From 013a04d26d64747a4743c2a2d3d3a98cd0178789 Mon Sep 17 00:00:00 2001 From: Kevin DeJong Date: Fri, 2 Feb 2024 09:38:53 -0800 Subject: [PATCH] Bring in testing for cfnLint keyword --- ...5a0d14c62111ff864923fc7b7960dda6.meta.json | 2 +- ...2b6653d7edfe98a64577daae0b481c38.meta.json | 2 +- ...5e4752bbc10d9552de8df8f81348c42b.meta.json | 2 +- ...63a1bf4413531ad420ff60a5a0d7965d.meta.json | 2 +- ...4cfc32461d10e077e7e5de1fc25d8b8f.meta.json | 2 +- ...d3fe2e7838c23f6acd054944cb2b1618.meta.json | 2 +- ...7e9907e4a512c10ddae70b98b4dada43.meta.json | 2 +- ...3fbf0a0fb76625ba46dbe42abd34333c.meta.json | 2 +- ...376aa3fe15197e3bb0e9290ff8719b4e.meta.json | 2 +- ...f60a7b5acfc406ebb10d5748cbb8ed41.meta.json | 2 +- ...f35136af536e92a84ccbaf062c315066.meta.json | 2 +- ...04470222e5e4c690bacef5312891581d.meta.json | 2 +- ...646b563d773e34b020d0ddeab2fe195b.meta.json | 2 +- ...548d44cc32e246ec9d7742088a2c17f8.meta.json | 2 +- ...98ac34d4109512e0e0947ef752dcb9c9.meta.json | 2 +- ...7e4a4542365d35fd75466abcf306eeca.meta.json | 2 +- ...69b7533eabab32ecfc0a00cb19e55a5f.meta.json | 2 +- ...e783fe32b6bb6b13774c32fcca1d303a.meta.json | 2 +- ...05f2567698dfdfa979bf0ccdb68cb856.meta.json | 2 +- ...92030ae5c03d7451980a15735e557edb.meta.json | 2 +- ...6bb7f975b606f8db57532faddfcdd8c8.meta.json | 2 +- ...73ff097c685cda0a63c08a6416dc58ed.meta.json | 2 +- ...25c8d66a1f84939600616bab42579541.meta.json | 2 +- ...972142778e1ff452383ede2ad4bac3d7.meta.json | 2 +- ...26b315ef6f38515840537c02de23abe2.meta.json | 2 +- ...cf908a34e6b4c3fb3e97e2b584f651ca.meta.json | 2 +- ...318c41c71c21b0a17d4f68d82c5aee21.meta.json | 2 +- ...6cd7e4ced378cacdb93f76ed227b5c5d.meta.json | 2 +- ...b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json | 2 +- ...41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json | 2 +- ...e50a1638ffe0a5dba0d8805c190a05f8.meta.json | 2 +- ...3b69878d351cffd417dc9a457df808af.meta.json | 2 +- .../aws_namespace_period.json | 21 +- .../billingmode_exclusive.json | 22 +- .../extensions/aws_ecs_service/fargate.json | 10 +- .../containerdefinitions_essential.json | 18 +- .../logging_configuration.json | 6 +- .../eventsourcearn_sqs_exclusive.json | 34 +- .../eventsourcearn_stream_inclusive.json | 13 +- .../zipfile_runtime_enum.json | 17 +- .../zipfile_runtime_exists.json | 21 +- .../serverless_exclusive.json | 18 +- .../aws_rds_dbinstance/aurora_exclusive.json | 58 +- .../backupretentionperiod.json | 5 +- .../healthcheckconfig_type_inclusive.json | 13 +- .../data/schemas/other/iam/policy.json | 8 +- .../all/aws_amazonmq_broker/cfn_lint.json | 2 +- .../all/aws_appstream_fleet/cfn_lint.json | 2 +- .../aws_types.json | 12 - .../cfn_lint.json | 9 + .../all/aws_backup_backupplan/cfn_lint.json | 2 +- .../aws_backup_backupselection/aws_types.json | 7 - .../aws_backup_backupselection/cfn_lint.json | 9 + .../aws_types.json | 12 - .../cfn_lint.json | 16 + .../all/aws_cloudwatch_alarm/cfn_lint.json | 2 +- .../all/aws_dax_cluster/aws_types.json | 12 - .../all/aws_dax_cluster/cfn_lint.json | 9 +- .../aws_types.json | 9 - .../aws_dms_replicationinstance/cfn_lint.json | 9 + .../all/aws_docdb_dbcluster/cfn_lint.json | 9 + .../all/aws_docdb_dbinstance/cfn_lint.json | 2 +- .../all/aws_dynamodb_table/cfn_lint.json | 2 +- .../all/aws_ec2_host/aws_types.json | 9 - .../extensions/all/aws_ec2_host/cfn_lint.json | 9 + .../all/aws_ec2_instance/aws_types.json | 9 - .../all/aws_ec2_instance/cfn_lint.json | 9 +- .../all/aws_ec2_launchtemplate/aws_types.json | 9 - .../all/aws_ec2_launchtemplate/cfn_lint.json | 9 + .../all/aws_ec2_securitygroup/cfn_lint.json | 8 +- .../aws_ec2_securitygroupegress/cfn_lint.json | 4 +- .../cfn_lint.json | 4 +- .../all/aws_ec2_spotfleet/aws_types.json | 23 - .../all/aws_ec2_spotfleet/cfn_lint.json | 30 + .../all/aws_ec2_subnet/aws_types.json | 7 - .../all/aws_ec2_subnet/cfn_lint.json | 9 + .../all/aws_ec2_volume/aws_types.json | 7 - .../all/aws_ec2_volume/cfn_lint.json | 9 + .../all/aws_ecr_repository/aws_types.json | 6 +- .../all/aws_ecs_service/cfn_lint.json | 2 +- .../all/aws_ecs_taskdefinition/aws_types.json | 7 - .../all/aws_ecs_taskdefinition/cfn_lint.json | 11 +- .../cfn_lint.json | 2 +- .../aws_types.json | 12 - .../cfn_lint.json | 9 + .../aws_types.json | 7 - .../cfn_lint.json | 9 + .../aws_elasticsearch_domain/cfn_lint.json | 2 +- .../all/aws_emr_cluster/aws_types.json | 7 - .../all/aws_emr_cluster/cfn_lint.json | 12 +- .../all/aws_gamelift_fleet/cfn_lint.json | 2 +- .../all/aws_glue_connection/aws_types.json | 7 - .../all/aws_glue_connection/cfn_lint.json | 9 + .../all/aws_iam_group/aws_types.json | 6 +- .../all/aws_iam_managedpolicy/aws_types.json | 6 +- .../all/aws_iam_policy/aws_types.json | 6 +- .../all/aws_iam_role/aws_types.json | 6 +- .../all/aws_iam_user/aws_types.json | 6 +- .../all/aws_kinesis_stream/cfn_lint.json | 9 + .../extensions/all/aws_kms_key/aws_types.json | 6 +- .../cfn_lint.json | 3 +- .../all/aws_lambda_function/cfn_lint.json | 5 +- .../aws_managedblockchain_node/cfn_lint.json | 2 +- .../all/aws_neptune_dbinstance/cfn_lint.json | 2 +- .../aws_types.json | 6 +- .../all/aws_opsworks_instance/aws_types.json | 7 - .../all/aws_opsworks_instance/cfn_lint.json | 9 + .../all/aws_rds_dbcluster/aws_types.json | 12 - .../all/aws_rds_dbcluster/cfn_lint.json | 9 +- .../all/aws_rds_dbinstance/aws_types.json | 7 - .../all/aws_rds_dbinstance/cfn_lint.json | 11 +- .../all/aws_redshift_cluster/cfn_lint.json | 7 +- .../all/aws_route53_healthcheck/cfn_lint.json | 2 +- .../all/aws_s3_bucket/aws_types.json | 7 - .../all/aws_s3_bucket/cfn_lint.json | 9 + .../all/aws_s3_bucketpolicy/aws_types.json | 6 +- .../all/aws_sns_topicpolicy/aws_types.json | 6 +- .../all/aws_sqs_queue/cfn_lint.json | 9 + .../all/aws_sqs_queuepolicy/aws_types.json | 6 +- .../all/aws_sso_permissionset/aws_types.json | 6 +- .../all/aws_synthetics_canary/__init__.py | 0 .../all/aws_synthetics_canary/cfn_lint.json | 9 + .../__init__.py | 0 .../readonlyproperties.json | 13 + .../schemas/providers/af_south_1/__init__.py | 24 +- .../af_south_1/aws-amazonmq-broker.json | 2 +- .../af_south_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1 - .../aws-cognito-userpoolidentityprovider.json | 3 - .../aws-config-configurationaggregator.json | 161 -- .../aws-dynamodb-globaltable.json | 8 - .../aws-dynamodb-table.json | 10 +- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../af_south_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../providers/af_south_1/aws-eks-addon.json | 148 -- .../af_south_1/aws-gamelift-fleet.json | 2 +- .../af_south_1/aws-guardduty-filter.json | 145 -- .../af_south_1/aws-opsworks-instance.json | 4 +- .../af_south_1/aws-redshift-cluster.json | 3 +- .../af_south_1/aws-route53-healthcheck.json | 2 +- .../schemas/providers/ap_east_1/__init__.py | 6 +- .../ap_east_1/aws-amazonmq-broker.json | 2 +- .../ap_east_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-config-configurationaggregator.json | 161 -- .../ap_east_1/aws-docdb-dbcluster.json | 3 + .../aws-ec2-gatewayroutetableassociation.json | 58 + .../ap_east_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../ap_east_1/aws-gamelift-fleet.json | 2 +- .../ap_east_1/aws-neptune-dbinstance.json | 2 +- .../ap_east_1/aws-redshift-cluster.json | 3 +- .../providers/ap_northeast_1/__init__.py | 7 +- .../aws-apprunner-vpcconnector.json | 119 - .../aws-ec2-gatewayroutetableassociation.json | 58 + .../ap_northeast_1/aws-location-map.json | 4 +- .../ap_northeast_1/aws-location-tracker.json | 191 ++ .../aws-location-trackerconsumer.json | 60 + .../aws-neptune-dbinstance.json | 2 +- .../providers/ap_northeast_2/__init__.py | 29 +- .../ap_northeast_2/aws-amazonmq-broker.json | 341 --- .../aws-amplifyuibuilder-component.json | 567 +++++ .../aws-amplifyuibuilder-form.json | 546 +++++ .../aws-amplifyuibuilder-theme.json | 149 ++ .../ap_northeast_2/aws-aps-workspace.json | 166 -- .../ap_northeast_2/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-docdbelastic-cluster.json | 201 ++ .../aws-dynamodb-globaltable.json | 8 - .../aws-dynamodb-table.json | 10 +- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../aws-ec2-launchtemplate.json | 1240 +++++++++++ .../ap_northeast_2/aws-eks-addon.json | 148 -- .../ap_northeast_2/aws-guardduty-filter.json | 145 -- .../aws-neptune-dbinstance.json | 2 +- .../providers/ap_northeast_3/__init__.py | 22 +- .../ap_northeast_3/aws-amazonmq-broker.json | 2 +- .../ap_northeast_3/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-cognito-userpoolidentityprovider.json | 59 - .../aws-ec2-gatewayroutetableassociation.json | 58 + .../ap_northeast_3/aws-gamelift-fleet.json | 2 +- .../aws-iam-servercertificate.json | 132 ++ .../ap_northeast_3/aws-redshift-cluster.json | 3 +- .../schemas/providers/ap_south_1/__init__.py | 19 +- .../ap_south_1/aws-amazonmq-broker.json | 341 --- .../aws-apprunner-vpcconnector.json | 119 - .../ap_south_1/aws-aps-workspace.json | 166 -- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../aws-location-geofencecollection.json | 174 ++ .../ap_south_1/aws-neptune-dbinstance.json | 2 +- .../providers/ap_south_1/aws-wafv2-ipset.json | 166 ++ .../ap_south_1/aws-wafv2-regexpatternset.json | 134 ++ .../ap_south_1/aws-wafv2-rulegroup.json | 1432 ++++++++++++ .../schemas/providers/ap_south_2/__init__.py | 4 +- .../ap_south_2/aws-amazonmq-broker.json | 2 +- .../ap_south_2/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-config-configurationaggregator.json | 161 -- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/ap_south_2/aws-ec2-host.json | 4 +- .../ap_south_2/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../ap_south_2/aws-ec2-spotfleet.json | 12 +- .../ap_south_2/aws-gamelift-fleet.json | 2 +- .../ap_south_2/aws-opsworks-instance.json | 4 +- .../ap_south_2/aws-redshift-cluster.json | 3 +- .../ap_south_2/aws-route53-healthcheck.json | 2 +- .../providers/ap_southeast_1/__init__.py | 5 +- .../aws-apprunner-vpcconnector.json | 119 - .../aws-ec2-gatewayroutetableassociation.json | 58 + .../aws-neptune-dbinstance.json | 2 +- .../providers/ap_southeast_2/__init__.py | 5 +- .../aws-apprunner-vpcconnector.json | 119 - .../aws-aps-rulegroupsnamespace.json | 129 -- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../aws-neptune-dbinstance.json | 2 +- .../providers/ap_southeast_3/__init__.py | 30 +- .../ap_southeast_3/aws-amazonmq-broker.json | 2 +- .../ap_southeast_3/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-cognito-userpoolidentityprovider.json | 3 - .../aws-config-configurationaggregator.json | 161 -- .../aws-dynamodb-globaltable.json | 579 +++++ .../ap_southeast_3/aws-dynamodb-table.json | 540 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../ap_southeast_3/aws-ec2-host.json | 4 +- .../aws-ec2-launchtemplate.json | 1240 +++++++++++ .../ap_southeast_3/aws-eks-addon.json | 148 -- .../ap_southeast_3/aws-gamelift-fleet.json | 2 +- .../ap_southeast_3/aws-guardduty-filter.json | 145 -- .../ap_southeast_3/aws-iam-oidcprovider.json | 125 ++ .../aws-iam-samlprovider.json} | 80 +- .../aws-iam-servercertificate.json | 132 ++ .../ap_southeast_3/aws-opsworks-instance.json | 4 +- .../ap_southeast_3/aws-redshift-cluster.json | 3 +- .../aws-route53-healthcheck.json | 2 +- .../ap_southeast_3/aws-ssm-document.json | 236 -- .../providers/ap_southeast_4/__init__.py | 9 +- .../ap_southeast_4/aws-amazonmq-broker.json | 2 +- .../ap_southeast_4/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-config-configurationaggregator.json | 161 -- .../aws-dynamodb-globaltable.json | 579 +++++ .../ap_southeast_4/aws-dynamodb-table.json | 540 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../ap_southeast_4/aws-ec2-host.json | 4 +- .../aws-ec2-launchtemplate.json | 1240 +++++++++++ .../ap_southeast_4/aws-ec2-spotfleet.json | 12 +- .../ap_southeast_4/aws-ec2-volume.json | 4 +- .../ap_southeast_4/aws-ecs-taskset.json | 215 -- .../ap_southeast_4/aws-eks-addon.json | 148 -- ...ws-elasticloadbalancingv2-targetgroup.json | 175 -- .../ap_southeast_4/aws-gamelift-fleet.json | 2 +- .../ap_southeast_4/aws-opsworks-instance.json | 4 +- .../ap_southeast_4/aws-redshift-cluster.json | 3 +- .../aws-route53-healthcheck.json | 2 +- .../providers/ca_central_1/__init__.py | 17 +- .../ca_central_1/aws-amazonmq-broker.json | 2 +- .../ca_central_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ ...o-userpoolriskconfigurationattachment.json | 215 ++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../ca_central_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../aws-location-geofencecollection.json | 174 ++ .../ca_central_1/aws-sagemaker-space.json | 465 ---- .../schemas/providers/ca_west_1/__init__.py | 19 +- .../ca_west_1/aws-cloudwatch-alarm.json | 2 +- .../ca_west_1/aws-dynamodb-globaltable.json | 579 +++++ .../ca_west_1/aws-dynamodb-table.json | 540 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/ca_west_1/aws-ec2-host.json | 4 +- .../ca_west_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../providers/ca_west_1/aws-ec2-subnet.json | 4 +- .../providers/ca_west_1/aws-ec2-volume.json | 4 +- .../providers/ca_west_1/aws-eks-addon.json | 148 -- .../ca_west_1/aws-gamelift-fleet.json | 2 +- .../ca_west_1/aws-guardduty-member.json | 97 + .../providers/ca_west_1/aws-iam-group.json | 4 +- .../ca_west_1/aws-iam-managedpolicy.json | 4 +- .../providers/ca_west_1/aws-iam-policy.json | 4 +- .../providers/ca_west_1/aws-iam-role.json | 4 +- .../providers/ca_west_1/aws-iam-user.json | 4 +- .../aws-lambda-eventsourcemapping.json | 3 +- .../aws-opensearchservice-domain.json | 4 +- .../ca_west_1/aws-opsworks-instance.json | 4 +- .../ca_west_1/aws-redshift-cluster.json | 3 +- .../ca_west_1/aws-route53-healthcheck.json | 2 +- .../ca_west_1/aws-sns-topicpolicy.json | 4 +- .../schemas/providers/cn_north_1/__init__.py | 12 +- .../cn_north_1/aws-amazonmq-broker.json | 341 --- .../cn_north_1/aws-backup-backupplan.json | 2 +- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../cn_north_1/aws-iam-managedpolicy.json | 4 +- .../cn_north_1/aws-kinesis-stream.json | 3 + .../cn_north_1/aws-redshift-cluster.json | 3 +- .../cn_north_1/aws-route53-healthcheck.json | 2 +- .../aws-sagemaker-app.json | 4 +- .../aws-sagemaker-appimageconfig.json | 91 +- .../aws-sagemaker-domain.json | 31 - .../providers/cn_north_1/aws-wafv2-ipset.json | 166 ++ .../aws-wafv2-loggingconfiguration.json | 238 ++ .../cn_north_1/aws-wafv2-regexpatternset.json | 134 ++ .../cn_north_1/aws-wafv2-rulegroup.json | 6 + .../cn_north_1/aws-wafv2-webacl.json | 1970 +++++++++++++++++ .../aws-wafv2-webaclassociation.json | 125 ++ .../providers/cn_northwest_1/__init__.py | 12 +- .../cn_northwest_1/aws-amazonmq-broker.json | 2 +- .../cn_northwest_1/aws-appstream-fleet.json | 2 +- .../cn_northwest_1/aws-backup-backupplan.json | 2 +- .../aws-dynamodb-globaltable.json | 579 +++++ .../cn_northwest_1/aws-dynamodb-table.json | 540 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../aws-ec2-launchtemplate.json | 1240 +++++++++++ .../aws-ec2-subnetcidrblock.json | 69 - .../cn_northwest_1/aws-ecs-taskset.json | 215 -- .../cn_northwest_1/aws-eks-addon.json | 148 -- .../aws-elasticloadbalancingv2-listener.json | 346 --- ...s-elasticloadbalancingv2-listenerrule.json | 430 ---- ...s-elasticloadbalancingv2-loadbalancer.json | 205 -- .../cn_northwest_1/aws-kinesis-stream.json | 3 + .../aws-neptune-dbinstance.json | 2 +- .../cn_northwest_1/aws-redshift-cluster.json | 3 +- .../aws-route53-healthcheck.json | 2 +- .../providers/eu_central_1/__init__.py | 20 +- .../eu_central_1/aws-amazonmq-broker.json | 341 --- .../aws-apprunner-vpcconnector.json | 119 - .../aws-connect-hoursofoperation.json | 195 -- .../aws-connect-quickconnect.json | 237 -- .../eu_central_1/aws-connect-user.json | 295 --- .../aws-connect-userhierarchygroup.json | 128 -- .../aws-ec2-securitygroupingress.json | 130 ++ .../eu_central_1/aws-ec2-subnet.json | 187 ++ .../aws-ec2-transitgatewayroute.json | 80 + .../eu_central_1/aws-ecs-taskdefinition.json | 950 ++++++++ .../eu_central_1/aws-iam-managedpolicy.json | 4 +- .../aws-inspectorv2-cisscanconfiguration.json | 239 -- .../eu_central_1/aws-iot-topicrule.json | 1005 +++++++++ .../aws-location-geofencecollection.json | 174 ++ .../aws-managedblockchain-node.json | 2 +- .../eu_central_1/aws-s3-accesspoint.json | 152 ++ ...ws-verifiedpermissions-identitysource.json | 201 ++ ...ws-verifiedpermissions-policytemplate.json | 103 + .../eu_central_1/aws-wafv2-webacl.json | 1970 +++++++++++++++++ .../providers/eu_central_2/__init__.py | 21 +- .../eu_central_2/aws-amazonmq-broker.json | 2 +- .../eu_central_2/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-config-configurationaggregator.json | 161 -- .../aws-dynamodb-globaltable.json | 579 +++++ .../eu_central_2/aws-dynamodb-table.json | 540 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/eu_central_2/aws-ec2-host.json | 4 +- .../eu_central_2/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../eu_central_2/aws-ec2-spotfleet.json | 12 +- .../eu_central_2/aws-ecs-taskset.json | 215 -- .../providers/eu_central_2/aws-eks-addon.json | 148 -- .../eu_central_2/aws-gamelift-fleet.json | 2 +- .../eu_central_2/aws-guardduty-filter.json | 145 -- .../eu_central_2/aws-opsworks-instance.json | 4 +- .../eu_central_2/aws-redshift-cluster.json | 3 +- .../eu_central_2/aws-route53-healthcheck.json | 2 +- .../schemas/providers/eu_north_1/__init__.py | 15 +- .../eu_north_1/aws-amazonmq-broker.json | 2 +- .../eu_north_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ ...odegurureviewer-repositoryassociation.json | 145 -- .../eu_north_1/aws-ec2-clientvpnendpoint.json | 250 +++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../eu_north_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../eu_north_1/aws-gamelift-fleet.json | 2 +- .../aws-location-geofencecollection.json | 174 ++ .../eu_north_1/aws-neptune-dbinstance.json | 2 +- .../schemas/providers/eu_south_1/__init__.py | 13 +- .../eu_south_1/aws-amazonmq-broker.json | 2 +- .../aws-amplifyuibuilder-component.json | 567 +++++ .../eu_south_1/aws-amplifyuibuilder-form.json | 546 +++++ .../aws-amplifyuibuilder-theme.json | 149 ++ .../eu_south_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-config-configurationaggregator.json | 161 -- .../eu_south_1/aws-dynamodb-globaltable.json | 579 +++++ .../eu_south_1/aws-dynamodb-table.json | 540 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../eu_south_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../providers/eu_south_1/aws-eks-addon.json | 148 -- .../eu_south_1/aws-gamelift-fleet.json | 2 +- .../eu_south_1/aws-guardduty-filter.json | 145 -- .../eu_south_1/aws-opsworks-instance.json | 4 +- .../eu_south_1/aws-redshift-cluster.json | 3 +- .../eu_south_1/aws-route53-healthcheck.json | 2 +- .../schemas/providers/eu_south_2/__init__.py | 19 +- .../eu_south_2/aws-amazonmq-broker.json | 2 +- .../eu_south_2/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-config-configurationaggregator.json | 161 -- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/eu_south_2/aws-ec2-host.json | 4 +- .../eu_south_2/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../eu_south_2/aws-gamelift-fleet.json | 2 +- .../eu_south_2/aws-opsworks-instance.json | 4 +- .../eu_south_2/aws-redshift-cluster.json | 3 +- .../eu_south_2/aws-route53-healthcheck.json | 2 +- .../eu_south_2/aws-sagemaker-app.json | 221 -- .../schemas/providers/eu_west_1/__init__.py | 8 +- .../eu_west_1/aws-apprunner-vpcconnector.json | 119 - .../eu_west_1/aws-backup-backupplan.json | 2 +- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/eu_west_1/aws-wafv2-ipset.json | 166 ++ .../eu_west_1/aws-wafv2-regexpatternset.json | 134 ++ .../schemas/providers/eu_west_2/__init__.py | 13 +- .../eu_west_2/aws-amazonmq-broker.json | 2 +- .../eu_west_2/aws-apprunner-vpcconnector.json | 119 - .../eu_west_2/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../aws-location-geofencecollection.json | 174 ++ .../schemas/providers/eu_west_3/__init__.py | 6 +- .../eu_west_3/aws-amazonmq-broker.json | 2 +- .../eu_west_3/aws-apprunner-vpcconnector.json | 119 - .../eu_west_3/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../eu_west_3/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../eu_west_3/aws-gamelift-fleet.json | 2 +- .../eu_west_3/aws-neptune-dbinstance.json | 2 +- .../providers/me_central_1/__init__.py | 12 +- .../me_central_1/aws-amazonmq-broker.json | 2 +- .../me_central_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-config-configurationaggregator.json | 161 -- .../aws-dynamodb-globaltable.json | 579 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/me_central_1/aws-ec2-host.json | 4 +- .../me_central_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../me_central_1/aws-gamelift-fleet.json | 2 +- .../me_central_1/aws-iot-fleetmetric.json | 164 -- .../me_central_1/aws-opsworks-instance.json | 4 +- .../me_central_1/aws-redshift-cluster.json | 3 +- .../me_central_1/aws-route53-healthcheck.json | 2 +- .../schemas/providers/me_south_1/__init__.py | 22 +- .../me_south_1/aws-amazonmq-broker.json | 2 +- .../aws-amplifyuibuilder-component.json | 567 +++++ .../me_south_1/aws-amplifyuibuilder-form.json | 546 +++++ .../aws-amplifyuibuilder-theme.json | 149 ++ .../me_south_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../aws-cognito-userpoolidentityprovider.json | 59 - .../aws-config-configurationaggregator.json | 161 -- .../me_south_1/aws-dynamodb-globaltable.json | 579 +++++ .../me_south_1/aws-dynamodb-table.json | 540 +++++ .../me_south_1/aws-ec2-clientvpnendpoint.json | 250 +++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../me_south_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../providers/me_south_1/aws-eks-addon.json | 148 -- .../me_south_1/aws-gamelift-fleet.json | 2 +- .../me_south_1/aws-guardduty-filter.json | 145 -- .../me_south_1/aws-iam-oidcprovider.json | 125 ++ .../aws-iam-samlprovider.json} | 80 +- .../me_south_1/aws-iam-servercertificate.json | 132 ++ .../me_south_1/aws-redshift-cluster.json | 3 +- .../me_south_1/aws-sagemaker-domain.json | 814 ------- .../me_south_1/aws-sagemaker-space.json | 465 ---- .../schemas/providers/sa_east_1/__init__.py | 13 +- .../sa_east_1/aws-amazonmq-broker.json | 341 --- .../aws-location-geofencecollection.json | 174 ++ .../sa_east_1/aws-neptune-dbinstance.json | 2 +- .../providers/sa_east_1/aws-wafv2-ipset.json | 166 ++ .../sa_east_1/aws-wafv2-regexpatternset.json | 134 ++ .../sa_east_1/aws-wafv2-rulegroup.json | 1432 ++++++++++++ .../schemas/providers/us_east_1/__init__.py | 2 + .../us_east_1/aws-amazonmq-broker.json | 2 +- .../aws-amplifyuibuilder-component.json | 52 +- .../us_east_1/aws-amplifyuibuilder-form.json | 91 +- .../us_east_1/aws-amplifyuibuilder-theme.json | 39 +- .../us_east_1/aws-apprunner-vpcconnector.json | 1 + .../us_east_1/aws-appstream-fleet.json | 2 +- .../aws-autoscaling-autoscalinggroup.json | 5 +- .../us_east_1/aws-backup-backupplan.json | 2 +- .../us_east_1/aws-backup-backupselection.json | 4 +- .../aws-batch-computeenvironment.json | 8 +- .../us_east_1/aws-cassandra-table.json | 164 +- .../aws-cloudfront-distribution.json | 1 + .../us_east_1/aws-cloudwatch-alarm.json | 2 +- .../aws-connect-hoursofoperation.json | 7 + .../us_east_1/aws-connect-quickconnect.json | 7 + .../providers/us_east_1/aws-connect-user.json | 7 + .../aws-connect-userhierarchygroup.json | 4 + .../providers/us_east_1/aws-dax-cluster.json | 7 +- .../aws-dms-replicationinstance.json | 4 +- .../us_east_1/aws-docdb-dbcluster.json | 3 + .../us_east_1/aws-docdb-dbinstance.json | 2 +- .../us_east_1/aws-dynamodb-globaltable.json | 8 + .../us_east_1/aws-dynamodb-table.json | 10 +- .../aws-ec2-gatewayroutetableassociation.json | 6 + .../providers/us_east_1/aws-ec2-host.json | 4 +- .../providers/us_east_1/aws-ec2-instance.json | 6 +- .../us_east_1/aws-ec2-launchtemplate.json | 8 +- .../us_east_1/aws-ec2-securitygroup.json | 8 +- .../aws-ec2-securitygroupegress.json | 4 +- .../aws-ec2-securitygroupingress.json | 4 +- .../us_east_1/aws-ec2-spotfleet.json | 12 +- .../providers/us_east_1/aws-ec2-subnet.json | 4 +- .../providers/us_east_1/aws-ec2-volume.json | 4 +- .../us_east_1/aws-ecr-repository.json | 4 +- .../providers/us_east_1/aws-ecs-service.json | 2 +- .../us_east_1/aws-ecs-taskdefinition.json | 8 +- .../aws-elasticache-cachecluster.json | 2 +- ...aws-elasticloadbalancing-loadbalancer.json | 5 +- ...ws-elasticloadbalancingv2-targetgroup.json | 4 +- .../us_east_1/aws-elasticsearch-domain.json | 2 +- .../providers/us_east_1/aws-emr-cluster.json | 9 +- .../us_east_1/aws-gamelift-fleet.json | 2 +- .../us_east_1/aws-glue-connection.json | 4 +- .../aws-glue-tableoptimizer.json | 0 .../providers/us_east_1/aws-iam-group.json | 4 +- .../us_east_1/aws-iam-managedpolicy.json | 4 +- .../providers/us_east_1/aws-iam-policy.json | 4 +- .../providers/us_east_1/aws-iam-role.json | 4 +- .../providers/us_east_1/aws-iam-user.json | 4 +- .../aws-inspectorv2-cisscanconfiguration.json | 0 .../us_east_1/aws-kinesis-stream.json | 3 + .../providers/us_east_1/aws-kms-key.json | 4 +- .../aws-lambda-eventsourcemapping.json | 3 +- .../us_east_1/aws-lambda-function.json | 5 +- .../aws-location-geofencecollection.json | 16 +- .../providers/us_east_1/aws-location-map.json | 10 + .../us_east_1/aws-managedblockchain-node.json | 2 +- .../us_east_1/aws-neptune-dbinstance.json | 2 +- .../aws-opensearchservice-domain.json | 4 +- .../us_east_1/aws-opsworks-instance.json | 4 +- .../us_east_1/aws-rds-dbcluster.json | 7 +- .../us_east_1/aws-rds-dbinstance.json | 8 +- .../us_east_1/aws-redshift-cluster.json | 3 +- .../us_east_1/aws-route53-healthcheck.json | 2 +- .../providers/us_east_1/aws-s3-bucket.json | 4 +- .../us_east_1/aws-s3-bucketpolicy.json | 4 +- .../us_east_1/aws-sagemaker-app.json | 4 +- .../aws-sagemaker-appimageconfig.json | 91 +- .../us_east_1/aws-sagemaker-domain.json | 31 + .../us_east_1/aws-sagemaker-space.json | 193 +- .../us_east_1/aws-sns-topicpolicy.json | 4 +- .../providers/us_east_1/aws-sqs-queue.json | 3 + .../us_east_1/aws-sqs-queuepolicy.json | 4 +- .../us_east_1/aws-sso-permissionset.json | 4 +- .../us_east_1/aws-synthetics-canary.json | 3 + .../schemas/providers/us_east_2/__init__.py | 20 +- .../us_east_2/aws-amazonmq-broker.json | 2 +- .../us_east_2/aws-apprunner-vpcconnector.json | 119 - .../us_east_2/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../us_east_2/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../us_east_2/aws-location-tracker.json | 191 ++ .../aws-location-trackerconsumer.json | 60 + .../providers/us_east_2/aws-s3-bucket.json | 1683 -------------- .../aws-sagemaker-appimageconfig.json | 261 --- .../us_east_2/aws-sagemaker-space.json | 465 ---- .../providers/us_gov_east_1/__init__.py | 26 +- .../us_gov_east_1/aws-amazonmq-broker.json | 2 +- .../aws-autoscaling-autoscalinggroup.json | 708 ------ .../us_gov_east_1/aws-backup-backupplan.json | 2 +- .../aws-config-configurationaggregator.json | 161 -- .../us_gov_east_1/aws-docdb-dbcluster.json | 3 + .../aws-dynamodb-globaltable.json | 579 +++++ .../us_gov_east_1/aws-dynamodb-table.json | 540 +++++ .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/us_gov_east_1/aws-ec2-host.json | 4 +- .../us_gov_east_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../aws-ec2-securitygroupegress.json | 4 +- .../us_gov_east_1/aws-ec2-spotfleet.json | 12 +- .../us_gov_east_1/aws-ec2-volume.json | 4 +- .../us_gov_east_1/aws-eks-addon.json | 148 -- .../us_gov_east_1/aws-gamelift-fleet.json | 2 +- .../us_gov_east_1/aws-iam-group.json | 4 +- .../us_gov_east_1/aws-iam-oidcprovider.json | 125 ++ .../us_gov_east_1/aws-iam-policy.json | 4 +- .../aws-iam-samlprovider.json} | 80 +- .../aws-iam-servercertificate.json | 132 ++ .../providers/us_gov_east_1/aws-iam-user.json | 4 +- .../us_gov_east_1/aws-neptune-dbinstance.json | 2 +- .../us_gov_east_1/aws-redshift-cluster.json | 3 +- .../aws-route53-healthcheck.json | 2 +- .../aws-sagemaker-app.json | 4 +- .../aws-sagemaker-appimageconfig.json | 91 +- .../aws-sagemaker-domain.json | 31 - .../us_gov_east_1/aws-sns-topic.json | 85 - .../us_gov_east_1/aws-sns-topicpolicy.json | 4 +- .../providers/us_gov_west_1/__init__.py | 25 +- .../aws-autoscaling-autoscalinggroup.json | 708 ------ .../us_gov_west_1/aws-backup-backupplan.json | 2 +- .../aws-config-configurationaggregator.json | 161 -- .../us_gov_west_1/aws-docdb-dbcluster.json | 149 -- .../aws-dynamodb-globaltable.json | 579 +++++ .../us_gov_west_1/aws-dynamodb-table.json | 540 +++++ .../us_gov_west_1/aws-ec2-ec2fleet.json | 19 +- .../aws-ec2-gatewayroutetableassociation.json | 58 + .../providers/us_gov_west_1/aws-ec2-host.json | 4 +- .../us_gov_west_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../aws-ec2-securitygroupegress.json | 4 +- .../us_gov_west_1/aws-ec2-spotfleet.json | 42 +- .../us_gov_west_1/aws-ec2-volume.json | 4 +- .../us_gov_west_1/aws-eks-addon.json | 148 -- .../us_gov_west_1/aws-gamelift-fleet.json | 2 +- .../us_gov_west_1/aws-iam-group.json | 4 +- .../us_gov_west_1/aws-iam-policy.json | 4 +- .../providers/us_gov_west_1/aws-iam-user.json | 4 +- .../us_gov_west_1/aws-iot-fleetmetric.json | 164 -- .../aws-location-geofencecollection.json | 174 ++ .../aws-location-map.json | 10 - .../us_gov_west_1/aws-neptune-dbinstance.json | 2 +- .../us_gov_west_1/aws-redshift-cluster.json | 3 +- .../aws-route53-healthcheck.json | 2 +- ...-route53resolver-resolverdnssecconfig.json | 76 - .../aws-sagemaker-app.json | 4 +- .../aws-sagemaker-appimageconfig.json | 91 +- .../aws-sagemaker-domain.json | 31 - .../us_gov_west_1/aws-sns-topicpolicy.json | 4 +- .../schemas/providers/us_west_1/__init__.py | 14 +- .../aws-amplifyuibuilder-component.json | 567 +++++ .../us_west_1/aws-amplifyuibuilder-form.json | 546 +++++ .../us_west_1/aws-amplifyuibuilder-theme.json | 149 ++ .../us_west_1/aws-appstream-fleet.json | 2 +- .../us_west_1/aws-backup-backupplan.json | 2 +- .../aws-cloudfront-distribution.json | 1232 +++++++++++ .../us_west_1/aws-ec2-launchtemplate.json | 1240 +++++++++++ .../providers/us_west_1/aws-eks-addon.json | 148 -- .../us_west_1/aws-neptune-dbinstance.json | 2 +- .../schemas/providers/us_west_2/__init__.py | 15 +- .../us_west_2/aws-amazonmq-broker.json | 341 --- .../us_west_2/aws-apprunner-vpcconnector.json | 119 - .../aws-cognito-userpoolidentityprovider.json | 59 - .../aws-ec2-gatewayroutetableassociation.json | 58 + .../us_west_2/aws-glue-tableoptimizer.json | 58 - .../us_west_2/aws-location-tracker.json | 191 ++ .../aws-location-trackerconsumer.json | 60 + .../providers/us_west_2/aws-wafv2-ipset.json | 166 ++ .../aws-wafv2-loggingconfiguration.json | 238 ++ .../us_west_2/aws-wafv2-regexpatternset.json | 134 ++ .../us_west_2/aws-wafv2-rulegroup.json | 6 + .../providers/us_west_2/aws-wafv2-webacl.json | 1970 +++++++++++++++++ .../aws-wafv2-webaclassociation.json | 125 ++ src/cfnlint/decode/node.py | 4 +- src/cfnlint/jsonschema/_filter.py | 2 +- src/cfnlint/jsonschema/exceptions.py | 2 - src/cfnlint/jsonschema/protocols.py | 3 +- src/cfnlint/rules/jsonschema/AwsType.py | 9 - src/cfnlint/rules/jsonschema/Base.py | 4 + src/cfnlint/rules/jsonschema/CfnLint.py | 6 +- .../rules/jsonschema/CfnLintJsonSchema.py | 25 +- .../jsonschema/CfnLintJsonSchemaRegional.py | 2 +- src/cfnlint/rules/jsonschema/JsonSchema.py | 6 +- src/cfnlint/rules/outputs/Value.py | 5 +- ...dOnResourceTypesWithAutoExpiringContent.py | 66 +- .../amazonmq/BrokerInstanceTypeEnum.py | 10 +- .../appstream/FleetInstanceTypeEnum.py | 10 +- .../backup/BackupPlanLifecycleRule.py | 6 +- .../cloudwatch/AlarmAwsNamespacePeriod.py | 17 +- .../resources/dax/ClusterNodeTypeEnum.py | 10 +- .../resources/docdb/DBInstanceClassEnum.py | 10 +- .../dynamodb/TableBillingModeExclusive.py | 17 +- .../FargateDeploymentSchedulingStrategy.py | 17 +- .../rules/resources/ecs/LogConfiguration.py | 14 +- .../ecs/TaskDefinitionEssentialContainer.py | 15 +- .../ectwo/InstanceInstanceTypeEnum.py | 10 +- .../ectwo/SecurityGroupAllToAndFromPorts.py | 19 +- ...SecurityGroupProtocolsAndPortsExclusive.py | 17 +- ...SecurityGroupProtocolsAndPortsInclusive.py | 19 +- .../CacheClusterCacheNodeTypeEnum.py | 10 +- .../DomainClusterConfigInstanceTypeEnum.py | 10 +- ...usterInstanceTypeConfigInstanceTypeEnum.py | 15 +- .../gamelift/FleetEc2InstanceTypeEnum.py | 10 +- .../rules/resources/iam/IdentityPolicy.py | 16 +- .../rules/resources/iam/Permissions.py | 10 +- src/cfnlint/rules/resources/iam/Policy.py | 18 +- .../rules/resources/iam/PolicyVersion.py | 9 +- .../rules/resources/iam/ResourceEcrPolicy.py | 13 +- .../rules/resources/iam/ResourcePolicy.py | 15 +- .../rules/resources/iam/RoleArnPattern.py | 18 +- .../resources/lmbd/DeprecatedRuntimeEnd.py | 4 +- ...SourceMappingEventSourceArnSqsExclusive.py | 15 +- ...rceMappingEventSourceArnStreamInclusive.py | 15 +- .../lmbd/FunctionZipfileRuntimeEnum.py | 17 +- .../lmbd/FunctionZipfileRuntimeExists.py | 17 +- .../NodeNodeConfigurationInstanceTypeEnum.py | 10 +- .../neptune/DBInstanceDBInstanceClassEnum.py | 10 +- .../resources/properties/AvailabilityZone.py | 62 +- .../rds/DbClusterServerlessExclusive.py | 17 +- .../rds/DbInstanceAuroraExclusive.py | 36 +- .../rds/DbInstanceBackupRetentionPeriod.py | 37 - .../rds/DbInstanceDbInstanceClassEnum.py | 6 +- .../resources/redshift/ClusterNodeTypeEnum.py | 10 +- ...althCheckHealthCheckConfigTypeInclusive.py | 15 +- .../providers/base.definition.schema.v1.json | 9 +- test/integration/test_schema_files.py | 89 +- .../jsonschema/test_cfn_region_schema.py | 2 +- test/unit/rules/jsonschema/test_cfn_schema.py | 35 +- .../rules/resources/cloudwatch/__init__.py | 0 .../test_alarm_aws_namespace_period.py | 76 + .../test_table_billingmode_exclusive.py | 60 + .../ec2/test_sg_all_to_and_from_ports.py | 133 ++ .../ec2/test_sg_protocols_ports_exclusive.py | 73 + .../ec2/test_sg_protocols_ports_inclusive.py | 71 + test/unit/rules/resources/ecs/__init__.py | 0 .../rules/resources/ecs/test_ecs_fargate.py | 76 + .../ecs/test_task_definition_essentials.py | 75 + .../test_task_definition_log_configuration.py | 61 + .../resources/iam/test_iam_permissions.py | 8 +- .../resources/iam/test_iam_policy_version.py | 2 +- .../resources/iam/test_identity_policy.py | 8 +- .../resources/iam/test_resource_ecr_policy.py | 2 +- .../resources/iam/test_resource_policy.py | 8 +- .../resources/iam/test_role_arn_pattern.py | 2 +- .../lmbd/test_deprecated_runtime_end.py | 2 +- .../lmbd/test_deprecated_runtime_eol.py | 2 +- ..._mapping_event_source_arn_sqs_exclusive.py | 60 + ...pping_event_source_arn_stream_inclusive.py | 60 + .../test_function_zipfile_runtime_enum.py | 59 + .../test_function_zipfile_runtime_exists.py | 62 + .../properties/test_availability_zone.py | 154 +- .../test_db_cluster_serverless_exclusive.py | 53 + .../rds/test_db_instance_aurora_exclusive.py | 86 + ...test_db_instance_db_instance_class_enum.py | 2 +- ...heck_health_check_config_type_inclusive.py | 63 + .../rules/resources/test_retentionperiod.py | 26 +- .../resources/test_retentionperiod_rds.py | 78 + 724 files changed, 85845 insertions(+), 20177 deletions(-) delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/aws_types.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/cfn_lint.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbcluster/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/aws_types.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/aws_types.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/aws_types.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/cfn_lint.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_kinesis_stream/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/cfn_lint.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/aws_types.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/aws_types.json delete mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/aws_types.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/cfn_lint.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queue/cfn_lint.json create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_synthetics_canary/__init__.py create mode 100644 src/cfnlint/data/schemas/patches/extensions/all/aws_synthetics_canary/cfn_lint.json create mode 100644 src/cfnlint/data/schemas/patches/providers/all/aws_cognito_userpoolidentityprovider/__init__.py create mode 100644 src/cfnlint/data/schemas/patches/providers/all/aws_cognito_userpoolidentityprovider/readonlyproperties.json rename src/cfnlint/data/schemas/providers/{ca_west_1 => af_south_1}/aws-cloudfront-distribution.json (99%) delete mode 100644 src/cfnlint/data/schemas/providers/af_south_1/aws-config-configurationaggregator.json rename src/cfnlint/data/schemas/providers/{cn_north_1 => af_south_1}/aws-dynamodb-globaltable.json (98%) rename src/cfnlint/data/schemas/providers/{cn_north_1 => af_south_1}/aws-dynamodb-table.json (97%) create mode 100644 src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/af_south_1/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/af_south_1/aws-guardduty-filter.json create mode 100644 src/cfnlint/data/schemas/providers/ap_east_1/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_east_1/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_1/aws-apprunner-vpcconnector.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-tracker.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-trackerconsumer.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amazonmq-broker.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-component.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-form.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-theme.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-aps-workspace.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-cloudfront-distribution.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-docdbelastic-cluster.json rename src/cfnlint/data/schemas/providers/{eu_central_1 => ap_northeast_2}/aws-dynamodb-globaltable.json (98%) rename src/cfnlint/data/schemas/providers/{eu_central_1 => ap_northeast_2}/aws-dynamodb-table.json (97%) create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_2/aws-guardduty-filter.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cognito-userpoolidentityprovider.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_3/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_northeast_3/aws-iam-servercertificate.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-amazonmq-broker.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-apprunner-vpcconnector.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-aps-workspace.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-cloudfront-distribution.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-location-geofencecollection.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-ipset.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-regexpatternset.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-rulegroup.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_2/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_south_2/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_1/aws-apprunner-vpcconnector.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_1/aws-ec2-gatewayroutetableassociation.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_2/aws-apprunner-vpcconnector.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_2/aws-aps-rulegroupsnamespace.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_2/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-guardduty-filter.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-oidcprovider.json rename src/cfnlint/data/schemas/providers/{eu_north_1/aws-aps-rulegroupsnamespace.json => ap_southeast_3/aws-iam-samlprovider.json} (50%) create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-servercertificate.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ssm-document.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ecs-taskset.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/ap_southeast_4/aws-elasticloadbalancingv2-targetgroup.json create mode 100644 src/cfnlint/data/schemas/providers/ca_central_1/aws-cloudfront-distribution.json create mode 100644 src/cfnlint/data/schemas/providers/ca_central_1/aws-cognito-userpoolriskconfigurationattachment.json create mode 100644 src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-launchtemplate.json create mode 100644 src/cfnlint/data/schemas/providers/ca_central_1/aws-location-geofencecollection.json delete mode 100644 src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-space.json create mode 100644 src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/ca_west_1/aws-eks-addon.json create mode 100644 src/cfnlint/data/schemas/providers/ca_west_1/aws-guardduty-member.json delete mode 100644 src/cfnlint/data/schemas/providers/cn_north_1/aws-amazonmq-broker.json create mode 100644 src/cfnlint/data/schemas/providers/cn_north_1/aws-ec2-gatewayroutetableassociation.json rename src/cfnlint/data/schemas/providers/{ca_central_1 => cn_north_1}/aws-sagemaker-app.json (98%) rename src/cfnlint/data/schemas/providers/{ca_central_1 => cn_north_1}/aws-sagemaker-appimageconfig.json (62%) rename src/cfnlint/data/schemas/providers/{ca_central_1 => cn_north_1}/aws-sagemaker-domain.json (96%) create mode 100644 src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-ipset.json create mode 100644 src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-loggingconfiguration.json create mode 100644 src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-regexpatternset.json create mode 100644 src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webacl.json create mode 100644 src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webaclassociation.json create mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-subnetcidrblock.json delete mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ecs-taskset.json delete mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listener.json delete mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listenerrule.json delete mode 100644 src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-loadbalancer.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-amazonmq-broker.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-apprunner-vpcconnector.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-hoursofoperation.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-quickconnect.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-user.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-userhierarchygroup.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-securitygroupingress.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-subnet.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-transitgatewayroute.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-ecs-taskdefinition.