/SuppressionOptions' + VdmOptions: + $ref: '#/components/schemas/VdmOptions' + x-stackql-resource-name: configuration_set + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-required-permissions: + create: + - ses:CreateConfigurationSet + read: + - ses:GetConfigurationSet + - ses:DescribeConfigurationSet + update: + - ses:PutConfigurationSetTrackingOptions + - ses:PutConfigurationSetDeliveryOptions + - ses:PutConfigurationSetReputationOptions + - ses:PutConfigurationSetSendingOptions + - ses:PutConfigurationSetSuppressionOptions + - ses:PutConfigurationSetVdmOptions + delete: + - ses:DeleteConfigurationSet + list: + - ses:ListConfigurationSets + EventDestination: + type: object + additionalProperties: false + properties: + Name: + description: The name of the event destination set. + type: string + pattern: ^[a-zA-Z0-9_-]{0,64}$ + Enabled: + description: 'Sets whether Amazon SES publishes events to this destination when you send an email with the associated configuration set. Set to true to enable publishing to this destination; set to false to prevent publishing to this destination. The default value is false. ' + type: boolean + MatchingEventTypes: + type: array + uniqueItems: false + x-insertionOrder: false + description: The type of email sending events, send, reject, bounce, complaint, delivery, open, click, renderingFailure, deliveryDelay, and subscription. + items: + type: string + CloudWatchDestination: + description: An object that contains the names, default values, and sources of the dimensions associated with an Amazon CloudWatch event destination. + $ref: '#/components/schemas/CloudWatchDestination' + KinesisFirehoseDestination: + description: An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination. + $ref: '#/components/schemas/KinesisFirehoseDestination' + SnsDestination: + description: An object that contains SNS topic ARN associated event destination. + $ref: '#/components/schemas/SnsDestination' + required: + - MatchingEventTypes + SnsDestination: + type: object + additionalProperties: false + description: An object that contains SNS topic ARN associated event destination. + properties: + TopicARN: + type: string + minLength: 36 + maxLength: 1024 + pattern: ^arn:aws[a-z0-9-]*:sns:[a-z0-9-]+:\d{12}:[^:]+$ + required: + - TopicARN + KinesisFirehoseDestination: + type: object + additionalProperties: false + description: An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination. + properties: + IAMRoleARN: + description: The ARN of the IAM role under which Amazon SES publishes email sending events to the Amazon Kinesis Firehose stream. + type: string + DeliveryStreamARN: + description: The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to. + type: string + required: + - IAMRoleARN + - DeliveryStreamARN + CloudWatchDestination: + type: object + additionalProperties: false + description: An object that contains the names, default values, and sources of the dimensions associated with an Amazon CloudWatch event destination. + properties: + DimensionConfigurations: + type: array + uniqueItems: false + x-insertionOrder: false + description: A list of dimensions upon which to categorize your emails when you publish email sending events to Amazon CloudWatch. + items: + $ref: '#/components/schemas/DimensionConfiguration' + DimensionConfiguration: + type: object + additionalProperties: false + description: A list of dimensions upon which to categorize your emails when you publish email sending events to Amazon CloudWatch. + properties: + DimensionValueSource: + description: The place where Amazon SES finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an X-SES-MESSAGE-TAGS header or a parameter to the SendEmail/SendRawEmail API, specify messageTag. To use your own email headers, specify emailHeader. To put a custom tag on any link included in your email, specify linkTag. + type: string + DefaultDimensionValue: + description: The default value of the dimension that is published to Amazon CloudWatch if you do not provide the value of the dimension when you send an email. + type: string + pattern: ^[a-zA-Z0-9_-]{1,256}$ + maxLength: 256 + minLength: 1 + DimensionName: + description: The name of an Amazon CloudWatch dimension associated with an email sending metric. + type: string + pattern: ^[a-zA-Z0-9_:-]{1,256}$ + maxLength: 256 + minLength: 1 + required: + - DimensionValueSource + - DefaultDimensionValue + - DimensionName + ConfigurationSetEventDestination: + type: object + properties: + Id: + type: string + ConfigurationSetName: + description: The name of the configuration set that contains the event destination. + type: string + EventDestination: + description: The event destination object. + $ref: '#/components/schemas/EventDestination' + required: + - ConfigurationSetName + - EventDestination + x-stackql-resource-name: configuration_set_event_destination + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - ConfigurationSetName + x-read-only-properties: + - Id + x-required-permissions: + create: + - ses:CreateConfigurationSetEventDestination + - ses:GetConfigurationSetEventDestinations + - ses:DescribeConfigurationSet + update: + - ses:UpdateConfigurationSetEventDestination + - ses:GetConfigurationSetEventDestinations + delete: + - ses:DeleteConfigurationSetEventDestination + read: + - ses:GetConfigurationSetEventDestinations + - ses:DescribeConfigurationSet + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Topic: + type: object + properties: + TopicName: + description: The name of the topic. + type: string + pattern: ^[a-zA-Z0-9_-]{1,64}$ + DisplayName: + description: The display name of the topic. + type: string + minLength: 0 + maxLength: 128 + Description: + description: The description of the topic. + type: string + minLength: 0 + maxLength: 500 + DefaultSubscriptionStatus: + type: string + required: + - TopicName + - DisplayName + - DefaultSubscriptionStatus + additionalProperties: false + ContactList: + type: object + properties: + ContactListName: + description: The name of the contact list. + type: string + pattern: ^[a-zA-Z0-9_-]{1,64}$ + Description: + description: The description of the contact list. + type: string + maxLength: 500 + Topics: + description: The topics associated with the contact list. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Topic' + minItems: 0 + maxItems: 20 + Tags: + description: The tags (keys and values) associated with the contact list. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 50 + x-stackql-resource-name: contact_list + x-stackql-primaryIdentifier: + - ContactListName + x-create-only-properties: + - ContactListName + x-required-permissions: + create: + - ses:CreateContactList + read: + - ses:GetContactList + update: + - ses:UpdateContactList + - ses:UntagResource + - ses:TagResource + delete: + - ses:DeleteContactList + list: + - ses:ListContactLists + DedicatedIpPool: + type: object + properties: + PoolName: + type: string + description: The name of the dedicated IP pool. + pattern: ^[a-z0-9_-]{0,64}$ + ScalingMode: + type: string + description: Specifies whether the dedicated IP pool is managed or not. The default value is STANDARD. + pattern: ^(STANDARD|MANAGED)$ + x-stackql-resource-name: dedicated_ip_pool + x-stackql-primaryIdentifier: + - PoolName + x-create-only-properties: + - PoolName + x-required-permissions: + create: + - ses:CreateDedicatedIpPool + - ses:GetDedicatedIpPool + - ses:GetDedicatedIps + read: + - ses:GetDedicatedIpPool + - ses:GetDedicatedIps + update: + - ses:PutDedicatedIpPoolScalingAttributes + - ses:GetDedicatedIpPool + delete: + - ses:DeleteDedicatedIpPool + list: + - ses:ListDedicatedIpPools + DkimSigningAttributes: + type: object + additionalProperties: false + description: If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for Easy DKIM. + properties: + DomainSigningSelector: + type: string + description: '[Bring Your Own DKIM] A string that''s used to identify a public key in the DNS configuration for a domain.' + DomainSigningPrivateKey: + type: string + description: '[Bring Your Own DKIM] A private key that''s used to generate a DKIM signature. The private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.' + NextSigningKeyLength: + type: string + description: '[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.' + pattern: RSA_1024_BIT|RSA_2048_BIT + ConfigurationSetAttributes: + type: object + additionalProperties: false + description: Used to associate a configuration set with an email identity. + properties: + ConfigurationSetName: + type: string + description: The configuration set to use by default when sending from this identity. Note that any configuration set defined in the email sending request takes precedence. + DkimAttributes: + type: object + additionalProperties: false + description: Used to enable or disable DKIM authentication for an email identity. + properties: + SigningEnabled: + type: boolean + description: Sets the DKIM signing configuration for the identity. When you set this value true, then the messages that are sent from the identity are signed using DKIM. If you set this value to false, your messages are sent without DKIM signing. + MailFromAttributes: + type: object + additionalProperties: false + description: Used to enable or disable the custom Mail-From domain configuration for an email identity. + properties: + MailFromDomain: + type: string + description: The custom MAIL FROM domain that you want the verified identity to use + BehaviorOnMxFailure: + type: string + description: The action to take if the required MX record isn't found when you send an email. When you set this value to UseDefaultValue , the mail is sent using amazonses.com as the MAIL FROM domain. When you set this value to RejectMessage , the Amazon SES API v2 returns a MailFromDomainNotVerified error, and doesn't attempt to deliver the email. + pattern: USE_DEFAULT_VALUE|REJECT_MESSAGE + FeedbackAttributes: + type: object + additionalProperties: false + description: Used to enable or disable feedback forwarding for an identity. + properties: + EmailForwardingEnabled: + type: boolean + description: If the value is true, you receive email notifications when bounce or complaint events occur + EmailIdentity: + type: object + properties: + EmailIdentity: + type: string + description: The email address or domain to verify. + ConfigurationSetAttributes: + $ref: '#/components/schemas/ConfigurationSetAttributes' + DkimSigningAttributes: + $ref: '#/components/schemas/DkimSigningAttributes' + DkimAttributes: + $ref: '#/components/schemas/DkimAttributes' + MailFromAttributes: + $ref: '#/components/schemas/MailFromAttributes' + FeedbackAttributes: + $ref: '#/components/schemas/FeedbackAttributes' + DkimDNSTokenName1: + type: string + DkimDNSTokenName2: + type: string + DkimDNSTokenName3: + type: string + DkimDNSTokenValue1: + type: string + DkimDNSTokenValue2: + type: string + DkimDNSTokenValue3: + type: string + required: + - EmailIdentity + x-stackql-resource-name: email_identity + x-stackql-primaryIdentifier: + - EmailIdentity + x-create-only-properties: + - EmailIdentity + x-read-only-properties: + - DkimDNSTokenName1 + - DkimDNSTokenName2 + - DkimDNSTokenName3 + - DkimDNSTokenValue1 + - DkimDNSTokenValue2 + - DkimDNSTokenValue3 + x-required-permissions: + create: + - ses:CreateEmailIdentity + - ses:PutEmailIdentityMailFromAttributes + - ses:PutEmailIdentityFeedbackAttributes + - ses:PutEmailIdentityDkimAttributes + - ses:GetEmailIdentity + read: + - ses:GetEmailIdentity + update: + - ses:PutEmailIdentityMailFromAttributes + - ses:PutEmailIdentityFeedbackAttributes + - ses:PutEmailIdentityConfigurationSetAttributes + - ses:PutEmailIdentityDkimSigningAttributes + - ses:PutEmailIdentityDkimAttributes + - ses:GetEmailIdentity + delete: + - ses:DeleteEmailIdentity + list: + - ses:ListEmailIdentities + Template: + type: object + properties: + Id: + type: string + Template: + $ref: '#/components/schemas/Template' + x-stackql-resource-name: template + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - Template/TemplateName + x-read-only-properties: + - Id + x-required-permissions: + create: + - ses:CreateEmailTemplate + - ses:GetEmailTemplate + - ses:CreateTemplate + - ses:GetTemplate + read: + - ses:GetEmailTemplate + - ses:GetTemplate + delete: + - ses:DeleteEmailTemplate + - ses:DeleteTemplate + update: + - ses:GetEmailTemplate + - ses:UpdateEmailTemplate + - ses:GetTemplate + - ses:UpdateTemplate + list: + - ses:ListEmailTemplates + - ses:ListTemplates + DashboardAttributes: + type: object + additionalProperties: false + description: Preferences regarding the Dashboard feature. + properties: + EngagementMetrics: + type: string + description: Whether emails sent from this account have engagement tracking enabled. + pattern: ENABLED|DISABLED + GuardianAttributes: + type: object + additionalProperties: false + description: Preferences regarding the Guardian feature. + properties: + OptimizedSharedDelivery: + type: string + description: Whether emails sent from this account have optimized delivery algorithm enabled. + pattern: ENABLED|DISABLED + VdmAttributes: + type: object + properties: + VdmAttributesResourceId: + type: string + description: Unique identifier for this resource + DashboardAttributes: + $ref: '#/components/schemas/DashboardAttributes' + GuardianAttributes: + $ref: '#/components/schemas/GuardianAttributes' + x-stackql-resource-name: vdm_attributes + x-stackql-primaryIdentifier: + - VdmAttributesResourceId + x-read-only-properties: + - VdmAttributesResourceId + x-required-permissions: + create: + - ses:PutAccountVdmAttributes + - ses:GetAccount + read: + - ses:GetAccount + update: + - ses:PutAccountVdmAttributes + - ses:GetAccount + delete: + - ses:PutAccountVdmAttributes + - ses:GetAccount + x-stackQL-resources: + configuration_sets: + name: configuration_sets + id: awscc.ses.configuration_sets + x-cfn-schema-name: ConfigurationSet + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::ConfigurationSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::ConfigurationSet' + AND region = 'us-east-1' + configuration_set: + name: configuration_set + id: awscc.ses.configuration_set + x-cfn-schema-name: ConfigurationSet + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.TrackingOptions') as tracking_options, + JSON_EXTRACT(Properties, '$.DeliveryOptions') as delivery_options, + JSON_EXTRACT(Properties, '$.ReputationOptions') as reputation_options, + JSON_EXTRACT(Properties, '$.SendingOptions') as sending_options, + JSON_EXTRACT(Properties, '$.SuppressionOptions') as suppression_options, + JSON_EXTRACT(Properties, '$.VdmOptions') as vdm_options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::ConfigurationSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'TrackingOptions') as tracking_options, + json_extract_path_text(Properties, 'DeliveryOptions') as delivery_options, + json_extract_path_text(Properties, 'ReputationOptions') as reputation_options, + json_extract_path_text(Properties, 'SendingOptions') as sending_options, + json_extract_path_text(Properties, 'SuppressionOptions') as suppression_options, + json_extract_path_text(Properties, 'VdmOptions') as vdm_options + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::ConfigurationSet' + AND data__Identifier = '' + AND region = 'us-east-1' + configuration_set_event_destinations: + name: configuration_set_event_destinations + id: awscc.ses.configuration_set_event_destinations + x-cfn-schema-name: ConfigurationSetEventDestination + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::ConfigurationSetEventDestination' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::ConfigurationSetEventDestination' + AND region = 'us-east-1' + configuration_set_event_destination: + name: configuration_set_event_destination + id: awscc.ses.configuration_set_event_destination + x-cfn-schema-name: ConfigurationSetEventDestination + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ConfigurationSetName') as configuration_set_name, + JSON_EXTRACT(Properties, '$.EventDestination') as event_destination + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::ConfigurationSetEventDestination' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ConfigurationSetName') as configuration_set_name, + json_extract_path_text(Properties, 'EventDestination') as event_destination + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::ConfigurationSetEventDestination' + AND data__Identifier = '' + AND region = 'us-east-1' + contact_lists: + name: contact_lists + id: awscc.ses.contact_lists + x-cfn-schema-name: ContactList + x-type: list + x-identifiers: + - ContactListName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContactListName') as contact_list_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::ContactList' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContactListName') as contact_list_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::ContactList' + AND region = 'us-east-1' + contact_list: + name: contact_list + id: awscc.ses.contact_list + x-cfn-schema-name: ContactList + x-type: get + x-identifiers: + - ContactListName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContactListName') as contact_list_name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Topics') as topics, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::ContactList' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContactListName') as contact_list_name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Topics') as topics, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::ContactList' + AND data__Identifier = '' + AND region = 'us-east-1' + dedicated_ip_pools: + name: dedicated_ip_pools + id: awscc.ses.dedicated_ip_pools + x-cfn-schema-name: DedicatedIpPool + x-type: list + x-identifiers: + - PoolName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PoolName') as pool_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::DedicatedIpPool' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PoolName') as pool_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::DedicatedIpPool' + AND region = 'us-east-1' + dedicated_ip_pool: + name: dedicated_ip_pool + id: awscc.ses.dedicated_ip_pool + x-cfn-schema-name: DedicatedIpPool + x-type: get + x-identifiers: + - PoolName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PoolName') as pool_name, + JSON_EXTRACT(Properties, '$.ScalingMode') as scaling_mode + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::DedicatedIpPool' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PoolName') as pool_name, + json_extract_path_text(Properties, 'ScalingMode') as scaling_mode + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::DedicatedIpPool' + AND data__Identifier = '' + AND region = 'us-east-1' + email_identities: + name: email_identities + id: awscc.ses.email_identities + x-cfn-schema-name: EmailIdentity + x-type: list + x-identifiers: + - EmailIdentity + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EmailIdentity') as email_identity + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::EmailIdentity' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EmailIdentity') as email_identity + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::EmailIdentity' + AND region = 'us-east-1' + email_identity: + name: email_identity + id: awscc.ses.email_identity + x-cfn-schema-name: EmailIdentity + x-type: get + x-identifiers: + - EmailIdentity + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.EmailIdentity') as email_identity, + JSON_EXTRACT(Properties, '$.ConfigurationSetAttributes') as configuration_set_attributes, + JSON_EXTRACT(Properties, '$.DkimSigningAttributes') as dkim_signing_attributes, + JSON_EXTRACT(Properties, '$.DkimAttributes') as dkim_attributes, + JSON_EXTRACT(Properties, '$.MailFromAttributes') as mail_from_attributes, + JSON_EXTRACT(Properties, '$.FeedbackAttributes') as feedback_attributes, + JSON_EXTRACT(Properties, '$.DkimDNSTokenName1') as dkim_dn_stoken_name1, + JSON_EXTRACT(Properties, '$.DkimDNSTokenName2') as dkim_dn_stoken_name2, + JSON_EXTRACT(Properties, '$.DkimDNSTokenName3') as dkim_dn_stoken_name3, + JSON_EXTRACT(Properties, '$.DkimDNSTokenValue1') as dkim_dn_stoken_value1, + JSON_EXTRACT(Properties, '$.DkimDNSTokenValue2') as dkim_dn_stoken_value2, + JSON_EXTRACT(Properties, '$.DkimDNSTokenValue3') as dkim_dn_stoken_value3 + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::EmailIdentity' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'EmailIdentity') as email_identity, + json_extract_path_text(Properties, 'ConfigurationSetAttributes') as configuration_set_attributes, + json_extract_path_text(Properties, 'DkimSigningAttributes') as dkim_signing_attributes, + json_extract_path_text(Properties, 'DkimAttributes') as dkim_attributes, + json_extract_path_text(Properties, 'MailFromAttributes') as mail_from_attributes, + json_extract_path_text(Properties, 'FeedbackAttributes') as feedback_attributes, + json_extract_path_text(Properties, 'DkimDNSTokenName1') as dkim_dn_stoken_name1, + json_extract_path_text(Properties, 'DkimDNSTokenName2') as dkim_dn_stoken_name2, + json_extract_path_text(Properties, 'DkimDNSTokenName3') as dkim_dn_stoken_name3, + json_extract_path_text(Properties, 'DkimDNSTokenValue1') as dkim_dn_stoken_value1, + json_extract_path_text(Properties, 'DkimDNSTokenValue2') as dkim_dn_stoken_value2, + json_extract_path_text(Properties, 'DkimDNSTokenValue3') as dkim_dn_stoken_value3 + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::EmailIdentity' + AND data__Identifier = '' + AND region = 'us-east-1' + templates: + name: templates + id: awscc.ses.templates + x-cfn-schema-name: Template + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::Template' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SES::Template' + AND region = 'us-east-1' + template: + name: template + id: awscc.ses.template + x-cfn-schema-name: Template + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Template') as template + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::Template' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Template') as template + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::Template' + AND data__Identifier = '' + AND region = 'us-east-1' + vdm_attributes: + name: vdm_attributes + id: awscc.ses.vdm_attributes + x-cfn-schema-name: VdmAttributes + x-type: get + x-identifiers: + - VdmAttributesResourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.VdmAttributesResourceId') as vdm_attributes_resource_id, + JSON_EXTRACT(Properties, '$.DashboardAttributes') as dashboard_attributes, + JSON_EXTRACT(Properties, '$.GuardianAttributes') as guardian_attributes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::VdmAttributes' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'VdmAttributesResourceId') as vdm_attributes_resource_id, + json_extract_path_text(Properties, 'DashboardAttributes') as dashboard_attributes, + json_extract_path_text(Properties, 'GuardianAttributes') as guardian_attributes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SES::VdmAttributes' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/shield.yaml b/providers/src/awscc/v00.00.00000/services/shield.yaml new file mode 100644 index 00000000..03a5582c --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/shield.yaml @@ -0,0 +1,618 @@ +openapi: 3.0.0 +info: + title: Shield + version: 1.0.0 +paths: {} +components: + schemas: + DRTAccess: + type: object + properties: + AccountId: + type: string + LogBucketList: + description: Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription. + type: array + x-insertionOrder: false + minItems: 0 + maxItems: 10 + items: + type: string + minLength: 3 + maxLength: 63 + RoleArn: + description: Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and create or update AWS WAF rules and web ACLs. + type: string + maxLength: 2048 + required: + - RoleArn + x-stackql-resource-name: drt_access + x-stackql-primaryIdentifier: + - AccountId + x-read-only-properties: + - AccountId + x-required-permissions: + create: + - shield:DescribeDRTAccess + - shield:AssociateDRTLogBucket + - shield:AssociateDRTRole + - iam:PassRole + - iam:GetRole + - iam:ListAttachedRolePolicies + - s3:GetBucketPolicy + - s3:PutBucketPolicy + delete: + - shield:DescribeDRTAccess + - shield:DisassociateDRTLogBucket + - shield:DisassociateDRTRole + - iam:PassRole + - iam:GetRole + - iam:ListAttachedRolePolicies + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - s3:DeleteBucketPolicy + read: + - shield:DescribeDRTAccess + update: + - shield:DescribeDRTAccess + - shield:AssociateDRTLogBucket + - shield:AssociateDRTRole + - shield:DisassociateDRTLogBucket + - shield:DisassociateDRTRole + - iam:PassRole + - iam:GetRole + - iam:ListAttachedRolePolicies + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - s3:DeleteBucketPolicy + list: [] + EmergencyContact: + description: An emergency contact is used by Shield Response Team (SRT) to contact you for escalations to the SRT and to initiate proactive customer support. An emergency contact requires an email address. + type: object + additionalProperties: false + required: + - EmailAddress + properties: + ContactNotes: + description: Additional notes regarding the contact. + type: string + minLength: 1 + maxLength: 1024 + pattern: ^[\w\s\.\-,:/()+@]*$ + EmailAddress: + description: The email address for the contact. + type: string + minLength: 1 + maxLength: 150 + pattern: ^\S+@\S+\.\S+$ + PhoneNumber: + description: The phone number for the contact + type: string + minLength: 1 + maxLength: 16 + pattern: ^\+[1-9]\d{1,14}$ + ProactiveEngagement: + type: object + properties: + AccountId: + type: string + ProactiveEngagementStatus: + description: |- + If `ENABLED`, the Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support. + If `DISABLED`, the SRT will not proactively notify contacts about escalations or to initiate proactive customer support. + type: string + enum: + - ENABLED + - DISABLED + EmergencyContactList: + description: |- + A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support. + To enable proactive engagement, the contact list must include at least one phone number. + type: array + x-insertionOrder: false + minItems: 1 + maxItems: 10 + items: + $ref: '#/components/schemas/EmergencyContact' + required: + - ProactiveEngagementStatus + - EmergencyContactList + x-stackql-resource-name: proactive_engagement + x-stackql-primaryIdentifier: + - AccountId + x-read-only-properties: + - AccountId + x-required-permissions: + create: + - shield:DescribeSubscription + - shield:DescribeEmergencyContactSettings + - shield:AssociateProactiveEngagementDetails + - shield:UpdateEmergencyContactSettings + - shield:EnableProactiveEngagement + delete: + - shield:DescribeSubscription + - shield:DescribeEmergencyContactSettings + - shield:UpdateEmergencyContactSettings + - shield:DisableProactiveEngagement + read: + - shield:DescribeSubscription + - shield:DescribeEmergencyContactSettings + update: + - shield:DescribeSubscription + - shield:DescribeEmergencyContactSettings + - shield:UpdateEmergencyContactSettings + - shield:EnableProactiveEngagement + - shield:DisableProactiveEngagement + list: + - shield:DescribeSubscription + - shield:DescribeEmergencyContactSettings + Tag: + description: >- + A tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing or other management. Typically, the tag key represents a category, such as "environment", and the tag value represents a specific value within that category, such as "test," "development," or "production". Or you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each AWS + resource, up to 50 tags for a resource. + type: object + additionalProperties: false + required: + - Key + - Value + properties: + Key: + description: Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as "customer." Tag keys are case-sensitive. + type: string + minLength: 1 + maxLength: 128 + Value: + description: Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as "companyA" or "companyB." Tag values are case-sensitive. + type: string + minLength: 0 + maxLength: 256 + ApplicationLayerAutomaticResponseConfiguration: + description: The automatic application layer DDoS mitigation settings for a Protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks. + type: object + additionalProperties: false + required: + - Action + - Status + properties: + Action: + type: object + description: Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource. + oneOf: + - type: object + additionalProperties: false + properties: + Count: + description: |- + Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action. + You must specify exactly one action, either `Block` or `Count`. + type: object + additionalProperties: false + - type: object + additionalProperties: false + properties: + Block: + description: |- + Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action. + You must specify exactly one action, either `Block` or `Count`. + type: object + additionalProperties: false + Status: + description: Indicates whether automatic application layer DDoS mitigation is enabled for the protection. + type: string + enum: + - ENABLED + - DISABLED + Protection: + type: object + properties: + ProtectionId: + description: The unique identifier (ID) of the protection. + type: string + ProtectionArn: + description: The ARN (Amazon Resource Name) of the protection. + type: string + Name: + description: Friendly name for the Protection. + type: string + minLength: 1 + maxLength: 128 + pattern: '[ a-zA-Z0-9_\.\-]*' + ResourceArn: + description: The ARN (Amazon Resource Name) of the resource to be protected. + type: string + minLength: 1 + maxLength: 2048 + HealthCheckArns: + description: The Amazon Resource Names (ARNs) of the health check to associate with the protection. + type: array + x-insertionOrder: false + maxItems: 1 + items: + type: string + minLength: 1 + maxLength: 2048 + ApplicationLayerAutomaticResponseConfiguration: + $ref: '#/components/schemas/ApplicationLayerAutomaticResponseConfiguration' + Tags: + description: One or more tag key-value pairs for the Protection object. + type: array + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - Name + - ResourceArn + x-stackql-resource-name: protection + x-stackql-primaryIdentifier: + - ProtectionArn + x-create-only-properties: + - Name + - ResourceArn + x-read-only-properties: + - ProtectionId + - ProtectionArn + x-required-permissions: + create: + - shield:CreateProtection + - shield:DeleteProtection + - shield:DescribeProtection + - shield:ListProtections + - shield:EnableApplicationLayerAutomaticResponse + - shield:AssociateHealthCheck + - shield:TagResource + - ec2:DescribeAddresses + - elasticloadbalancing:DescribeLoadBalancers + - route53:GetHealthCheck + - iam:GetRole + - iam:CreateServiceLinkedRole + - wafv2:GetWebACLForResource + - wafv2:GetWebACL + delete: + - shield:DeleteProtection + - shield:UntagResource + read: + - shield:DescribeProtection + - shield:ListTagsForResource + update: + - shield:DescribeProtection + - shield:AssociateHealthCheck + - shield:DisassociateHealthCheck + - shield:EnableApplicationLayerAutomaticResponse + - shield:UpdateApplicationLayerAutomaticResponse + - shield:DisableApplicationLayerAutomaticResponse + - shield:ListTagsForResource + - shield:TagResource + - shield:UntagResource + - route53:GetHealthCheck + - iam:GetRole + - iam:CreateServiceLinkedRole + - wafv2:GetWebACLForResource + - wafv2:GetWebACL + list: + - shield:ListProtections + ProtectionGroup: + type: object + properties: + ProtectionGroupId: + description: The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it. + type: string + pattern: '[a-zA-Z0-9\-]*' + minLength: 1 + maxLength: 36 + ProtectionGroupArn: + description: The ARN (Amazon Resource Name) of the protection group. + type: string + Aggregation: + description: |- + Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events. + * Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically. + * Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers. + * Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront and origin resources for CloudFront distributions. + type: string + enum: + - SUM + - MEAN + - MAX + Pattern: + description: The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type. + type: string + enum: + - ALL + - ARBITRARY + - BY_RESOURCE_TYPE + Members: + description: The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting. + type: array + x-insertionOrder: false + maxItems: 10000 + items: + type: string + minLength: 1 + maxLength: 2048 + ResourceType: + description: The resource type to include in the protection group. All protected resources of this type are included in the protection group. Newly protected resources of this type are automatically added to the group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting. + type: string + enum: + - CLOUDFRONT_DISTRIBUTION + - ROUTE_53_HOSTED_ZONE + - ELASTIC_IP_ALLOCATION + - CLASSIC_LOAD_BALANCER + - APPLICATION_LOAD_BALANCER + - GLOBAL_ACCELERATOR + Tags: + description: One or more tag key-value pairs for the Protection object. + type: array + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + required: + - Aggregation + - Pattern + - ProtectionGroupId + x-stackql-resource-name: protection_group + x-stackql-primaryIdentifier: + - ProtectionGroupArn + x-create-only-properties: + - ProtectionGroupId + x-read-only-properties: + - ProtectionGroupArn + x-required-permissions: + create: + - shield:CreateProtectionGroup + - shield:TagResource + delete: + - shield:DeleteProtectionGroup + - shield:UntagResource + read: + - shield:DescribeProtectionGroup + - shield:ListTagsForResource + update: + - shield:UpdateProtectionGroup + - shield:ListTagsForResource + - shield:TagResource + - shield:UntagResource + list: + - shield:ListProtectionGroups + x-stackQL-resources: + drt_accesses: + name: drt_accesses + id: awscc.shield.drt_accesses + x-cfn-schema-name: DRTAccess + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::DRTAccess' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::DRTAccess' + AND region = 'us-east-1' + drt_access: + name: drt_access + id: awscc.shield.drt_access + x-cfn-schema-name: DRTAccess + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.LogBucketList') as log_bucket_list, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::DRTAccess' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'LogBucketList') as log_bucket_list, + json_extract_path_text(Properties, 'RoleArn') as role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::DRTAccess' + AND data__Identifier = '' + AND region = 'us-east-1' + proactive_engagements: + name: proactive_engagements + id: awscc.shield.proactive_engagements + x-cfn-schema-name: ProactiveEngagement + x-type: list + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::ProactiveEngagement' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::ProactiveEngagement' + AND region = 'us-east-1' + proactive_engagement: + name: proactive_engagement + id: awscc.shield.proactive_engagement + x-cfn-schema-name: ProactiveEngagement + x-type: get + x-identifiers: + - AccountId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountId') as account_id, + JSON_EXTRACT(Properties, '$.ProactiveEngagementStatus') as proactive_engagement_status, + JSON_EXTRACT(Properties, '$.EmergencyContactList') as emergency_contact_list + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::ProactiveEngagement' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountId') as account_id, + json_extract_path_text(Properties, 'ProactiveEngagementStatus') as proactive_engagement_status, + json_extract_path_text(Properties, 'EmergencyContactList') as emergency_contact_list + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::ProactiveEngagement' + AND data__Identifier = '' + AND region = 'us-east-1' + protections: + name: protections + id: awscc.shield.protections + x-cfn-schema-name: Protection + x-type: list + x-identifiers: + - ProtectionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProtectionArn') as protection_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::Protection' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProtectionArn') as protection_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::Protection' + AND region = 'us-east-1' + protection: + name: protection + id: awscc.shield.protection + x-cfn-schema-name: Protection + x-type: get + x-identifiers: + - ProtectionArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProtectionId') as protection_id, + JSON_EXTRACT(Properties, '$.ProtectionArn') as protection_arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.HealthCheckArns') as health_check_arns, + JSON_EXTRACT(Properties, '$.ApplicationLayerAutomaticResponseConfiguration') as application_layer_automatic_response_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::Protection' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProtectionId') as protection_id, + json_extract_path_text(Properties, 'ProtectionArn') as protection_arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'HealthCheckArns') as health_check_arns, + json_extract_path_text(Properties, 'ApplicationLayerAutomaticResponseConfiguration') as application_layer_automatic_response_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::Protection' + AND data__Identifier = '' + AND region = 'us-east-1' + protection_groups: + name: protection_groups + id: awscc.shield.protection_groups + x-cfn-schema-name: ProtectionGroup + x-type: list + x-identifiers: + - ProtectionGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProtectionGroupArn') as protection_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::ProtectionGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProtectionGroupArn') as protection_group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Shield::ProtectionGroup' + AND region = 'us-east-1' + protection_group: + name: protection_group + id: awscc.shield.protection_group + x-cfn-schema-name: ProtectionGroup + x-type: get + x-identifiers: + - ProtectionGroupArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProtectionGroupId') as protection_group_id, + JSON_EXTRACT(Properties, '$.ProtectionGroupArn') as protection_group_arn, + JSON_EXTRACT(Properties, '$.Aggregation') as aggregation, + JSON_EXTRACT(Properties, '$.Pattern') as pattern, + JSON_EXTRACT(Properties, '$.Members') as members, + JSON_EXTRACT(Properties, '$.ResourceType') as resource_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::ProtectionGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProtectionGroupId') as protection_group_id, + json_extract_path_text(Properties, 'ProtectionGroupArn') as protection_group_arn, + json_extract_path_text(Properties, 'Aggregation') as aggregation, + json_extract_path_text(Properties, 'Pattern') as pattern, + json_extract_path_text(Properties, 'Members') as members, + json_extract_path_text(Properties, 'ResourceType') as resource_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Shield::ProtectionGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/signer.yaml b/providers/src/awscc/v00.00.00000/services/signer.yaml new file mode 100644 index 00000000..fb7b08b5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/signer.yaml @@ -0,0 +1,267 @@ +openapi: 3.0.0 +info: + title: Signer + version: 1.0.0 +paths: {} +components: + schemas: + ProfilePermission: + type: object + properties: + ProfileName: + type: string + ProfileVersion: + type: string + pattern: ^[0-9a-zA-Z]{10}$ + Action: + type: string + Principal: + type: string + StatementId: + type: string + required: + - ProfileName + - Action + - Principal + - StatementId + x-stackql-resource-name: profile_permission + x-stackql-primaryIdentifier: + - StatementId + - ProfileName + x-create-only-properties: + - ProfileName + - Action + - Principal + - StatementId + - ProfileVersion + x-required-permissions: + create: + - signer:AddProfilePermission + - signer:ListProfilePermissions + read: + - signer:ListProfilePermissions + delete: + - signer:RemoveProfilePermission + - signer:ListProfilePermissions + list: + - signer:ListProfilePermissions + - signer:GetSigningProfile + PlatformId: + type: string + enum: + - AWSLambda-SHA384-ECDSA + - Notation-OCI-SHA384-ECDSA + Arn: + type: string + pattern: ^arn:aws(-(cn|us-gov))?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + ProfileVersion: + type: string + pattern: ^[0-9a-zA-Z]{10}$ + SignatureValidityPeriod: + type: object + properties: + Value: + type: integer + Type: + type: string + enum: + - DAYS + - MONTHS + - YEARS + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 127 + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + Value: + type: string + minLength: 1 + maxLength: 255 + additionalProperties: false + SigningProfile: + type: object + properties: + ProfileName: + description: 'A name for the signing profile. AWS CloudFormation generates a unique physical ID and uses that ID for the signing profile name. ' + type: string + ProfileVersion: + description: A version for the signing profile. AWS Signer generates a unique version for each profile of the same profile name. + $ref: '#/components/schemas/ProfileVersion' + Arn: + description: The Amazon Resource Name (ARN) of the specified signing profile. + $ref: '#/components/schemas/Arn' + ProfileVersionArn: + description: The Amazon Resource Name (ARN) of the specified signing profile version. + $ref: '#/components/schemas/Arn' + SignatureValidityPeriod: + description: Signature validity period of the profile. + $ref: '#/components/schemas/SignatureValidityPeriod' + PlatformId: + description: The ID of the target signing platform. + $ref: '#/components/schemas/PlatformId' + Tags: + type: array + description: A list of tags associated with the signing profile. + items: + $ref: '#/components/schemas/Tag' + required: + - PlatformId + x-stackql-resource-name: signing_profile + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - PlatformId + - SignatureValidityPeriod + x-read-only-properties: + - ProfileName + - ProfileVersion + - Arn + - ProfileVersionArn + x-required-permissions: + create: + - signer:PutSigningProfile + - signer:TagResource + read: + - signer:GetSigningProfile + delete: + - signer:CancelSigningProfile + - signer:GetSigningProfile + list: + - signer:ListSigningProfiles + update: + - signer:TagResource + - signer:UntagResource + - signer:GetSigningProfile + x-stackQL-resources: + profile_permissions: + name: profile_permissions + id: awscc.signer.profile_permissions + x-cfn-schema-name: ProfilePermission + x-type: list + x-identifiers: + - StatementId + - ProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.StatementId') as statement_id, + JSON_EXTRACT(Properties, '$.ProfileName') as profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Signer::ProfilePermission' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'StatementId') as statement_id, + json_extract_path_text(Properties, 'ProfileName') as profile_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Signer::ProfilePermission' + AND region = 'us-east-1' + profile_permission: + name: profile_permission + id: awscc.signer.profile_permission + x-cfn-schema-name: ProfilePermission + x-type: get + x-identifiers: + - StatementId + - ProfileName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProfileName') as profile_name, + JSON_EXTRACT(Properties, '$.ProfileVersion') as profile_version, + JSON_EXTRACT(Properties, '$.Action') as action, + JSON_EXTRACT(Properties, '$.Principal') as principal, + JSON_EXTRACT(Properties, '$.StatementId') as statement_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Signer::ProfilePermission' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProfileName') as profile_name, + json_extract_path_text(Properties, 'ProfileVersion') as profile_version, + json_extract_path_text(Properties, 'Action') as action, + json_extract_path_text(Properties, 'Principal') as principal, + json_extract_path_text(Properties, 'StatementId') as statement_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Signer::ProfilePermission' + AND data__Identifier = '' + AND region = 'us-east-1' + signing_profiles: + name: signing_profiles + id: awscc.signer.signing_profiles + x-cfn-schema-name: SigningProfile + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Signer::SigningProfile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Signer::SigningProfile' + AND region = 'us-east-1' + signing_profile: + name: signing_profile + id: awscc.signer.signing_profile + x-cfn-schema-name: SigningProfile + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProfileName') as profile_name, + JSON_EXTRACT(Properties, '$.ProfileVersion') as profile_version, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ProfileVersionArn') as profile_version_arn, + JSON_EXTRACT(Properties, '$.SignatureValidityPeriod') as signature_validity_period, + JSON_EXTRACT(Properties, '$.PlatformId') as platform_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Signer::SigningProfile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProfileName') as profile_name, + json_extract_path_text(Properties, 'ProfileVersion') as profile_version, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ProfileVersionArn') as profile_version_arn, + json_extract_path_text(Properties, 'SignatureValidityPeriod') as signature_validity_period, + json_extract_path_text(Properties, 'PlatformId') as platform_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Signer::SigningProfile' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/simspaceweaver.yaml b/providers/src/awscc/v00.00.00000/services/simspaceweaver.yaml new file mode 100644 index 00000000..584f5bcb --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/simspaceweaver.yaml @@ -0,0 +1,145 @@ +openapi: 3.0.0 +info: + title: SimSpaceWeaver + version: 1.0.0 +paths: {} +components: + schemas: + S3Location: + type: object + properties: + BucketName: + description: The Schema S3 bucket name. + type: string + minLength: 3 + maxLength: 63 + pattern: '[a-zA-Z0-9_\-]{3,63}$' + ObjectKey: + description: This is the schema S3 object key, which includes the full path of "folders" from the bucket root to the schema. + type: string + minLength: 3 + maxLength: 255 + required: + - BucketName + - ObjectKey + additionalProperties: false + Simulation: + type: object + properties: + Name: + description: The name of the simulation. + type: string + minLength: 1 + maxLength: 2048 + pattern: '[a-zA-Z0-9_\-]{1,2048}$' + RoleArn: + description: Role ARN. + type: string + SchemaS3Location: + $ref: '#/components/schemas/S3Location' + DescribePayload: + description: Json object with all simulation details + type: string + MaximumDuration: + description: The maximum running time of the simulation. + type: string + minLength: 2 + maxLength: 6 + SnapshotS3Location: + $ref: '#/components/schemas/S3Location' + required: + - Name + - RoleArn + x-stackql-resource-name: simulation + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - RoleArn + - SchemaS3Location + - SnapshotS3Location + - MaximumDuration + x-read-only-properties: + - DescribePayload + x-required-permissions: + create: + - simspaceweaver:StartSimulation + - simspaceweaver:DescribeSimulation + - iam:GetRole + - iam:PassRole + read: + - simspaceweaver:DescribeSimulation + update: + - simspaceweaver:StartSimulation + - simspaceweaver:StopSimulation + - simspaceweaver:DeleteSimulation + - simspaceweaver:DescribeSimulation + delete: + - simspaceweaver:StopSimulation + - simspaceweaver:DeleteSimulation + - simspaceweaver:DescribeSimulation + list: + - simspaceweaver:ListSimulations + x-stackQL-resources: + simulations: + name: simulations + id: awscc.simspaceweaver.simulations + x-cfn-schema-name: Simulation + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SimSpaceWeaver::Simulation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SimSpaceWeaver::Simulation' + AND region = 'us-east-1' + simulation: + name: simulation + id: awscc.simspaceweaver.simulation + x-cfn-schema-name: Simulation + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.SchemaS3Location') as schema_s3_location, + JSON_EXTRACT(Properties, '$.DescribePayload') as describe_payload, + JSON_EXTRACT(Properties, '$.MaximumDuration') as maximum_duration, + JSON_EXTRACT(Properties, '$.SnapshotS3Location') as snapshot_s3_location + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SimSpaceWeaver::Simulation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'SchemaS3Location') as schema_s3_location, + json_extract_path_text(Properties, 'DescribePayload') as describe_payload, + json_extract_path_text(Properties, 'MaximumDuration') as maximum_duration, + json_extract_path_text(Properties, 'SnapshotS3Location') as snapshot_s3_location + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SimSpaceWeaver::Simulation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/sns.yaml b/providers/src/awscc/v00.00.00000/services/sns.yaml new file mode 100644 index 00000000..376e1898 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/sns.yaml @@ -0,0 +1,413 @@ +openapi: 3.0.0 +info: + title: SNS + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_`, `.