Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(sources): update documentation #1506

Merged
merged 1 commit into from
Dec 18, 2024
Merged

feat(sources): update documentation #1506

merged 1 commit into from
Dec 18, 2024

Conversation

aws-cdk-automation
Copy link
Contributor

⚠️ This Pull Request updates daily and will overwrite all manual changes pushed to the branch

Updates the documentation source from upstream. See details in workflow run.

Automatically created by projen via the "update-source-documentation" workflow

feat(sources): update documentation
7371dd4 
> ⚠️ This Pull Request updates daily and will overwrite **all** manual changes pushed to the branch

Updates the documentation source from upstream. See details in [workflow run].

[Workflow Run]: https://github.com/cdklabs/awscdk-service-spec/actions/runs/12385722069

------

*Automatically created by projen via the "update-source-documentation" workflow*

Signed-off-by: github-actions <[email protected]>
@github-actions GitHub Actions
Copy link

To work on this Pull Request, please create a new branch and PR. This prevents your work from being deleted by the automation.

Run the following commands inside the repo:

gh co 1506
git switch -c fix-pr-1506 && git push -u origin HEAD
gh pr create -t "fix: PR #1506" --body "Fixes https://github.com/cdklabs/awscdk-service-spec/pull/1506"

@github-actions GitHub Actions
Copy link

@aws-cdk/aws-service-spec: Model database diff detected

├[~] service aws-cassandra
│ └ resources
│    └[~] resource AWS::Cassandra::Type
│      └  - documentation: Resource schema for AWS::Cassandra::Type
│         + documentation: The `CreateType` operation creates a new user-defined type in the specified keyspace.
│         To configure the required permissions, see [Permissions to create a UDT](https://docs.aws.amazon.com/keyspaces/latest/devguide/configure-udt-permissions.html#udt-permissions-create) in the *Amazon Keyspaces Developer Guide* .
│         For more information, see [User-defined types (UDTs)](https://docs.aws.amazon.com/keyspaces/latest/devguide/udts.html) in the *Amazon Keyspaces Developer Guide* .
├[~] service aws-dlm
│ └ resources
│    └[~] resource AWS::DLM::LifecyclePolicy
│      └ types
│         ├[~] type CreateRule
│         │ └ properties
│         │    └ Location: (documentation changed)
│         ├[~] type PolicyDetails
│         │ └ properties
│         │    └ ResourceLocations: (documentation changed)
│         └[~] type Schedule
│           └ properties
│              └ CrossRegionCopyRules: (documentation changed)
├[~] service aws-efs
│ └ resources
│    └[~] resource AWS::EFS::FileSystem
│      └ types
│         └[~] type ReplicationDestination
│           └ properties
│              ├ RoleArn: (documentation changed)
│              ├ Status: (documentation changed)
│              └ StatusMessage: (documentation changed)
├[~] service aws-eks
│ └ resources
│    └[~] resource AWS::EKS::Nodegroup
│      ├ properties
│      │  └ NodeRepairConfig: (documentation changed)
│      └ types
│         └[~] type NodeRepairConfig
│           ├  - documentation: The node auto repair configuration for node group.
│           │  + documentation: The node auto repair configuration for the node group.
│           └ properties
│              └ Enabled: (documentation changed)
├[~] service aws-logs
│ └ resources
│    ├[~] resource AWS::Logs::Delivery
│    │ ├  - documentation: This structure contains information about one *delivery* in your account.
│    │ │  A delivery is a connection between a logical *delivery source* and a logical *delivery destination* .
│    │ │  For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│    │ │  To update an existing delivery configuration, use [UpdateDeliveryConfiguration](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateDeliveryConfiguration.html) .
│    │ │  + documentation: Use this to create or update one *delivery* in your account.
│    │ │  A delivery is a connection between a logical *delivery source* and a logical *delivery destination* .
│    │ │  For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│    │ ├ properties
│    │ │  ├ RecordFields: (documentation changed)
│    │ │  ├ S3EnableHiveCompatiblePath: (documentation changed)
│    │ │  ├ S3SuffixPath: (documentation changed)
│    │ │  └ Tags: (documentation changed)
│    │ └ attributes
│    │    └ DeliveryDestinationType: (documentation changed)
│    ├[~] resource AWS::Logs::DeliveryDestination
│    │ ├  - documentation: This structure contains information about one *delivery destination* in your account. A delivery destination is an AWS resource that represents an AWS service that logs can be sent to. CloudWatch Logs, Amazon S3, are supported as Firehose delivery destinations.
│    │ │  To configure logs delivery between a supported AWS service and a destination, you must do the following:
│    │ │  - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see [PutDeliverySource](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) .
│    │ │  - Create a *delivery destination* , which is a logical object that represents the actual delivery destination.
│    │ │  - If you are delivering logs cross-account, you must use [PutDeliveryDestinationPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) in the destination account to assign an IAM policy to the destination. This policy allows delivery to that destination.
│    │ │  - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│    │ │  You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│    │ │  + documentation: Cretes or updates one *delivery destination* in your account. A delivery destination is an AWS resource that represents an AWS service that logs can be sent to. CloudWatch Logs , Amazon S3 , or Firehose are supported as delivery destinations.
│    │ │  To configure logs delivery between a supported AWS service and a destination, you must do the following:
│    │ │  - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see [AWS::Logs::DeliverySource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-deliverysource.html) and [PutDeliverySource](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) .
│    │ │  - Create a *delivery destination* , which is a logical object that represents the actual delivery destination.
│    │ │  - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [AWS::Logs::Delivery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-delivery.html) or [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│    │ │  You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│    │ ├ properties
│    │ │  ├ DeliveryDestinationPolicy: (documentation changed)