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-inspectorv2-cisscanconfiguration.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-iot-topicrule.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-location-geofencecollection.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-s3-accesspoint.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-identitysource.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-policytemplate.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_1/aws-wafv2-webacl.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-ecs-taskset.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_central_2/aws-guardduty-filter.json create mode 100644 src/cfnlint/data/schemas/providers/eu_north_1/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_north_1/aws-codegurureviewer-repositoryassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-clientvpnendpoint.json create mode 100644 src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-launchtemplate.json create mode 100644 src/cfnlint/data/schemas/providers/eu_north_1/aws-location-geofencecollection.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-component.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-form.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-theme.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_south_1/aws-guardduty-filter.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_2/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_south_2/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-app.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_west_1/aws-apprunner-vpcconnector.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-ipset.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-regexpatternset.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_west_2/aws-apprunner-vpcconnector.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_2/aws-cloudfront-distribution.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_2/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_2/aws-location-geofencecollection.json delete mode 100644 src/cfnlint/data/schemas/providers/eu_west_3/aws-apprunner-vpcconnector.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_3/aws-cloudfront-distribution.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-launchtemplate.json create mode 100644 src/cfnlint/data/schemas/providers/me_central_1/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/me_central_1/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/me_central_1/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/me_central_1/aws-iot-fleetmetric.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-component.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-form.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-theme.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-cloudfront-distribution.json delete mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-cognito-userpoolidentityprovider.json delete mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-clientvpnendpoint.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-guardduty-filter.json create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-iam-oidcprovider.json rename src/cfnlint/data/schemas/providers/{eu_west_2/aws-aps-rulegroupsnamespace.json => me_south_1/aws-iam-samlprovider.json} (50%) create mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-iam-servercertificate.json delete mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-domain.json delete mode 100644 src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-space.json delete mode 100644 src/cfnlint/data/schemas/providers/sa_east_1/aws-amazonmq-broker.json create mode 100644 src/cfnlint/data/schemas/providers/sa_east_1/aws-location-geofencecollection.json create mode 100644 src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-ipset.json create mode 100644 src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-regexpatternset.json create mode 100644 src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-rulegroup.json rename src/cfnlint/data/schemas/providers/{eu_central_1 => us_east_1}/aws-glue-tableoptimizer.json (100%) rename src/cfnlint/data/schemas/providers/{ap_northeast_1 => us_east_1}/aws-inspectorv2-cisscanconfiguration.json (100%) delete mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-apprunner-vpcconnector.json create mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-cloudfront-distribution.json create mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-ec2-launchtemplate.json create mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-location-tracker.json create mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-location-trackerconsumer.json delete mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-s3-bucket.json delete mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-appimageconfig.json delete mode 100644 src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-space.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-autoscaling-autoscalinggroup.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-config-configurationaggregator.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-eks-addon.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-oidcprovider.json rename src/cfnlint/data/schemas/providers/{ap_southeast_1/aws-aps-rulegroupsnamespace.json => us_gov_east_1/aws-iam-samlprovider.json} (50%) create mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-servercertificate.json rename src/cfnlint/data/schemas/providers/{me_south_1 => us_gov_east_1}/aws-sagemaker-app.json (98%) rename src/cfnlint/data/schemas/providers/{eu_south_2 => us_gov_east_1}/aws-sagemaker-appimageconfig.json (62%) rename src/cfnlint/data/schemas/providers/{us_east_2 => us_gov_east_1}/aws-sagemaker-domain.json (96%) delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topic.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-autoscaling-autoscalinggroup.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-config-configurationaggregator.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-docdb-dbcluster.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-globaltable.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-table.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-gatewayroutetableassociation.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iot-fleetmetric.json create mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-location-geofencecollection.json rename src/cfnlint/data/schemas/providers/{us_west_2 => us_gov_west_1}/aws-location-map.json (95%) delete mode 100644 src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53resolver-resolverdnssecconfig.json rename src/cfnlint/data/schemas/providers/{us_east_2 => us_gov_west_1}/aws-sagemaker-app.json (98%) rename src/cfnlint/data/schemas/providers/{me_south_1 => us_gov_west_1}/aws-sagemaker-appimageconfig.json (62%) rename src/cfnlint/data/schemas/providers/{eu_south_2 => us_gov_west_1}/aws-sagemaker-domain.json (96%) create mode 100644 src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-component.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-form.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-theme.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_1/aws-cloudfront-distribution.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_1/aws-ec2-launchtemplate.json delete mode 100644 src/cfnlint/data/schemas/providers/us_west_1/aws-eks-addon.json delete mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-amazonmq-broker.json delete mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-apprunner-vpcconnector.json delete mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-cognito-userpoolidentityprovider.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-ec2-gatewayroutetableassociation.json delete mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-glue-tableoptimizer.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-location-tracker.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-location-trackerconsumer.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-ipset.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-loggingconfiguration.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-regexpatternset.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webacl.json create mode 100644 src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webaclassociation.json delete mode 100644 src/cfnlint/rules/resources/rds/DbInstanceBackupRetentionPeriod.py create mode 100644 test/unit/rules/resources/cloudwatch/__init__.py create mode 100644 test/unit/rules/resources/cloudwatch/test_alarm_aws_namespace_period.py create mode 100644 test/unit/rules/resources/dynamodb/test_table_billingmode_exclusive.py create mode 100644 test/unit/rules/resources/ec2/test_sg_all_to_and_from_ports.py create mode 100644 test/unit/rules/resources/ec2/test_sg_protocols_ports_exclusive.py create mode 100644 test/unit/rules/resources/ec2/test_sg_protocols_ports_inclusive.py create mode 100644 test/unit/rules/resources/ecs/__init__.py create mode 100644 test/unit/rules/resources/ecs/test_ecs_fargate.py create mode 100644 test/unit/rules/resources/ecs/test_task_definition_essentials.py create mode 100644 test/unit/rules/resources/ecs/test_task_definition_log_configuration.py create mode 100644 test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_sqs_exclusive.py create mode 100644 test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_stream_inclusive.py create mode 100644 test/unit/rules/resources/lmbd/test_function_zipfile_runtime_enum.py create mode 100644 test/unit/rules/resources/lmbd/test_function_zipfile_runtime_exists.py create mode 100644 test/unit/rules/resources/rds/test_db_cluster_serverless_exclusive.py create mode 100644 test/unit/rules/resources/rds/test_db_instance_aurora_exclusive.py create mode 100644 test/unit/rules/resources/route53/test_health_check_health_check_config_type_inclusive.py create mode 100644 test/unit/rules/resources/test_retentionperiod_rds.py diff --git a/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json b/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json index f8afecd5f8..a89caa7668 100644 --- a/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json @@ -1 +1 @@ -{"etag": "\"7c5bff142ade1abed71d4ffc14925d81\"", "url": "https://schema.cloudformation.eu-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"5dd91092d77ad1ba978be8ddc6ee43c5\"", "url": "https://schema.cloudformation.eu-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json b/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json index feb02c9458..fe5e236868 100644 --- a/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json @@ -1 +1 @@ -{"etag": "\"e0220f2f7caf826803581ba9b2df740f\"", "url": "https://schema.cloudformation.cn-north-1.amazonaws.com.cn/CloudformationSchema.zip"} +{"etag": "\"e908f2c13e76a287b9b0136a0f5027c9\"", "url": "https://schema.cloudformation.cn-north-1.amazonaws.com.cn/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json b/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json index efbef6b4c1..629180fa46 100644 --- a/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json @@ -1 +1 @@ -{"etag": "\"ef5722551fb90dac0d4eaa0a75444457\"", "url": "https://schema.cloudformation.us-gov-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"d74711fca569f22c6c2fe493fe9212ea\"", "url": "https://schema.cloudformation.us-gov-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json b/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json index 68d0e25bda..9aa5fcfc6f 100644 --- a/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json @@ -1 +1 @@ -{"etag": "\"013ff076ad7b8bb463e3c257ee680e21\"", "url": "https://schema.cloudformation.me-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"6e1f33f073f1be99d09a6c449c7e31ba\"", "url": "https://schema.cloudformation.me-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json b/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json index 6dfeafe920..bd040a1454 100644 --- a/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json @@ -1 +1 @@ -{"etag": "\"6134c384983d6a36f0e197f9eb2374dc\"", "url": "https://schema.cloudformation.us-gov-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"0188c4567f631bb42f913d3aab2a4e7b\"", "url": "https://schema.cloudformation.us-gov-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json b/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json index f15854d7be..1dcb7f1179 100644 --- a/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json @@ -1 +1 @@ -{"etag": "\"a26d20c906cb9ab1649b974dd3a47504\"", "url": "https://schema.cloudformation.me-central-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"0d4d5bf4c005160987839707c3ac0fb4\"", "url": "https://schema.cloudformation.me-central-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json b/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json index f3dac4db3f..fb75d70aa6 100644 --- a/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json @@ -1 +1 @@ -{"etag": "\"04cc42c4460748986e4396d97315ee18\"", "url": "https://schema.cloudformation.eu-west-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"b31c4b269c8351f2f0a40fbb8f9d3a50\"", "url": "https://schema.cloudformation.eu-west-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json b/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json index 68da0944ec..52b3c1c8a9 100644 --- a/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json @@ -1 +1 @@ -{"etag": "\"11caf87bc067791546c60f1d91f680eb\"", "url": "https://schema.cloudformation.cn-northwest-1.amazonaws.com.cn/CloudformationSchema.zip"} +{"etag": "\"a1dea18064a7504815bbed8fdc94bd4f\"", "url": "https://schema.cloudformation.cn-northwest-1.amazonaws.com.cn/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json b/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json index a93a3eeec0..b80fa16d2d 100644 --- a/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json @@ -1 +1 @@ -{"etag": "\"4dee61d626fb43e40aa942de1dbe9bc0\"", "url": "https://schema.cloudformation.af-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"ef4efb00c52ebbb99383735d168f97ee\"", "url": "https://schema.cloudformation.af-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json b/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json index e9a306ad53..4223108875 100644 --- a/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json @@ -1 +1 @@ -{"etag": "\"9452742c8c25e4e7f32b72dbed4ddf41\"", "url": "https://schema.cloudformation.us-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"e2b2b4cda915413062e2f80cb409b19d\"", "url": "https://schema.cloudformation.us-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json b/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json index 5002c9e57c..9d83187118 100644 --- a/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json @@ -1 +1 @@ -{"etag": "\"9c2174c9733f4d5aa7aab94464b90c39\"", "url": "https://schema.cloudformation.eu-central-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"ce8bd0c5c05ebe78807f1440406f369d\"", "url": "https://schema.cloudformation.eu-central-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json b/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json index c871c04bff..dce84fb03b 100644 --- a/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json @@ -1 +1 @@ -{"etag": "\"ca7441a7185a90c944754440f33ccfce\"", "url": "https://schema.cloudformation.ap-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"ec5439eda74283b3c88edf2d2fe92f86\"", "url": "https://schema.cloudformation.ap-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json b/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json index e63ffa3566..f58ad11453 100644 --- a/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json @@ -1 +1 @@ -{"etag": "\"1a4652326988feef421a291f20cb8d08\"", "url": "https://schema.cloudformation.ap-southeast-4.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"b3c46ad6c45cc949fffd576d56e11914\"", "url": "https://schema.cloudformation.ap-southeast-4.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json b/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json index c3a4e02803..5fed55938c 100644 --- a/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json @@ -1 +1 @@ -{"etag": "\"4e6c4f4af17b9d40d2f8e86d332ea40e\"", "url": "https://schema.cloudformation.us-east-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"7fe95bec5664b00b8ab33c3c9cbba9e2\"", "url": "https://schema.cloudformation.us-east-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json b/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json index d5dddf7861..fefd9be610 100644 --- a/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json @@ -1 +1 @@ -{"etag": "\"79d41a309ab1843b23c0ff8b7d8b43a1\"", "url": "https://schema.cloudformation.ap-southeast-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"bd58f240dbb529048d5c724a99ac68be\"", "url": "https://schema.cloudformation.ap-southeast-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json b/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json index 74a0743c9a..99d55ba384 100644 --- a/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json @@ -1 +1 @@ -{"etag": "\"9f01961885b1d50f0b97f2b8e56b0a4d\"", "url": "https://schema.cloudformation.ap-northeast-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"b64f955e3136a7bb16e0767d841907c8\"", "url": "https://schema.cloudformation.ap-northeast-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json b/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json index e75750a91e..24b07de880 100644 --- a/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json @@ -1 +1 @@ -{"etag": "\"9c85811bdf74b3162cbd4033ff7f3797\"", "url": "https://schema.cloudformation.ap-southeast-3.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"1ffd1b7ef34f1089bb4b46874e5c695b\"", "url": "https://schema.cloudformation.ap-southeast-3.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json b/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json index 565b7eb455..b750362a96 100644 --- a/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json @@ -1 +1 @@ -{"etag": "\"402f55e4ee6d8701142607d1644ad96f\"", "url": "https://schema.cloudformation.ap-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"65f6bf5dd1e0551fa5cdb2df58330af8\"", "url": "https://schema.cloudformation.ap-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json b/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json index 6c54e989e1..7a58141375 100644 --- a/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json @@ -1 +1 @@ -{"etag": "\"a4f0f4dfcdb7288e6c7b702723c1bff9\"", "url": "https://schema.cloudformation.sa-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"d6be891b687059fa9f1378ab3fa2e9a3\"", "url": "https://schema.cloudformation.sa-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json b/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json index af95464572..f3cec9d6a3 100644 --- a/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json @@ -1 +1 @@ -{"etag": "\"449cbc73c13039a8ba3ac1e6b2777da8\"", "url": "https://schema.cloudformation.ap-southeast-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"697aa7ac7cdf0b6a85ec10700ea0eda2\"", "url": "https://schema.cloudformation.ap-southeast-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json b/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json index b7e4ef69ab..87a596a645 100644 --- a/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json @@ -1 +1 @@ -{"etag": "\"4afa046a10ef6d90a6c72ce65d28eb5c\"", "url": "https://schema.cloudformation.ca-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"d4ad2f77217b71e3d733ad1ea8980d3f\"", "url": "https://schema.cloudformation.ca-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json b/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json index cba3a78d45..450b092f03 100644 --- a/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json @@ -1 +1 @@ -{"etag": "\"739eb0f3b5acf6d6f0a9466dc9ce031c\"", "url": "https://schema.cloudformation.eu-central-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"4f20df51817099e1e5121eabd83f6b53\"", "url": "https://schema.cloudformation.eu-central-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json b/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json index e517424e9f..09c5f00d06 100644 --- a/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json @@ -1 +1 @@ -{"etag": "\"ea4a1343310a641439108f772ed8023e\"", "url": "https://schema.cloudformation.eu-north-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"4a17ca01c22687790e6ab493a1fa40fb\"", "url": "https://schema.cloudformation.eu-north-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json b/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json index 9f5c266143..fcd5d1eec5 100644 --- a/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json @@ -1 +1 @@ -{"etag": "\"7e5faa1d7044db74d98e15d7ad6d09bf\"", "url": "https://schema.cloudformation.eu-south-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"c5b7c7e9a43216f4bc4a5a33a62f316e\"", "url": "https://schema.cloudformation.eu-south-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json b/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json index 75e0442733..ec95e808e7 100644 --- a/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json @@ -1 +1 @@ -{"etag": "\"9e95946539c7fdc31b21b29343a2828c\"", "url": "https://schema.cloudformation.ca-central-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"3261249e455594e4544856414ee77494\"", "url": "https://schema.cloudformation.ca-central-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json b/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json index c16e96950f..f851794107 100644 --- a/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json @@ -1 +1 @@ -{"etag": "\"b31a1b0158eee07e01cfd84ca9ec48c2\"", "url": "https://schema.cloudformation.eu-west-3.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"1a18c7fa888dc37813c01356c2aee1b2\"", "url": "https://schema.cloudformation.eu-west-3.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json b/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json index d17b633a3c..0f9e27b7fa 100644 --- a/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json @@ -1 +1 @@ -{"etag": "\"a832736e94aa4f502076450abd6db7bf\"", "url": "https://schema.cloudformation.ap-northeast-3.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"44e3e84d086db615a89cdcb4e44c2b27\"", "url": "https://schema.cloudformation.ap-northeast-3.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json b/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json index 2eb9a822c4..f9bb4fdfc5 100644 --- a/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json @@ -1 +1 @@ -{"etag": "\"7ebd6bffa4d514e94f81625b4a0ff003\"", "url": "https://schema.cloudformation.us-west-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"d2ac495604134148b0d323369eb064c8\"", "url": "https://schema.cloudformation.us-west-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json b/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json index f4f58370bd..04a15f91a5 100644 --- a/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json @@ -1 +1 @@ -{"etag": "\"b70b206292604006da2281e9eee5aec9\"", "url": "https://schema.cloudformation.ap-south-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"1424b1d242bf5e390625d14b78eb28b7\"", "url": "https://schema.cloudformation.ap-south-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json b/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json index d77a28463b..f144a56c5a 100644 --- a/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json @@ -1 +1 @@ -{"etag": "\"d83706535f6443c80fc54b90710f8559\"", "url": "https://schema.cloudformation.us-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"c136292d834ec8f8cc5bec5132acfff3\"", "url": "https://schema.cloudformation.us-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json b/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json index ba324d24ed..8c877c770d 100644 --- a/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json @@ -1 +1 @@ -{"etag": "\"188108874d53b84a88f7a14e9153ddc5\"", "url": "https://schema.cloudformation.eu-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"6dd4ea73d4945e376fc98257ead80d39\"", "url": "https://schema.cloudformation.eu-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json b/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json index 699341ed3c..2b155016b9 100644 --- a/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json @@ -1 +1 @@ -{"etag": "\"ed8a547d19682d1ff75f2d4f56820d1b\"", "url": "https://schema.cloudformation.ap-northeast-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"f37dd33118d18fe992e1d83d6b41e554\"", "url": "https://schema.cloudformation.ap-northeast-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/schemas/extensions/aws_cloudwatch_alarm/aws_namespace_period.json b/src/cfnlint/data/schemas/extensions/aws_cloudwatch_alarm/aws_namespace_period.json index 375b2649fd..34963a918d 100644 --- a/src/cfnlint/data/schemas/extensions/aws_cloudwatch_alarm/aws_namespace_period.json +++ b/src/cfnlint/data/schemas/extensions/aws_cloudwatch_alarm/aws_namespace_period.json @@ -6,19 +6,24 @@ "Namespace": { "pattern": "^AWS/.*$", "type": "string" - } - } - }, - "then": { - "properties": { + }, "Period": { - "minimum": 60, "type": [ "number", "string" ] } - } + }, + "required": [ + "Namespace" + ], + "type": "object" }, - "type": "object" + "then": { + "properties": { + "Period": { + "minimum": 60 + } + } + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_dynamodb_table/billingmode_exclusive.json b/src/cfnlint/data/schemas/extensions/aws_dynamodb_table/billingmode_exclusive.json index 982449d6ab..6e0cf71482 100644 --- a/src/cfnlint/data/schemas/extensions/aws_dynamodb_table/billingmode_exclusive.json +++ b/src/cfnlint/data/schemas/extensions/aws_dynamodb_table/billingmode_exclusive.json @@ -4,23 +4,23 @@ "else": {}, "if": { "properties": { - "PAY_PER_REQUEST": { + "BillingMode": { "const": "PAY_PER_REQUEST" } - } + }, + "required": [ + "BillingMode" + ], + "type": "object" }, "then": { "not": { "properties": { - "ProvisionedThroughput": { - "type": [ - "string", - "object" - ] - } + "ProvisionedThroughput": true }, - "required": "ProvisionedThroughput" + "required": [ + "ProvisionedThroughput" + ] } - }, - "type": "object" + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_ecs_service/fargate.json b/src/cfnlint/data/schemas/extensions/aws_ecs_service/fargate.json index f8fcc0036e..19943709a5 100644 --- a/src/cfnlint/data/schemas/extensions/aws_ecs_service/fargate.json +++ b/src/cfnlint/data/schemas/extensions/aws_ecs_service/fargate.json @@ -6,18 +6,20 @@ "FARGATE", "EXTERNAL" ] + }, + "SchedulingStrategy": { + "type": "string" } }, "required": [ "LaunchType" - ] + ], + "type": "object" }, "then": { "properties": { "SchedulingStrategy": { - "enum": [ - "REPLICA" - ] + "const": "REPLICA" } } } diff --git a/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/containerdefinitions_essential.json b/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/containerdefinitions_essential.json index feaa315f14..646dba04f3 100644 --- a/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/containerdefinitions_essential.json +++ b/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/containerdefinitions_essential.json @@ -2,12 +2,18 @@ "contains": { "properties": { "Essential": { - "enum": [ - true, - "true", - "True" - ], - "type": "boolean" + "oneOf": [ + { + "enum": [ + true, + "true", + "True" + ] + }, + { + "type": "object" + } + ] } }, "required": [ diff --git a/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/logging_configuration.json b/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/logging_configuration.json index 365cfe0a60..b34afba880 100644 --- a/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/logging_configuration.json +++ b/src/cfnlint/data/schemas/extensions/aws_ecs_taskdefinition/logging_configuration.json @@ -5,7 +5,11 @@ "LogDriver": { "const": "awslogs" } - } + }, + "required": [ + "LogDriver" + ], + "type": "object" }, "then": { "properties": { diff --git a/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive.json b/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive.json index f7c3f746db..a672cfde35 100644 --- a/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive.json +++ b/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive.json @@ -6,32 +6,16 @@ "EventSourceArn": { "pattern": "^arn:(aws[a-zA-Z0-9-]*):sqs:([a-z]{2}(-gov)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)$", "type": "string" - }, - "required": [ - "EventSourceArn" - ] - } - }, - "then": { - "if": { - "not": { - "properties": { - "EventSourceArn": { - "type": "object" - } - } } }, - "then": { - "not": { - "properties": { - "StartingPosition": {} - }, - "required": [ - "StartingPosition" - ] - } - } + "required": [ + "EventSourceArn" + ], + "type": "object" }, - "type": "object" + "then": { + "properties": { + "StartingPosition": false + } + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive.json b/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive.json index 7b795cbdb0..73a60d5f1a 100644 --- a/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive.json +++ b/src/cfnlint/data/schemas/extensions/aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive.json @@ -10,20 +10,15 @@ }, "required": [ "EventSourceArn" - ] + ], + "type": "object" }, "then": { "properties": { - "StartingPosition": { - "type": [ - "string", - "object" - ] - } + "StartingPosition": true }, "required": [ "StartingPosition" ] - }, - "type": "object" + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_enum.json b/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_enum.json index 025dcdc184..c58f5c3990 100644 --- a/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_enum.json +++ b/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_enum.json @@ -6,12 +6,7 @@ "Code": { "additionalProperties": true, "properties": { - "ZipFile": { - "type": [ - "object", - "string" - ] - } + "ZipFile": true }, "required": [ "ZipFile" @@ -25,17 +20,15 @@ "required": [ "Code", "Runtime" - ] + ], + "type": "object" }, - "properties": {}, "then": { "properties": { "Runtime": { - "pattern": "^(nodejs.*|python.*)$", - "type": "string" + "pattern": "^(nodejs.*|python.*)$" }, "required": true } - }, - "type": "object" + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_exists.json b/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_exists.json index bf938c466a..1628f1571b 100644 --- a/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_exists.json +++ b/src/cfnlint/data/schemas/extensions/aws_lambda_function/zipfile_runtime_exists.json @@ -6,12 +6,7 @@ "Code": { "additionalProperties": true, "properties": { - "ZipFile": { - "type": [ - "object", - "string" - ] - } + "ZipFile": true }, "required": [ "ZipFile" @@ -21,21 +16,15 @@ }, "required": [ "Code" - ] + ], + "type": "object" }, - "properties": {}, "then": { "properties": { - "Runtime": { - "type": [ - "object", - "string" - ] - } + "Runtime": true }, "required": [ "Runtime" ] - }, - "type": "object" + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/serverless_exclusive.json b/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/serverless_exclusive.json index d4924e7c7e..b753cf3015 100644 --- a/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/serverless_exclusive.json +++ b/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/serverless_exclusive.json @@ -5,24 +5,22 @@ "if": { "properties": { "EngineMode": { - "pattern": "^((?!serverless).)*$" + "const": "serverless" } - } + }, + "required": [ + "EngineMode" + ], + "type": "object" }, "then": { "not": { "properties": { - "ScalingConfiguration": { - "type": [ - "string", - "object" - ] - } + "ScalingConfiguration": true }, "required": [ "ScalingConfiguration" ] } - }, - "type": "object" + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/aurora_exclusive.json b/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/aurora_exclusive.json index ca1b3d6a85..a4ea456a1c 100644 --- a/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/aurora_exclusive.json +++ b/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/aurora_exclusive.json @@ -5,9 +5,11 @@ "if": { "properties": { "Engine": { - "pattern": "(aurora|aurora-mysql|aurora-postgresql)" + "pattern": "(aurora|aurora-mysql|aurora-postgresql)", + "type": "string" } - } + }, + "type": "object" }, "then": { "not": { @@ -49,50 +51,14 @@ } ], "properties": { - "AllocatedStorage": { - "type": [ - "string", - "object" - ] - }, - "BackupRetentionPeriod": { - "type": [ - "string", - "object" - ] - }, - "CopyTagsToSnapshot": { - "type": [ - "string", - "object" - ] - }, - "DeletionProtection": { - "type": [ - "string", - "object" - ] - }, - "EnableIAMDatabaseAuthentication": { - "type": [ - "string", - "object" - ] - }, - "MasterUserPassword": { - "type": [ - "string", - "object" - ] - }, - "StorageEncrypted": { - "type": [ - "string", - "object" - ] - } + "AllocatedStorage": true, + "BackupRetentionPeriod": true, + "CopyTagsToSnapshot": true, + "DeletionProtection": true, + "EnableIAMDatabaseAuthentication": true, + "MasterUserPassword": true, + "StorageEncrypted": true } } - }, - "type": "object" + } } diff --git a/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/backupretentionperiod.json b/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/backupretentionperiod.json index 62da2302df..536d76b676 100644 --- a/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/backupretentionperiod.json +++ b/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/backupretentionperiod.json @@ -8,10 +8,11 @@ }, "required": [ "Engine" - ] + ], + "type": "object" }, "then": { - "awsType": [ + "required": [ "BackupRetentionPeriod" ] } diff --git a/src/cfnlint/data/schemas/extensions/aws_route53_healthcheck/healthcheckconfig_type_inclusive.json b/src/cfnlint/data/schemas/extensions/aws_route53_healthcheck/healthcheckconfig_type_inclusive.json index cb918da822..3939d08168 100644 --- a/src/cfnlint/data/schemas/extensions/aws_route53_healthcheck/healthcheckconfig_type_inclusive.json +++ b/src/cfnlint/data/schemas/extensions/aws_route53_healthcheck/healthcheckconfig_type_inclusive.json @@ -7,20 +7,15 @@ "Type": { "const": "CLOUDWATCH_METRIC" } - } + }, + "type": "object" }, "then": { "properties": { - "AlarmIdentifier": { - "type": [ - "string", - "object" - ] - } + "AlarmIdentifier": true }, "required": [ "AlarmIdentifier" ] - }, - "type": "object" + } } diff --git a/src/cfnlint/data/schemas/other/iam/policy.json b/src/cfnlint/data/schemas/other/iam/policy.json index cce7edfee2..492a9bafd9 100644 --- a/src/cfnlint/data/schemas/other/iam/policy.json +++ b/src/cfnlint/data/schemas/other/iam/policy.json @@ -11,7 +11,9 @@ "$ref": "#/definitions/StringOrStringArray" } ], - "awsType": "IamPolicyStatementAction" + "cfnLint": [ + "AWS::IAM::Policy/Properties/PolicyDocument/Statement/Action" + ] }, "AwsArn": { "pattern": "^(arn:(aws|aws-cn|aws-us-gov):[^:]+:[^:]*:(?:\\d{12}|\\*)?:.+|\\*)$", @@ -262,7 +264,9 @@ } }, "Version": { - "awsType": "IamPolicyVersion", + "cfnLint": [ + "AWS::IAM::Policy/Properties/PolicyDocument/Version" + ], "enum": [ "2008-10-17", "2012-10-17" diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_amazonmq_broker/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_amazonmq_broker/cfn_lint.json index 059f42d821..3b020e1c66 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_amazonmq_broker/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_amazonmq_broker/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/properties/HostInstanceType/cfnLint", - "value": "aws_amazonmq_broker/instancetype_enum" + "value": "AWS::AmazonMQ::Broker/Properties/HostInstanceType" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_appstream_fleet/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_appstream_fleet/cfn_lint.json index 7fbb98a4f3..c6fc2894c7 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_appstream_fleet/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_appstream_fleet/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/properties/InstanceType/cfnLint", - "value": "aws_appstream_fleet/instancetype_enum" + "value": "AWS::AppStream::Fleet/Properties/InstanceType" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/aws_types.json deleted file mode 100644 index 93a018eabb..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/aws_types.json +++ /dev/null @@ -1,12 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZones/awsType", - "value": "AvailabilityZones" - }, - { - "op": "add", - "path": "/properties/AvailabilityZones/items/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/cfn_lint.json new file mode 100644 index 0000000000..210bc7d159 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_autoscaling_autoscalinggroup/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/properties/AvailabilityZones/cfnLint", + "value": [ + "AWS::AutoScaling::AutoScalingGroup/Properties/AvailabilityZones" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupplan/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupplan/cfn_lint.json index 264f51b622..6efaf4c716 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupplan/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupplan/cfn_lint.json @@ -21,7 +21,7 @@ "op": "add", "path": "/definitions/LifecycleResourceType/then", "value": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" } } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/aws_types.json deleted file mode 100644 index c3c0b954fc..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/definitions/BackupSelectionResourceType/properties/IamRoleArn/awsType", - "value": "IamRoleArn" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/cfn_lint.json new file mode 100644 index 0000000000..fa72a912da --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_backup_backupselection/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/definitions/BackupSelectionResourceType/properties/IamRoleArn/cfnLint", + "value": [ + "AWS::Backup::BackupSelection/Properties/BackupSelection/IamRoleArn" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/aws_types.json deleted file mode 100644 index 93a6e3c5d3..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/aws_types.json +++ /dev/null @@ -1,12 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/ServiceRole/awsType", - "value": "IamRoleArn" - }, - { - "op": "add", - "path": "/definitions/ComputeResources/properties/SpotIamFleetRole/awsType", - "value": "IamRoleArn" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/cfn_lint.json new file mode 100644 index 0000000000..4cfe591471 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_batch_computeenvironment/cfn_lint.json @@ -0,0 +1,16 @@ +[ + { + "op": "add", + "path": "/properties/ServiceRole/cfnLint", + "value": [ + "AWS::Batch::ComputeEnvironment/Properties/ServiceRole" + ] + }, + { + "op": "add", + "path": "/definitions/ComputeResources/properties/SpotIamFleetRole/cfnLint", + "value": [ + "AWS::Batch::ComputeEnvironment/Properties/ComputeResources/SpotIamFleetRole" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_cloudwatch_alarm/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_cloudwatch_alarm/cfn_lint.json index a61fe0fcb5..d0ed99e45c 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_cloudwatch_alarm/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_cloudwatch_alarm/cfn_lint.json @@ -3,7 +3,7 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_cloudwatch_alarm/aws_namespace_period" + "AWS::CloudWatch::Alarm/Properties" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/aws_types.json deleted file mode 100644 index 49e2acfced..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/aws_types.json +++ /dev/null @@ -1,12 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZones/awsType", - "value": "AvailabilityZone" - }, - { - "op": "add", - "path": "/properties/AvailabilityZones/items/awsType", - "value": "AvailabilityZones" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/cfn_lint.json index bf47fbaf47..e28ae4f420 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_dax_cluster/cfn_lint.json @@ -2,6 +2,13 @@ { "op": "add", "path": "/properties/NodeType/cfnLint", - "value": "aws_dax_cluster/nodetype_enum" + "value": "AWS::DAX::Cluster/Properties/NodeType" + }, + { + "op": "add", + "path": "/properties/AvailabilityZones/cfnLint", + "value": [ + "AWS::DAX::Cluster/Properties/AvailabilityZones" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/aws_types.json deleted file mode 100644 index e800d7939d..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/aws_types.json +++ /dev/null @@ -1,9 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZone/awsType", - "value": [ - "AvailabilityZone" - ] - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/cfn_lint.json new file mode 100644 index 0000000000..b1114d1d0e --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_dms_replicationinstance/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::DMS::ReplicationInstance/Properties/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbcluster/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbcluster/cfn_lint.json new file mode 100644 index 0000000000..57bc1ad974 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbcluster/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/cfnLint", + "value": [ + "AWS::DocDB::DBCluster/Properties" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbinstance/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbinstance/cfn_lint.json index 1d53e850dd..86894fd351 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbinstance/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_docdb_dbinstance/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/properties/DBInstanceClass/cfnLint", - "value": "aws_docdb_dbinstance/dbinstanceclass_enum" + "value": "AWS::DocDB::DBInstance/Properties/DBInstanceClass" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_dynamodb_table/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_dynamodb_table/cfn_lint.json index 6f7478900a..d8b4984a0b 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_dynamodb_table/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_dynamodb_table/cfn_lint.json @@ -3,7 +3,7 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_dynamodb_table/billingmode_exclusive" + "AWS::DynamoDB::Table/Properties" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/aws_types.json deleted file mode 100644 index e800d7939d..