`, `/`, `=`, `+`, and `-`.' + Value: + type: string + description: The value for the tag. You can specify a value that is 0 to 256 characters in length. + required: + - Value + - Key + Subscription: + type: object + additionalProperties: false + properties: + Endpoint: + type: string + Protocol: + type: string + required: + - Endpoint + - Protocol + LoggingConfig: + type: object + additionalProperties: false + properties: + Protocol: + type: string + description: Indicates one of the supported protocols for the SNS topic + enum: + - http/s + - sqs + - lambda + - firehose + - application + SuccessFeedbackRoleArn: + type: string + description: The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch + SuccessFeedbackSampleRate: + type: string + description: The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100 + FailureFeedbackRoleArn: + type: string + description: The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch + required: + - Protocol + Topic: + type: object + properties: + DisplayName: + description: The display name to use for an Amazon SNS topic with SMS subscriptions. + type: string + KmsMasterKeyId: + description: |- + The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see Key Terms. For more examples, see KeyId in the AWS Key Management Service API Reference. + + This property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html). + type: string + DataProtectionPolicy: + description: |- + The body of the policy document you want to use for this topic. + + You can only add one policy per topic. + + The policy must be in JSON string format. + + Length Constraints: Maximum length of 30720 + type: object + Subscription: + description: The SNS subscriptions (endpoints) for this topic. + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Subscription' + FifoTopic: + description: Set to true to create a FIFO topic. + type: boolean + ContentBasedDeduplication: + description: |+ + Enables content-based deduplication for FIFO topics. By default, ContentBasedDeduplication is set to false. If you create a FIFO topic and this attribute is false, you must specify a value for the MessageDeduplicationId parameter for the Publish action. + + When you set ContentBasedDeduplication to true, Amazon SNS uses a SHA-256 hash to generate the MessageDeduplicationId using the body of the message (but not the attributes of the message). + + (Optional) To override the generated value, you can specify a value for the the MessageDeduplicationId parameter for the Publish action. + + type: boolean + ArchivePolicy: + description: The archive policy determines the number of days Amazon SNS retains messages. You can set a retention period from 1 to 365 days. + type: object + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + TopicName: + description: |- + The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with .fifo. + + If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see Name Type. + type: string + TopicArn: + type: string + SignatureVersion: + description: Version of the Amazon SNS signature used. If the SignatureVersion is 1, Signature is a Base64-encoded SHA1withRSA signature of the Message, MessageId, Type, Timestamp, and TopicArn values. If the SignatureVersion is 2, Signature is a Base64-encoded SHA256withRSA signature of the Message, MessageId, Type, Timestamp, and TopicArn values. + type: string + TracingConfig: + description: Tracing mode of an Amazon SNS topic. By default TracingConfig is set to PassThrough, and the topic passes through the tracing header it receives from an SNS publisher to its subscriptions. If set to Active, SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true. Only supported on standard topics. + type: string + DeliveryStatusLogging: + description: Delivery status logging configuration for supported protocols for an Amazon SNS topic. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/LoggingConfig' + x-stackql-resource-name: topic + x-stackql-primaryIdentifier: + - TopicArn + x-create-only-properties: + - TopicName + - FifoTopic + x-read-only-properties: + - TopicArn + x-required-permissions: + create: + - sns:CreateTopic + - sns:TagResource + - sns:Subscribe + - sns:GetTopicAttributes + - sns:PutDataProtectionPolicy + - iam:GetRole + - iam:PassRole + read: + - sns:GetTopicAttributes + - sns:ListTagsForResource + - sns:ListSubscriptionsByTopic + - sns:GetDataProtectionPolicy + update: + - sns:SetTopicAttributes + - sns:TagResource + - sns:UntagResource + - sns:Subscribe + - sns:Unsubscribe + - sns:GetTopicAttributes + - sns:ListTagsForResource + - sns:ListSubscriptionsByTopic + - sns:GetDataProtectionPolicy + - sns:PutDataProtectionPolicy + - iam:GetRole + - iam:PassRole + delete: + - sns:GetTopicAttributes + - sns:DeleteTopic + list: + - sns:ListTopics + TopicInlinePolicy: + type: object + properties: + PolicyDocument: + description: A policy document that contains permissions to add to the specified SNS topics. + type: object + TopicArn: + description: The Amazon Resource Name (ARN) of the topic to which you want to add the policy. + type: string + required: + - PolicyDocument + - TopicArn + x-stackql-resource-name: topic_inline_policy + x-stackql-primaryIdentifier: + - TopicArn + x-create-only-properties: + - TopicArn + x-required-permissions: + create: + - sns:SetTopicAttributes + - sns:GetTopicAttributes + read: + - sns:GetTopicAttributes + delete: + - sns:SetTopicAttributes + - sns:GetTopicAttributes + update: + - sns:SetTopicAttributes + - sns:GetTopicAttributes + TopicPolicy: + type: object + properties: + Id: + description: The provider-assigned unique ID for this managed resource. + type: string + PolicyDocument: + description: A policy document that contains permissions to add to the specified SNS topics. + type: object + Topics: + description: The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an [AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html) resource. + type: array + uniqueItems: false + x-insertionOrder: false + items: + type: string + required: + - PolicyDocument + - Topics + x-stackql-resource-name: topic_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - sns:SetTopicAttributes + update: + - sns:SetTopicAttributes + delete: + - sns:SetTopicAttributes + x-stackQL-resources: + topics: + name: topics + id: awscc.sns.topics + x-cfn-schema-name: Topic + x-type: list + x-identifiers: + - TopicArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TopicArn') as topic_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SNS::Topic' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TopicArn') as topic_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SNS::Topic' + AND region = 'us-east-1' + topic: + name: topic + id: awscc.sns.topic + x-cfn-schema-name: Topic + x-type: get + x-identifiers: + - TopicArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.KmsMasterKeyId') as kms_master_key_id, + JSON_EXTRACT(Properties, '$.DataProtectionPolicy') as data_protection_policy, + JSON_EXTRACT(Properties, '$.Subscription') as subscription, + JSON_EXTRACT(Properties, '$.FifoTopic') as fifo_topic, + JSON_EXTRACT(Properties, '$.ContentBasedDeduplication') as content_based_deduplication, + JSON_EXTRACT(Properties, '$.ArchivePolicy') as archive_policy, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TopicName') as topic_name, + JSON_EXTRACT(Properties, '$.TopicArn') as topic_arn, + JSON_EXTRACT(Properties, '$.SignatureVersion') as signature_version, + JSON_EXTRACT(Properties, '$.TracingConfig') as tracing_config, + JSON_EXTRACT(Properties, '$.DeliveryStatusLogging') as delivery_status_logging + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SNS::Topic' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'KmsMasterKeyId') as kms_master_key_id, + json_extract_path_text(Properties, 'DataProtectionPolicy') as data_protection_policy, + json_extract_path_text(Properties, 'Subscription') as subscription, + json_extract_path_text(Properties, 'FifoTopic') as fifo_topic, + json_extract_path_text(Properties, 'ContentBasedDeduplication') as content_based_deduplication, + json_extract_path_text(Properties, 'ArchivePolicy') as archive_policy, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TopicName') as topic_name, + json_extract_path_text(Properties, 'TopicArn') as topic_arn, + json_extract_path_text(Properties, 'SignatureVersion') as signature_version, + json_extract_path_text(Properties, 'TracingConfig') as tracing_config, + json_extract_path_text(Properties, 'DeliveryStatusLogging') as delivery_status_logging + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SNS::Topic' + AND data__Identifier = '' + AND region = 'us-east-1' + topic_inline_policies: + name: topic_inline_policies + id: awscc.sns.topic_inline_policies + x-cfn-schema-name: TopicInlinePolicy + x-type: list + x-identifiers: + - TopicArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TopicArn') as topic_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SNS::TopicInlinePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TopicArn') as topic_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SNS::TopicInlinePolicy' + AND region = 'us-east-1' + topic_inline_policy: + name: topic_inline_policy + id: awscc.sns.topic_inline_policy + x-cfn-schema-name: TopicInlinePolicy + x-type: get + x-identifiers: + - TopicArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.TopicArn') as topic_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SNS::TopicInlinePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'TopicArn') as topic_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SNS::TopicInlinePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + topic_policies: + name: topic_policies + id: awscc.sns.topic_policies + x-cfn-schema-name: TopicPolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SNS::TopicPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SNS::TopicPolicy' + AND region = 'us-east-1' + topic_policy: + name: topic_policy + id: awscc.sns.topic_policy + x-cfn-schema-name: TopicPolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.Topics') as topics + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SNS::TopicPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'Topics') as topics + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SNS::TopicPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/sqs.yaml b/providers/src/awscc/v00.00.00000/services/sqs.yaml new file mode 100644 index 00000000..c04d44c1 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/sqs.yaml @@ -0,0 +1,371 @@ +openapi: 3.0.0 +info: + title: SQS + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + Value: + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + type: string + required: + - Value + - Key + Queue: + type: object + properties: + QueueUrl: + type: string + description: URL of the source queue. + Arn: + type: string + description: Amazon Resource Name (ARN) of the queue. + ContentBasedDeduplication: + type: boolean + description: For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. + DeduplicationScope: + description: Specifies whether message deduplication occurs at the message group or queue level. Valid values are messageGroup and queue. + type: string + DelaySeconds: + type: integer + description: The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of 0 to 900 (15 minutes). The default value is 0. + FifoQueue: + type: boolean + description: If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. + FifoThroughputLimit: + description: Specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are perQueue and perMessageGroupId. The perMessageGroupId value is allowed only when the value for DeduplicationScope is messageGroup. + type: string + KmsDataKeyReusePeriodSeconds: + type: integer + description: The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes). + KmsMasterKeyId: + type: string + description: The ID of an AWS managed customer master key (CMK) for Amazon SQS or a custom CMK. To use the AWS managed CMK for Amazon SQS, specify the (default) alias alias/aws/sqs. + SqsManagedSseEnabled: + type: boolean + description: Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (e.g. SSE-KMS or SSE-SQS ). + MaximumMessageSize: + type: integer + description: The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from 1,024 bytes (1 KiB) to 262,144 bytes (256 KiB). The default value is 262,144 (256 KiB). + MessageRetentionPeriod: + type: integer + description: The number of seconds that Amazon SQS retains a message. You can specify an integer value from 60 seconds (1 minute) to 1,209,600 seconds (14 days). The default value is 345,600 seconds (4 days). + QueueName: + type: string + description: A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the .fifo suffix. + ReceiveMessageWaitTimeSeconds: + type: integer + description: Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. + RedriveAllowPolicy: + type: object + description: The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. + RedrivePolicy: + type: object + description: A string that includes the parameters for the dead-letter queue functionality (redrive policy) of the source queue. + Tags: + type: array + description: The tags that you attach to this queue. + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + VisibilityTimeout: + type: integer + description: The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue. Values must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds. + x-stackql-resource-name: queue + x-stackql-primaryIdentifier: + - QueueUrl + x-create-only-properties: + - FifoQueue + - QueueName + x-read-only-properties: + - QueueUrl + - Arn + x-required-permissions: + create: + - sqs:CreateQueue + - sqs:GetQueueUrl + - sqs:GetQueueAttributes + - sqs:ListQueueTags + - sqs:TagQueue + read: + - sqs:GetQueueAttributes + - sqs:ListQueueTags + update: + - sqs:SetQueueAttributes + - sqs:GetQueueAttributes + - sqs:ListQueueTags + - sqs:TagQueue + - sqs:UntagQueue + delete: + - sqs:DeleteQueue + - sqs:GetQueueAttributes + list: + - sqs:ListQueues + QueueInlinePolicy: + type: object + properties: + PolicyDocument: + description: A policy document that contains permissions to add to the specified SQS queue + type: object + Queue: + description: The URL of the SQS queue. + type: string + required: + - PolicyDocument + - Queue + x-stackql-resource-name: queue_inline_policy + x-stackql-primaryIdentifier: + - Queue + x-create-only-properties: + - Queue + x-required-permissions: + create: + - sqs:SetQueueAttributes + - sqs:GetQueueAttributes + - sqs:GetQueueUrl + read: + - sqs:GetQueueAttributes + - sqs:GetQueueUrl + delete: + - sqs:SetQueueAttributes + - sqs:GetQueueAttributes + update: + - sqs:SetQueueAttributes + - sqs:GetQueueAttributes + - sqs:GetQueueUrl + QueuePolicy: + type: object + properties: + Id: + type: string + description: '' + PolicyDocument: + type: object + description: A policy document that contains the permissions for the specified SQS queues. For more information about SQS policies, see [Using custom policies with the access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Developer Guide*. + Queues: + type: array + description: The URLs of the queues to which you want to add the policy. You can use the ``Ref`` function to specify an ``AWS::SQS::Queue`` resource. + uniqueItems: false + x-insertionOrder: false + items: + type: string + required: + - PolicyDocument + - Queues + x-stackql-resource-name: queue_policy + x-stackql-primaryIdentifier: + - Id + x-read-only-properties: + - Id + x-required-permissions: + create: + - sqs:SetQueueAttributes + update: + - sqs:SetQueueAttributes + delete: + - sqs:SetQueueAttributes + x-stackQL-resources: + queues: + name: queues + id: awscc.sqs.queues + x-cfn-schema-name: Queue + x-type: list + x-identifiers: + - QueueUrl + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.QueueUrl') as queue_url + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SQS::Queue' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'QueueUrl') as queue_url + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SQS::Queue' + AND region = 'us-east-1' + queue: + name: queue + id: awscc.sqs.queue + x-cfn-schema-name: Queue + x-type: get + x-identifiers: + - QueueUrl + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.QueueUrl') as queue_url, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ContentBasedDeduplication') as content_based_deduplication, + JSON_EXTRACT(Properties, '$.DeduplicationScope') as deduplication_scope, + JSON_EXTRACT(Properties, '$.DelaySeconds') as delay_seconds, + JSON_EXTRACT(Properties, '$.FifoQueue') as fifo_queue, + JSON_EXTRACT(Properties, '$.FifoThroughputLimit') as fifo_throughput_limit, + JSON_EXTRACT(Properties, '$.KmsDataKeyReusePeriodSeconds') as kms_data_key_reuse_period_seconds, + JSON_EXTRACT(Properties, '$.KmsMasterKeyId') as kms_master_key_id, + JSON_EXTRACT(Properties, '$.SqsManagedSseEnabled') as sqs_managed_sse_enabled, + JSON_EXTRACT(Properties, '$.MaximumMessageSize') as maximum_message_size, + JSON_EXTRACT(Properties, '$.MessageRetentionPeriod') as message_retention_period, + JSON_EXTRACT(Properties, '$.QueueName') as queue_name, + JSON_EXTRACT(Properties, '$.ReceiveMessageWaitTimeSeconds') as receive_message_wait_time_seconds, + JSON_EXTRACT(Properties, '$.RedriveAllowPolicy') as redrive_allow_policy, + JSON_EXTRACT(Properties, '$.RedrivePolicy') as redrive_policy, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VisibilityTimeout') as visibility_timeout + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SQS::Queue' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'QueueUrl') as queue_url, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ContentBasedDeduplication') as content_based_deduplication, + json_extract_path_text(Properties, 'DeduplicationScope') as deduplication_scope, + json_extract_path_text(Properties, 'DelaySeconds') as delay_seconds, + json_extract_path_text(Properties, 'FifoQueue') as fifo_queue, + json_extract_path_text(Properties, 'FifoThroughputLimit') as fifo_throughput_limit, + json_extract_path_text(Properties, 'KmsDataKeyReusePeriodSeconds') as kms_data_key_reuse_period_seconds, + json_extract_path_text(Properties, 'KmsMasterKeyId') as kms_master_key_id, + json_extract_path_text(Properties, 'SqsManagedSseEnabled') as sqs_managed_sse_enabled, + json_extract_path_text(Properties, 'MaximumMessageSize') as maximum_message_size, + json_extract_path_text(Properties, 'MessageRetentionPeriod') as message_retention_period, + json_extract_path_text(Properties, 'QueueName') as queue_name, + json_extract_path_text(Properties, 'ReceiveMessageWaitTimeSeconds') as receive_message_wait_time_seconds, + json_extract_path_text(Properties, 'RedriveAllowPolicy') as redrive_allow_policy, + json_extract_path_text(Properties, 'RedrivePolicy') as redrive_policy, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VisibilityTimeout') as visibility_timeout + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SQS::Queue' + AND data__Identifier = '' + AND region = 'us-east-1' + queue_inline_policies: + name: queue_inline_policies + id: awscc.sqs.queue_inline_policies + x-cfn-schema-name: QueueInlinePolicy + x-type: list + x-identifiers: + - Queue + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Queue') as queue + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SQS::QueueInlinePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Queue') as queue + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SQS::QueueInlinePolicy' + AND region = 'us-east-1' + queue_inline_policy: + name: queue_inline_policy + id: awscc.sqs.queue_inline_policy + x-cfn-schema-name: QueueInlinePolicy + x-type: get + x-identifiers: + - Queue + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.Queue') as queue + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SQS::QueueInlinePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'Queue') as queue + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SQS::QueueInlinePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + queue_policies: + name: queue_policies + id: awscc.sqs.queue_policies + x-cfn-schema-name: QueuePolicy + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SQS::QueuePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SQS::QueuePolicy' + AND region = 'us-east-1' + queue_policy: + name: queue_policy + id: awscc.sqs.queue_policy + x-cfn-schema-name: QueuePolicy + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.Queues') as queues + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SQS::QueuePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'Queues') as queues + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SQS::QueuePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ssm.yaml b/providers/src/awscc/v00.00.00000/services/ssm.yaml new file mode 100644 index 00000000..f77d6277 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ssm.yaml @@ -0,0 +1,1296 @@ +openapi: 3.0.0 +info: + title: SSM + version: 1.0.0 +paths: {} +components: + schemas: + Target: + type: object + properties: + Key: + type: string + pattern: ^[\p{L}\p{Z}\p{N}_.:/=+\-@]{1,128}$|resource-groups:Name + Values: + type: array + items: + type: string + minItems: 0 + maxItems: 50 + additionalProperties: false + required: + - Key + - Values + ParameterValues: + type: array + items: + type: string + S3Region: + type: string + minLength: 3 + maxLength: 20 + S3BucketName: + type: string + minLength: 3 + maxLength: 63 + S3KeyPrefix: + type: string + maxLength: 1024 + S3OutputLocation: + type: object + properties: + OutputS3Region: + $ref: '#/components/schemas/S3Region' + OutputS3BucketName: + $ref: '#/components/schemas/S3BucketName' + OutputS3KeyPrefix: + $ref: '#/components/schemas/S3KeyPrefix' + additionalProperties: false + InstanceAssociationOutputLocation: + type: object + properties: + S3Location: + $ref: '#/components/schemas/S3OutputLocation' + additionalProperties: false + Association: + type: object + properties: + AssociationId: + description: Unique identifier of the association. + type: string + pattern: '[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}' + x-examples: + - 88df7b09-95e8-48c4-a3cb-08c2c20d5110 + - 203dd0ec-0055-4bf0-a872-707f72ef06aa + AssociationName: + description: The name of the association. + type: string + pattern: ^[a-zA-Z0-9_\-.]{3,128}$ + DocumentVersion: + description: The version of the SSM document to associate with the target. + type: string + pattern: ([$]LATEST|[$]DEFAULT|^[1-9][0-9]*$) + InstanceId: + description: The ID of the instance that the SSM document is associated with. + type: string + pattern: (^i-(\w{8}|\w{17})$)|(^mi-\w{17}$) + x-examples: + - i-0e60836d21cf313c4 + - mi-0532c22e49636ee13 + Name: + description: The name of the SSM document. + type: string + pattern: ^[a-zA-Z0-9_\-.:/]{3,200}$ + x-examples: + - AWS-GatherSoftwareInventory + - MyCustomSSMDocument + Parameters: + description: Parameter values that the SSM document uses at runtime. + type: object + x-patternProperties: + .*{1,255}: + $ref: '#/components/schemas/ParameterValues' + additionalProperties: false + ScheduleExpression: + description: A Cron or Rate expression that specifies when the association is applied to the target. + type: string + minLength: 1 + maxLength: 256 + x-examples: + - cron(0 0 */1 * * ? *) + - cron(0 16 ? * TUE *) + - rate(30 minutes) + - rate(7 days) + Targets: + description: The targets that the SSM document sends commands to. + type: array + items: + $ref: '#/components/schemas/Target' + minItems: 0 + maxItems: 5 + OutputLocation: + $ref: '#/components/schemas/InstanceAssociationOutputLocation' + AutomationTargetParameterName: + type: string + minLength: 1 + maxLength: 50 + MaxErrors: + type: string + pattern: ^([1-9][0-9]{0,6}|[0]|[1-9][0-9]%|[0-9]%|100%)$ + x-examples: + - 1% + - 10% + - 50% + - '1' + MaxConcurrency: + type: string + pattern: ^([1-9][0-9]{0,6}|[1-9][0-9]%|[1-9]%|100%)$ + x-examples: + - 1% + - 10% + - 50% + - '1' + ComplianceSeverity: + type: string + enum: + - CRITICAL + - HIGH + - MEDIUM + - LOW + - UNSPECIFIED + SyncCompliance: + type: string + enum: + - AUTO + - MANUAL + WaitForSuccessTimeoutSeconds: + type: integer + minimum: 15 + maximum: 172800 + ApplyOnlyAtCronInterval: + type: boolean + CalendarNames: + type: array + items: + type: string + x-examples: + - - calendar1 + - calendar2 + - - calendar3 + ScheduleOffset: + type: integer + minimum: 1 + maximum: 6 + required: + - Name + x-stackql-resource-name: association + x-stackql-primaryIdentifier: + - AssociationId + x-read-only-properties: + - AssociationId + x-required-permissions: + create: + - ec2:DescribeInstanceStatus + - iam:PassRole + - iam:CreateServiceLinkedRole + - ssm:CreateAssociation + - ssm:DescribeAssociation + - ssm:GetCalendarState + delete: + - ssm:DeleteAssociation + update: + - iam:PassRole + - ssm:UpdateAssociation + - ssm:GetCalendarState + read: + - ssm:DescribeAssociation + - resource-groups:GetGroupQuery + - resource-groups:ListGroups + - resource-groups:ListGroupResources + list: + - ssm:ListAssociations + AttachmentsSource: + type: object + properties: + Key: + description: The key of a key-value pair that identifies the location of an attachment to a document. + type: string + enum: + - SourceUrl + - S3FileUrl + - AttachmentReference + Values: + description: The value of a key-value pair that identifies the location of an attachment to a document. The format for Value depends on the type of key you specify. + type: array + items: + type: string + minLength: 1 + maxLength: 100000 + minItems: 1 + maxItems: 1 + x-insertionOrder: false + Name: + description: The name of the document attachment file. + type: string + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + minLength: 1 + maxLength: 128 + additionalProperties: false + Tag: + description: Metadata that you assign to your AWS resources. + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + required: + - Value + - Key + DocumentRequires: + type: object + properties: + Name: + description: The name of the required SSM document. The name can be an Amazon Resource Name (ARN). + type: string + pattern: ^[a-zA-Z0-9_\-.:/]{3,200}$ + maxLength: 200 + Version: + description: The document version required by the current document. + type: string + pattern: ([$]LATEST|[$]DEFAULT|^[1-9][0-9]*$) + maxLength: 8 + additionalProperties: false + Document: + type: object + properties: + Content: + description: The content for the Systems Manager document in JSON, YAML or String format. + type: object + Attachments: + description: A list of key and value pairs that describe attachments to a version of a document. + type: array + items: + $ref: '#/components/schemas/AttachmentsSource' + minItems: 0 + maxItems: 20 + x-insertionOrder: false + Name: + description: A name for the Systems Manager document. + type: string + pattern: ^[a-zA-Z0-9_\-.]{3,128}$ + VersionName: + description: An optional field specifying the version of the artifact you are creating with the document. This value is unique across all versions of a document, and cannot be changed. + type: string + pattern: ^[a-zA-Z0-9_\-.]{1,128}$ + DocumentType: + description: The type of document to create. + type: string + enum: + - ApplicationConfiguration + - ApplicationConfigurationSchema + - Automation + - Automation.ChangeTemplate + - ChangeCalendar + - CloudFormation + - Command + - DeploymentStrategy + - Package + - Policy + - ProblemAnalysis + - ProblemAnalysisTemplate + - Session + DocumentFormat: + description: Specify the document format for the request. The document format can be either JSON or YAML. JSON is the default format. + type: string + enum: + - YAML + - JSON + - TEXT + default: JSON + TargetType: + description: Specify a target type to define the kinds of resources the document can run on. + type: string + pattern: ^\/[\w\.\-\:\/]*$ + Tags: + description: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 1000 + x-insertionOrder: false + Requires: + description: A list of SSM documents required by a document. For example, an ApplicationConfiguration document requires an ApplicationConfigurationSchema document. + type: array + items: + $ref: '#/components/schemas/DocumentRequires' + minItems: 1 + x-insertionOrder: false + UpdateMethod: + description: Update method - when set to 'Replace', the update will replace the existing document; when set to 'NewVersion', the update will create a new version. + type: string + enum: + - Replace + - NewVersion + default: Replace + required: + - Content + x-stackql-resource-name: document + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + - DocumentType + x-required-permissions: + create: + - ssm:CreateDocument + - ssm:GetDocument + - ssm:AddTagsToResource + - ssm:ListTagsForResource + - s3:GetObject + - iam:PassRole + read: + - ssm:GetDocument + - ssm:ListTagsForResource + update: + - ssm:UpdateDocument + - s3:GetObject + - ssm:AddTagsToResource + - ssm:RemoveTagsFromResource + - ssm:ListTagsForResource + - iam:PassRole + - ssm:UpdateDocumentDefaultVersion + - ssm:DescribeDocument + delete: + - ssm:DeleteDocument + - ssm:GetDocument + list: + - ssm:ListDocuments + Parameter: + type: object + properties: + Type: + type: string + description: |- + The type of parameter. + Although ``SecureString`` is included in the list of valid values, CFNlong does *not* currently support creating a ``SecureString`` parameter type. + enum: + - String + - StringList + Value: + type: string + description: |- + The parameter value. + If type is ``StringList``, the system returns a comma-separated string with no spaces between commas in the ``Value`` field. + Description: + type: string + description: Information about the parameter. + Policies: + type: string + description: |- + Information about the policies assigned to a parameter. + [Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *User Guide*. + AllowedPattern: + type: string + description: 'A regular expression used to validate the parameter value. For example, for String types with values restricted to numbers, you can specify the following: ``AllowedPattern=^\d+$``' + Tier: + type: string + description: The parameter tier. + enum: + - Standard + - Advanced + - Intelligent-Tiering + Tags: + type: object + description: Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a SYS parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter. + x-patternProperties: + ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$: + type: string + additionalProperties: false + DataType: + type: string + description: The data type of the parameter, such as ``text`` or ``aws:ec2:image``. The default is ``text``. + enum: + - text + - aws:ec2:image + Name: + type: string + description: |- + The name of the parameter. + The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter ARN, is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: ``arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`` + required: + - Value + - Type + x-stackql-resource-name: parameter + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-required-permissions: + create: + - ssm:PutParameter + - ssm:AddTagsToResource + - ssm:GetParameters + read: + - ssm:GetParameters + update: + - ssm:PutParameter + - ssm:AddTagsToResource + - ssm:RemoveTagsFromResource + - ssm:GetParameters + delete: + - ssm:DeleteParameter + list: + - ssm:DescribeParameters + PatchFilterGroup: + description: The patch filter group that defines the criteria for the rule. + type: object + additionalProperties: false + properties: + PatchFilters: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/PatchFilter' + minItems: 0 + maxItems: 5 + PatchSource: + description: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only. + type: object + additionalProperties: false + properties: + Products: + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 128 + minItems: 0 + maxItems: 20 + Configuration: + type: string + minLength: 1 + maxLength: 1024 + Name: + type: string + pattern: ^[a-zA-Z0-9_\-.]{3,50}$ + RuleGroup: + description: A set of rules defining the approval rules for a patch baseline. + type: object + additionalProperties: false + properties: + PatchRules: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Rule' + minItems: 0 + maxItems: 10 + x-insertionOrder: false + Rule: + description: Defines an approval rule for a patch baseline. + type: object + additionalProperties: false + properties: + ApproveUntilDate: + type: string + minLength: 0 + maxLength: 10 + EnableNonSecurity: + type: boolean + default: false + PatchFilterGroup: + $ref: '#/components/schemas/PatchFilterGroup' + ApproveAfterDays: + type: integer + minimum: 0 + maximum: 360 + ComplianceLevel: + type: string + enum: + - CRITICAL + - HIGH + - INFORMATIONAL + - LOW + - MEDIUM + - UNSPECIFIED + x-insertionOrder: false + PatchFilter: + description: Defines which patches should be included in a patch baseline. + type: object + additionalProperties: false + properties: + Values: + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 64 + minItems: 0 + maxItems: 20 + Key: + type: string + enum: + - ADVISORY_ID + - ARCH + - BUGZILLA_ID + - CLASSIFICATION + - CVE_ID + - EPOCH + - MSRC_SEVERITY + - NAME + - PATCH_ID + - PATCH_SET + - PRIORITY + - PRODUCT + - PRODUCT_FAMILY + - RELEASE + - REPOSITORY + - SECTION + - SECURITY + - SEVERITY + - VERSION + PatchBaseline: + type: object + properties: + Id: + description: The ID of the patch baseline. + type: string + pattern: ^[a-zA-Z0-9_\-:/]{20,128}$ + minLength: 20 + maxLength: 128 + DefaultBaseline: + description: Set the baseline as default baseline. Only registering to default patch baseline is allowed. + type: boolean + default: false + OperatingSystem: + description: Defines the operating system the patch baseline applies to. The Default value is WINDOWS. + type: string + default: WINDOWS + enum: + - WINDOWS + - AMAZON_LINUX + - AMAZON_LINUX_2 + - AMAZON_LINUX_2022 + - AMAZON_LINUX_2023 + - UBUNTU + - REDHAT_ENTERPRISE_LINUX + - SUSE + - CENTOS + - ORACLE_LINUX + - DEBIAN + - MACOS + - RASPBIAN + - ROCKY_LINUX + - ALMA_LINUX + Description: + description: The description of the patch baseline. + type: string + minLength: 1 + maxLength: 1024 + ApprovalRules: + $ref: '#/components/schemas/RuleGroup' + Sources: + description: Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only. + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/PatchSource' + minItems: 0 + maxItems: 20 + Name: + description: The name of the patch baseline. + type: string + pattern: ^[a-zA-Z0-9_\-.]{3,128}$ + minLength: 3 + maxLength: 128 + RejectedPatches: + description: A list of explicitly rejected patches for the baseline. + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 100 + minItems: 0 + maxItems: 50 + x-insertionOrder: false + ApprovedPatches: + description: A list of explicitly approved patches for the baseline. + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 100 + minItems: 0 + maxItems: 50 + x-insertionOrder: false + RejectedPatchesAction: + description: The action for Patch Manager to take on patches included in the RejectedPackages list. + type: string + default: ALLOW_AS_DEPENDENCY + enum: + - ALLOW_AS_DEPENDENCY + - BLOCK + PatchGroups: + description: PatchGroups is used to associate instances with a specific patch baseline + type: array + uniqueItems: false + items: + type: string + minLength: 1 + maxLength: 256 + ApprovedPatchesComplianceLevel: + description: Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED. + type: string + default: UNSPECIFIED + enum: + - CRITICAL + - HIGH + - MEDIUM + - LOW + - INFORMATIONAL + - UNSPECIFIED + ApprovedPatchesEnableNonSecurity: + description: Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only. + type: boolean + default: false + GlobalFilters: + description: A set of global filters used to include patches in the baseline. + $ref: '#/components/schemas/PatchFilterGroup' + Tags: + description: Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways. + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + maxItems: 1000 + required: + - Name + x-stackql-resource-name: patch_baseline + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - OperatingSystem + x-read-only-properties: + - Id + x-required-permissions: + create: + - ssm:CreatePatchBaseline + - ssm:RegisterPatchBaselineForPatchGroup + - ssm:AddTagsToResource + - ssm:RemoveTagsFromResource + - ssm:ListTagsForResource + - ssm:GetDefaultPatchBaseline + - ssm:RegisterDefaultPatchBaseline + delete: + - ssm:DeletePatchBaseline + - ssm:GetPatchBaseline + - ssm:DeregisterPatchBaselineForPatchGroup + list: + - ssm:DescribePatchBaselines + - ssm:GetDefaultPatchBaseline + - ssm:GetPatchBaseline + - ssm:ListTagsForResource + read: + - ssm:GetDefaultPatchBaseline + - ssm:GetPatchBaseline + - ssm:ListTagsForResource + update: + - ssm:UpdatePatchBaseline + - ssm:DeregisterPatchBaselineForPatchGroup + - ssm:AddTagsToResource + - ssm:RemoveTagsFromResource + - ssm:ListTagsForResource + - ssm:GetDefaultPatchBaseline + - ssm:RegisterDefaultPatchBaseline + S3Destination: + type: object + additionalProperties: false + properties: + KMSKeyArn: + type: string + minLength: 1 + maxLength: 512 + BucketPrefix: + type: string + minLength: 1 + maxLength: 256 + BucketName: + type: string + minLength: 1 + maxLength: 2048 + BucketRegion: + type: string + minLength: 1 + maxLength: 64 + SyncFormat: + type: string + minLength: 1 + maxLength: 1024 + required: + - BucketName + - BucketRegion + - SyncFormat + SyncSource: + type: object + additionalProperties: false + properties: + IncludeFutureRegions: + type: boolean + SourceRegions: + type: array + uniqueItems: false + items: + type: string + SourceType: + type: string + minLength: 1 + maxLength: 64 + AwsOrganizationsSource: + $ref: '#/components/schemas/AwsOrganizationsSource' + required: + - SourceType + - SourceRegions + AwsOrganizationsSource: + type: object + additionalProperties: false + properties: + OrganizationalUnits: + type: array + uniqueItems: false + items: + type: string + OrganizationSourceType: + type: string + minLength: 1 + maxLength: 64 + required: + - OrganizationSourceType + ResourceDataSync: + type: object + properties: + S3Destination: + $ref: '#/components/schemas/S3Destination' + KMSKeyArn: + type: string + minLength: 0 + maxLength: 512 + SyncSource: + $ref: '#/components/schemas/SyncSource' + BucketName: + type: string + minLength: 1 + maxLength: 2048 + BucketRegion: + type: string + minLength: 1 + maxLength: 64 + SyncFormat: + type: string + minLength: 0 + maxLength: 1024 + SyncName: + type: string + minLength: 1 + maxLength: 64 + SyncType: + type: string + minLength: 1 + maxLength: 64 + BucketPrefix: + type: string + minLength: 0 + maxLength: 64 + required: + - SyncName + x-stackql-resource-name: resource_data_sync + x-stackql-primaryIdentifier: + - SyncName + x-create-only-properties: + - KMSKeyArn + - SyncFormat + - BucketPrefix + - SyncName + - BucketRegion + - BucketName + - S3Destination + - SyncType + x-read-only-properties: + - SyncName + x-required-permissions: + create: + - ssm:CreateResourceDataSync + - ssm:ListResourceDataSync + delete: + - ssm:ListResourceDataSync + - ssm:DeleteResourceDataSync + update: + - ssm:ListResourceDataSync + - ssm:UpdateResourceDataSync + list: + - ssm:ListResourceDataSync + read: + - ssm:ListResourceDataSync + ResourcePolicy: + type: object + properties: + ResourceArn: + type: string + description: Arn of OpsItemGroup etc. + Policy: + type: object + description: Actual policy statement. + PolicyId: + type: string + description: 'An unique identifier within the policies of a resource. ' + PolicyHash: + type: string + description: A snapshot identifier for the policy over time. + required: + - ResourceArn + - Policy + x-stackql-resource-name: resource_policy + x-stackql-primaryIdentifier: + - PolicyId + - ResourceArn + x-create-only-properties: + - ResourceArn + x-read-only-properties: + - PolicyId + - PolicyHash + x-required-permissions: + create: + - ssm:PutResourcePolicy + read: + - ssm:GetResourcePolicies + update: + - ssm:PutResourcePolicy + delete: + - ssm:DeleteResourcePolicy + list: + - ssm:GetResourcePolicies + x-stackQL-resources: + associations: + name: associations + id: awscc.ssm.associations + x-cfn-schema-name: Association + x-type: list + x-identifiers: + - AssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::Association' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociationId') as association_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::Association' + AND region = 'us-east-1' + association: + name: association + id: awscc.ssm.association + x-cfn-schema-name: Association + x-type: get + x-identifiers: + - AssociationId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociationId') as association_id, + JSON_EXTRACT(Properties, '$.AssociationName') as association_name, + JSON_EXTRACT(Properties, '$.DocumentVersion') as document_version, + JSON_EXTRACT(Properties, '$.InstanceId') as instance_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Parameters') as parameters, + JSON_EXTRACT(Properties, '$.ScheduleExpression') as schedule_expression, + JSON_EXTRACT(Properties, '$.Targets') as targets, + JSON_EXTRACT(Properties, '$.OutputLocation') as output_location, + JSON_EXTRACT(Properties, '$.AutomationTargetParameterName') as automation_target_parameter_name, + JSON_EXTRACT(Properties, '$.MaxErrors') as max_errors, + JSON_EXTRACT(Properties, '$.MaxConcurrency') as max_concurrency, + JSON_EXTRACT(Properties, '$.ComplianceSeverity') as compliance_severity, + JSON_EXTRACT(Properties, '$.SyncCompliance') as sync_compliance, + JSON_EXTRACT(Properties, '$.WaitForSuccessTimeoutSeconds') as wait_for_success_timeout_seconds, + JSON_EXTRACT(Properties, '$.ApplyOnlyAtCronInterval') as apply_only_at_cron_interval, + JSON_EXTRACT(Properties, '$.CalendarNames') as calendar_names, + JSON_EXTRACT(Properties, '$.ScheduleOffset') as schedule_offset + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::Association' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociationId') as association_id, + json_extract_path_text(Properties, 'AssociationName') as association_name, + json_extract_path_text(Properties, 'DocumentVersion') as document_version, + json_extract_path_text(Properties, 'InstanceId') as instance_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Parameters') as parameters, + json_extract_path_text(Properties, 'ScheduleExpression') as schedule_expression, + json_extract_path_text(Properties, 'Targets') as targets, + json_extract_path_text(Properties, 'OutputLocation') as output_location, + json_extract_path_text(Properties, 'AutomationTargetParameterName') as automation_target_parameter_name, + json_extract_path_text(Properties, 'MaxErrors') as max_errors, + json_extract_path_text(Properties, 'MaxConcurrency') as max_concurrency, + json_extract_path_text(Properties, 'ComplianceSeverity') as compliance_severity, + json_extract_path_text(Properties, 'SyncCompliance') as sync_compliance, + json_extract_path_text(Properties, 'WaitForSuccessTimeoutSeconds') as wait_for_success_timeout_seconds, + json_extract_path_text(Properties, 'ApplyOnlyAtCronInterval') as apply_only_at_cron_interval, + json_extract_path_text(Properties, 'CalendarNames') as calendar_names, + json_extract_path_text(Properties, 'ScheduleOffset') as schedule_offset + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::Association' + AND data__Identifier = '' + AND region = 'us-east-1' + documents: + name: documents + id: awscc.ssm.documents + x-cfn-schema-name: Document + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::Document' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::Document' + AND region = 'us-east-1' + document: + name: document + id: awscc.ssm.document + x-cfn-schema-name: Document + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Content') as content, + JSON_EXTRACT(Properties, '$.Attachments') as attachments, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.VersionName') as version_name, + JSON_EXTRACT(Properties, '$.DocumentType') as document_type, + JSON_EXTRACT(Properties, '$.DocumentFormat') as document_format, + JSON_EXTRACT(Properties, '$.TargetType') as target_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Requires') as requires, + JSON_EXTRACT(Properties, '$.UpdateMethod') as update_method + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::Document' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Content') as content, + json_extract_path_text(Properties, 'Attachments') as attachments, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'VersionName') as version_name, + json_extract_path_text(Properties, 'DocumentType') as document_type, + json_extract_path_text(Properties, 'DocumentFormat') as document_format, + json_extract_path_text(Properties, 'TargetType') as target_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Requires') as requires, + json_extract_path_text(Properties, 'UpdateMethod') as update_method + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::Document' + AND data__Identifier = '' + AND region = 'us-east-1' + parameters: + name: parameters + id: awscc.ssm.parameters + x-cfn-schema-name: Parameter + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::Parameter' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::Parameter' + AND region = 'us-east-1' + parameter: + name: parameter + id: awscc.ssm.parameter + x-cfn-schema-name: Parameter + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Value') as value, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Policies') as policies, + JSON_EXTRACT(Properties, '$.AllowedPattern') as allowed_pattern, + JSON_EXTRACT(Properties, '$.Tier') as tier, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.DataType') as data_type, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::Parameter' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Value') as value, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Policies') as policies, + json_extract_path_text(Properties, 'AllowedPattern') as allowed_pattern, + json_extract_path_text(Properties, 'Tier') as tier, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'DataType') as data_type, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::Parameter' + AND data__Identifier = '' + AND region = 'us-east-1' + patch_baselines: + name: patch_baselines + id: awscc.ssm.patch_baselines + x-cfn-schema-name: PatchBaseline + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::PatchBaseline' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::PatchBaseline' + AND region = 'us-east-1' + patch_baseline: + name: patch_baseline + id: awscc.ssm.patch_baseline + x-cfn-schema-name: PatchBaseline + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.DefaultBaseline') as default_baseline, + JSON_EXTRACT(Properties, '$.OperatingSystem') as operating_system, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ApprovalRules') as approval_rules, + JSON_EXTRACT(Properties, '$.Sources') as sources, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RejectedPatches') as rejected_patches, + JSON_EXTRACT(Properties, '$.ApprovedPatches') as approved_patches, + JSON_EXTRACT(Properties, '$.RejectedPatchesAction') as rejected_patches_action, + JSON_EXTRACT(Properties, '$.PatchGroups') as patch_groups, + JSON_EXTRACT(Properties, '$.ApprovedPatchesComplianceLevel') as approved_patches_compliance_level, + JSON_EXTRACT(Properties, '$.ApprovedPatchesEnableNonSecurity') as approved_patches_enable_non_security, + JSON_EXTRACT(Properties, '$.GlobalFilters') as global_filters, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::PatchBaseline' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'DefaultBaseline') as default_baseline, + json_extract_path_text(Properties, 'OperatingSystem') as operating_system, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ApprovalRules') as approval_rules, + json_extract_path_text(Properties, 'Sources') as sources, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RejectedPatches') as rejected_patches, + json_extract_path_text(Properties, 'ApprovedPatches') as approved_patches, + json_extract_path_text(Properties, 'RejectedPatchesAction') as rejected_patches_action, + json_extract_path_text(Properties, 'PatchGroups') as patch_groups, + json_extract_path_text(Properties, 'ApprovedPatchesComplianceLevel') as approved_patches_compliance_level, + json_extract_path_text(Properties, 'ApprovedPatchesEnableNonSecurity') as approved_patches_enable_non_security, + json_extract_path_text(Properties, 'GlobalFilters') as global_filters, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::PatchBaseline' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_data_syncs: + name: resource_data_syncs + id: awscc.ssm.resource_data_syncs + x-cfn-schema-name: ResourceDataSync + x-type: list + x-identifiers: + - SyncName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SyncName') as sync_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::ResourceDataSync' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SyncName') as sync_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::ResourceDataSync' + AND region = 'us-east-1' + resource_data_sync: + name: resource_data_sync + id: awscc.ssm.resource_data_sync + x-cfn-schema-name: ResourceDataSync + x-type: get + x-identifiers: + - SyncName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.S3Destination') as s3_destination, + JSON_EXTRACT(Properties, '$.KMSKeyArn') as k_ms_key_arn, + JSON_EXTRACT(Properties, '$.SyncSource') as sync_source, + JSON_EXTRACT(Properties, '$.BucketName') as bucket_name, + JSON_EXTRACT(Properties, '$.BucketRegion') as bucket_region, + JSON_EXTRACT(Properties, '$.SyncFormat') as sync_format, + JSON_EXTRACT(Properties, '$.SyncName') as sync_name, + JSON_EXTRACT(Properties, '$.SyncType') as sync_type, + JSON_EXTRACT(Properties, '$.BucketPrefix') as bucket_prefix + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::ResourceDataSync' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'S3Destination') as s3_destination, + json_extract_path_text(Properties, 'KMSKeyArn') as k_ms_key_arn, + json_extract_path_text(Properties, 'SyncSource') as sync_source, + json_extract_path_text(Properties, 'BucketName') as bucket_name, + json_extract_path_text(Properties, 'BucketRegion') as bucket_region, + json_extract_path_text(Properties, 'SyncFormat') as sync_format, + json_extract_path_text(Properties, 'SyncName') as sync_name, + json_extract_path_text(Properties, 'SyncType') as sync_type, + json_extract_path_text(Properties, 'BucketPrefix') as bucket_prefix + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::ResourceDataSync' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_policies: + name: resource_policies + id: awscc.ssm.resource_policies + x-cfn-schema-name: ResourcePolicy + x-type: list + x-identifiers: + - PolicyId + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyId') as policy_id, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::ResourcePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyId') as policy_id, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSM::ResourcePolicy' + AND region = 'us-east-1' + resource_policy: + name: resource_policy + id: awscc.ssm.resource_policy + x-cfn-schema-name: ResourcePolicy + x-type: get + x-identifiers: + - PolicyId + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.PolicyId') as policy_id, + JSON_EXTRACT(Properties, '$.PolicyHash') as policy_hash + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'PolicyId') as policy_id, + json_extract_path_text(Properties, 'PolicyHash') as policy_hash + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSM::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ssmcontacts.yaml b/providers/src/awscc/v00.00.00000/services/ssmcontacts.yaml new file mode 100644 index 00000000..643d882d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ssmcontacts.yaml @@ -0,0 +1,685 @@ +openapi: 3.0.0 +info: + title: SSMContacts + version: 1.0.0 +paths: {} +components: + schemas: + ContactTargetInfo: + type: object + description: The contact that SSM Incident Manager is engaging during an incident. + properties: + ContactId: + description: The Amazon Resource Name (ARN) of the contact. + type: string + IsEssential: + type: boolean + description: A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan. + required: + - ContactId + - IsEssential + additionalProperties: false + ChannelTargetInfo: + type: object + description: Information about the contact channel that SSM Incident Manager uses to engage the contact. + properties: + ChannelId: + description: The Amazon Resource Name (ARN) of the contact channel. + type: string + RetryIntervalInMinutes: + type: integer + description: The number of minutes to wait to retry sending engagement in the case the engagement initially fails. + required: + - ChannelId + - RetryIntervalInMinutes + additionalProperties: false + Stage: + description: A set amount of time that an escalation plan or engagement plan engages the specified contacts or contact methods. + type: object + properties: + DurationInMinutes: + description: The time to wait until beginning the next stage. + type: integer + Targets: + type: array + x-insertionOrder: false + description: The contacts or contact methods that the escalation plan or engagement plan is engaging. + items: + $ref: '#/components/schemas/Targets' + required: + - DurationInMinutes + additionalProperties: false + Targets: + description: The contacts or contact methods that the escalation plan or engagement plan is engaging. + type: object + properties: + ContactTargetInfo: + $ref: '#/components/schemas/ContactTargetInfo' + ChannelTargetInfo: + $ref: '#/components/schemas/ChannelTargetInfo' + additionalProperties: false + oneOf: + - required: + - ChannelTargetInfo + - required: + - ContactTargetInfo + Contact: + type: object + properties: + Alias: + description: Alias of the contact. String value with 20 to 256 characters. Only alphabetical, numeric characters, dash, or underscore allowed. + type: string + minLength: 1 + maxLength: 255 + pattern: ^[a-z0-9_\-\.]