│    │ │  ├ DestinationResourceArn: (documentation changed)
│    │ │  └ Tags: (documentation changed)
│    │ └ attributes
│    │    └ DeliveryDestinationType: (documentation changed)
│    ├[~] resource AWS::Logs::DeliverySource
│    │ └  - documentation: This structure contains information about one *delivery source* in your account. A delivery source is an AWS resource that sends logs to an AWS destination. The destination can be CloudWatch Logs, Amazon S3, or Firehose.
│    │    Only some AWS services support being configured as a delivery source. These services are listed as *Supported [V2 Permissions]* in the table at [Enabling logging from AWS services.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html)
│    │    To configure logs delivery between a supported AWS service and a destination, you must do the following:
│    │    - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see [PutDeliverySource](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) .
│    │    - Create a *delivery destination* , which is a logical object that represents the actual delivery destination. For more information, see [PutDeliveryDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html) .
│    │    - If you are delivering logs cross-account, you must use [PutDeliveryDestinationPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) in the destination account to assign an IAM policy to the destination. This policy allows delivery to that destination.
│    │    - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│    │    You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│    │    + documentation: Creates or updates one *delivery source* in your account. A delivery source is an AWS resource that sends logs to an AWS destination. The destination can be CloudWatch Logs , Amazon S3 , or Firehose .
│    │    Only some AWS services support being configured as a delivery source. These services are listed as *Supported [V2 Permissions]* in the table at [Enabling logging from AWS services.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html)
│    │    To configure logs delivery between a supported AWS service and a destination, you must do the following:
│    │    - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs.
│    │    - Create a *delivery destination* , which is a logical object that represents the actual delivery destination. For more information, see [AWS::Logs::DeliveryDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-deliverydestination.html) or [PutDeliveryDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html) .
│    │    - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [AWS::Logs::Delivery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-delivery.html) or [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│    │    You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│    └[~] resource AWS::Logs::Integration
│      ├ attributes
│      │  └ IntegrationStatus: (documentation changed)
│      └ types
│         └[~] type OpenSearchResourceConfig
│           └ properties
│              ├ DashboardViewerPrincipals: (documentation changed)
│              └ DataSourceRoleArn: (documentation changed)
└[~] service aws-s3
  └ resources
     ├[~] resource AWS::S3::Bucket
     │ └ types
     │    └[~] type ServerSideEncryptionByDefault
     │      └  - documentation: Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) .
     │         > - *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key ( `aws/s3` ) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS.
     │         > - *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported.
     │         > - *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.
     │         + documentation: Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) .
     │         > - *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key ( `aws/s3` ) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS.
     │         > - *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported.
     │         > - *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.
     └[~] resource AWS::S3::BucketPolicy
       └  - documentation: Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the `PutBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.
          If you don't have `PutBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error.
          > As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action. 
          For more information, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) .
          The following operations are related to `PutBucketPolicy` :
          - [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
          - [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
          + documentation: Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the `PutBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.
          If you don't have `PutBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error.
          > As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action. 
          When using the `AWS::S3::BucketPolicy` resource, you can create, update, and delete bucket policies for S3 buckets located in regions different from the stack's region. This cross-region bucket policy modification functionality is supported for backward compatibility with existing workflows.
          > If the [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) is not specified or set to `Delete` , the bucket policy will be removed when the stack is deleted. If set to `Retain` , the bucket policy will be preserved even after the stack is deleted. 
          For example, a CloudFormation stack in `us-east-1` can use the `AWS::S3::BucketPolicy` resource to manage the bucket policy for an S3 bucket in `us-west-2` . The retention or removal of the bucket policy during the stack deletion is determined by the `DeletionPolicy` attribute specified in the stack template.
          For more information, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) .
          The following operations are related to `PutBucketPolicy` :
          - [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
          - [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)

@aws-cdk-automation aws-cdk-automation added this pull request to the merge queue Dec 18, 2024
Merged via the queue into main with commit d5c4f2b Dec 18, 2024
11 checks passed
@aws-cdk-automation aws-cdk-automation deleted the update-source/documentation branch December 18, 2024 03:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
auto-approve
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aws-cdk-automation