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/aws_types.json +++ /dev/null @@ -1,9 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZone/awsType", - "value": [ - "AvailabilityZone" - ] - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/cfn_lint.json new file mode 100644 index 0000000000..b49fa70728 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_host/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::EC2::Host/Properties/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/aws_types.json deleted file mode 100644 index e800d7939d..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/aws_types.json +++ /dev/null @@ -1,9 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZone/awsType", - "value": [ - "AvailabilityZone" - ] - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/cfn_lint.json index 7447ad7f90..90d76ccca2 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_instance/cfn_lint.json @@ -3,7 +3,14 @@ "op": "add", "path": "/properties/InstanceType/cfnLint", "value": [ - "aws_ec2_instance/instancetype_enum" + "AWS::EC2::Instance/Properties/InstanceType" + ] + }, + { + "op": "add", + "path": "/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::EC2::Instance/Properties/AvailabilityZone" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/aws_types.json deleted file mode 100644 index e4632574c1..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/aws_types.json +++ /dev/null @@ -1,9 +0,0 @@ -[ - { - "op": "add", - "path": "/definitions/Placement/properties/AvailabilityZone/awsType", - "value": [ - "AvailabilityZone" - ] - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/cfn_lint.json new file mode 100644 index 0000000000..aacd588195 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/definitions/Placement/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroup/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroup/cfn_lint.json index 0841bca57c..b56c41b7cc 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroup/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroup/cfn_lint.json @@ -3,18 +3,14 @@ "op": "add", "path": "/definitions/Ingress/cfnLint", "value": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroup/Properties/Ingress" ] }, { "op": "add", "path": "/definitions/Egress/cfnLint", "value": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroup/Properties/Egress" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupegress/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupegress/cfn_lint.json index bebc912615..fc6ee540fc 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupegress/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupegress/cfn_lint.json @@ -3,9 +3,7 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroupEgress/Properties" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupingress/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupingress/cfn_lint.json index bebc912615..fb92223139 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupingress/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_securitygroupingress/cfn_lint.json @@ -3,9 +3,7 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroupIngress/Properties" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/aws_types.json deleted file mode 100644 index 6cd6d0f38f..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/aws_types.json +++ /dev/null @@ -1,23 +0,0 @@ -[ - { - "op": "add", - "path": "/definitions/LaunchTemplateOverrides/properties/AvailabilityZone/awsType", - "value": [ - "AvailabilityZone" - ] - }, - { - "op": "add", - "path": "/definitions/SpotPlacement/properties/AvailabilityZone/awsType", - "value": [ - "AvailabilityZone" - ] - }, - { - "op": "add", - "path": "/definitions/SpotFleetRequestConfigData/properties/IamFleetRole/awsType", - "value": [ - "IamRoleArn" - ] - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/cfn_lint.json new file mode 100644 index 0000000000..5935938309 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_spotfleet/cfn_lint.json @@ -0,0 +1,30 @@ +[ + { + "op": "add", + "path": "/definitions/LaunchTemplateOverrides/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone" + ] + }, + { + "op": "add", + "path": "/definitions/SpotPlacement/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone" + ] + }, + { + "op": "add", + "path": "/definitions/SpotFleetRequestConfigData/properties/IamFleetRole/cfnLint", + "value": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole" + ] + }, + { + "op": "add", + "path": "/properties/ExecutionRoleArn/cfnLint", + "value": [ + "AWS::EC2::SpotFleet/Properties/ExecutionRoleArn" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/aws_types.json deleted file mode 100644 index d825ddebb0..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZone/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/cfn_lint.json new file mode 100644 index 0000000000..9aaca75095 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_subnet/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::EC2::Subnet/Properties/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/aws_types.json deleted file mode 100644 index d825ddebb0..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZone/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/cfn_lint.json new file mode 100644 index 0000000000..8ea49febd0 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_volume/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::EC2::Volume/Properties/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecr_repository/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ecr_repository/aws_types.json index a89b2f127b..36f1d55eaa 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecr_repository/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ecr_repository/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/RepositoryPolicyText/awsType", - "value": "IamResourceEcrPolicy" + "path": "/properties/RepositoryPolicyText/cfnLint", + "value": [ + "AWS::ECR::Repository/Properties/RepositoryPolicyText" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_service/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_service/cfn_lint.json index 2bca922dc1..15d4b107d3 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_service/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_service/cfn_lint.json @@ -3,7 +3,7 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_ecs_service/fargate" + "AWS::ECS::Service/Properties" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/aws_types.json deleted file mode 100644 index 36d4e1d72e..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/ExecutionRoleArn/awsType", - "value": "IamRoleArn" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/cfn_lint.json index a32ccb85d7..67745302d1 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ecs_taskdefinition/cfn_lint.json @@ -3,14 +3,21 @@ "op": "add", "path": "/definitions/LogConfiguration/cfnLint", "value": [ - "aws_ecs_taskdefinition/logging_configuration" + "AWS::ECS::TaskDefinition/Properties/ContainerDefinitions/LogConfiguration" ] }, { "op": "add", "path": "/properties/ContainerDefinitions/cfnLint", "value": [ - "aws_ecs_taskdefinition/containerdefinitions_essential" + "AWS::ECS::TaskDefinition/Properties/ContainerDefinitions" + ] + }, + { + "op": "add", + "path": "/properties/ExecutionRoleArn/cfnLint", + "value": [ + "AWS::ECS::TaskDefinition/Properties/ExecutionRoleArn" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticache_cachecluster/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticache_cachecluster/cfn_lint.json index e7015193c1..cd2708fc8e 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticache_cachecluster/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticache_cachecluster/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/properties/CacheNodeType/cfnLint", - "value": "aws_elasticache_cachecluster/cachenodetype_enum" + "value": "AWS::ElastiCache::CacheCluster/Properties/CacheNodeType" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/aws_types.json deleted file mode 100644 index 93a018eabb..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/aws_types.json +++ /dev/null @@ -1,12 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZones/awsType", - "value": "AvailabilityZones" - }, - { - "op": "add", - "path": "/properties/AvailabilityZones/items/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/cfn_lint.json new file mode 100644 index 0000000000..706f59b0e1 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancing_loadbalancer/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/properties/AvailabilityZones/cfnLint", + "value": [ + "AWS::ElasticLoadBalancing::LoadBalancer/Properties/AvailabilityZones" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/aws_types.json deleted file mode 100644 index c5a9e2fa44..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/definitions/TargetDescription/properties/AvailabilityZone/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/cfn_lint.json new file mode 100644 index 0000000000..7e6effb3ec --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticloadbalancingv2_targetgroup/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/definitions/TargetDescription/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::ElasticLoadBalancingV2::TargetGroup/Properties/Targets/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticsearch_domain/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticsearch_domain/cfn_lint.json index 18acca1562..b84a89efa4 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticsearch_domain/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_elasticsearch_domain/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/definitions/ElasticsearchClusterConfig/properties/InstanceType/cfnLint", - "value": "aws_elasticsearch_domain/elasticsearchclusterconfig_instancetype_enum" + "value": "AWS::Elasticsearch::Domain/Properties/ElasticsearchClusterConfig/InstanceType" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/aws_types.json deleted file mode 100644 index 307dc9ef55..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/definitions/PlacementType/properties/AvailabilityZone/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/cfn_lint.json index 95173ce18c..f224678535 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_emr_cluster/cfn_lint.json @@ -2,6 +2,16 @@ { "op": "add", "path": "/definitions/InstanceTypeConfig/properties/InstanceType/cfnLint", - "value": "aws_emr_cluster/instancetypeconfig_instancetype_enum" + "value": [ + "AWS::EMR::Cluster/Properties/CoreInstanceFleet/InstanceTypeConfigs/InstanceType", + "AWS::EMR::Cluster/Properties/TaskInstanceFleets/InstanceTypeConfigs/InstanceType", + "AWS::EMR::Cluster/Properties/CoreInstanceGroup/InstanceType", + "AWS::EMR::Cluster/Properties/TaskInstanceGroups/InstanceType" + ] + }, + { + "op": "add", + "path": "/definitions/PlacementType/properties/AvailabilityZone/cfnLint", + "value": "AWS::EMR::Cluster/Properties/Instances/Placement/AvailabilityZone" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_gamelift_fleet/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_gamelift_fleet/cfn_lint.json index c97fc82e83..658edf7a29 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_gamelift_fleet/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_gamelift_fleet/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/properties/EC2InstanceType/cfnLint", - "value": "aws_gamelift_fleet/ec2instancetype_enum" + "value": "AWS::GameLift::Fleet/EC2InstanceType" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/aws_types.json deleted file mode 100644 index 5cb9d87518..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/definitions/PhysicalConnectionRequirements/properties/AvailabilityZone/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/cfn_lint.json new file mode 100644 index 0000000000..cbfeacaa66 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_glue_connection/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/definitions/PhysicalConnectionRequirements/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::Glue::Connection/Properties/ConnectionInput/PhysicalConnectionRequirements/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_group/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_group/aws_types.json index 21d391d01e..75f64756eb 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_group/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_group/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/definitions/Policy/properties/PolicyDocument/awsType", - "value": "IamIdentityPolicy" + "path": "/definitions/Policy/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::IAM::Group/Properties/Policies/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_managedpolicy/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_managedpolicy/aws_types.json index 9240c820cf..a79476fef4 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_managedpolicy/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_managedpolicy/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/PolicyDocument/awsType", - "value": "IamIdentityPolicy" + "path": "/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::IAM::ManagedPolicy/Properties/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_policy/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_policy/aws_types.json index 9240c820cf..3472e8d65a 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_policy/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_policy/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/PolicyDocument/awsType", - "value": "IamIdentityPolicy" + "path": "/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::IAM::Policy/Properties/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_role/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_role/aws_types.json index 21d391d01e..fc3b23d4ea 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_role/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_role/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/definitions/Policy/properties/PolicyDocument/awsType", - "value": "IamIdentityPolicy" + "path": "/definitions/Policy/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::IAM::Role/Properties/Policies/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_user/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_user/aws_types.json index 21d391d01e..8b90cca2a4 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_user/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_iam_user/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/definitions/Policy/properties/PolicyDocument/awsType", - "value": "IamIdentityPolicy" + "path": "/definitions/Policy/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::IAM::User/Properties/Policies/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_kinesis_stream/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_kinesis_stream/cfn_lint.json new file mode 100644 index 0000000000..cd86a70a4b --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_kinesis_stream/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/cfnLint", + "value": [ + "AWS::Kinesis::Stream/Properties" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_kms_key/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_kms_key/aws_types.json index ee94fc6674..7c08cc5b39 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_kms_key/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_kms_key/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/KeyPolicy/awsType", - "value": "IamResourcePolicy" + "path": "/properties/KeyPolicy/cfnLint", + "value": [ + "AWS::KMS::Key/Properties/KeyPolicy" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_eventsourcemapping/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_eventsourcemapping/cfn_lint.json index df1ba3bf35..ccec3805a4 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_eventsourcemapping/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_eventsourcemapping/cfn_lint.json @@ -3,8 +3,7 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive", - "aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive" + "AWS::Lambda::EventSourceMapping/Properties" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_function/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_function/cfn_lint.json index ff7fa855cd..58926d6ee0 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_function/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_lambda_function/cfn_lint.json @@ -3,13 +3,12 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_lambda_function/zipfile_runtime_exists", - "aws_lambda_function/zipfile_runtime_enum" + "AWS::Lambda::Function/Properties" ] }, { "op": "add", "path": "/properties/Runtime/cfnLint", - "value": "aws_lambda_function/runtime" + "value": "AWS::Lambda::Function/Properties/Runtime" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_managedblockchain_node/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_managedblockchain_node/cfn_lint.json index 158ecb196c..e4a831a8fe 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_managedblockchain_node/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_managedblockchain_node/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/definitions/NodeConfiguration/properties/InstanceType/cfnLint", - "value": "aws_managedblockchain_node/nodeconfiguration_instancetype_enum" + "value": "AWS::ManagedBlockchain::Node/Properties/NodeConfiguration/InstanceType" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_neptune_dbinstance/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_neptune_dbinstance/cfn_lint.json index 4f3e91e3c0..da2a25d387 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_neptune_dbinstance/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_neptune_dbinstance/cfn_lint.json @@ -2,6 +2,6 @@ { "op": "add", "path": "/properties/DBInstanceClass/cfnLint", - "value": "aws_neptune_dbinstance/dbinstanceclass_enum" + "value": "AWS::Neptune::DBInstance/Properties/DBInstanceClass" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_opensearchservice_domain/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_opensearchservice_domain/aws_types.json index 476277f925..8a6b34245d 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_opensearchservice_domain/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_opensearchservice_domain/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/AccessPolicies/awsType", - "value": "IamResourcePolicy" + "path": "/properties/AccessPolicies/cfnLint", + "value": [ + "AWS::OpenSearchService::Domain/Properties/AccessPolicies" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/aws_types.json deleted file mode 100644 index d825ddebb0..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZone/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/cfn_lint.json new file mode 100644 index 0000000000..2a8ba7be6e --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_opsworks_instance/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/aws_types.json deleted file mode 100644 index 93a018eabb..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/aws_types.json +++ /dev/null @@ -1,12 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZones/awsType", - "value": "AvailabilityZones" - }, - { - "op": "add", - "path": "/properties/AvailabilityZones/items/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/cfn_lint.json index cdfb34a48c..282cf3c913 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbcluster/cfn_lint.json @@ -3,7 +3,14 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_rds_dbcluster/serverless_exclusive" + "AWS::RDS::DBCluster/Properties" + ] + }, + { + "op": "add", + "path": "/properties/AvailabilityZones/cfnLint", + "value": [ + "AWS::RDS::DBCluster/Properties/AvailabilityZones" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/aws_types.json deleted file mode 100644 index d825ddebb0..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/properties/AvailabilityZone/awsType", - "value": "AvailabilityZone" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/cfn_lint.json index 0f1e2f08ca..9b97395ec5 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_rds_dbinstance/cfn_lint.json @@ -3,9 +3,14 @@ "op": "add", "path": "/cfnLint", "value": [ - "aws_rds_dbinstance/aurora_exclusive", - "aws_rds_dbinstance/backupretentionperiod", - "aws_rds_dbinstance/dbinstanceclass_enum" + "AWS::RDS::DBInstance/Properties" + ] + }, + { + "op": "add", + "path": "/properties/AvailabilityZone/cfnLint", + "value": [ + "AWS::RDS::DBInstance/Properties/AvailabilityZone" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_redshift_cluster/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_redshift_cluster/cfn_lint.json index a698fcd495..2e6ffc4ac1 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_redshift_cluster/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_redshift_cluster/cfn_lint.json @@ -2,6 +2,11 @@ { "op": "add", "path": "/properties/NodeType/cfnLint", - "value": "aws_redshift_cluster/nodetype_enum" + "value": "AWS::Redshift::Cluster/Properties/NodeType" + }, + { + "op": "add", + "path": "/cfnLint", + "value": "AWS::Redshift::Cluster/Properties" } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_route53_healthcheck/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_route53_healthcheck/cfn_lint.json index 230a0ba301..b3fd8522c6 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_route53_healthcheck/cfn_lint.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_route53_healthcheck/cfn_lint.json @@ -3,7 +3,7 @@ "op": "add", "path": "/properties/HealthCheckConfig/cfnLint", "value": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/aws_types.json deleted file mode 100644 index 74ae885076..0000000000 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/aws_types.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - { - "op": "add", - "path": "/definitions/ReplicationConfiguration/properties/Role/awsType", - "value": "IamRoleArn" - } -] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/cfn_lint.json new file mode 100644 index 0000000000..f6c2e15b98 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucket/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/definitions/ReplicationConfiguration/properties/Role/cfnLint", + "value": [ + "AWS::S3::Bucket/Properties/ReplicationConfiguration/Role" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucketpolicy/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucketpolicy/aws_types.json index e6301e9849..55e43b2b15 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucketpolicy/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_s3_bucketpolicy/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/PolicyDocument/awsType", - "value": "IamResourcePolicy" + "path": "/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::S3::BucketPolicy/Properties/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_sns_topicpolicy/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_sns_topicpolicy/aws_types.json index e6301e9849..45efc75b1e 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_sns_topicpolicy/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_sns_topicpolicy/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/PolicyDocument/awsType", - "value": "IamResourcePolicy" + "path": "/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::SNS::TopicPolicy/Properties/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queue/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queue/cfn_lint.json new file mode 100644 index 0000000000..e60f7c4608 --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queue/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/cfnLint", + "value": [ + "AWS::SQS::Queue/Properties" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queuepolicy/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queuepolicy/aws_types.json index e6301e9849..b80c3d1159 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queuepolicy/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_sqs_queuepolicy/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/PolicyDocument/awsType", - "value": "IamResourcePolicy" + "path": "/properties/PolicyDocument/cfnLint", + "value": [ + "AWS::SQS::QueuePolicy/Properties/PolicyDocument" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_sso_permissionset/aws_types.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_sso_permissionset/aws_types.json index 19ab80b816..e755bdeb31 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_sso_permissionset/aws_types.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_sso_permissionset/aws_types.json @@ -1,7 +1,9 @@ [ { "op": "add", - "path": "/properties/InlinePolicy/awsType", - "value": "IamIdentityPolicy" + "path": "/properties/InlinePolicy/cfnLint", + "value": [ + "AWS::SSO::PermissionSet/Properties/InlinePolicy" + ] } ] diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_synthetics_canary/__init__.py b/src/cfnlint/data/schemas/patches/extensions/all/aws_synthetics_canary/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_synthetics_canary/cfn_lint.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_synthetics_canary/cfn_lint.json new file mode 100644 index 0000000000..2b875848ae --- /dev/null +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_synthetics_canary/cfn_lint.json @@ -0,0 +1,9 @@ +[ + { + "op": "add", + "path": "/cfnLint", + "value": [ + "AWS::Synthetics::Canary/Properties" + ] + } +] diff --git a/src/cfnlint/data/schemas/patches/providers/all/aws_cognito_userpoolidentityprovider/__init__.py b/src/cfnlint/data/schemas/patches/providers/all/aws_cognito_userpoolidentityprovider/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/src/cfnlint/data/schemas/patches/providers/all/aws_cognito_userpoolidentityprovider/readonlyproperties.json b/src/cfnlint/data/schemas/patches/providers/all/aws_cognito_userpoolidentityprovider/readonlyproperties.json new file mode 100644 index 0000000000..3852960c0a --- /dev/null +++ b/src/cfnlint/data/schemas/patches/providers/all/aws_cognito_userpoolidentityprovider/readonlyproperties.json @@ -0,0 +1,13 @@ +[ + { + "op": "test", + "path": "/readOnlyProperties", + "value": [ + "/properties/ProviderDetails/ActiveEncryptionCertificate" + ] + }, + { + "op": "remove", + "path": "/readOnlyProperties" + } +] diff --git a/src/cfnlint/data/schemas/providers/af_south_1/__init__.py b/src/cfnlint/data/schemas/providers/af_south_1/__init__.py index 3df64cac97..e6c3aea06b 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/af_south_1/__init__.py @@ -4,6 +4,7 @@ types = [ "AWS::CDK::Metadata", "AWS::ApiGatewayV2::Integration", + "AWS::Connect::UserHierarchyGroup", "AWS::ApiGatewayV2::ApiMapping", "AWS::CE::AnomalySubscription", "AWS::Shield::DRTAccess", @@ -142,12 +143,14 @@ "AWS::EventSchemas::Discoverer", "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::ApiGateway::RestApi", "AWS::OpsWorks::ElasticLoadBalancerAttachment", "AWS::AppMesh::VirtualService", "AWS::S3ObjectLambda::AccessPointPolicy", "AWS::NetworkManager::TransitGatewayRegistration", + "AWS::InspectorV2::Filter", "AWS::ElastiCache::ReplicationGroup", "AWS::StepFunctions::StateMachineAlias", "AWS::Cognito::UserPoolResourceServer", @@ -167,6 +170,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -303,6 +307,7 @@ "AWS::EKS::Cluster", "AWS::CodeBuild::Project", "AWS::EFS::FileSystem", + "AWS::Connect::QuickConnect", "AWS::Logs::QueryDefinition", "AWS::IAM::InstanceProfile", "AWS::DataSync::LocationNFS", @@ -515,6 +520,7 @@ "AWS::RDS::OptionGroup", "AWS::OpsWorks::UserProfile", "AWS::Glue::Schema", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::CustomerProfiles::Domain", "AWS::IoT::Policy", @@ -538,6 +544,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", "AWS::Lambda::Permission", @@ -752,6 +759,7 @@ "AWS::Batch::JobQueue", "AWS::ElasticLoadBalancingV2::Listener", "AWS::Redshift::EventSubscription", + "AWS::Connect::User", "AWS::CloudFormation::WaitConditionHandle", "AWS::GlobalAccelerator::Accelerator", "AWS::EKS::Addon", @@ -760,6 +768,7 @@ # pylint: disable=too-many-lines cached: List[str] = [ "aws-apigatewayv2-integration.json", + "aws-connect-userhierarchygroup.json", "aws-apigatewayv2-apimapping.json", "aws-ce-anomalysubscription.json", "aws-shield-drtaccess.json", @@ -769,10 +778,10 @@ "aws-shield-proactiveengagement.json", "aws-apigateway-basepathmapping.json", "aws-s3-accessgrantslocation.json", + "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-ec2-localgatewayroutetablevpcassociation.json", "aws-config-organizationconfigrule.json", @@ -859,6 +868,7 @@ "aws-events-archive.json", "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-cloudformation-moduleversion.json", @@ -879,12 +889,14 @@ "aws-customerprofiles-integration.json", "aws-eventschemas-discoverer.json", "aws-elasticache-usergroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-apigateway-restapi.json", "aws-opsworks-elasticloadbalancerattachment.json", "aws-appmesh-virtualservice.json", "aws-s3objectlambda-accesspointpolicy.json", "aws-networkmanager-transitgatewayregistration.json", + "aws-inspectorv2-filter.json", "aws-elasticache-replicationgroup.json", "aws-stepfunctions-statemachinealias.json", "aws-rds-globalcluster.json", @@ -901,11 +913,11 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-ssm-document.json", @@ -952,7 +964,6 @@ "aws-xray-resourcepolicy.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-cloudfront-publickey.json", @@ -1026,6 +1037,7 @@ "aws-eks-cluster.json", "aws-codebuild-project.json", "aws-efs-filesystem.json", + "aws-connect-quickconnect.json", "aws-logs-querydefinition.json", "aws-iam-instanceprofile.json", "aws-datasync-locationnfs.json", @@ -1173,7 +1185,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", "aws-oam-link.json", @@ -1224,6 +1235,7 @@ "aws-rds-optiongroup.json", "aws-opsworks-userprofile.json", "aws-glue-schema.json", + "aws-logs-delivery.json", "aws-customerprofiles-domain.json", "aws-ssm-maintenancewindow.json", "aws-lakeformation-tagassociation.json", @@ -1243,6 +1255,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", "aws-lambda-permission.json", @@ -1401,7 +1414,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", @@ -1429,6 +1441,8 @@ "aws-batch-jobqueue.json", "aws-elasticloadbalancingv2-listener.json", "aws-redshift-eventsubscription.json", + "aws-connect-user.json", "aws-cloudformation-waitconditionhandle.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-cloudfront-distribution.json similarity index 99% rename from src/cfnlint/data/schemas/providers/ca_west_1/aws-cloudfront-distribution.json rename to src/cfnlint/data/schemas/providers/af_south_1/aws-cloudfront-distribution.json index 7e98b52b2d..75bb25b92e 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-cloudfront-distribution.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-cloudfront-distribution.json @@ -413,7 +413,6 @@ "$ref": "#/definitions/OriginGroups" }, "Origins": { - "insertionOrder": false, "items": { "$ref": "#/definitions/Origin" }, diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-cognito-userpoolidentityprovider.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-cognito-userpoolidentityprovider.json index 51f43c7c2b..47806c7cb2 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-cognito-userpoolidentityprovider.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-cognito-userpoolidentityprovider.json @@ -88,9 +88,6 @@ "type": "string" } }, - "readOnlyProperties": [ - "/properties/ProviderDetails/ActiveEncryptionCertificate" - ], "required": [ "UserPoolId", "ProviderName", diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-dynamodb-globaltable.json similarity index 98% rename from src/cfnlint/data/schemas/providers/cn_north_1/aws-dynamodb-globaltable.json rename to src/cfnlint/data/schemas/providers/af_south_1/aws-dynamodb-globaltable.json index d9e133125d..7e1a23d878 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-dynamodb-globaltable.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-dynamodb-globaltable.json @@ -122,13 +122,6 @@ "KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "enum": [ - "MICROSECOND", - "MILLISECOND" - ], - "type": "string" - }, "StreamArn": { "type": "string" } @@ -472,7 +465,6 @@ "dynamodb:EnableKinesisStreamingDestination", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:UpdateTableReplicaAutoScaling", - "dynamodb:UpdateKinesisStreamingDestination", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-dynamodb-table.json similarity index 97% rename from src/cfnlint/data/schemas/providers/cn_north_1/aws-dynamodb-table.json rename to src/cfnlint/data/schemas/providers/af_south_1/aws-dynamodb-table.json index 94d8c7e991..aacbc7f216 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-dynamodb-table.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-dynamodb-table.json @@ -1,7 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_dynamodb_table/billingmode_exclusive" + "AWS::DynamoDB::Table/Properties" ], "createOnlyProperties": [ "/properties/TableName", @@ -169,13 +169,6 @@ "KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "enum": [ - "MICROSECOND", - "MILLISECOND" - ], - "type": "string" - }, "StreamArn": { "type": "string" } @@ -411,7 +404,6 @@ "dynamodb:UpdateTimeToLive", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", - "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:ListTagsOfResource", diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-guardduty-filter.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-guardduty-filter.json deleted file mode 100644 index 0c0c488266..0000000000 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-guardduty-filter.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DetectorId", - "/properties/Name" - ], - "definitions": { - "Condition": { - "additionalProperties": false, - "properties": { - "Eq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Equals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "GreaterThan": { - "type": "integer" - }, - "GreaterThanOrEqual": { - "type": "integer" - }, - "Gt": { - "type": "integer" - }, - "Gte": { - "type": "integer" - }, - "LessThan": { - "type": "integer" - }, - "LessThanOrEqual": { - "type": "integer" - }, - "Lt": { - "type": "integer" - }, - "Lte": { - "type": "integer" - }, - "Neq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "NotEquals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "type": "object" - }, - "ItemType": { - "$ref": "#/definitions/Condition" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::GuardDuty::Filter", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Action": { - "enum": [ - "NOOP", - "ARCHIVE" - ], - "type": "string" - }, - "Description": { - "type": "string" - }, - "DetectorId": { - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/FindingCriteria" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "Rank": { - "type": "integer" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Action", - "Description", - "DetectorId", - "FindingCriteria", - "Rank", - "Name" - ], - "typeName": "AWS::GuardDuty::Filter" -} diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-redshift-cluster.json index c29bc2abdf..c475c20974 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -279,7 +280,7 @@ "type": "boolean" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/af_south_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py index 5656912034..5c6711156f 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py @@ -541,6 +541,7 @@ "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -866,6 +867,7 @@ "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", "aws-opsworks-instance.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-cloudformation-moduleversion.json", @@ -918,7 +920,6 @@ "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-ssm-document.json", @@ -1187,7 +1188,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", "aws-oam-link.json", @@ -1260,6 +1260,7 @@ "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-secretsmanager-rotationschedule.json", "aws-lambda-permission.json", @@ -1422,7 +1423,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_east_1/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-docdb-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-docdb-dbcluster.json index e4fe252a86..b6ad9fa0c9 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/aws-docdb-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-docdb-dbcluster.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::DocDB::DBCluster/Properties" + ], "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/SnapshotIdentifier", diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-redshift-cluster.json index c29bc2abdf..c475c20974 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -279,7 +280,7 @@ "type": "boolean" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py index 64fa4f5a83..099e260517 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py @@ -306,6 +306,7 @@ "AWS::GuardDuty::Member", "AWS::CloudFormation::CustomResource", "AWS::FIS::TargetAccountConfiguration", + "AWS::Glue::TableOptimizer", "AWS::RefactorSpaces::Route", "AWS::NimbleStudio::LaunchProfile", "AWS::KinesisAnalytics::ApplicationOutput", @@ -1402,7 +1403,6 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", @@ -1449,6 +1449,7 @@ "aws-guardduty-member.json", "aws-cloudformation-customresource.json", "aws-fis-targetaccountconfiguration.json", + "aws-glue-tableoptimizer.json", "aws-refactorspaces-route.json", "aws-nimblestudio-launchprofile.json", "aws-kinesisanalytics-applicationoutput.json", @@ -1463,7 +1464,6 @@ "aws-connect-securityprofile.json", "aws-codedeploy-deploymentgroup.json", "aws-amplifyuibuilder-component.json", - "aws-location-trackerconsumer.json", "aws-vpclattice-servicenetwork.json", "aws-sagemaker-inferenceexperiment.json", "aws-cloudformation-stackset.json", @@ -1872,6 +1872,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-supportapp-slackworkspaceconfiguration.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", @@ -1940,6 +1941,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1990,7 +1992,6 @@ "aws-cognito-userpoolidentityprovider.json", "aws-appstream-stackuserassociation.json", "aws-resiliencehub-resiliencypolicy.json", - "aws-location-tracker.json", "aws-iot-dimension.json", "aws-logs-loggroup.json", "aws-evidently-experiment.json", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-map.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-map.json index 89acc99120..63287b3b63 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-map.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-map.json @@ -50,14 +50,14 @@ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 128, "minLength": 1, - "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "pattern": "^[a-zA-Z+-=._:/]+$", "type": "string" }, "Value": { "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, "minLength": 0, - "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", "type": "string" } }, diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-tracker.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-tracker.json new file mode 100644 index 0000000000..dff6b9e9f6 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-tracker.json @@ -0,0 +1,191 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/KmsKeyId", + "/properties/TrackerName" + ], + "definitions": { + "PositionFiltering": { + "enum": [ + "TimeBased", + "DistanceBased", + "AccuracyBased" + ], + "type": "string" + }, + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::Tracker Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateTracker", + "geo:DescribeTracker", + "geo:TagResource", + "geo:UntagResource", + "kms:DescribeKey", + "kms:CreateGrant" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteTracker", + "geo:DescribeTracker" + ] + }, + "list": { + "permissions": [ + "geo:ListTrackers" + ] + }, + "read": { + "permissions": [ + "geo:DescribeTracker", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "geo:CreateTracker", + "geo:DescribeTracker", + "geo:TagResource", + "geo:UntagResource", + "kms:DescribeKey", + "kms:CreateGrant", + "geo:UpdateTracker" + ] + } + }, + "primaryIdentifier": [ + "/properties/TrackerName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "EventBridgeEnabled": { + "type": "boolean" + }, + "KmsKeyEnableGeospatialQueries": { + "type": "boolean" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PositionFiltering": { + "$ref": "#/definitions/PositionFiltering" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "TrackerArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "TrackerName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CreateTime", + "/properties/Arn", + "/properties/TrackerArn", + "/properties/UpdateTime" + ], + "required": [ + "TrackerName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::Tracker" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-trackerconsumer.