*$ + DisplayName: + description: Name of the contact. String value with 3 to 256 characters. Only alphabetical, space, numeric characters, dash, or underscore allowed. + type: string + minLength: 1 + maxLength: 255 + pattern: ^[a-zA-Z0-9_\-\s]*$ + Type: + description: 'Contact type, which specify type of contact. Currently supported values: “PERSONAL”, “SHARED”, “OTHER“.' + type: string + enum: + - PERSONAL + - CUSTOM + - SERVICE + - ESCALATION + - ONCALL_SCHEDULE + Plan: + description: The stages that an escalation plan or engagement plan engages contacts and contact methods in. + type: array + items: + $ref: '#/components/schemas/Stage' + Arn: + type: string + description: The Amazon Resource Name (ARN) of the contact. + required: + - Alias + - DisplayName + - Type + x-stackql-resource-name: contact + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Alias + - Type + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ssm-contacts:CreateContact + - ssm-contacts:GetContact + - ssm-contacts:AssociateContact + read: + - ssm-contacts:GetContact + update: + - ssm-contacts:UpdateContact + - ssm-contacts:GetContact + - ssm-contacts:AssociateContact + delete: + - ssm-contacts:DeleteContact + - ssm-contacts:GetContact + - ssm-contacts:AssociateContact + list: + - ssm-contacts:ListContacts + ContactChannel: + type: object + properties: + ContactId: + description: ARN of the contact resource + type: string + minLength: 1 + maxLength: 2048 + pattern: arn:[-\w+=\/,.@]+:[-\w+=\/,.@]+:[-\w+=\/,.@]*:[0-9]+:([\w+=\/,.@:-]+)* + ChannelName: + description: The device name. String of 6 to 50 alphabetical, numeric, dash, and underscore characters. + type: string + minLength: 1 + maxLength: 255 + pattern: '[a-zA-Z 0-9_\-+''&\uD83C-\uDBFF\uDC00-\uDFFF\u2000-\u3300]+' + ChannelType: + description: 'Device type, which specify notification channel. Currently supported values: “SMS”, “VOICE”, “EMAIL”, “CHATBOT.' + type: string + enum: + - SMS + - VOICE + - EMAIL + DeferActivation: + type: boolean + description: If you want to activate the channel at a later time, you can choose to defer activation. SSM Incident Manager can't engage your contact channel until it has been activated. + ChannelAddress: + description: The details that SSM Incident Manager uses when trying to engage the contact channel. + type: string + Arn: + type: string + description: The Amazon Resource Name (ARN) of the engagement to a contact channel. + x-stackql-resource-name: contact_channel + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ContactId + - ChannelType + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ssm-contacts:CreateContactChannel + - ssm-contacts:GetContactChannel + read: + - ssm-contacts:GetContactChannel + update: + - ssm-contacts:UpdateContactChannel + - ssm-contacts:GetContactChannel + delete: + - ssm-contacts:DeleteContactChannel + - ssm-contacts:GetContactChannel + list: + - ssm-contacts:ListContactChannels + Plan: + type: object + properties: + ContactId: + description: Contact ID for the AWS SSM Incident Manager Contact to associate the plan. + type: string + pattern: arn:[-\w+=\/,.@]+:[-\w+=\/,.@]+:[-\w+=\/,.@]*:[0-9]+:([\w+=\/,.@:-]+)* + Stages: + description: The stages that an escalation plan or engagement plan engages contacts and contact methods in. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Stage' + RotationIds: + description: Rotation Ids to associate with Oncall Contact for engagement. + type: array + x-insertionOrder: false + items: + type: string + Arn: + type: string + description: The Amazon Resource Name (ARN) of the contact. + x-stackql-resource-name: plan + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ContactId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ssm-contacts:UpdateContact + - ssm-contacts:GetContact + - ssm-contacts:AssociateContact + read: + - ssm-contacts:GetContact + update: + - ssm-contacts:UpdateContact + - ssm-contacts:GetContact + - ssm-contacts:AssociateContact + delete: + - ssm-contacts:UpdateContact + - ssm-contacts:GetContact + - ssm-contacts:AssociateContact + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + description: The key name of the tag + type: string + minLength: 1 + maxLength: 128 + Value: + description: The value for the tag. + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + HandOffTime: + type: string + pattern: ^([0-9]|0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$ + description: Details about when an on-call rotation shift begins or ends. Time of the day in format HH:MM + CoverageTime: + type: object + description: StartTime and EndTime for the Shift + properties: + StartTime: + $ref: '#/components/schemas/HandOffTime' + EndTime: + $ref: '#/components/schemas/HandOffTime' + required: + - StartTime + - EndTime + additionalProperties: false + ShiftCoverage: + type: object + description: Information about the days of the week included in on-call rotation coverage. + properties: + DayOfWeek: + $ref: '#/components/schemas/DayOfWeek' + CoverageTimes: + description: Information about when an on-call shift begins and ends. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/CoverageTime' + required: + - DayOfWeek + - CoverageTimes + additionalProperties: false + DayOfWeek: + description: 'The day of the week when weekly recurring on-call shift rotations begin. ' + type: string + enum: + - MON + - TUE + - WED + - THU + - FRI + - SAT + - SUN + MonthlySetting: + type: object + description: DayOfWeek for Month and HandOff Time for Monthly Recurring Rotation. + properties: + DayOfMonth: + description: The day of the month when monthly recurring on-call rotations begin. + type: integer + minimum: 1 + maximum: 31 + HandOffTime: + $ref: '#/components/schemas/HandOffTime' + required: + - DayOfMonth + - HandOffTime + additionalProperties: false + WeeklySetting: + type: object + description: DayOfWeek for Rotation and HandOff Time for Weekly Recurring Rotation. + properties: + DayOfWeek: + $ref: '#/components/schemas/DayOfWeek' + HandOffTime: + $ref: '#/components/schemas/HandOffTime' + required: + - DayOfWeek + - HandOffTime + additionalProperties: false + DailySetting: + type: object + description: Handoff time for Daily Recurring Rotation. + properties: + HandOffTime: + $ref: '#/components/schemas/HandOffTime' + required: + - HandOffTime + additionalProperties: false + RecurrenceSettings: + description: Information about when an on-call rotation is in effect and how long the rotation period lasts. + type: object + properties: + MonthlySettings: + description: Information about on-call rotations that recur monthly. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/MonthlySetting' + WeeklySettings: + description: Information about on-call rotations that recur weekly. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/WeeklySetting' + DailySettings: + description: Information about on-call rotations that recur daily. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/HandOffTime' + NumberOfOnCalls: + type: integer + description: Number of Oncalls per shift. + minimum: 1 + RecurrenceMultiplier: + type: integer + description: The number of days, weeks, or months a single rotation lasts. + minimum: 1 + maximum: 100 + ShiftCoverages: + type: array + x-insertionOrder: false + description: Information about the days of the week included in on-call rotation coverage. + items: + $ref: '#/components/schemas/ShiftCoverage' + additionalProperties: false + oneOf: + - required: + - NumberOfOnCalls + - RecurrenceMultiplier + - WeeklySettings + - required: + - NumberOfOnCalls + - RecurrenceMultiplier + - MonthlySettings + - required: + - NumberOfOnCalls + - RecurrenceMultiplier + - DailySettings + Rotation: + type: object + properties: + Name: + description: Name of the Rotation + type: string + pattern: ^[a-zA-Z0-9_]*$ + ContactIds: + description: Members of the rotation + type: array + x-insertionOrder: false + items: + type: string + StartTime: + description: Start time of the first shift of Oncall Schedule + type: string + pattern: ^(\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2})$ + TimeZoneId: + description: TimeZone Identifier for the Oncall Schedule + type: string + Recurrence: + $ref: '#/components/schemas/RecurrenceSettings' + Tags: + type: array + x-insertionOrder: false + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + Arn: + type: string + description: The Amazon Resource Name (ARN) of the rotation. + required: + - Name + - ContactIds + - StartTime + - TimeZoneId + - Recurrence + x-stackql-resource-name: rotation + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ssm-contacts:CreateRotation + - ssm-contacts:GetRotation + - ssm-contacts:TagResource + - ssm-contacts:ListTagsForResource + - ssm-contacts:UntagResource + read: + - ssm-contacts:GetRotation + - ssm-contacts:TagResource + - ssm-contacts:ListTagsForResource + - ssm-contacts:UntagResource + update: + - ssm-contacts:UpdateRotation + - ssm-contacts:GetRotation + - ssm-contacts:TagResource + - ssm-contacts:ListTagsForResource + - ssm-contacts:UntagResource + delete: + - ssm-contacts:DeleteRotation + - ssm-contacts:GetRotation + - ssm-contacts:ListTagsForResource + - ssm-contacts:UntagResource + list: + - ssm-contacts:ListRotations + - ssm-contacts:GetRotation + - ssm-contacts:ListTagsForResource + x-stackQL-resources: + contacts: + name: contacts + id: awscc.ssmcontacts.contacts + x-cfn-schema-name: Contact + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::Contact' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::Contact' + AND region = 'us-east-1' + contact: + name: contact + id: awscc.ssmcontacts.contact + x-cfn-schema-name: Contact + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Alias') as alias, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Plan') as plan, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::Contact' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Alias') as alias, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Plan') as plan, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::Contact' + AND data__Identifier = '' + AND region = 'us-east-1' + contact_channels: + name: contact_channels + id: awscc.ssmcontacts.contact_channels + x-cfn-schema-name: ContactChannel + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::ContactChannel' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::ContactChannel' + AND region = 'us-east-1' + contact_channel: + name: contact_channel + id: awscc.ssmcontacts.contact_channel + x-cfn-schema-name: ContactChannel + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContactId') as contact_id, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.ChannelType') as channel_type, + JSON_EXTRACT(Properties, '$.DeferActivation') as defer_activation, + JSON_EXTRACT(Properties, '$.ChannelAddress') as channel_address, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::ContactChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContactId') as contact_id, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'ChannelType') as channel_type, + json_extract_path_text(Properties, 'DeferActivation') as defer_activation, + json_extract_path_text(Properties, 'ChannelAddress') as channel_address, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::ContactChannel' + AND data__Identifier = '' + AND region = 'us-east-1' + plans: + name: plans + id: awscc.ssmcontacts.plans + x-cfn-schema-name: Plan + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::Plan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::Plan' + AND region = 'us-east-1' + plan: + name: plan + id: awscc.ssmcontacts.plan + x-cfn-schema-name: Plan + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ContactId') as contact_id, + JSON_EXTRACT(Properties, '$.Stages') as stages, + JSON_EXTRACT(Properties, '$.RotationIds') as rotation_ids, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::Plan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ContactId') as contact_id, + json_extract_path_text(Properties, 'Stages') as stages, + json_extract_path_text(Properties, 'RotationIds') as rotation_ids, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::Plan' + AND data__Identifier = '' + AND region = 'us-east-1' + rotations: + name: rotations + id: awscc.ssmcontacts.rotations + x-cfn-schema-name: Rotation + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::Rotation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMContacts::Rotation' + AND region = 'us-east-1' + rotation: + name: rotation + id: awscc.ssmcontacts.rotation + x-cfn-schema-name: Rotation + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ContactIds') as contact_ids, + JSON_EXTRACT(Properties, '$.StartTime') as start_time, + JSON_EXTRACT(Properties, '$.TimeZoneId') as time_zone_id, + JSON_EXTRACT(Properties, '$.Recurrence') as recurrence, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::Rotation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ContactIds') as contact_ids, + json_extract_path_text(Properties, 'StartTime') as start_time, + json_extract_path_text(Properties, 'TimeZoneId') as time_zone_id, + json_extract_path_text(Properties, 'Recurrence') as recurrence, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMContacts::Rotation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/ssmincidents.yaml b/providers/src/awscc/v00.00.00000/services/ssmincidents.yaml new file mode 100644 index 00000000..bb459f39 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/ssmincidents.yaml @@ -0,0 +1,560 @@ +openapi: 3.0.0 +info: + title: SSMIncidents + version: 1.0.0 +paths: {} +components: + schemas: + Arn: + description: The ARN of the ReplicationSet. + type: string + pattern: ^arn:aws(-(cn|us-gov|iso(-b)?))?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + maxLength: 1000 + RegionName: + description: The AWS region name. + type: string + maxLength: 20 + ReplicationRegion: + description: The ReplicationSet regional configuration. + type: object + additionalProperties: false + properties: + RegionName: + $ref: '#/components/schemas/RegionName' + RegionConfiguration: + $ref: '#/components/schemas/RegionConfiguration' + RegionConfiguration: + description: The ReplicationSet regional configuration. + type: object + additionalProperties: false + properties: + SseKmsKeyId: + $ref: '#/components/schemas/Arn' + required: + - SseKmsKeyId + DeletionProtected: + description: Configures the ReplicationSet deletion protection. + type: boolean + RegionList: + type: array + minItems: 1 + maxItems: 3 + items: + $ref: '#/components/schemas/ReplicationRegion' + x-insertionOrder: false + uniqueItems: true + Tag: + description: A key-value pair to tag a resource. + additionalProperties: false + type: object + properties: + Key: + type: string + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + required: + - Value + - Key + ReplicationSet: + type: object + properties: + Arn: + description: The ARN of the ReplicationSet. + $ref: '#/components/schemas/Arn' + additionalProperties: false + Regions: + description: The ReplicationSet configuration. + $ref: '#/components/schemas/RegionList' + DeletionProtected: + $ref: '#/components/schemas/DeletionProtected' + default: false + Tags: + description: The tags to apply to the replication set. + type: array + default: [] + uniqueItems: true + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - Regions + x-stackql-resource-name: replication_set + x-stackql-primaryIdentifier: + - Arn + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ssm-incidents:CreateReplicationSet + - ssm-incidents:ListReplicationSets + - ssm-incidents:UpdateDeletionProtection + - ssm-incidents:GetReplicationSet + - ssm-incidents:TagResource + - ssm-incidents:ListTagsForResource + - iam:CreateServiceLinkedRole + read: + - ssm-incidents:ListReplicationSets + - ssm-incidents:GetReplicationSet + - ssm-incidents:ListTagsForResource + update: + - ssm-incidents:UpdateReplicationSet + - ssm-incidents:UpdateDeletionProtection + - ssm-incidents:GetReplicationSet + - ssm-incidents:TagResource + - ssm-incidents:UntagResource + - ssm-incidents:ListTagsForResource + delete: + - ssm-incidents:DeleteReplicationSet + - ssm-incidents:GetReplicationSet + list: + - ssm-incidents:ListReplicationSets + SSMContact: + description: The ARN of the contact. + type: string + pattern: ^arn:aws(-(cn|us-gov))?:ssm-contacts:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + maxLength: 1000 + SnsArn: + description: The ARN of the Chatbot SNS topic. + type: string + pattern: ^arn:aws(-(cn|us-gov))?:sns:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + maxLength: 1000 + NotificationTargetItem: + description: A notification target. + type: object + additionalProperties: false + properties: + SnsTopicArn: + $ref: '#/components/schemas/SnsArn' + Action: + description: The automation configuration to launch. + additionalProperties: false + type: object + properties: + SsmAutomation: + $ref: '#/components/schemas/SsmAutomation' + SsmAutomation: + description: The configuration to use when starting the SSM automation document. + type: object + additionalProperties: false + required: + - RoleArn + - DocumentName + properties: + RoleArn: + description: The role ARN to use when starting the SSM automation document. + type: string + pattern: ^arn:aws(-(cn|us-gov))?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + maxLength: 1000 + DocumentName: + description: The document name to use when starting the SSM automation document. + type: string + maxLength: 128 + DocumentVersion: + description: The version of the document to use when starting the SSM automation document. + type: string + maxLength: 128 + TargetAccount: + description: The account type to use when starting the SSM automation document. + type: string + enum: + - IMPACTED_ACCOUNT + - RESPONSE_PLAN_OWNER_ACCOUNT + Parameters: + description: The parameters to set when starting the SSM automation document. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/SsmParameter' + minItems: 1 + maxItems: 200 + default: [] + DynamicParameters: + description: The parameters with dynamic values to set when starting the SSM automation document. + type: array + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/DynamicSsmParameter' + maxItems: 200 + default: [] + SsmParameter: + description: A parameter to set when starting the SSM automation document. + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 50 + Values: + type: array + uniqueItems: true + x-insertionOrder: true + maxItems: 10 + items: + $ref: '#/components/schemas/SsmParameterValue' + required: + - Values + - Key + additionalProperties: false + SsmParameterValue: + description: A value of the parameter to set when starting the SSM automation document. + type: string + maxLength: 10000 + DynamicSsmParameter: + description: A parameter with a dynamic value to set when starting the SSM automation document. + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 50 + Value: + $ref: '#/components/schemas/DynamicSsmParameterValue' + required: + - Value + - Key + additionalProperties: false + DynamicSsmParameterValue: + description: Value of the dynamic parameter to set when starting the SSM automation document. + additionalProperties: false + type: object + properties: + Variable: + $ref: '#/components/schemas/VariableType' + VariableType: + description: The variable types used as dynamic parameter value when starting the SSM automation document. + type: string + enum: + - INCIDENT_RECORD_ARN + - INVOLVED_RESOURCES + Integration: + type: object + additionalProperties: false + properties: + PagerDutyConfiguration: + $ref: '#/components/schemas/PagerDutyConfiguration' + oneOf: + - required: + - PagerDutyConfiguration + PagerDutyConfiguration: + description: The pagerDuty configuration to use when starting the incident. + type: object + additionalProperties: false + required: + - Name + - SecretId + - PagerDutyIncidentConfiguration + properties: + Name: + description: The name of the pagerDuty configuration. + type: string + minLength: 1 + maxLength: 200 + SecretId: + description: The AWS secrets manager secretId storing the pagerDuty token. + type: string + minLength: 1 + maxLength: 512 + PagerDutyIncidentConfiguration: + $ref: '#/components/schemas/PagerDutyIncidentConfiguration' + PagerDutyIncidentConfiguration: + description: The pagerDuty incident configuration. + additionalProperties: false + type: object + properties: + ServiceId: + description: The pagerDuty serviceId. + type: string + minLength: 1 + maxLength: 200 + required: + - ServiceId + IncidentTemplate: + description: The incident template configuration. + additionalProperties: false + type: object + required: + - Title + - Impact + properties: + DedupeString: + description: The deduplication string. + type: string + maxLength: 1000 + minLength: 1 + Impact: + description: The impact value. + type: integer + minimum: 1 + maximum: 5 + NotificationTargets: + description: The list of notification targets. + type: array + default: [] + maxItems: 10 + items: + $ref: '#/components/schemas/NotificationTargetItem' + x-insertionOrder: false + Summary: + description: The summary string. + type: string + maxLength: 4000 + minLength: 1 + Title: + description: The title string. + type: string + maxLength: 200 + IncidentTags: + description: Tags that get applied to incidents created by the StartIncident API action. + type: array + uniqueItems: true + x-insertionOrder: false + default: [] + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + ChatbotSns: + type: array + uniqueItems: true + x-insertionOrder: true + default: [] + items: + $ref: '#/components/schemas/SnsArn' + ChatChannel: + description: The chat channel configuration. + additionalProperties: false + type: object + properties: + ChatbotSns: + $ref: '#/components/schemas/ChatbotSns' + ResponsePlan: + type: object + properties: + Arn: + description: The ARN of the response plan. + type: string + pattern: ^arn:aws(-(cn|us-gov))?:[a-z-]+:(([a-z]+-)+[0-9])?:([0-9]{12})?:[^.]+$ + maxLength: 1000 + Name: + description: The name of the response plan. + type: string + pattern: ^[a-zA-Z0-9_-]*$ + maxLength: 200 + minLength: 1 + DisplayName: + description: The display name of the response plan. + type: string + maxLength: 200 + minLength: 1 + ChatChannel: + $ref: '#/components/schemas/ChatChannel' + Engagements: + description: The list of engagements to use. + type: array + default: [] + maxItems: 5 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/SSMContact' + Actions: + description: The list of actions. + type: array + default: [] + uniqueItems: true + x-insertionOrder: true + maxItems: 1 + items: + $ref: '#/components/schemas/Action' + Integrations: + description: The list of integrations. + type: array + default: [] + uniqueItems: true + x-insertionOrder: true + maxItems: 1 + items: + $ref: '#/components/schemas/Integration' + Tags: + description: The tags to apply to the response plan. + type: array + default: [] + uniqueItems: true + x-insertionOrder: false + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + IncidentTemplate: + $ref: '#/components/schemas/IncidentTemplate' + required: + - Name + - IncidentTemplate + x-stackql-resource-name: response_plan + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ssm-incidents:CreateResponsePlan + - ssm-incidents:GetResponsePlan + - ssm-incidents:TagResource + - ssm-incidents:ListTagsForResource + - iam:PassRole + - secretsmanager:GetSecretValue + - kms:Decrypt + - kms:GenerateDataKey* + read: + - ssm-incidents:GetResponsePlan + - ssm-incidents:ListTagsForResource + update: + - ssm-incidents:UpdateResponsePlan + - ssm-incidents:GetResponsePlan + - ssm-incidents:TagResource + - ssm-incidents:UntagResource + - ssm-incidents:ListTagsForResource + - iam:PassRole + - secretsmanager:GetSecretValue + - kms:Decrypt + - kms:GenerateDataKey* + delete: + - ssm-incidents:DeleteResponsePlan + - ssm-incidents:GetResponsePlan + list: + - ssm-incidents:ListResponsePlans + x-stackQL-resources: + replication_sets: + name: replication_sets + id: awscc.ssmincidents.replication_sets + x-cfn-schema-name: ReplicationSet + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMIncidents::ReplicationSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMIncidents::ReplicationSet' + AND region = 'us-east-1' + replication_set: + name: replication_set + id: awscc.ssmincidents.replication_set + x-cfn-schema-name: ReplicationSet + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Regions') as regions, + JSON_EXTRACT(Properties, '$.DeletionProtected') as deletion_protected, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMIncidents::ReplicationSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Regions') as regions, + json_extract_path_text(Properties, 'DeletionProtected') as deletion_protected, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMIncidents::ReplicationSet' + AND data__Identifier = '' + AND region = 'us-east-1' + response_plans: + name: response_plans + id: awscc.ssmincidents.response_plans + x-cfn-schema-name: ResponsePlan + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMIncidents::ResponsePlan' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSMIncidents::ResponsePlan' + AND region = 'us-east-1' + response_plan: + name: response_plan + id: awscc.ssmincidents.response_plan + x-cfn-schema-name: ResponsePlan + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.ChatChannel') as chat_channel, + JSON_EXTRACT(Properties, '$.Engagements') as engagements, + JSON_EXTRACT(Properties, '$.Actions') as actions, + JSON_EXTRACT(Properties, '$.Integrations') as integrations, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.IncidentTemplate') as incident_template + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMIncidents::ResponsePlan' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'ChatChannel') as chat_channel, + json_extract_path_text(Properties, 'Engagements') as engagements, + json_extract_path_text(Properties, 'Actions') as actions, + json_extract_path_text(Properties, 'Integrations') as integrations, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'IncidentTemplate') as incident_template + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSMIncidents::ResponsePlan' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/sso.yaml b/providers/src/awscc/v00.00.00000/services/sso.yaml new file mode 100644 index 00000000..77deda37 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/sso.yaml @@ -0,0 +1,553 @@ +openapi: 3.0.0 +info: + title: SSO + version: 1.0.0 +paths: {} +components: + schemas: + Assignment: + type: object + properties: + InstanceArn: + description: The sso instance that the permission set is owned. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16} + minLength: 10 + maxLength: 1224 + TargetId: + description: The account id to be provisioned. + type: string + pattern: \d{12} + TargetType: + description: The type of resource to be provsioned to, only aws account now + type: string + enum: + - AWS_ACCOUNT + PermissionSetArn: + description: The permission set that the assignemt will be assigned + type: string + pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16} + minLength: 10 + maxLength: 1224 + PrincipalType: + description: The assignee's type, user/group + type: string + enum: + - USER + - GROUP + PrincipalId: + description: The assignee's identifier, user id/group id + type: string + pattern: ^([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$ + minLength: 1 + maxLength: 47 + required: + - InstanceArn + - TargetId + - TargetType + - PermissionSetArn + - PrincipalType + - PrincipalId + x-stackql-resource-name: assignment + x-stackql-primaryIdentifier: + - InstanceArn + - TargetId + - TargetType + - PermissionSetArn + - PrincipalType + - PrincipalId + x-create-only-properties: + - InstanceArn + - TargetId + - TargetType + - PermissionSetArn + - PrincipalType + - PrincipalId + x-required-permissions: + create: + - sso:CreateAccountAssignment + - sso:DescribeAccountAssignmentCreationStatus + - sso:ListAccountAssignments + - iam:GetSAMLProvider + - iam:CreateSAMLProvider + - iam:AttachRolePolicy + - iam:PutRolePolicy + - iam:CreateRole + - iam:ListRolePolicies + read: + - sso:ListAccountAssignments + - iam:GetSAMLProvider + - iam:ListRolePolicies + delete: + - sso:ListAccountAssignments + - sso:DeleteAccountAssignment + - sso:DescribeAccountAssignmentDeletionStatus + - iam:GetSAMLProvider + - iam:ListRolePolicies + list: + - sso:ListAccountAssignments + - iam:ListRolePolicies + AccessControlAttributeValueSource: + type: string + minLength: 0 + maxLength: 256 + pattern: '[\p{L}\p{Z}\p{N}_.:\/=+\-@\[\]\{\}\$\\"]*' + AccessControlAttributeValueSourceList: + type: array + x-insertionOrder: true + items: + $ref: '#/components/schemas/AccessControlAttributeValueSource' + maxItems: 1 + AccessControlAttributeValue: + type: object + properties: + Source: + $ref: '#/components/schemas/AccessControlAttributeValueSourceList' + required: + - Source + additionalProperties: false + AccessControlAttribute: + type: object + properties: + Key: + type: string + pattern: '[\p{L}\p{Z}\p{N}_.:\/=+\-@]+' + minLength: 1 + maxLength: 128 + Value: + $ref: '#/components/schemas/AccessControlAttributeValue' + required: + - Key + - Value + additionalProperties: false + AccessControlAttributeList: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/AccessControlAttribute' + maxItems: 50 + InstanceAccessControlAttributeConfiguration: + type: object + properties: + InstanceArn: + description: The ARN of the AWS SSO instance under which the operation will be executed. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16} + minLength: 10 + maxLength: 1224 + InstanceAccessControlAttributeConfiguration: + description: The InstanceAccessControlAttributeConfiguration property has been deprecated but is still supported for backwards compatibility purposes. We recomend that you use AccessControlAttributes property instead. + type: object + properties: + AccessControlAttributes: + $ref: '#/components/schemas/AccessControlAttributeList' + required: + - AccessControlAttributes + additionalProperties: false + AccessControlAttributes: + $ref: '#/components/schemas/AccessControlAttributeList' + required: + - InstanceArn + x-stackql-resource-name: instance_access_control_attribute_configuration + x-stackql-primaryIdentifier: + - InstanceArn + x-create-only-properties: + - InstanceArn + x-required-permissions: + create: + - sso:CreateInstanceAccessControlAttributeConfiguration + - sso:UpdateApplicationProfileForAWSAccountInstance + - sso:DescribeInstanceAccessControlAttributeConfiguration + read: + - sso:DescribeInstanceAccessControlAttributeConfiguration + update: + - sso:UpdateInstanceAccessControlAttributeConfiguration + - sso:DescribeInstanceAccessControlAttributeConfiguration + delete: + - sso:DeleteInstanceAccessControlAttributeConfiguration + - sso:DescribeInstanceAccessControlAttributeConfiguration + list: + - sso:DescribeInstanceAccessControlAttributeConfiguration + Tag: + description: The metadata that you apply to the permission set to help you categorize and organize them. + type: object + properties: + Key: + type: string + pattern: '[\w+=,.@-]+' + minLength: 1 + maxLength: 128 + Value: + type: string + pattern: '[\w+=,.@-]+' + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + ManagedPolicyArn: + description: The managed policy to attach. + type: string + minLength: 20 + maxLength: 2048 + CustomerManagedPolicyReference: + type: object + properties: + Name: + type: string + pattern: '[\w+=,.@-]+' + minLength: 1 + maxLength: 128 + Path: + type: string + pattern: ((/[A-Za-z0-9\.,\+@=_-]+)*)/ + minLength: 1 + maxLength: 512 + required: + - Name + additionalProperties: false + PermissionsBoundary: + type: object + additionalProperties: false + properties: + CustomerManagedPolicyReference: + $ref: '#/components/schemas/CustomerManagedPolicyReference' + ManagedPolicyArn: + $ref: '#/components/schemas/ManagedPolicyArn' + PermissionSet: + type: object + properties: + Name: + description: The name you want to assign to this permission set. + type: string + pattern: '[\w+=,.@-]+' + minLength: 1 + maxLength: 32 + PermissionSetArn: + description: The permission set that the policy will be attached to + type: string + pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::permissionSet/(sso)?ins-[a-zA-Z0-9-.]{16}/ps-[a-zA-Z0-9-./]{16} + minLength: 10 + maxLength: 1224 + Description: + description: The permission set description. + type: string + pattern: '[\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]*' + minLength: 1 + maxLength: 700 + InstanceArn: + description: The sso instance arn that the permission set is owned. + type: string + pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16} + minLength: 10 + maxLength: 1224 + SessionDuration: + description: The length of time that a user can be signed in to an AWS account. + type: string + pattern: ^(-?)P(?=\d|T\d)(?:(\d+)Y)?(?:(\d+)M)?(?:(\d+)([DW]))?(?:T(?:(\d+)H)?(?:(\d+)M)?(?:(\d+(?:\.\d+)?)S)?)?$ + minLength: 1 + maxLength: 100 + RelayStateType: + description: The relay state URL that redirect links to any service in the AWS Management Console. + type: string + pattern: '[a-zA-Z0-9&$@#\/%?=~\-_''"|!:,.;*+\[\]\ \(\)\{\}]+' + minLength: 1 + maxLength: 240 + ManagedPolicies: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/ManagedPolicyArn' + maxItems: 20 + default: [] + InlinePolicy: + description: The inline policy to put in permission set. + type: object + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + maxItems: 50 + CustomerManagedPolicyReferences: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/CustomerManagedPolicyReference' + maxItems: 20 + default: [] + PermissionsBoundary: + $ref: '#/components/schemas/PermissionsBoundary' + required: + - Name + - InstanceArn + x-stackql-resource-name: permission_set + x-stackql-primaryIdentifier: + - InstanceArn + - PermissionSetArn + x-create-only-properties: + - InstanceArn + - Name + x-read-only-properties: + - PermissionSetArn + x-required-permissions: + create: + - sso:CreatePermissionSet + - sso:PutInlinePolicyToPermissionSet + - sso:AttachManagedPolicyToPermissionSet + - sso:AttachCustomerManagedPolicyReferenceToPermissionSet + - sso:PutPermissionsBoundaryToPermissionSet + - sso:TagResource + - sso:DescribePermissionSet + - sso:ListTagsForResource + - sso:ListManagedPoliciesInPermissionSet + - sso:ListCustomerManagedPolicyReferencesInPermissionSet + - sso:GetInlinePolicyForPermissionSet + - sso:GetPermissionsBoundaryForPermissionSet + read: + - sso:DescribePermissionSet + - sso:ListTagsForResource + - sso:ListManagedPoliciesInPermissionSet + - sso:ListCustomerManagedPolicyReferencesInPermissionSet + - sso:GetInlinePolicyForPermissionSet + - sso:GetPermissionsBoundaryForPermissionSet + update: + - sso:UpdatePermissionSet + - sso:TagResource + - sso:UntagResource + - sso:ListTagsForResource + - sso:AttachManagedPolicyToPermissionSet + - sso:AttachCustomerManagedPolicyReferenceToPermissionSet + - sso:DetachManagedPolicyFromPermissionSet + - sso:DetachCustomerManagedPolicyReferenceFromPermissionSet + - sso:ListManagedPoliciesInPermissionSet + - sso:ListCustomerManagedPolicyReferencesInPermissionSet + - sso:PutInlinePolicyToPermissionSet + - sso:GetPermissionsBoundaryForPermissionSet + - sso:DeletePermissionsBoundaryFromPermissionSet + - sso:PutPermissionsBoundaryToPermissionSet + - sso:DeleteInlinePolicyFromPermissionSet + - sso:ProvisionPermissionSet + - sso:DescribePermissionSet + - sso:GetInlinePolicyForPermissionSet + - sso:DescribePermissionSetProvisioningStatus + delete: + - sso:DeletePermissionSet + list: + - sso:DescribePermissionSet + x-stackQL-resources: + assignments: + name: assignments + id: awscc.sso.assignments + x-cfn-schema-name: Assignment + x-type: list + x-identifiers: + - InstanceArn + - TargetId + - TargetType + - PermissionSetArn + - PrincipalType + - PrincipalId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.TargetId') as target_id, + JSON_EXTRACT(Properties, '$.TargetType') as target_type, + JSON_EXTRACT(Properties, '$.PermissionSetArn') as permission_set_arn, + JSON_EXTRACT(Properties, '$.PrincipalType') as principal_type, + JSON_EXTRACT(Properties, '$.PrincipalId') as principal_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSO::Assignment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'TargetId') as target_id, + json_extract_path_text(Properties, 'TargetType') as target_type, + json_extract_path_text(Properties, 'PermissionSetArn') as permission_set_arn, + json_extract_path_text(Properties, 'PrincipalType') as principal_type, + json_extract_path_text(Properties, 'PrincipalId') as principal_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSO::Assignment' + AND region = 'us-east-1' + assignment: + name: assignment + id: awscc.sso.assignment + x-cfn-schema-name: Assignment + x-type: get + x-identifiers: + - InstanceArn + - TargetId + - TargetType + - PermissionSetArn + - PrincipalType + - PrincipalId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.TargetId') as target_id, + JSON_EXTRACT(Properties, '$.TargetType') as target_type, + JSON_EXTRACT(Properties, '$.PermissionSetArn') as permission_set_arn, + JSON_EXTRACT(Properties, '$.PrincipalType') as principal_type, + JSON_EXTRACT(Properties, '$.PrincipalId') as principal_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSO::Assignment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'TargetId') as target_id, + json_extract_path_text(Properties, 'TargetType') as target_type, + json_extract_path_text(Properties, 'PermissionSetArn') as permission_set_arn, + json_extract_path_text(Properties, 'PrincipalType') as principal_type, + json_extract_path_text(Properties, 'PrincipalId') as principal_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSO::Assignment' + AND data__Identifier = '' + AND region = 'us-east-1' + instance_access_control_attribute_configurations: + name: instance_access_control_attribute_configurations + id: awscc.sso.instance_access_control_attribute_configurations + x-cfn-schema-name: InstanceAccessControlAttributeConfiguration + x-type: list + x-identifiers: + - InstanceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSO::InstanceAccessControlAttributeConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSO::InstanceAccessControlAttributeConfiguration' + AND region = 'us-east-1' + instance_access_control_attribute_configuration: + name: instance_access_control_attribute_configuration + id: awscc.sso.instance_access_control_attribute_configuration + x-cfn-schema-name: InstanceAccessControlAttributeConfiguration + x-type: get + x-identifiers: + - InstanceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.InstanceAccessControlAttributeConfiguration') as instance_access_control_attribute_configuration, + JSON_EXTRACT(Properties, '$.AccessControlAttributes') as access_control_attributes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSO::InstanceAccessControlAttributeConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'InstanceAccessControlAttributeConfiguration') as instance_access_control_attribute_configuration, + json_extract_path_text(Properties, 'AccessControlAttributes') as access_control_attributes + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSO::InstanceAccessControlAttributeConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + permission_sets: + name: permission_sets + id: awscc.sso.permission_sets + x-cfn-schema-name: PermissionSet + x-type: list + x-identifiers: + - InstanceArn + - PermissionSetArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.PermissionSetArn') as permission_set_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSO::PermissionSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'PermissionSetArn') as permission_set_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SSO::PermissionSet' + AND region = 'us-east-1' + permission_set: + name: permission_set + id: awscc.sso.permission_set + x-cfn-schema-name: PermissionSet + x-type: get + x-identifiers: + - InstanceArn + - PermissionSetArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.PermissionSetArn') as permission_set_arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.InstanceArn') as instance_arn, + JSON_EXTRACT(Properties, '$.SessionDuration') as session_duration, + JSON_EXTRACT(Properties, '$.RelayStateType') as relay_state_type, + JSON_EXTRACT(Properties, '$.ManagedPolicies') as managed_policies, + JSON_EXTRACT(Properties, '$.InlinePolicy') as inline_policy, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CustomerManagedPolicyReferences') as customer_managed_policy_references, + JSON_EXTRACT(Properties, '$.PermissionsBoundary') as permissions_boundary + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSO::PermissionSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'PermissionSetArn') as permission_set_arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'InstanceArn') as instance_arn, + json_extract_path_text(Properties, 'SessionDuration') as session_duration, + json_extract_path_text(Properties, 'RelayStateType') as relay_state_type, + json_extract_path_text(Properties, 'ManagedPolicies') as managed_policies, + json_extract_path_text(Properties, 'InlinePolicy') as inline_policy, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CustomerManagedPolicyReferences') as customer_managed_policy_references, + json_extract_path_text(Properties, 'PermissionsBoundary') as permissions_boundary + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SSO::PermissionSet' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/stepfunctions.yaml b/providers/src/awscc/v00.00.00000/services/stepfunctions.yaml new file mode 100644 index 00000000..5e5232f3 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/stepfunctions.yaml @@ -0,0 +1,608 @@ +openapi: 3.0.0 +info: + title: StepFunctions + version: 1.0.0 +paths: {} +components: + schemas: + TagsEntry: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + additionalProperties: false + required: + - Key + - Value + Activity: + type: object + properties: + Arn: + type: string + minLength: 1 + maxLength: 2048 + Name: + type: string + minLength: 1 + maxLength: 80 + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/TagsEntry' + required: + - Name + x-stackql-resource-name: activity + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - states:CreateActivity + read: + - states:DescribeActivity + - states:ListTagsForResource + update: + - states:ListTagsForResource + - states:TagResource + - states:UntagResource + delete: + - states:DeleteActivity + CloudWatchLogsLogGroup: + type: object + additionalProperties: false + properties: + LogGroupArn: + type: string + minLength: 1 + maxLength: 256 + LogDestination: + type: object + additionalProperties: false + properties: + CloudWatchLogsLogGroup: + $ref: '#/components/schemas/CloudWatchLogsLogGroup' + LoggingConfiguration: + type: object + additionalProperties: false + properties: + Level: + type: string + enum: + - ALL + - ERROR + - FATAL + - 'OFF' + IncludeExecutionData: + type: boolean + Destinations: + type: array + minItems: 1 + x-insertionOrder: false + items: + $ref: '#/components/schemas/LogDestination' + TracingConfiguration: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + S3Location: + type: object + additionalProperties: false + properties: + Bucket: + type: string + Key: + type: string + Version: + type: string + required: + - Bucket + - Key + DefinitionSubstitutions: + type: object + additionalProperties: false + x-patternProperties: + .*: + anyOf: + - type: string + - type: integer + - type: boolean + minProperties: 1 + Definition: + type: object + minProperties: 1 + StateMachine: + type: object + properties: + Arn: + type: string + minLength: 1 + maxLength: 2048 + Name: + type: string + minLength: 1 + maxLength: 80 + DefinitionString: + type: string + minLength: 1 + maxLength: 1048576 + RoleArn: + type: string + minLength: 1 + maxLength: 256 + StateMachineName: + type: string + minLength: 1 + maxLength: 80 + StateMachineType: + type: string + enum: + - STANDARD + - EXPRESS + StateMachineRevisionId: + type: string + minLength: 1 + maxLength: 256 + LoggingConfiguration: + $ref: '#/components/schemas/LoggingConfiguration' + TracingConfiguration: + $ref: '#/components/schemas/TracingConfiguration' + DefinitionS3Location: + $ref: '#/components/schemas/S3Location' + DefinitionSubstitutions: + $ref: '#/components/schemas/DefinitionSubstitutions' + Definition: + $ref: '#/components/schemas/Definition' + Tags: + type: array + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/TagsEntry' + required: + - RoleArn + x-stackql-resource-name: state_machine + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - StateMachineName + - StateMachineType + x-read-only-properties: + - Arn + - Name + - StateMachineRevisionId + x-required-permissions: + create: + - states:CreateStateMachine + - states:DescribeStateMachine + - states:TagResource + - iam:PassRole + - s3:GetObject + read: + - states:DescribeStateMachine + - states:ListTagsForResource + update: + - states:UpdateStateMachine + - states:TagResource + - states:UntagResource + - states:ListTagsForResource + - iam:PassRole + delete: + - states:DeleteStateMachine + - states:DescribeStateMachine + list: + - states:ListStateMachines + RoutingConfigurationVersion: + type: object + properties: + StateMachineVersionArn: + type: string + description: The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration. + minLength: 1 + maxLength: 2048 + Weight: + type: integer + description: The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100. + minimum: 0 + maximum: 100 + required: + - StateMachineVersionArn + - Weight + additionalProperties: false + RoutingConfiguration: + type: array + description: The routing configuration of the alias. One or two versions can be mapped to an alias to split StartExecution requests of the same state machine. + minItems: 1 + maxItems: 2 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/RoutingConfigurationVersion' + DeploymentPreference: + type: object + description: The settings to enable gradual state machine deployments. + properties: + StateMachineVersionArn: + type: string + minLength: 1 + maxLength: 2048 + Type: + type: string + description: The type of deployment to perform. + enum: + - LINEAR + - ALL_AT_ONCE + - CANARY + Percentage: + type: integer + description: The percentage of traffic to shift to the new version in each increment. + minimum: 1 + maximum: 99 + Interval: + type: integer + description: The time in minutes between each traffic shifting increment. + minimum: 1 + maximum: 2100 + Alarms: + type: array + description: A list of CloudWatch alarm names that will be monitored during the deployment. The deployment will fail and rollback if any alarms go into ALARM state. + minItems: 1 + maxItems: 100 + uniqueItems: true + x-insertionOrder: false + items: + type: string + minLength: 1 + maxLength: 256 + required: + - StateMachineVersionArn + - Type + additionalProperties: false + StateMachineAlias: + type: object + properties: + Arn: + type: string + minLength: 1 + maxLength: 2048 + description: The ARN of the alias. + Name: + type: string + description: The alias name. + minLength: 1 + maxLength: 80 + Description: + type: string + description: An optional description of the alias. + minLength: 1 + maxLength: 256 + RoutingConfiguration: + $ref: '#/components/schemas/RoutingConfiguration' + DeploymentPreference: + $ref: '#/components/schemas/DeploymentPreference' + x-stackql-resource-name: state_machine_alias + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + x-required-permissions: + create: + - states:CreateStateMachineAlias + - states:DescribeStateMachineAlias + read: + - states:DescribeStateMachineAlias + update: + - cloudwatch:DescribeAlarms + - states:UpdateStateMachineAlias + - states:DescribeStateMachineAlias + delete: + - states:DescribeStateMachineAlias + - states:DeleteStateMachineAlias + list: + - states:ListStateMachineAliases + StateMachineVersion: + type: object + properties: + Arn: + type: string + minLength: 1 + maxLength: 2048 + StateMachineArn: + type: string + minLength: 1 + maxLength: 2048 + StateMachineRevisionId: + type: string + minLength: 1 + maxLength: 2048 + Description: + type: string + minLength: 1 + maxLength: 2048 + required: + - StateMachineArn + x-stackql-resource-name: state_machine_version + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - StateMachineArn + - StateMachineRevisionId + x-read-only-properties: + - Arn + x-required-permissions: + create: + - states:PublishStateMachineVersion + - states:ListStateMachineVersions + - states:DescribeStateMachine + read: + - states:DescribeStateMachine + delete: + - states:DeleteStateMachineVersion + - states:DescribeStateMachine + list: + - states:ListStateMachineVersions + x-stackQL-resources: + activities: + name: activities + id: awscc.stepfunctions.activities + x-cfn-schema-name: Activity + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::Activity' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::Activity' + AND region = 'us-east-1' + activity: + name: activity + id: awscc.stepfunctions.activity + x-cfn-schema-name: Activity + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::Activity' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::Activity' + AND data__Identifier = '' + AND region = 'us-east-1' + state_machines: + name: state_machines + id: awscc.stepfunctions.state_machines + x-cfn-schema-name: StateMachine + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::StateMachine' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::StateMachine' + AND region = 'us-east-1' + state_machine: + name: state_machine + id: awscc.stepfunctions.state_machine + x-cfn-schema-name: StateMachine + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DefinitionString') as definition_string, + JSON_EXTRACT(Properties, '$.RoleArn') as role_arn, + JSON_EXTRACT(Properties, '$.StateMachineName') as state_machine_name, + JSON_EXTRACT(Properties, '$.StateMachineType') as state_machine_type, + JSON_EXTRACT(Properties, '$.StateMachineRevisionId') as state_machine_revision_id, + JSON_EXTRACT(Properties, '$.LoggingConfiguration') as logging_configuration, + JSON_EXTRACT(Properties, '$.TracingConfiguration') as tracing_configuration, + JSON_EXTRACT(Properties, '$.DefinitionS3Location') as definition_s3_location, + JSON_EXTRACT(Properties, '$.DefinitionSubstitutions') as definition_substitutions, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::StateMachine' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DefinitionString') as definition_string, + json_extract_path_text(Properties, 'RoleArn') as role_arn, + json_extract_path_text(Properties, 'StateMachineName') as state_machine_name, + json_extract_path_text(Properties, 'StateMachineType') as state_machine_type, + json_extract_path_text(Properties, 'StateMachineRevisionId') as state_machine_revision_id, + json_extract_path_text(Properties, 'LoggingConfiguration') as logging_configuration, + json_extract_path_text(Properties, 'TracingConfiguration') as tracing_configuration, + json_extract_path_text(Properties, 'DefinitionS3Location') as definition_s3_location, + json_extract_path_text(Properties, 'DefinitionSubstitutions') as definition_substitutions, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::StateMachine' + AND data__Identifier = '' + AND region = 'us-east-1' + state_machine_aliases: + name: state_machine_aliases + id: awscc.stepfunctions.state_machine_aliases + x-cfn-schema-name: StateMachineAlias + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::StateMachineAlias' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::StateMachineAlias' + AND region = 'us-east-1' + state_machine_alias: + name: state_machine_alias + id: awscc.stepfunctions.state_machine_alias + x-cfn-schema-name: StateMachineAlias + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.RoutingConfiguration') as routing_configuration, + JSON_EXTRACT(Properties, '$.DeploymentPreference') as deployment_preference + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::StateMachineAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'RoutingConfiguration') as routing_configuration, + json_extract_path_text(Properties, 'DeploymentPreference') as deployment_preference + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::StateMachineAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + state_machine_versions: + name: state_machine_versions + id: awscc.stepfunctions.state_machine_versions + x-cfn-schema-name: StateMachineVersion + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::StateMachineVersion' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::StepFunctions::StateMachineVersion' + AND region = 'us-east-1' + state_machine_version: + name: state_machine_version + id: awscc.stepfunctions.state_machine_version + x-cfn-schema-name: StateMachineVersion + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.StateMachineArn') as state_machine_arn, + JSON_EXTRACT(Properties, '$.StateMachineRevisionId') as state_machine_revision_id, + JSON_EXTRACT(Properties, '$.Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::StateMachineVersion' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'StateMachineArn') as state_machine_arn, + json_extract_path_text(Properties, 'StateMachineRevisionId') as state_machine_revision_id, + json_extract_path_text(Properties, 'Description') as description + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::StepFunctions::StateMachineVersion' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/supportapp.yaml b/providers/src/awscc/v00.00.00000/services/supportapp.yaml new file mode 100644 index 00000000..5b759462 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/supportapp.yaml @@ -0,0 +1,327 @@ +openapi: 3.0.0 +info: + title: SupportApp + version: 1.0.0 +paths: {} +components: + schemas: + AccountAlias: + type: object + properties: + AccountAlias: + description: An account alias associated with a customer's account. + type: string + pattern: ^[\w\- ]+$ + minLength: 1 + maxLength: 30 + AccountAliasResourceId: + description: Unique identifier representing an alias tied to an account + type: string + pattern: ^[\w\- ]+$ + minLength: 29 + maxLength: 29 + required: + - AccountAlias + x-stackql-resource-name: account_alias + x-stackql-primaryIdentifier: + - AccountAliasResourceId + x-read-only-properties: + - AccountAliasResourceId + x-required-permissions: + create: + - supportapp:PutAccountAlias + - supportapp:GetAccountAlias + read: + - supportapp:GetAccountAlias + update: + - supportapp:PutAccountAlias + - supportapp:GetAccountAlias + delete: + - supportapp:DeleteAccountAlias + - supportapp:GetAccountAlias + list: + - supportapp:GetAccountAlias + SlackChannelConfiguration: + type: object + properties: + TeamId: + description: The team ID in Slack, which uniquely identifies a workspace. + type: string + pattern: ^\S+$ + minLength: 1 + maxLength: 256 + ChannelId: + description: The channel ID in Slack, which identifies a channel within a workspace. + type: string + pattern: ^\S+$ + minLength: 1 + maxLength: 256 + ChannelName: + description: The channel name in Slack. + type: string + pattern: ^.+$ + minLength: 1 + maxLength: 256 + NotifyOnCreateOrReopenCase: + description: Whether to notify when a case is created or reopened. + type: boolean + NotifyOnAddCorrespondenceToCase: + description: Whether to notify when a correspondence is added to a case. + type: boolean + NotifyOnResolveCase: + description: Whether to notify when a case is resolved. + type: boolean + NotifyOnCaseSeverity: + description: The severity level of a support case that a customer wants to get notified for. + type: string + enum: + - none + - all + - high + ChannelRoleArn: + description: The Amazon Resource Name (ARN) of an IAM role that grants the AWS Support App access to perform operations for AWS services. + type: string + pattern: ^arn:aws[-a-z0-9]*:iam::[0-9]{12}:role\/(.+)$ + minLength: 31 + maxLength: 2048 + required: + - TeamId + - ChannelId + - NotifyOnCaseSeverity + - ChannelRoleArn + x-stackql-resource-name: slack_channel_configuration + x-stackql-primaryIdentifier: + - TeamId + - ChannelId + x-create-only-properties: + - TeamId + - ChannelId + x-required-permissions: + create: + - supportapp:CreateSlackChannelConfiguration + - supportapp:ListSlackChannelConfigurations + read: + - supportapp:ListSlackChannelConfigurations + update: + - supportapp:UpdateSlackChannelConfiguration + - supportapp:ListSlackChannelConfigurations + delete: + - supportapp:DeleteSlackChannelConfiguration + - supportapp:ListSlackChannelConfigurations + list: + - supportapp:ListSlackChannelConfigurations + SlackWorkspaceConfiguration: + type: object + properties: + TeamId: + description: The team ID in Slack, which uniquely identifies a workspace. + type: string + pattern: ^\S+$ + minLength: 1 + maxLength: 256 + VersionId: + description: An identifier used to update an existing Slack workspace configuration in AWS CloudFormation. + type: string + pattern: ^[0-9]+$ + minLength: 1 + maxLength: 256 + required: + - TeamId + x-stackql-resource-name: slack_workspace_configuration + x-stackql-primaryIdentifier: + - TeamId + x-create-only-properties: + - TeamId + x-required-permissions: + create: + - supportapp:RegisterSlackWorkspaceForOrganization + - supportapp:ListSlackWorkspaceConfigurations + read: + - supportapp:ListSlackWorkspaceConfigurations + update: + - supportapp:RegisterSlackWorkspaceForOrganization + - supportapp:ListSlackWorkspaceConfigurations + delete: + - supportapp:ListSlackWorkspaceConfigurations + - supportapp:DeleteSlackWorkspaceConfiguration + list: + - supportapp:ListSlackWorkspaceConfigurations + x-stackQL-resources: + account_aliases: + name: account_aliases + id: awscc.supportapp.account_aliases + x-cfn-schema-name: AccountAlias + x-type: list + x-identifiers: + - AccountAliasResourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountAliasResourceId') as account_alias_resource_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SupportApp::AccountAlias' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountAliasResourceId') as account_alias_resource_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SupportApp::AccountAlias' + AND region = 'us-east-1' + account_alias: + name: account_alias + id: awscc.supportapp.account_alias + x-cfn-schema-name: AccountAlias + x-type: get + x-identifiers: + - AccountAliasResourceId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccountAlias') as account_alias, + JSON_EXTRACT(Properties, '$.AccountAliasResourceId') as account_alias_resource_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SupportApp::AccountAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccountAlias') as account_alias, + json_extract_path_text(Properties, 'AccountAliasResourceId') as account_alias_resource_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SupportApp::AccountAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + slack_channel_configurations: + name: slack_channel_configurations + id: awscc.supportapp.slack_channel_configurations + x-cfn-schema-name: SlackChannelConfiguration + x-type: list + x-identifiers: + - TeamId + - ChannelId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TeamId') as team_id, + JSON_EXTRACT(Properties, '$.ChannelId') as channel_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SupportApp::SlackChannelConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TeamId') as team_id, + json_extract_path_text(Properties, 'ChannelId') as channel_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SupportApp::SlackChannelConfiguration' + AND region = 'us-east-1' + slack_channel_configuration: + name: slack_channel_configuration + id: awscc.supportapp.slack_channel_configuration + x-cfn-schema-name: SlackChannelConfiguration + x-type: get + x-identifiers: + - TeamId + - ChannelId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TeamId') as team_id, + JSON_EXTRACT(Properties, '$.ChannelId') as channel_id, + JSON_EXTRACT(Properties, '$.ChannelName') as channel_name, + JSON_EXTRACT(Properties, '$.NotifyOnCreateOrReopenCase') as notify_on_create_or_reopen_case, + JSON_EXTRACT(Properties, '$.NotifyOnAddCorrespondenceToCase') as notify_on_add_correspondence_to_case, + JSON_EXTRACT(Properties, '$.NotifyOnResolveCase') as notify_on_resolve_case, + JSON_EXTRACT(Properties, '$.NotifyOnCaseSeverity') as notify_on_case_severity, + JSON_EXTRACT(Properties, '$.ChannelRoleArn') as channel_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SupportApp::SlackChannelConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TeamId') as team_id, + json_extract_path_text(Properties, 'ChannelId') as channel_id, + json_extract_path_text(Properties, 'ChannelName') as channel_name, + json_extract_path_text(Properties, 'NotifyOnCreateOrReopenCase') as notify_on_create_or_reopen_case, + json_extract_path_text(Properties, 'NotifyOnAddCorrespondenceToCase') as notify_on_add_correspondence_to_case, + json_extract_path_text(Properties, 'NotifyOnResolveCase') as notify_on_resolve_case, + json_extract_path_text(Properties, 'NotifyOnCaseSeverity') as notify_on_case_severity, + json_extract_path_text(Properties, 'ChannelRoleArn') as channel_role_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SupportApp::SlackChannelConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + slack_workspace_configurations: + name: slack_workspace_configurations + id: awscc.supportapp.slack_workspace_configurations + x-cfn-schema-name: SlackWorkspaceConfiguration + x-type: list + x-identifiers: + - TeamId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TeamId') as team_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SupportApp::SlackWorkspaceConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TeamId') as team_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SupportApp::SlackWorkspaceConfiguration' + AND region = 'us-east-1' + slack_workspace_configuration: + name: slack_workspace_configuration + id: awscc.supportapp.slack_workspace_configuration + x-cfn-schema-name: SlackWorkspaceConfiguration + x-type: get + x-identifiers: + - TeamId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TeamId') as team_id, + JSON_EXTRACT(Properties, '$.VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SupportApp::SlackWorkspaceConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TeamId') as team_id, + json_extract_path_text(Properties, 'VersionId') as version_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SupportApp::SlackWorkspaceConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/synthetics.yaml b/providers/src/awscc/v00.00.00000/services/synthetics.yaml new file mode 100644 index 00000000..0da77bb6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/synthetics.yaml @@ -0,0 +1,473 @@ +openapi: 3.0.0 +info: + title: Synthetics + version: 1.0.0 +paths: {} +components: + schemas: + Schedule: + type: object + additionalProperties: false + properties: + Expression: + type: string + DurationInSeconds: + type: string + required: + - Expression + Code: + type: object + additionalProperties: false + properties: + S3Bucket: + type: string + S3Key: + type: string + S3ObjectVersion: + type: string + Script: + type: string + Handler: + type: string + SourceLocationArn: + type: string + required: + - Handler + oneOf: + - required: + - S3Bucket + - S3Key + - required: + - Script + Tag: + description: A key-value pair to associate with a resource. + additionalProperties: false + type: object + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 1 + maxLength: 128 + pattern: ^(?!aws:)([a-zA-Z\d\s_.:/=+\-@]+)$ + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + minLength: 0 + maxLength: 256 + pattern: ^([a-zA-Z\d\s_.:/=+\-@]*)$ + required: + - Value + - Key + VPCConfig: + type: object + additionalProperties: false + properties: + VpcId: + type: string + SubnetIds: + type: array + items: + type: string + SecurityGroupIds: + type: array + items: + type: string + required: + - SubnetIds + - SecurityGroupIds + RunConfig: + type: object + additionalProperties: false + properties: + TimeoutInSeconds: + description: Provide maximum canary timeout per run in seconds + type: integer + MemoryInMB: + description: Provide maximum memory available for canary in MB + type: integer + ActiveTracing: + description: Enable active tracing if set to true + type: boolean + EnvironmentVariables: + type: object + additionalProperties: false + description: Environment variable key-value pairs. + x-patternProperties: + '[a-zA-Z][a-zA-Z0-9_]+': + type: string + VisualReference: + type: object + additionalProperties: false + properties: + BaseCanaryRunId: + type: string + description: Canary run id to be used as base reference for visual testing + BaseScreenshots: + type: array + description: List of screenshots used as base reference for visual testing + items: + $ref: '#/components/schemas/BaseScreenshot' + required: + - BaseCanaryRunId + BaseScreenshot: + type: object + properties: + ScreenshotName: + type: string + description: Name of the screenshot to be used as base reference for visual testing + IgnoreCoordinates: + type: array + description: List of coordinates of rectangles to be ignored during visual testing + items: + type: string + description: Coordinates of a rectangle to be ignored during visual testing + required: + - ScreenshotName + ArtifactConfig: + type: object + additionalProperties: false + properties: + S3Encryption: + $ref: '#/components/schemas/S3Encryption' + description: Encryption configuration for uploading artifacts to S3 + S3Encryption: + type: object + additionalProperties: false + properties: + EncryptionMode: + type: string + description: 'Encryption mode for encrypting artifacts when uploading to S3. Valid values: SSE_S3 and SSE_KMS.' + KmsKeyArn: + type: string + description: KMS key Arn for encrypting artifacts when uploading to S3. You must specify KMS key Arn for SSE_KMS encryption mode only. + Canary: + type: object + properties: + Name: + description: Name of the canary. + type: string + pattern: ^[0-9a-z_\-]{1,21}$ + Id: + description: Id of the canary + type: string + State: + description: State of the canary + type: string + Code: + description: Provide the canary script source + $ref: '#/components/schemas/Code' + ArtifactS3Location: + description: Provide the s3 bucket output location for test results + type: string + pattern: ^(s3|S3):// + ArtifactConfig: + description: Provide artifact configuration + $ref: '#/components/schemas/ArtifactConfig' + Schedule: + description: Frequency to run your canaries + $ref: '#/components/schemas/Schedule' + ExecutionRoleArn: + description: Lambda Execution role used to run your canaries + type: string + RuntimeVersion: + description: Runtime version of Synthetics Library + type: string + SuccessRetentionPeriod: + description: Retention period of successful canary runs represented in number of days + type: integer + FailureRetentionPeriod: + description: Retention period of failed canary runs represented in number of days + type: integer + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + VPCConfig: + description: Provide VPC Configuration if enabled. + $ref: '#/components/schemas/VPCConfig' + RunConfig: + description: Provide canary run configuration + $ref: '#/components/schemas/RunConfig' + StartCanaryAfterCreation: + description: Runs canary if set to True. Default is False + type: boolean + VisualReference: + description: Visual reference configuration for visual testing + $ref: '#/components/schemas/VisualReference' + DeleteLambdaResourcesOnCanaryDeletion: + description: Deletes associated lambda resources created by Synthetics if set to True. Default is False + type: boolean + required: + - Name + - Code + - ArtifactS3Location + - ExecutionRoleArn + - Schedule + - RuntimeVersion + x-stackql-resource-name: canary + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Id + - State + - Code/SourceLocationArn + x-required-permissions: + create: + - synthetics:CreateCanary + - synthetics:StartCanary + - synthetics:GetCanary + - synthetics:TagResource + - s3:CreateBucket + - s3:GetObject + - s3:GetObjectVersion + - s3:PutBucketEncryption + - s3:PutEncryptionConfiguration + - s3:GetBucketLocation + - lambda:CreateFunction + - lambda:AddPermission + - lambda:PublishVersion + - lambda:UpdateFunctionConfiguration + - lambda:GetFunctionConfiguration + - lambda:GetLayerVersionByArn + - lambda:GetLayerVersion + - lambda:PublishLayerVersion + - ec2:DescribeVpcs + - ec2:DescribeSubnets + - ec2:DescribeSecurityGroups + - iam:PassRole + update: + - synthetics:UpdateCanary + - synthetics:StartCanary + - synthetics:StopCanary + - synthetics:GetCanary + - synthetics:TagResource + - synthetics:UntagResource + - s3:GetObject + - s3:GetObjectVersion + - s3:PutBucketEncryption + - s3:PutEncryptionConfiguration + - s3:GetBucketLocation + - lambda:AddPermission + - lambda:PublishVersion + - lambda:UpdateFunctionConfiguration + - lambda:GetFunctionConfiguration + - lambda:GetLayerVersionByArn + - lambda:GetLayerVersion + - lambda:PublishLayerVersion + - iam:PassRole + read: + - synthetics:GetCanary + - synthetics:DescribeCanaries + - synthetics:ListTagsForResource + - iam:ListRoles + - s3:ListAllMyBuckets + - s3:GetBucketLocation + delete: + - synthetics:DeleteCanary + - synthetics:GetCanary + list: + - synthetics:DescribeCanaries + ResourceArn: + type: string + description: Provide Canary Arn associated with the group. + pattern: arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:canary:[0-9a-z_\-] + Group: + type: object + properties: + Name: + description: Name of the group. + type: string + pattern: ^[0-9a-z_\-]{1,64}$ + Id: + description: Id of the group. + type: string + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + minItems: 0 + ResourceArns: + type: array + uniqueItems: true + items: + $ref: '#/components/schemas/ResourceArn' + maxItems: 10 + required: + - Name + x-stackql-resource-name: group + x-stackql-primaryIdentifier: + - Name + x-create-only-properties: + - Name + x-read-only-properties: + - Id + x-required-permissions: + create: + - synthetics:CreateGroup + - synthetics:AssociateResource + - synthetics:TagResource + - synthetics:GetGroup + update: + - synthetics:AssociateResource + - synthetics:DisassociateResource + - synthetics:TagResource + - synthetics:UntagResource + - synthetics:GetGroup + - synthetics:ListGroupResources + read: + - synthetics:GetGroup + - synthetics:ListTagsForResource + - synthetics:ListGroupResources + delete: + - synthetics:DeleteGroup + - synthetics:GetGroup + list: + - synthetics:ListGroups + x-stackQL-resources: + canaries: + name: canaries + id: awscc.synthetics.canaries + x-cfn-schema-name: Canary + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Synthetics::Canary' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Synthetics::Canary' + AND region = 'us-east-1' + canary: + name: canary + id: awscc.synthetics.canary + x-cfn-schema-name: Canary + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.State') as state, + JSON_EXTRACT(Properties, '$.Code') as code, + JSON_EXTRACT(Properties, '$.ArtifactS3Location') as artifact_s3_location, + JSON_EXTRACT(Properties, '$.ArtifactConfig') as artifact_config, + JSON_EXTRACT(Properties, '$.Schedule') as schedule, + JSON_EXTRACT(Properties, '$.ExecutionRoleArn') as execution_role_arn, + JSON_EXTRACT(Properties, '$.RuntimeVersion') as runtime_version, + JSON_EXTRACT(Properties, '$.SuccessRetentionPeriod') as success_retention_period, + JSON_EXTRACT(Properties, '$.FailureRetentionPeriod') as failure_retention_period, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VPCConfig') as v_pc_config, + JSON_EXTRACT(Properties, '$.RunConfig') as run_config, + JSON_EXTRACT(Properties, '$.StartCanaryAfterCreation') as start_canary_after_creation, + JSON_EXTRACT(Properties, '$.VisualReference') as visual_reference, + JSON_EXTRACT(Properties, '$.DeleteLambdaResourcesOnCanaryDeletion') as delete_lambda_resources_on_canary_deletion + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Synthetics::Canary' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'State') as state, + json_extract_path_text(Properties, 'Code') as code, + json_extract_path_text(Properties, 'ArtifactS3Location') as artifact_s3_location, + json_extract_path_text(Properties, 'ArtifactConfig') as artifact_config, + json_extract_path_text(Properties, 'Schedule') as schedule, + json_extract_path_text(Properties, 'ExecutionRoleArn') as execution_role_arn, + json_extract_path_text(Properties, 'RuntimeVersion') as runtime_version, + json_extract_path_text(Properties, 'SuccessRetentionPeriod') as success_retention_period, + json_extract_path_text(Properties, 'FailureRetentionPeriod') as failure_retention_period, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VPCConfig') as v_pc_config, + json_extract_path_text(Properties, 'RunConfig') as run_config, + json_extract_path_text(Properties, 'StartCanaryAfterCreation') as start_canary_after_creation, + json_extract_path_text(Properties, 'VisualReference') as visual_reference, + json_extract_path_text(Properties, 'DeleteLambdaResourcesOnCanaryDeletion') as delete_lambda_resources_on_canary_deletion + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Synthetics::Canary' + AND data__Identifier = '' + AND region = 'us-east-1' + groups: + name: groups + id: awscc.synthetics.groups + x-cfn-schema-name: Group + x-type: list + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Synthetics::Group' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Synthetics::Group' + AND region = 'us-east-1' + group: + name: group + id: awscc.synthetics.group + x-cfn-schema-name: Group + x-type: get + x-identifiers: + - Name + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.ResourceArns') as resource_arns + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Synthetics::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'ResourceArns') as resource_arns + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Synthetics::Group' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/systemsmanagersap.yaml b/providers/src/awscc/v00.00.00000/services/systemsmanagersap.yaml new file mode 100644 index 00000000..ea528615 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/systemsmanagersap.yaml @@ -0,0 +1,179 @@ +openapi: 3.0.0 +info: + title: SystemsManagerSAP + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: A key-value pair to associate with a resource. + type: object + properties: + Key: + description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + type: string + minLength: 1 + maxLength: 128 + Value: + description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Credential: + type: object + properties: + DatabaseName: + type: string + pattern: ^(?=.{1,100}$).* + CredentialType: + type: string + enum: + - ADMIN + SecretId: + type: string + pattern: ^(?=.{1,100}$).* + additionalProperties: false + Instance: + type: string + pattern: ^i-[\w\d]{8}$|^i-[\w\d]{17}$ + Application: + type: object + properties: + ApplicationId: + type: string + pattern: '[\w\d]{1,50}' + ApplicationType: + type: string + enum: + - HANA + Arn: + description: The ARN of the Helix application + type: string + pattern: ^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\/.+$ + Credentials: + type: array + items: + $ref: '#/components/schemas/Credential' + minItems: 1 + x-insertionOrder: true + Instances: + type: array + items: + $ref: '#/components/schemas/Instance' + minItems: 1 + x-insertionOrder: true + SapInstanceNumber: + type: string + pattern: '[0-9]{2}' + Sid: + type: string + pattern: '[A-Z][A-Z0-9]{2}' + Tags: + description: The tags of a SystemsManagerSAP application. + type: array + items: + $ref: '#/components/schemas/Tag' + x-insertionOrder: true + required: + - ApplicationId + - ApplicationType + x-stackql-resource-name: application + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Credentials + - Instances + - SapInstanceNumber + - Sid + x-read-only-properties: + - Arn + x-required-permissions: + create: + - ssm-sap:RegisterApplication + - ssm-sap:GetApplication + - ssm-sap:TagResource + - ssm-sap:ListTagsForResource + read: + - ssm-sap:GetApplication + - ssm-sap:ListTagsForResource + update: + - ssm-sap:TagResource + - ssm-sap:UntagResource + - ssm-sap:ListTagsForResource + - ssm-sap:GetApplication + delete: + - ssm-sap:DeregisterApplication + - ssm-sap:GetApplication + list: + - ssm-sap:ListApplications + x-stackQL-resources: + applications: + name: applications + id: awscc.systemsmanagersap.applications + x-cfn-schema-name: Application + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SystemsManagerSAP::Application' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::SystemsManagerSAP::Application' + AND region = 'us-east-1' + application: + name: application + id: awscc.systemsmanagersap.application + x-cfn-schema-name: Application + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ApplicationId') as application_id, + JSON_EXTRACT(Properties, '$.ApplicationType') as application_type, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Credentials') as credentials, + JSON_EXTRACT(Properties, '$.Instances') as instances, + JSON_EXTRACT(Properties, '$.SapInstanceNumber') as sap_instance_number, + JSON_EXTRACT(Properties, '$.Sid') as sid, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SystemsManagerSAP::Application' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ApplicationId') as application_id, + json_extract_path_text(Properties, 'ApplicationType') as application_type, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Credentials') as credentials, + json_extract_path_text(Properties, 'Instances') as instances, + json_extract_path_text(Properties, 'SapInstanceNumber') as sap_instance_number, + json_extract_path_text(Properties, 'Sid') as sid, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::SystemsManagerSAP::Application' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/timestream.yaml b/providers/src/awscc/v00.00.00000/services/timestream.yaml new file mode 100644 index 00000000..c8e20012 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/timestream.yaml @@ -0,0 +1,836 @@ +openapi: 3.0.0 +info: + title: Timestream + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: You can use the Resource Tags property to apply tags to resources, which can help you identify and categorize those resources. + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + additionalProperties: false + Database: + type: object + properties: + Arn: + type: string + DatabaseName: + description: The name for the database. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the database name. + type: string + pattern: ^[a-zA-Z0-9_.-]{3,256}$ + KmsKeyId: + description: The KMS key for the database. If the KMS key is not specified, the database will be encrypted with a Timestream managed KMS key located in your account. + type: string + minLength: 1 + maxLength: 2048 + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: database + x-stackql-primaryIdentifier: + - DatabaseName + x-create-only-properties: + - DatabaseName + x-read-only-properties: + - Arn + x-required-permissions: + create: + - timestream:CreateDatabase + - timestream:DescribeEndpoints + - timestream:TagResource + - kms:CreateGrant + - kms:DescribeKey + - kms:Decrypt + read: + - timestream:DescribeDatabase + - timestream:DescribeEndpoints + - timestream:ListTagsForResource + update: + - timestream:UpdateDatabase + - timestream:DescribeDatabase + - timestream:DescribeEndpoints + - timestream:TagResource + - timestream:UntagResource + delete: + - timestream:DeleteDatabase + - timestream:DescribeEndpoints + list: + - timestream:ListDatabases + - timestream:DescribeEndpoints + Arn: + description: Amazon Resource Name of the scheduled query that is generated upon creation. + type: string + minLength: 1 + maxLength: 2048 + ScheduledQueryName: + description: The name of the scheduled query. Scheduled query names must be unique within each Region. + type: string + pattern: '[a-zA-Z0-9_.-]+' + minLength: 1 + maxLength: 64 + QueryString: + description: >- + The query string to run. Parameter names can be specified in the query string @ character followed by an identifier. The named Parameter @scheduled_runtime is reserved and can be used in the query to get the time at which the query is scheduled to run. The timestamp calculated according to the ScheduleConfiguration parameter, will be the value of @scheduled_runtime paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For + this instance, the @scheduled_runtime parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query. + type: string + minLength: 1 + maxLength: 262144 + ScheduleConfiguration: + description: Configuration for when the scheduled query is executed. + type: object + properties: + ScheduleExpression: + $ref: '#/components/schemas/ScheduleExpression' + required: + - ScheduleExpression + additionalProperties: false + NotificationConfiguration: + description: Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it. + type: object + properties: + SnsConfiguration: + $ref: '#/components/schemas/SnsConfiguration' + required: + - SnsConfiguration + additionalProperties: false + ClientToken: + description: Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request. If CreateScheduledQuery is called without a ClientToken, the Query SDK generates a ClientToken on your behalf. After 8 hours, any request with the same ClientToken is treated as a new request. + type: string + minLength: 32 + maxLength: 128 + ScheduledQueryExecutionRoleArn: + description: The ARN for the IAM role that Timestream will assume when running the scheduled query. + type: string + minLength: 1 + maxLength: 2048 + TargetConfiguration: + description: Configuration of target store where scheduled query results are written to. + type: object + properties: + TimestreamConfiguration: + $ref: '#/components/schemas/TimestreamConfiguration' + required: + - TimestreamConfiguration + additionalProperties: false + ErrorReportConfiguration: + description: Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results. + type: object + properties: + S3Configuration: + $ref: '#/components/schemas/S3Configuration' + required: + - S3Configuration + additionalProperties: false + KmsKeyId: + description: The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with alias/. If ErrorReportConfiguration uses SSE_KMS as encryption type, the same KmsKeyId is used to encrypt the error report at rest. + type: string + minLength: 1 + maxLength: 2048 + Tags: + description: A list of key-value pairs to label the scheduled query. + type: array + x-insertionOrder: false + maxItems: 200 + items: + $ref: '#/components/schemas/Tag' + ScheduleExpression: + description: An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression. + type: string + minLength: 1 + maxLength: 256 + SnsConfiguration: + description: SNS configuration for notification upon scheduled query execution. + type: object + properties: + TopicArn: + $ref: '#/components/schemas/TopicArn' + required: + - TopicArn + additionalProperties: false + TopicArn: + description: SNS topic ARN that the scheduled query status notifications will be sent to. + type: string + minLength: 1 + maxLength: 2048 + TimestreamConfiguration: + description: Configuration needed to write data into the Timestream database and table. + type: object + properties: + DatabaseName: + $ref: '#/components/schemas/DatabaseName' + TableName: + $ref: '#/components/schemas/TableName' + TimeColumn: + $ref: '#/components/schemas/TimeColumn' + DimensionMappings: + $ref: '#/components/schemas/DimensionMappings' + MultiMeasureMappings: + $ref: '#/components/schemas/MultiMeasureMappings' + MixedMeasureMappings: + $ref: '#/components/schemas/MixedMeasureMappings' + MeasureNameColumn: + $ref: '#/components/schemas/MeasureNameColumn' + required: + - DatabaseName + - TableName + - TimeColumn + - DimensionMappings + additionalProperties: false + DatabaseName: + description: Name of Timestream database to which the query result will be written. + type: string + TableName: + description: Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration. + type: string + TimeColumn: + description: Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP. + type: string + DimensionMappings: + description: This is to allow mapping column(s) from the query result to the dimension in the destination table. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/DimensionMapping' + DimensionMapping: + description: This type is used to map column(s) from the query result to a dimension in the destination table. + type: object + properties: + Name: + $ref: '#/components/schemas/DimensionMappingName' + DimensionValueType: + $ref: '#/components/schemas/DimensionValueType' + required: + - Name + - DimensionValueType + additionalProperties: false + DimensionMappingName: + description: Column name from query result. + type: string + DimensionValueType: + description: Type for the dimension. + type: string + enum: + - VARCHAR + MultiMeasureMappings: + description: Only one of MixedMeasureMappings or MultiMeasureMappings is to be provided. MultiMeasureMappings can be used to ingest data as multi measures in the derived table. + type: object + properties: + TargetMultiMeasureName: + $ref: '#/components/schemas/TargetMultiMeasureName' + MultiMeasureAttributeMappings: + $ref: '#/components/schemas/MultiMeasureAttributeMappingList' + required: + - MultiMeasureAttributeMappings + additionalProperties: false + TargetMultiMeasureName: + description: Name of the target multi-measure in the derived table. Required if MeasureNameColumn is not provided. If MeasureNameColumn is provided then the value from that column will be used as the multi-measure name. + type: string + MultiMeasureAttributeMappingList: + description: Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes. + type: array + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/MultiMeasureAttributeMapping' + MultiMeasureAttributeMapping: + description: An attribute mapping to be used for mapping query results to ingest data for multi-measure attributes. + type: object + properties: + SourceColumn: + $ref: '#/components/schemas/MultiMeasureAttributeMappingSourceColumn' + MeasureValueType: + $ref: '#/components/schemas/MultiMeasureAttributeMappingMeasureValueType' + TargetMultiMeasureAttributeName: + $ref: '#/components/schemas/TargetMultiMeasureAttributeName' + required: + - SourceColumn + - MeasureValueType + additionalProperties: false + MultiMeasureAttributeMappingSourceColumn: + description: Source measure value column in the query result where the attribute value is to be read. + type: string + MultiMeasureAttributeMappingMeasureValueType: + description: Value type of the measure value column to be read from the query result. + type: string + enum: + - BIGINT + - BOOLEAN + - DOUBLE + - VARCHAR + - TIMESTAMP + TargetMultiMeasureAttributeName: + description: Custom name to be used for attribute name in derived table. If not provided, source column name would be used. + type: string + MixedMeasureMappings: + description: Specifies how to map measures to multi-measure records. + type: array + x-insertionOrder: false + minItems: 1 + items: + $ref: '#/components/schemas/MixedMeasureMapping' + MixedMeasureMapping: + description: MixedMeasureMappings are mappings that can be used to ingest data into a mixture of narrow and multi measures in the derived table. + type: object + properties: + MeasureName: + $ref: '#/components/schemas/MixedMeasureMappingMeasureName' + SourceColumn: + $ref: '#/components/schemas/MixedMeasureMappingSourceColumn' + TargetMeasureName: + $ref: '#/components/schemas/MixedMeasureMappingTargetMeasureName' + MeasureValueType: + $ref: '#/components/schemas/MixedMeasureMappingMeasureValueType' + MultiMeasureAttributeMappings: + $ref: '#/components/schemas/MultiMeasureAttributeMappingList' + required: + - MeasureValueType + additionalProperties: false + MixedMeasureMappingMeasureName: + description: Refers to the value of the measure name in a result row. This field is required if MeasureNameColumn is provided. + type: string + MixedMeasureMappingSourceColumn: + description: This field refers to the source column from which the measure value is to be read for result materialization. + type: string + MixedMeasureMappingTargetMeasureName: + description: Target measure name to be used. If not provided, the target measure name by default would be MeasureName if provided, or SourceColumn otherwise. + type: string + MixedMeasureMappingMeasureValueType: + description: Type of the value that is to be read from SourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI. + type: string + enum: + - BIGINT + - BOOLEAN + - DOUBLE + - VARCHAR + - MULTI + MeasureNameColumn: + description: Name of the measure name column from the query result. + type: string + S3Configuration: + description: Details on S3 location for error reports that result from running a query. + type: object + properties: + BucketName: + $ref: '#/components/schemas/BucketName' + ObjectKeyPrefix: + $ref: '#/components/schemas/ObjectKeyPrefix' + EncryptionOption: + $ref: '#/components/schemas/EncryptionOption' + required: + - BucketName + additionalProperties: false + BucketName: + description: Name of the S3 bucket under which error reports will be created. + type: string + minLength: 3 + maxLength: 63 + pattern: '[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9]' + ObjectKeyPrefix: + description: Prefix for error report keys. + type: string + minLength: 1 + maxLength: 896 + pattern: '[a-zA-Z0-9|!\-_*''\(\)]([a-zA-Z0-9]|[!\-_*''\(\)\/.])+' + EncryptionOption: + description: Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default. + type: string + enum: + - SSE_S3 + - SSE_KMS + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + minLength: 0 + maxLength: 256 + ScheduledQuery: + type: object + properties: + Arn: + $ref: '#/components/schemas/Arn' + ScheduledQueryName: + $ref: '#/components/schemas/ScheduledQueryName' + QueryString: + $ref: '#/components/schemas/QueryString' + ScheduleConfiguration: + $ref: '#/components/schemas/ScheduleConfiguration' + NotificationConfiguration: + $ref: '#/components/schemas/NotificationConfiguration' + ClientToken: + $ref: '#/components/schemas/ClientToken' + ScheduledQueryExecutionRoleArn: + $ref: '#/components/schemas/ScheduledQueryExecutionRoleArn' + TargetConfiguration: + $ref: '#/components/schemas/TargetConfiguration' + ErrorReportConfiguration: + $ref: '#/components/schemas/ErrorReportConfiguration' + KmsKeyId: + $ref: '#/components/schemas/KmsKeyId' + SQName: + description: The name of the scheduled query. Scheduled query names must be unique within each Region. + type: string + SQQueryString: + description: >- + The query string to run. Parameter names can be specified in the query string @ character followed by an identifier. The named Parameter @scheduled_runtime is reserved and can be used in the query to get the time at which the query is scheduled to run. The timestamp calculated according to the ScheduleConfiguration parameter, will be the value of @scheduled_runtime paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. + For this instance, the @scheduled_runtime parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query. + type: string + SQScheduleConfiguration: + description: Configuration for when the scheduled query is executed. + type: string + SQNotificationConfiguration: + description: Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it. + type: string + SQScheduledQueryExecutionRoleArn: + description: The ARN for the IAM role that Timestream will assume when running the scheduled query. + type: string + SQTargetConfiguration: + description: Configuration of target store where scheduled query results are written to. + type: string + SQErrorReportConfiguration: + description: Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results. + type: string + SQKmsKeyId: + description: The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with alias/. If ErrorReportConfiguration uses SSE_KMS as encryption type, the same KmsKeyId is used to encrypt the error report at rest. + type: string + Tags: + $ref: '#/components/schemas/Tags' + required: + - QueryString + - ScheduleConfiguration + - NotificationConfiguration + - ScheduledQueryExecutionRoleArn + - ErrorReportConfiguration + x-stackql-resource-name: scheduled_query + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ScheduledQueryName + - QueryString + - ScheduleConfiguration + - NotificationConfiguration + - ClientToken + - ScheduledQueryExecutionRoleArn + - TargetConfiguration + - ErrorReportConfiguration + - KmsKeyId + x-read-only-properties: + - Arn + - SQName + - SQQueryString + - SQScheduleConfiguration + - SQNotificationConfiguration + - SQScheduledQueryExecutionRoleArn + - SQTargetConfiguration + - SQErrorReportConfiguration + - SQKmsKeyId + x-required-permissions: + create: + - timestream:CreateScheduledQuery + - timestream:DescribeEndpoints + read: + - timestream:DescribeScheduledQuery + - timestream:ListTagsForResource + - timestream:DescribeEndpoints + update: + - timestream:UpdateScheduledQuery + - timestream:TagResource + - timestream:UntagResource + - timestream:DescribeEndpoints + delete: + - timestream:DeleteScheduledQuery + - timestream:DescribeEndpoints + list: + - timestream:ListScheduledQueries + - timestream:DescribeEndpoints + PartitionKeyList: + description: A list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed. + type: array + minItems: 1 + items: + $ref: '#/components/schemas/PartitionKey' + x-insertionOrder: true + PartitionKey: + description: 'An attribute used in partitioning data in a table. There are two types of partition keys: dimension keys and measure keys. A dimension key partitions data on a dimension name, while a measure key partitions data on the measure name.' + type: object + properties: + Type: + $ref: '#/components/schemas/PartitionKeyType' + Name: + $ref: '#/components/schemas/SchemaName' + EnforcementInRecord: + $ref: '#/components/schemas/PartitionKeyEnforcementLevel' + required: + - Type + additionalProperties: false + PartitionKeyType: + description: The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key). + type: string + enum: + - DIMENSION + - MEASURE + SchemaName: + description: The name of the attribute used for a dimension key. + type: string + minLength: 1 + maxLength: 2048 + PartitionKeyEnforcementLevel: + description: The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified). + type: string + enum: + - REQUIRED + - OPTIONAL + Table: + type: object + properties: + Arn: + type: string + Name: + description: The table name exposed as a read-only attribute. + type: string + DatabaseName: + description: The name for the database which the table to be created belongs to. + type: string + pattern: ^[a-zA-Z0-9_.-]{3,256}$ + TableName: + description: The name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. + type: string + pattern: ^[a-zA-Z0-9_.