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-trackerconsumer.json new file mode 100644 index 0000000000..8ee7f91b35 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-location-trackerconsumer.json @@ -0,0 +1,60 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/TrackerName", + "/properties/ConsumerArn" + ], + "description": "Definition of AWS::Location::TrackerConsumer Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:AssociateTrackerConsumer", + "geo:ListTrackerConsumers" + ] + }, + "delete": { + "permissions": [ + "geo:DisassociateTrackerConsumer", + "geo:ListTrackerConsumers" + ] + }, + "list": { + "permissions": [ + "geo:ListTrackerConsumers" + ] + }, + "read": { + "permissions": [ + "geo:ListTrackerConsumers" + ] + } + }, + "primaryIdentifier": [ + "/properties/TrackerName", + "/properties/ConsumerArn" + ], + "properties": { + "ConsumerArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "TrackerName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + } + }, + "required": [ + "ConsumerArn", + "TrackerName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::Location::TrackerConsumer" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py b/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py index 1ab212d916..4133db8e3e 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py @@ -6,6 +6,7 @@ "AWS::CleanRooms::ConfiguredTableAssociation", "AWS::ApiGatewayV2::Integration", "AWS::Pinpoint::App", + "AWS::Connect::UserHierarchyGroup", "AWS::ApiGatewayV2::ApiMapping", "AWS::CE::AnomalySubscription", "AWS::Shield::DRTAccess", @@ -191,6 +192,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -225,6 +227,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -278,6 +281,7 @@ "AWS::GroundStation::MissionProfile", "AWS::CloudFormation::CustomResource", "AWS::FIS::TargetAccountConfiguration", + "AWS::Glue::TableOptimizer", "AWS::RefactorSpaces::Route", "AWS::KinesisAnalytics::ApplicationOutput", "AWS::WAFv2::RuleGroup", @@ -397,6 +401,7 @@ "AWS::AppConfig::ConfigurationProfile", "AWS::ManagedBlockchain::Node", "AWS::Route53Resolver::FirewallRuleGroup", + "AWS::DocDBElastic::Cluster", "AWS::MSK::Configuration", "AWS::EC2::TransitGateway", "AWS::Cognito::UserPoolGroup", @@ -410,6 +415,7 @@ "AWS::EFS::FileSystem", "AWS::Pinpoint::APNSVoipSandboxChannel", "AWS::Config::OrganizationConformancePack", + "AWS::Connect::QuickConnect", "AWS::Logs::QueryDefinition", "AWS::IAM::InstanceProfile", "AWS::IoT::BillingGroup", @@ -697,6 +703,7 @@ "AWS::Glue::Schema", "AWS::DataZone::Environment", "AWS::DocDB::DBSubnetGroup", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::CustomerProfiles::Domain", "AWS::IoT::Policy", @@ -734,6 +741,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1028,6 +1036,7 @@ "AWS::ElasticLoadBalancingV2::Listener", "AWS::Redshift::EventSubscription", "AWS::IoTFleetHub::Application", + "AWS::Connect::User", "AWS::SSMContacts::ContactChannel", "AWS::MemoryDB::ACL", "AWS::CloudFormation::WaitConditionHandle", @@ -1040,6 +1049,7 @@ cached: List[str] = [ "aws-cleanrooms-configuredtableassociation.json", "aws-apigatewayv2-integration.json", + "aws-connect-userhierarchygroup.json", "aws-apigatewayv2-apimapping.json", "aws-ce-anomalysubscription.json", "aws-shield-drtaccess.json", @@ -1051,11 +1061,11 @@ "aws-apigateway-basepathmapping.json", "aws-wafregional-geomatchset.json", "aws-s3-accessgrantslocation.json", + "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-servicecatalog-portfolioprincipalassociation.json", "aws-ram-resourceshare.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-amazonmq-configurationassociation.json", "aws-wafregional-ipset.json", "aws-redshiftserverless-namespace.json", @@ -1141,7 +1151,6 @@ "aws-route53-recordset.json", "aws-mediastore-container.json", "aws-eks-accessentry.json", - "aws-amplifyuibuilder-form.json", "aws-ivs-streamkey.json", "aws-elasticache-securitygroup.json", "aws-backup-framework.json", @@ -1220,6 +1229,7 @@ "aws-networkmanager-connectpeer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1253,6 +1263,7 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", @@ -1260,7 +1271,6 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-greengrass-subscriptiondefinition.json", @@ -1304,6 +1314,7 @@ "aws-groundstation-missionprofile.json", "aws-cloudformation-customresource.json", "aws-fis-targetaccountconfiguration.json", + "aws-glue-tableoptimizer.json", "aws-refactorspaces-route.json", "aws-kinesisanalytics-applicationoutput.json", "aws-sagemaker-modelpackagegroup.json", @@ -1313,7 +1324,6 @@ "aws-glue-classifier.json", "aws-connect-securityprofile.json", "aws-codedeploy-deploymentgroup.json", - "aws-amplifyuibuilder-component.json", "aws-sagemaker-inferenceexperiment.json", "aws-cloudformation-stackset.json", "aws-ec2-route.json", @@ -1327,7 +1337,6 @@ "aws-servicecatalog-launchtemplateconstraint.json", "aws-devopsguru-resourcecollection.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "alexa-ask-skill.json", "aws-pinpoint-eventstream.json", "aws-imagebuilder-distributionconfiguration.json", @@ -1430,6 +1439,7 @@ "aws-efs-filesystem.json", "aws-pinpoint-apnsvoipsandboxchannel.json", "aws-config-organizationconformancepack.json", + "aws-connect-quickconnect.json", "aws-logs-querydefinition.json", "aws-iam-instanceprofile.json", "aws-iot-billinggroup.json", @@ -1533,7 +1543,6 @@ "aws-iam-grouppolicy.json", "aws-scheduler-schedule.json", "aws-waf-bytematchset.json", - "aws-amplifyuibuilder-theme.json", "aws-emrserverless-application.json", "aws-ec2-host.json", "aws-forecast-datasetgroup.json", @@ -1636,7 +1645,6 @@ "aws-transfer-agreement.json", "aws-lightsail-certificate.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1708,6 +1716,7 @@ "aws-glue-schema.json", "aws-datazone-environment.json", "aws-docdb-dbsubnetgroup.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-customerprofiles-domain.json", "aws-iot-policy.json", @@ -1745,6 +1754,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1762,6 +1772,7 @@ "aws-ec2-egressonlyinternetgateway.json", "aws-config-conformancepack.json", "aws-ec2-vpccidrblock.json", + "aws-aps-workspace.json", "aws-gamelift-script.json", "aws-iam-virtualmfadevice.json", "aws-ec2-networkinsightspath.json", @@ -1862,6 +1873,7 @@ "aws-ec2-transitgatewayvpcattachment.json", "aws-ec2-flowlog.json", "aws-events-endpoint.json", + "aws-amazonmq-broker.json", "aws-emr-step.json", "aws-cleanrooms-collaboration.json", "aws-ssm-association.json", @@ -1981,7 +1993,6 @@ "aws-s3-storagelens.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-pinpoint-voicechannel.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", @@ -2024,9 +2035,11 @@ "aws-elasticloadbalancingv2-listener.json", "aws-redshift-eventsubscription.json", "aws-iotfleethub-application.json", + "aws-connect-user.json", "aws-ssmcontacts-contactchannel.json", "aws-memorydb-acl.json", "aws-cloudformation-waitconditionhandle.json", "aws-pinpoint-smstemplate.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amazonmq-broker.json deleted file mode 100644 index b71851eb27..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amazonmq-broker.json +++ /dev/null @@ -1,341 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/BrokerName", - "/properties/StorageType", - "/properties/DeploymentMode", - "/properties/EngineType", - "/properties/SubnetIds", - "/properties/AuthenticationStrategy", - "/properties/EncryptionOptions", - "/properties/PubliclyAccessible" - ], - "definitions": { - "ConfigurationId": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - }, - "Revision": { - "type": "integer" - } - }, - "required": [ - "Revision", - "Id" - ], - "type": "object" - }, - "EncryptionOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "type": "string" - }, - "UseAwsOwnedKey": { - "type": "boolean" - } - }, - "required": [ - "UseAwsOwnedKey" - ], - "type": "object" - }, - "LdapServerMetadata": { - "additionalProperties": false, - "properties": { - "Hosts": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleBase": { - "type": "string" - }, - "RoleName": { - "type": "string" - }, - "RoleSearchMatching": { - "type": "string" - }, - "RoleSearchSubtree": { - "type": "boolean" - }, - "ServiceAccountPassword": { - "type": "string" - }, - "ServiceAccountUsername": { - "type": "string" - }, - "UserBase": { - "type": "string" - }, - "UserRoleName": { - "type": "string" - }, - "UserSearchMatching": { - "type": "string" - }, - "UserSearchSubtree": { - "type": "boolean" - } - }, - "required": [ - "Hosts", - "UserSearchMatching", - "UserBase", - "RoleSearchMatching", - "ServiceAccountUsername", - "RoleBase", - "ServiceAccountPassword" - ], - "type": "object" - }, - "LogList": { - "additionalProperties": false, - "properties": { - "Audit": { - "type": "boolean" - }, - "General": { - "type": "boolean" - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "additionalProperties": false, - "properties": { - "DayOfWeek": { - "type": "string" - }, - "TimeOfDay": { - "type": "string" - }, - "TimeZone": { - "type": "string" - } - }, - "required": [ - "DayOfWeek", - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "User": { - "additionalProperties": false, - "properties": { - "ConsoleAccess": { - "type": "boolean" - }, - "Groups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Username", - "Password" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::AmazonMQ::Broker", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AmqpEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Arn": { - "type": "string" - }, - "AuthenticationStrategy": { - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "type": "boolean" - }, - "BrokerName": { - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/ConfigurationId" - }, - "ConfigurationId": { - "type": "string" - }, - "ConfigurationRevision": { - "type": "integer" - }, - "DataReplicationMode": { - "type": "string" - }, - "DataReplicationPrimaryBrokerArn": { - "type": "string" - }, - "DeploymentMode": { - "enum": [ - "SINGLE_INSTANCE", - "ACTIVE_STANDBY_MULTI_AZ", - "CLUSTER_MULTI_AZ" - ], - "type": "string" - }, - "EncryptionOptions": { - "$ref": "#/definitions/EncryptionOptions" - }, - "EngineType": { - "enum": [ - "ACTIVEMQ", - "RABBITMQ" - ], - "type": "string" - }, - "EngineVersion": { - "type": "string" - }, - "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", - "type": "string" - }, - "Id": { - "type": "string" - }, - "IpAddresses": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "LdapServerMetadata": { - "$ref": "#/definitions/LdapServerMetadata" - }, - "Logs": { - "$ref": "#/definitions/LogList" - }, - "MaintenanceWindowStartTime": { - "$ref": "#/definitions/MaintenanceWindow" - }, - "MqttEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "OpenWireEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "PubliclyAccessible": { - "type": "boolean" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StompEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StorageType": { - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "items": { - "$ref": "#/definitions/TagsEntry" - }, - "type": "array", - "uniqueItems": false - }, - "Users": { - "items": { - "$ref": "#/definitions/User" - }, - "type": "array", - "uniqueItems": false - }, - "WssEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/IpAddresses", - "/properties/Id", - "/properties/MqttEndpoints", - "/properties/OpenWireEndpoints", - "/properties/ConfigurationId", - "/properties/ConfigurationRevision", - "/properties/StompEndpoints", - "/properties/WssEndpoints", - "/properties/AmqpEndpoints", - "/properties/Arn" - ], - "required": [ - "EngineVersion", - "DeploymentMode", - "HostInstanceType", - "EngineType", - "AutoMinorVersionUpgrade", - "Users", - "PubliclyAccessible", - "BrokerName" - ], - "typeName": "AWS::AmazonMQ::Broker" -} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-component.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-component.json new file mode 100644 index 0000000000..7a6e22ebe4 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-component.json @@ -0,0 +1,567 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "ActionParameters": { + "additionalProperties": false, + "properties": { + "Anchor": { + "$ref": "#/definitions/ComponentProperty" + }, + "Fields": { + "$ref": "#/definitions/ComponentProperties" + }, + "Global": { + "$ref": "#/definitions/ComponentProperty" + }, + "Id": { + "$ref": "#/definitions/ComponentProperty" + }, + "Model": { + "type": "string" + }, + "State": { + "$ref": "#/definitions/MutationActionSetStateParameter" + }, + "Target": { + "$ref": "#/definitions/ComponentProperty" + }, + "Type": { + "$ref": "#/definitions/ComponentProperty" + }, + "Url": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentBindingProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentBindingPropertiesValue" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValue": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingPropertiesValueProperties" + }, + "DefaultValue": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValueProperties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "Field": { + "type": "string" + }, + "Key": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Predicates": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "UserAttribute": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentChild": { + "additionalProperties": false, + "properties": { + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "ComponentType": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Name": { + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + } + }, + "required": [ + "ComponentType", + "Name", + "Properties" + ], + "type": "object" + }, + "ComponentCollectionProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentDataConfiguration" + } + }, + "type": "object" + }, + "ComponentConditionProperty": { + "additionalProperties": false, + "properties": { + "Else": { + "$ref": "#/definitions/ComponentProperty" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "OperandType": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Then": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentDataConfiguration": { + "additionalProperties": false, + "properties": { + "Identifiers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Model": { + "type": "string" + }, + "Predicate": { + "$ref": "#/definitions/Predicate" + }, + "Sort": { + "items": { + "$ref": "#/definitions/SortProperty" + }, + "type": "array" + } + }, + "required": [ + "Model" + ], + "type": "object" + }, + "ComponentEvent": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/ActionParameters" + } + }, + "type": "object" + }, + "ComponentEvents": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentEvent" + } + }, + "type": "object" + }, + "ComponentOverrides": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentOverridesValue" + } + }, + "type": "object" + }, + "ComponentOverridesValue": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentProperty": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "Bindings": { + "$ref": "#/definitions/FormBindings" + }, + "CollectionBindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "ComponentName": { + "type": "string" + }, + "Concat": { + "items": { + "$ref": "#/definitions/ComponentProperty" + }, + "type": "array" + }, + "Condition": { + "$ref": "#/definitions/ComponentConditionProperty" + }, + "Configured": { + "type": "boolean" + }, + "DefaultValue": { + "type": "string" + }, + "Event": { + "type": "string" + }, + "ImportedValue": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Type": { + "type": "string" + }, + "UserAttribute": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentPropertyBindingProperties": { + "additionalProperties": false, + "properties": { + "Field": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Property" + ], + "type": "object" + }, + "ComponentVariant": { + "additionalProperties": false, + "properties": { + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "VariantValues": { + "$ref": "#/definitions/ComponentVariantValues" + } + }, + "type": "object" + }, + "ComponentVariantValues": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "FormBindingElement": { + "additionalProperties": false, + "properties": { + "Element": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Element", + "Property" + ], + "type": "object" + }, + "FormBindings": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FormBindingElement" + } + }, + "type": "object" + }, + "MutationActionSetStateParameter": { + "additionalProperties": false, + "properties": { + "ComponentName": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Set": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "required": [ + "ComponentName", + "Property", + "Set" + ], + "type": "object" + }, + "Predicate": { + "additionalProperties": false, + "properties": { + "And": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Or": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + } + }, + "type": "object" + }, + "SortDirection": { + "enum": [ + "ASC", + "DESC" + ], + "type": "string" + }, + "SortProperty": { + "additionalProperties": false, + "properties": { + "Direction": { + "$ref": "#/definitions/SortDirection" + }, + "Field": { + "type": "string" + } + }, + "required": [ + "Direction", + "Field" + ], + "type": "object" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Component Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:CreateComponent", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:DeleteComponent", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:ListComponents" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:UpdateComponent", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingProperties" + }, + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "CollectionProperties": { + "$ref": "#/definitions/ComponentCollectionProperties" + }, + "ComponentType": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + }, + "SchemaVersion": { + "type": "string" + }, + "SourceId": { + "type": "string" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Variants": { + "items": { + "$ref": "#/definitions/ComponentVariant" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "BindingProperties", + "ComponentType", + "Name", + "Overrides", + "Properties", + "Variants" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Component" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-form.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-form.json new file mode 100644 index 0000000000..673b10c7af --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-form.json @@ -0,0 +1,546 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "FieldConfig": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "InputType": { + "$ref": "#/definitions/FieldInputConfig" + }, + "Label": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Validations": { + "items": { + "$ref": "#/definitions/FieldValidationConfiguration" + }, + "type": "array" + } + }, + "type": "object" + }, + "FieldInputConfig": { + "additionalProperties": false, + "properties": { + "DefaultChecked": { + "type": "boolean" + }, + "DefaultCountryCode": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "DescriptiveText": { + "type": "string" + }, + "FileUploaderConfig": { + "$ref": "#/definitions/FileUploaderFieldConfig" + }, + "IsArray": { + "type": "boolean" + }, + "MaxValue": { + "type": "number" + }, + "MinValue": { + "type": "number" + }, + "Name": { + "type": "string" + }, + "Placeholder": { + "type": "string" + }, + "ReadOnly": { + "type": "boolean" + }, + "Required": { + "type": "boolean" + }, + "Step": { + "type": "number" + }, + "Type": { + "type": "string" + }, + "Value": { + "type": "string" + }, + "ValueMappings": { + "$ref": "#/definitions/ValueMappings" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldPosition": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Fixed": { + "$ref": "#/definitions/FixedPosition" + } + }, + "required": [ + "Fixed" + ], + "title": "Fixed", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "RightOf": { + "type": "string" + } + }, + "required": [ + "RightOf" + ], + "title": "RightOf", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Below": { + "type": "string" + } + }, + "required": [ + "Below" + ], + "title": "Below", + "type": "object" + } + ] + }, + "FieldValidationConfiguration": { + "additionalProperties": false, + "properties": { + "NumValues": { + "items": { + "type": "number" + }, + "type": "array" + }, + "StrValues": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Type": { + "type": "string" + }, + "ValidationMessage": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldsMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FieldConfig" + } + }, + "type": "object" + }, + "FileUploaderFieldConfig": { + "additionalProperties": false, + "properties": { + "AcceptedFileTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "AccessLevel": { + "$ref": "#/definitions/StorageAccessLevel" + }, + "IsResumable": { + "type": "boolean" + }, + "MaxFileCount": { + "type": "number" + }, + "MaxSize": { + "type": "number" + }, + "ShowThumbnails": { + "type": "boolean" + } + }, + "required": [ + "AcceptedFileTypes", + "AccessLevel" + ], + "type": "object" + }, + "FixedPosition": { + "enum": [ + "first" + ], + "type": "string" + }, + "FormActionType": { + "enum": [ + "create", + "update" + ], + "type": "string" + }, + "FormButton": { + "additionalProperties": false, + "properties": { + "Children": { + "type": "string" + }, + "Excluded": { + "type": "boolean" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + } + }, + "type": "object" + }, + "FormButtonsPosition": { + "enum": [ + "top", + "bottom", + "top_and_bottom" + ], + "type": "string" + }, + "FormCTA": { + "additionalProperties": false, + "properties": { + "Cancel": { + "$ref": "#/definitions/FormButton" + }, + "Clear": { + "$ref": "#/definitions/FormButton" + }, + "Position": { + "$ref": "#/definitions/FormButtonsPosition" + }, + "Submit": { + "$ref": "#/definitions/FormButton" + } + }, + "type": "object" + }, + "FormDataSourceType": { + "enum": [ + "DataStore", + "Custom" + ], + "type": "string" + }, + "FormDataTypeConfig": { + "additionalProperties": false, + "properties": { + "DataSourceType": { + "$ref": "#/definitions/FormDataSourceType" + }, + "DataTypeName": { + "type": "string" + } + }, + "required": [ + "DataSourceType", + "DataTypeName" + ], + "type": "object" + }, + "FormInputValueProperty": { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "FormStyle": { + "additionalProperties": false, + "properties": { + "HorizontalGap": { + "$ref": "#/definitions/FormStyleConfig" + }, + "OuterPadding": { + "$ref": "#/definitions/FormStyleConfig" + }, + "VerticalGap": { + "$ref": "#/definitions/FormStyleConfig" + } + }, + "type": "object" + }, + "FormStyleConfig": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "TokenReference": { + "type": "string" + } + }, + "required": [ + "TokenReference" + ], + "title": "TokenReference", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "required": [ + "Value" + ], + "title": "Value", + "type": "object" + } + ] + }, + "LabelDecorator": { + "enum": [ + "required", + "optional", + "none" + ], + "type": "string" + }, + "SectionalElement": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "Level": { + "type": "number" + }, + "Orientation": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Text": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "SectionalElementMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/SectionalElement" + } + }, + "type": "object" + }, + "StorageAccessLevel": { + "enum": [ + "public", + "protected", + "private" + ], + "type": "string" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ValueMapping": { + "additionalProperties": false, + "properties": { + "DisplayValue": { + "$ref": "#/definitions/FormInputValueProperty" + }, + "Value": { + "$ref": "#/definitions/FormInputValueProperty" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "ValueMappings": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/ValueMapping" + }, + "type": "array" + } + }, + "required": [ + "Values" + ], + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Form Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:CreateForm", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:DeleteForm", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:ListForms" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:UpdateForm", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "Cta": { + "$ref": "#/definitions/FormCTA" + }, + "DataType": { + "$ref": "#/definitions/FormDataTypeConfig" + }, + "EnvironmentName": { + "type": "string" + }, + "Fields": { + "$ref": "#/definitions/FieldsMap" + }, + "FormActionType": { + "$ref": "#/definitions/FormActionType" + }, + "Id": { + "type": "string" + }, + "LabelDecorator": { + "$ref": "#/definitions/LabelDecorator" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "SchemaVersion": { + "type": "string" + }, + "SectionalElements": { + "$ref": "#/definitions/SectionalElementMap" + }, + "Style": { + "$ref": "#/definitions/FormStyle" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "DataType", + "Fields", + "FormActionType", + "Name", + "SchemaVersion", + "SectionalElements", + "Style" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Form" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-theme.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-theme.json new file mode 100644 index 0000000000..3336f4d63a --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-amplifyuibuilder-theme.json @@ -0,0 +1,149 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ThemeValue": { + "additionalProperties": false, + "properties": { + "Children": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ThemeValues": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "$ref": "#/definitions/ThemeValue" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Theme Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:CreateTheme", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:DeleteTheme", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:ListThemes" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:UpdateTheme", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Values": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "Name", + "Values" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "taggable": true, + "typeName": "AWS::AmplifyUIBuilder::Theme" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-aps-workspace.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-aps-workspace.json deleted file mode 100644 index 911caeaf8c..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-aps-workspace.json +++ /dev/null @@ -1,166 +0,0 @@ -{ - "additionalProperties": false, - "definitions": { - "LoggingConfiguration": { - "additionalProperties": false, - "description": "Logging configuration", - "properties": { - "LogGroupArn": { - "description": "CloudWatch log group ARN", - "maxLength": 512, - "minLength": 0, - "type": "string" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::APS::Workspace", - "handlers": { - "create": { - "permissions": [ - "aps:CreateWorkspace", - "aps:DescribeWorkspace", - "aps:TagResource", - "aps:CreateAlertManagerDefinition", - "aps:DescribeAlertManagerDefinition", - "aps:CreateLoggingConfiguration", - "logs:CreateLogDelivery", - "logs:GetLogDelivery", - "logs:ListLogDeliveries", - "logs:PutResourcePolicy", - "kms:CreateGrant", - "kms:Decrypt", - "kms:GenerateDataKey" - ] - }, - "delete": { - "permissions": [ - "aps:DeleteWorkspace", - "aps:DescribeWorkspace", - "aps:DeleteAlertManagerDefinition", - "aps:DeleteLoggingConfiguration", - "logs:DeleteLogDelivery" - ] - }, - "list": { - "permissions": [ - "aps:ListWorkspaces", - "aps:ListTagsForResource" - ] - }, - "read": { - "permissions": [ - "aps:DescribeWorkspace", - "aps:ListTagsForResource", - "aps:DescribeAlertManagerDefinition", - "aps:DescribeLoggingConfiguration" - ] - }, - "update": { - "permissions": [ - "aps:UpdateWorkspaceAlias", - "aps:DescribeWorkspace", - "aps:TagResource", - "aps:UntagResource", - "aps:ListTagsForResource", - "aps:CreateAlertManagerDefinition", - "aps:PutAlertManagerDefinition", - "aps:DeleteAlertManagerDefinition", - "aps:CreateLoggingConfiguration", - "aps:DescribeLoggingConfiguration", - "aps:UpdateLoggingConfiguration", - "aps:DeleteLoggingConfiguration", - "logs:CreateLogDelivery", - "logs:GetLogDelivery", - "logs:UpdateLogDelivery", - "logs:ListLogDeliveries", - "logs:DeleteLogDelivery", - "logs:PutResourcePolicy" - ] - } - }, - "primaryIdentifier": [ - "/properties/Arn" - ], - "properties": { - "AlertManagerDefinition": { - "description": "The AMP Workspace alert manager definition data", - "type": "string" - }, - "Alias": { - "description": "AMP Workspace alias.", - "maxLength": 100, - "minLength": 0, - "type": "string" - }, - "Arn": { - "description": "Workspace arn.", - "maxLength": 128, - "minLength": 1, - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/LoggingConfiguration" - }, - "PrometheusEndpoint": { - "description": "AMP Workspace prometheus endpoint", - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - }, - "WorkspaceId": { - "description": "Required to identify a specific APS Workspace.", - "maxLength": 100, - "minLength": 1, - "pattern": "^[a-zA-Z0-9][a-zA-Z0-9_-]{1,99}$", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/WorkspaceId", - "/properties/Arn", - "/properties/PrometheusEndpoint" - ], - "required": [], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::APS::Workspace" -} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-docdbelastic-cluster.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-docdbelastic-cluster.json new file mode 100644 index 0000000000..4ce413361f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-docdbelastic-cluster.json @@ -0,0 +1,201 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/AdminUserName", + "/properties/AuthType", + "/properties/ClusterName", + "/properties/KmsKeyId" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "pattern": "^(?!aws:)[a-zA-Z+-=._:/]+$", + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "description": "The AWS::DocDBElastic::Cluster Amazon DocumentDB (with MongoDB compatibility) Elastic Scale resource describes a Cluster", + "handlers": { + "create": { + "permissions": [ + "docdb-elastic:CreateCluster", + "docdb-elastic:TagResource", + "docdb-elastic:GetCluster", + "docdb-elastic:ListTagsForResource", + "ec2:CreateVpcEndpoint", + "ec2:DescribeVpcEndpoints", + "ec2:DeleteVpcEndpoints", + "ec2:ModifyVpcEndpoint", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "ec2:DescribeAvailabilityZones", + "secretsmanager:ListSecrets", + "secretsmanager:ListSecretVersionIds", + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue", + "secretsmanager:GetResourcePolicy", + "kms:DescribeKey", + "kms:CreateGrant", + "kms:GenerateDataKey", + "kms:Decrypt", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "docdb-elastic:DeleteCluster", + "docdb-elastic:GetCluster", + "ec2:DescribeVpcEndpoints", + "ec2:DeleteVpcEndpoints", + "ec2:ModifyVpcEndpoint", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "ec2:DescribeAvailabilityZones" + ] + }, + "list": { + "permissions": [ + "docdb-elastic:ListClusters" + ] + }, + "read": { + "permissions": [ + "docdb-elastic:GetCluster", + "docdb-elastic:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "docdb-elastic:UpdateCluster", + "docdb-elastic:TagResource", + "docdb-elastic:UntagResource", + "docdb-elastic:GetCluster", + "docdb-elastic:ListTagsForResource", + "ec2:CreateVpcEndpoint", + "ec2:DescribeVpcEndpoints", + "ec2:DeleteVpcEndpoints", + "ec2:ModifyVpcEndpoint", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "ec2:DescribeAvailabilityZones", + "secretsmanager:ListSecrets", + "secretsmanager:ListSecretVersionIds", + "secretsmanager:DescribeSecret", + "secretsmanager:GetSecretValue", + "secretsmanager:GetResourcePolicy", + "kms:DescribeKey", + "kms:CreateGrant", + "kms:GenerateDataKey", + "kms:Decrypt" + ] + } + }, + "primaryIdentifier": [ + "/properties/ClusterArn" + ], + "properties": { + "AdminUserName": { + "type": "string" + }, + "AdminUserPassword": { + "type": "string" + }, + "AuthType": { + "type": "string" + }, + "ClusterArn": { + "type": "string" + }, + "ClusterEndpoint": { + "type": "string" + }, + "ClusterName": { + "maxLength": 50, + "minLength": 1, + "pattern": "[a-zA-z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*", + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ShardCapacity": { + "type": "integer" + }, + "ShardCount": { + "type": "integer" + }, + "SubnetIds": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "VpcSecurityGroupIds": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/ClusterArn", + "/properties/ClusterEndpoint" + ], + "required": [ + "ClusterName", + "AdminUserName", + "ShardCapacity", + "ShardCount", + "AuthType" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-docdbelastic/", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DocDBElastic::Cluster", + "writeOnlyProperties": [ + "/properties/AdminUserPassword" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dynamodb-globaltable.json similarity index 98% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-dynamodb-globaltable.json rename to src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dynamodb-globaltable.json index d9e133125d..7e1a23d878 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-dynamodb-globaltable.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dynamodb-globaltable.json @@ -122,13 +122,6 @@ "KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "enum": [ - "MICROSECOND", - "MILLISECOND" - ], - "type": "string" - }, "StreamArn": { "type": "string" } @@ -472,7 +465,6 @@ "dynamodb:EnableKinesisStreamingDestination", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:UpdateTableReplicaAutoScaling", - "dynamodb:UpdateKinesisStreamingDestination", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dynamodb-table.json similarity index 97% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-dynamodb-table.json rename to src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dynamodb-table.json index 94d8c7e991..aacbc7f216 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-dynamodb-table.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dynamodb-table.json @@ -1,7 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_dynamodb_table/billingmode_exclusive" + "AWS::DynamoDB::Table/Properties" ], "createOnlyProperties": [ "/properties/TableName", @@ -169,13 +169,6 @@ "KinesisStreamSpecification": { "additionalProperties": false, "properties": { - "ApproximateCreationDateTimePrecision": { - "enum": [ - "MICROSECOND", - "MILLISECOND" - ], - "type": "string" - }, "StreamArn": { "type": "string" } @@ -411,7 +404,6 @@ "dynamodb:UpdateTimeToLive", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", - "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:ListTagsOfResource", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-guardduty-filter.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-guardduty-filter.json deleted file mode 100644 index 0c0c488266..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-guardduty-filter.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DetectorId", - "/properties/Name" - ], - "definitions": { - "Condition": { - "additionalProperties": false, - "properties": { - "Eq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Equals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "GreaterThan": { - "type": "integer" - }, - "GreaterThanOrEqual": { - "type": "integer" - }, - "Gt": { - "type": "integer" - }, - "Gte": { - "type": "integer" - }, - "LessThan": { - "type": "integer" - }, - "LessThanOrEqual": { - "type": "integer" - }, - "Lt": { - "type": "integer" - }, - "Lte": { - "type": "integer" - }, - "Neq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "NotEquals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "type": "object" - }, - "ItemType": { - "$ref": "#/definitions/Condition" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::GuardDuty::Filter", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Action": { - "enum": [ - "NOOP", - "ARCHIVE" - ], - "type": "string" - }, - "Description": { - "type": "string" - }, - "DetectorId": { - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/FindingCriteria" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "Rank": { - "type": "integer" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Action", - "Description", - "DetectorId", - "FindingCriteria", - "Rank", - "Name" - ], - "typeName": "AWS::GuardDuty::Filter" -} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py b/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py index 6530b77f17..a22e2b0287 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py @@ -137,6 +137,7 @@ "AWS::EventSchemas::Discoverer", "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::ApiGateway::RestApi", "AWS::OpsWorks::ElasticLoadBalancerAttachment", @@ -164,6 +165,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -249,8 +251,10 @@ "AWS::EMR::SecurityConfiguration", "AWS::CloudWatch::InsightRule", "AWS::ApiGateway::UsagePlan", + "AWS::MediaPackageV2::Channel", "AWS::Batch::SchedulingPolicy", "AWS::MediaConnect::BridgeSource", + "AWS::MediaPackageV2::ChannelPolicy", "AWS::ApiGatewayV2::VpcLink", "AWS::ServiceCatalog::PortfolioProductAssociation", "AWS::Athena::WorkGroup", @@ -485,6 +489,7 @@ "AWS::Lambda::LayerVersion", "AWS::RDS::OptionGroup", "AWS::OpsWorks::UserProfile", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", @@ -499,11 +504,13 @@ "AWS::SageMaker::NotebookInstance", "AWS::SSO::InstanceAccessControlAttributeConfiguration", "AWS::WAFRegional::ByteMatchSet", + "AWS::MediaPackageV2::ChannelGroup", "AWS::CloudWatch::AnomalyDetector", "AWS::EC2::SubnetNetworkAclAssociation", "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", "AWS::Lambda::Permission", @@ -512,6 +519,7 @@ "AWS::EC2::IPAMResourceDiscoveryAssociation", "AWS::ServiceCatalogAppRegistry::AttributeGroup", "AWS::EC2::ClientVpnTargetNetworkAssociation", + "AWS::MediaPackageV2::OriginEndpoint", "AWS::AppSync::GraphQLApi", "AWS::EC2::EgressOnlyInternetGateway", "AWS::EC2::VPCCidrBlock", @@ -550,6 +558,7 @@ "AWS::EC2::EIPAssociation", "AWS::ElasticBeanstalk::Application", "AWS::IoT::ThingPrincipalAttachment", + "AWS::MediaPackageV2::OriginEndpointPolicy", "AWS::DLM::LifecyclePolicy", "AWS::EC2::CapacityReservation", "AWS::ElasticLoadBalancing::LoadBalancer", @@ -833,6 +842,7 @@ "aws-sagemaker-modelpackage.json", "aws-eventschemas-discoverer.json", "aws-networkmanager-connectpeer.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-opsworks-elasticloadbalancerattachment.json", "aws-appmesh-virtualservice.json", @@ -858,11 +868,11 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-iam-role.json", @@ -935,14 +945,15 @@ "aws-servicediscovery-httpnamespace.json", "aws-emr-securityconfiguration.json", "aws-cloudwatch-insightrule.json", + "aws-mediapackagev2-channel.json", "aws-batch-schedulingpolicy.json", "aws-mediaconnect-bridgesource.json", + "aws-mediapackagev2-channelpolicy.json", "aws-athena-workgroup.json", "aws-sagemaker-imageversion.json", "aws-apigatewayv2-api.json", "aws-servicecatalog-portfolioshare.json", "aws-networkmanager-customergatewayassociation.json", - "aws-iam-servercertificate.json", "aws-events-eventbus.json", "aws-sqs-queueinlinepolicy.json", "aws-organizations-organization.json", @@ -1103,7 +1114,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", "aws-oam-link.json", @@ -1150,6 +1160,7 @@ "aws-lambda-layerversion.json", "aws-rds-optiongroup.json", "aws-opsworks-userprofile.json", + "aws-logs-delivery.json", "aws-ssm-maintenancewindow.json", "aws-lakeformation-tagassociation.json", "aws-ec2-ipamresourcediscovery.json", @@ -1161,11 +1172,13 @@ "aws-sagemaker-notebookinstance.json", "aws-sso-instanceaccesscontrolattributeconfiguration.json", "aws-wafregional-bytematchset.json", + "aws-mediapackagev2-channelgroup.json", "aws-cloudwatch-anomalydetector.json", "aws-ec2-subnetnetworkaclassociation.json", "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", "aws-lambda-permission.json", @@ -1173,6 +1186,7 @@ "aws-eks-identityproviderconfig.json", "aws-ec2-ipamresourcediscoveryassociation.json", "aws-ec2-clientvpntargetnetworkassociation.json", + "aws-mediapackagev2-originendpoint.json", "aws-appsync-graphqlapi.json", "aws-ec2-egressonlyinternetgateway.json", "aws-ec2-vpccidrblock.json", @@ -1189,6 +1203,7 @@ "aws-rds-eventsubscription.json", "aws-config-aggregationauthorization.json", "aws-datasync-agent.json", + "aws-cognito-userpoolidentityprovider.json", "aws-logs-loggroup.json", "aws-s3-multiregionaccesspointpolicy.json", "aws-pcaconnectorad-template.json", @@ -1206,6 +1221,7 @@ "aws-ec2-eipassociation.json", "aws-elasticbeanstalk-application.json", "aws-iot-thingprincipalattachment.json", + "aws-mediapackagev2-originendpointpolicy.json", "aws-dlm-lifecyclepolicy.json", "aws-ec2-capacityreservation.json", "aws-elasticloadbalancing-loadbalancer.json", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cognito-userpoolidentityprovider.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cognito-userpoolidentityprovider.json deleted file mode 100644 index ba52781eae..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-cognito-userpoolidentityprovider.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/UserPoolId", - "/properties/ProviderName", - "/properties/ProviderType" - ], - "description": "Resource Type definition for AWS::Cognito::UserPoolIdentityProvider", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AttributeMapping": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "Id": { - "type": "string" - }, - "IdpIdentifiers": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "ProviderDetails": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "ProviderName": { - "type": "string" - }, - "ProviderType": { - "type": "string" - }, - "UserPoolId": { - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "ProviderName", - "UserPoolId", - "ProviderDetails", - "ProviderType" - ], - "typeName": "AWS::Cognito::UserPoolIdentityProvider" -} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-iam-servercertificate.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-iam-servercertificate.json new file mode 100644 index 0000000000..5eadc526d8 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-iam-servercertificate.json @@ -0,0 +1,132 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ServerCertificateName", + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IAM::ServerCertificate", + "handlers": { + "create": { + "permissions": [ + "iam:UploadServerCertificate", + "iam:TagServerCertificate", + "iam:GetServerCertificate" + ] + }, + "delete": { + "permissions": [ + "iam:DeleteServerCertificate" + ] + }, + "list": { + "permissions": [ + "iam:ListServerCertificates", + "iam:GetServerCertificate" + ] + }, + "read": { + "permissions": [ + "iam:GetServerCertificate" + ] + }, + "update": { + "permissions": [ + "iam:TagServerCertificate", + "iam:UntagServerCertificate", + "iam:ListServerCertificateTags", + "iam:GetServerCertificate" + ] + } + }, + "primaryIdentifier": [ + "/properties/ServerCertificateName" + ], + "properties": { + "Arn": { + "description": "Amazon Resource Name (ARN) of the server certificate", + "maxLength": 1600, + "minLength": 1, + "type": "string" + }, + "CertificateBody": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "CertificateChain": { + "maxLength": 2097152, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "Path": { + "maxLength": 512, + "minLength": 1, + "pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)", + "type": "string" + }, + "PrivateKey": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "ServerCertificateName": { + "maxLength": 128, + "minLength": 1, + "pattern": "[\\w+=,.