-]{3,256}$ + RetentionProperties: + description: The retention duration of the memory store and the magnetic store. + type: object + properties: + MemoryStoreRetentionPeriodInHours: + description: The duration for which data must be stored in the memory store. + type: string + MagneticStoreRetentionPeriodInDays: + description: The duration for which data must be stored in the magnetic store. + type: string + additionalProperties: false + Schema: + description: A Schema specifies the expected data model of the table. + type: object + properties: + CompositePartitionKey: + $ref: '#/components/schemas/PartitionKeyList' + additionalProperties: false + MagneticStoreWriteProperties: + description: The properties that determine whether magnetic store writes are enabled. + type: object + properties: + EnableMagneticStoreWrites: + description: Boolean flag indicating whether magnetic store writes are enabled. + type: boolean + MagneticStoreRejectedDataLocation: + description: Location to store information about records that were asynchronously rejected during magnetic store writes. + type: object + properties: + S3Configuration: + description: S3 configuration for location to store rejections from magnetic store writes + type: object + properties: + BucketName: + description: The bucket name used to store the data. + type: string + ObjectKeyPrefix: + description: String used to prefix all data in the bucket. + type: string + EncryptionOption: + description: Either SSE_KMS or SSE_S3. + type: string + KmsKeyId: + description: Must be provided if SSE_KMS is specified as the encryption option + type: string + required: + - EncryptionOption + - BucketName + additionalProperties: false + additionalProperties: false + required: + - EnableMagneticStoreWrites + additionalProperties: false + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + maxItems: 200 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + required: + - DatabaseName + x-stackql-resource-name: table + x-stackql-primaryIdentifier: + - DatabaseName + - TableName + x-create-only-properties: + - DatabaseName + - TableName + x-read-only-properties: + - Arn + - Name + x-required-permissions: + create: + - timestream:CreateTable + - timestream:DescribeEndpoints + - timestream:TagResource + - s3:PutObject + - s3:GetObject + - s3:GetBucketAcl + - kms:GenerateDataKey* + - kms:DescribeKey + - kms:Encrypt + read: + - timestream:DescribeTable + - timestream:DescribeEndpoints + - timestream:ListTagsForResource + update: + - timestream:UpdateTable + - timestream:DescribeEndpoints + - timestream:TagResource + - timestream:UntagResource + - s3:PutObject + - s3:GetObject + - s3:GetBucketAcl + - kms:GenerateDataKey* + - kms:DescribeKey + - kms:Encrypt + delete: + - timestream:DeleteTable + - timestream:DescribeEndpoints + - timestream:DescribeTable + list: + - timestream:ListTables + - timestream:DescribeEndpoints + x-stackQL-resources: + databases: + name: databases + id: awscc.timestream.databases + x-cfn-schema-name: Database + x-type: list + x-identifiers: + - DatabaseName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatabaseName') as database_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Timestream::Database' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatabaseName') as database_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Timestream::Database' + AND region = 'us-east-1' + database: + name: database + id: awscc.timestream.database + x-cfn-schema-name: Database + x-type: get + x-identifiers: + - DatabaseName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DatabaseName') as database_name, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Timestream::Database' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DatabaseName') as database_name, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Timestream::Database' + AND data__Identifier = '' + AND region = 'us-east-1' + scheduled_queries: + name: scheduled_queries + id: awscc.timestream.scheduled_queries + x-cfn-schema-name: ScheduledQuery + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Timestream::ScheduledQuery' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Timestream::ScheduledQuery' + AND region = 'us-east-1' + scheduled_query: + name: scheduled_query + id: awscc.timestream.scheduled_query + x-cfn-schema-name: ScheduledQuery + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ScheduledQueryName') as scheduled_query_name, + JSON_EXTRACT(Properties, '$.QueryString') as query_string, + JSON_EXTRACT(Properties, '$.ScheduleConfiguration') as schedule_configuration, + JSON_EXTRACT(Properties, '$.NotificationConfiguration') as notification_configuration, + JSON_EXTRACT(Properties, '$.ClientToken') as client_token, + JSON_EXTRACT(Properties, '$.ScheduledQueryExecutionRoleArn') as scheduled_query_execution_role_arn, + JSON_EXTRACT(Properties, '$.TargetConfiguration') as target_configuration, + JSON_EXTRACT(Properties, '$.ErrorReportConfiguration') as error_report_configuration, + JSON_EXTRACT(Properties, '$.KmsKeyId') as kms_key_id, + JSON_EXTRACT(Properties, '$.SQName') as s_qname, + JSON_EXTRACT(Properties, '$.SQQueryString') as s_qquery_string, + JSON_EXTRACT(Properties, '$.SQScheduleConfiguration') as s_qschedule_configuration, + JSON_EXTRACT(Properties, '$.SQNotificationConfiguration') as s_qnotification_configuration, + JSON_EXTRACT(Properties, '$.SQScheduledQueryExecutionRoleArn') as s_qscheduled_query_execution_role_arn, + JSON_EXTRACT(Properties, '$.SQTargetConfiguration') as s_qtarget_configuration, + JSON_EXTRACT(Properties, '$.SQErrorReportConfiguration') as s_qerror_report_configuration, + JSON_EXTRACT(Properties, '$.SQKmsKeyId') as s_qkms_key_id, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Timestream::ScheduledQuery' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ScheduledQueryName') as scheduled_query_name, + json_extract_path_text(Properties, 'QueryString') as query_string, + json_extract_path_text(Properties, 'ScheduleConfiguration') as schedule_configuration, + json_extract_path_text(Properties, 'NotificationConfiguration') as notification_configuration, + json_extract_path_text(Properties, 'ClientToken') as client_token, + json_extract_path_text(Properties, 'ScheduledQueryExecutionRoleArn') as scheduled_query_execution_role_arn, + json_extract_path_text(Properties, 'TargetConfiguration') as target_configuration, + json_extract_path_text(Properties, 'ErrorReportConfiguration') as error_report_configuration, + json_extract_path_text(Properties, 'KmsKeyId') as kms_key_id, + json_extract_path_text(Properties, 'SQName') as s_qname, + json_extract_path_text(Properties, 'SQQueryString') as s_qquery_string, + json_extract_path_text(Properties, 'SQScheduleConfiguration') as s_qschedule_configuration, + json_extract_path_text(Properties, 'SQNotificationConfiguration') as s_qnotification_configuration, + json_extract_path_text(Properties, 'SQScheduledQueryExecutionRoleArn') as s_qscheduled_query_execution_role_arn, + json_extract_path_text(Properties, 'SQTargetConfiguration') as s_qtarget_configuration, + json_extract_path_text(Properties, 'SQErrorReportConfiguration') as s_qerror_report_configuration, + json_extract_path_text(Properties, 'SQKmsKeyId') as s_qkms_key_id, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Timestream::ScheduledQuery' + AND data__Identifier = '' + AND region = 'us-east-1' + tables: + name: tables + id: awscc.timestream.tables + x-cfn-schema-name: Table + x-type: list + x-identifiers: + - DatabaseName + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DatabaseName') as database_name, + JSON_EXTRACT(Properties, '$.TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Timestream::Table' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DatabaseName') as database_name, + json_extract_path_text(Properties, 'TableName') as table_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Timestream::Table' + AND region = 'us-east-1' + table: + name: table + id: awscc.timestream.table + x-cfn-schema-name: Table + x-type: get + x-identifiers: + - DatabaseName + - TableName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DatabaseName') as database_name, + JSON_EXTRACT(Properties, '$.TableName') as table_name, + JSON_EXTRACT(Properties, '$.RetentionProperties') as retention_properties, + JSON_EXTRACT(Properties, '$.Schema') as _schema, + JSON_EXTRACT(Properties, '$.MagneticStoreWriteProperties') as magnetic_store_write_properties, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Timestream::Table' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DatabaseName') as database_name, + json_extract_path_text(Properties, 'TableName') as table_name, + json_extract_path_text(Properties, 'RetentionProperties') as retention_properties, + json_extract_path_text(Properties, 'Schema') as _schema, + json_extract_path_text(Properties, 'MagneticStoreWriteProperties') as magnetic_store_write_properties, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Timestream::Table' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/transfer.yaml b/providers/src/awscc/v00.00.00000/services/transfer.yaml new file mode 100644 index 00000000..c2384ce4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/transfer.yaml @@ -0,0 +1,1082 @@ +openapi: 3.0.0 +info: + title: Transfer + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + description: Creates a key-value pair for a specific resource. + type: object + properties: + Key: + type: string + description: The name assigned to the tag that you create. + minLength: 1 + maxLength: 128 + Value: + type: string + description: Contains one or more values that you assigned to the key name you create. + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + Agreement: + type: object + properties: + Description: + description: A textual description for the agreement. + type: string + pattern: ^[\w\- ]*$ + minLength: 1 + maxLength: 200 + ServerId: + description: A unique identifier for the server. + type: string + pattern: ^s-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + LocalProfileId: + description: A unique identifier for the local profile. + type: string + pattern: ^p-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + PartnerProfileId: + description: A unique identifier for the partner profile. + type: string + pattern: ^p-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + BaseDirectory: + description: Specifies the base directory for the agreement. + type: string + pattern: ^$|/.* + maxLength: 1024 + AccessRole: + description: Specifies the access role for the agreement. + type: string + pattern: arn:.*role/.* + minLength: 20 + maxLength: 2048 + Status: + description: Specifies the status of the agreement. + type: string + enum: + - ACTIVE + - INACTIVE + Tags: + description: Key-value pairs that can be used to group and search for agreements. Tags are metadata attached to agreements for any purpose. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + AgreementId: + description: A unique identifier for the agreement. + type: string + pattern: ^a-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + Arn: + description: Specifies the unique Amazon Resource Name (ARN) for the agreement. + type: string + pattern: arn:.* + minLength: 20 + maxLength: 1600 + required: + - ServerId + - LocalProfileId + - PartnerProfileId + - BaseDirectory + - AccessRole + x-stackql-resource-name: agreement + x-stackql-primaryIdentifier: + - AgreementId + - ServerId + x-create-only-properties: + - ServerId + x-read-only-properties: + - AgreementId + - Arn + x-required-permissions: + create: + - transfer:CreateAgreement + - transfer:TagResource + - iam:PassRole + read: + - transfer:DescribeAgreement + update: + - transfer:UpdateAgreement + - transfer:UnTagResource + - transfer:TagResource + - iam:PassRole + delete: + - transfer:DeleteAgreement + list: + - transfer:ListAgreements + Certificate: + type: object + properties: + Usage: + description: Specifies the usage type for the certificate. + type: string + enum: + - SIGNING + - ENCRYPTION + Certificate: + description: Specifies the certificate body to be imported. + type: string + pattern: "^[\t\n\r -ÿ]*" + minLength: 1 + maxLength: 16384 + CertificateChain: + description: Specifies the certificate chain to be imported. + type: string + pattern: "^[\t\n\r -ÿ]*" + minLength: 1 + maxLength: 2097152 + PrivateKey: + description: Specifies the private key for the certificate. + type: string + pattern: "^[\t\n\r -ÿ]*" + minLength: 1 + maxLength: 16384 + ActiveDate: + description: Specifies the active date for the certificate. + type: string + InactiveDate: + description: Specifies the inactive date for the certificate. + type: string + Description: + description: A textual description for the certificate. + type: string + pattern: ^[\w\- ]*$ + minLength: 1 + maxLength: 200 + Tags: + description: Key-value pairs that can be used to group and search for certificates. Tags are metadata attached to certificates for any purpose. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Arn: + description: Specifies the unique Amazon Resource Name (ARN) for the agreement. + type: string + pattern: arn:.* + minLength: 20 + maxLength: 1600 + CertificateId: + description: A unique identifier for the certificate. + type: string + pattern: ^cert-([0-9a-f]{17})$ + minLength: 22 + maxLength: 22 + Status: + description: A status description for the certificate. + type: string + enum: + - ACTIVE + - PENDING + - INACTIVE + Type: + description: Describing the type of certificate. With or without a private key. + type: string + enum: + - CERTIFICATE + - CERTIFICATE_WITH_PRIVATE_KEY + Serial: + description: Specifies Certificate's serial. + type: string + pattern: ^[\p{XDigit}{2}:?]* + minLength: 0 + maxLength: 48 + NotBeforeDate: + description: Specifies the not before date for the certificate. + type: string + NotAfterDate: + description: Specifies the not after date for the certificate. + type: string + required: + - Certificate + - Usage + x-stackql-resource-name: certificate + x-stackql-primaryIdentifier: + - CertificateId + x-create-only-properties: + - Certificate + - CertificateChain + - PrivateKey + x-read-only-properties: + - Arn + - CertificateId + - Status + - Type + - Serial + - NotAfterDate + - NotBeforeDate + x-required-permissions: + create: + - transfer:ImportCertificate + - transfer:TagResource + read: + - transfer:DescribeCertificate + update: + - transfer:UpdateCertificate + - transfer:UnTagResource + - transfer:TagResource + delete: + - transfer:DeleteCertificate + list: + - transfer:ListCertificates + SftpConnectorTrustedHostKey: + description: The public host key for the external server to which you are connecting. + type: string + minLength: 1 + maxLength: 2048 + Connector: + type: object + properties: + AccessRole: + description: Specifies the access role for the connector. + type: string + pattern: arn:.*role/.* + minLength: 20 + maxLength: 2048 + As2Config: + description: Configuration for an AS2 connector. + type: object + properties: + LocalProfileId: + type: string + description: A unique identifier for the local profile. + pattern: ^p-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + PartnerProfileId: + type: string + description: A unique identifier for the partner profile. + pattern: ^p-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + MessageSubject: + type: string + description: The message subject for this AS2 connector configuration. + pattern: ^[\p{Print}\p{Blank}]+ + minLength: 1 + maxLength: 1024 + Compression: + type: string + description: Compression setting for this AS2 connector configuration. + enum: + - ZLIB + - DISABLED + EncryptionAlgorithm: + type: string + description: Encryption algorithm for this AS2 connector configuration. + enum: + - AES128_CBC + - AES192_CBC + - AES256_CBC + - NONE + SigningAlgorithm: + type: string + description: Signing algorithm for this AS2 connector configuration. + enum: + - SHA256 + - SHA384 + - SHA512 + - SHA1 + - NONE + MdnSigningAlgorithm: + type: string + description: MDN Signing algorithm for this AS2 connector configuration. + enum: + - SHA256 + - SHA384 + - SHA512 + - SHA1 + - NONE + - DEFAULT + MdnResponse: + type: string + description: MDN Response setting for this AS2 connector configuration. + enum: + - SYNC + - NONE + BasicAuthSecretId: + type: string + description: ARN or name of the secret in AWS Secrets Manager which contains the credentials for Basic authentication. If empty, Basic authentication is disabled for the AS2 connector + minLength: 0 + maxLength: 2048 + additionalProperties: false + SftpConfig: + description: Configuration for an SFTP connector. + type: object + properties: + UserSecretId: + type: string + description: ARN or name of the secret in AWS Secrets Manager which contains the SFTP user's private keys or passwords. + minLength: 1 + maxLength: 2048 + TrustedHostKeys: + description: List of public host keys, for the external server to which you are connecting. + type: array + maxItems: 10 + uniqueItems: false + x-insertionOrder: false + items: + $ref: '#/components/schemas/SftpConnectorTrustedHostKey' + additionalProperties: false + Arn: + description: Specifies the unique Amazon Resource Name (ARN) for the connector. + type: string + pattern: arn:.* + minLength: 20 + maxLength: 1600 + ConnectorId: + description: A unique identifier for the connector. + type: string + pattern: ^c-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + LoggingRole: + description: Specifies the logging role for the connector. + type: string + pattern: arn:.*role/.* + minLength: 20 + maxLength: 2048 + Tags: + description: Key-value pairs that can be used to group and search for connectors. Tags are metadata attached to connectors for any purpose. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Url: + description: URL for Connector + type: string + maxLength: 255 + required: + - AccessRole + - Url + x-stackql-resource-name: connector + x-stackql-primaryIdentifier: + - ConnectorId + x-read-only-properties: + - Arn + - ConnectorId + x-required-permissions: + create: + - transfer:CreateConnector + - transfer:TagResource + - iam:PassRole + read: + - transfer:DescribeConnector + update: + - transfer:UpdateConnector + - transfer:UnTagResource + - transfer:TagResource + - iam:PassRole + delete: + - transfer:DeleteConnector + list: + - transfer:ListConnectors + CertificateId: + description: A unique identifier for the certificate. + type: string + pattern: ^cert-([0-9a-f]{17})$ + minLength: 22 + maxLength: 22 + Profile: + type: object + properties: + As2Id: + description: AS2 identifier agreed with a trading partner. + type: string + minLength: 1 + maxLength: 128 + ProfileType: + description: Enum specifying whether the profile is local or associated with a trading partner. + type: string + enum: + - LOCAL + - PARTNER + Tags: + description: An array of key-value pairs to apply to this resource. + type: array + uniqueItems: true + maxItems: 50 + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + CertificateIds: + description: List of the certificate IDs associated with this profile to be used for encryption and signing of AS2 messages. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/CertificateId' + Arn: + description: Specifies the unique Amazon Resource Name (ARN) for the profile. + type: string + pattern: arn:.* + minLength: 20 + maxLength: 1600 + ProfileId: + description: A unique identifier for the profile + type: string + pattern: ^p-([0-9a-f]{17})$ + minLength: 19 + maxLength: 19 + required: + - As2Id + - ProfileType + x-stackql-resource-name: profile + x-stackql-primaryIdentifier: + - ProfileId + x-create-only-properties: + - ProfileType + x-read-only-properties: + - Arn + - ProfileId + x-required-permissions: + create: + - transfer:CreateProfile + - transfer:TagResource + read: + - transfer:DescribeProfile + update: + - transfer:UpdateProfile + - transfer:UnTagResource + - transfer:TagResource + delete: + - transfer:DeleteProfile + list: + - transfer:ListProfiles + S3Tag: + description: Specifies the key-value pair that are assigned to a file during the execution of a Tagging step. + type: object + properties: + Key: + description: The name assigned to the tag that you create. + type: string + minLength: 1 + maxLength: 128 + Value: + description: The value that corresponds to the key. + type: string + minLength: 0 + maxLength: 256 + required: + - Key + - Value + additionalProperties: false + EfsInputFileLocation: + description: Specifies the details for an EFS file. + type: object + properties: + FileSystemId: + description: Specifies the EFS filesystem that contains the file. + type: string + pattern: ^(arn:aws[-a-z]*:elasticfilesystem:[0-9a-z-:]+:(access-point/fsap|file-system/fs)-[0-9a-f]{8,40}|fs(ap)?-[0-9a-f]{8,40})$ + minLength: 0 + maxLength: 128 + Path: + description: The name assigned to the file when it was created in EFS. You use the object path to retrieve the object. + type: string + pattern: ^[^\x00]+$ + minLength: 1 + maxLength: 65536 + additionalProperties: false + S3InputFileLocation: + description: Specifies the details for a S3 file. + type: object + properties: + Bucket: + description: Specifies the S3 bucket that contains the file. + type: string + pattern: ^[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9]$ + minLength: 3 + maxLength: 63 + Key: + description: The name assigned to the file when it was created in S3. You use the object key to retrieve the object. + type: string + pattern: .* + minLength: 0 + maxLength: 1024 + additionalProperties: false + InputFileLocation: + description: Specifies the location for the file being decrypted. Only applicable for the Decrypt type of workflow steps. + type: object + properties: + S3FileLocation: + $ref: '#/components/schemas/S3InputFileLocation' + EfsFileLocation: + $ref: '#/components/schemas/EfsInputFileLocation' + additionalProperties: false + S3FileLocation: + description: Specifies the location for the file being copied. Only applicable for the Copy type of workflow steps. + type: object + properties: + S3FileLocation: + $ref: '#/components/schemas/S3InputFileLocation' + additionalProperties: false + WorkflowStep: + description: The basic building block of a workflow. + type: object + properties: + CopyStepDetails: + description: Details for a step that performs a file copy. + type: object + properties: + DestinationFileLocation: + $ref: '#/components/schemas/S3FileLocation' + Name: + description: The name of the step, used as an identifier. + type: string + pattern: ^[\w-]*$ + minLength: 0 + maxLength: 30 + OverwriteExisting: + description: A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE. + type: string + enum: + - 'TRUE' + - 'FALSE' + SourceFileLocation: + description: Specifies which file to use as input to the workflow step. + type: string + pattern: ^\$\{(\w+.)+\w+\}$ + minLength: 0 + maxLength: 256 + additionalProperties: false + CustomStepDetails: + description: Details for a step that invokes a lambda function. + type: object + properties: + Name: + description: The name of the step, used as an identifier. + type: string + pattern: ^[\w-]*$ + minLength: 0 + maxLength: 30 + Target: + description: The ARN for the lambda function that is being called. + type: string + pattern: arn:[a-z-]+:lambda:.*$ + minLength: 0 + maxLength: 170 + TimeoutSeconds: + description: Timeout, in seconds, for the step. + type: integer + minimum: 1 + maximum: 1800 + SourceFileLocation: + description: Specifies which file to use as input to the workflow step. + type: string + pattern: ^\$\{(\w+.)+\w+\}$ + minLength: 0 + maxLength: 256 + additionalProperties: false + DecryptStepDetails: + description: Details for a step that performs a file decryption. + type: object + properties: + DestinationFileLocation: + $ref: '#/components/schemas/InputFileLocation' + Name: + description: The name of the step, used as an identifier. + type: string + pattern: ^[\w-]*$ + minLength: 0 + maxLength: 30 + Type: + description: Specifies which encryption method to use. + type: string + enum: + - PGP + OverwriteExisting: + description: A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE. + type: string + enum: + - 'TRUE' + - 'FALSE' + SourceFileLocation: + description: Specifies which file to use as input to the workflow step. + type: string + pattern: ^\$\{(\w+.)+\w+\}$ + minLength: 0 + maxLength: 256 + additionalProperties: false + DeleteStepDetails: + description: Details for a step that deletes the file. + type: object + properties: + Name: + description: The name of the step, used as an identifier. + type: string + pattern: ^[\w-]*$ + minLength: 0 + maxLength: 30 + SourceFileLocation: + description: Specifies which file to use as input to the workflow step. + type: string + pattern: ^\$\{(\w+.)+\w+\}$ + minLength: 0 + maxLength: 256 + additionalProperties: false + TagStepDetails: + description: Details for a step that creates one or more tags. + type: object + properties: + Name: + description: The name of the step, used as an identifier. + type: string + pattern: ^[\w-]*$ + minLength: 0 + maxLength: 30 + Tags: + description: Array that contains from 1 to 10 key/value pairs. + type: array + maxItems: 10 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/S3Tag' + SourceFileLocation: + description: Specifies which file to use as input to the workflow step. + type: string + pattern: ^\$\{(\w+.)+\w+\}$ + minLength: 0 + maxLength: 256 + additionalProperties: false + Type: + type: string + enum: + - COPY + - CUSTOM + - DECRYPT + - DELETE + - TAG + additionalProperties: false + Workflow: + type: object + properties: + OnExceptionSteps: + description: Specifies the steps (actions) to take if any errors are encountered during execution of the workflow. + type: array + maxItems: 8 + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/WorkflowStep' + Steps: + description: Specifies the details for the steps that are in the specified workflow. + type: array + maxItems: 8 + uniqueItems: true + x-insertionOrder: true + items: + $ref: '#/components/schemas/WorkflowStep' + Tags: + description: Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose. + type: array + maxItems: 50 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + Description: + description: A textual description for the workflow. + type: string + pattern: ^[\w\- ]*$ + minLength: 0 + maxLength: 256 + WorkflowId: + description: A unique identifier for the workflow. + type: string + pattern: ^w-([a-z0-9]{17})$ + minLength: 19 + maxLength: 19 + Arn: + description: Specifies the unique Amazon Resource Name (ARN) for the workflow. + type: string + pattern: arn:.* + minLength: 20 + maxLength: 1600 + required: + - Steps + x-stackql-resource-name: workflow + x-stackql-primaryIdentifier: + - WorkflowId + x-create-only-properties: + - Steps + - OnExceptionSteps + - Description + x-read-only-properties: + - WorkflowId + - Arn + x-required-permissions: + create: + - transfer:CreateWorkflow + - transfer:TagResource + read: + - transfer:DescribeWorkflow + delete: + - transfer:DeleteWorkflow + list: + - transfer:ListWorkflows + update: + - transfer:UnTagResource + - transfer:TagResource + x-stackQL-resources: + agreements: + name: agreements + id: awscc.transfer.agreements + x-cfn-schema-name: Agreement + x-type: list + x-identifiers: + - AgreementId + - ServerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AgreementId') as agreement_id, + JSON_EXTRACT(Properties, '$.ServerId') as server_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Agreement' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AgreementId') as agreement_id, + json_extract_path_text(Properties, 'ServerId') as server_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Agreement' + AND region = 'us-east-1' + agreement: + name: agreement + id: awscc.transfer.agreement + x-cfn-schema-name: Agreement + x-type: get + x-identifiers: + - AgreementId + - ServerId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.ServerId') as server_id, + JSON_EXTRACT(Properties, '$.LocalProfileId') as local_profile_id, + JSON_EXTRACT(Properties, '$.PartnerProfileId') as partner_profile_id, + JSON_EXTRACT(Properties, '$.BaseDirectory') as base_directory, + JSON_EXTRACT(Properties, '$.AccessRole') as access_role, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.AgreementId') as agreement_id, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Agreement' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'ServerId') as server_id, + json_extract_path_text(Properties, 'LocalProfileId') as local_profile_id, + json_extract_path_text(Properties, 'PartnerProfileId') as partner_profile_id, + json_extract_path_text(Properties, 'BaseDirectory') as base_directory, + json_extract_path_text(Properties, 'AccessRole') as access_role, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'AgreementId') as agreement_id, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Agreement' + AND data__Identifier = '' + AND region = 'us-east-1' + certificates: + name: certificates + id: awscc.transfer.certificates + x-cfn-schema-name: Certificate + x-type: list + x-identifiers: + - CertificateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.CertificateId') as certificate_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Certificate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'CertificateId') as certificate_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Certificate' + AND region = 'us-east-1' + certificate: + name: certificate + id: awscc.transfer.certificate + x-cfn-schema-name: Certificate + x-type: get + x-identifiers: + - CertificateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Usage') as usage, + JSON_EXTRACT(Properties, '$.Certificate') as certificate, + JSON_EXTRACT(Properties, '$.CertificateChain') as certificate_chain, + JSON_EXTRACT(Properties, '$.PrivateKey') as private_key, + JSON_EXTRACT(Properties, '$.ActiveDate') as active_date, + JSON_EXTRACT(Properties, '$.InactiveDate') as inactive_date, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CertificateId') as certificate_id, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Serial') as serial, + JSON_EXTRACT(Properties, '$.NotBeforeDate') as not_before_date, + JSON_EXTRACT(Properties, '$.NotAfterDate') as not_after_date + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Usage') as usage, + json_extract_path_text(Properties, 'Certificate') as certificate, + json_extract_path_text(Properties, 'CertificateChain') as certificate_chain, + json_extract_path_text(Properties, 'PrivateKey') as private_key, + json_extract_path_text(Properties, 'ActiveDate') as active_date, + json_extract_path_text(Properties, 'InactiveDate') as inactive_date, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CertificateId') as certificate_id, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Serial') as serial, + json_extract_path_text(Properties, 'NotBeforeDate') as not_before_date, + json_extract_path_text(Properties, 'NotAfterDate') as not_after_date + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Certificate' + AND data__Identifier = '' + AND region = 'us-east-1' + connectors: + name: connectors + id: awscc.transfer.connectors + x-cfn-schema-name: Connector + x-type: list + x-identifiers: + - ConnectorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ConnectorId') as connector_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Connector' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ConnectorId') as connector_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Connector' + AND region = 'us-east-1' + connector: + name: connector + id: awscc.transfer.connector + x-cfn-schema-name: Connector + x-type: get + x-identifiers: + - ConnectorId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AccessRole') as access_role, + JSON_EXTRACT(Properties, '$.As2Config') as as2_config, + JSON_EXTRACT(Properties, '$.SftpConfig') as sftp_config, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ConnectorId') as connector_id, + JSON_EXTRACT(Properties, '$.LoggingRole') as logging_role, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Url') as url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AccessRole') as access_role, + json_extract_path_text(Properties, 'As2Config') as as2_config, + json_extract_path_text(Properties, 'SftpConfig') as sftp_config, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ConnectorId') as connector_id, + json_extract_path_text(Properties, 'LoggingRole') as logging_role, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Url') as url + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Connector' + AND data__Identifier = '' + AND region = 'us-east-1' + profiles: + name: profiles + id: awscc.transfer.profiles + x-cfn-schema-name: Profile + x-type: list + x-identifiers: + - ProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ProfileId') as profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Profile' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ProfileId') as profile_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Profile' + AND region = 'us-east-1' + profile: + name: profile + id: awscc.transfer.profile + x-cfn-schema-name: Profile + x-type: get + x-identifiers: + - ProfileId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.As2Id') as as2_id, + JSON_EXTRACT(Properties, '$.ProfileType') as profile_type, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.CertificateIds') as certificate_ids, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.ProfileId') as profile_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Profile' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'As2Id') as as2_id, + json_extract_path_text(Properties, 'ProfileType') as profile_type, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'CertificateIds') as certificate_ids, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'ProfileId') as profile_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Profile' + AND data__Identifier = '' + AND region = 'us-east-1' + workflows: + name: workflows + id: awscc.transfer.workflows + x-cfn-schema-name: Workflow + x-type: list + x-identifiers: + - WorkflowId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.WorkflowId') as workflow_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Workflow' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'WorkflowId') as workflow_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Transfer::Workflow' + AND region = 'us-east-1' + workflow: + name: workflow + id: awscc.transfer.workflow + x-cfn-schema-name: Workflow + x-type: get + x-identifiers: + - WorkflowId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.OnExceptionSteps') as on_exception_steps, + JSON_EXTRACT(Properties, '$.Steps') as steps, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.WorkflowId') as workflow_id, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Workflow' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'OnExceptionSteps') as on_exception_steps, + json_extract_path_text(Properties, 'Steps') as steps, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'WorkflowId') as workflow_id, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Transfer::Workflow' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/verifiedpermissions.yaml b/providers/src/awscc/v00.00.00000/services/verifiedpermissions.yaml new file mode 100644 index 00000000..7e027ba6 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/verifiedpermissions.yaml @@ -0,0 +1,656 @@ +openapi: 3.0.0 +info: + title: VerifiedPermissions + version: 1.0.0 +paths: {} +components: + schemas: + CognitoUserPoolConfiguration: + type: object + properties: + UserPoolArn: + type: string + maxLength: 255 + minLength: 1 + pattern: ^arn:[a-zA-Z0-9-]+:cognito-idp:(([a-zA-Z0-9-]+:\d{12}:userpool/[\w-]+_[0-9a-zA-Z]+))$ + ClientIds: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 255 + minLength: 1 + pattern: ^.*$ + maxItems: 1000 + minItems: 0 + required: + - UserPoolArn + additionalProperties: false + IdentitySourceConfiguration: + type: object + x-title: CognitoUserPoolConfiguration + properties: + CognitoUserPoolConfiguration: + $ref: '#/components/schemas/CognitoUserPoolConfiguration' + required: + - CognitoUserPoolConfiguration + additionalProperties: false + IdentitySourceDetails: + type: object + properties: + ClientIds: + type: array + x-insertionOrder: false + items: + type: string + maxLength: 255 + minLength: 1 + pattern: ^.*$ + maxItems: 1000 + minItems: 0 + UserPoolArn: + type: string + maxLength: 255 + minLength: 1 + pattern: ^arn:[a-zA-Z0-9-]+:cognito-idp:(([a-zA-Z0-9-]+:\d{12}:userpool/[\w-]+_[0-9a-zA-Z]+))$ + DiscoveryUrl: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^https://.*$ + OpenIdIssuer: + $ref: '#/components/schemas/OpenIdIssuer' + additionalProperties: false + OpenIdIssuer: + type: string + enum: + - COGNITO + IdentitySource: + type: object + properties: + Configuration: + $ref: '#/components/schemas/IdentitySourceConfiguration' + Details: + $ref: '#/components/schemas/IdentitySourceDetails' + IdentitySourceId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + PolicyStoreId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + PrincipalEntityType: + type: string + maxLength: 200 + minLength: 1 + pattern: ^.*$ + required: + - Configuration + - PolicyStoreId + x-stackql-resource-name: identity_source + x-stackql-primaryIdentifier: + - IdentitySourceId + - PolicyStoreId + x-create-only-properties: + - PolicyStoreId + x-read-only-properties: + - Details + - IdentitySourceId + x-required-permissions: + create: + - verifiedpermissions:CreateIdentitySource + - verifiedpermissions:GetIdentitySource + - verifiedpermissions:UpdateIdentitySource + - verifiedpermissions:DeleteIdentitySource + - verifiedpermissions:ListIdentitySources + - cognito-idp:DescribeUserPool + - cognito-idp:ListUserPoolClients + read: + - verifiedpermissions:CreateIdentitySource + - verifiedpermissions:GetIdentitySource + - verifiedpermissions:UpdateIdentitySource + - verifiedpermissions:DeleteIdentitySource + - verifiedpermissions:ListIdentitySources + - cognito-idp:DescribeUserPool + - cognito-idp:ListUserPoolClients + update: + - verifiedpermissions:CreateIdentitySource + - verifiedpermissions:GetIdentitySource + - verifiedpermissions:UpdateIdentitySource + - verifiedpermissions:DeleteIdentitySource + - verifiedpermissions:ListIdentitySources + - cognito-idp:DescribeUserPool + - cognito-idp:ListUserPoolClients + delete: + - verifiedpermissions:CreateIdentitySource + - verifiedpermissions:GetIdentitySource + - verifiedpermissions:UpdateIdentitySource + - verifiedpermissions:DeleteIdentitySource + - verifiedpermissions:ListIdentitySources + - cognito-idp:DescribeUserPool + - cognito-idp:ListUserPoolClients + list: + - verifiedpermissions:CreateIdentitySource + - verifiedpermissions:GetIdentitySource + - verifiedpermissions:UpdateIdentitySource + - verifiedpermissions:DeleteIdentitySource + - verifiedpermissions:ListIdentitySources + - cognito-idp:DescribeUserPool + - cognito-idp:ListUserPoolClients + EntityIdentifier: + type: object + properties: + EntityType: + type: string + maxLength: 200 + minLength: 1 + pattern: ^.*$ + EntityId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^.*$ + required: + - EntityId + - EntityType + additionalProperties: false + PolicyDefinition: + oneOf: + - type: object + title: Static + properties: + Static: + $ref: '#/components/schemas/StaticPolicyDefinition' + required: + - Static + additionalProperties: false + - type: object + title: TemplateLinked + properties: + TemplateLinked: + $ref: '#/components/schemas/TemplateLinkedPolicyDefinition' + required: + - TemplateLinked + additionalProperties: false + PolicyType: + type: string + enum: + - STATIC + - TEMPLATE_LINKED + StaticPolicyDefinition: + type: object + properties: + Description: + type: string + maxLength: 150 + minLength: 0 + Statement: + type: string + maxLength: 10000 + minLength: 1 + required: + - Statement + additionalProperties: false + TemplateLinkedPolicyDefinition: + type: object + properties: + PolicyTemplateId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + Principal: + $ref: '#/components/schemas/EntityIdentifier' + Resource: + $ref: '#/components/schemas/EntityIdentifier' + required: + - PolicyTemplateId + additionalProperties: false + Policy: + type: object + properties: + Definition: + $ref: '#/components/schemas/PolicyDefinition' + PolicyId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + PolicyStoreId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + PolicyType: + $ref: '#/components/schemas/PolicyType' + required: + - Definition + - PolicyStoreId + x-stackql-resource-name: policy + x-stackql-primaryIdentifier: + - PolicyId + - PolicyStoreId + x-create-only-properties: + - PolicyStoreId + x-read-only-properties: + - PolicyId + - PolicyType + x-required-permissions: + create: + - verifiedpermissions:CreatePolicy + - verifiedpermissions:GetPolicy + - verifiedpermissions:UpdatePolicy + - verifiedpermissions:DeletePolicy + read: + - verifiedpermissions:CreatePolicy + - verifiedpermissions:GetPolicy + - verifiedpermissions:UpdatePolicy + - verifiedpermissions:DeletePolicy + update: + - verifiedpermissions:CreatePolicy + - verifiedpermissions:GetPolicy + - verifiedpermissions:UpdatePolicy + - verifiedpermissions:DeletePolicy + delete: + - verifiedpermissions:CreatePolicy + - verifiedpermissions:GetPolicy + - verifiedpermissions:UpdatePolicy + - verifiedpermissions:DeletePolicy + list: + - verifiedpermissions:CreatePolicy + - verifiedpermissions:GetPolicy + - verifiedpermissions:UpdatePolicy + - verifiedpermissions:DeletePolicy + ValidationMode: + type: string + enum: + - 'OFF' + - STRICT + ValidationSettings: + type: object + properties: + Mode: + $ref: '#/components/schemas/ValidationMode' + required: + - Mode + additionalProperties: false + SchemaJson: + type: string + SchemaDefinition: + type: object + properties: + CedarJson: + $ref: '#/components/schemas/SchemaJson' + additionalProperties: false + PolicyStore: + type: object + properties: + Arn: + type: string + maxLength: 2500 + minLength: 1 + pattern: ^arn:[^:]*:[^:]*:[^:]*:[^:]*:.*$ + Description: + type: string + maxLength: 150 + minLength: 0 + PolicyStoreId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + ValidationSettings: + $ref: '#/components/schemas/ValidationSettings' + Schema: + $ref: '#/components/schemas/SchemaDefinition' + required: + - ValidationSettings + x-stackql-resource-name: policy_store + x-stackql-primaryIdentifier: + - PolicyStoreId + x-read-only-properties: + - Arn + - PolicyStoreId + x-required-permissions: + create: + - verifiedpermissions:CreatePolicyStore + - verifiedpermissions:GetPolicyStore + - verifiedpermissions:UpdatePolicyStore + - verifiedpermissions:DeletePolicyStore + - verifiedpermissions:PutSchema + read: + - verifiedpermissions:CreatePolicyStore + - verifiedpermissions:GetPolicyStore + - verifiedpermissions:UpdatePolicyStore + - verifiedpermissions:DeletePolicyStore + - verifiedpermissions:GetSchema + update: + - verifiedpermissions:CreatePolicyStore + - verifiedpermissions:GetPolicyStore + - verifiedpermissions:UpdatePolicyStore + - verifiedpermissions:DeletePolicyStore + - verifiedpermissions:GetSchema + - verifiedpermissions:PutSchema + delete: + - verifiedpermissions:CreatePolicyStore + - verifiedpermissions:GetPolicyStore + - verifiedpermissions:UpdatePolicyStore + - verifiedpermissions:DeletePolicyStore + list: + - verifiedpermissions:CreatePolicyStore + - verifiedpermissions:GetPolicyStore + - verifiedpermissions:UpdatePolicyStore + - verifiedpermissions:DeletePolicyStore + - verifiedpermissions:ListPolicyStores + - verifiedpermissions:GetSchema + PolicyTemplate: + type: object + properties: + Description: + type: string + maxLength: 150 + minLength: 0 + PolicyStoreId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + PolicyTemplateId: + type: string + maxLength: 200 + minLength: 1 + pattern: ^[a-zA-Z0-9-]*$ + Statement: + type: string + maxLength: 10000 + minLength: 1 + required: + - Statement + - PolicyStoreId + x-stackql-resource-name: policy_template + x-stackql-primaryIdentifier: + - PolicyStoreId + - PolicyTemplateId + x-create-only-properties: + - PolicyStoreId + x-read-only-properties: + - PolicyTemplateId + x-required-permissions: + create: + - verifiedpermissions:CreatePolicyTemplate + - verifiedpermissions:GetPolicyTemplate + - verifiedpermissions:UpdatePolicyTemplate + - verifiedpermissions:DeletePolicyTemplate + read: + - verifiedpermissions:CreatePolicyTemplate + - verifiedpermissions:GetPolicyTemplate + - verifiedpermissions:UpdatePolicyTemplate + - verifiedpermissions:DeletePolicyTemplate + update: + - verifiedpermissions:CreatePolicyTemplate + - verifiedpermissions:GetPolicyTemplate + - verifiedpermissions:UpdatePolicyTemplate + - verifiedpermissions:DeletePolicyTemplate + delete: + - verifiedpermissions:CreatePolicyTemplate + - verifiedpermissions:GetPolicyTemplate + - verifiedpermissions:UpdatePolicyTemplate + - verifiedpermissions:DeletePolicyTemplate + list: + - verifiedpermissions:CreatePolicyTemplate + - verifiedpermissions:GetPolicyTemplate + - verifiedpermissions:UpdatePolicyTemplate + - verifiedpermissions:DeletePolicyTemplate + - verifiedpermissions:ListPolicyTemplates + x-stackQL-resources: + identity_sources: + name: identity_sources + id: awscc.verifiedpermissions.identity_sources + x-cfn-schema-name: IdentitySource + x-type: list + x-identifiers: + - IdentitySourceId + - PolicyStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentitySourceId') as identity_source_id, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::IdentitySource' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentitySourceId') as identity_source_id, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::IdentitySource' + AND region = 'us-east-1' + identity_source: + name: identity_source + id: awscc.verifiedpermissions.identity_source + x-cfn-schema-name: IdentitySource + x-type: get + x-identifiers: + - IdentitySourceId + - PolicyStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Configuration') as configuration, + JSON_EXTRACT(Properties, '$.Details') as details, + JSON_EXTRACT(Properties, '$.IdentitySourceId') as identity_source_id, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id, + JSON_EXTRACT(Properties, '$.PrincipalEntityType') as principal_entity_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::IdentitySource' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Configuration') as configuration, + json_extract_path_text(Properties, 'Details') as details, + json_extract_path_text(Properties, 'IdentitySourceId') as identity_source_id, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id, + json_extract_path_text(Properties, 'PrincipalEntityType') as principal_entity_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::IdentitySource' + AND data__Identifier = '' + AND region = 'us-east-1' + policies: + name: policies + id: awscc.verifiedpermissions.policies + x-cfn-schema-name: Policy + x-type: list + x-identifiers: + - PolicyId + - PolicyStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyId') as policy_id, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::Policy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyId') as policy_id, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::Policy' + AND region = 'us-east-1' + policy: + name: policy + id: awscc.verifiedpermissions.policy + x-cfn-schema-name: Policy + x-type: get + x-identifiers: + - PolicyId + - PolicyStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Definition') as definition, + JSON_EXTRACT(Properties, '$.PolicyId') as policy_id, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id, + JSON_EXTRACT(Properties, '$.PolicyType') as policy_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Definition') as definition, + json_extract_path_text(Properties, 'PolicyId') as policy_id, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id, + json_extract_path_text(Properties, 'PolicyType') as policy_type + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::Policy' + AND data__Identifier = '' + AND region = 'us-east-1' + policy_stores: + name: policy_stores + id: awscc.verifiedpermissions.policy_stores + x-cfn-schema-name: PolicyStore + x-type: list + x-identifiers: + - PolicyStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyStore' + AND region = 'us-east-1' + policy_store: + name: policy_store + id: awscc.verifiedpermissions.policy_store + x-cfn-schema-name: PolicyStore + x-type: get + x-identifiers: + - PolicyStoreId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id, + JSON_EXTRACT(Properties, '$.ValidationSettings') as validation_settings, + JSON_EXTRACT(Properties, '$.Schema') as _schema + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id, + json_extract_path_text(Properties, 'ValidationSettings') as validation_settings, + json_extract_path_text(Properties, 'Schema') as _schema + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyStore' + AND data__Identifier = '' + AND region = 'us-east-1' + policy_templates: + name: policy_templates + id: awscc.verifiedpermissions.policy_templates + x-cfn-schema-name: PolicyTemplate + x-type: list + x-identifiers: + - PolicyStoreId + - PolicyTemplateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id, + JSON_EXTRACT(Properties, '$.PolicyTemplateId') as policy_template_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyTemplate' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id, + json_extract_path_text(Properties, 'PolicyTemplateId') as policy_template_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyTemplate' + AND region = 'us-east-1' + policy_template: + name: policy_template + id: awscc.verifiedpermissions.policy_template + x-cfn-schema-name: PolicyTemplate + x-type: get + x-identifiers: + - PolicyStoreId + - PolicyTemplateId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.PolicyStoreId') as policy_store_id, + JSON_EXTRACT(Properties, '$.PolicyTemplateId') as policy_template_id, + JSON_EXTRACT(Properties, '$.Statement') as statement + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'PolicyStoreId') as policy_store_id, + json_extract_path_text(Properties, 'PolicyTemplateId') as policy_template_id, + json_extract_path_text(Properties, 'Statement') as statement + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VerifiedPermissions::PolicyTemplate' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/voiceid.yaml b/providers/src/awscc/v00.00.00000/services/voiceid.yaml new file mode 100644 index 00000000..1e951f3d --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/voiceid.yaml @@ -0,0 +1,159 @@ +openapi: 3.0.0 +info: + title: VoiceID + version: 1.0.0 +paths: {} +components: + schemas: + ServerSideEncryptionConfiguration: + type: object + properties: + KmsKeyId: + type: string + maxLength: 2048 + minLength: 1 + required: + - KmsKeyId + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + Value: + type: string + maxLength: 256 + minLength: 0 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + required: + - Key + - Value + additionalProperties: false + Domain: + type: object + properties: + Description: + type: string + maxLength: 1024 + minLength: 1 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-%@]*)$ + DomainId: + type: string + maxLength: 22 + minLength: 22 + pattern: ^[a-zA-Z0-9]{22}$ + Name: + type: string + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_-]*$ + ServerSideEncryptionConfiguration: + $ref: '#/components/schemas/ServerSideEncryptionConfiguration' + Tags: + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + required: + - Name + - ServerSideEncryptionConfiguration + x-stackql-resource-name: domain + x-stackql-primaryIdentifier: + - DomainId + x-read-only-properties: + - DomainId + x-required-permissions: + create: + - voiceid:CreateDomain + - voiceid:DescribeDomain + - voiceid:TagResource + - voiceid:ListTagsForResource + - kms:CreateGrant + - kms:DescribeKey + - kms:Decrypt + read: + - voiceid:DescribeDomain + - voiceid:ListTagsForResource + - kms:Decrypt + update: + - voiceid:DescribeDomain + - voiceid:UpdateDomain + - voiceid:TagResource + - voiceid:UntagResource + - voiceid:ListTagsForResource + - kms:CreateGrant + - kms:Decrypt + - kms:DescribeKey + delete: + - voiceid:DeleteDomain + - voiceid:DescribeDomain + - kms:Decrypt + list: + - voiceid:ListDomains + - kms:Decrypt + x-stackQL-resources: + domains: + name: domains + id: awscc.voiceid.domains + x-cfn-schema-name: Domain + x-type: list + x-identifiers: + - DomainId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VoiceID::Domain' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'DomainId') as domain_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VoiceID::Domain' + AND region = 'us-east-1' + domain: + name: domain + id: awscc.voiceid.domain + x-cfn-schema-name: Domain + x-type: get + x-identifiers: + - DomainId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DomainId') as domain_id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VoiceID::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DomainId') as domain_id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VoiceID::Domain' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/vpclattice.yaml b/providers/src/awscc/v00.00.00000/services/vpclattice.yaml new file mode 100644 index 00000000..c5e2200e --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/vpclattice.yaml @@ -0,0 +1,1796 @@ +openapi: 3.0.0 +info: + title: VpcLattice + version: 1.0.0 +paths: {} +components: + schemas: + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 1 + maxLength: 256 + required: + - Key + - Value + AccessLogSubscription: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:accesslogsubscription/als-[0-9a-z]{17}$ + DestinationArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$ + Id: + type: string + maxLength: 21 + minLength: 21 + pattern: ^als-[0-9a-z]{17}$ + ResourceArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}$ + ResourceId: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((sn)|(svc))-[0-9a-z]{17}$ + ResourceIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - DestinationArn + x-stackql-resource-name: access_log_subscription + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ResourceIdentifier + x-read-only-properties: + - Arn + - Id + - ResourceArn + - ResourceId + x-required-permissions: + create: + - vpc-lattice:CreateAccessLogSubscription + - vpc-lattice:TagResource + - vpc-lattice:GetAccessLogSubscription + - vpc-lattice:ListTagsForResource + - logs:CreateLogDelivery + - logs:CreateLogStream + - logs:PutDestination + - logs:PutDestinationPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - logs:GetLogDelivery + - s3:PutBucketLogging + - s3:GetBucketLogging + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - firehose:TagDeliveryStream + - firehose:CreateDeliveryStream + - firehose:DescribeDeliveryStream + - iam:CreateServiceLinkedRole + read: + - vpc-lattice:GetAccessLogSubscription + - vpc-lattice:ListTagsForResource + - logs:GetLogDelivery + update: + - vpc-lattice:GetAccessLogSubscription + - vpc-lattice:UpdateAccessLogSubscription + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + - logs:UpdateLogDelivery + - firehose:UpdateDestination + - logs:CreateLogDelivery + - logs:CreateLogStream + - logs:PutDestination + - logs:PutDestinationPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + - logs:GetLogDelivery + - s3:PutBucketLogging + - s3:GetBucketLogging + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - firehose:TagDeliveryStream + - firehose:CreateDeliveryStream + - firehose:DescribeDeliveryStream + delete: + - vpc-lattice:DeleteAccessLogSubscription + - vpc-lattice:UntagResource + - logs:DeleteLogDelivery + - logs:DeleteLogStream + - logs:GetLogDelivery + - logs:DeleteDestination + - s3:PutBucketLogging + - iam:GetServiceLinkedRoleDeletionStatus + - iam:DeleteServiceLinkedRole + - firehose:DeleteDeliveryStream + - firehose:UntagDeliveryStream + list: + - vpc-lattice:ListAccessLogSubscriptions + AuthPolicy: + type: object + properties: + ResourceIdentifier: + type: string + pattern: ^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$ + maxLength: 200 + minLength: 21 + Policy: + type: object + State: + type: string + enum: + - ACTIVE + - INACTIVE + required: + - ResourceIdentifier + - Policy + x-stackql-resource-name: auth_policy + x-stackql-primaryIdentifier: + - ResourceIdentifier + x-create-only-properties: + - ResourceIdentifier + x-read-only-properties: + - State + x-required-permissions: + create: + - vpc-lattice:GetAuthPolicy + - vpc-lattice:PutAuthPolicy + read: + - vpc-lattice:GetAuthPolicy + update: + - vpc-lattice:GetAuthPolicy + - vpc-lattice:PutAuthPolicy + delete: + - vpc-lattice:GetAuthPolicy + - vpc-lattice:DeleteAuthPolicy + Forward: + type: object + properties: + TargetGroups: + type: array + items: + $ref: '#/components/schemas/WeightedTargetGroup' + maxItems: 2 + minItems: 1 + x-insertionOrder: false + required: + - TargetGroups + additionalProperties: false + FixedResponse: + type: object + additionalProperties: false + properties: + StatusCode: + type: integer + maximum: 599 + minimum: 100 + required: + - StatusCode + DefaultAction: + type: object + additionalProperties: false + properties: + Forward: + $ref: '#/components/schemas/Forward' + FixedResponse: + $ref: '#/components/schemas/FixedResponse' + required: [] + WeightedTargetGroup: + type: object + properties: + TargetGroupIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((tg-[0-9a-z]{17})|(arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:targetgroup/tg-[0-9a-z]{17}))$ + Weight: + type: integer + maximum: 999 + minimum: 1 + required: + - TargetGroupIdentifier + additionalProperties: false + Listener: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:service/svc-[0-9a-z]{17}/listener/listener-[0-9a-z]{17}$ + DefaultAction: + $ref: '#/components/schemas/DefaultAction' + Id: + type: string + maxLength: 26 + minLength: 26 + pattern: ^listener-[0-9a-z]{17}$ + Name: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!listener-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + Port: + type: integer + maximum: 65535 + minimum: 1 + Protocol: + type: string + enum: + - HTTP + - HTTPS + ServiceArn: + type: string + maxLength: 2048 + minLength: 21 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:service/svc-[0-9a-z]{17}$ + ServiceId: + type: string + maxLength: 21 + minLength: 21 + pattern: ^svc-[0-9a-z]{17}$ + ServiceIdentifier: + type: string + maxLength: 2048 + minLength: 21 + pattern: ^((svc-[0-9a-z]{17})|(arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:service/svc-[0-9a-z]{17}))$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - DefaultAction + - Protocol + x-stackql-resource-name: listener + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ServiceIdentifier + - Name + - Port + - Protocol + x-read-only-properties: + - Arn + - Id + - ServiceArn + - ServiceId + x-required-permissions: + create: + - vpc-lattice:CreateListener + - vpc-lattice:TagResource + - vpc-lattice:GetListener + - vpc-lattice:ListTagsForResource + read: + - vpc-lattice:GetListener + - vpc-lattice:ListTagsForResource + update: + - vpc-lattice:UpdateListener + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + - vpc-lattice:GetListener + - vpc-lattice:ListTagsForResource + delete: + - vpc-lattice:DeleteListener + list: + - vpc-lattice:ListListeners + ResourcePolicy: + type: object + properties: + ResourceArn: + type: string + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}$ + minLength: 20 + maxLength: 200 + Policy: + type: object + required: + - ResourceArn + - Policy + x-stackql-resource-name: resource_policy + x-stackql-primaryIdentifier: + - ResourceArn + x-create-only-properties: + - ResourceArn + x-required-permissions: + create: + - vpc-lattice:GetResourcePolicy + - vpc-lattice:PutResourcePolicy + read: + - vpc-lattice:GetResourcePolicy + update: + - vpc-lattice:GetResourcePolicy + - vpc-lattice:PutResourcePolicy + delete: + - vpc-lattice:GetResourcePolicy + - vpc-lattice:DeleteResourcePolicy + HeaderMatch: + type: object + properties: + Name: + type: string + maxLength: 40 + minLength: 1 + Match: + $ref: '#/components/schemas/HeaderMatchType' + CaseSensitive: + type: boolean + default: false + required: + - Match + - Name + additionalProperties: false + HeaderMatchType: + type: object + additionalProperties: false + properties: + Exact: + type: string + maxLength: 128 + minLength: 1 + Prefix: + type: string + maxLength: 128 + minLength: 1 + Contains: + type: string + maxLength: 128 + minLength: 1 + HttpMatch: + type: object + properties: + Method: + type: string + enum: + - CONNECT + - DELETE + - GET + - HEAD + - OPTIONS + - POST + - PUT + - TRACE + PathMatch: + $ref: '#/components/schemas/PathMatch' + HeaderMatches: + type: array + maxItems: 5 + items: + $ref: '#/components/schemas/HeaderMatch' + x-insertionOrder: false + additionalProperties: false + PathMatch: + type: object + additionalProperties: false + properties: + Match: + $ref: '#/components/schemas/PathMatchType' + CaseSensitive: + type: boolean + default: false + required: + - Match + PathMatchType: + type: object + additionalProperties: false + properties: + Exact: + type: string + maxLength: 128 + minLength: 1 + pattern: ^\/[a-zA-Z0-9@:%_+.