@-]+", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IAM::ServerCertificate", + "writeOnlyProperties": [ + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-redshift-cluster.json index c29bc2abdf..c475c20974 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -279,7 +280,7 @@ "type": "boolean" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py index 8047395493..52d37b9578 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py @@ -195,6 +195,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -230,6 +231,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -279,6 +281,7 @@ "AWS::GuardDuty::Member", "AWS::CloudFormation::CustomResource", "AWS::FIS::TargetAccountConfiguration", + "AWS::Glue::TableOptimizer", "AWS::RefactorSpaces::Route", "AWS::KinesisAnalytics::ApplicationOutput", "AWS::WAFv2::RuleGroup", @@ -700,6 +703,7 @@ "AWS::OpsWorks::UserProfile", "AWS::Glue::Schema", "AWS::DocDB::DBSubnetGroup", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::WorkSpacesWeb::TrustStore", "AWS::IoT::Policy", @@ -736,6 +740,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1135,7 +1140,6 @@ "aws-fms-resourceset.json", "aws-cognito-userpooldomain.json", "aws-autoscaling-autoscalinggroup.json", - "aws-wafv2-regexpatternset.json", "aws-eks-fargateprofile.json", "aws-workspacesweb-networksettings.json", "aws-route53-dnssec.json", @@ -1229,6 +1233,7 @@ "aws-eventschemas-discoverer.json", "aws-networkmanager-connectpeer.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1262,6 +1267,7 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", @@ -1269,8 +1275,6 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", - "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-greengrass-subscriptiondefinition.json", "aws-greengrass-group.json", @@ -1310,9 +1314,9 @@ "aws-guardduty-member.json", "aws-cloudformation-customresource.json", "aws-fis-targetaccountconfiguration.json", + "aws-glue-tableoptimizer.json", "aws-refactorspaces-route.json", "aws-kinesisanalytics-applicationoutput.json", - "aws-wafv2-rulegroup.json", "aws-sagemaker-modelpackagegroup.json", "aws-ses-configurationset.json", "aws-elasticache-parametergroup.json", @@ -1649,7 +1653,6 @@ "aws-transfer-agreement.json", "aws-lightsail-certificate.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1695,6 +1698,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", "aws-mediaconvert-preset.json", @@ -1715,6 +1719,7 @@ "aws-opsworks-userprofile.json", "aws-glue-schema.json", "aws-docdb-dbsubnetgroup.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-workspacesweb-truststore.json", "aws-iot-policy.json", @@ -1751,6 +1756,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1767,6 +1773,7 @@ "aws-ec2-egressonlyinternetgateway.json", "aws-config-conformancepack.json", "aws-ec2-vpccidrblock.json", + "aws-aps-workspace.json", "aws-kendra-datasource.json", "aws-gamelift-script.json", "aws-iam-virtualmfadevice.json", @@ -1869,6 +1876,7 @@ "aws-connect-routingprofile.json", "aws-ec2-flowlog.json", "aws-events-endpoint.json", + "aws-amazonmq-broker.json", "aws-emr-step.json", "aws-ssm-association.json", "aws-ec2-clientvpnendpoint.json", @@ -1945,7 +1953,6 @@ "aws-apigatewayv2-routeresponse.json", "aws-quicksight-topic.json", "aws-cloudwatch-metricstream.json", - "aws-location-geofencecollection.json", "aws-ssm-parameter.json", "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-amazonmq-broker.json deleted file mode 100644 index b71851eb27..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_south_1/aws-amazonmq-broker.json +++ /dev/null @@ -1,341 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/BrokerName", - "/properties/StorageType", - "/properties/DeploymentMode", - "/properties/EngineType", - "/properties/SubnetIds", - "/properties/AuthenticationStrategy", - "/properties/EncryptionOptions", - "/properties/PubliclyAccessible" - ], - "definitions": { - "ConfigurationId": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - }, - "Revision": { - "type": "integer" - } - }, - "required": [ - "Revision", - "Id" - ], - "type": "object" - }, - "EncryptionOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "type": "string" - }, - "UseAwsOwnedKey": { - "type": "boolean" - } - }, - "required": [ - "UseAwsOwnedKey" - ], - "type": "object" - }, - "LdapServerMetadata": { - "additionalProperties": false, - "properties": { - "Hosts": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleBase": { - "type": "string" - }, - "RoleName": { - "type": "string" - }, - "RoleSearchMatching": { - "type": "string" - }, - "RoleSearchSubtree": { - "type": "boolean" - }, - "ServiceAccountPassword": { - "type": "string" - }, - "ServiceAccountUsername": { - "type": "string" - }, - "UserBase": { - "type": "string" - }, - "UserRoleName": { - "type": "string" - }, - "UserSearchMatching": { - "type": "string" - }, - "UserSearchSubtree": { - "type": "boolean" - } - }, - "required": [ - "Hosts", - "UserSearchMatching", - "UserBase", - "RoleSearchMatching", - "ServiceAccountUsername", - "RoleBase", - "ServiceAccountPassword" - ], - "type": "object" - }, - "LogList": { - "additionalProperties": false, - "properties": { - "Audit": { - "type": "boolean" - }, - "General": { - "type": "boolean" - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "additionalProperties": false, - "properties": { - "DayOfWeek": { - "type": "string" - }, - "TimeOfDay": { - "type": "string" - }, - "TimeZone": { - "type": "string" - } - }, - "required": [ - "DayOfWeek", - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "User": { - "additionalProperties": false, - "properties": { - "ConsoleAccess": { - "type": "boolean" - }, - "Groups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Username", - "Password" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::AmazonMQ::Broker", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AmqpEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Arn": { - "type": "string" - }, - "AuthenticationStrategy": { - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "type": "boolean" - }, - "BrokerName": { - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/ConfigurationId" - }, - "ConfigurationId": { - "type": "string" - }, - "ConfigurationRevision": { - "type": "integer" - }, - "DataReplicationMode": { - "type": "string" - }, - "DataReplicationPrimaryBrokerArn": { - "type": "string" - }, - "DeploymentMode": { - "enum": [ - "SINGLE_INSTANCE", - "ACTIVE_STANDBY_MULTI_AZ", - "CLUSTER_MULTI_AZ" - ], - "type": "string" - }, - "EncryptionOptions": { - "$ref": "#/definitions/EncryptionOptions" - }, - "EngineType": { - "enum": [ - "ACTIVEMQ", - "RABBITMQ" - ], - "type": "string" - }, - "EngineVersion": { - "type": "string" - }, - "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", - "type": "string" - }, - "Id": { - "type": "string" - }, - "IpAddresses": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "LdapServerMetadata": { - "$ref": "#/definitions/LdapServerMetadata" - }, - "Logs": { - "$ref": "#/definitions/LogList" - }, - "MaintenanceWindowStartTime": { - "$ref": "#/definitions/MaintenanceWindow" - }, - "MqttEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "OpenWireEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "PubliclyAccessible": { - "type": "boolean" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StompEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StorageType": { - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "items": { - "$ref": "#/definitions/TagsEntry" - }, - "type": "array", - "uniqueItems": false - }, - "Users": { - "items": { - "$ref": "#/definitions/User" - }, - "type": "array", - "uniqueItems": false - }, - "WssEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/IpAddresses", - "/properties/Id", - "/properties/MqttEndpoints", - "/properties/OpenWireEndpoints", - "/properties/ConfigurationId", - "/properties/ConfigurationRevision", - "/properties/StompEndpoints", - "/properties/WssEndpoints", - "/properties/AmqpEndpoints", - "/properties/Arn" - ], - "required": [ - "EngineVersion", - "DeploymentMode", - "HostInstanceType", - "EngineType", - "AutoMinorVersionUpgrade", - "Users", - "PubliclyAccessible", - "BrokerName" - ], - "typeName": "AWS::AmazonMQ::Broker" -} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_south_1/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-aps-workspace.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-aps-workspace.json deleted file mode 100644 index 911caeaf8c..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_south_1/aws-aps-workspace.json +++ /dev/null @@ -1,166 +0,0 @@ -{ - "additionalProperties": false, - "definitions": { - "LoggingConfiguration": { - "additionalProperties": false, - "description": "Logging configuration", - "properties": { - "LogGroupArn": { - "description": "CloudWatch log group ARN", - "maxLength": 512, - "minLength": 0, - "type": "string" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::APS::Workspace", - "handlers": { - "create": { - "permissions": [ - "aps:CreateWorkspace", - "aps:DescribeWorkspace", - "aps:TagResource", - "aps:CreateAlertManagerDefinition", - "aps:DescribeAlertManagerDefinition", - "aps:CreateLoggingConfiguration", - "logs:CreateLogDelivery", - "logs:GetLogDelivery", - "logs:ListLogDeliveries", - "logs:PutResourcePolicy", - "kms:CreateGrant", - "kms:Decrypt", - "kms:GenerateDataKey" - ] - }, - "delete": { - "permissions": [ - "aps:DeleteWorkspace", - "aps:DescribeWorkspace", - "aps:DeleteAlertManagerDefinition", - "aps:DeleteLoggingConfiguration", - "logs:DeleteLogDelivery" - ] - }, - "list": { - "permissions": [ - "aps:ListWorkspaces", - "aps:ListTagsForResource" - ] - }, - "read": { - "permissions": [ - "aps:DescribeWorkspace", - "aps:ListTagsForResource", - "aps:DescribeAlertManagerDefinition", - "aps:DescribeLoggingConfiguration" - ] - }, - "update": { - "permissions": [ - "aps:UpdateWorkspaceAlias", - "aps:DescribeWorkspace", - "aps:TagResource", - "aps:UntagResource", - "aps:ListTagsForResource", - "aps:CreateAlertManagerDefinition", - "aps:PutAlertManagerDefinition", - "aps:DeleteAlertManagerDefinition", - "aps:CreateLoggingConfiguration", - "aps:DescribeLoggingConfiguration", - "aps:UpdateLoggingConfiguration", - "aps:DeleteLoggingConfiguration", - "logs:CreateLogDelivery", - "logs:GetLogDelivery", - "logs:UpdateLogDelivery", - "logs:ListLogDeliveries", - "logs:DeleteLogDelivery", - "logs:PutResourcePolicy" - ] - } - }, - "primaryIdentifier": [ - "/properties/Arn" - ], - "properties": { - "AlertManagerDefinition": { - "description": "The AMP Workspace alert manager definition data", - "type": "string" - }, - "Alias": { - "description": "AMP Workspace alias.", - "maxLength": 100, - "minLength": 0, - "type": "string" - }, - "Arn": { - "description": "Workspace arn.", - "maxLength": 128, - "minLength": 1, - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$", - "type": "string" - }, - "LoggingConfiguration": { - "$ref": "#/definitions/LoggingConfiguration" - }, - "PrometheusEndpoint": { - "description": "AMP Workspace prometheus endpoint", - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - }, - "WorkspaceId": { - "description": "Required to identify a specific APS Workspace.", - "maxLength": 100, - "minLength": 1, - "pattern": "^[a-zA-Z0-9][a-zA-Z0-9_-]{1,99}$", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/WorkspaceId", - "/properties/Arn", - "/properties/PrometheusEndpoint" - ], - "required": [], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::APS::Workspace" -} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-location-geofencecollection.json new file mode 100644 index 0000000000..bb905fef3f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-location-geofencecollection.json @@ -0,0 +1,174 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CollectionName", + "/properties/KmsKeyId" + ], + "definitions": { + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::GeofenceCollection Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "kms:*" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteGeofenceCollection", + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "list": { + "permissions": [ + "geo:ListGeofenceCollections", + "kms:*" + ] + }, + "read": { + "permissions": [ + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "update": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "geo:UpdateGeofenceCollection", + "kms:*" + ] + } + }, + "primaryIdentifier": [ + "/properties/CollectionName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CollectionArn", + "/properties/Arn", + "/properties/CreateTime", + "/properties/UpdateTime" + ], + "required": [ + "CollectionName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::GeofenceCollection" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-ipset.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-ipset.json new file mode 100644 index 0000000000..9181872206 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-ipset.json @@ -0,0 +1,166 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the IPSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the IPSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "IPAddress": { + "description": "IP address", + "maxLength": 50, + "minLength": 1, + "type": "string" + }, + "IPAddressVersion": { + "description": "Type of addresses in the IPSet, use IPV4 for IPV4 IP addresses, IPV6 for IPV6 address.", + "enum": [ + "IPV4", + "IPV6" + ], + "type": "string" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront IPSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of IP addresses. This can be either IPV4 or IPV6. The list will be mutually", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteIPSet", + "wafv2:GetIPSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listIPSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Addresses": { + "description": "List of IPAddresses.", + "items": { + "$ref": "#/definitions/IPAddress" + }, + "type": "array" + }, + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "IPAddressVersion": { + "$ref": "#/definitions/IPAddressVersion" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Addresses", + "IPAddressVersion", + "Scope" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::IPSet" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-regexpatternset.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-regexpatternset.json new file mode 100644 index 0000000000..e5467bfd54 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-regexpatternset.json @@ -0,0 +1,134 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of Regular expressions based on the provided inputs. RegexPatternSet can be used with other WAF entities with RegexPatternSetReferenceStatement to perform other actions .", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteRegexPatternSet", + "wafv2:GetRegexPatternSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listRegexPatternSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Description": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "Id": { + "description": "Id of the RegexPatternSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "Name": { + "description": "Name of the RegexPatternSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "RegularExpressionList": { + "items": { + "maxLength": 200, + "minLength": 0, + "type": "string" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Scope", + "RegularExpressionList" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::RegexPatternSet" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-rulegroup.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-rulegroup.json new file mode 100644 index 0000000000..ca7496f6ca --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-wafv2-rulegroup.json @@ -0,0 +1,1432 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "AllowAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "BlockAction": { + "additionalProperties": false, + "description": "Block traffic towards application.", + "properties": { + "CustomResponse": { + "$ref": "#/definitions/CustomResponse" + } + }, + "type": "object" + }, + "Body": { + "additionalProperties": false, + "description": "The body of a web request. This immediately follows the request headers.", + "properties": { + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "type": "object" + }, + "BodyParsingFallbackBehavior": { + "description": "The inspection behavior to fall back to if the JSON in the request body is invalid.", + "enum": [ + "MATCH", + "NO_MATCH", + "EVALUATE_AS_STRING" + ], + "type": "string" + }, + "ByteMatchStatement": { + "additionalProperties": false, + "description": "Byte Match statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "PositionalConstraint": { + "$ref": "#/definitions/PositionalConstraint" + }, + "SearchString": { + "$ref": "#/definitions/SearchString" + }, + "SearchStringBase64": { + "$ref": "#/definitions/SearchStringBase64" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "CaptchaAction": { + "additionalProperties": false, + "description": "Checks valid token exists with request.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "ChallengeAction": { + "additionalProperties": false, + "description": "Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "CookieMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request cookies.", + "properties": { + "All": { + "description": "Inspect all parts of the web request cookies.", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/CookieMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "CountAction": { + "additionalProperties": false, + "description": "Count traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CustomHTTPHeader": { + "additionalProperties": false, + "description": "HTTP header.", + "properties": { + "Name": { + "$ref": "#/definitions/CustomHTTPHeaderName" + }, + "Value": { + "$ref": "#/definitions/CustomHTTPHeaderValue" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "CustomHTTPHeaderName": { + "description": "HTTP header name.", + "maxLength": 64, + "minLength": 1, + "type": "string" + }, + "CustomHTTPHeaderValue": { + "description": "HTTP header value.", + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "CustomRequestHandling": { + "additionalProperties": false, + "description": "Custom request handling.", + "properties": { + "InsertHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "CustomResponse": { + "additionalProperties": false, + "description": "Custom response.", + "properties": { + "CustomResponseBodyKey": { + "description": "Custom response body key.", + "pattern": "^[\\w\\-]+$", + "type": "string" + }, + "ResponseCode": { + "$ref": "#/definitions/ResponseStatusCode" + }, + "ResponseHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "CustomResponseBodies": { + "additionalProperties": false, + "description": "Custom response key and body map.", + "minProperties": 1, + "patternProperties": { + "^[\\w\\-]+$": { + "$ref": "#/definitions/CustomResponseBody" + } + }, + "type": "object" + }, + "CustomResponseBody": { + "additionalProperties": false, + "description": "Custom response body.", + "properties": { + "Content": { + "$ref": "#/definitions/ResponseContent" + }, + "ContentType": { + "$ref": "#/definitions/ResponseContentType" + } + }, + "required": [ + "ContentType", + "Content" + ], + "type": "object" + }, + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the RuleGroup", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the RuleGroup.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "FieldToMatch": { + "additionalProperties": false, + "description": "Field of the request to match.", + "properties": { + "AllQueryArguments": { + "description": "All query arguments of a web request.", + "type": "object" + }, + "Body": { + "$ref": "#/definitions/Body" + }, + "Cookies": { + "$ref": "#/definitions/Cookies" + }, + "Headers": { + "$ref": "#/definitions/Headers" + }, + "JsonBody": { + "$ref": "#/definitions/JsonBody" + }, + "Method": { + "description": "The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform.", + "type": "object" + }, + "QueryString": { + "description": "The query string of a web request. This is the part of a URL that appears after a ? character, if any.", + "type": "object" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "description": "One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.", + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "UriPath": { + "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.", + "type": "object" + } + }, + "type": "object" + }, + "ForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior" + ], + "type": "object" + }, + "GeoMatchStatement": { + "additionalProperties": false, + "properties": { + "CountryCodes": { + "items": { + "maxLength": 2, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + } + }, + "type": "object" + }, + "HeaderMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request headers.", + "properties": { + "All": { + "description": "Inspect all parts of the web request headers.", + "type": "object" + }, + "ExcludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Headers": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/HeaderMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "IPSetForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + }, + "Position": { + "enum": [ + "FIRST", + "LAST", + "ANY" + ], + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior", + "Position" + ], + "type": "object" + }, + "IPSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/IPSetForwardedIPConfiguration" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "ImmunityTimeProperty": { + "additionalProperties": false, + "properties": { + "ImmunityTime": { + "maximum": 259200, + "minimum": 60, + "type": "integer" + } + }, + "required": [ + "ImmunityTime" + ], + "type": "object" + }, + "JsonBody": { + "additionalProperties": false, + "description": "Inspect the request body as JSON. The request body immediately follows the request headers.", + "properties": { + "InvalidFallbackBehavior": { + "$ref": "#/definitions/BodyParsingFallbackBehavior" + }, + "MatchPattern": { + "$ref": "#/definitions/JsonMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/JsonMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope" + ], + "type": "object" + }, + "JsonMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the JSON body.", + "properties": { + "All": { + "description": "Inspect all parts of the web request's JSON body.", + "type": "object" + }, + "IncludedPaths": { + "items": { + "$ref": "#/definitions/JsonPointerPath" + }, + "type": "array" + } + }, + "type": "object" + }, + "JsonMatchScope": { + "description": "The parts of the JSON to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "JsonPointerPath": { + "description": "JSON pointer path in the web request's JSON body", + "pattern": "^[\\/]+([^~]*(~[01])*){1,512}$", + "type": "string" + }, + "Label": { + "additionalProperties": false, + "properties": { + "Name": { + "$ref": "#/definitions/LabelName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "LabelMatchKey": { + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "LabelMatchScope": { + "enum": [ + "LABEL", + "NAMESPACE" + ], + "type": "string" + }, + "LabelMatchStatement": { + "additionalProperties": false, + "properties": { + "Key": { + "$ref": "#/definitions/LabelMatchKey" + }, + "Scope": { + "$ref": "#/definitions/LabelMatchScope" + } + }, + "required": [ + "Scope", + "Key" + ], + "type": "object" + }, + "LabelName": { + "description": "Name of the Label.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "LabelSummary": { + "additionalProperties": false, + "properties": { + "Name": { + "$ref": "#/definitions/LabelName" + } + }, + "type": "object" + }, + "MapMatchScope": { + "description": "The parts of the request to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Statement" + ], + "type": "object" + }, + "OrStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "OversizeHandling": { + "description": "Handling of requests containing oversize fields", + "enum": [ + "CONTINUE", + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "PositionalConstraint": { + "description": "Position of the evaluation in the FieldToMatch of request.", + "enum": [ + "EXACTLY", + "STARTS_WITH", + "ENDS_WITH", + "CONTAINS", + "CONTAINS_WORD" + ], + "type": "string" + }, + "RateBasedStatement": { + "additionalProperties": false, + "properties": { + "AggregateKeyType": { + "enum": [ + "IP", + "FORWARDED_IP", + "CONSTANT", + "CUSTOM_KEYS" + ], + "type": "string" + }, + "CustomKeys": { + "description": "Specifies the aggregate keys to use in a rate-base rule.", + "items": { + "$ref": "#/definitions/RateBasedStatementCustomKey" + }, + "maxItems": 5, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + }, + "Limit": { + "$ref": "#/definitions/RateLimit" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Limit", + "AggregateKeyType" + ], + "type": "object" + }, + "RateBasedStatementCustomKey": { + "additionalProperties": false, + "description": "Specifies a single custom aggregate key for a rate-base rule.", + "properties": { + "Cookie": { + "$ref": "#/definitions/RateLimitCookie" + }, + "ForwardedIP": { + "$ref": "#/definitions/RateLimitForwardedIP" + }, + "HTTPMethod": { + "$ref": "#/definitions/RateLimitHTTPMethod" + }, + "Header": { + "$ref": "#/definitions/RateLimitHeader" + }, + "IP": { + "$ref": "#/definitions/RateLimitIP" + }, + "LabelNamespace": { + "$ref": "#/definitions/RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/RateLimitUriPath" + } + }, + "type": "object" + }, + "RateLimit": { + "maximum": 2000000000, + "minimum": 100, + "type": "integer" + }, + "RateLimitCookie": { + "additionalProperties": false, + "description": "Specifies a cookie as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the cookie to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitForwardedIP": { + "description": "Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHTTPMethod": { + "description": "Specifies the request's HTTP method as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHeader": { + "additionalProperties": false, + "description": "Specifies a header as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the header to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitIP": { + "description": "Specifies the IP address in the web request as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitLabelNamespace": { + "additionalProperties": false, + "description": "Specifies a label namespace to use as an aggregate key for a rate-based rule.", + "properties": { + "Namespace": { + "description": "The namespace to use for aggregation.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "RateLimitQueryArgument": { + "additionalProperties": false, + "description": "Specifies a query argument in the request as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the query argument to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitQueryString": { + "additionalProperties": false, + "description": "Specifies the request's query string as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RateLimitUriPath": { + "additionalProperties": false, + "description": "Specifies the request's URI Path as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RegexMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "RegexString": { + "maxLength": 512, + "minLength": 1, + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "RegexString", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RegexPatternSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Arn", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ResponseContent": { + "description": "Response content.", + "maxLength": 10240, + "minLength": 1, + "type": "string" + }, + "ResponseContentType": { + "description": "Valid values are TEXT_PLAIN, TEXT_HTML, and APPLICATION_JSON.", + "enum": [ + "TEXT_PLAIN", + "TEXT_HTML", + "APPLICATION_JSON" + ], + "type": "string" + }, + "ResponseStatusCode": { + "description": "Custom response code.", + "maximum": 599, + "minimum": 200, + "type": "integer" + }, + "Rule": { + "additionalProperties": false, + "description": "Rule of RuleGroup that contains condition and action.", + "properties": { + "Action": { + "$ref": "#/definitions/RuleAction" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Priority": { + "$ref": "#/definitions/RulePriority" + }, + "RuleLabels": { + "description": "Collection of Rule Labels.", + "items": { + "$ref": "#/definitions/Label" + }, + "type": "array" + }, + "Statement": { + "$ref": "#/definitions/Statement" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "required": [ + "Name", + "Priority", + "Statement", + "VisibilityConfig" + ], + "type": "object" + }, + "RuleAction": { + "additionalProperties": false, + "description": "Action taken when Rule matches its condition.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + }, + "Captcha": { + "$ref": "#/definitions/CaptchaAction" + }, + "Challenge": { + "$ref": "#/definitions/ChallengeAction" + }, + "Count": { + "$ref": "#/definitions/CountAction" + } + }, + "type": "object" + }, + "RuleGroup": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "Capacity": { + "minimum": 0, + "type": "integer" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "type": "object" + }, + "RulePriority": { + "description": "Priority of the Rule, Rules get evaluated from lower to higher priority.", + "minimum": 0, + "type": "integer" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront RuleGroup, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "SearchString": { + "description": "String that is searched to find a match.", + "type": "string" + }, + "SearchStringBase64": { + "description": "Base64 encoded string that is searched to find a match.", + "type": "string" + }, + "SensitivityLevel": { + "description": "Sensitivity Level current only used for sqli match statements.", + "enum": [ + "LOW", + "HIGH" + ], + "type": "string" + }, + "SizeConstraintStatement": { + "additionalProperties": false, + "description": "Size Constraint statement.", + "properties": { + "ComparisonOperator": { + "enum": [ + "EQ", + "NE", + "LE", + "LT", + "GE", + "GT" + ], + "type": "string" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "Size": { + "maximum": 21474836480, + "minimum": 0, + "type": "number" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "ComparisonOperator", + "Size", + "TextTransformations" + ], + "type": "object" + }, + "SqliMatchStatement": { + "additionalProperties": false, + "description": "Sqli Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "SensitivityLevel": { + "$ref": "#/definitions/SensitivityLevel" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "Statement": { + "additionalProperties": false, + "description": "First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc", + "properties": { + "AndStatement": { + "$ref": "#/definitions/AndStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/LabelMatchStatement" + }, + "NotStatement": { + "$ref": "#/definitions/NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/RegexPatternSetReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/XssMatchStatement" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "TextTransformation": { + "additionalProperties": false, + "description": "Text Transformation on the Search String before match.", + "properties": { + "Priority": { + "$ref": "#/definitions/TextTransformationPriority" + }, + "Type": { + "$ref": "#/definitions/TextTransformationType" + } + }, + "required": [ + "Priority", + "Type" + ], + "type": "object" + }, + "TextTransformationPriority": { + "description": "Priority of Rule being evaluated.", + "minimum": 0, + "type": "integer" + }, + "TextTransformationType": { + "description": "Type of text transformation.", + "enum": [ + "NONE", + "COMPRESS_WHITE_SPACE", + "HTML_ENTITY_DECODE", + "LOWERCASE", + "CMD_LINE", + "URL_DECODE", + "BASE64_DECODE", + "HEX_DECODE", + "MD5", + "REPLACE_COMMENTS", + "ESCAPE_SEQ_DECODE", + "SQL_HEX_DECODE", + "CSS_DECODE", + "JS_DECODE", + "NORMALIZE_PATH", + "NORMALIZE_PATH_WIN", + "REMOVE_NULLS", + "REPLACE_NULLS", + "BASE64_DECODE_EXT", + "URL_DECODE_UNI", + "UTF8_TO_UNICODE" + ], + "type": "string" + }, + "VisibilityConfig": { + "additionalProperties": false, + "description": "Visibility Metric of the RuleGroup.", + "properties": { + "CloudWatchMetricsEnabled": { + "type": "boolean" + }, + "MetricName": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "SampledRequestsEnabled": { + "type": "boolean" + } + }, + "required": [ + "SampledRequestsEnabled", + "CloudWatchMetricsEnabled", + "MetricName" + ], + "type": "object" + }, + "XssMatchStatement": { + "additionalProperties": false, + "description": "Xss Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + } + }, + "description": "Contains the Rules that identify the requests that you want to allow, block, or count. In a RuleGroup, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a RuleGroup, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the RuleGroup with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a RuleGroup, a request needs to match only one of the specifications to be allowed, blocked, or counted.", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateRuleGroup", + "wafv2:GetRuleGroup", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteRuleGroup", + "wafv2:GetRuleGroup" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listRuleGroups" + ] + }, + "read": { + "permissions": [ + "wafv2:GetRuleGroup", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateRuleGroup", + "wafv2:GetRuleGroup", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "AvailableLabels": { + "description": "Collection of Available Labels.", + "items": { + "$ref": "#/definitions/LabelSummary" + }, + "type": "array" + }, + "Capacity": { + "minimum": 0, + "type": "integer" + }, + "ConsumedLabels": { + "description": "Collection of Consumed Labels.", + "items": { + "$ref": "#/definitions/LabelSummary" + }, + "type": "array" + }, + "CustomResponseBodies": { + "$ref": "#/definitions/CustomResponseBodies" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "LabelNamespace": { + "$ref": "#/definitions/LabelName" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id", + "/properties/LabelNamespace", + "/properties/AvailableLabels/*/Name", + "/properties/ConsumedLabels/*/Name" + ], + "required": [ + "Capacity", + "Scope", + "VisibilityConfig" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::RuleGroup" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py b/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py index 9b983f707d..73ce1a0d78 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py @@ -572,6 +572,7 @@ "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-route53resolver-resolverruleassociation.json", @@ -600,7 +601,6 @@ "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-iam-role.json", "aws-events-apidestination.json", @@ -761,7 +761,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-xray-group.json", "aws-oam-link.json", "aws-elasticloadbalancingv2-truststorerevocation.json", @@ -901,7 +900,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-pcaconnectorad-serviceprincipalname.json", diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-host.json index b343142e92..6ea413000b 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-spotfleet.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-spotfleet.json index d8df19f68d..c696c3ce70 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-spotfleet.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-ec2-spotfleet.json @@ -210,8 +210,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone" ], "type": "string" }, @@ -365,8 +365,8 @@ "type": "string" }, "IamFleetRole": { - "awsType": [ - "IamRoleArn" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole" ], "type": "string" }, @@ -465,8 +465,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py index 8985b81720..9455152796 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py @@ -792,6 +792,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1372,7 +1373,6 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", @@ -1637,6 +1637,7 @@ "aws-iotsitewise-asset.json", "aws-logs-logstream.json", "aws-dms-replicationsubnetgroup.json", + "aws-aps-rulegroupsnamespace.json", "aws-s3outposts-bucket.json", "aws-workspacesweb-identityprovider.json", "aws-route53-recordsetgroup.json", @@ -1836,6 +1837,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-supportapp-slackworkspaceconfiguration.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", @@ -1905,6 +1907,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py index 7dcba46595..ebe44130dc 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py @@ -804,6 +804,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1394,7 +1395,6 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", @@ -1661,6 +1661,7 @@ "aws-iotsitewise-asset.json", "aws-logs-logstream.json", "aws-dms-replicationsubnetgroup.json", + "aws-aps-rulegroupsnamespace.json", "aws-s3outposts-bucket.json", "aws-workspacesweb-identityprovider.json", "aws-route53-recordsetgroup.json", @@ -1865,6 +1866,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", "aws-mediaconvert-preset.json", @@ -1933,6 +1935,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-aps-rulegroupsnamespace.json b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-aps-rulegroupsnamespace.json deleted file mode 100644 index 8d00c4be37..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-aps-rulegroupsnamespace.json +++ /dev/null @@ -1,129 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Name" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "RuleGroupsNamespace schema for cloudformation.", - "handlers": { - "create": { - "permissions": [ - "aps:CreateRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource" - ] - }, - "delete": { - "permissions": [ - "aps:DeleteRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace" - ] - }, - "list": { - "handlerSchema": { - "properties": { - "Arn": { - "$ref": "resource-schema.json#/properties/Workspace" - } - }, - "required": [ - "Arn" - ] - }, - "permissions": [ - "aps:ListRuleGroupsNamespaces", - "aps:ListTagsForResource" - ] - }, - "read": { - "permissions": [ - "aps:DescribeRuleGroupsNamespace", - "aps:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "aps:PutRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource", - "aps:UntagResource", - "aps:ListTagsForResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/Arn" - ], - "properties": { - "Arn": { - "description": "The RuleGroupsNamespace ARN.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:rulegroupsnamespace/[a-zA-Z0-9-]+/[0-9A-Za-z][-.0-9A-Z_a-z]*$", - "type": "string" - }, - "Data": { - "description": "The RuleGroupsNamespace data.", - "type": "string" - }, - "Name": { - "description": "The RuleGroupsNamespace name.", - "maxLength": 64, - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - }, - "Workspace": { - "description": "Required to identify a specific APS Workspace associated with this RuleGroupsNamespace.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "Workspace", - "Data", - "Name" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-aps", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::APS::RuleGroupsNamespace" -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py index beb33c1042..8746fa6151 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py @@ -110,11 +110,13 @@ "AWS::SageMaker::ModelPackage", "AWS::EventSchemas::Discoverer", "AWS::ElastiCache::UserGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::ApiGateway::RestApi", "AWS::OpsWorks::ElasticLoadBalancerAttachment", "AWS::AppMesh::VirtualService", "AWS::S3ObjectLambda::AccessPointPolicy", + "AWS::InspectorV2::Filter", "AWS::ElastiCache::ReplicationGroup", "AWS::StepFunctions::StateMachineAlias", "AWS::Cognito::UserPoolResourceServer", @@ -132,6 +134,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -387,6 +390,7 @@ "AWS::Lambda::LayerVersion", "AWS::RDS::OptionGroup", "AWS::OpsWorks::UserProfile", + "AWS::Logs::Delivery", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", "AWS::SSM::MaintenanceWindow", @@ -396,13 +400,16 @@ "AWS::CloudFormation::WaitCondition", "AWS::SageMaker::NotebookInstance", "AWS::SSO::InstanceAccessControlAttributeConfiguration", + "AWS::EC2::VerifiedAccessEndpoint", "AWS::CloudWatch::AnomalyDetector", "AWS::EC2::SubnetNetworkAclAssociation", "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", + "AWS::EC2::VerifiedAccessInstance", "AWS::Lambda::Permission", "AWS::NetworkFirewall::FirewallPolicy", "AWS::EKS::IdentityProviderConfig", @@ -447,6 +454,7 @@ "AWS::StepFunctions::StateMachine", "AWS::RDS::DBClusterParameterGroup", "AWS::WAF::XssMatchSet", + "AWS::EC2::VerifiedAccessTrustProvider", "AWS::AppMesh::VirtualRouter", "AWS::Scheduler::ScheduleGroup", "AWS::EventSchemas::RegistryPolicy", @@ -539,6 +547,7 @@ "AWS::CodePipeline::CustomActionType", "AWS::AccessAnalyzer::Analyzer", "AWS::EC2::EC2Fleet", + "AWS::EC2::VerifiedAccessGroup", "AWS::EC2::VPCEndpointService", "AWS::IAM::ManagedPolicy", "AWS::EC2::LaunchTemplate", @@ -579,10 +588,10 @@ "aws-ec2-transitgatewayroutetablepropagation.json", "aws-shield-proactiveengagement.json", "aws-s3-accessgrantslocation.json", + "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-ec2-localgatewayroutetablevpcassociation.json", "aws-config-configurationrecorder.json", @@ -644,6 +653,7 @@ "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-cloudformation-moduleversion.json", @@ -660,10 +670,12 @@ "aws-sagemaker-modelpackage.json", "aws-eventschemas-discoverer.json", "aws-elasticache-usergroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-opsworks-elasticloadbalancerattachment.json", "aws-appmesh-virtualservice.json", "aws-s3objectlambda-accesspointpolicy.json", + "aws-inspectorv2-filter.json", "aws-elasticache-replicationgroup.json", "aws-stepfunctions-statemachinealias.json", "aws-rds-globalcluster.json", @@ -679,12 +691,13 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", + "aws-ssm-document.json", "aws-iam-role.json", "aws-events-apidestination.json", "aws-elasticache-serverlesscache.json", @@ -716,7 +729,6 @@ "aws-rolesanywhere-profile.json", "aws-xray-resourcepolicy.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-resourceexplorer2-view.json", @@ -743,7 +755,6 @@ "aws-batch-schedulingpolicy.json", "aws-athena-workgroup.json", "aws-sagemaker-imageversion.json", - "aws-iam-servercertificate.json", "aws-events-eventbus.json", "aws-sqs-queueinlinepolicy.json", "aws-organizations-organization.json", @@ -798,7 +809,6 @@ "aws-ec2-localgatewayroute.json", "aws-opsworks-app.json", "aws-kinesis-stream.json", - "aws-iam-samlprovider.json", "aws-cloudfront-keygroup.json", "aws-ec2-networkinterfaceattachment.json", "aws-cognito-userpooluser.json", @@ -862,7 +872,6 @@ "aws-rds-dbcluster.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", "aws-oam-link.json", @@ -906,19 +915,23 @@ "aws-lambda-layerversion.json", "aws-rds-optiongroup.json", "aws-opsworks-userprofile.json", + "aws-logs-delivery.json", "aws-ssm-maintenancewindow.json", "aws-lakeformation-tagassociation.json", "aws-ec2-ipamresourcediscovery.json", "aws-imagebuilder-infrastructureconfiguration.json", "aws-sagemaker-notebookinstance.json", "aws-sso-instanceaccesscontrolattributeconfiguration.json", + "aws-ec2-verifiedaccessendpoint.json", "aws-cloudwatch-anomalydetector.json", "aws-ec2-subnetnetworkaclassociation.json", "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", + "aws-ec2-verifiedaccessinstance.json", "aws-lambda-permission.json", "aws-networkfirewall-firewallpolicy.json", "aws-eks-identityproviderconfig.json", @@ -958,6 +971,7 @@ "aws-cognito-identitypool.json", "aws-stepfunctions-statemachine.json", "aws-rds-dbclusterparametergroup.json", + "aws-ec2-verifiedaccesstrustprovider.json", "aws-appmesh-virtualrouter.json", "aws-scheduler-schedulegroup.json", "aws-eventschemas-registrypolicy.json", @@ -1014,7 +1028,6 @@ "aws-cloudwatch-metricstream.json", "aws-ssm-parameter.json", "aws-config-deliverychannel.json", - "aws-iam-oidcprovider.json", "aws-lakeformation-tag.json", "aws-ce-anomalymonitor.json", "aws-servicecatalogappregistry-resourceassociation.json", @@ -1033,9 +1046,9 @@ "aws-appconfig-deployment.json", "aws-accessanalyzer-analyzer.json", "aws-ec2-ec2fleet.json", + "aws-ec2-verifiedaccessgroup.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-pcaconnectorad-serviceprincipalname.json", @@ -1059,4 +1072,5 @@ "aws-elasticloadbalancingv2-listener.json", "aws-cloudformation-waitconditionhandle.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cognito-userpoolidentityprovider.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cognito-userpoolidentityprovider.json index 51f43c7c2b..47806c7cb2 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cognito-userpoolidentityprovider.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-cognito-userpoolidentityprovider.json @@ -88,9 +88,6 @@ "type": "string" } }, - "readOnlyProperties": [ - "/properties/ProviderDetails/ActiveEncryptionCertificate" - ], "required": [ "UserPoolId", "ProviderName", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-host.json index b343142e92..6ea413000b 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-guardduty-filter.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-guardduty-filter.json deleted file mode 100644 index 0c0c488266..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-guardduty-filter.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DetectorId", - "/properties/Name" - ], - "definitions": { - "Condition": { - "additionalProperties": false, - "properties": { - "Eq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Equals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "GreaterThan": { - "type": "integer" - }, - "GreaterThanOrEqual": { - "type": "integer" - }, - "Gt": { - "type": "integer" - }, - "Gte": { - "type": "integer" - }, - "LessThan": { - "type": "integer" - }, - "LessThanOrEqual": { - "type": "integer" - }, - "Lt": { - "type": "integer" - }, - "Lte": { - "type": "integer" - }, - "Neq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "NotEquals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "type": "object" - }, - "ItemType": { - "$ref": "#/definitions/Condition" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::GuardDuty::Filter", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Action": { - "enum": [ - "NOOP", - "ARCHIVE" - ], - "type": "string" - }, - "Description": { - "type": "string" - }, - "DetectorId": { - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/FindingCriteria" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "Rank": { - "type": "integer" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Action", - "Description", - "DetectorId", - "FindingCriteria", - "Rank", - "Name" - ], - "typeName": "AWS::GuardDuty::Filter" -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-oidcprovider.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-oidcprovider.json new file mode 100644 index 0000000000..5a24049269 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-oidcprovider.json @@ -0,0 +1,125 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Url" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IAM::OIDCProvider", + "handlers": { + "create": { + "permissions": [ + "iam:CreateOpenIDConnectProvider", + "iam:TagOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider" + ] + }, + "delete": { + "permissions": [ + "iam:DeleteOpenIDConnectProvider" + ] + }, + "list": { + "permissions": [ + "iam:ListOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider" + ] + }, + "read": { + "permissions": [ + "iam:GetOpenIDConnectProvider" + ] + }, + "update": { + "permissions": [ + "iam:UpdateOpenIDConnectProviderThumbprint", + "iam:RemoveClientIDFromOpenIDConnectProvider", + "iam:AddClientIDToOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider", + "iam:TagOpenIDConnectProvider", + "iam:UntagOpenIDConnectProvider", + "iam:ListOpenIDConnectProviderTags" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "description": "Amazon Resource Name (ARN) of the OIDC provider", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ClientIdList": { + "insertionOrder": false, + "items": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "ThumbprintList": { + "insertionOrder": false, + "items": { + "maxLength": 40, + "minLength": 40, + "pattern": "[0-9A-Fa-f]{40}", + "type": "string" + }, + "maxItems": 5, + "type": "array" + }, + "Url": { + "maxLength": 255, + "minLength": 1, + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "required": [ + "ThumbprintList" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IAM::OIDCProvider" +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-aps-rulegroupsnamespace.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-samlprovider.json similarity index 50% rename from src/cfnlint/data/schemas/providers/eu_north_1/aws-aps-rulegroupsnamespace.json rename to src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-samlprovider.json index 8d00c4be37..9b8efe6834 100644 --- a/src/cfnlint/data/schemas/providers/eu_north_1/aws-aps-rulegroupsnamespace.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-samlprovider.json @@ -17,61 +17,49 @@ "Value": { "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 0, + "minLength": 1, "type": "string" } }, "required": [ - "Key", - "Value" + "Value", + "Key" ], "type": "object" } }, - "description": "RuleGroupsNamespace schema for cloudformation.", + "description": "Resource Type definition for AWS::IAM::SAMLProvider", "handlers": { "create": { "permissions": [ - "aps:CreateRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource" + "iam:CreateSAMLProvider", + "iam:GetSAMLProvider", + "iam:TagSAMLProvider" ] }, "delete": { "permissions": [ - "aps:DeleteRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace" + "iam:DeleteSAMLProvider" ] }, "list": { - "handlerSchema": { - "properties": { - "Arn": { - "$ref": "resource-schema.json#/properties/Workspace" - } - }, - "required": [ - "Arn" - ] - }, "permissions": [ - "aps:ListRuleGroupsNamespaces", - "aps:ListTagsForResource" + "iam:ListSAMLProviders", + "iam:GetSAMLProvider" ] }, "read": { "permissions": [ - "aps:DescribeRuleGroupsNamespace", - "aps:ListTagsForResource" + "iam:GetSAMLProvider" ] }, "update": { "permissions": [ - "aps:PutRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource", - "aps:UntagResource", - "aps:ListTagsForResource" + "iam:UpdateSAMLProvider", + "iam:GetSAMLProvider", + "iam:TagSAMLProvider", + "iam:ListSAMLProviderTags", + "iam:UntagSAMLProvider" ] } }, @@ -80,50 +68,42 @@ ], "properties": { "Arn": { - "description": "The RuleGroupsNamespace ARN.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:rulegroupsnamespace/[a-zA-Z0-9-]+/[0-9A-Za-z][-.0-9A-Z_a-z]*$", - "type": "string" - }, - "Data": { - "description": "The RuleGroupsNamespace data.", + "description": "Amazon Resource Name (ARN) of the SAML provider", + "maxLength": 1600, + "minLength": 1, "type": "string" }, "Name": { - "description": "The RuleGroupsNamespace name.", - "maxLength": 64, + "maxLength": 128, "minLength": 1, + "pattern": "[\\w._-]+", + "type": "string" + }, + "SamlMetadataDocument": { + "maxLength": 10000000, + "minLength": 1000, "type": "string" }, "Tags": { - "description": "An array of key-value pairs to apply to this resource.", "insertionOrder": false, "items": { "$ref": "#/definitions/Tag" }, "type": "array", - "uniqueItems": true - }, - "Workspace": { - "description": "Required to identify a specific APS Workspace associated with this RuleGroupsNamespace.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$", - "type": "string" + "uniqueItems": false } }, "readOnlyProperties": [ "/properties/Arn" ], "required": [ - "Workspace", - "Data", - "Name" + "SamlMetadataDocument" ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-aps", "tagging": { - "cloudFormationSystemTags": true, + "cloudFormationSystemTags": false, "tagOnCreate": true, - "tagProperty": "/properties/Tags", "tagUpdatable": true, "taggable": true }, - "typeName": "AWS::APS::RuleGroupsNamespace" + "typeName": "AWS::IAM::SAMLProvider" } diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-servercertificate.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-servercertificate.json new file mode 100644 index 0000000000..5eadc526d8 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-iam-servercertificate.json @@ -0,0 +1,132 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ServerCertificateName", + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IAM::ServerCertificate", + "handlers": { + "create": { + "permissions": [ + "iam:UploadServerCertificate", + "iam:TagServerCertificate", + "iam:GetServerCertificate" + ] + }, + "delete": { + "permissions": [ + "iam:DeleteServerCertificate" + ] + }, + "list": { + "permissions": [ + "iam:ListServerCertificates", + "iam:GetServerCertificate" + ] + }, + "read": { + "permissions": [ + "iam:GetServerCertificate" + ] + }, + "update": { + "permissions": [ + "iam:TagServerCertificate", + "iam:UntagServerCertificate", + "iam:ListServerCertificateTags", + "iam:GetServerCertificate" + ] + } + }, + "primaryIdentifier": [ + "/properties/ServerCertificateName" + ], + "properties": { + "Arn": { + "description": "Amazon Resource Name (ARN) of the server certificate", + "maxLength": 1600, + "minLength": 1, + "type": "string" + }, + "CertificateBody": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "CertificateChain": { + "maxLength": 2097152, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "Path": { + "maxLength": 512, + "minLength": 1, + "pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)", + "type": "string" + }, + "PrivateKey": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "ServerCertificateName": { + "maxLength": 128, + "minLength": 1, + "pattern": "[\\w+=,.@-]+", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IAM::ServerCertificate", + "writeOnlyProperties": [ + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ssm-document.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ssm-document.json deleted file mode 100644 index 2a812e0701..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-ssm-document.json +++ /dev/null @@ -1,236 +0,0 @@ -{ - "additionalProperties": false, - "conditionalCreateOnlyProperties": [ - "/properties/Content", - "/properties/Attachments", - "/properties/VersionName", - "/properties/DocumentFormat", - "/properties/TargetType", - "/properties/Requires" - ], - "createOnlyProperties": [ - "/properties/Name", - "/properties/DocumentType" - ], - "definitions": { - "AttachmentsSource": { - "additionalProperties": false, - "properties": { - "Key": { - "description": "The key of a key-value pair that identifies the location of an attachment to a document.", - "enum": [ - "SourceUrl", - "S3FileUrl", - "AttachmentReference" - ], - "type": "string" - }, - "Name": { - "description": "The name of the document attachment file.", - "maxLength": 128, - "minLength": 1, - "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", - "type": "string" - }, - "Values": { - "description": "The value of a key-value pair that identifies the location of an attachment to a document. The format for Value depends on the type of key you specify.", - "insertionOrder": false, - "items": { - "maxLength": 100000, - "minLength": 1, - "type": "string" - }, - "maxItems": 1, - "minItems": 1, - "type": "array" - } - }, - "type": "object" - }, - "DocumentRequires": { - "additionalProperties": false, - "properties": { - "Name": { - "description": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", - "maxLength": 200, - "pattern": "^[a-zA-Z0-9_\\-.:/]{3,200}$", - "type": "string" - }, - "Version": { - "description": "The document version required by the current document.", - "maxLength": 8, - "pattern": "([$]LATEST|[$]DEFAULT|^[1-9][0-9]*$)", - "type": "string" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "description": "The name of the tag.", - "maxLength": 128, - "minLength": 1, - "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", - "type": "string" - }, - "Value": { - "description": "The value of the tag.", - "maxLength": 256, - "minLength": 1, - "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::SSM::Document resource is an SSM document in AWS Systems Manager that defines the actions that Systems Manager performs, which can be used to set up and run commands on your instances.", - "handlers": { - "create": { - "permissions": [ - "ssm:CreateDocument", - "ssm:GetDocument", - "ssm:AddTagsToResource", - "ssm:ListTagsForResource", - "s3:GetObject", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "ssm:DeleteDocument", - "ssm:GetDocument" - ] - }, - "list": { - "permissions": [ - "ssm:ListDocuments" - ] - }, - "read": { - "permissions": [ - "ssm:GetDocument", - "ssm:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "ssm:UpdateDocument", - "s3:GetObject", - "ssm:AddTagsToResource", - "ssm:RemoveTagsFromResource", - "ssm:ListTagsForResource", - "iam:PassRole", - "ssm:UpdateDocumentDefaultVersion", - "ssm:DescribeDocument" - ] - } - }, - "primaryIdentifier": [ - "/properties/Name" - ], - "properties": { - "Attachments": { - "description": "A list of key and value pairs that describe attachments to a version of a document.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/AttachmentsSource" - }, - "maxItems": 20, - "minItems": 0, - "type": "array" - }, - "Content": { - "description": "The content for the Systems Manager document in JSON, YAML or String format.", - "type": [ - "object", - "string" - ] - }, - "DocumentFormat": { - "default": "JSON", - "description": "Specify the document format for the request. The document format can be either JSON or YAML. JSON is the default format.", - "enum": [ - "YAML", - "JSON", - "TEXT" - ], - "type": "string" - }, - "DocumentType": { - "description": "The type of document to create.", - "enum": [ - "ApplicationConfiguration", - "ApplicationConfigurationSchema", - "Automation", - "Automation.ChangeTemplate", - "ChangeCalendar", - "CloudFormation", - "Command", - "DeploymentStrategy", - "Package", - "Policy", - "ProblemAnalysis", - "ProblemAnalysisTemplate", - "Session" - ], - "type": "string" - }, - "Name": { - "description": "A name for the Systems Manager document.", - "pattern": "^[a-zA-Z0-9_\\-.]{3,128}$", - "type": "string" - }, - "Requires": { - "description": "A list of SSM documents required by a document. For example, an ApplicationConfiguration document requires an ApplicationConfigurationSchema document.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/DocumentRequires" - }, - "minItems": 1, - "type": "array" - }, - "Tags": { - "description": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 1000, - "type": "array" - }, - "TargetType": { - "description": "Specify a target type to define the kinds of resources the document can run on.", - "pattern": "^\\/[\\w\\.\\-\\:\\/]*$", - "type": "string" - }, - "UpdateMethod": { - "default": "Replace", - "description": "Update method - when set to 'Replace', the update will replace the existing document; when set to 'NewVersion', the update will create a new version.", - "enum": [ - "Replace", - "NewVersion" - ], - "type": "string" - }, - "VersionName": { - "description": "An optional field specifying the version of the artifact you are creating with the document. This value is unique across all versions of a document, and cannot be changed.", - "pattern": "^[a-zA-Z0-9_\\-.]{1,128}$", - "type": "string" - } - }, - "required": [ - "Content" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ssm", - "tagging": { - "taggable": true - }, - "typeName": "AWS::SSM::Document", - "writeOnlyProperties": [ - "/properties/UpdateMethod", - "/properties/Attachments" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py index ecfd25253a..49c536f99b 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py @@ -534,7 +534,6 @@ "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-glue-dataqualityruleset.json", "aws-config-configurationrecorder.json", @@ -588,6 +587,7 @@ "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-route53resolver-resolverruleassociation.json", @@ -618,7 +618,6 @@ "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-iam-role.json", "aws-medialive-multiplexprogram.json", @@ -642,7 +641,6 @@ "aws-xray-resourcepolicy.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-cloudfront-publickey.json", @@ -709,6 +707,7 @@ "aws-cloudformation-hookdefaultversion.json", "aws-config-configrule.json", "aws-imagebuilder-workflow.json", + "aws-ecs-taskset.json", "aws-acmpca-certificateauthorityactivation.json", "aws-guardduty-threatintelset.json", "aws-ec2-vpc.json", @@ -780,7 +779,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-xray-group.json", "aws-oam-link.json", "aws-elasticloadbalancingv2-truststorerevocation.json", @@ -791,6 +789,7 @@ "aws-glue-mltransform.json", "aws-appconfig-hostedconfigurationversion.json", "aws-datasync-locationefs.json", + "aws-elasticloadbalancingv2-targetgroup.json", "aws-applicationautoscaling-scalingpolicy.json", "aws-cloudformation-macro.json", "aws-lambda-layerversionpermission.json", @@ -926,7 +925,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-mediatailor-playbackconfiguration.json", @@ -946,4 +944,5 @@ "aws-elasticloadbalancingv2-listener.json", "aws-cloudformation-waitconditionhandle.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-host.json index b343142e92..6ea413000b 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-spotfleet.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-spotfleet.json index d8df19f68d..c696c3ce70 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-spotfleet.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-spotfleet.json @@ -210,8 +210,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone" ], "type": "string" }, @@ -365,8 +365,8 @@ "type": "string" }, "IamFleetRole": { - "awsType": [ - "IamRoleArn" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole" ], "type": "string" }, @@ -465,8 +465,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-volume.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-volume.json index 6126f7c814..7529e88cce 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-volume.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ec2-volume.json @@ -27,7 +27,9 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::EC2::Volume/Properties/AvailabilityZone" + ], "type": "string" }, "Encrypted": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ecs-taskset.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ecs-taskset.json deleted file mode 100644 index 4dd38f7ef4..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-ecs-taskset.json +++ /dev/null @@ -1,215 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Cluster", - "/properties/ExternalId", - "/properties/LaunchType", - "/properties/LoadBalancers", - "/properties/NetworkConfiguration", - "/properties/PlatformVersion", - "/properties/Service", - "/properties/ServiceRegistries", - "/properties/TaskDefinition" - ], - "definitions": { - "AwsVpcConfiguration": { - "additionalProperties": false, - "description": "The VPC subnets and security groups associated with a task. All specified subnets and security groups must be from the same VPC.", - "properties": { - "AssignPublicIp": { - "description": "Whether the task's elastic network interface receives a public IP address. The default value is DISABLED.", - "enum": [ - "DISABLED", - "ENABLED" - ], - "type": "string" - }, - "SecurityGroups": { - "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. There is a limit of 5 security groups that can be specified per AwsVpcConfiguration.", - "items": { - "type": "string" - }, - "maxItems": 5, - "type": "array" - }, - "Subnets": { - "description": "The subnets associated with the task or service. There is a limit of 16 subnets that can be specified per AwsVpcConfiguration.", - "items": { - "type": "string" - }, - "maxItems": 16, - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "LoadBalancer": { - "additionalProperties": false, - "description": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer. ", - "properties": { - "ContainerName": { - "description": "The name of the container (as it appears in a container definition) to associate with the load balancer.", - "type": "string" - }, - "ContainerPort": { - "description": "The port on the container to associate with the load balancer. This port must correspond to a containerPort in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they are launched on must allow ingress traffic on the hostPort of the port mapping.", - "type": "integer" - }, - "TargetGroupArn": { - "description": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. If you are using a Classic Load Balancer this should be omitted. For services using the ECS deployment controller, you can specify one or multiple target groups. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY deployment controller, you are required to define two target groups for the load balancer. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html in the Amazon Elastic Container Service Developer Guide. If your service's task definition uses the awsvpc network mode (which is required for the Fargate launch type), you must choose ip as the target type, not instance, when creating your target groups because tasks that use the awsvpc network mode are associated with an elastic network interface, not an Amazon EC2 instance.", - "type": "string" - } - }, - "type": "object" - }, - "NetworkConfiguration": { - "additionalProperties": false, - "description": "An object representing the network configuration for a task or service.", - "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AwsVpcConfiguration" - } - }, - "type": "object" - }, - "Scale": { - "additionalProperties": false, - "properties": { - "Unit": { - "description": "The unit of measure for the scale value.", - "enum": [ - "PERCENT" - ], - "type": "string" - }, - "Value": { - "description": "The value, specified as a percent total of a service's desiredCount, to scale the task set. Accepted values are numbers between 0 and 100.", - "maximum": 100, - "minimum": 0, - "type": "number" - } - }, - "type": "object" - }, - "ServiceRegistry": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "description": "The container name value, already specified in the task definition, to be used for your service discovery service. If the task definition that your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition that your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both.", - "type": "string" - }, - "ContainerPort": { - "description": "The port value, already specified in the task definition, to be used for your service discovery service. If the task definition your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both.", - "type": "integer" - }, - "Port": { - "description": "The port value used if your service discovery service specified an SRV record. This field may be used if both the awsvpc network mode and SRV records are used.", - "type": "integer" - }, - "RegistryArn": { - "description": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map. For more information, see https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html", - "type": "string" - } - }, - "type": "object" - } - }, - "description": "Create a task set in the specified cluster and service. This is used when a service uses the EXTERNAL deployment controller type. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.htmlin the Amazon Elastic Container Service Developer Guide.", - "handlers": { - "create": { - "permissions": [ - "ecs:CreateTaskSet", - "ecs:DescribeTaskSets" - ] - }, - "delete": { - "permissions": [ - "ecs:DeleteTaskSet", - "ecs:DescribeTaskSets" - ] - }, - "read": { - "permissions": [ - "ecs:DescribeTaskSets" - ] - }, - "update": { - "permissions": [ - "ecs:UpdateTaskSet", - "ecs:DescribeTaskSets" - ] - } - }, - "primaryIdentifier": [ - "/properties/Cluster", - "/properties/Service", - "/properties/Id" - ], - "properties": { - "Cluster": { - "description": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", - "type": "string" - }, - "ExternalId": { - "description": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the ECS_TASK_SET_EXTERNAL_ID AWS Cloud Map attribute set to the provided value. ", - "type": "string" - }, - "Id": { - "description": "The ID of the task set.", - "type": "string" - }, - "LaunchType": { - "description": "The launch type that new tasks in the task set will use. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html in the Amazon Elastic Container Service Developer Guide. ", - "enum": [ - "EC2", - "FARGATE" - ], - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/LoadBalancer" - }, - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/NetworkConfiguration" - }, - "PlatformVersion": { - "description": "The platform version that the tasks in the task set should use. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the LATEST platform version is used by default.", - "type": "string" - }, - "Scale": { - "$ref": "#/definitions/Scale", - "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set." - }, - "Service": { - "description": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", - "type": "string" - }, - "ServiceRegistries": { - "description": "The details of the service discovery registries to assign to this task set. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html.", - "items": { - "$ref": "#/definitions/ServiceRegistry" - }, - "type": "array" - }, - "TaskDefinition": { - "description": "The short name or full Amazon Resource Name (ARN) of the task definition for the tasks in the task set to use.", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Cluster", - "Service", - "TaskDefinition" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ecs.git", - "typeName": "AWS::ECS::TaskSet" -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-elasticloadbalancingv2-targetgroup.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-elasticloadbalancingv2-targetgroup.json deleted file mode 100644 index e903c7f545..0000000000 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-elasticloadbalancingv2-targetgroup.json +++ /dev/null @@ -1,175 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/TargetType", - "/properties/ProtocolVersion", - "/properties/Port", - "/properties/Name", - "/properties/VpcId", - "/properties/Protocol", - "/properties/IpAddressType" - ], - "definitions": { - "Matcher": { - "additionalProperties": false, - "properties": { - "GrpcCode": { - "type": "string" - }, - "HttpCode": { - "type": "string" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "TargetDescription": { - "additionalProperties": false, - "properties": { - "AvailabilityZone": { - "awsType": "AvailabilityZone", - "type": "string" - }, - "Id": { - "type": "string" - }, - "Port": { - "type": "integer" - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "TargetGroupAttribute": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "Resource Type definition for AWS::ElasticLoadBalancingV2::TargetGroup", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "HealthCheckEnabled": { - "type": "boolean" - }, - "HealthCheckIntervalSeconds": { - "maximum": 300, - "minimum": 5, - "type": "integer" - }, - "HealthCheckPath": { - "type": "string" - }, - "HealthCheckPort": { - "type": "string" - }, - "HealthCheckProtocol": { - "type": "string" - }, - "HealthCheckTimeoutSeconds": { - "type": "integer" - }, - "HealthyThresholdCount": { - "type": "integer" - }, - "Id": { - "type": "string" - }, - "IpAddressType": { - "type": "string" - }, - "LoadBalancerArns": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Matcher": { - "$ref": "#/definitions/Matcher" - }, - "Name": { - "type": "string" - }, - "Port": { - "type": "integer" - }, - "Protocol": { - "type": "string" - }, - "ProtocolVersion": { - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - }, - "TargetGroupAttributes": { - "items": { - "$ref": "#/definitions/TargetGroupAttribute" - }, - "type": "array", - "uniqueItems": true - }, - "TargetGroupFullName": { - "type": "string" - }, - "TargetGroupName": { - "type": "string" - }, - "TargetType": { - "type": "string" - }, - "Targets": { - "items": { - "$ref": "#/definitions/TargetDescription" - }, - "type": "array", - "uniqueItems": true - }, - "UnhealthyThresholdCount": { - "maximum": 10, - "minimum": 2, - "type": "integer" - }, - "VpcId": { - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/LoadBalancerArns", - "/properties/Id", - "/properties/TargetGroupName", - "/properties/TargetGroupFullName" - ], - "typeName": "AWS::ElasticLoadBalancingV2::TargetGroup" -} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py b/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py index 2be0b62b66..a7aa428624 100644 --- a/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py @@ -182,6 +182,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -217,6 +218,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -683,6 +685,7 @@ "AWS::Glue::Schema", "AWS::DataZone::Environment", "AWS::DocDB::DBSubnetGroup", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::WorkSpacesWeb::TrustStore", "AWS::CustomerProfiles::Domain", @@ -721,6 +724,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1196,6 +1200,7 @@ "aws-networkmanager-connectpeer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1229,6 +1234,8 @@ "aws-sns-topic.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", + "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", @@ -1236,7 +1243,6 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", @@ -1335,6 +1341,7 @@ "aws-comprehend-documentclassifier.json", "aws-vpclattice-authpolicy.json", "aws-glue-schemaversion.json", + "aws-sagemaker-space.json", "aws-iot-policyprincipalattachment.json", "aws-fms-notificationchannel.json", "aws-msk-batchscramsecret.json", @@ -1421,6 +1428,7 @@ "aws-datasync-locationnfs.json", "aws-amplify-domain.json", "aws-kinesisanalyticsv2-applicationoutput.json", + "aws-sagemaker-domain.json", "aws-certificatemanager-certificate.json", "aws-glue-schemaversionmetadata.json", "aws-sdb-domain.json", @@ -1611,7 +1619,6 @@ "aws-transfer-agreement.json", "aws-lightsail-certificate.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1634,6 +1641,7 @@ "aws-datasync-locationefs.json", "aws-ec2-localgatewayroutetable.json", "aws-apigateway-resource.json", + "aws-sagemaker-appimageconfig.json", "aws-verifiedpermissions-identitysource.json", "aws-macie-session.json", "aws-elasticloadbalancingv2-targetgroup.json", @@ -1678,6 +1686,7 @@ "aws-glue-schema.json", "aws-datazone-environment.json", "aws-docdb-dbsubnetgroup.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-workspacesweb-truststore.json", "aws-customerprofiles-domain.json", @@ -1716,6 +1725,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1907,7 +1917,6 @@ "aws-apigatewayv2-routeresponse.json", "aws-quicksight-topic.json", "aws-cloudwatch-metricstream.json", - "aws-location-geofencecollection.json", "aws-ssm-parameter.json", "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", @@ -1953,12 +1962,10 @@ "aws-ec2-verifiedaccessgroup.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-pinpoint-voicechannel.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", - "aws-cognito-userpoolriskconfigurationattachment.json", "aws-mediatailor-playbackconfiguration.json", "aws-pcaconnectorad-serviceprincipalname.json", "aws-elasticbeanstalk-environment.json", diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/ca_central_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/ca_central_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-cognito-userpoolriskconfigurationattachment.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-cognito-userpoolriskconfigurationattachment.json new file mode 100644 index 0000000000..229426c5ae --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-cognito-userpoolriskconfigurationattachment.json @@ -0,0 +1,215 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/UserPoolId", + "/properties/ClientId" + ], + "definitions": { + "AccountTakeoverActionType": { + "additionalProperties": false, + "properties": { + "EventAction": { + "type": "string" + }, + "Notify": { + "type": "boolean" + } + }, + "required": [ + "EventAction", + "Notify" + ], + "type": "object" + }, + "AccountTakeoverActionsType": { + "additionalProperties": false, + "properties": { + "HighAction": { + "$ref": "#/definitions/AccountTakeoverActionType" + }, + "LowAction": { + "$ref": "#/definitions/AccountTakeoverActionType" + }, + "MediumAction": { + "$ref": "#/definitions/AccountTakeoverActionType" + } + }, + "type": "object" + }, + "AccountTakeoverRiskConfigurationType": { + "additionalProperties": false, + "properties": { + "Actions": { + "$ref": "#/definitions/AccountTakeoverActionsType" + }, + "NotifyConfiguration": { + "$ref": "#/definitions/NotifyConfigurationType" + } + }, + "required": [ + "Actions" + ], + "type": "object" + }, + "CompromisedCredentialsActionsType": { + "additionalProperties": false, + "properties": { + "EventAction": { + "type": "string" + } + }, + "required": [ + "EventAction" + ], + "type": "object" + }, + "CompromisedCredentialsRiskConfigurationType": { + "additionalProperties": false, + "properties": { + "Actions": { + "$ref": "#/definitions/CompromisedCredentialsActionsType" + }, + "EventFilter": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Actions" + ], + "type": "object" + }, + "NotifyConfigurationType": { + "additionalProperties": false, + "properties": { + "BlockEmail": { + "$ref": "#/definitions/NotifyEmailType" + }, + "From": { + "type": "string" + }, + "MfaEmail": { + "$ref": "#/definitions/NotifyEmailType" + }, + "NoActionEmail": { + "$ref": "#/definitions/NotifyEmailType" + }, + "ReplyTo": { + "type": "string" + }, + "SourceArn": { + "type": "string" + } + }, + "required": [ + "SourceArn" + ], + "type": "object" + }, + "NotifyEmailType": { + "additionalProperties": false, + "properties": { + "HtmlBody": { + "type": "string" + }, + "Subject": { + "type": "string" + }, + "TextBody": { + "type": "string" + } + }, + "required": [ + "Subject" + ], + "type": "object" + }, + "RiskExceptionConfigurationType": { + "additionalProperties": false, + "properties": { + "BlockedIPRangeList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "SkippedIPRangeList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::Cognito::UserPoolRiskConfigurationAttachment", + "handlers": { + "create": { + "permissions": [ + "cognito-idp:SetRiskConfiguration", + "cognito-idp:DescribeRiskConfiguration", + "iam:PassRole" + ], + "timeoutInMinutes": 2 + }, + "delete": { + "permissions": [ + "cognito-idp:SetRiskConfiguration", + "cognito-idp:DescribeRiskConfiguration" + ], + "timeoutInMinutes": 2 + }, + "read": { + "permissions": [ + "cognito-idp:DescribeRiskConfiguration" + ] + }, + "update": { + "permissions": [ + "cognito-idp:SetRiskConfiguration", + "cognito-idp:DescribeRiskConfiguration", + "iam:PassRole" + ], + "timeoutInMinutes": 2 + } + }, + "primaryIdentifier": [ + "/properties/UserPoolId", + "/properties/ClientId" + ], + "properties": { + "AccountTakeoverRiskConfiguration": { + "$ref": "#/definitions/AccountTakeoverRiskConfigurationType" + }, + "ClientId": { + "type": "string" + }, + "CompromisedCredentialsRiskConfiguration": { + "$ref": "#/definitions/CompromisedCredentialsRiskConfigurationType" + }, + "RiskExceptionConfiguration": { + "$ref": "#/definitions/RiskExceptionConfigurationType" + }, + "UserPoolId": { + "type": "string" + } + }, + "required": [ + "UserPoolId", + "ClientId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::Cognito::UserPoolRiskConfigurationAttachment" +} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-location-geofencecollection.json new file mode 100644 index 0000000000..bb905fef3f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-location-geofencecollection.json @@ -0,0 +1,174 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CollectionName", + "/properties/KmsKeyId" + ], + "definitions": { + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::GeofenceCollection Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "kms:*" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteGeofenceCollection", + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "list": { + "permissions": [ + "geo:ListGeofenceCollections", + "kms:*" + ] + }, + "read": { + "permissions": [ + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "update": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "geo:UpdateGeofenceCollection", + "kms:*" + ] + } + }, + "primaryIdentifier": [ + "/properties/CollectionName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CollectionArn", + "/properties/Arn", + "/properties/CreateTime", + "/properties/UpdateTime" + ], + "required": [ + "CollectionName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::GeofenceCollection" +} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-space.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-space.json deleted file mode 100644 index 8a05d4cb73..0000000000 --- a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-space.json +++ /dev/null @@ -1,465 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DomainId", - "/properties/SpaceName", - "/properties/SpaceSharingSettings", - "/properties/OwnershipSettings" - ], - "definitions": { - "AppType": { - "enum": [ - "JupyterServer", - "KernelGateway", - "TensorBoard", - "RStudioServerPro", - "RSessionGateway", - "JupyterLab", - "CodeEditor" - ], - "type": "string" - }, - "CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension.", - "maxLength": 256, - "pattern": "^https://([.\\-_a-zA-Z0-9]+/?){3,1016}$", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "CustomFileSystem": { - "additionalProperties": false, - "properties": { - "EFSFileSystem": { - "$ref": "#/definitions/EFSFileSystem" - } - }, - "type": "object" - }, - "CustomFileSystems": { - "items": { - "$ref": "#/definitions/CustomFileSystem" - }, - "maxItems": 1, - "minItems": 0, - "type": "array", - "uniqueItems": true - }, - "CustomImage": { - "additionalProperties": false, - "description": "A custom SageMaker image.", - "properties": { - "AppImageConfigName": { - "description": "The Name of the AppImageConfig.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - }, - "ImageName": { - "description": "The name of the CustomImage. Must be unique to your account.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$", - "type": "string" - }, - "ImageVersionNumber": { - "description": "The version number of the CustomImage.", - "minimum": 0, - "type": "integer" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "EFSFileSystem": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "maxLength": 21, - "minLength": 11, - "pattern": "^(fs-[0-9a-f]{8,})$", - "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "EbsStorageSettings": { - "additionalProperties": false, - "description": "Properties related to the space's Amazon Elastic Block Store volume.", - "properties": { - "EbsVolumeSizeInGb": { - "$ref": "#/definitions/SpaceEbsVolumeSizeInGb", - "description": "Size of the Amazon EBS volume in Gb" - } - }, - "required": [ - "EbsVolumeSizeInGb" - ], - "type": "object" - }, - "JupyterServerAppSettings": { - "additionalProperties": false, - "description": "The JupyterServer app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "KernelGatewayAppSettings": { - "additionalProperties": false, - "description": "The kernel gateway app settings.", - "properties": { - "CustomImages": { - "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", - "items": { - "$ref": "#/definitions/CustomImage" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec", - "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app." - } - }, - "type": "object" - }, - "OwnershipSettings": { - "additionalProperties": false, - "properties": { - "OwnerUserProfileName": { - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - } - }, - "required": [ - "OwnerUserProfileName" - ], - "type": "object" - }, - "ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "description": "The instance type that the image version runs on.", - "enum": [ - "system", - "ml.t3.micro", - "ml.t3.small", - "ml.t3.medium", - "ml.t3.large", - "ml.t3.xlarge", - "ml.t3.2xlarge", - "ml.m5.large", - "ml.m5.xlarge", - "ml.m5.2xlarge", - "ml.m5.4xlarge", - "ml.m5.8xlarge", - "ml.m5.12xlarge", - "ml.m5.16xlarge", - "ml.m5.24xlarge", - "ml.c5.large", - "ml.c5.xlarge", - "ml.c5.2xlarge", - "ml.c5.4xlarge", - "ml.c5.9xlarge", - "ml.c5.12xlarge", - "ml.c5.18xlarge", - "ml.c5.24xlarge", - "ml.p3.2xlarge", - "ml.p3.8xlarge", - "ml.p3.16xlarge", - "ml.g4dn.xlarge", - "ml.g4dn.2xlarge", - "ml.g4dn.4xlarge", - "ml.g4dn.8xlarge", - "ml.g4dn.12xlarge", - "ml.g4dn.16xlarge", - "ml.r5.large", - "ml.r5.xlarge", - "ml.r5.2xlarge", - "ml.r5.4xlarge", - "ml.r5.8xlarge", - "ml.r5.12xlarge", - "ml.r5.16xlarge", - "ml.r5.24xlarge", - "ml.p3dn.24xlarge", - "ml.m5d.large", - "ml.m5d.xlarge", - "ml.m5d.2xlarge", - "ml.m5d.4xlarge", - "ml.m5d.8xlarge", - "ml.m5d.12xlarge", - "ml.m5d.16xlarge", - "ml.m5d.24xlarge", - "ml.g5.xlarge", - "ml.g5.2xlarge", - "ml.g5.4xlarge", - "ml.g5.8xlarge", - "ml.g5.12xlarge", - "ml.g5.16xlarge", - "ml.g5.24xlarge", - "ml.g5.48xlarge", - "ml.p4d.24xlarge", - "ml.p4de.24xlarge", - "ml.geospatial.interactive", - "ml.trn1.2xlarge", - "ml.trn1.32xlarge", - "ml.trn1n.32xlarge" - ], - "type": "string" - }, - "SageMakerImageArn": { - "description": "The ARN of the SageMaker image that the image version belongs to.