~#?&\/=-]*$ + Prefix: + type: string + maxLength: 128 + minLength: 1 + pattern: ^\/[a-zA-Z0-9@:%_+.~#?&\/=-]*$ + Action: + type: object + x-title: Forward + properties: + Forward: + $ref: '#/components/schemas/Forward' + FixedResponse: + $ref: '#/components/schemas/FixedResponse' + required: [] + additionalProperties: false + Match: + type: object + x-title: HttpMatch + properties: + HttpMatch: + $ref: '#/components/schemas/HttpMatch' + required: + - HttpMatch + additionalProperties: false + Rule: + type: object + properties: + Action: + $ref: '#/components/schemas/Action' + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:service/svc-[0-9a-z]{17}/listener/listener-[0-9a-z]{17}/rule/((rule-[0-9a-z]{17})|(default))$ + Id: + type: string + maxLength: 22 + minLength: 7 + pattern: ^((rule-[0-9a-z]{17})|(default))$ + ListenerIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((listener-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:service/svc-[0-9a-z]{17}/listener/listener-[0-9a-z]{17}))$ + Match: + $ref: '#/components/schemas/Match' + Name: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!rule-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + Priority: + type: integer + maximum: 100 + minimum: 1 + ServiceIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((svc-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:service/svc-[0-9a-z]{17}))$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - Action + - Match + - Priority + x-stackql-resource-name: rule + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ListenerIdentifier + - ServiceIdentifier + - Name + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - vpc-lattice:CreateRule + - vpc-lattice:GetRule + - vpc-lattice:ListTagsForResource + - vpc-lattice:TagResource + read: + - vpc-lattice:GetRule + - vpc-lattice:ListTagsForResource + update: + - vpc-lattice:UpdateRule + - vpc-lattice:GetRule + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + delete: + - vpc-lattice:DeleteRule + list: + - vpc-lattice:ListRules + DnsEntry: + type: object + additionalProperties: false + properties: + DomainName: + type: string + HostedZoneId: + type: string + Service: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:service/svc-[0-9a-z]{17}$ + AuthType: + type: string + default: NONE + enum: + - NONE + - AWS_IAM + CreatedAt: + type: string + DnsEntry: + $ref: '#/components/schemas/DnsEntry' + Id: + type: string + maxLength: 21 + minLength: 21 + pattern: ^svc-[0-9a-z]{17}$ + LastUpdatedAt: + type: string + Name: + type: string + maxLength: 40 + minLength: 3 + pattern: ^(?!svc-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + Status: + type: string + enum: + - ACTIVE + - CREATE_IN_PROGRESS + - DELETE_IN_PROGRESS + - CREATE_FAILED + - DELETE_FAILED + CertificateArn: + type: string + maxLength: 2048 + pattern: ^(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:certificate/[0-9a-z-]+)?$ + CustomDomainName: + type: string + maxLength: 255 + minLength: 3 + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: service + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - CustomDomainName + x-read-only-properties: + - Arn + - CreatedAt + - DnsEntry/DomainName + - DnsEntry/HostedZoneId + - Id + - LastUpdatedAt + - Status + x-required-permissions: + create: + - vpc-lattice:CreateService + - vpc-lattice:GetService + - vpc-lattice:ListTagsForResource + - vpc-lattice:TagResource + - acm:DescribeCertificate + - acm:ListCertificates + - iam:CreateServiceLinkedRole + read: + - vpc-lattice:GetService + - vpc-lattice:ListTagsForResource + update: + - vpc-lattice:UpdateService + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + - vpc-lattice:GetService + - vpc-lattice:ListTagsForResource + delete: + - vpc-lattice:DeleteService + - vpc-lattice:GetService + list: + - vpc-lattice:ListServices + ServiceNetwork: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:servicenetwork/sn-[0-9a-z]{17}$ + CreatedAt: + type: string + Id: + type: string + maxLength: 20 + minLength: 20 + pattern: ^sn-[0-9a-z]{17}$ + LastUpdatedAt: + type: string + Name: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!servicenetwork-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + AuthType: + type: string + default: NONE + enum: + - NONE + - AWS_IAM + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: service_network + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + x-read-only-properties: + - Arn + - CreatedAt + - Id + - LastUpdatedAt + x-required-permissions: + create: + - vpc-lattice:GetServiceNetwork + - vpc-lattice:ListTagsForResource + - vpc-lattice:CreateServiceNetwork + - vpc-lattice:TagResource + - iam:CreateServiceLinkedRole + read: + - vpc-lattice:GetServiceNetwork + - vpc-lattice:ListTagsForResource + update: + - vpc-lattice:GetServiceNetwork + - vpc-lattice:UpdateServiceNetwork + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + delete: + - vpc-lattice:DeleteServiceNetwork + list: + - vpc-lattice:ListServiceNetworks + ServiceNetworkServiceAssociation: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:servicenetworkserviceassociation/snsa-[0-9a-z]{17}$ + CreatedAt: + type: string + DnsEntry: + $ref: '#/components/schemas/DnsEntry' + Id: + type: string + maxLength: 2048 + minLength: 17 + pattern: ^snsa-[0-9a-z]{17}$ + ServiceNetworkArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:servicenetwork/sn-[0-9a-z]{17}$ + ServiceNetworkId: + type: string + maxLength: 20 + minLength: 20 + pattern: ^sn-[0-9a-z]{17}$ + ServiceNetworkIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((sn-[0-9a-z]{17})|(arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:servicenetwork/sn-[0-9a-z]{17}))$ + ServiceNetworkName: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!servicenetwork-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + ServiceArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:service/svc-[0-9a-z]{17}$ + ServiceId: + type: string + maxLength: 21 + minLength: 21 + pattern: ^svc-[0-9a-z]{17}$ + ServiceIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((svc-[0-9a-z]{17})|(arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:service/svc-[0-9a-z]{17}))$ + ServiceName: + type: string + maxLength: 40 + minLength: 3 + pattern: ^(?!svc-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + Status: + type: string + enum: + - CREATE_IN_PROGRESS + - ACTIVE + - DELETE_IN_PROGRESS + - CREATE_FAILED + - DELETE_FAILED + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: service_network_service_association + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ServiceNetworkIdentifier + - ServiceIdentifier + x-read-only-properties: + - Arn + - CreatedAt + - DnsEntry/DomainName + - DnsEntry/HostedZoneId + - Id + - ServiceNetworkArn + - ServiceNetworkId + - ServiceNetworkName + - ServiceArn + - ServiceId + - ServiceName + - Status + x-required-permissions: + create: + - vpc-lattice:CreateServiceNetworkServiceAssociation + - vpc-lattice:GetServiceNetworkServiceAssociation + - vpc-lattice:TagResource + - vpc-lattice:ListTagsForResource + read: + - vpc-lattice:GetServiceNetworkServiceAssociation + - vpc-lattice:ListTagsForResource + update: + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + - vpc-lattice:GetServiceNetworkServiceAssociation + - vpc-lattice:ListTagsForResource + delete: + - vpc-lattice:DeleteServiceNetworkServiceAssociation + - vpc-lattice:GetServiceNetworkServiceAssociation + list: + - vpc-lattice:ListServiceNetworkServiceAssociations + ServiceNetworkVpcAssociation: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:servicenetworkvpcassociation/snva-[0-9a-z]{17}$ + CreatedAt: + type: string + SecurityGroupIds: + type: array + x-insertionOrder: false + uniqueItems: true + items: + type: string + maxLength: 200 + minLength: 0 + pattern: ^sg-(([0-9a-z]{8})|([0-9a-z]{17}))$ + Id: + type: string + maxLength: 22 + minLength: 22 + pattern: ^snva-[0-9a-z]{17}$ + ServiceNetworkArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:servicenetwork/sn-[0-9a-z]{17}$ + ServiceNetworkId: + type: string + maxLength: 20 + minLength: 20 + pattern: ^sn-[0-9a-z]{17}$ + ServiceNetworkIdentifier: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^((sn-[0-9a-z]{17})|(arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:servicenetwork/sn-[0-9a-z]{17}))$ + ServiceNetworkName: + type: string + maxLength: 63 + minLength: 3 + pattern: ^(?!servicenetwork-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + Status: + type: string + enum: + - CREATE_IN_PROGRESS + - ACTIVE + - UPDATE_IN_PROGRESS + - DELETE_IN_PROGRESS + - CREATE_FAILED + - DELETE_FAILED + VpcId: + type: string + maxLength: 2048 + minLength: 5 + pattern: ^vpc-(([0-9a-z]{8})|([0-9a-z]{17}))$ + VpcIdentifier: + type: string + maxLength: 2048 + minLength: 5 + pattern: ^vpc-(([0-9a-z]{8})|([0-9a-z]{17}))$ + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + x-stackql-resource-name: service_network_vpc_association + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - ServiceNetworkIdentifier + - VpcIdentifier + x-read-only-properties: + - Arn + - CreatedAt + - Id + - ServiceNetworkArn + - ServiceNetworkId + - ServiceNetworkName + - Status + - VpcId + x-required-permissions: + create: + - vpc-lattice:CreateServiceNetworkVpcAssociation + - vpc-lattice:GetServiceNetworkVpcAssociation + - vpc-lattice:ListServiceNetworkVpcAssociations + - vpc-lattice:ListTagsForResource + - ec2:DescribeSecurityGroups + - ec2:DescribeVpcs + - vpc-lattice:TagResource + read: + - vpc-lattice:GetServiceNetworkVpcAssociation + - vpc-lattice:ListTagsForResource + update: + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + - vpc-lattice:GetServiceNetworkVpcAssociation + - vpc-lattice:UpdateServiceNetworkVpcAssociation + - ec2:DescribeSecurityGroups + - vpc-lattice:ListTagsForResource + delete: + - vpc-lattice:DeleteServiceNetworkVpcAssociation + - vpc-lattice:GetServiceNetworkVpcAssociation + list: + - vpc-lattice:ListServiceNetworkVpcAssociations + HealthCheckConfig: + type: object + additionalProperties: false + properties: + Enabled: + type: boolean + Protocol: + type: string + enum: + - HTTP + - HTTPS + ProtocolVersion: + type: string + enum: + - HTTP1 + - HTTP2 + - GRPC + Port: + type: integer + maximum: 65535 + minimum: 1 + Path: + type: string + maxLength: 2048 + minLength: 0 + pattern: (^/[a-zA-Z0-9@:%_+.~#?&/=-]*$|(^$)) + HealthCheckIntervalSeconds: + type: integer + maximum: 300 + minimum: 5 + HealthCheckTimeoutSeconds: + type: integer + maximum: 120 + minimum: 1 + HealthyThresholdCount: + type: integer + maximum: 10 + minimum: 2 + UnhealthyThresholdCount: + type: integer + maximum: 10 + minimum: 2 + Matcher: + $ref: '#/components/schemas/Matcher' + Matcher: + type: object + additionalProperties: false + properties: + HttpCode: + type: string + minLength: 3 + maxLength: 2000 + pattern: ^[0-9-,]+$ + required: + - HttpCode + TargetGroupConfig: + type: object + additionalProperties: false + properties: + Port: + type: integer + maximum: 65535 + minimum: 1 + Protocol: + type: string + enum: + - HTTP + - HTTPS + ProtocolVersion: + type: string + default: HTTP1 + enum: + - HTTP1 + - HTTP2 + - GRPC + IpAddressType: + type: string + default: IPV4 + enum: + - IPV4 + - IPV6 + LambdaEventStructureVersion: + type: string + enum: + - V1 + - V2 + VpcIdentifier: + type: string + maxLength: 2048 + minLength: 5 + pattern: ^vpc-(([0-9a-z]{8})|([0-9a-z]{17}))$ + HealthCheck: + $ref: '#/components/schemas/HealthCheckConfig' + required: [] + Target: + type: object + additionalProperties: false + properties: + Id: + type: string + Port: + type: integer + maximum: 65535 + minimum: 1 + required: + - Id + TargetGroup: + type: object + properties: + Arn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[a-z0-9\-]+:vpc-lattice:[a-zA-Z0-9\-]+:\d{12}:targetgroup/tg-[0-9a-z]{17}$ + Config: + $ref: '#/components/schemas/TargetGroupConfig' + CreatedAt: + type: string + Id: + type: string + maxLength: 20 + minLength: 20 + pattern: ^tg-[0-9a-z]{17}$ + LastUpdatedAt: + type: string + Name: + type: string + maxLength: 128 + minLength: 3 + pattern: ^(?!tg-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$ + Status: + type: string + enum: + - CREATE_IN_PROGRESS + - ACTIVE + - DELETE_IN_PROGRESS + - CREATE_FAILED + - DELETE_FAILED + Type: + type: string + enum: + - IP + - LAMBDA + - INSTANCE + - ALB + Targets: + type: array + x-insertionOrder: false + minItems: 0 + maxItems: 100 + default: [] + items: + $ref: '#/components/schemas/Target' + Tags: + type: array + x-insertionOrder: false + uniqueItems: true + minItems: 0 + maxItems: 50 + items: + $ref: '#/components/schemas/Tag' + required: + - Type + x-stackql-resource-name: target_group + x-stackql-primaryIdentifier: + - Arn + x-create-only-properties: + - Name + - Type + - Config/Port + - Config/IpAddressType + - Config/Protocol + - Config/ProtocolVersion + - Config/VpcIdentifier + - Config/LambdaEventStructureVersion + x-read-only-properties: + - Arn + - CreatedAt + - Id + - LastUpdatedAt + - Status + x-required-permissions: + create: + - vpc-lattice:CreateTargetGroup + - vpc-lattice:GetTargetGroup + - vpc-lattice:RegisterTargets + - vpc-lattice:ListTargets + - vpc-lattice:ListTagsForResource + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + - ec2:DescribeVpcs + - ec2:DescribeInstances + - ec2:DescribeSubnets + - ec2:DescribeAvailabilityZoneMappings + - lambda:Invoke + - lambda:AddPermission + - elasticloadbalancing:DescribeLoadBalancers + - iam:CreateServiceLinkedRole + read: + - vpc-lattice:GetTargetGroup + - vpc-lattice:ListTargets + - vpc-lattice:ListTagsForResource + update: + - vpc-lattice:UpdateTargetGroup + - vpc-lattice:GetTargetGroup + - vpc-lattice:ListTargets + - vpc-lattice:RegisterTargets + - vpc-lattice:DeregisterTargets + - ec2:DescribeVpcs + - ec2:DescribeInstances + - ec2:DescribeSubnets + - ec2:DescribeAvailabilityZoneMappings + - elasticloadbalancing:DescribeLoadBalancers + - lambda:Invoke + - lambda:RemovePermission + - lambda:AddPermission + - vpc-lattice:TagResource + - vpc-lattice:UntagResource + - vpc-lattice:ListTagsForResource + delete: + - vpc-lattice:DeleteTargetGroup + - vpc-lattice:GetTargetGroup + - vpc-lattice:DeregisterTargets + - vpc-lattice:ListTargets + - lambda:RemovePermission + list: + - vpc-lattice:ListTargetGroups + x-stackQL-resources: + access_log_subscriptions: + name: access_log_subscriptions + id: awscc.vpclattice.access_log_subscriptions + x-cfn-schema-name: AccessLogSubscription + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::AccessLogSubscription' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::AccessLogSubscription' + AND region = 'us-east-1' + access_log_subscription: + name: access_log_subscription + id: awscc.vpclattice.access_log_subscription + x-cfn-schema-name: AccessLogSubscription + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DestinationArn') as destination_arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.ResourceId') as resource_id, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::AccessLogSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DestinationArn') as destination_arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'ResourceId') as resource_id, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::AccessLogSubscription' + AND data__Identifier = '' + AND region = 'us-east-1' + auth_policies: + name: auth_policies + id: awscc.vpclattice.auth_policies + x-cfn-schema-name: AuthPolicy + x-type: list + x-identifiers: + - ResourceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::AuthPolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::AuthPolicy' + AND region = 'us-east-1' + auth_policy: + name: auth_policy + id: awscc.vpclattice.auth_policy + x-cfn-schema-name: AuthPolicy + x-type: get + x-identifiers: + - ResourceIdentifier + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceIdentifier') as resource_identifier, + JSON_EXTRACT(Properties, '$.Policy') as policy, + JSON_EXTRACT(Properties, '$.State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::AuthPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceIdentifier') as resource_identifier, + json_extract_path_text(Properties, 'Policy') as policy, + json_extract_path_text(Properties, 'State') as state + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::AuthPolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + listeners: + name: listeners + id: awscc.vpclattice.listeners + x-cfn-schema-name: Listener + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::Listener' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::Listener' + AND region = 'us-east-1' + listener: + name: listener + id: awscc.vpclattice.listener + x-cfn-schema-name: Listener + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.DefaultAction') as default_action, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Port') as port, + JSON_EXTRACT(Properties, '$.Protocol') as protocol, + JSON_EXTRACT(Properties, '$.ServiceArn') as service_arn, + JSON_EXTRACT(Properties, '$.ServiceId') as service_id, + JSON_EXTRACT(Properties, '$.ServiceIdentifier') as service_identifier, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::Listener' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'DefaultAction') as default_action, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Port') as port, + json_extract_path_text(Properties, 'Protocol') as protocol, + json_extract_path_text(Properties, 'ServiceArn') as service_arn, + json_extract_path_text(Properties, 'ServiceId') as service_id, + json_extract_path_text(Properties, 'ServiceIdentifier') as service_identifier, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::Listener' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_policies: + name: resource_policies + id: awscc.vpclattice.resource_policies + x-cfn-schema-name: ResourcePolicy + x-type: list + x-identifiers: + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ResourcePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ResourcePolicy' + AND region = 'us-east-1' + resource_policy: + name: resource_policy + id: awscc.vpclattice.resource_policy + x-cfn-schema-name: ResourcePolicy + x-type: get + x-identifiers: + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'Policy') as policy + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + rules: + name: rules + id: awscc.vpclattice.rules + x-cfn-schema-name: Rule + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::Rule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::Rule' + AND region = 'us-east-1' + rule: + name: rule + id: awscc.vpclattice.rule + x-cfn-schema-name: Rule + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Action') as action, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ListenerIdentifier') as listener_identifier, + JSON_EXTRACT(Properties, '$.Match') as _match, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Priority') as priority, + JSON_EXTRACT(Properties, '$.ServiceIdentifier') as service_identifier, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::Rule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Action') as action, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ListenerIdentifier') as listener_identifier, + json_extract_path_text(Properties, 'Match') as _match, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Priority') as priority, + json_extract_path_text(Properties, 'ServiceIdentifier') as service_identifier, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::Rule' + AND data__Identifier = '' + AND region = 'us-east-1' + services: + name: services + id: awscc.vpclattice.services + x-cfn-schema-name: Service + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::Service' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::Service' + AND region = 'us-east-1' + service: + name: service + id: awscc.vpclattice.service + x-cfn-schema-name: Service + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.AuthType') as auth_type, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.DnsEntry') as dns_entry, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.CertificateArn') as certificate_arn, + JSON_EXTRACT(Properties, '$.CustomDomainName') as custom_domain_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::Service' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'AuthType') as auth_type, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'DnsEntry') as dns_entry, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'CertificateArn') as certificate_arn, + json_extract_path_text(Properties, 'CustomDomainName') as custom_domain_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::Service' + AND data__Identifier = '' + AND region = 'us-east-1' + service_networks: + name: service_networks + id: awscc.vpclattice.service_networks + x-cfn-schema-name: ServiceNetwork + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetwork' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetwork' + AND region = 'us-east-1' + service_network: + name: service_network + id: awscc.vpclattice.service_network + x-cfn-schema-name: ServiceNetwork + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.AuthType') as auth_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetwork' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'AuthType') as auth_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetwork' + AND data__Identifier = '' + AND region = 'us-east-1' + service_network_service_associations: + name: service_network_service_associations + id: awscc.vpclattice.service_network_service_associations + x-cfn-schema-name: ServiceNetworkServiceAssociation + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkServiceAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkServiceAssociation' + AND region = 'us-east-1' + service_network_service_association: + name: service_network_service_association + id: awscc.vpclattice.service_network_service_association + x-cfn-schema-name: ServiceNetworkServiceAssociation + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.DnsEntry') as dns_entry, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ServiceNetworkArn') as service_network_arn, + JSON_EXTRACT(Properties, '$.ServiceNetworkId') as service_network_id, + JSON_EXTRACT(Properties, '$.ServiceNetworkIdentifier') as service_network_identifier, + JSON_EXTRACT(Properties, '$.ServiceNetworkName') as service_network_name, + JSON_EXTRACT(Properties, '$.ServiceArn') as service_arn, + JSON_EXTRACT(Properties, '$.ServiceId') as service_id, + JSON_EXTRACT(Properties, '$.ServiceIdentifier') as service_identifier, + JSON_EXTRACT(Properties, '$.ServiceName') as service_name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkServiceAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'DnsEntry') as dns_entry, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ServiceNetworkArn') as service_network_arn, + json_extract_path_text(Properties, 'ServiceNetworkId') as service_network_id, + json_extract_path_text(Properties, 'ServiceNetworkIdentifier') as service_network_identifier, + json_extract_path_text(Properties, 'ServiceNetworkName') as service_network_name, + json_extract_path_text(Properties, 'ServiceArn') as service_arn, + json_extract_path_text(Properties, 'ServiceId') as service_id, + json_extract_path_text(Properties, 'ServiceIdentifier') as service_identifier, + json_extract_path_text(Properties, 'ServiceName') as service_name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkServiceAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + service_network_vpc_associations: + name: service_network_vpc_associations + id: awscc.vpclattice.service_network_vpc_associations + x-cfn-schema-name: ServiceNetworkVpcAssociation + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkVpcAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkVpcAssociation' + AND region = 'us-east-1' + service_network_vpc_association: + name: service_network_vpc_association + id: awscc.vpclattice.service_network_vpc_association + x-cfn-schema-name: ServiceNetworkVpcAssociation + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.ServiceNetworkArn') as service_network_arn, + JSON_EXTRACT(Properties, '$.ServiceNetworkId') as service_network_id, + JSON_EXTRACT(Properties, '$.ServiceNetworkIdentifier') as service_network_identifier, + JSON_EXTRACT(Properties, '$.ServiceNetworkName') as service_network_name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id, + JSON_EXTRACT(Properties, '$.VpcIdentifier') as vpc_identifier, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkVpcAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'ServiceNetworkArn') as service_network_arn, + json_extract_path_text(Properties, 'ServiceNetworkId') as service_network_id, + json_extract_path_text(Properties, 'ServiceNetworkIdentifier') as service_network_identifier, + json_extract_path_text(Properties, 'ServiceNetworkName') as service_network_name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'VpcId') as vpc_id, + json_extract_path_text(Properties, 'VpcIdentifier') as vpc_identifier, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::ServiceNetworkVpcAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + target_groups: + name: target_groups + id: awscc.vpclattice.target_groups + x-cfn-schema-name: TargetGroup + x-type: list + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::TargetGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::VpcLattice::TargetGroup' + AND region = 'us-east-1' + target_group: + name: target_group + id: awscc.vpclattice.target_group + x-cfn-schema-name: TargetGroup + x-type: get + x-identifiers: + - Arn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Config') as config, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.LastUpdatedAt') as last_updated_at, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Status') as status, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Targets') as targets, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::TargetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Config') as config, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'LastUpdatedAt') as last_updated_at, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Status') as status, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Targets') as targets, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::VpcLattice::TargetGroup' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/wafv2.yaml b/providers/src/awscc/v00.00.00000/services/wafv2.yaml new file mode 100644 index 00000000..b875c628 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/wafv2.yaml @@ -0,0 +1,2299 @@ +openapi: 3.0.0 +info: + title: WAFv2 + version: 1.0.0 +paths: {} +components: + schemas: + EntityName: + description: Name of the WebACL. + type: string + pattern: ^[0-9A-Za-z_-]{1,128}$ + EntityDescription: + description: Description of the entity. + type: string + pattern: ^[a-zA-Z0-9=:#@/\-,.][a-zA-Z0-9+=:#@/\-,.\s]+[a-zA-Z0-9+=:#@/\-,.]{1,256}$ + EntityId: + description: Id of the WebACL + type: string + pattern: ^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$ + Scope: + description: Use CLOUDFRONT for CloudFront WebACL, use REGIONAL for Application Load Balancer and API Gateway. + type: string + enum: + - CLOUDFRONT + - REGIONAL + IPAddressVersion: + description: Type of addresses in the IPSet, use IPV4 for IPV4 IP addresses, IPV6 for IPV6 address. + type: string + enum: + - IPV4 + - IPV6 + IPAddress: + description: IP address + type: string + maxLength: 50 + minLength: 1 + ResourceArn: + type: string + minLength: 20 + maxLength: 2048 + Tag: + type: object + properties: + Key: + type: string + minLength: 1 + maxLength: 128 + Value: + type: string + minLength: 0 + maxLength: 256 + additionalProperties: false + IPSet: + type: object + properties: + Arn: + $ref: '#/components/schemas/ResourceArn' + Description: + $ref: '#/components/schemas/EntityDescription' + Name: + $ref: '#/components/schemas/EntityName' + Id: + $ref: '#/components/schemas/EntityId' + Scope: + $ref: '#/components/schemas/Scope' + IPAddressVersion: + $ref: '#/components/schemas/IPAddressVersion' + Addresses: + description: List of IPAddresses. + type: array + items: + $ref: '#/components/schemas/IPAddress' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + required: + - Addresses + - IPAddressVersion + - Scope + x-stackql-resource-name: ip_set + x-stackql-primaryIdentifier: + - Name + - Id + - Scope + x-create-only-properties: + - Name + - Scope + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - wafv2:CreateIPSet + - wafv2:GetIPSet + - wafv2:ListTagsForResource + delete: + - wafv2:DeleteIPSet + - wafv2:GetIPSet + read: + - wafv2:GetIPSet + - wafv2:ListTagsForResource + update: + - wafv2:UpdateIPSet + - wafv2:GetIPSet + - wafv2:ListTagsForResource + list: + - wafv2:listIPSets + Filter: + type: object + properties: + Behavior: + description: 'How to handle logs that satisfy the filter''s conditions and requirement. ' + type: string + enum: + - KEEP + - DROP + Conditions: + description: Match conditions for the filter. + type: array + minItems: 1 + items: + $ref: '#/components/schemas/Condition' + Requirement: + description: Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition. + type: string + enum: + - MEETS_ALL + - MEETS_ANY + additionalProperties: false + required: + - Behavior + - Conditions + - Requirement + Condition: + type: object + additionalProperties: false + properties: + ActionCondition: + description: A single action condition. + type: object + additionalProperties: false + properties: + Action: + description: Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition. + type: string + enum: + - ALLOW + - BLOCK + - COUNT + - CAPTCHA + - CHALLENGE + - EXCLUDED_AS_COUNT + required: + - Action + LabelNameCondition: + description: A single label name condition. + type: object + additionalProperties: false + properties: + LabelName: + description: 'The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. ' + type: string + required: + - LabelName + FieldToMatch: + description: Field of the request to match. + type: object + properties: + SingleHeader: + type: object + properties: + Name: + type: string + required: + - Name + additionalProperties: false + SingleQueryArgument: + description: One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive. + type: object + properties: + Name: + type: string + required: + - Name + additionalProperties: false + AllQueryArguments: + description: All query arguments of a web request. + type: object + UriPath: + description: The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg. + type: object + QueryString: + description: The query string of a web request. This is the part of a URL that appears after a ? character, if any. + type: object + Body: + $ref: '#/components/schemas/Body' + Method: + description: The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform. + type: object + JsonBody: + $ref: '#/components/schemas/JsonBody' + Headers: + $ref: '#/components/schemas/Headers' + Cookies: + $ref: '#/components/schemas/Cookies' + additionalProperties: false + LoggingConfiguration: + type: object + properties: + ResourceArn: + description: The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs. + type: string + LogDestinationConfigs: + description: The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL. + type: array + items: + type: string + RedactedFields: + description: The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx. + type: array + x-insertionOrder: false + items: + $ref: '#/components/schemas/FieldToMatch' + ManagedByFirewallManager: + description: Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration. + type: boolean + LoggingFilter: + description: Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation. + type: object + additionalProperties: false + properties: + DefaultBehavior: + description: Default handling for logs that don't match any of the specified filtering conditions. + type: string + enum: + - KEEP + - DROP + Filters: + description: The filters that you want to apply to the logs. + type: array + minItems: 1 + items: + $ref: '#/components/schemas/Filter' + required: + - DefaultBehavior + - Filters + required: + - ResourceArn + - LogDestinationConfigs + x-stackql-resource-name: logging_configuration + x-stackql-primaryIdentifier: + - ResourceArn + x-create-only-properties: + - ResourceArn + x-read-only-properties: + - ManagedByFirewallManager + x-required-permissions: + create: + - wafv2:PutLoggingConfiguration + - wafv2:GetLoggingConfiguration + - firehose:ListDeliveryStreams + - iam:CreateServiceLinkedRole + - iam:DescribeOrganization + - logs:CreateLogDelivery + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + read: + - wafv2:GetLoggingConfiguration + update: + - wafv2:PutLoggingConfiguration + - wafv2:GetLoggingConfiguration + - firehose:ListDeliveryStreams + - iam:CreateServiceLinkedRole + - iam:DescribeOrganization + - logs:CreateLogDelivery + - s3:PutBucketPolicy + - s3:GetBucketPolicy + - logs:PutResourcePolicy + - logs:DescribeResourcePolicies + - logs:DescribeLogGroups + delete: + - wafv2:DeleteLoggingConfiguration + - wafv2:GetLoggingConfiguration + - logs:DeleteLogDelivery + list: + - wafv2:ListLoggingConfigurations + RegexPatternSet: + type: object + properties: + Arn: + description: ARN of the WAF entity. + type: string + Description: + description: Description of the entity. + type: string + pattern: ^[a-zA-Z0-9=:#@/\-,.][a-zA-Z0-9+=:#@/\-,.\s]+[a-zA-Z0-9+=:#@/\-,.]{1,256}$ + Name: + description: Name of the RegexPatternSet. + type: string + pattern: ^[0-9A-Za-z_-]{1,128}$ + Id: + description: Id of the RegexPatternSet + type: string + pattern: ^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$ + RegularExpressionList: + type: array + items: + type: string + Scope: + description: Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway. + type: string + enum: + - CLOUDFRONT + - REGIONAL + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + required: + - Scope + - RegularExpressionList + x-stackql-resource-name: regex_pattern_set + x-stackql-primaryIdentifier: + - Name + - Id + - Scope + x-create-only-properties: + - Name + - Scope + x-read-only-properties: + - Arn + - Id + x-required-permissions: + create: + - wafv2:CreateRegexPatternSet + - wafv2:GetRegexPatternSet + - wafv2:ListTagsForResource + delete: + - wafv2:DeleteRegexPatternSet + - wafv2:GetRegexPatternSet + read: + - wafv2:GetRegexPatternSet + - wafv2:ListTagsForResource + update: + - wafv2:UpdateRegexPatternSet + - wafv2:GetRegexPatternSet + - wafv2:ListTagsForResource + list: + - wafv2:listRegexPatternSets + AndStatement: + type: object + properties: + Statements: + type: array + items: + $ref: '#/components/schemas/Statement' + required: + - Statements + additionalProperties: false + ByteMatchStatement: + description: Byte Match statement. + type: object + properties: + SearchString: + $ref: '#/components/schemas/SearchString' + SearchStringBase64: + $ref: '#/components/schemas/SearchStringBase64' + FieldToMatch: + $ref: '#/components/schemas/FieldToMatch' + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + PositionalConstraint: + $ref: '#/components/schemas/PositionalConstraint' + required: + - FieldToMatch + - PositionalConstraint + - TextTransformations + additionalProperties: false + JsonBody: + description: Inspect the request body as JSON. The request body immediately follows the request headers. + type: object + properties: + MatchPattern: + $ref: '#/components/schemas/JsonMatchPattern' + MatchScope: + $ref: '#/components/schemas/JsonMatchScope' + InvalidFallbackBehavior: + $ref: '#/components/schemas/BodyParsingFallbackBehavior' + OversizeHandling: + $ref: '#/components/schemas/OversizeHandling' + required: + - MatchPattern + - MatchScope + additionalProperties: false + BodyParsingFallbackBehavior: + description: The inspection behavior to fall back to if the JSON in the request body is invalid. + type: string + enum: + - MATCH + - NO_MATCH + - EVALUATE_AS_STRING + JsonMatchScope: + description: The parts of the JSON to match against using the MatchPattern. + type: string + enum: + - ALL + - KEY + - VALUE + JsonMatchPattern: + description: The pattern to look for in the JSON body. + type: object + properties: + All: + description: Inspect all parts of the web request's JSON body. + type: object + IncludedPaths: + type: array + items: + $ref: '#/components/schemas/JsonPointerPath' + additionalProperties: false + JsonPointerPath: + description: JSON pointer path in the web request's JSON body + type: string + pattern: ^[\/]+([^~]*(~[01])*)*{1,512}$ + GeoMatchStatement: + type: object + properties: + CountryCodes: + type: array + items: + type: string + minLength: 1 + maxLength: 2 + ForwardedIPConfig: + $ref: '#/components/schemas/ForwardedIPConfiguration' + additionalProperties: false + IPSetReferenceStatement: + type: object + properties: + Arn: + $ref: '#/components/schemas/ResourceArn' + IPSetForwardedIPConfig: + $ref: '#/components/schemas/IPSetForwardedIPConfiguration' + required: + - Arn + additionalProperties: false + NotStatement: + type: object + properties: + Statement: + $ref: '#/components/schemas/Statement' + required: + - Statement + additionalProperties: false + OrStatement: + type: object + properties: + Statements: + type: array + items: + $ref: '#/components/schemas/Statement' + required: + - Statements + additionalProperties: false + PositionalConstraint: + description: Position of the evaluation in the FieldToMatch of request. + type: string + enum: + - EXACTLY + - STARTS_WITH + - ENDS_WITH + - CONTAINS + - CONTAINS_WORD + RateBasedStatement: + type: object + properties: + Limit: + $ref: '#/components/schemas/RateLimit' + AggregateKeyType: + type: string + enum: + - CONSTANT + - IP + - FORWARDED_IP + - CUSTOM_KEYS + CustomKeys: + description: Specifies the aggregate keys to use in a rate-base rule. + type: array + items: + $ref: '#/components/schemas/RateBasedStatementCustomKey' + maxItems: 5 + ScopeDownStatement: + $ref: '#/components/schemas/Statement' + ForwardedIPConfig: + $ref: '#/components/schemas/ForwardedIPConfiguration' + required: + - Limit + - AggregateKeyType + additionalProperties: false + RateBasedStatementCustomKey: + description: Specifies a single custom aggregate key for a rate-base rule. + type: object + properties: + Cookie: + $ref: '#/components/schemas/RateLimitCookie' + ForwardedIP: + $ref: '#/components/schemas/RateLimitForwardedIP' + Header: + $ref: '#/components/schemas/RateLimitHeader' + HTTPMethod: + $ref: '#/components/schemas/RateLimitHTTPMethod' + IP: + $ref: '#/components/schemas/RateLimitIP' + LabelNamespace: + $ref: '#/components/schemas/RateLimitLabelNamespace' + QueryArgument: + $ref: '#/components/schemas/RateLimitQueryArgument' + QueryString: + $ref: '#/components/schemas/RateLimitQueryString' + UriPath: + $ref: '#/components/schemas/RateLimitUriPath' + additionalProperties: false + RateLimitCookie: + description: Specifies a cookie as an aggregate key for a rate-based rule. + type: object + properties: + Name: + description: The name of the cookie to use. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 64 + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - Name + - TextTransformations + additionalProperties: false + RateLimitForwardedIP: + description: Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule. + type: object + RateLimitHeader: + description: Specifies a header as an aggregate key for a rate-based rule. + type: object + properties: + Name: + description: The name of the header to use. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 64 + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - Name + - TextTransformations + additionalProperties: false + RateLimitHTTPMethod: + description: Specifies the request's HTTP method as an aggregate key for a rate-based rule. + type: object + RateLimitIP: + description: Specifies the IP address in the web request as an aggregate key for a rate-based rule. + type: object + RateLimitLabelNamespace: + description: Specifies a label namespace to use as an aggregate key for a rate-based rule. + type: object + properties: + Namespace: + description: The namespace to use for aggregation. + type: string + pattern: ^[0-9A-Za-z_:-]{1,1024}$ + required: + - Namespace + additionalProperties: false + RateLimitQueryArgument: + description: Specifies a query argument in the request as an aggregate key for a rate-based rule. + type: object + properties: + Name: + description: The name of the query argument to use. + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 64 + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - Name + - TextTransformations + additionalProperties: false + RateLimitQueryString: + description: Specifies the request's query string as an aggregate key for a rate-based rule. + type: object + properties: + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - TextTransformations + additionalProperties: false + RateLimitUriPath: + description: Specifies the request's URI Path as an aggregate key for a rate-based rule. + type: object + properties: + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - TextTransformations + additionalProperties: false + RateLimit: + type: integer + minimum: 100 + maximum: 2000000000 + RegexPatternSetReferenceStatement: + type: object + properties: + Arn: + $ref: '#/components/schemas/ResourceArn' + FieldToMatch: + $ref: '#/components/schemas/FieldToMatch' + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - Arn + - FieldToMatch + - TextTransformations + additionalProperties: false + ForwardedIPConfiguration: + type: object + properties: + HeaderName: + type: string + pattern: ^[a-zA-Z0-9-]+{1,255}$ + FallbackBehavior: + type: string + enum: + - MATCH + - NO_MATCH + required: + - HeaderName + - FallbackBehavior + additionalProperties: false + IPSetForwardedIPConfiguration: + type: object + properties: + HeaderName: + type: string + pattern: ^[a-zA-Z0-9-]+{1,255}$ + FallbackBehavior: + type: string + enum: + - MATCH + - NO_MATCH + Position: + type: string + enum: + - FIRST + - LAST + - ANY + required: + - HeaderName + - FallbackBehavior + - Position + additionalProperties: false + Rule: + description: Rule of WebACL that contains condition and action. + type: object + properties: + Name: + $ref: '#/components/schemas/EntityName' + Priority: + $ref: '#/components/schemas/RulePriority' + Statement: + $ref: '#/components/schemas/Statement' + Action: + $ref: '#/components/schemas/RuleAction' + OverrideAction: + $ref: '#/components/schemas/OverrideAction' + RuleLabels: + description: Collection of Rule Labels. + type: array + items: + $ref: '#/components/schemas/Label' + VisibilityConfig: + $ref: '#/components/schemas/VisibilityConfig' + CaptchaConfig: + $ref: '#/components/schemas/CaptchaConfig' + ChallengeConfig: + $ref: '#/components/schemas/ChallengeConfig' + required: + - Name + - Priority + - Statement + - VisibilityConfig + additionalProperties: false + RuleAction: + description: Action taken when Rule matches its condition. + type: object + properties: + Allow: + $ref: '#/components/schemas/AllowAction' + Block: + $ref: '#/components/schemas/BlockAction' + Count: + $ref: '#/components/schemas/CountAction' + Captcha: + $ref: '#/components/schemas/CaptchaAction' + Challenge: + $ref: '#/components/schemas/ChallengeAction' + additionalProperties: false + AllowAction: + description: Allow traffic towards application. + type: object + properties: + CustomRequestHandling: + $ref: '#/components/schemas/CustomRequestHandling' + additionalProperties: false + BlockAction: + description: Block traffic towards application. + type: object + properties: + CustomResponse: + $ref: '#/components/schemas/CustomResponse' + additionalProperties: false + CountAction: + description: Allow traffic towards application. + type: object + properties: + CustomRequestHandling: + $ref: '#/components/schemas/CustomRequestHandling' + additionalProperties: false + CaptchaAction: + description: Checks valid token exists with request. + type: object + properties: + CustomRequestHandling: + $ref: '#/components/schemas/CustomRequestHandling' + additionalProperties: false + ChallengeAction: + description: Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client. + type: object + properties: + CustomRequestHandling: + $ref: '#/components/schemas/CustomRequestHandling' + additionalProperties: false + CustomHTTPHeaderName: + description: HTTP header name. + type: string + minLength: 1 + maxLength: 64 + CustomHTTPHeaderValue: + description: HTTP header value. + type: string + minLength: 1 + maxLength: 255 + CustomHTTPHeader: + description: HTTP header. + type: object + properties: + Name: + $ref: '#/components/schemas/CustomHTTPHeaderName' + Value: + $ref: '#/components/schemas/CustomHTTPHeaderValue' + required: + - Name + - Value + additionalProperties: false + CustomRequestHandling: + description: Custom request handling. + type: object + properties: + InsertHeaders: + description: Collection of HTTP headers. + type: array + items: + $ref: '#/components/schemas/CustomHTTPHeader' + minItems: 1 + required: + - InsertHeaders + additionalProperties: false + ResponseStatusCode: + description: Custom response code. + type: integer + minimum: 200 + maximum: 599 + ResponseContentType: + description: Valid values are TEXT_PLAIN, TEXT_HTML, and APPLICATION_JSON. + type: string + enum: + - TEXT_PLAIN + - TEXT_HTML + - APPLICATION_JSON + ResponseContent: + description: Response content. + type: string + minLength: 1 + maxLength: 10240 + CustomResponseBody: + description: Custom response body. + type: object + properties: + ContentType: + $ref: '#/components/schemas/ResponseContentType' + Content: + $ref: '#/components/schemas/ResponseContent' + required: + - ContentType + - Content + additionalProperties: false + CustomResponse: + description: Custom response. + type: object + properties: + ResponseCode: + $ref: '#/components/schemas/ResponseStatusCode' + CustomResponseBodyKey: + description: Custom response body key. + type: string + pattern: ^[\w\-]+$ + ResponseHeaders: + description: Collection of HTTP headers. + type: array + items: + $ref: '#/components/schemas/CustomHTTPHeader' + minItems: 1 + required: + - ResponseCode + additionalProperties: false + CustomResponseBodies: + description: Custom response key and body map. + type: object + x-patternProperties: + ^[\w\-]+$: + $ref: '#/components/schemas/CustomResponseBody' + minProperties: 1 + additionalProperties: false + RuleGroup: + type: object + properties: + Arn: + $ref: '#/components/schemas/ResourceArn' + Capacity: + type: integer + minimum: 0 + Description: + $ref: '#/components/schemas/EntityDescription' + Name: + $ref: '#/components/schemas/EntityName' + Id: + $ref: '#/components/schemas/EntityId' + Scope: + $ref: '#/components/schemas/Scope' + Rules: + description: Collection of Rules. + type: array + items: + $ref: '#/components/schemas/Rule' + VisibilityConfig: + $ref: '#/components/schemas/VisibilityConfig' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + LabelNamespace: + $ref: '#/components/schemas/LabelName' + CustomResponseBodies: + $ref: '#/components/schemas/CustomResponseBodies' + AvailableLabels: + description: Collection of Available Labels. + type: array + items: + $ref: '#/components/schemas/LabelSummary' + ConsumedLabels: + description: Collection of Consumed Labels. + type: array + items: + $ref: '#/components/schemas/LabelSummary' + required: + - Capacity + - Scope + - VisibilityConfig + x-stackql-resource-name: rule_group + x-stackql-primaryIdentifier: + - Name + - Id + - Scope + x-create-only-properties: + - Name + - Scope + x-read-only-properties: + - Arn + - Id + - LabelNamespace + - AvailableLabels/*/Name + - ConsumedLabels/*/Name + x-required-permissions: + create: + - wafv2:CreateRuleGroup + - wafv2:GetRuleGroup + - wafv2:ListTagsForResource + delete: + - wafv2:DeleteRuleGroup + - wafv2:GetRuleGroup + read: + - wafv2:GetRuleGroup + - wafv2:ListTagsForResource + update: + - wafv2:UpdateRuleGroup + - wafv2:GetRuleGroup + - wafv2:ListTagsForResource + list: + - wafv2:listRuleGroups + RulePriority: + description: Priority of the Rule, Rules get evaluated from lower to higher priority. + type: integer + minimum: 0 + SearchString: + description: String that is searched to find a match. + type: string + SearchStringBase64: + description: Base64 encoded string that is searched to find a match. + type: string + SizeConstraintStatement: + description: Size Constraint statement. + type: object + properties: + FieldToMatch: + $ref: '#/components/schemas/FieldToMatch' + ComparisonOperator: + type: string + enum: + - EQ + - NE + - LE + - LT + - GE + - GT + Size: + type: number + minimum: 0 + maximum: 21474836480 + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - FieldToMatch + - ComparisonOperator + - Size + - TextTransformations + additionalProperties: false + SqliMatchStatement: + description: Sqli Match Statement. + type: object + properties: + FieldToMatch: + $ref: '#/components/schemas/FieldToMatch' + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + SensitivityLevel: + $ref: '#/components/schemas/SensitivityLevel' + required: + - FieldToMatch + - TextTransformations + additionalProperties: false + Statement: + description: First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc + type: object + properties: + ByteMatchStatement: + $ref: '#/components/schemas/ByteMatchStatement' + SqliMatchStatement: + $ref: '#/components/schemas/SqliMatchStatement' + XssMatchStatement: + $ref: '#/components/schemas/XssMatchStatement' + SizeConstraintStatement: + $ref: '#/components/schemas/SizeConstraintStatement' + GeoMatchStatement: + $ref: '#/components/schemas/GeoMatchStatement' + RuleGroupReferenceStatement: + $ref: '#/components/schemas/RuleGroupReferenceStatement' + IPSetReferenceStatement: + $ref: '#/components/schemas/IPSetReferenceStatement' + RegexPatternSetReferenceStatement: + $ref: '#/components/schemas/RegexPatternSetReferenceStatement' + ManagedRuleGroupStatement: + $ref: '#/components/schemas/ManagedRuleGroupStatement' + RateBasedStatement: + $ref: '#/components/schemas/RateBasedStatement' + AndStatement: + $ref: '#/components/schemas/AndStatement' + OrStatement: + $ref: '#/components/schemas/OrStatement' + NotStatement: + $ref: '#/components/schemas/NotStatement' + LabelMatchStatement: + $ref: '#/components/schemas/LabelMatchStatement' + RegexMatchStatement: + $ref: '#/components/schemas/RegexMatchStatement' + additionalProperties: false + TextTransformation: + description: Text Transformation on the Search String before match. + type: object + properties: + Priority: + $ref: '#/components/schemas/TextTransformationPriority' + Type: + $ref: '#/components/schemas/TextTransformationType' + required: + - Priority + - Type + additionalProperties: false + TextTransformationPriority: + description: Priority of Rule being evaluated. + type: integer + minimum: 0 + TextTransformationType: + description: Type of text transformation. + type: string + enum: + - NONE + - COMPRESS_WHITE_SPACE + - HTML_ENTITY_DECODE + - LOWERCASE + - CMD_LINE + - URL_DECODE + - BASE64_DECODE + - HEX_DECODE + - MD5 + - REPLACE_COMMENTS + - ESCAPE_SEQ_DECODE + - SQL_HEX_DECODE + - CSS_DECODE + - JS_DECODE + - NORMALIZE_PATH + - NORMALIZE_PATH_WIN + - REMOVE_NULLS + - REPLACE_NULLS + - BASE64_DECODE_EXT + - URL_DECODE_UNI + - UTF8_TO_UNICODE + VisibilityConfig: + description: Visibility Metric of the WebACL. + type: object + properties: + SampledRequestsEnabled: + type: boolean + CloudWatchMetricsEnabled: + type: boolean + MetricName: + type: string + maxLength: 128 + minLength: 1 + required: + - SampledRequestsEnabled + - CloudWatchMetricsEnabled + - MetricName + additionalProperties: false + XssMatchStatement: + description: Xss Match Statement. + type: object + properties: + FieldToMatch: + $ref: '#/components/schemas/FieldToMatch' + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - FieldToMatch + - TextTransformations + additionalProperties: false + LabelName: + description: Name of the Label. + type: string + pattern: ^[0-9A-Za-z_:-]{1,1024}$ + LabelSummary: + type: object + properties: + Name: + $ref: '#/components/schemas/LabelName' + additionalProperties: false + Label: + type: object + properties: + Name: + $ref: '#/components/schemas/LabelName' + required: + - Name + additionalProperties: false + LabelMatchKey: + type: string + pattern: ^[0-9A-Za-z_:-]{1,1024}$ + LabelMatchScope: + type: string + enum: + - LABEL + - NAMESPACE + LabelMatchStatement: + type: object + properties: + Scope: + $ref: '#/components/schemas/LabelMatchScope' + Key: + $ref: '#/components/schemas/LabelMatchKey' + required: + - Scope + - Key + additionalProperties: false + RegexMatchStatement: + type: object + properties: + RegexString: + type: string + maxLength: 512 + minLength: 1 + FieldToMatch: + $ref: '#/components/schemas/FieldToMatch' + TextTransformations: + type: array + items: + $ref: '#/components/schemas/TextTransformation' + required: + - RegexString + - FieldToMatch + - TextTransformations + additionalProperties: false + CaptchaConfig: + type: object + properties: + ImmunityTimeProperty: + $ref: '#/components/schemas/ImmunityTimeProperty' + additionalProperties: false + ChallengeConfig: + type: object + properties: + ImmunityTimeProperty: + $ref: '#/components/schemas/ImmunityTimeProperty' + additionalProperties: false + ImmunityTimeProperty: + type: object + properties: + ImmunityTime: + type: integer + minimum: 60 + maximum: 259200 + required: + - ImmunityTime + additionalProperties: false + Body: + description: The body of a web request. This immediately follows the request headers. + type: object + properties: + OversizeHandling: + $ref: '#/components/schemas/OversizeHandling' + additionalProperties: false + Headers: + description: Includes headers of a web request. + type: object + properties: + MatchPattern: + $ref: '#/components/schemas/HeaderMatchPattern' + MatchScope: + $ref: '#/components/schemas/MapMatchScope' + OversizeHandling: + $ref: '#/components/schemas/OversizeHandling' + required: + - MatchPattern + - MatchScope + - OversizeHandling + additionalProperties: false + Cookies: + description: Includes headers of a web request. + type: object + properties: + MatchPattern: + $ref: '#/components/schemas/CookieMatchPattern' + MatchScope: + $ref: '#/components/schemas/MapMatchScope' + OversizeHandling: + $ref: '#/components/schemas/OversizeHandling' + required: + - MatchPattern + - MatchScope + - OversizeHandling + additionalProperties: false + HeaderMatchPattern: + description: The pattern to look for in the request headers. + type: object + properties: + All: + description: Inspect all parts of the web request headers. + type: object + IncludedHeaders: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 64 + minItems: 1 + maxItems: 199 + ExcludedHeaders: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 64 + minItems: 1 + maxItems: 199 + additionalProperties: false + CookieMatchPattern: + description: The pattern to look for in the request cookies. + type: object + properties: + All: + description: Inspect all parts of the web request cookies. + type: object + IncludedCookies: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 60 + minItems: 1 + maxItems: 199 + ExcludedCookies: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 60 + minItems: 1 + maxItems: 199 + additionalProperties: false + MapMatchScope: + description: The parts of the request to match against using the MatchPattern. + type: string + enum: + - ALL + - KEY + - VALUE + OversizeHandling: + description: Handling of requests containing oversize fields + type: string + enum: + - CONTINUE + - MATCH + - NO_MATCH + SensitivityLevel: + description: Sensitivity Level current only used for sqli match statements. + type: string + enum: + - LOW + - HIGH + DefaultAction: + description: Default Action WebACL will take against ingress traffic when there is no matching Rule. + type: object + properties: + Allow: + $ref: '#/components/schemas/AllowAction' + Block: + $ref: '#/components/schemas/BlockAction' + additionalProperties: false + ExcludedRule: + description: Excluded Rule in the RuleGroup or ManagedRuleGroup will not be evaluated. + type: object + properties: + Name: + $ref: '#/components/schemas/EntityName' + required: + - Name + additionalProperties: false + RuleActionOverride: + description: Action override for rules in the rule group. + type: object + properties: + Name: + $ref: '#/components/schemas/EntityName' + ActionToUse: + $ref: '#/components/schemas/RuleAction' + required: + - Name + - ActionToUse + additionalProperties: false + ExcludedRules: + type: array + items: + $ref: '#/components/schemas/ExcludedRule' + ManagedRuleGroupStatement: + type: object + properties: + Name: + $ref: '#/components/schemas/EntityName' + VendorName: + type: string + Version: + type: string + pattern: ^[\w#:\.\-/]+$ + minLength: 1 + maxLength: 64 + ExcludedRules: + type: array + items: + $ref: '#/components/schemas/ExcludedRule' + ScopeDownStatement: + $ref: '#/components/schemas/Statement' + ManagedRuleGroupConfigs: + description: Collection of ManagedRuleGroupConfig. + type: array + items: + $ref: '#/components/schemas/ManagedRuleGroupConfig' + RuleActionOverrides: + description: Action overrides for rules in the rule group. + type: array + items: + $ref: '#/components/schemas/RuleActionOverride' + maxItems: 100 + required: + - VendorName + - Name + additionalProperties: false + OverrideAction: + description: Override a RuleGroup or ManagedRuleGroup behavior. This can only be applied to Rule that has RuleGroupReferenceStatement or ManagedRuleGroupReferenceStatement. + type: object + properties: + Count: + description: Count traffic towards application. + type: object + None: + description: Keep the RuleGroup or ManagedRuleGroup behavior as is. + type: object + additionalProperties: false + QueryString: + type: object + Rules: + description: Collection of Rules. + type: array + items: + $ref: '#/components/schemas/Rule' + RuleGroupReferenceStatement: + type: object + properties: + Arn: + $ref: '#/components/schemas/ResourceArn' + ExcludedRules: + type: array + items: + $ref: '#/components/schemas/ExcludedRule' + RuleActionOverrides: + description: Action overrides for rules in the rule group. + type: array + items: + $ref: '#/components/schemas/RuleActionOverride' + maxItems: 100 + required: + - Arn + additionalProperties: false + SingleHeader: + type: object + properties: + Name: + type: string + additionalProperties: false + SingleQueryArgument: + type: object + properties: + Name: + type: string + additionalProperties: false + UriPath: + type: object + ManagedRuleGroupConfig: + description: ManagedRuleGroupConfig. + type: object + properties: + LoginPath: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 256 + PayloadType: + type: string + enum: + - JSON + - FORM_ENCODED + UsernameField: + $ref: '#/components/schemas/FieldIdentifier' + PasswordField: + $ref: '#/components/schemas/FieldIdentifier' + AWSManagedRulesBotControlRuleSet: + $ref: '#/components/schemas/AWSManagedRulesBotControlRuleSet' + AWSManagedRulesATPRuleSet: + $ref: '#/components/schemas/AWSManagedRulesATPRuleSet' + AWSManagedRulesACFPRuleSet: + $ref: '#/components/schemas/AWSManagedRulesACFPRuleSet' + additionalProperties: false + AWSManagedRulesBotControlRuleSet: + description: Configures how to use the Bot Control managed rule group in the web ACL + type: object + properties: + InspectionLevel: + type: string + enum: + - COMMON + - TARGETED + EnableMachineLearning: + type: boolean + required: + - InspectionLevel + additionalProperties: false + AWSManagedRulesATPRuleSet: + description: Configures how to use the Account Takeover Prevention managed rule group in the web ACL + type: object + properties: + LoginPath: + type: string + EnableRegexInPath: + type: boolean + RequestInspection: + $ref: '#/components/schemas/RequestInspection' + ResponseInspection: + $ref: '#/components/schemas/ResponseInspection' + required: + - LoginPath + additionalProperties: false + AWSManagedRulesACFPRuleSet: + description: Configures how to use the Account creation fraud prevention managed rule group in the web ACL + type: object + properties: + CreationPath: + type: string + RegistrationPagePath: + type: string + RequestInspection: + $ref: '#/components/schemas/RequestInspectionACFP' + ResponseInspection: + $ref: '#/components/schemas/ResponseInspection' + EnableRegexInPath: + type: boolean + required: + - CreationPath + - RegistrationPagePath + - RequestInspection + additionalProperties: false + RequestInspection: + description: Configures the inspection of login requests + type: object + properties: + PayloadType: + type: string + enum: + - JSON + - FORM_ENCODED + UsernameField: + $ref: '#/components/schemas/FieldIdentifier' + PasswordField: + $ref: '#/components/schemas/FieldIdentifier' + required: + - PayloadType + - UsernameField + - PasswordField + additionalProperties: false + RequestInspectionACFP: + description: Configures the inspection of sign-up requests + type: object + properties: + PayloadType: + type: string + enum: + - JSON + - FORM_ENCODED + UsernameField: + $ref: '#/components/schemas/FieldIdentifier' + PasswordField: + $ref: '#/components/schemas/FieldIdentifier' + EmailField: + $ref: '#/components/schemas/FieldIdentifier' + PhoneNumberFields: + type: array + items: + $ref: '#/components/schemas/PhoneNumberField' + AddressFields: + type: array + items: + $ref: '#/components/schemas/AddressField' + required: + - PayloadType + additionalProperties: false + ResponseInspection: + description: Configures the inspection of login responses + type: object + properties: + StatusCode: + $ref: '#/components/schemas/ResponseInspectionStatusCode' + Header: + $ref: '#/components/schemas/ResponseInspectionHeader' + BodyContains: + $ref: '#/components/schemas/ResponseInspectionBodyContains' + Json: + $ref: '#/components/schemas/ResponseInspectionJson' + additionalProperties: false + ResponseInspectionStatusCode: + description: Response status codes that indicate success or failure of a login request + type: object + properties: + SuccessCodes: + type: array + items: + type: integer + minLength: 0 + maxLength: 999 + minItems: 1 + maxItems: 10 + FailureCodes: + type: array + items: + type: integer + minLength: 0 + maxLength: 999 + minItems: 1 + maxItems: 10 + required: + - SuccessCodes + - FailureCodes + additionalProperties: false + ResponseInspectionHeader: + description: Response headers that indicate success or failure of a login request + type: object + properties: + Name: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 200 + SuccessValues: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 100 + minItems: 1 + maxItems: 3 + FailureValues: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 100 + minItems: 1 + maxItems: 3 + required: + - Name + - SuccessValues + - FailureValues + additionalProperties: false + ResponseInspectionBodyContains: + description: Response body contents that indicate success or failure of a login request + type: object + properties: + SuccessStrings: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 100 + minItems: 1 + maxItems: 5 + FailureStrings: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 100 + minItems: 1 + maxItems: 5 + required: + - SuccessStrings + - FailureStrings + additionalProperties: false + ResponseInspectionJson: + description: Response JSON that indicate success or failure of a login request + type: object + properties: + Identifier: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 512 + SuccessValues: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 100 + minItems: 1 + maxItems: 5 + FailureValues: + type: array + items: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 100 + minItems: 1 + maxItems: 5 + required: + - Identifier + - SuccessValues + - FailureValues + additionalProperties: false + TokenDomains: + description: List of domains to accept in web request tokens, in addition to the domain of the protected resource. + type: array + items: + type: string + pattern: ^[\w\.\-/]+$ + minLength: 1 + maxLength: 253 + AssociationConfig: + description: AssociationConfig for body inspection + type: object + properties: + RequestBody: + $ref: '#/components/schemas/RequestBody' + additionalProperties: false + RequestBody: + type: object + description: Map of AssociatedResourceType and RequestBodyAssociatedResourceTypeConfig + x-patternProperties: + ^(CLOUDFRONT)$: + $ref: '#/components/schemas/RequestBodyAssociatedResourceTypeConfig' + additionalProperties: false + RequestBodyAssociatedResourceTypeConfig: + description: Configures the inspection size in the request body. + type: object + properties: + DefaultSizeInspectionLimit: + $ref: '#/components/schemas/SizeInspectionLimit' + required: + - DefaultSizeInspectionLimit + additionalProperties: false + SizeInspectionLimit: + type: string + enum: + - KB_16 + - KB_32 + - KB_48 + - KB_64 + PhoneNumberField: + $ref: '#/components/schemas/FieldIdentifier' + AddressField: + $ref: '#/components/schemas/FieldIdentifier' + FieldIdentifier: + type: object + properties: + Identifier: + type: string + pattern: .*\S.* + minLength: 1 + maxLength: 512 + required: + - Identifier + additionalProperties: false + WebACL: + type: object + properties: + Arn: + $ref: '#/components/schemas/ResourceArn' + Capacity: + type: integer + minimum: 0 + DefaultAction: + $ref: '#/components/schemas/DefaultAction' + Description: + $ref: '#/components/schemas/EntityDescription' + Name: + $ref: '#/components/schemas/EntityName' + Id: + $ref: '#/components/schemas/EntityId' + Scope: + $ref: '#/components/schemas/Scope' + Rules: + description: Collection of Rules. + type: array + items: + $ref: '#/components/schemas/Rule' + VisibilityConfig: + $ref: '#/components/schemas/VisibilityConfig' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + minItems: 1 + LabelNamespace: + $ref: '#/components/schemas/LabelName' + CustomResponseBodies: + $ref: '#/components/schemas/CustomResponseBodies' + CaptchaConfig: + $ref: '#/components/schemas/CaptchaConfig' + ChallengeConfig: + $ref: '#/components/schemas/ChallengeConfig' + TokenDomains: + $ref: '#/components/schemas/TokenDomains' + AssociationConfig: + $ref: '#/components/schemas/AssociationConfig' + required: + - DefaultAction + - Scope + - VisibilityConfig + x-stackql-resource-name: web_acl + x-stackql-primaryIdentifier: + - Name + - Id + - Scope + x-create-only-properties: + - Name + - Scope + x-read-only-properties: + - Arn + - Capacity + - Id + - LabelNamespace + x-required-permissions: + create: + - wafv2:CreateWebACL + - wafv2:GetWebACL + - wafv2:ListTagsForResource + delete: + - wafv2:DeleteWebACL + - wafv2:GetWebACL + read: + - wafv2:GetWebACL + - wafv2:ListTagsForResource + update: + - wafv2:UpdateWebACL + - wafv2:GetWebACL + - wafv2:ListTagsForResource + list: + - wafv2:listWebACLs + WebACLAssociation: + type: object + properties: + ResourceArn: + $ref: '#/components/schemas/ResourceArn' + WebACLArn: + $ref: '#/components/schemas/ResourceArn' + required: + - ResourceArn + - WebACLArn + x-stackql-resource-name: webacl_association + x-stackql-primaryIdentifier: + - ResourceArn + - WebACLArn + x-create-only-properties: + - ResourceArn + - WebACLArn + x-required-permissions: + create: + - wafv2:AssociateWebACL + - wafv2:GetWebACLForResource + - wafv2:GetWebACL + - wafv2:DisassociateWebACL + - elasticloadbalancing:SetWebACL + - apigateway:SetWebACL + - appsync:SetWebACL + - cognito-idp:AssociateWebACL + - cognito-idp:DisassociateWebACL + - cognito-idp:GetWebACLForResource + - apprunner:AssociateWebAcl + - apprunner:DisassociateWebAcl + - apprunner:DescribeWebAclForService + - ec2:AssociateVerifiedAccessInstanceWebAcl + - ec2:DisassociateVerifiedAccessInstanceWebAcl + - ec2:DescribeVerifiedAccessInstanceWebAclAssociations + - ec2:GetVerifiedAccessInstanceWebAcl + delete: + - wafv2:AssociateWebACL + - wafv2:GetWebACLForResource + - wafv2:GetWebACL + - wafv2:DisassociateWebACL + - elasticloadbalancing:SetWebACL + - apigateway:SetWebACL + - appsync:SetWebACL + - cognito-idp:AssociateWebACL + - cognito-idp:DisassociateWebACL + - cognito-idp:GetWebACLForResource + - apprunner:AssociateWebAcl + - apprunner:DisassociateWebAcl + - apprunner:DescribeWebAclForService + - ec2:AssociateVerifiedAccessInstanceWebAcl + - ec2:DisassociateVerifiedAccessInstanceWebAcl + - ec2:DescribeVerifiedAccessInstanceWebAclAssociations + - ec2:GetVerifiedAccessInstanceWebAcl + read: + - wafv2:AssociateWebACL + - wafv2:GetWebACLForResource + - wafv2:GetWebACL + - wafv2:DisassociateWebACL + - elasticloadbalancing:SetWebACL + - apigateway:SetWebACL + - appsync:SetWebACL + - cognito-idp:AssociateWebACL + - cognito-idp:DisassociateWebACL + - cognito-idp:GetWebACLForResource + - apprunner:AssociateWebAcl + - apprunner:DisassociateWebAcl + - apprunner:DescribeWebAclForService + - ec2:AssociateVerifiedAccessInstanceWebAcl + - ec2:DisassociateVerifiedAccessInstanceWebAcl + - ec2:DescribeVerifiedAccessInstanceWebAclAssociations + - ec2:GetVerifiedAccessInstanceWebAcl + update: + - wafv2:AssociateWebACL + - wafv2:GetWebACLForResource + - wafv2:GetWebACL + - wafv2:DisassociateWebACL + - elasticloadbalancing:SetWebACL + - apigateway:SetWebACL + - appsync:SetWebACL + - cognito-idp:AssociateWebACL + - cognito-idp:DisassociateWebACL + - cognito-idp:GetWebACLForResource + - apprunner:AssociateWebAcl + - apprunner:DisassociateWebAcl + - apprunner:DescribeWebAclForService + - ec2:AssociateVerifiedAccessInstanceWebAcl + - ec2:DisassociateVerifiedAccessInstanceWebAcl + - ec2:DescribeVerifiedAccessInstanceWebAclAssociations + - ec2:GetVerifiedAccessInstanceWebAcl + x-stackQL-resources: + ip_sets: + name: ip_sets + id: awscc.wafv2.ip_sets + x-cfn-schema-name: IPSet + x-type: list + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::IPSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::IPSet' + AND region = 'us-east-1' + ip_set: + name: ip_set + id: awscc.wafv2.ip_set + x-cfn-schema-name: IPSet + x-type: get + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.IPAddressVersion') as i_paddress_version, + JSON_EXTRACT(Properties, '$.Addresses') as addresses, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::IPSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'IPAddressVersion') as i_paddress_version, + json_extract_path_text(Properties, 'Addresses') as addresses, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::IPSet' + AND data__Identifier = '' + AND region = 'us-east-1' + logging_configurations: + name: logging_configurations + id: awscc.wafv2.logging_configurations + x-cfn-schema-name: LoggingConfiguration + x-type: list + x-identifiers: + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::LoggingConfiguration' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::LoggingConfiguration' + AND region = 'us-east-1' + logging_configuration: + name: logging_configuration + id: awscc.wafv2.logging_configuration + x-cfn-schema-name: LoggingConfiguration + x-type: get + x-identifiers: + - ResourceArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.LogDestinationConfigs') as log_destination_configs, + JSON_EXTRACT(Properties, '$.RedactedFields') as redacted_fields, + JSON_EXTRACT(Properties, '$.ManagedByFirewallManager') as managed_by_firewall_manager, + JSON_EXTRACT(Properties, '$.LoggingFilter') as logging_filter + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::LoggingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'LogDestinationConfigs') as log_destination_configs, + json_extract_path_text(Properties, 'RedactedFields') as redacted_fields, + json_extract_path_text(Properties, 'ManagedByFirewallManager') as managed_by_firewall_manager, + json_extract_path_text(Properties, 'LoggingFilter') as logging_filter + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::LoggingConfiguration' + AND data__Identifier = '' + AND region = 'us-east-1' + regex_pattern_sets: + name: regex_pattern_sets + id: awscc.wafv2.regex_pattern_sets + x-cfn-schema-name: RegexPatternSet + x-type: list + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::RegexPatternSet' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::RegexPatternSet' + AND region = 'us-east-1' + regex_pattern_set: + name: regex_pattern_set + id: awscc.wafv2.regex_pattern_set + x-cfn-schema-name: RegexPatternSet + x-type: get + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.RegularExpressionList') as regular_expression_list, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::RegexPatternSet' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'RegularExpressionList') as regular_expression_list, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::RegexPatternSet' + AND data__Identifier = '' + AND region = 'us-east-1' + rule_groups: + name: rule_groups + id: awscc.wafv2.rule_groups + x-cfn-schema-name: RuleGroup + x-type: list + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::RuleGroup' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::RuleGroup' + AND region = 'us-east-1' + rule_group: + name: rule_group + id: awscc.wafv2.rule_group + x-cfn-schema-name: RuleGroup + x-type: get + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Capacity') as capacity, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.Rules') as rules, + JSON_EXTRACT(Properties, '$.VisibilityConfig') as visibility_config, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LabelNamespace') as label_namespace, + JSON_EXTRACT(Properties, '$.CustomResponseBodies') as custom_response_bodies, + JSON_EXTRACT(Properties, '$.AvailableLabels') as available_labels, + JSON_EXTRACT(Properties, '$.ConsumedLabels') as consumed_labels + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::RuleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Capacity') as capacity, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'Rules') as rules, + json_extract_path_text(Properties, 'VisibilityConfig') as visibility_config, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LabelNamespace') as label_namespace, + json_extract_path_text(Properties, 'CustomResponseBodies') as custom_response_bodies, + json_extract_path_text(Properties, 'AvailableLabels') as available_labels, + json_extract_path_text(Properties, 'ConsumedLabels') as consumed_labels + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::RuleGroup' + AND data__Identifier = '' + AND region = 'us-east-1' + web_acls: + name: web_acls + id: awscc.wafv2.web_acls + x-cfn-schema-name: WebACL + x-type: list + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::WebACL' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Scope') as scope + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::WebACL' + AND region = 'us-east-1' + web_acl: + name: web_acl + id: awscc.wafv2.web_acl + x-cfn-schema-name: WebACL + x-type: get + x-identifiers: + - Name + - Id + - Scope + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.Capacity') as capacity, + JSON_EXTRACT(Properties, '$.DefaultAction') as default_action, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Scope') as scope, + JSON_EXTRACT(Properties, '$.Rules') as rules, + JSON_EXTRACT(Properties, '$.VisibilityConfig') as visibility_config, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.LabelNamespace') as label_namespace, + JSON_EXTRACT(Properties, '$.CustomResponseBodies') as custom_response_bodies, + JSON_EXTRACT(Properties, '$.CaptchaConfig') as captcha_config, + JSON_EXTRACT(Properties, '$.ChallengeConfig') as challenge_config, + JSON_EXTRACT(Properties, '$.TokenDomains') as token_domains, + JSON_EXTRACT(Properties, '$.AssociationConfig') as association_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::WebACL' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'Capacity') as capacity, + json_extract_path_text(Properties, 'DefaultAction') as default_action, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Scope') as scope, + json_extract_path_text(Properties, 'Rules') as rules, + json_extract_path_text(Properties, 'VisibilityConfig') as visibility_config, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'LabelNamespace') as label_namespace, + json_extract_path_text(Properties, 'CustomResponseBodies') as custom_response_bodies, + json_extract_path_text(Properties, 'CaptchaConfig') as captcha_config, + json_extract_path_text(Properties, 'ChallengeConfig') as challenge_config, + json_extract_path_text(Properties, 'TokenDomains') as token_domains, + json_extract_path_text(Properties, 'AssociationConfig') as association_config + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::WebACL' + AND data__Identifier = '' + AND region = 'us-east-1' + webacl_associations: + name: webacl_associations + id: awscc.wafv2.webacl_associations + x-cfn-schema-name: WebACLAssociation + x-type: list + x-identifiers: + - ResourceArn + - WebACLArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.WebACLArn') as web_ac_larn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::WebACLAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'WebACLArn') as web_ac_larn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WAFv2::WebACLAssociation' + AND region = 'us-east-1' + webacl_association: + name: webacl_association + id: awscc.wafv2.webacl_association + x-cfn-schema-name: WebACLAssociation + x-type: get + x-identifiers: + - ResourceArn + - WebACLArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.ResourceArn') as resource_arn, + JSON_EXTRACT(Properties, '$.WebACLArn') as web_ac_larn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::WebACLAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'ResourceArn') as resource_arn, + json_extract_path_text(Properties, 'WebACLArn') as web_ac_larn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WAFv2::WebACLAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/wisdom.yaml b/providers/src/awscc/v00.00.00000/services/wisdom.yaml new file mode 100644 index 00000000..8cda92e4 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/wisdom.yaml @@ -0,0 +1,473 @@ +openapi: 3.0.0 +info: + title: Wisdom + version: 1.0.0 +paths: {} +components: + schemas: + AssistantType: + type: string + enum: + - AGENT + ServerSideEncryptionConfiguration: + type: object + properties: + KmsKeyId: + type: string + maxLength: 4096 + minLength: 1 + additionalProperties: false + Tag: + additionalProperties: false + properties: + Key: + maxLength: 128 + minLength: 1 + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + type: string + Value: + maxLength: 256 + minLength: 1 + type: string + required: + - Key + - Value + type: object + Assistant: + type: object + properties: + Type: + $ref: '#/components/schemas/AssistantType' + Description: + type: string + maxLength: 255 + minLength: 1 + AssistantArn: + type: string + pattern: ^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$ + AssistantId: + type: string + pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + ServerSideEncryptionConfiguration: + $ref: '#/components/schemas/ServerSideEncryptionConfiguration' + Tags: + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + type: array + Name: + type: string + maxLength: 255 + minLength: 1 + required: + - Name + - Type + x-stackql-resource-name: assistant + x-stackql-primaryIdentifier: + - AssistantId + x-create-only-properties: + - Description + - Name + - ServerSideEncryptionConfiguration + - Tags + - Type + x-read-only-properties: + - AssistantId + - AssistantArn + x-required-permissions: + create: + - kms:CreateGrant + - kms:DescribeKey + - wisdom:CreateAssistant + - wisdom:TagResource + update: + - wisdom:GetAssistant + read: + - wisdom:GetAssistant + list: + - wisdom:ListAssistants + delete: + - wisdom:DeleteAssistant + AssociationData: + type: object + properties: + KnowledgeBaseId: + type: string + pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + required: + - KnowledgeBaseId + additionalProperties: false + AssociationType: + type: string + enum: + - KNOWLEDGE_BASE + AssistantAssociation: + type: object + properties: + AssistantAssociationArn: + type: string + pattern: ^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$ + AssistantArn: + type: string + pattern: ^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$ + AssistantAssociationId: + type: string + pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + AssistantId: + type: string + pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + Association: + $ref: '#/components/schemas/AssociationData' + AssociationType: + $ref: '#/components/schemas/AssociationType' + Tags: + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + type: array + required: + - Association + - AssociationType + - AssistantId + x-stackql-resource-name: assistant_association + x-stackql-primaryIdentifier: + - AssistantAssociationId + - AssistantId + x-create-only-properties: + - Association + - AssociationType + - AssistantId + - Tags + x-read-only-properties: + - AssistantAssociationId + - AssistantAssociationArn + - AssistantArn + x-required-permissions: + create: + - wisdom:CreateAssistantAssociation + - wisdom:TagResource + update: + - wisdom:GetAssistantAssociation + read: + - wisdom:GetAssistantAssociation + list: + - wisdom:ListAssistantAssociations + delete: + - wisdom:DeleteAssistantAssociation + AppIntegrationsConfiguration: + type: object + properties: + ObjectFields: + type: array + items: + type: string + maxLength: 4096 + minLength: 1 + x-insertionOrder: false + maxItems: 100 + minItems: 1 + AppIntegrationArn: + type: string + maxLength: 2048 + minLength: 1 + pattern: ^arn:[a-z-]+?:[a-z-]+?:[a-z0-9-]*?:([0-9]{12})?:[a-zA-Z0-9-:/]+$ + required: + - AppIntegrationArn + additionalProperties: false + KnowledgeBaseType: + type: string + enum: + - EXTERNAL + - CUSTOM + RenderingConfiguration: + type: object + properties: + TemplateUri: + type: string + maxLength: 4096 + minLength: 1 + additionalProperties: false + SourceConfiguration: + type: object + properties: + AppIntegrations: + $ref: '#/components/schemas/AppIntegrationsConfiguration' + oneOf: + - required: + - AppIntegrations + additionalProperties: false + KnowledgeBase: + type: object + properties: + Description: + type: string + maxLength: 255 + minLength: 1 + KnowledgeBaseArn: + type: string + pattern: ^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$ + KnowledgeBaseId: + type: string + pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ + KnowledgeBaseType: + $ref: '#/components/schemas/KnowledgeBaseType' + Name: + type: string + maxLength: 255 + minLength: 1 + RenderingConfiguration: + $ref: '#/components/schemas/RenderingConfiguration' + ServerSideEncryptionConfiguration: + $ref: '#/components/schemas/ServerSideEncryptionConfiguration' + SourceConfiguration: + $ref: '#/components/schemas/SourceConfiguration' + Tags: + x-insertionOrder: false + uniqueItems: true + items: + $ref: '#/components/schemas/Tag' + type: array + required: + - KnowledgeBaseType + - Name + x-stackql-resource-name: knowledge_base + x-stackql-primaryIdentifier: + - KnowledgeBaseId + x-create-only-properties: + - Description + - KnowledgeBaseType + - Name + - ServerSideEncryptionConfiguration + - SourceConfiguration + - Tags + x-read-only-properties: + - KnowledgeBaseId + - KnowledgeBaseArn + x-required-permissions: + create: + - appflow:CreateFlow + - appflow:DeleteFlow + - appflow:StartFlow + - appflow:TagResource + - appflow:UseConnectorProfile + - app-integrations:CreateDataIntegrationAssociation + - app-integrations:GetDataIntegration + - kms:DescribeKey + - kms:CreateGrant + - kms:ListGrants + - wisdom:CreateKnowledgeBase + - wisdom:TagResource + update: + - wisdom:GetKnowledgeBase + delete: + - appflow:DeleteFlow + - appflow:StopFlow + - app-integrations:DeleteDataIntegrationAssociation + - wisdom:DeleteKnowledgeBase + list: + - wisdom:ListKnowledgeBases + read: + - wisdom:GetKnowledgeBase + x-stackQL-resources: + assistants: + name: assistants + id: awscc.wisdom.assistants + x-cfn-schema-name: Assistant + x-type: list + x-identifiers: + - AssistantId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssistantId') as assistant_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Wisdom::Assistant' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssistantId') as assistant_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Wisdom::Assistant' + AND region = 'us-east-1' + assistant: + name: assistant + id: awscc.wisdom.assistant + x-cfn-schema-name: Assistant + x-type: get + x-identifiers: + - AssistantId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Type') as type, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.AssistantArn') as assistant_arn, + JSON_EXTRACT(Properties, '$.AssistantId') as assistant_id, + JSON_EXTRACT(Properties, '$.ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Wisdom::Assistant' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Type') as type, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'AssistantArn') as assistant_arn, + json_extract_path_text(Properties, 'AssistantId') as assistant_id, + json_extract_path_text(Properties, 'ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'Name') as name + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Wisdom::Assistant' + AND data__Identifier = '' + AND region = 'us-east-1' + assistant_associations: + name: assistant_associations + id: awscc.wisdom.assistant_associations + x-cfn-schema-name: AssistantAssociation + x-type: list + x-identifiers: + - AssistantAssociationId + - AssistantId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssistantAssociationId') as assistant_association_id, + JSON_EXTRACT(Properties, '$.AssistantId') as assistant_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Wisdom::AssistantAssociation' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssistantAssociationId') as assistant_association_id, + json_extract_path_text(Properties, 'AssistantId') as assistant_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Wisdom::AssistantAssociation' + AND region = 'us-east-1' + assistant_association: + name: assistant_association + id: awscc.wisdom.assistant_association + x-cfn-schema-name: AssistantAssociation + x-type: get + x-identifiers: + - AssistantAssociationId + - AssistantId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssistantAssociationArn') as assistant_association_arn, + JSON_EXTRACT(Properties, '$.AssistantArn') as assistant_arn, + JSON_EXTRACT(Properties, '$.AssistantAssociationId') as assistant_association_id, + JSON_EXTRACT(Properties, '$.AssistantId') as assistant_id, + JSON_EXTRACT(Properties, '$.Association') as association, + JSON_EXTRACT(Properties, '$.AssociationType') as association_type, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Wisdom::AssistantAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssistantAssociationArn') as assistant_association_arn, + json_extract_path_text(Properties, 'AssistantArn') as assistant_arn, + json_extract_path_text(Properties, 'AssistantAssociationId') as assistant_association_id, + json_extract_path_text(Properties, 'AssistantId') as assistant_id, + json_extract_path_text(Properties, 'Association') as association, + json_extract_path_text(Properties, 'AssociationType') as association_type, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Wisdom::AssistantAssociation' + AND data__Identifier = '' + AND region = 'us-east-1' + knowledge_bases: + name: knowledge_bases + id: awscc.wisdom.knowledge_bases + x-cfn-schema-name: KnowledgeBase + x-type: list + x-identifiers: + - KnowledgeBaseId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.KnowledgeBaseId') as knowledge_base_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Wisdom::KnowledgeBase' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'KnowledgeBaseId') as knowledge_base_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::Wisdom::KnowledgeBase' + AND region = 'us-east-1' + knowledge_base: + name: knowledge_base + id: awscc.wisdom.knowledge_base + x-cfn-schema-name: KnowledgeBase + x-type: get + x-identifiers: + - KnowledgeBaseId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.KnowledgeBaseArn') as knowledge_base_arn, + JSON_EXTRACT(Properties, '$.KnowledgeBaseId') as knowledge_base_id, + JSON_EXTRACT(Properties, '$.KnowledgeBaseType') as knowledge_base_type, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.RenderingConfiguration') as rendering_configuration, + JSON_EXTRACT(Properties, '$.ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + JSON_EXTRACT(Properties, '$.SourceConfiguration') as source_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Wisdom::KnowledgeBase' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'KnowledgeBaseArn') as knowledge_base_arn, + json_extract_path_text(Properties, 'KnowledgeBaseId') as knowledge_base_id, + json_extract_path_text(Properties, 'KnowledgeBaseType') as knowledge_base_type, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'RenderingConfiguration') as rendering_configuration, + json_extract_path_text(Properties, 'ServerSideEncryptionConfiguration') as server_side_encryption_configuration, + json_extract_path_text(Properties, 'SourceConfiguration') as source_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::Wisdom::KnowledgeBase' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/workspaces.yaml b/providers/src/awscc/v00.00.00000/services/workspaces.yaml new file mode 100644 index 00000000..ad8c29d0 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/workspaces.yaml @@ -0,0 +1,152 @@ +openapi: 3.0.0 +info: + title: WorkSpaces + version: 1.0.0 +paths: {} +components: + schemas: + ConnectionAliasAssociation: + type: object + additionalProperties: false + properties: + AssociationStatus: + type: string + enum: + - NOT_ASSOCIATED + - PENDING_ASSOCIATION + - ASSOCIATED_WITH_OWNER_ACCOUNT + - ASSOCIATED_WITH_SHARED_ACCOUNT + - PENDING_DISASSOCIATION + AssociatedAccountId: + type: string + ResourceId: + type: string + pattern: .+ + minLength: 1 + maxLength: 1000 + ConnectionIdentifier: + type: string + maxLength: 20 + minLength: 1 + pattern: ^[a-zA-Z0-9]+$ + Tag: + type: object + additionalProperties: false + properties: + Key: + type: string + Value: + type: string + required: + - Value + - Key + ConnectionAlias: + type: object + properties: + Associations: + type: array + maxLength: 25 + minLength: 1 + items: + $ref: '#/components/schemas/ConnectionAliasAssociation' + AliasId: + type: string + pattern: ^wsca-[0-9a-z]{8,63}$ + maxLength: 68 + minLength: 13 + ConnectionString: + type: string + pattern: ^[.0-9a-zA-Z\-]{1,255}$ + minLength: 1 + maxLength: 255 + ConnectionAliasState: + type: string + enum: + - CREATING + - CREATED + - DELETING + Tags: + type: array + uniqueItems: false + items: + $ref: '#/components/schemas/Tag' + required: + - ConnectionString + x-stackql-resource-name: connection_alias + x-stackql-primaryIdentifier: + - AliasId + x-create-only-properties: + - ConnectionString + - Tags + x-read-only-properties: + - ConnectionAliasState + - AliasId + - Associations + x-required-permissions: + create: + - workspaces:CreateConnectionAlias + read: + - workspaces:DescribeConnectionAliases + delete: + - workspaces:DeleteConnectionAlias + x-stackQL-resources: + connection_aliases: + name: connection_aliases + id: awscc.workspaces.connection_aliases + x-cfn-schema-name: ConnectionAlias + x-type: list + x-identifiers: + - AliasId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AliasId') as alias_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpaces::ConnectionAlias' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AliasId') as alias_id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpaces::ConnectionAlias' + AND region = 'us-east-1' + connection_alias: + name: connection_alias + id: awscc.workspaces.connection_alias + x-cfn-schema-name: ConnectionAlias + x-type: get + x-identifiers: + - AliasId + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Associations') as associations, + JSON_EXTRACT(Properties, '$.AliasId') as alias_id, + JSON_EXTRACT(Properties, '$.ConnectionString') as connection_string, + JSON_EXTRACT(Properties, '$.ConnectionAliasState') as connection_alias_state, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpaces::ConnectionAlias' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Associations') as associations, + json_extract_path_text(Properties, 'AliasId') as alias_id, + json_extract_path_text(Properties, 'ConnectionString') as connection_string, + json_extract_path_text(Properties, 'ConnectionAliasState') as connection_alias_state, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpaces::ConnectionAlias' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/workspacesthinclient.yaml b/providers/src/awscc/v00.00.00000/services/workspacesthinclient.yaml new file mode 100644 index 00000000..c273c6b5 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/workspacesthinclient.yaml @@ -0,0 +1,334 @@ +openapi: 3.0.0 +info: + title: WorkSpacesThinClient + version: 1.0.0 +paths: {} +components: + schemas: + Hour: + type: integer + minimum: 0 + maximum: 23 + Minute: + type: integer + minimum: 0 + maximum: 59 + DayOfWeek: + type: string + enum: + - MONDAY + - TUESDAY + - WEDNESDAY + - THURSDAY + - FRIDAY + - SATURDAY + - SUNDAY + Tag: + description: A key-value pair to associate with a resource. + type: object + additionalProperties: false + properties: + Key: + type: string + description: 'The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + pattern: ^(?!aws:)[a-zA-Z+-=._:/]+$ + minLength: 1 + maxLength: 128 + Value: + type: string + description: 'The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.' + maxLength: 256 + required: + - Key + - Value + MaintenanceWindow: + type: object + additionalProperties: false + properties: + Type: + description: The type of maintenance window. + type: string + enum: + - SYSTEM + - CUSTOM + StartTimeHour: + description: The hour start time of maintenance window. + $ref: '#/components/schemas/Hour' + StartTimeMinute: + description: The minute start time of maintenance window. + $ref: '#/components/schemas/Minute' + EndTimeHour: + description: The hour end time of maintenance window. + $ref: '#/components/schemas/Hour' + EndTimeMinute: + description: The minute end time of maintenance window. + $ref: '#/components/schemas/Minute' + DaysOfTheWeek: + description: The date of maintenance window. + type: array + minItems: 1 + maxItems: 7 + uniqueItems: true + x-insertionOrder: false + items: + $ref: '#/components/schemas/DayOfWeek' + ApplyTimeOf: + description: The desired time zone maintenance window. + type: string + enum: + - UTC + - DEVICE + required: + - Type + Environment: + type: object + properties: + Id: + description: Unique identifier of the environment. + type: string + pattern: ^[a-z0-9]{9}$ + Name: + description: The name of the environment. + type: string + pattern: ^.+$ + minLength: 1 + maxLength: 64 + DesktopArn: + description: The Amazon Resource Name (ARN) of the desktop to stream from Amazon WorkSpaces, WorkSpaces Web, or AppStream 2.0. + type: string + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[0-9]{0,12}:[a-zA-Z0-9\-\/\._]+$ + minLength: 20 + maxLength: 2048 + DesktopEndpoint: + description: The URL for the identity provider login (only for environments that use AppStream 2.0). + type: string + pattern: ^(https:\/\/)[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,32}(:[0-9]{1,5})?(\/.*)?