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image/[a-z0-9]([-.]?[a-z0-9])*$", - "type": "string" - }, - "SageMakerImageVersionArn": { - "description": "The ARN of the image version created on the instance.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image-version/[a-z0-9]([-.]?[a-z0-9])*/[0-9]+$", - "type": "string" - } - }, - "type": "object" - }, - "SpaceCodeEditorAppSettings": { - "additionalProperties": false, - "description": "The CodeEditor app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "SpaceEbsVolumeSizeInGb": { - "maximum": 16384, - "minimum": 5, - "type": "integer" - }, - "SpaceJupyterLabAppSettings": { - "additionalProperties": false, - "description": "The JupyterServer app settings.", - "properties": { - "CodeRepositories": { - "description": "A list of CodeRepositories available for use with JupyterLab apps.", - "items": { - "$ref": "#/definitions/CodeRepository" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "SpaceSettings": { - "additionalProperties": false, - "description": "A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the CreateSpace API is called.", - "properties": { - "AppType": { - "$ref": "#/definitions/AppType" - }, - "CodeEditorAppSettings": { - "$ref": "#/definitions/SpaceCodeEditorAppSettings", - "description": "The CodeEditor app settings." - }, - "CustomFileSystems": { - "$ref": "#/definitions/CustomFileSystems" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/SpaceJupyterLabAppSettings", - "description": "The JupyterLab app settings." - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/JupyterServerAppSettings", - "description": "The Jupyter server's app settings." - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/KernelGatewayAppSettings", - "description": "The kernel gateway app settings." - }, - "SpaceStorageSettings": { - "$ref": "#/definitions/SpaceStorageSettings", - "description": "Default storage settings for a space." - } - }, - "type": "object" - }, - "SpaceSharingSettings": { - "additionalProperties": false, - "properties": { - "SharingType": { - "enum": [ - "Private", - "Shared" - ], - "type": "string" - } - }, - "required": [ - "SharingType" - ], - "type": "object" - }, - "SpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "EbsStorageSettings": { - "$ref": "#/definitions/EbsStorageSettings" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 128, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::SageMaker::Space", - "handlers": { - "create": { - "permissions": [ - "sagemaker:CreateSpace", - "sagemaker:DescribeSpace" - ] - }, - "delete": { - "permissions": [ - "sagemaker:DeleteSpace", - "sagemaker:DescribeSpace" - ] - }, - "list": { - "permissions": [ - "sagemaker:ListSpaces" - ] - }, - "read": { - "permissions": [ - "sagemaker:DescribeSpace" - ] - }, - "update": { - "permissions": [ - "sagemaker:UpdateSpace", - "sagemaker:DescribeSpace" - ] - } - }, - "primaryIdentifier": [ - "/properties/DomainId", - "/properties/SpaceName" - ], - "properties": { - "DomainId": { - "description": "The ID of the associated Domain.", - "maxLength": 63, - "minLength": 1, - "type": "string" - }, - "OwnershipSettings": { - "$ref": "#/definitions/OwnershipSettings" - }, - "SpaceArn": { - "description": "The space Amazon Resource Name (ARN).", - "maxLength": 256, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:space/.*", - "type": "string" - }, - "SpaceDisplayName": { - "maxLength": 64, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "SpaceName": { - "description": "A name for the Space.", - "maxLength": 63, - "minLength": 1, - "type": "string" - }, - "SpaceSettings": { - "$ref": "#/definitions/SpaceSettings", - "description": "A collection of settings.", - "maxItems": 50, - "minItems": 0, - "uniqueItems": false - }, - "SpaceSharingSettings": { - "$ref": "#/definitions/SpaceSharingSettings" - }, - "Tags": { - "description": "A list of tags to apply to the space.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "Url": { - "maxLength": 1024, - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/SpaceArn", - "/properties/Url" - ], - "required": [ - "DomainId", - "SpaceName" - ], - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::SageMaker::Space", - "writeOnlyProperties": [ - "/properties/SpaceSettings", - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py b/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py index 0f934650d8..53a6a07173 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py @@ -5,6 +5,7 @@ "AWS::CDK::Metadata", "AWS::CE::AnomalySubscription", "AWS::ApiGateway::BasePathMapping", + "AWS::GuardDuty::Filter", "AWS::ECS::Service", "AWS::RAM::ResourceShare", "AWS::DMS::ReplicationConfig", @@ -24,6 +25,7 @@ "AWS::EC2::NetworkAclEntry", "AWS::ApiGateway::DocumentationPart", "AWS::CloudWatch::CompositeAlarm", + "AWS::Route53Resolver::FirewallDomainList", "AWS::AppConfig::Application", "AWS::OpsWorks::Stack", "AWS::GameLift::Fleet", @@ -89,6 +91,7 @@ "AWS::ElastiCache::SecurityGroupIngress", "AWS::CloudWatch::Dashboard", "AWS::CloudWatch::Alarm", + "AWS::GuardDuty::Member", "AWS::CloudFormation::CustomResource", "AWS::ElastiCache::ParameterGroup", "AWS::CodeDeploy::DeploymentGroup", @@ -105,6 +108,7 @@ "AWS::EC2::SpotFleet", "AWS::IoT::PolicyPrincipalAttachment", "AWS::S3::Bucket", + "AWS::GuardDuty::IPSet", "AWS::ServiceDiscovery::HttpNamespace", "AWS::EMR::SecurityConfiguration", "AWS::CloudWatch::InsightRule", @@ -120,6 +124,7 @@ "AWS::EC2::VolumeAttachment", "AWS::ECS::ClusterCapacityProviderAssociations", "AWS::AppConfig::ConfigurationProfile", + "AWS::Route53Resolver::FirewallRuleGroup", "AWS::EC2::TransitGateway", "AWS::EC2::VPCEndpointServicePermissions", "AWS::SSM::MaintenanceWindowTask", @@ -146,6 +151,7 @@ "AWS::Config::ConfigRule", "AWS::ImageBuilder::Workflow", "AWS::ECS::TaskSet", + "AWS::GuardDuty::ThreatIntelSet", "AWS::EC2::VPC", "AWS::ARCZonalShift::ZonalAutoshiftConfiguration", "AWS::DataSync::LocationAzureBlob", @@ -174,6 +180,7 @@ "AWS::EC2::VPCPeeringConnection", "AWS::SNS::TopicPolicy", "AWS::KMS::Key", + "AWS::Route53Resolver::FirewallRuleGroupAssociation", "AWS::Route53Resolver::ResolverQueryLoggingConfig", "AWS::EC2::SnapshotBlockPublicAccess", "AWS::EC2::Subnet", @@ -351,10 +358,10 @@ # pylint: disable=too-many-lines cached: List[str] = [ "aws-ce-anomalysubscription.json", + "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-config-configurationrecorder.json", "aws-cloudfront-continuousdeploymentpolicy.json", @@ -365,6 +372,7 @@ "aws-ec2-networkacl.json", "aws-logs-resourcepolicy.json", "aws-cloudwatch-compositealarm.json", + "aws-route53resolver-firewalldomainlist.json", "aws-autoscaling-warmpool.json", "aws-ecs-primarytaskset.json", "aws-autoscaling-autoscalinggroup.json", @@ -399,7 +407,6 @@ "aws-sns-topic.json", "aws-cloudtrail-trail.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-ssm-document.json", "aws-cloudfront-cloudfrontoriginaccessidentity.json", "aws-lambda-alias.json", @@ -413,7 +420,6 @@ "aws-ec2-route.json", "aws-cloudformation-hookversion.json", "aws-xray-resourcepolicy.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-cloudfront-publickey.json", "aws-ram-permission.json", @@ -421,6 +427,7 @@ "aws-ecs-taskdefinition.json", "aws-ec2-spotfleet.json", "aws-s3-bucket.json", + "aws-guardduty-ipset.json", "aws-servicediscovery-httpnamespace.json", "aws-cloudwatch-insightrule.json", "aws-batch-schedulingpolicy.json", @@ -429,6 +436,7 @@ "aws-ssm-maintenancewindowtarget.json", "aws-rds-dbsecuritygroupingress.json", "aws-ecs-clustercapacityproviderassociations.json", + "aws-route53resolver-firewallrulegroup.json", "aws-ec2-transitgateway.json", "aws-ec2-vpcendpointservicepermissions.json", "aws-ssm-maintenancewindowtask.json", @@ -449,6 +457,7 @@ "aws-cloudformation-hookdefaultversion.json", "aws-imagebuilder-workflow.json", "aws-ecs-taskset.json", + "aws-guardduty-threatintelset.json", "aws-ec2-vpc.json", "aws-arczonalshift-zonalautoshiftconfiguration.json", "aws-datasync-locationazureblob.json", @@ -470,6 +479,7 @@ "aws-organizations-policy.json", "aws-ec2-vpcpeeringconnection.json", "aws-kms-key.json", + "aws-route53resolver-firewallrulegroupassociation.json", "aws-route53resolver-resolverqueryloggingconfig.json", "aws-ec2-snapshotblockpublicaccess.json", "aws-s3objectlambda-accesspoint.json", @@ -488,6 +498,7 @@ "aws-emr-instancefleetconfig.json", "aws-emr-cluster.json", "aws-rds-dbcluster.json", + "aws-cloudfront-distribution.json", "aws-xray-group.json", "aws-oam-link.json", "aws-kms-replicakey.json", @@ -573,7 +584,6 @@ "aws-accessanalyzer-analyzer.json", "aws-ec2-ec2fleet.json", "aws-ec2-vpcendpointservice.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-ec2-dhcpoptions.json", "aws-iam-servicelinkedrole.json", @@ -586,4 +596,5 @@ "aws-batch-jobqueue.json", "aws-elasticloadbalancingv2-listener.json", "aws-cloudformation-waitconditionhandle.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-cloudwatch-alarm.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-cloudwatch-alarm.json index bc5a0e9747..01a76fac32 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-cloudwatch-alarm.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-cloudwatch-alarm.json @@ -1,7 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_cloudwatch_alarm/aws_namespace_period" + "AWS::CloudWatch::Alarm/Properties" ], "createOnlyProperties": [ "/properties/AlarmName" diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-host.json index b343142e92..6ea413000b 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-subnet.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-subnet.json index 53b428572b..e2c4be0959 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-subnet.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-subnet.json @@ -50,7 +50,9 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::EC2::Subnet/Properties/AvailabilityZone" + ], "type": "string" }, "AvailabilityZoneId": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-volume.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-volume.json index 6126f7c814..7529e88cce 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-volume.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-ec2-volume.json @@ -27,7 +27,9 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::EC2::Volume/Properties/AvailabilityZone" + ], "type": "string" }, "Encrypted": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-guardduty-member.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-guardduty-member.json new file mode 100644 index 0000000000..0373888c6c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-guardduty-member.json @@ -0,0 +1,97 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/DetectorId", + "/properties/MemberId" + ], + "description": "Resource Type definition for AWS::GuardDuty::Member", + "handlers": { + "create": { + "permissions": [ + "guardduty:CreateMembers", + "guardduty:GetMembers" + ] + }, + "delete": { + "permissions": [ + "guardduty:GetMembers", + "guardduty:DisassociateMembers", + "guardduty:DeleteMembers" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "DetectorId": { + "type": "string" + } + } + }, + "permissions": [ + "guardduty:ListMembers" + ] + }, + "read": { + "permissions": [ + "guardduty:GetMembers" + ] + }, + "update": { + "permissions": [ + "guardduty:GetMembers", + "guardduty:CreateMembers", + "guardduty:DisassociateMembers", + "guardduty:StartMonitoringMembers", + "guardduty:StopMonitoringMembers", + "guardduty:InviteMembers" + ] + } + }, + "primaryIdentifier": [ + "/properties/DetectorId", + "/properties/MemberId" + ], + "properties": { + "DetectorId": { + "type": "string" + }, + "DisableEmailNotification": { + "type": "boolean" + }, + "Email": { + "type": "string" + }, + "MemberId": { + "type": "string" + }, + "Message": { + "type": "string" + }, + "Status": { + "enum": [ + "Created", + "Disabled", + "Enabled", + "Invited", + "Removed", + "Resigned" + ], + "type": "string" + } + }, + "required": [ + "Email" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-guardduty", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::GuardDuty::Member", + "writeOnlyProperties": [ + "/properties/DisableEmailNotification", + "/properties/Message" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-group.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-group.json index 99c28ac1bb..691d29fb0f 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-group.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-group.json @@ -8,7 +8,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Group/Properties/Policies/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-managedpolicy.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-managedpolicy.json index 6dc7d88123..180906c862 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-managedpolicy.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-managedpolicy.json @@ -31,7 +31,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::ManagedPolicy/Properties/PolicyDocument" + ], "maxLength": 6144, "type": "object" }, diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-policy.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-policy.json index d0b90fa00c..62cf1bea25 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-policy.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-policy.json @@ -16,7 +16,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Policy/Properties/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-role.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-role.json index 39a91f30d5..5684c39e56 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-role.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-role.json @@ -9,7 +9,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Role/Properties/Policies/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-user.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-user.json index e023690766..6692fe696d 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-user.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-iam-user.json @@ -23,7 +23,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::User/Properties/Policies/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-lambda-eventsourcemapping.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-lambda-eventsourcemapping.json index f6a18030e3..eb88130d69 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-lambda-eventsourcemapping.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-lambda-eventsourcemapping.json @@ -1,8 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive", - "aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive" + "AWS::Lambda::EventSourceMapping/Properties" ], "createOnlyProperties": [ "/properties/EventSourceArn", diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-opensearchservice-domain.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-opensearchservice-domain.json index fde75170d5..485ef8d95e 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-opensearchservice-domain.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-opensearchservice-domain.json @@ -406,7 +406,9 @@ ], "properties": { "AccessPolicies": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::OpenSearchService::Domain/Properties/AccessPolicies" + ], "type": "object" }, "AdvancedOptions": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-sns-topicpolicy.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-sns-topicpolicy.json index 5141e8c188..ea4785c1d0 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/aws-sns-topicpolicy.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-sns-topicpolicy.json @@ -9,7 +9,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::SNS::TopicPolicy/Properties/PolicyDocument" + ], "type": "object" }, "Topics": { diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py b/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py index 3d677afef8..0c0fb6291d 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py @@ -652,6 +652,7 @@ "aws-ec2-transitgatewayroutetablepropagation.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", + "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-config-organizationconfigrule.json", "aws-glue-dataqualityruleset.json", @@ -690,7 +691,6 @@ "aws-apigateway-domainname.json", "aws-ecs-primarytaskset.json", "aws-autoscaling-autoscalinggroup.json", - "aws-wafv2-regexpatternset.json", "aws-ec2-transitgatewayroutetable.json", "aws-cognito-identitypoolroleattachment.json", "aws-route53-recordset.json", @@ -761,13 +761,10 @@ "aws-sns-topic.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", - "aws-sagemaker-app.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-gamelift-gameservergroup.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", - "aws-wafv2-ipset.json", "aws-greengrass-subscriptiondefinition.json", "aws-greengrass-group.json", "aws-ssm-document.json", @@ -810,7 +807,7 @@ "aws-xray-resourcepolicy.json", "aws-iot-resourcespecificlogging.json", "aws-servicecatalog-launchtemplateconstraint.json", - "aws-wafv2-loggingconfiguration.json", + "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-cloudfront-publickey.json", @@ -872,7 +869,6 @@ "aws-iot-billinggroup.json", "aws-datasync-locationnfs.json", "aws-kinesisanalyticsv2-applicationoutput.json", - "aws-sagemaker-domain.json", "aws-greengrass-coredefinitionversion.json", "aws-certificatemanager-certificate.json", "aws-glue-schemaversionmetadata.json", @@ -948,7 +944,6 @@ "aws-sqs-queuepolicy.json", "aws-appsync-apicache.json", "aws-apigateway-account.json", - "aws-wafv2-webacl.json", "aws-ec2-transitgatewayconnect.json", "aws-ec2-securitygroup.json", "aws-quicksight-theme.json", @@ -997,7 +992,6 @@ "aws-appconfig-hostedconfigurationversion.json", "aws-datasync-locationefs.json", "aws-apigateway-resource.json", - "aws-sagemaker-appimageconfig.json", "aws-elasticloadbalancingv2-targetgroup.json", "aws-applicationautoscaling-scalingpolicy.json", "aws-pipes-pipe.json", @@ -1112,6 +1106,7 @@ "aws-appmesh-virtualgateway.json", "aws-waf-sqlinjectionmatchset.json", "aws-ec2-flowlog.json", + "aws-amazonmq-broker.json", "aws-emr-step.json", "aws-cloudfront-responseheaderspolicy.json", "aws-securityhub-automationrule.json", @@ -1121,7 +1116,6 @@ "aws-route53resolver-resolverrule.json", "aws-appmesh-virtualnode.json", "aws-apigateway-documentationversion.json", - "aws-wafv2-webaclassociation.json", "aws-oam-sink.json", "aws-codebuild-reportgroup.json", "aws-apigateway-gatewayresponse.json", diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-amazonmq-broker.json deleted file mode 100644 index b71851eb27..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-amazonmq-broker.json +++ /dev/null @@ -1,341 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/BrokerName", - "/properties/StorageType", - "/properties/DeploymentMode", - "/properties/EngineType", - "/properties/SubnetIds", - "/properties/AuthenticationStrategy", - "/properties/EncryptionOptions", - "/properties/PubliclyAccessible" - ], - "definitions": { - "ConfigurationId": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - }, - "Revision": { - "type": "integer" - } - }, - "required": [ - "Revision", - "Id" - ], - "type": "object" - }, - "EncryptionOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "type": "string" - }, - "UseAwsOwnedKey": { - "type": "boolean" - } - }, - "required": [ - "UseAwsOwnedKey" - ], - "type": "object" - }, - "LdapServerMetadata": { - "additionalProperties": false, - "properties": { - "Hosts": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleBase": { - "type": "string" - }, - "RoleName": { - "type": "string" - }, - "RoleSearchMatching": { - "type": "string" - }, - "RoleSearchSubtree": { - "type": "boolean" - }, - "ServiceAccountPassword": { - "type": "string" - }, - "ServiceAccountUsername": { - "type": "string" - }, - "UserBase": { - "type": "string" - }, - "UserRoleName": { - "type": "string" - }, - "UserSearchMatching": { - "type": "string" - }, - "UserSearchSubtree": { - "type": "boolean" - } - }, - "required": [ - "Hosts", - "UserSearchMatching", - "UserBase", - "RoleSearchMatching", - "ServiceAccountUsername", - "RoleBase", - "ServiceAccountPassword" - ], - "type": "object" - }, - "LogList": { - "additionalProperties": false, - "properties": { - "Audit": { - "type": "boolean" - }, - "General": { - "type": "boolean" - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "additionalProperties": false, - "properties": { - "DayOfWeek": { - "type": "string" - }, - "TimeOfDay": { - "type": "string" - }, - "TimeZone": { - "type": "string" - } - }, - "required": [ - "DayOfWeek", - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "User": { - "additionalProperties": false, - "properties": { - "ConsoleAccess": { - "type": "boolean" - }, - "Groups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Username", - "Password" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::AmazonMQ::Broker", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AmqpEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Arn": { - "type": "string" - }, - "AuthenticationStrategy": { - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "type": "boolean" - }, - "BrokerName": { - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/ConfigurationId" - }, - "ConfigurationId": { - "type": "string" - }, - "ConfigurationRevision": { - "type": "integer" - }, - "DataReplicationMode": { - "type": "string" - }, - "DataReplicationPrimaryBrokerArn": { - "type": "string" - }, - "DeploymentMode": { - "enum": [ - "SINGLE_INSTANCE", - "ACTIVE_STANDBY_MULTI_AZ", - "CLUSTER_MULTI_AZ" - ], - "type": "string" - }, - "EncryptionOptions": { - "$ref": "#/definitions/EncryptionOptions" - }, - "EngineType": { - "enum": [ - "ACTIVEMQ", - "RABBITMQ" - ], - "type": "string" - }, - "EngineVersion": { - "type": "string" - }, - "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", - "type": "string" - }, - "Id": { - "type": "string" - }, - "IpAddresses": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "LdapServerMetadata": { - "$ref": "#/definitions/LdapServerMetadata" - }, - "Logs": { - "$ref": "#/definitions/LogList" - }, - "MaintenanceWindowStartTime": { - "$ref": "#/definitions/MaintenanceWindow" - }, - "MqttEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "OpenWireEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "PubliclyAccessible": { - "type": "boolean" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StompEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StorageType": { - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "items": { - "$ref": "#/definitions/TagsEntry" - }, - "type": "array", - "uniqueItems": false - }, - "Users": { - "items": { - "$ref": "#/definitions/User" - }, - "type": "array", - "uniqueItems": false - }, - "WssEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/IpAddresses", - "/properties/Id", - "/properties/MqttEndpoints", - "/properties/OpenWireEndpoints", - "/properties/ConfigurationId", - "/properties/ConfigurationRevision", - "/properties/StompEndpoints", - "/properties/WssEndpoints", - "/properties/AmqpEndpoints", - "/properties/Arn" - ], - "required": [ - "EngineVersion", - "DeploymentMode", - "HostInstanceType", - "EngineType", - "AutoMinorVersionUpgrade", - "Users", - "PubliclyAccessible", - "BrokerName" - ], - "typeName": "AWS::AmazonMQ::Broker" -} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-iam-managedpolicy.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-iam-managedpolicy.json index a7c2fde113..e53a9ca50b 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-iam-managedpolicy.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-iam-managedpolicy.json @@ -106,7 +106,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::ManagedPolicy/Properties/PolicyDocument" + ], "description": "The JSON policy document that you want to use as the content for the new policy.", "maxLength": 6144, "type": [ diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-kinesis-stream.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-kinesis-stream.json index eef9f04cb7..b9db312ab5 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-kinesis-stream.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-kinesis-stream.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::Kinesis::Stream/Properties" + ], "createOnlyProperties": [ "/properties/Name" ], diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-app.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-app.json similarity index 98% rename from src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-app.json rename to src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-app.json index feab2f5346..9dd1feabc4 100644 --- a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-app.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-app.json @@ -129,8 +129,7 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteApp", - "sagemaker:DescribeApp" + "sagemaker:DeleteApp" ] }, "list": { @@ -140,7 +139,6 @@ }, "read": { "permissions": [ - "sagemaker:DescribeApp", "sagemaker:DescribeApp" ] } diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-appimageconfig.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-appimageconfig.json similarity index 62% rename from src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-appimageconfig.json rename to src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-appimageconfig.json index f15ffe6f0e..ee2ec766af 100644 --- a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-appimageconfig.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-appimageconfig.json @@ -5,79 +5,6 @@ "/properties/Tags" ], "definitions": { - "ContainerConfig": { - "additionalProperties": false, - "description": "The container configuration for a SageMaker image.", - "properties": { - "ContainerArguments": { - "description": "A list of arguments to apply to the container.", - "items": { - "$ref": "#/definitions/CustomImageContainerArguments" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEntrypoint": { - "description": "The custom entry point to use on container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEntrypoint" - }, - "maxItems": 1, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEnvironmentVariables": { - "description": "A list of variables to apply to the custom container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEnvironmentVariable" - }, - "maxItems": 25, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "CustomImageContainerArguments": { - "description": "The container image arguments", - "maxLength": 64, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEntrypoint": { - "description": "The container entry point", - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "Value": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, "FileSystemConfig": { "additionalProperties": false, "description": "The Amazon Elastic File System (EFS) storage configuration for a SageMaker image.", @@ -104,17 +31,6 @@ }, "type": "object" }, - "JupyterLabAppImageConfig": { - "additionalProperties": false, - "description": "The configuration for the file system and kernels in a SageMaker image running as a JupyterLab app.", - "properties": { - "ContainerConfig": { - "$ref": "#/definitions/ContainerConfig", - "description": "The container configuration for a SageMaker image." - } - }, - "type": "object" - }, "KernelGatewayImageConfig": { "additionalProperties": false, "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app.", @@ -190,8 +106,7 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteAppImageConfig", - "sagemaker:DescribeAppImageConfig" + "sagemaker:DeleteAppImageConfig" ] }, "list": { @@ -229,10 +144,6 @@ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", "type": "string" }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/JupyterLabAppImageConfig", - "description": "The JupyterLabAppImageConfig." - }, "KernelGatewayImageConfig": { "$ref": "#/definitions/KernelGatewayImageConfig", "description": "The KernelGatewayImageConfig." diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-domain.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-domain.json similarity index 96% rename from src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-domain.json rename to src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-domain.json index 6db1ab7299..3599972fb9 100644 --- a/src/cfnlint/data/schemas/providers/ca_central_1/aws-sagemaker-domain.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-sagemaker-domain.json @@ -169,41 +169,10 @@ }, "type": "object" }, - "DockerSettings": { - "additionalProperties": false, - "description": "A collection of settings that are required to start docker-proxy server.", - "properties": { - "EnableDockerAccess": { - "description": "The flag to enable/disable docker-proxy server", - "enum": [ - "ENABLED", - "DISABLED" - ], - "type": "string" - }, - "VpcOnlyTrustedAccounts": { - "description": "A list of account id's that would be used to pull images from in VpcOnly mode", - "insertionOrder": false, - "items": { - "maxLength": 12, - "pattern": "^[0-9]$", - "type": "string" - }, - "maxItems": 10, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, "DomainSettings": { "additionalProperties": false, "description": "A collection of Domain settings.", "properties": { - "DockerSettings": { - "$ref": "#/definitions/DockerSettings" - }, "RStudioServerProDomainSettings": { "$ref": "#/definitions/RStudioServerProDomainSettings" }, diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-ipset.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-ipset.json new file mode 100644 index 0000000000..9181872206 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-ipset.json @@ -0,0 +1,166 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the IPSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the IPSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "IPAddress": { + "description": "IP address", + "maxLength": 50, + "minLength": 1, + "type": "string" + }, + "IPAddressVersion": { + "description": "Type of addresses in the IPSet, use IPV4 for IPV4 IP addresses, IPV6 for IPV6 address.", + "enum": [ + "IPV4", + "IPV6" + ], + "type": "string" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront IPSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of IP addresses. This can be either IPV4 or IPV6. The list will be mutually", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteIPSet", + "wafv2:GetIPSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listIPSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Addresses": { + "description": "List of IPAddresses.", + "items": { + "$ref": "#/definitions/IPAddress" + }, + "type": "array" + }, + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "IPAddressVersion": { + "$ref": "#/definitions/IPAddressVersion" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Addresses", + "IPAddressVersion", + "Scope" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::IPSet" +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-loggingconfiguration.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-loggingconfiguration.json new file mode 100644 index 0000000000..535275813a --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-loggingconfiguration.json @@ -0,0 +1,238 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceArn" + ], + "definitions": { + "Condition": { + "additionalProperties": false, + "properties": { + "ActionCondition": { + "additionalProperties": false, + "description": "A single action condition.", + "properties": { + "Action": { + "description": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "enum": [ + "ALLOW", + "BLOCK", + "COUNT", + "CAPTCHA", + "CHALLENGE", + "EXCLUDED_AS_COUNT" + ], + "type": "string" + } + }, + "required": [ + "Action" + ], + "type": "object" + }, + "LabelNameCondition": { + "additionalProperties": false, + "description": "A single label name condition.", + "properties": { + "LabelName": { + "description": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. ", + "type": "string" + } + }, + "required": [ + "LabelName" + ], + "type": "object" + } + }, + "type": "object" + }, + "FieldToMatch": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Method": { + "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform. ", + "type": "object" + }, + "QueryString": { + "description": "Inspect the query string. This is the part of a URL that appears after a ? character, if any. ", + "type": "object" + }, + "SingleHeader": { + "additionalProperties": false, + "description": "Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.", + "properties": { + "Name": { + "description": "The name of the query header to inspect.", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "UriPath": { + "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg. ", + "type": "object" + } + }, + "type": "object" + }, + "Filter": { + "additionalProperties": false, + "properties": { + "Behavior": { + "description": "How to handle logs that satisfy the filter's conditions and requirement. ", + "enum": [ + "KEEP", + "DROP" + ], + "type": "string" + }, + "Conditions": { + "description": "Match conditions for the filter.", + "items": { + "$ref": "#/definitions/Condition" + }, + "minItems": 1, + "type": "array" + }, + "Requirement": { + "description": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "enum": [ + "MEETS_ALL", + "MEETS_ANY" + ], + "type": "string" + } + }, + "required": [ + "Behavior", + "Conditions", + "Requirement" + ], + "type": "object" + } + }, + "description": "A WAFv2 Logging Configuration Resource Provider", + "handlers": { + "create": { + "permissions": [ + "wafv2:PutLoggingConfiguration", + "wafv2:GetLoggingConfiguration", + "firehose:ListDeliveryStreams", + "iam:CreateServiceLinkedRole", + "iam:DescribeOrganization", + "logs:CreateLogDelivery", + "s3:PutBucketPolicy", + "s3:GetBucketPolicy", + "logs:PutResourcePolicy", + "logs:DescribeResourcePolicies", + "logs:DescribeLogGroups" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteLoggingConfiguration", + "wafv2:GetLoggingConfiguration", + "logs:DeleteLogDelivery" + ] + }, + "list": { + "permissions": [ + "wafv2:ListLoggingConfigurations" + ] + }, + "read": { + "permissions": [ + "wafv2:GetLoggingConfiguration" + ] + }, + "update": { + "permissions": [ + "wafv2:PutLoggingConfiguration", + "wafv2:GetLoggingConfiguration", + "firehose:ListDeliveryStreams", + "iam:CreateServiceLinkedRole", + "iam:DescribeOrganization", + "logs:CreateLogDelivery", + "s3:PutBucketPolicy", + "s3:GetBucketPolicy", + "logs:PutResourcePolicy", + "logs:DescribeResourcePolicies", + "logs:DescribeLogGroups" + ] + } + }, + "primaryIdentifier": [ + "/properties/ResourceArn" + ], + "properties": { + "LogDestinationConfigs": { + "description": "The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.", + "items": { + "type": "string" + }, + "type": "array" + }, + "LoggingFilter": { + "additionalProperties": false, + "description": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", + "properties": { + "DefaultBehavior": { + "description": "Default handling for logs that don't match any of the specified filtering conditions.", + "enum": [ + "KEEP", + "DROP" + ], + "type": "string" + }, + "Filters": { + "description": "The filters that you want to apply to the logs.", + "items": { + "$ref": "#/definitions/Filter" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "DefaultBehavior", + "Filters" + ], + "type": "object" + }, + "ManagedByFirewallManager": { + "description": "Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.", + "type": "boolean" + }, + "RedactedFields": { + "description": "The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/FieldToMatch" + }, + "type": "array" + }, + "ResourceArn": { + "description": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ManagedByFirewallManager" + ], + "required": [ + "ResourceArn", + "LogDestinationConfigs" + ], + "sourceUrl": "https://github.com/advaj/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::LoggingConfiguration" +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-regexpatternset.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-regexpatternset.json new file mode 100644 index 0000000000..e5467bfd54 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-regexpatternset.json @@ -0,0 +1,134 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of Regular expressions based on the provided inputs. RegexPatternSet can be used with other WAF entities with RegexPatternSetReferenceStatement to perform other actions .", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteRegexPatternSet", + "wafv2:GetRegexPatternSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listRegexPatternSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Description": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "Id": { + "description": "Id of the RegexPatternSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "Name": { + "description": "Name of the RegexPatternSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "RegularExpressionList": { + "items": { + "maxLength": 200, + "minLength": 0, + "type": "string" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Scope", + "RegularExpressionList" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::RegexPatternSet" +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-rulegroup.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-rulegroup.json index 8ff98d2940..ca7496f6ca 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-rulegroup.json +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-rulegroup.json @@ -1422,5 +1422,11 @@ "VisibilityConfig" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, "typeName": "AWS::WAFv2::RuleGroup" } diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webacl.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webacl.json new file mode 100644 index 0000000000..df67c3910e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webacl.json @@ -0,0 +1,1970 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Account creation fraud prevention managed rule group in the web ACL", + "properties": { + "CreationPath": { + "type": "string" + }, + "EnableRegexInPath": { + "type": "boolean" + }, + "RegistrationPagePath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/RequestInspectionACFP" + }, + "ResponseInspection": { + "$ref": "#/definitions/ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, + "AWSManagedRulesATPRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Account Takeover Prevention managed rule group in the web ACL", + "properties": { + "EnableRegexInPath": { + "type": "boolean" + }, + "LoginPath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/ResponseInspection" + } + }, + "required": [ + "LoginPath" + ], + "type": "object" + }, + "AWSManagedRulesBotControlRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Bot Control managed rule group in the web ACL", + "properties": { + "EnableMachineLearning": { + "type": "boolean" + }, + "InspectionLevel": { + "enum": [ + "COMMON", + "TARGETED" + ], + "type": "string" + } + }, + "required": [ + "InspectionLevel" + ], + "type": "object" + }, + "AddressField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "AllowAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "AssociationConfig": { + "additionalProperties": false, + "description": "AssociationConfig for body inspection", + "properties": { + "RequestBody": { + "$ref": "#/definitions/RequestBody" + } + }, + "type": "object" + }, + "BlockAction": { + "additionalProperties": false, + "description": "Block traffic towards application.", + "properties": { + "CustomResponse": { + "$ref": "#/definitions/CustomResponse" + } + }, + "type": "object" + }, + "Body": { + "additionalProperties": false, + "description": "The body of a web request. This immediately follows the request headers.", + "properties": { + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "type": "object" + }, + "BodyParsingFallbackBehavior": { + "description": "The inspection behavior to fall back to if the JSON in the request body is invalid.", + "enum": [ + "MATCH", + "NO_MATCH", + "EVALUATE_AS_STRING" + ], + "type": "string" + }, + "ByteMatchStatement": { + "additionalProperties": false, + "description": "Byte Match statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "PositionalConstraint": { + "$ref": "#/definitions/PositionalConstraint" + }, + "SearchString": { + "$ref": "#/definitions/SearchString" + }, + "SearchStringBase64": { + "$ref": "#/definitions/SearchStringBase64" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "CaptchaAction": { + "additionalProperties": false, + "description": "Checks valid token exists with request.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "ChallengeAction": { + "additionalProperties": false, + "description": "Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "CookieMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request cookies.", + "properties": { + "All": { + "description": "Inspect all parts of the web request cookies.", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/CookieMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "CountAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CustomHTTPHeader": { + "additionalProperties": false, + "description": "HTTP header.", + "properties": { + "Name": { + "$ref": "#/definitions/CustomHTTPHeaderName" + }, + "Value": { + "$ref": "#/definitions/CustomHTTPHeaderValue" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "CustomHTTPHeaderName": { + "description": "HTTP header name.", + "maxLength": 64, + "minLength": 1, + "type": "string" + }, + "CustomHTTPHeaderValue": { + "description": "HTTP header value.", + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "CustomRequestHandling": { + "additionalProperties": false, + "description": "Custom request handling.", + "properties": { + "InsertHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "CustomResponse": { + "additionalProperties": false, + "description": "Custom response.", + "properties": { + "CustomResponseBodyKey": { + "description": "Custom response body key.", + "pattern": "^[\\w\\-]+$", + "type": "string" + }, + "ResponseCode": { + "$ref": "#/definitions/ResponseStatusCode" + }, + "ResponseHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "CustomResponseBodies": { + "additionalProperties": false, + "description": "Custom response key and body map.", + "minProperties": 1, + "patternProperties": { + "^[\\w\\-]+$": { + "$ref": "#/definitions/CustomResponseBody" + } + }, + "type": "object" + }, + "CustomResponseBody": { + "additionalProperties": false, + "description": "Custom response body.", + "properties": { + "Content": { + "$ref": "#/definitions/ResponseContent" + }, + "ContentType": { + "$ref": "#/definitions/ResponseContentType" + } + }, + "required": [ + "ContentType", + "Content" + ], + "type": "object" + }, + "DefaultAction": { + "additionalProperties": false, + "description": "Default Action WebACL will take against ingress traffic when there is no matching Rule.