$ + minLength: 1 + maxLength: 1024 + DesktopType: + description: The type of VDI. + type: string + enum: + - workspaces + - appstream + - workspaces-web + ActivationCode: + description: Activation code for devices associated with environment. + type: string + pattern: ^[a-z]{2}[a-z0-9]{6}$ + RegisteredDevicesCount: + description: Number of devices registered to the environment. + type: integer + minimum: 0 + SoftwareSetUpdateSchedule: + description: An option to define if software updates should be applied within a maintenance window. + type: string + enum: + - USE_MAINTENANCE_WINDOW + - APPLY_IMMEDIATELY + MaintenanceWindow: + description: A specification for a time window to apply software updates. + $ref: '#/components/schemas/MaintenanceWindow' + SoftwareSetUpdateMode: + description: An option to define which software updates to apply. + type: string + enum: + - USE_LATEST + - USE_DESIRED + DesiredSoftwareSetId: + description: The ID of the software set to apply. + type: string + pattern: ^[0-9]{1,9}$ + PendingSoftwareSetId: + description: The ID of the software set that is pending to be installed. + type: string + pattern: ^[0-9]{1,9}$ + PendingSoftwareSetVersion: + description: The version of the software set that is pending to be installed. + type: string + SoftwareSetComplianceStatus: + description: Describes if the software currently installed on all devices in the environment is a supported version. + type: string + enum: + - COMPLIANT + - NOT_COMPLIANT + - NO_REGISTERED_DEVICES + CreatedAt: + description: The timestamp in unix epoch format when environment was created. + type: string + UpdatedAt: + description: The timestamp in unix epoch format when environment was last updated. + type: string + Arn: + description: The environment ARN. + type: string + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[0-9]{0,12}:[a-zA-Z0-9\-\/\._]+$ + minLength: 20 + maxLength: 2048 + KmsKeyArn: + description: The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment. + type: string + pattern: ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[0-9]{0,12}:key\/[a-zA-Z0-9-]+$ + minLength: 20 + maxLength: 2048 + Tags: + type: array + maxItems: 20 + uniqueItems: true + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + required: + - DesktopArn + x-stackql-resource-name: environment + x-stackql-primaryIdentifier: + - Id + x-create-only-properties: + - KmsKeyArn + - DesktopArn + x-read-only-properties: + - Id + - ActivationCode + - Arn + - CreatedAt + - DesktopType + - RegisteredDevicesCount + - UpdatedAt + - PendingSoftwareSetId + - PendingSoftwareSetVersion + - SoftwareSetComplianceStatus + x-required-permissions: + create: + - thinclient:CreateEnvironment + - thinclient:TagResource + - thinclient:ListTagsForResource + - appstream:DescribeStacks + - workspaces:DescribeWorkspaceDirectories + - workspaces-web:GetPortal + - workspaces-web:GetUserSettings + - kms:DescribeKey + - kms:Encrypt + - kms:Decrypt + - kms:CreateGrant + read: + - thinclient:GetEnvironment + - thinclient:ListTagsForResource + - kms:DescribeKey + - kms:Encrypt + - kms:Decrypt + update: + - appstream:DescribeStacks + - workspaces:DescribeWorkspaceDirectories + - workspaces-web:GetPortal + - workspaces-web:GetUserSettings + - thinclient:UpdateEnvironment + - thinclient:GetEnvironment + - thinclient:TagResource + - thinclient:UntagResource + - thinclient:ListTagsForResource + - kms:DescribeKey + - kms:Encrypt + - kms:Decrypt + - kms:CreateGrant + - kms:RetireGrant + delete: + - thinclient:DeleteEnvironment + - thinclient:UntagResource + - kms:DescribeKey + - kms:RetireGrant + list: + - thinclient:ListEnvironment + - thinclient:ListTagsForResource + - kms:DescribeKey + - kms:Encrypt + - kms:Decrypt + x-stackQL-resources: + environments: + name: environments + id: awscc.workspacesthinclient.environments + x-cfn-schema-name: Environment + x-type: list + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesThinClient::Environment' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesThinClient::Environment' + AND region = 'us-east-1' + environment: + name: environment + id: awscc.workspacesthinclient.environment + x-cfn-schema-name: Environment + x-type: get + x-identifiers: + - Id + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.Id') as id, + JSON_EXTRACT(Properties, '$.Name') as name, + JSON_EXTRACT(Properties, '$.DesktopArn') as desktop_arn, + JSON_EXTRACT(Properties, '$.DesktopEndpoint') as desktop_endpoint, + JSON_EXTRACT(Properties, '$.DesktopType') as desktop_type, + JSON_EXTRACT(Properties, '$.ActivationCode') as activation_code, + JSON_EXTRACT(Properties, '$.RegisteredDevicesCount') as registered_devices_count, + JSON_EXTRACT(Properties, '$.SoftwareSetUpdateSchedule') as software_set_update_schedule, + JSON_EXTRACT(Properties, '$.MaintenanceWindow') as maintenance_window, + JSON_EXTRACT(Properties, '$.SoftwareSetUpdateMode') as software_set_update_mode, + JSON_EXTRACT(Properties, '$.DesiredSoftwareSetId') as desired_software_set_id, + JSON_EXTRACT(Properties, '$.PendingSoftwareSetId') as pending_software_set_id, + JSON_EXTRACT(Properties, '$.PendingSoftwareSetVersion') as pending_software_set_version, + JSON_EXTRACT(Properties, '$.SoftwareSetComplianceStatus') as software_set_compliance_status, + JSON_EXTRACT(Properties, '$.CreatedAt') as created_at, + JSON_EXTRACT(Properties, '$.UpdatedAt') as updated_at, + JSON_EXTRACT(Properties, '$.Arn') as arn, + JSON_EXTRACT(Properties, '$.KmsKeyArn') as kms_key_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesThinClient::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'Id') as id, + json_extract_path_text(Properties, 'Name') as name, + json_extract_path_text(Properties, 'DesktopArn') as desktop_arn, + json_extract_path_text(Properties, 'DesktopEndpoint') as desktop_endpoint, + json_extract_path_text(Properties, 'DesktopType') as desktop_type, + json_extract_path_text(Properties, 'ActivationCode') as activation_code, + json_extract_path_text(Properties, 'RegisteredDevicesCount') as registered_devices_count, + json_extract_path_text(Properties, 'SoftwareSetUpdateSchedule') as software_set_update_schedule, + json_extract_path_text(Properties, 'MaintenanceWindow') as maintenance_window, + json_extract_path_text(Properties, 'SoftwareSetUpdateMode') as software_set_update_mode, + json_extract_path_text(Properties, 'DesiredSoftwareSetId') as desired_software_set_id, + json_extract_path_text(Properties, 'PendingSoftwareSetId') as pending_software_set_id, + json_extract_path_text(Properties, 'PendingSoftwareSetVersion') as pending_software_set_version, + json_extract_path_text(Properties, 'SoftwareSetComplianceStatus') as software_set_compliance_status, + json_extract_path_text(Properties, 'CreatedAt') as created_at, + json_extract_path_text(Properties, 'UpdatedAt') as updated_at, + json_extract_path_text(Properties, 'Arn') as arn, + json_extract_path_text(Properties, 'KmsKeyArn') as kms_key_arn, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesThinClient::Environment' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/workspacesweb.yaml b/providers/src/awscc/v00.00.00000/services/workspacesweb.yaml new file mode 100644 index 00000000..eabaaf05 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/workspacesweb.yaml @@ -0,0 +1,1265 @@ +openapi: 3.0.0 +info: + title: WorkSpacesWeb + version: 1.0.0 +paths: {} +components: + schemas: + EncryptionContextMap: + type: object + x-patternProperties: + ^[\s\S]*$: + type: string + maxLength: 131072 + minLength: 0 + pattern: ^[\s\S]*$ + additionalProperties: false + Tag: + type: object + properties: + Key: + type: string + maxLength: 128 + minLength: 1 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + Value: + type: string + maxLength: 256 + minLength: 0 + pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$ + required: + - Key + - Value + additionalProperties: false + BrowserSettings: + type: object + properties: + AdditionalEncryptionContext: + $ref: '#/components/schemas/EncryptionContextMap' + AssociatedPortalArns: + type: array + items: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + x-insertionOrder: false + BrowserPolicy: + type: string + maxLength: 131072 + minLength: 2 + pattern: \{[\S\s]*\}\s* + BrowserSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + CustomerManagedKey: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$ + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + x-insertionOrder: false + x-stackql-resource-name: browser_settings + x-stackql-primaryIdentifier: + - BrowserSettingsArn + x-create-only-properties: + - AdditionalEncryptionContext + - CustomerManagedKey + x-read-only-properties: + - AssociatedPortalArns + - BrowserSettingsArn + x-required-permissions: + create: + - workspaces-web:CreateBrowserSettings + - workspaces-web:GetBrowserSettings + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + read: + - workspaces-web:GetBrowserSettings + - workspaces-web:ListBrowserSettings + - workspaces-web:ListTagsForResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + update: + - workspaces-web:UpdateBrowserSettings + - workspaces-web:TagResource + - workspaces-web:UntagResource + - workspaces-web:GetBrowserSettings + - workspaces-web:ListBrowserSettings + - workspaces-web:ListTagsForResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + delete: + - workspaces-web:GetBrowserSettings + - workspaces-web:DeleteBrowserSettings + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + list: + - workspaces-web:ListBrowserSettings + IdentityProviderDetails: + type: object + x-patternProperties: + ^[\s\S]*$: + type: string + maxLength: 131072 + minLength: 0 + pattern: ^[\s\S]*$ + additionalProperties: false + IdentityProviderType: + type: string + enum: + - SAML + - Facebook + - Google + - LoginWithAmazon + - SignInWithApple + - OIDC + IdentityProvider: + type: object + properties: + IdentityProviderArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36}){2,}$ + IdentityProviderDetails: + $ref: '#/components/schemas/IdentityProviderDetails' + IdentityProviderName: + type: string + maxLength: 32 + minLength: 1 + pattern: ^[^_][\p{L}\p{M}\p{S}\p{N}\p{P}][^_]+$ + IdentityProviderType: + $ref: '#/components/schemas/IdentityProviderType' + PortalArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + required: + - IdentityProviderDetails + - IdentityProviderName + - IdentityProviderType + x-stackql-resource-name: identity_provider + x-stackql-primaryIdentifier: + - IdentityProviderArn + x-create-only-properties: + - PortalArn + x-read-only-properties: + - IdentityProviderArn + x-required-permissions: + create: + - workspaces-web:CreateIdentityProvider + - workspaces-web:GetIdentityProvider + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + read: + - workspaces-web:GetIdentityProvider + - workspaces-web:ListIdentityProviders + - workspaces-web:ListTagsForResource + update: + - workspaces-web:UpdateIdentityProvider + - workspaces-web:TagResource + - workspaces-web:UntagResource + - workspaces-web:GetIdentityProvider + - workspaces-web:ListIdentityProviders + - workspaces-web:ListTagsForResource + delete: + - workspaces-web:GetIdentityProvider + - workspaces-web:DeleteIdentityProvider + list: + - workspaces-web:ListIdentityProviders + IpRule: + type: object + properties: + IpRange: + type: string + pattern: ^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(?:/([0-9]|[12][0-9]|3[0-2])|)$ + description: A single IP address or an IP address range in CIDR notation + Description: + type: string + maxLength: 256 + minLength: 1 + pattern: ^.+$ + required: + - IpRange + additionalProperties: false + IpAccessSettings: + type: object + properties: + AdditionalEncryptionContext: + $ref: '#/components/schemas/EncryptionContextMap' + AssociatedPortalArns: + type: array + items: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + x-insertionOrder: false + CreationDate: + type: string + format: date-time + CustomerManagedKey: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$ + Description: + type: string + maxLength: 256 + minLength: 1 + pattern: ^.+$ + DisplayName: + type: string + maxLength: 64 + minLength: 1 + pattern: ^.+$ + IpAccessSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + IpRules: + type: array + items: + $ref: '#/components/schemas/IpRule' + maxItems: 100 + minItems: 1 + x-insertionOrder: false + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + x-insertionOrder: false + required: + - IpRules + x-stackql-resource-name: ip_access_settings + x-stackql-primaryIdentifier: + - IpAccessSettingsArn + x-create-only-properties: + - AdditionalEncryptionContext + - CustomerManagedKey + x-read-only-properties: + - AssociatedPortalArns + - CreationDate + - IpAccessSettingsArn + x-required-permissions: + create: + - workspaces-web:CreateIpAccessSettings + - workspaces-web:GetIpAccessSettings + - workspaces-web:ListIpAccessSettings + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + read: + - workspaces-web:GetIpAccessSettings + - workspaces-web:ListIpAccessSettings + - workspaces-web:ListTagsForResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + update: + - workspaces-web:UpdateIpAccessSettings + - workspaces-web:TagResource + - workspaces-web:UntagResource + - workspaces-web:GetIpAccessSettings + - workspaces-web:ListIpAccessSettings + - workspaces-web:ListTagsForResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + delete: + - workspaces-web:GetIpAccessSettings + - workspaces-web:ListIpAccessSettings + - workspaces-web:DeleteIpAccessSettings + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + list: + - workspaces-web:ListIpAccessSettings + NetworkSettings: + type: object + properties: + AssociatedPortalArns: + type: array + items: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + x-insertionOrder: false + NetworkSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + SecurityGroupIds: + type: array + items: + type: string + maxLength: 128 + minLength: 1 + pattern: ^[\w+\-]+$ + maxItems: 5 + minItems: 1 + x-insertionOrder: false + SubnetIds: + type: array + items: + type: string + maxLength: 32 + minLength: 1 + pattern: ^subnet-([0-9a-f]{8}|[0-9a-f]{17})$ + maxItems: 3 + minItems: 2 + x-insertionOrder: false + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + x-insertionOrder: false + VpcId: + type: string + maxLength: 255 + minLength: 1 + pattern: ^vpc-[0-9a-z]*$ + required: + - SecurityGroupIds + - SubnetIds + - VpcId + x-stackql-resource-name: network_settings + x-stackql-primaryIdentifier: + - NetworkSettingsArn + x-read-only-properties: + - AssociatedPortalArns + - NetworkSettingsArn + x-required-permissions: + create: + - workspaces-web:CreateNetworkSettings + - workspaces-web:GetNetworkSettings + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + read: + - workspaces-web:GetNetworkSettings + - workspaces-web:ListTagsForResource + update: + - workspaces-web:UpdateNetworkSettings + - workspaces-web:UpdateResource + - workspaces-web:TagResource + - workspaces-web:UntagResource + - workspaces-web:GetNetworkSettings + - workspaces-web:ListTagsForResource + delete: + - workspaces-web:GetNetworkSettings + - workspaces-web:DeleteNetworkSettings + list: + - workspaces-web:ListNetworkSettings + AuthenticationType: + type: string + enum: + - Standard + - IAM_Identity_Center + BrowserType: + type: string + enum: + - Chrome + PortalStatus: + type: string + enum: + - Incomplete + - Pending + - Active + RendererType: + type: string + enum: + - AppStream + Portal: + type: object + properties: + AdditionalEncryptionContext: + $ref: '#/components/schemas/EncryptionContextMap' + AuthenticationType: + $ref: '#/components/schemas/AuthenticationType' + BrowserSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + BrowserType: + $ref: '#/components/schemas/BrowserType' + CreationDate: + type: string + format: date-time + CustomerManagedKey: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$ + DisplayName: + type: string + maxLength: 64 + minLength: 1 + pattern: ^.+$ + IpAccessSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + NetworkSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + PortalArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + PortalEndpoint: + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-zA-Z0-9]?((?!-)([A-Za-z0-9-]*[A-Za-z0-9])\.)+[a-zA-Z0-9]+$ + PortalStatus: + $ref: '#/components/schemas/PortalStatus' + RendererType: + $ref: '#/components/schemas/RendererType' + ServiceProviderSamlMetadata: + type: string + maxLength: 204800 + minLength: 0 + pattern: ^.*$ + StatusReason: + type: string + maxLength: 1024 + minLength: 1 + pattern: .* + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + x-insertionOrder: false + TrustStoreArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + UserAccessLoggingSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + UserSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + x-stackql-resource-name: portal + x-stackql-primaryIdentifier: + - PortalArn + x-create-only-properties: + - AdditionalEncryptionContext + - CustomerManagedKey + x-read-only-properties: + - BrowserType + - CreationDate + - PortalArn + - PortalEndpoint + - PortalStatus + - RendererType + - ServiceProviderSamlMetadata + - StatusReason + x-required-permissions: + create: + - workspaces-web:CreatePortal + - workspaces-web:GetPortal + - workspaces-web:GetPortalServiceProviderMetadata + - workspaces-web:AssociateBrowserSettings + - workspaces-web:AssociateIpAccessSettings + - workspaces-web:AssociateNetworkSettings + - workspaces-web:AssociateTrustStore + - workspaces-web:AssociateUserAccessLoggingSettings + - workspaces-web:AssociateUserSettings + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + - kms:CreateGrant + - kms:GenerateDataKey + - kms:Decrypt + - ec2:CreateNetworkInterface + - ec2:CreateNetworkInterfacePermission + - ec2:DeleteNetworkInterface + - ec2:DeleteNetworkInterfacePermission + - ec2:ModifyNetworkInterfaceAttribute + - kinesis:PutRecord + - kinesis:PutRecords + - kinesis:DescribeStreamSummary + - sso:CreateManagedApplicationInstance + - sso:DescribeRegisteredRegions + read: + - workspaces-web:GetPortal + - workspaces-web:GetPortalServiceProviderMetadata + - workspaces-web:ListTagsForResource + - kms:Decrypt + update: + - workspaces-web:GetPortal + - workspaces-web:GetPortalServiceProviderMetadata + - workspaces-web:UpdatePortal + - workspaces-web:AssociateBrowserSettings + - workspaces-web:AssociateIpAccessSettings + - workspaces-web:AssociateNetworkSettings + - workspaces-web:AssociateTrustStore + - workspaces-web:AssociateUserAccessLoggingSettings + - workspaces-web:AssociateUserSettings + - workspaces-web:DisassociateBrowserSettings + - workspaces-web:DisassociateIpAccessSettings + - workspaces-web:DisassociateNetworkSettings + - workspaces-web:DisassociateTrustStore + - workspaces-web:DisassociateUserAccessLoggingSettings + - workspaces-web:DisassociateUserSettings + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + - workspaces-web:UntagResource + - kms:CreateGrant + - kms:Encrypt + - kms:GenerateDataKey + - kms:Decrypt + - ec2:CreateNetworkInterface + - ec2:CreateNetworkInterfacePermission + - ec2:DeleteNetworkInterface + - ec2:DeleteNetworkInterfacePermission + - ec2:ModifyNetworkInterfaceAttribute + - kinesis:PutRecord + - kinesis:PutRecords + - kinesis:DescribeStreamSummary + - sso:CreateManagedApplicationInstance + - sso:DeleteManagedApplicationInstance + - sso:DescribeRegisteredRegions + - sso:GetApplicationInstance + - sso:ListApplicationInstances + delete: + - workspaces-web:GetPortal + - workspaces-web:DeletePortal + - workspaces-web:DisassociateBrowserSettings + - workspaces-web:DisassociateIpAccessSettings + - workspaces-web:DisassociateNetworkSettings + - workspaces-web:DisassociateTrustStore + - workspaces-web:DisassociateUserAccessLoggingSettings + - workspaces-web:DisassociateUserSettings + - kms:Decrypt + - sso:DeleteManagedApplicationInstance + list: + - workspaces-web:ListPortals + - kms:Decrypt + TrustStore: + type: object + properties: + AssociatedPortalArns: + type: array + items: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + x-insertionOrder: false + CertificateList: + type: array + items: + type: string + x-insertionOrder: false + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + x-insertionOrder: false + TrustStoreArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + required: + - CertificateList + x-stackql-resource-name: trust_store + x-stackql-primaryIdentifier: + - TrustStoreArn + x-read-only-properties: + - AssociatedPortalArns + - TrustStoreArn + x-required-permissions: + create: + - workspaces-web:CreateTrustStore + - workspaces-web:GetTrustStore + - workspaces-web:GetTrustStoreCertificate + - workspaces-web:ListTrustStoreCertificates + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + read: + - workspaces-web:GetTrustStore + - workspaces-web:GetTrustStoreCertificate + - workspaces-web:ListTagsForResource + - workspaces-web:ListTrustStoreCertificates + update: + - workspaces-web:UpdateTrustStore + - workspaces-web:TagResource + - workspaces-web:UntagResource + - workspaces-web:GetTrustStore + - workspaces-web:GetTrustStoreCertificate + - workspaces-web:ListTagsForResource + - workspaces-web:ListTrustStoreCertificates + delete: + - workspaces-web:GetTrustStore + - workspaces-web:GetTrustStoreCertificate + - workspaces-web:DeleteTrustStore + list: + - workspaces-web:ListTrustStores + - workspaces-web:ListTrustStoreCertificates + UserAccessLoggingSettings: + type: object + properties: + AssociatedPortalArns: + type: array + items: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + x-insertionOrder: false + KinesisStreamArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: arn:[\w+=/,.@-]+:kinesis:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:stream/.+ + description: Kinesis stream ARN to which log events are published. + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + x-insertionOrder: false + UserAccessLoggingSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + required: + - KinesisStreamArn + x-stackql-resource-name: user_access_logging_settings + x-stackql-primaryIdentifier: + - UserAccessLoggingSettingsArn + x-read-only-properties: + - AssociatedPortalArns + - UserAccessLoggingSettingsArn + x-required-permissions: + create: + - workspaces-web:CreateUserAccessLoggingSettings + - workspaces-web:GetUserAccessLoggingSettings + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + read: + - workspaces-web:GetUserAccessLoggingSettings + - workspaces-web:ListTagsForResource + update: + - workspaces-web:UpdateUserAccessLoggingSettings + - workspaces-web:TagResource + - workspaces-web:UntagResource + - workspaces-web:GetUserAccessLoggingSettings + - workspaces-web:ListTagsForResource + - kinesis:PutRecord + - kinesis:PutRecords + delete: + - workspaces-web:GetUserAccessLoggingSettings + - workspaces-web:DeleteUserAccessLoggingSettings + list: + - workspaces-web:ListUserAccessLoggingSettings + CookieSpecification: + type: object + properties: + Domain: + type: string + maxLength: 253 + minLength: 0 + pattern: ^(\.?)(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)*[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$ + Name: + type: string + maxLength: 4096 + minLength: 0 + Path: + type: string + maxLength: 2000 + minLength: 0 + pattern: ^/(\S)*$ + required: + - Domain + additionalProperties: false + CookieSynchronizationConfiguration: + type: object + properties: + Allowlist: + type: array + items: + $ref: '#/components/schemas/CookieSpecification' + maxItems: 10 + minItems: 0 + x-insertionOrder: false + Blocklist: + type: array + items: + $ref: '#/components/schemas/CookieSpecification' + maxItems: 10 + minItems: 0 + x-insertionOrder: false + required: + - Allowlist + additionalProperties: false + EnabledType: + type: string + enum: + - Disabled + - Enabled + UserSettings: + type: object + properties: + AdditionalEncryptionContext: + $ref: '#/components/schemas/EncryptionContextMap' + AssociatedPortalArns: + type: array + items: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + x-insertionOrder: false + CookieSynchronizationConfiguration: + $ref: '#/components/schemas/CookieSynchronizationConfiguration' + CopyAllowed: + $ref: '#/components/schemas/EnabledType' + CustomerManagedKey: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$ + DisconnectTimeoutInMinutes: + type: number + default: null + maximum: 600 + minimum: 1 + DownloadAllowed: + $ref: '#/components/schemas/EnabledType' + IdleDisconnectTimeoutInMinutes: + type: number + default: null + maximum: 60 + minimum: 0 + PasteAllowed: + $ref: '#/components/schemas/EnabledType' + PrintAllowed: + $ref: '#/components/schemas/EnabledType' + Tags: + type: array + items: + $ref: '#/components/schemas/Tag' + maxItems: 200 + minItems: 0 + x-insertionOrder: false + UploadAllowed: + $ref: '#/components/schemas/EnabledType' + UserSettingsArn: + type: string + maxLength: 2048 + minLength: 20 + pattern: ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$ + required: + - CopyAllowed + - DownloadAllowed + - PasteAllowed + - PrintAllowed + - UploadAllowed + x-stackql-resource-name: user_settings + x-stackql-primaryIdentifier: + - UserSettingsArn + x-create-only-properties: + - AdditionalEncryptionContext + - CustomerManagedKey + x-read-only-properties: + - AssociatedPortalArns + - UserSettingsArn + x-required-permissions: + create: + - workspaces-web:CreateUserSettings + - workspaces-web:GetUserSettings + - workspaces-web:ListTagsForResource + - workspaces-web:TagResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + read: + - workspaces-web:GetUserSettings + - workspaces-web:ListTagsForResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + update: + - workspaces-web:UpdateUserSettings + - workspaces-web:TagResource + - workspaces-web:UntagResource + - workspaces-web:GetUserSettings + - workspaces-web:ListTagsForResource + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + delete: + - workspaces-web:GetUserSettings + - workspaces-web:DeleteUserSettings + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + list: + - workspaces-web:ListUserSettings + - kms:CreateGrant + - kms:DescribeKey + - kms:GenerateDataKey + - kms:Decrypt + x-stackQL-resources: + browser_settings: + name: browser_settings + id: awscc.workspacesweb.browser_settings + x-cfn-schema-name: BrowserSettings + x-type: get + x-identifiers: + - BrowserSettingsArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdditionalEncryptionContext') as additional_encryption_context, + JSON_EXTRACT(Properties, '$.AssociatedPortalArns') as associated_portal_arns, + JSON_EXTRACT(Properties, '$.BrowserPolicy') as browser_policy, + JSON_EXTRACT(Properties, '$.BrowserSettingsArn') as browser_settings_arn, + JSON_EXTRACT(Properties, '$.CustomerManagedKey') as customer_managed_key, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::BrowserSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdditionalEncryptionContext') as additional_encryption_context, + json_extract_path_text(Properties, 'AssociatedPortalArns') as associated_portal_arns, + json_extract_path_text(Properties, 'BrowserPolicy') as browser_policy, + json_extract_path_text(Properties, 'BrowserSettingsArn') as browser_settings_arn, + json_extract_path_text(Properties, 'CustomerManagedKey') as customer_managed_key, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::BrowserSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + identity_providers: + name: identity_providers + id: awscc.workspacesweb.identity_providers + x-cfn-schema-name: IdentityProvider + x-type: list + x-identifiers: + - IdentityProviderArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityProviderArn') as identity_provider_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesWeb::IdentityProvider' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityProviderArn') as identity_provider_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesWeb::IdentityProvider' + AND region = 'us-east-1' + identity_provider: + name: identity_provider + id: awscc.workspacesweb.identity_provider + x-cfn-schema-name: IdentityProvider + x-type: get + x-identifiers: + - IdentityProviderArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.IdentityProviderArn') as identity_provider_arn, + JSON_EXTRACT(Properties, '$.IdentityProviderDetails') as identity_provider_details, + JSON_EXTRACT(Properties, '$.IdentityProviderName') as identity_provider_name, + JSON_EXTRACT(Properties, '$.IdentityProviderType') as identity_provider_type, + JSON_EXTRACT(Properties, '$.PortalArn') as portal_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::IdentityProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'IdentityProviderArn') as identity_provider_arn, + json_extract_path_text(Properties, 'IdentityProviderDetails') as identity_provider_details, + json_extract_path_text(Properties, 'IdentityProviderName') as identity_provider_name, + json_extract_path_text(Properties, 'IdentityProviderType') as identity_provider_type, + json_extract_path_text(Properties, 'PortalArn') as portal_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::IdentityProvider' + AND data__Identifier = '' + AND region = 'us-east-1' + ip_access_settings: + name: ip_access_settings + id: awscc.workspacesweb.ip_access_settings + x-cfn-schema-name: IpAccessSettings + x-type: get + x-identifiers: + - IpAccessSettingsArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdditionalEncryptionContext') as additional_encryption_context, + JSON_EXTRACT(Properties, '$.AssociatedPortalArns') as associated_portal_arns, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.CustomerManagedKey') as customer_managed_key, + JSON_EXTRACT(Properties, '$.Description') as description, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.IpAccessSettingsArn') as ip_access_settings_arn, + JSON_EXTRACT(Properties, '$.IpRules') as ip_rules, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::IpAccessSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdditionalEncryptionContext') as additional_encryption_context, + json_extract_path_text(Properties, 'AssociatedPortalArns') as associated_portal_arns, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'CustomerManagedKey') as customer_managed_key, + json_extract_path_text(Properties, 'Description') as description, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'IpAccessSettingsArn') as ip_access_settings_arn, + json_extract_path_text(Properties, 'IpRules') as ip_rules, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::IpAccessSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + network_settings: + name: network_settings + id: awscc.workspacesweb.network_settings + x-cfn-schema-name: NetworkSettings + x-type: get + x-identifiers: + - NetworkSettingsArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociatedPortalArns') as associated_portal_arns, + JSON_EXTRACT(Properties, '$.NetworkSettingsArn') as network_settings_arn, + JSON_EXTRACT(Properties, '$.SecurityGroupIds') as security_group_ids, + JSON_EXTRACT(Properties, '$.SubnetIds') as subnet_ids, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.VpcId') as vpc_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::NetworkSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociatedPortalArns') as associated_portal_arns, + json_extract_path_text(Properties, 'NetworkSettingsArn') as network_settings_arn, + json_extract_path_text(Properties, 'SecurityGroupIds') as security_group_ids, + json_extract_path_text(Properties, 'SubnetIds') as subnet_ids, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'VpcId') as vpc_id + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::NetworkSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + portals: + name: portals + id: awscc.workspacesweb.portals + x-cfn-schema-name: Portal + x-type: list + x-identifiers: + - PortalArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PortalArn') as portal_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesWeb::Portal' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PortalArn') as portal_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesWeb::Portal' + AND region = 'us-east-1' + portal: + name: portal + id: awscc.workspacesweb.portal + x-cfn-schema-name: Portal + x-type: get + x-identifiers: + - PortalArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdditionalEncryptionContext') as additional_encryption_context, + JSON_EXTRACT(Properties, '$.AuthenticationType') as authentication_type, + JSON_EXTRACT(Properties, '$.BrowserSettingsArn') as browser_settings_arn, + JSON_EXTRACT(Properties, '$.BrowserType') as browser_type, + JSON_EXTRACT(Properties, '$.CreationDate') as creation_date, + JSON_EXTRACT(Properties, '$.CustomerManagedKey') as customer_managed_key, + JSON_EXTRACT(Properties, '$.DisplayName') as display_name, + JSON_EXTRACT(Properties, '$.IpAccessSettingsArn') as ip_access_settings_arn, + JSON_EXTRACT(Properties, '$.NetworkSettingsArn') as network_settings_arn, + JSON_EXTRACT(Properties, '$.PortalArn') as portal_arn, + JSON_EXTRACT(Properties, '$.PortalEndpoint') as portal_endpoint, + JSON_EXTRACT(Properties, '$.PortalStatus') as portal_status, + JSON_EXTRACT(Properties, '$.RendererType') as renderer_type, + JSON_EXTRACT(Properties, '$.ServiceProviderSamlMetadata') as service_provider_saml_metadata, + JSON_EXTRACT(Properties, '$.StatusReason') as status_reason, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TrustStoreArn') as trust_store_arn, + JSON_EXTRACT(Properties, '$.UserAccessLoggingSettingsArn') as user_access_logging_settings_arn, + JSON_EXTRACT(Properties, '$.UserSettingsArn') as user_settings_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::Portal' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdditionalEncryptionContext') as additional_encryption_context, + json_extract_path_text(Properties, 'AuthenticationType') as authentication_type, + json_extract_path_text(Properties, 'BrowserSettingsArn') as browser_settings_arn, + json_extract_path_text(Properties, 'BrowserType') as browser_type, + json_extract_path_text(Properties, 'CreationDate') as creation_date, + json_extract_path_text(Properties, 'CustomerManagedKey') as customer_managed_key, + json_extract_path_text(Properties, 'DisplayName') as display_name, + json_extract_path_text(Properties, 'IpAccessSettingsArn') as ip_access_settings_arn, + json_extract_path_text(Properties, 'NetworkSettingsArn') as network_settings_arn, + json_extract_path_text(Properties, 'PortalArn') as portal_arn, + json_extract_path_text(Properties, 'PortalEndpoint') as portal_endpoint, + json_extract_path_text(Properties, 'PortalStatus') as portal_status, + json_extract_path_text(Properties, 'RendererType') as renderer_type, + json_extract_path_text(Properties, 'ServiceProviderSamlMetadata') as service_provider_saml_metadata, + json_extract_path_text(Properties, 'StatusReason') as status_reason, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TrustStoreArn') as trust_store_arn, + json_extract_path_text(Properties, 'UserAccessLoggingSettingsArn') as user_access_logging_settings_arn, + json_extract_path_text(Properties, 'UserSettingsArn') as user_settings_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::Portal' + AND data__Identifier = '' + AND region = 'us-east-1' + trust_stores: + name: trust_stores + id: awscc.workspacesweb.trust_stores + x-cfn-schema-name: TrustStore + x-type: list + x-identifiers: + - TrustStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesWeb::TrustStore' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::WorkSpacesWeb::TrustStore' + AND region = 'us-east-1' + trust_store: + name: trust_store + id: awscc.workspacesweb.trust_store + x-cfn-schema-name: TrustStore + x-type: get + x-identifiers: + - TrustStoreArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociatedPortalArns') as associated_portal_arns, + JSON_EXTRACT(Properties, '$.CertificateList') as certificate_list, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::TrustStore' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociatedPortalArns') as associated_portal_arns, + json_extract_path_text(Properties, 'CertificateList') as certificate_list, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'TrustStoreArn') as trust_store_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::TrustStore' + AND data__Identifier = '' + AND region = 'us-east-1' + user_access_logging_settings: + name: user_access_logging_settings + id: awscc.workspacesweb.user_access_logging_settings + x-cfn-schema-name: UserAccessLoggingSettings + x-type: get + x-identifiers: + - UserAccessLoggingSettingsArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AssociatedPortalArns') as associated_portal_arns, + JSON_EXTRACT(Properties, '$.KinesisStreamArn') as kinesis_stream_arn, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UserAccessLoggingSettingsArn') as user_access_logging_settings_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::UserAccessLoggingSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AssociatedPortalArns') as associated_portal_arns, + json_extract_path_text(Properties, 'KinesisStreamArn') as kinesis_stream_arn, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UserAccessLoggingSettingsArn') as user_access_logging_settings_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::UserAccessLoggingSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + user_settings: + name: user_settings + id: awscc.workspacesweb.user_settings + x-cfn-schema-name: UserSettings + x-type: get + x-identifiers: + - UserSettingsArn + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.AdditionalEncryptionContext') as additional_encryption_context, + JSON_EXTRACT(Properties, '$.AssociatedPortalArns') as associated_portal_arns, + JSON_EXTRACT(Properties, '$.CookieSynchronizationConfiguration') as cookie_synchronization_configuration, + JSON_EXTRACT(Properties, '$.CopyAllowed') as copy_allowed, + JSON_EXTRACT(Properties, '$.CustomerManagedKey') as customer_managed_key, + JSON_EXTRACT(Properties, '$.DisconnectTimeoutInMinutes') as disconnect_timeout_in_minutes, + JSON_EXTRACT(Properties, '$.DownloadAllowed') as download_allowed, + JSON_EXTRACT(Properties, '$.IdleDisconnectTimeoutInMinutes') as idle_disconnect_timeout_in_minutes, + JSON_EXTRACT(Properties, '$.PasteAllowed') as paste_allowed, + JSON_EXTRACT(Properties, '$.PrintAllowed') as print_allowed, + JSON_EXTRACT(Properties, '$.Tags') as tags, + JSON_EXTRACT(Properties, '$.UploadAllowed') as upload_allowed, + JSON_EXTRACT(Properties, '$.UserSettingsArn') as user_settings_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::UserSettings' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'AdditionalEncryptionContext') as additional_encryption_context, + json_extract_path_text(Properties, 'AssociatedPortalArns') as associated_portal_arns, + json_extract_path_text(Properties, 'CookieSynchronizationConfiguration') as cookie_synchronization_configuration, + json_extract_path_text(Properties, 'CopyAllowed') as copy_allowed, + json_extract_path_text(Properties, 'CustomerManagedKey') as customer_managed_key, + json_extract_path_text(Properties, 'DisconnectTimeoutInMinutes') as disconnect_timeout_in_minutes, + json_extract_path_text(Properties, 'DownloadAllowed') as download_allowed, + json_extract_path_text(Properties, 'IdleDisconnectTimeoutInMinutes') as idle_disconnect_timeout_in_minutes, + json_extract_path_text(Properties, 'PasteAllowed') as paste_allowed, + json_extract_path_text(Properties, 'PrintAllowed') as print_allowed, + json_extract_path_text(Properties, 'Tags') as tags, + json_extract_path_text(Properties, 'UploadAllowed') as upload_allowed, + json_extract_path_text(Properties, 'UserSettingsArn') as user_settings_arn + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::WorkSpacesWeb::UserSettings' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/providers/src/awscc/v00.00.00000/services/xray.yaml b/providers/src/awscc/v00.00.00000/services/xray.yaml new file mode 100644 index 00000000..fd558b70 --- /dev/null +++ b/providers/src/awscc/v00.00.00000/services/xray.yaml @@ -0,0 +1,410 @@ +openapi: 3.0.0 +info: + title: XRay + version: 1.0.0 +paths: {} +components: + schemas: + InsightsConfiguration: + type: object + additionalProperties: false + properties: + InsightsEnabled: + description: Set the InsightsEnabled value to true to enable insights or false to disable insights. + type: boolean + NotificationsEnabled: + description: Set the NotificationsEnabled value to true to enable insights notifications. Notifications can only be enabled on a group with InsightsEnabled set to true. + type: boolean + Tag: + type: object + properties: + Key: + type: string + description: The key name of the tag. + Value: + type: string + description: The value for the tag. + required: + - Key + - Value + additionalProperties: false + Tags: + type: array + x-insertionOrder: false + description: An array of key-value pairs to apply to this resource. + items: + $ref: '#/components/schemas/Tag' + Group: + type: object + properties: + FilterExpression: + description: The filter expression defining criteria by which to group traces. + type: string + GroupName: + description: The case-sensitive name of the new group. Names must be unique. + type: string + minLength: 1 + maxLength: 32 + GroupARN: + description: The ARN of the group that was generated on creation. + type: string + minLength: 1 + maxLength: 400 + InsightsConfiguration: + $ref: '#/components/schemas/InsightsConfiguration' + Tags: + $ref: '#/components/schemas/Tags' + required: + - GroupName + x-stackql-resource-name: group + x-stackql-primaryIdentifier: + - GroupARN + x-read-only-properties: + - GroupARN + x-required-permissions: + create: + - xray:CreateGroup + - xray:TagResource + read: + - xray:GetGroup + - xray:ListTagsForResource + update: + - xray:UpdateGroup + - xray:TagResource + - xray:UntagResource + - xray:ListTagsForResource + delete: + - xray:DeleteGroup + list: + - xray:GetGroups + - xray:ListTagsForResource + ResourcePolicy: + type: object + properties: + PolicyName: + description: The name of the resource policy. Must be unique within a specific AWS account. + type: string + pattern: '[\w+=,.@-]+' + minLength: 1 + maxLength: 128 + PolicyDocument: + description: The resource policy document, which can be up to 5kb in size. + type: string + minLength: 1 + maxLength: 5120 + BypassPolicyLockoutCheck: + description: A flag to indicate whether to bypass the resource policy lockout safety check + type: boolean + required: + - PolicyName + - PolicyDocument + x-stackql-resource-name: resource_policy + x-stackql-primaryIdentifier: + - PolicyName + x-create-only-properties: + - PolicyName + x-required-permissions: + create: + - xray:PutResourcePolicy + - xray:ListResourcePolicies + read: + - xray:ListResourcePolicies + update: + - xray:PutResourcePolicy + - xray:ListResourcePolicies + delete: + - xray:DeleteResourcePolicy + list: + - xray:ListResourcePolicies + SamplingRule: + type: object + properties: + SamplingRule: + $ref: '#/components/schemas/SamplingRule' + SamplingRuleRecord: + $ref: '#/components/schemas/SamplingRuleRecord' + SamplingRuleUpdate: + $ref: '#/components/schemas/SamplingRuleUpdate' + RuleARN: + $ref: '#/components/schemas/RuleARN' + RuleName: + $ref: '#/components/schemas/RuleName' + Tags: + $ref: '#/components/schemas/Tags' + x-stackql-resource-name: sampling_rule + x-stackql-primaryIdentifier: + - RuleARN + x-create-only-properties: + - SamplingRule/Version + x-read-only-properties: + - RuleARN + x-required-permissions: + create: + - xray:CreateSamplingRule + - xray:TagResource + read: + - xray:GetSamplingRules + - xray:ListTagsForResource + update: + - xray:UpdateSamplingRule + - xray:TagResource + - xray:UntagResource + - xray:ListTagsForResource + delete: + - xray:DeleteSamplingRule + list: + - xray:GetSamplingRules + - xray:ListTagsForResource + SamplingRuleRecord: + type: object + additionalProperties: false + properties: + CreatedAt: + description: When the rule was created, in Unix time seconds. + type: string + ModifiedAt: + description: When the rule was modified, in Unix time seconds. + type: string + SamplingRule: + $ref: '#/components/schemas/SamplingRule' + SamplingRuleUpdate: + type: object + additionalProperties: false + properties: + Attributes: + x-$comment: String to string map + description: Matches attributes derived from the request. + type: object + x-patternProperties: + .{1,}: + type: string + additionalProperties: false + FixedRate: + description: The percentage of matching requests to instrument, after the reservoir is exhausted. + type: number + minimum: 0 + maximum: 1 + Host: + description: Matches the hostname from a request URL. + type: string + maxLength: 64 + HTTPMethod: + description: Matches the HTTP method from a request URL. + type: string + maxLength: 10 + Priority: + description: The priority of the sampling rule. + type: integer + minimum: 1 + maximum: 9999 + ReservoirSize: + description: A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively. + type: integer + minimum: 0 + ResourceARN: + description: Matches the ARN of the AWS resource on which the service runs. + type: string + maxLength: 500 + RuleARN: + $ref: '#/components/schemas/RuleARN' + RuleName: + $ref: '#/components/schemas/RuleName' + ServiceName: + description: Matches the name that the service uses to identify itself in segments. + type: string + maxLength: 64 + ServiceType: + description: Matches the origin that the service uses to identify its type in segments. + type: string + maxLength: 64 + URLPath: + description: Matches the path from a request URL. + type: string + maxLength: 128 + RuleName: + description: The ARN of the sampling rule. Specify a rule by either name or ARN, but not both. + type: string + minLength: 1 + maxLength: 32 + RuleARN: + description: The ARN of the sampling rule. Specify a rule by either name or ARN, but not both. + type: string + x-stackQL-resources: + groups: + name: groups + id: awscc.xray.groups + x-cfn-schema-name: Group + x-type: list + x-identifiers: + - GroupARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.GroupARN') as group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::XRay::Group' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'GroupARN') as group_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::XRay::Group' + AND region = 'us-east-1' + group: + name: group + id: awscc.xray.group + x-cfn-schema-name: Group + x-type: get + x-identifiers: + - GroupARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.FilterExpression') as filter_expression, + JSON_EXTRACT(Properties, '$.GroupName') as group_name, + JSON_EXTRACT(Properties, '$.GroupARN') as group_arn, + JSON_EXTRACT(Properties, '$.InsightsConfiguration') as insights_configuration, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::XRay::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'FilterExpression') as filter_expression, + json_extract_path_text(Properties, 'GroupName') as group_name, + json_extract_path_text(Properties, 'GroupARN') as group_arn, + json_extract_path_text(Properties, 'InsightsConfiguration') as insights_configuration, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::XRay::Group' + AND data__Identifier = '' + AND region = 'us-east-1' + resource_policies: + name: resource_policies + id: awscc.xray.resource_policies + x-cfn-schema-name: ResourcePolicy + x-type: list + x-identifiers: + - PolicyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::XRay::ResourcePolicy' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::XRay::ResourcePolicy' + AND region = 'us-east-1' + resource_policy: + name: resource_policy + id: awscc.xray.resource_policy + x-cfn-schema-name: ResourcePolicy + x-type: get + x-identifiers: + - PolicyName + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.PolicyName') as policy_name, + JSON_EXTRACT(Properties, '$.PolicyDocument') as policy_document, + JSON_EXTRACT(Properties, '$.BypassPolicyLockoutCheck') as bypass_policy_lockout_check + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::XRay::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'PolicyName') as policy_name, + json_extract_path_text(Properties, 'PolicyDocument') as policy_document, + json_extract_path_text(Properties, 'BypassPolicyLockoutCheck') as bypass_policy_lockout_check + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::XRay::ResourcePolicy' + AND data__Identifier = '' + AND region = 'us-east-1' + sampling_rules: + name: sampling_rules + id: awscc.xray.sampling_rules + x-cfn-schema-name: SamplingRule + x-type: list + x-identifiers: + - RuleARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.RuleARN') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::XRay::SamplingRule' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'RuleARN') as rule_arn + FROM awscc.cloud_control.resources WHERE data__TypeName = 'AWS::XRay::SamplingRule' + AND region = 'us-east-1' + sampling_rule: + name: sampling_rule + id: awscc.xray.sampling_rule + x-cfn-schema-name: SamplingRule + x-type: get + x-identifiers: + - RuleARN + config: + views: + select: + predicate: sqlDialect == "sqlite3" + ddl: |- + SELECT + region, + JSON_EXTRACT(Properties, '$.SamplingRule') as sampling_rule, + JSON_EXTRACT(Properties, '$.SamplingRuleRecord') as sampling_rule_record, + JSON_EXTRACT(Properties, '$.SamplingRuleUpdate') as sampling_rule_update, + JSON_EXTRACT(Properties, '$.RuleARN') as rule_arn, + JSON_EXTRACT(Properties, '$.RuleName') as rule_name, + JSON_EXTRACT(Properties, '$.Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::XRay::SamplingRule' + AND data__Identifier = '' + AND region = 'us-east-1' + fallback: + predicate: sqlDialect == "postgres" + ddl: |- + SELECT + region, + json_extract_path_text(Properties, 'SamplingRule') as sampling_rule, + json_extract_path_text(Properties, 'SamplingRuleRecord') as sampling_rule_record, + json_extract_path_text(Properties, 'SamplingRuleUpdate') as sampling_rule_update, + json_extract_path_text(Properties, 'RuleARN') as rule_arn, + json_extract_path_text(Properties, 'RuleName') as rule_name, + json_extract_path_text(Properties, 'Tags') as tags + FROM awscc.cloud_control.resource WHERE data__TypeName = 'AWS::XRay::SamplingRule' + AND data__Identifier = '' + AND region = 'us-east-1' diff --git a/scripts/setup/get-updated-providers.py b/scripts/setup/get-updated-providers.py index 07d1a9e4..f335088c 100644 --- a/scripts/setup/get-updated-providers.py +++ b/scripts/setup/get-updated-providers.py @@ -58,6 +58,7 @@ # write list of providers to a text file with open('providers.txt', 'w') as f: for provider in providers: + print(provider['provider']) f.write("%s\n" % (provider['provider'])) # write list of provider dirs to a text file