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + } + }, + "type": "object" + }, + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the WebACL", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the WebACL.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "ExcludedRule": { + "additionalProperties": false, + "description": "Excluded Rule in the RuleGroup or ManagedRuleGroup will not be evaluated.", + "properties": { + "Name": { + "$ref": "#/definitions/EntityName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "FieldIdentifier": { + "additionalProperties": false, + "properties": { + "Identifier": { + "maxLength": 512, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + } + }, + "required": [ + "Identifier" + ], + "type": "object" + }, + "FieldToMatch": { + "additionalProperties": false, + "description": "Field of the request to match.", + "properties": { + "AllQueryArguments": { + "description": "All query arguments of a web request.", + "type": "object" + }, + "Body": { + "$ref": "#/definitions/Body" + }, + "Cookies": { + "$ref": "#/definitions/Cookies" + }, + "Headers": { + "$ref": "#/definitions/Headers" + }, + "JsonBody": { + "$ref": "#/definitions/JsonBody" + }, + "Method": { + "description": "The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform.", + "type": "object" + }, + "QueryString": { + "description": "The query string of a web request. This is the part of a URL that appears after a ? character, if any.", + "type": "object" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "description": "One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.", + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "UriPath": { + "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.", + "type": "object" + } + }, + "type": "object" + }, + "ForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior" + ], + "type": "object" + }, + "GeoMatchStatement": { + "additionalProperties": false, + "properties": { + "CountryCodes": { + "items": { + "maxLength": 2, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + } + }, + "type": "object" + }, + "HeaderMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request headers.", + "properties": { + "All": { + "description": "Inspect all parts of the web request headers.", + "type": "object" + }, + "ExcludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Headers": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/HeaderMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "IPSetForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + }, + "Position": { + "enum": [ + "FIRST", + "LAST", + "ANY" + ], + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior", + "Position" + ], + "type": "object" + }, + "IPSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/IPSetForwardedIPConfiguration" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "ImmunityTimeProperty": { + "additionalProperties": false, + "properties": { + "ImmunityTime": { + "maximum": 259200, + "minimum": 60, + "type": "integer" + } + }, + "required": [ + "ImmunityTime" + ], + "type": "object" + }, + "JsonBody": { + "additionalProperties": false, + "description": "Inspect the request body as JSON. The request body immediately follows the request headers.", + "properties": { + "InvalidFallbackBehavior": { + "$ref": "#/definitions/BodyParsingFallbackBehavior" + }, + "MatchPattern": { + "$ref": "#/definitions/JsonMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/JsonMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope" + ], + "type": "object" + }, + "JsonMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the JSON body.", + "properties": { + "All": { + "description": "Inspect all parts of the web request's JSON body.", + "type": "object" + }, + "IncludedPaths": { + "items": { + "$ref": "#/definitions/JsonPointerPath" + }, + "type": "array" + } + }, + "type": "object" + }, + "JsonMatchScope": { + "description": "The parts of the JSON to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "JsonPointerPath": { + "description": "JSON pointer path in the web request's JSON body", + "pattern": "^[\\/]+([^~]*(~[01])*){1,512}$", + "type": "string" + }, + "Label": { + "additionalProperties": false, + "properties": { + "Name": { + "$ref": "#/definitions/LabelName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "LabelMatchKey": { + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "LabelMatchScope": { + "enum": [ + "LABEL", + "NAMESPACE" + ], + "type": "string" + }, + "LabelMatchStatement": { + "additionalProperties": false, + "properties": { + "Key": { + "$ref": "#/definitions/LabelMatchKey" + }, + "Scope": { + "$ref": "#/definitions/LabelMatchScope" + } + }, + "required": [ + "Scope", + "Key" + ], + "type": "object" + }, + "LabelName": { + "description": "Name of the Label.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "ManagedRuleGroupConfig": { + "additionalProperties": false, + "description": "ManagedRuleGroupConfig.", + "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWSManagedRulesACFPRuleSet" + }, + "AWSManagedRulesATPRuleSet": { + "$ref": "#/definitions/AWSManagedRulesATPRuleSet" + }, + "AWSManagedRulesBotControlRuleSet": { + "$ref": "#/definitions/AWSManagedRulesBotControlRuleSet" + }, + "LoginPath": { + "maxLength": 256, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "type": "object" + }, + "ManagedRuleGroupStatement": { + "additionalProperties": false, + "properties": { + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "ManagedRuleGroupConfigs": { + "description": "Collection of ManagedRuleGroupConfig.", + "items": { + "$ref": "#/definitions/ManagedRuleGroupConfig" + }, + "type": "array" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "RuleActionOverrides": { + "description": "Action overrides for rules in the rule group.", + "items": { + "$ref": "#/definitions/RuleActionOverride" + }, + "maxItems": 100, + "type": "array" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + }, + "VendorName": { + "type": "string" + }, + "Version": { + "maxLength": 64, + "minLength": 1, + "pattern": "^[\\w#:\\.\\-/]+$", + "type": "string" + } + }, + "required": [ + "VendorName", + "Name" + ], + "type": "object" + }, + "MapMatchScope": { + "description": "The parts of the request to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Statement" + ], + "type": "object" + }, + "OrStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "OverrideAction": { + "additionalProperties": false, + "description": "Override a RuleGroup or ManagedRuleGroup behavior. This can only be applied to Rule that has RuleGroupReferenceStatement or ManagedRuleGroupReferenceStatement.", + "properties": { + "Count": { + "description": "Count traffic towards application.", + "type": "object" + }, + "None": { + "description": "Keep the RuleGroup or ManagedRuleGroup behavior as is.", + "type": "object" + } + }, + "type": "object" + }, + "OversizeHandling": { + "description": "Handling of requests containing oversize fields", + "enum": [ + "CONTINUE", + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "PhoneNumberField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PositionalConstraint": { + "description": "Position of the evaluation in the FieldToMatch of request.", + "enum": [ + "EXACTLY", + "STARTS_WITH", + "ENDS_WITH", + "CONTAINS", + "CONTAINS_WORD" + ], + "type": "string" + }, + "QueryString": { + "type": "object" + }, + "RateBasedStatement": { + "additionalProperties": false, + "properties": { + "AggregateKeyType": { + "enum": [ + "CONSTANT", + "IP", + "FORWARDED_IP", + "CUSTOM_KEYS" + ], + "type": "string" + }, + "CustomKeys": { + "description": "Specifies the aggregate keys to use in a rate-base rule.", + "items": { + "$ref": "#/definitions/RateBasedStatementCustomKey" + }, + "maxItems": 5, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + }, + "Limit": { + "$ref": "#/definitions/RateLimit" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Limit", + "AggregateKeyType" + ], + "type": "object" + }, + "RateBasedStatementCustomKey": { + "additionalProperties": false, + "description": "Specifies a single custom aggregate key for a rate-base rule.", + "properties": { + "Cookie": { + "$ref": "#/definitions/RateLimitCookie" + }, + "ForwardedIP": { + "$ref": "#/definitions/RateLimitForwardedIP" + }, + "HTTPMethod": { + "$ref": "#/definitions/RateLimitHTTPMethod" + }, + "Header": { + "$ref": "#/definitions/RateLimitHeader" + }, + "IP": { + "$ref": "#/definitions/RateLimitIP" + }, + "LabelNamespace": { + "$ref": "#/definitions/RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/RateLimitUriPath" + } + }, + "type": "object" + }, + "RateLimit": { + "maximum": 2000000000, + "minimum": 100, + "type": "integer" + }, + "RateLimitCookie": { + "additionalProperties": false, + "description": "Specifies a cookie as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the cookie to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitForwardedIP": { + "description": "Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHTTPMethod": { + "description": "Specifies the request's HTTP method as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHeader": { + "additionalProperties": false, + "description": "Specifies a header as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the header to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitIP": { + "description": "Specifies the IP address in the web request as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitLabelNamespace": { + "additionalProperties": false, + "description": "Specifies a label namespace to use as an aggregate key for a rate-based rule.", + "properties": { + "Namespace": { + "description": "The namespace to use for aggregation.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "RateLimitQueryArgument": { + "additionalProperties": false, + "description": "Specifies a query argument in the request as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the query argument to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitQueryString": { + "additionalProperties": false, + "description": "Specifies the request's query string as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RateLimitUriPath": { + "additionalProperties": false, + "description": "Specifies the request's URI Path as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RegexMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "RegexString": { + "maxLength": 512, + "minLength": 1, + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "RegexString", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RegexPatternSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Arn", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RequestBody": { + "additionalProperties": false, + "description": "Map of AssociatedResourceType and RequestBodyAssociatedResourceTypeConfig", + "patternProperties": { + "^(CLOUDFRONT)$": { + "$ref": "#/definitions/RequestBodyAssociatedResourceTypeConfig" + } + }, + "type": "object" + }, + "RequestBodyAssociatedResourceTypeConfig": { + "additionalProperties": false, + "description": "Configures the inspection size in the request body.", + "properties": { + "DefaultSizeInspectionLimit": { + "$ref": "#/definitions/SizeInspectionLimit" + } + }, + "required": [ + "DefaultSizeInspectionLimit" + ], + "type": "object" + }, + "RequestInspection": { + "additionalProperties": false, + "description": "Configures the inspection of login requests", + "properties": { + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "required": [ + "PayloadType", + "UsernameField", + "PasswordField" + ], + "type": "object" + }, + "RequestInspectionACFP": { + "additionalProperties": false, + "description": "Configures the inspection of sign-up requests", + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AddressField" + }, + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/PhoneNumberField" + }, + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ResponseContent": { + "description": "Response content.", + "maxLength": 10240, + "minLength": 1, + "type": "string" + }, + "ResponseContentType": { + "description": "Valid values are TEXT_PLAIN, TEXT_HTML, and APPLICATION_JSON.", + "enum": [ + "TEXT_PLAIN", + "TEXT_HTML", + "APPLICATION_JSON" + ], + "type": "string" + }, + "ResponseInspection": { + "additionalProperties": false, + "description": "Configures the inspection of login responses", + "properties": { + "BodyContains": { + "$ref": "#/definitions/ResponseInspectionBodyContains" + }, + "Header": { + "$ref": "#/definitions/ResponseInspectionHeader" + }, + "Json": { + "$ref": "#/definitions/ResponseInspectionJson" + }, + "StatusCode": { + "$ref": "#/definitions/ResponseInspectionStatusCode" + } + }, + "type": "object" + }, + "ResponseInspectionBodyContains": { + "additionalProperties": false, + "description": "Response body contents that indicate success or failure of a login request", + "properties": { + "FailureStrings": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + }, + "SuccessStrings": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "SuccessStrings", + "FailureStrings" + ], + "type": "object" + }, + "ResponseInspectionHeader": { + "additionalProperties": false, + "description": "Response headers that indicate success or failure of a login request", + "properties": { + "FailureValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 3, + "minItems": 1, + "type": "array" + }, + "Name": { + "maxLength": 200, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "SuccessValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 3, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "Name", + "SuccessValues", + "FailureValues" + ], + "type": "object" + }, + "ResponseInspectionJson": { + "additionalProperties": false, + "description": "Response JSON that indicate success or failure of a login request", + "properties": { + "FailureValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + }, + "Identifier": { + "maxLength": 512, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "SuccessValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "Identifier", + "SuccessValues", + "FailureValues" + ], + "type": "object" + }, + "ResponseInspectionStatusCode": { + "additionalProperties": false, + "description": "Response status codes that indicate success or failure of a login request", + "properties": { + "FailureCodes": { + "items": { + "maxLength": 999, + "minLength": 0, + "type": "integer" + }, + "maxItems": 10, + "minItems": 1, + "type": "array" + }, + "SuccessCodes": { + "items": { + "maxLength": 999, + "minLength": 0, + "type": "integer" + }, + "maxItems": 10, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "SuccessCodes", + "FailureCodes" + ], + "type": "object" + }, + "ResponseStatusCode": { + "description": "Custom response code.", + "maximum": 599, + "minimum": 200, + "type": "integer" + }, + "Rule": { + "additionalProperties": false, + "description": "Rule of WebACL that contains condition and action.", + "properties": { + "Action": { + "$ref": "#/definitions/RuleAction" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "OverrideAction": { + "$ref": "#/definitions/OverrideAction" + }, + "Priority": { + "$ref": "#/definitions/RulePriority" + }, + "RuleLabels": { + "description": "Collection of Rule Labels.", + "items": { + "$ref": "#/definitions/Label" + }, + "type": "array" + }, + "Statement": { + "$ref": "#/definitions/Statement" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "required": [ + "Name", + "Priority", + "Statement", + "VisibilityConfig" + ], + "type": "object" + }, + "RuleAction": { + "additionalProperties": false, + "description": "Action taken when Rule matches its condition.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + }, + "Captcha": { + "$ref": "#/definitions/CaptchaAction" + }, + "Challenge": { + "$ref": "#/definitions/ChallengeAction" + }, + "Count": { + "$ref": "#/definitions/CountAction" + } + }, + "type": "object" + }, + "RuleActionOverride": { + "additionalProperties": false, + "description": "Action override for rules in the rule group.", + "properties": { + "ActionToUse": { + "$ref": "#/definitions/RuleAction" + }, + "Name": { + "$ref": "#/definitions/EntityName" + } + }, + "required": [ + "Name", + "ActionToUse" + ], + "type": "object" + }, + "RuleGroupReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "RuleActionOverrides": { + "description": "Action overrides for rules in the rule group.", + "items": { + "$ref": "#/definitions/RuleActionOverride" + }, + "maxItems": 100, + "type": "array" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "RulePriority": { + "description": "Priority of the Rule, Rules get evaluated from lower to higher priority.", + "minimum": 0, + "type": "integer" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront WebACL, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "SearchString": { + "description": "String that is searched to find a match.", + "type": "string" + }, + "SearchStringBase64": { + "description": "Base64 encoded string that is searched to find a match.", + "type": "string" + }, + "SensitivityLevel": { + "description": "Sensitivity Level current only used for sqli match statements.", + "enum": [ + "LOW", + "HIGH" + ], + "type": "string" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "type": "object" + }, + "SizeConstraintStatement": { + "additionalProperties": false, + "description": "Size Constraint statement.", + "properties": { + "ComparisonOperator": { + "enum": [ + "EQ", + "NE", + "LE", + "LT", + "GE", + "GT" + ], + "type": "string" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "Size": { + "maximum": 21474836480, + "minimum": 0, + "type": "number" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "ComparisonOperator", + "Size", + "TextTransformations" + ], + "type": "object" + }, + "SizeInspectionLimit": { + "enum": [ + "KB_16", + "KB_32", + "KB_48", + "KB_64" + ], + "type": "string" + }, + "SqliMatchStatement": { + "additionalProperties": false, + "description": "Sqli Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "SensitivityLevel": { + "$ref": "#/definitions/SensitivityLevel" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "Statement": { + "additionalProperties": false, + "description": "First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc", + "properties": { + "AndStatement": { + "$ref": "#/definitions/AndStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/LabelMatchStatement" + }, + "ManagedRuleGroupStatement": { + "$ref": "#/definitions/ManagedRuleGroupStatement" + }, + "NotStatement": { + "$ref": "#/definitions/NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/RegexPatternSetReferenceStatement" + }, + "RuleGroupReferenceStatement": { + "$ref": "#/definitions/RuleGroupReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/XssMatchStatement" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "TextTransformation": { + "additionalProperties": false, + "description": "Text Transformation on the Search String before match.", + "properties": { + "Priority": { + "$ref": "#/definitions/TextTransformationPriority" + }, + "Type": { + "$ref": "#/definitions/TextTransformationType" + } + }, + "required": [ + "Priority", + "Type" + ], + "type": "object" + }, + "TextTransformationPriority": { + "description": "Priority of Rule being evaluated.", + "minimum": 0, + "type": "integer" + }, + "TextTransformationType": { + "description": "Type of text transformation.", + "enum": [ + "NONE", + "COMPRESS_WHITE_SPACE", + "HTML_ENTITY_DECODE", + "LOWERCASE", + "CMD_LINE", + "URL_DECODE", + "BASE64_DECODE", + "HEX_DECODE", + "MD5", + "REPLACE_COMMENTS", + "ESCAPE_SEQ_DECODE", + "SQL_HEX_DECODE", + "CSS_DECODE", + "JS_DECODE", + "NORMALIZE_PATH", + "NORMALIZE_PATH_WIN", + "REMOVE_NULLS", + "REPLACE_NULLS", + "BASE64_DECODE_EXT", + "URL_DECODE_UNI", + "UTF8_TO_UNICODE" + ], + "type": "string" + }, + "TokenDomains": { + "description": "List of domains to accept in web request tokens, in addition to the domain of the protected resource.", + "items": { + "maxLength": 253, + "minLength": 1, + "pattern": "^[\\w\\.\\-/]+$", + "type": "string" + }, + "type": "array" + }, + "UriPath": { + "type": "object" + }, + "VisibilityConfig": { + "additionalProperties": false, + "description": "Visibility Metric of the WebACL.", + "properties": { + "CloudWatchMetricsEnabled": { + "type": "boolean" + }, + "MetricName": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "SampledRequestsEnabled": { + "type": "boolean" + } + }, + "required": [ + "SampledRequestsEnabled", + "CloudWatchMetricsEnabled", + "MetricName" + ], + "type": "object" + }, + "XssMatchStatement": { + "additionalProperties": false, + "description": "Xss Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + } + }, + "description": "Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted.", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateWebACL", + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteWebACL", + "wafv2:GetWebACL" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listWebACLs" + ] + }, + "read": { + "permissions": [ + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateWebACL", + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "AssociationConfig": { + "$ref": "#/definitions/AssociationConfig" + }, + "Capacity": { + "minimum": 0, + "type": "integer" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "CustomResponseBodies": { + "$ref": "#/definitions/CustomResponseBodies" + }, + "DefaultAction": { + "$ref": "#/definitions/DefaultAction" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "LabelNamespace": { + "$ref": "#/definitions/LabelName" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + }, + "TokenDomains": { + "$ref": "#/definitions/TokenDomains" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Capacity", + "/properties/Id", + "/properties/LabelNamespace" + ], + "required": [ + "DefaultAction", + "Scope", + "VisibilityConfig" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::WebACL" +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webaclassociation.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webaclassociation.json new file mode 100644 index 0000000000..babaacd7a1 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-wafv2-webaclassociation.json @@ -0,0 +1,125 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceArn", + "/properties/WebACLArn" + ], + "definitions": { + "ResourceArn": { + "maxLength": 2048, + "minLength": 20, + "type": "string" + } + }, + "description": "Associates WebACL to Application Load Balancer, CloudFront or API Gateway.", + "handlers": { + "create": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + }, + "delete": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + }, + "read": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + }, + "update": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + } + }, + "primaryIdentifier": [ + "/properties/ResourceArn", + "/properties/WebACLArn" + ], + "properties": { + "ResourceArn": { + "$ref": "#/definitions/ResourceArn" + }, + "WebACLArn": { + "$ref": "#/definitions/ResourceArn" + } + }, + "required": [ + "ResourceArn", + "WebACLArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::WebACLAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py b/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py index d21f8a57fd..62625e11b2 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py @@ -322,6 +322,7 @@ "AWS::MWAA::Environment", "AWS::ElastiCache::GlobalReplicationGroup", "AWS::KMS::Key", + "AWS::Route53Resolver::ResolverDNSSECConfig", "AWS::ServiceCatalog::AcceptedPortfolioShare", "AWS::Route53Resolver::FirewallRuleGroupAssociation", "AWS::Route53Resolver::ResolverQueryLoggingConfig", @@ -616,7 +617,6 @@ "aws-ec2-transitgatewayroutetablepropagation.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-config-organizationconfigrule.json", "aws-glue-dataqualityruleset.json", @@ -722,7 +722,6 @@ "aws-cloudtrail-trail.json", "aws-gamelift-gameservergroup.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-ssm-document.json", "aws-iam-role.json", "aws-events-apidestination.json", @@ -761,7 +760,6 @@ "aws-iot-resourcespecificlogging.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-cloudfront-publickey.json", @@ -833,6 +831,7 @@ "aws-imagebuilder-containerrecipe.json", "aws-efs-accesspoint.json", "aws-redshift-clustersecuritygroupingress.json", + "aws-elasticloadbalancingv2-loadbalancer.json", "aws-opensearchservice-domain.json", "aws-servicediscovery-instance.json", "aws-elasticsearch-domain.json", @@ -847,6 +846,7 @@ "aws-config-configrule.json", "aws-iot-softwarepackageversion.json", "aws-imagebuilder-workflow.json", + "aws-ecs-taskset.json", "aws-appsync-apikey.json", "aws-ec2-vpc.json", "aws-msk-vpcconnection.json", @@ -880,6 +880,7 @@ "aws-mwaa-environment.json", "aws-elasticache-globalreplicationgroup.json", "aws-kms-key.json", + "aws-route53resolver-resolverdnssecconfig.json", "aws-route53resolver-firewallrulegroupassociation.json", "aws-route53resolver-resolverqueryloggingconfig.json", "aws-ec2-snapshotblockpublicaccess.json", @@ -998,6 +999,7 @@ "aws-ecr-repository.json", "aws-iot-fleetmetric.json", "aws-appconfig-extension.json", + "aws-elasticloadbalancingv2-listenerrule.json", "aws-glue-registry.json", "aws-ec2-keypair.json", "aws-fsx-filesystem.json", @@ -1028,6 +1030,7 @@ "aws-sagemaker-userprofile.json", "aws-ec2-prefixlist.json", "aws-ec2-instance.json", + "aws-ec2-subnetcidrblock.json", "aws-elasticbeanstalk-applicationversion.json", "aws-appmesh-virtualgateway.json", "aws-waf-sqlinjectionmatchset.json", @@ -1100,7 +1103,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-elasticbeanstalk-environment.json", "aws-wafregional-sqlinjectionmatchset.json", "aws-lambda-version.json", @@ -1115,5 +1117,7 @@ "aws-securityhub-hub.json", "aws-s3-accesspoint.json", "aws-batch-jobqueue.json", + "aws-elasticloadbalancingv2-listener.json", "aws-cloudformation-waitconditionhandle.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-appstream-fleet.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-appstream-fleet.json index 394093dd20..049c4971a1 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-appstream-fleet.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-appstream-fleet.json @@ -112,7 +112,7 @@ "type": "string" }, "InstanceType": { - "cfnLint": "aws_appstream_fleet/instancetype_enum", + "cfnLint": "AWS::AppStream::Fleet/Properties/InstanceType", "type": "string" }, "MaxUserDurationInSeconds": { diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-subnetcidrblock.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-subnetcidrblock.json deleted file mode 100644 index 8c72b43298..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ec2-subnetcidrblock.json +++ /dev/null @@ -1,69 +0,0 @@ -{ - "$schema": "https://schema.cloudformation.us-east-1.amazonaws.com/provider.definition.schema.v1.json", - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Ipv6CidrBlock", - "/properties/SubnetId" - ], - "description": "The AWS::EC2::SubnetCidrBlock resource creates association between subnet and IPv6 CIDR", - "handlers": { - "create": { - "permissions": [ - "ec2:AssociateSubnetCidrBlock", - "ec2:DescribeSubnets" - ] - }, - "delete": { - "permissions": [ - "ec2:DisassociateSubnetCidrBlock", - "ec2:DescribeSubnets" - ] - }, - "list": { - "permissions": [ - "ec2:DescribeSubnets" - ] - }, - "read": { - "permissions": [ - "ec2:DescribeSubnets" - ] - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Id": { - "description": "Information about the IPv6 association.", - "type": "string" - }, - "Ipv6CidrBlock": { - "description": "The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length", - "maxLength": 42, - "type": "string" - }, - "SubnetId": { - "description": "The ID of the subnet", - "type": "string" - } - }, - "propertyTransform": { - "/properties/Ipv6CidrBlock": "$join([$match($replace(Ipv6CidrBlock, /(^|:)(0{1,4})([0-9a-fA-F]{1,4})/, \"$1$3\"), /^([0-9a-fA-F]{1,4}:){4}/).match, \":/64\"])" - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Ipv6CidrBlock", - "SubnetId" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2/subnetcidrblock", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": false, - "tagUpdatable": false, - "taggable": false - }, - "typeName": "AWS::EC2::SubnetCidrBlock" -} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ecs-taskset.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ecs-taskset.json deleted file mode 100644 index 4dd38f7ef4..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-ecs-taskset.json +++ /dev/null @@ -1,215 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Cluster", - "/properties/ExternalId", - "/properties/LaunchType", - "/properties/LoadBalancers", - "/properties/NetworkConfiguration", - "/properties/PlatformVersion", - "/properties/Service", - "/properties/ServiceRegistries", - "/properties/TaskDefinition" - ], - "definitions": { - "AwsVpcConfiguration": { - "additionalProperties": false, - "description": "The VPC subnets and security groups associated with a task. All specified subnets and security groups must be from the same VPC.", - "properties": { - "AssignPublicIp": { - "description": "Whether the task's elastic network interface receives a public IP address. The default value is DISABLED.", - "enum": [ - "DISABLED", - "ENABLED" - ], - "type": "string" - }, - "SecurityGroups": { - "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. There is a limit of 5 security groups that can be specified per AwsVpcConfiguration.", - "items": { - "type": "string" - }, - "maxItems": 5, - "type": "array" - }, - "Subnets": { - "description": "The subnets associated with the task or service. There is a limit of 16 subnets that can be specified per AwsVpcConfiguration.", - "items": { - "type": "string" - }, - "maxItems": 16, - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "LoadBalancer": { - "additionalProperties": false, - "description": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer. ", - "properties": { - "ContainerName": { - "description": "The name of the container (as it appears in a container definition) to associate with the load balancer.", - "type": "string" - }, - "ContainerPort": { - "description": "The port on the container to associate with the load balancer. This port must correspond to a containerPort in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they are launched on must allow ingress traffic on the hostPort of the port mapping.", - "type": "integer" - }, - "TargetGroupArn": { - "description": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. If you are using a Classic Load Balancer this should be omitted. For services using the ECS deployment controller, you can specify one or multiple target groups. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY deployment controller, you are required to define two target groups for the load balancer. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html in the Amazon Elastic Container Service Developer Guide. If your service's task definition uses the awsvpc network mode (which is required for the Fargate launch type), you must choose ip as the target type, not instance, when creating your target groups because tasks that use the awsvpc network mode are associated with an elastic network interface, not an Amazon EC2 instance.", - "type": "string" - } - }, - "type": "object" - }, - "NetworkConfiguration": { - "additionalProperties": false, - "description": "An object representing the network configuration for a task or service.", - "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AwsVpcConfiguration" - } - }, - "type": "object" - }, - "Scale": { - "additionalProperties": false, - "properties": { - "Unit": { - "description": "The unit of measure for the scale value.", - "enum": [ - "PERCENT" - ], - "type": "string" - }, - "Value": { - "description": "The value, specified as a percent total of a service's desiredCount, to scale the task set. Accepted values are numbers between 0 and 100.", - "maximum": 100, - "minimum": 0, - "type": "number" - } - }, - "type": "object" - }, - "ServiceRegistry": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "description": "The container name value, already specified in the task definition, to be used for your service discovery service. If the task definition that your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition that your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both.", - "type": "string" - }, - "ContainerPort": { - "description": "The port value, already specified in the task definition, to be used for your service discovery service. If the task definition your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both.", - "type": "integer" - }, - "Port": { - "description": "The port value used if your service discovery service specified an SRV record. This field may be used if both the awsvpc network mode and SRV records are used.", - "type": "integer" - }, - "RegistryArn": { - "description": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map. For more information, see https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html", - "type": "string" - } - }, - "type": "object" - } - }, - "description": "Create a task set in the specified cluster and service. This is used when a service uses the EXTERNAL deployment controller type. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.htmlin the Amazon Elastic Container Service Developer Guide.", - "handlers": { - "create": { - "permissions": [ - "ecs:CreateTaskSet", - "ecs:DescribeTaskSets" - ] - }, - "delete": { - "permissions": [ - "ecs:DeleteTaskSet", - "ecs:DescribeTaskSets" - ] - }, - "read": { - "permissions": [ - "ecs:DescribeTaskSets" - ] - }, - "update": { - "permissions": [ - "ecs:UpdateTaskSet", - "ecs:DescribeTaskSets" - ] - } - }, - "primaryIdentifier": [ - "/properties/Cluster", - "/properties/Service", - "/properties/Id" - ], - "properties": { - "Cluster": { - "description": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", - "type": "string" - }, - "ExternalId": { - "description": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the ECS_TASK_SET_EXTERNAL_ID AWS Cloud Map attribute set to the provided value. ", - "type": "string" - }, - "Id": { - "description": "The ID of the task set.", - "type": "string" - }, - "LaunchType": { - "description": "The launch type that new tasks in the task set will use. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html in the Amazon Elastic Container Service Developer Guide. ", - "enum": [ - "EC2", - "FARGATE" - ], - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/LoadBalancer" - }, - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/NetworkConfiguration" - }, - "PlatformVersion": { - "description": "The platform version that the tasks in the task set should use. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the LATEST platform version is used by default.", - "type": "string" - }, - "Scale": { - "$ref": "#/definitions/Scale", - "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set." - }, - "Service": { - "description": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", - "type": "string" - }, - "ServiceRegistries": { - "description": "The details of the service discovery registries to assign to this task set. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html.", - "items": { - "$ref": "#/definitions/ServiceRegistry" - }, - "type": "array" - }, - "TaskDefinition": { - "description": "The short name or full Amazon Resource Name (ARN) of the task definition for the tasks in the task set to use.", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Cluster", - "Service", - "TaskDefinition" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ecs.git", - "typeName": "AWS::ECS::TaskSet" -} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listener.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listener.json deleted file mode 100644 index 321c959e5d..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listener.json +++ /dev/null @@ -1,346 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/LoadBalancerArn" - ], - "definitions": { - "Action": { - "additionalProperties": false, - "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AuthenticateCognitoConfig" - }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AuthenticateOidcConfig" - }, - "FixedResponseConfig": { - "$ref": "#/definitions/FixedResponseConfig" - }, - "ForwardConfig": { - "$ref": "#/definitions/ForwardConfig" - }, - "Order": { - "type": "integer" - }, - "RedirectConfig": { - "$ref": "#/definitions/RedirectConfig" - }, - "TargetGroupArn": { - "type": "string" - }, - "Type": { - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AuthenticateCognitoConfig": { - "additionalProperties": false, - "properties": { - "AuthenticationRequestExtraParams": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "OnUnauthenticatedRequest": { - "type": "string" - }, - "Scope": { - "type": "string" - }, - "SessionCookieName": { - "type": "string" - }, - "SessionTimeout": { - "type": "string" - }, - "UserPoolArn": { - "type": "string" - }, - "UserPoolClientId": { - "type": "string" - }, - "UserPoolDomain": { - "type": "string" - } - }, - "required": [ - "UserPoolClientId", - "UserPoolDomain", - "UserPoolArn" - ], - "type": "object" - }, - "AuthenticateOidcConfig": { - "additionalProperties": false, - "properties": { - "AuthenticationRequestExtraParams": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "AuthorizationEndpoint": { - "type": "string" - }, - "ClientId": { - "type": "string" - }, - "ClientSecret": { - "type": "string" - }, - "Issuer": { - "type": "string" - }, - "OnUnauthenticatedRequest": { - "type": "string" - }, - "Scope": { - "type": "string" - }, - "SessionCookieName": { - "type": "string" - }, - "SessionTimeout": { - "type": "string" - }, - "TokenEndpoint": { - "type": "string" - }, - "UseExistingClientSecret": { - "type": "boolean" - }, - "UserInfoEndpoint": { - "type": "string" - } - }, - "required": [ - "TokenEndpoint", - "Issuer", - "UserInfoEndpoint", - "ClientId", - "AuthorizationEndpoint" - ], - "type": "object" - }, - "Certificate": { - "additionalProperties": false, - "properties": { - "CertificateArn": { - "type": "string" - } - }, - "type": "object" - }, - "FixedResponseConfig": { - "additionalProperties": false, - "properties": { - "ContentType": { - "type": "string" - }, - "MessageBody": { - "type": "string" - }, - "StatusCode": { - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "ForwardConfig": { - "additionalProperties": false, - "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/TargetGroupStickinessConfig" - }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/TargetGroupTuple" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "RedirectConfig": { - "additionalProperties": false, - "properties": { - "Host": { - "type": "string" - }, - "Path": { - "type": "string" - }, - "Port": { - "type": "string" - }, - "Protocol": { - "type": "string" - }, - "Query": { - "type": "string" - }, - "StatusCode": { - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "TargetGroupStickinessConfig": { - "additionalProperties": false, - "properties": { - "DurationSeconds": { - "type": "integer" - }, - "Enabled": { - "type": "boolean" - } - }, - "type": "object" - }, - "TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "type": "string" - }, - "Weight": { - "type": "integer" - } - }, - "type": "object" - } - }, - "description": "Resource Type definition for AWS::ElasticLoadBalancingV2::Listener", - "handlers": { - "create": { - "permissions": [ - "elasticloadbalancing:CreateListener", - "elasticloadbalancing:DescribeListeners", - "cognito-idp:DescribeUserPoolClient" - ] - }, - "delete": { - "permissions": [ - "elasticloadbalancing:DeleteListener", - "elasticloadbalancing:DescribeListeners" - ] - }, - "list": { - "handlerSchema": { - "oneOf": [ - { - "required": [ - "LoadBalancerArn" - ] - }, - { - "required": [ - "ListenerArns" - ] - } - ], - "properties": { - "ListenerArns": { - "items": { - "$ref": "resource-schema.json#/properties/ListenerArn" - }, - "type": "array", - "uniqueItems": false - }, - "LoadBalancerArn": { - "$ref": "resource-schema.json#/properties/LoadBalancerArn" - } - } - }, - "permissions": [ - "elasticloadbalancing:DescribeListeners" - ] - }, - "read": { - "permissions": [ - "elasticloadbalancing:DescribeListeners" - ] - }, - "update": { - "permissions": [ - "elasticloadbalancing:ModifyListener", - "elasticloadbalancing:DescribeListeners", - "cognito-idp:DescribeUserPoolClient" - ] - } - }, - "primaryIdentifier": [ - "/properties/ListenerArn" - ], - "properties": { - "AlpnPolicy": { - "items": { - "type": "string" - }, - "type": "array" - }, - "Certificates": { - "items": { - "$ref": "#/definitions/Certificate" - }, - "type": "array", - "uniqueItems": true - }, - "DefaultActions": { - "items": { - "$ref": "#/definitions/Action" - }, - "type": "array", - "uniqueItems": true - }, - "ListenerArn": { - "type": "string" - }, - "LoadBalancerArn": { - "type": "string" - }, - "Port": { - "type": "integer" - }, - "Protocol": { - "type": "string" - }, - "SslPolicy": { - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/ListenerArn" - ], - "required": [ - "LoadBalancerArn", - "DefaultActions" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-elasticloadbalancingv2.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": false, - "tagUpdatable": false, - "taggable": false - }, - "typeName": "AWS::ElasticLoadBalancingV2::Listener", - "writeOnlyProperties": [ - "/properties/DefaultActions/*/AuthenticateOidcConfig/ClientSecret" - ] -} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listenerrule.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listenerrule.json deleted file mode 100644 index 7819cffe63..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-listenerrule.json +++ /dev/null @@ -1,430 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ListenerArn" - ], - "definitions": { - "Action": { - "additionalProperties": false, - "properties": { - "AuthenticateCognitoConfig": { - "$ref": "#/definitions/AuthenticateCognitoConfig" - }, - "AuthenticateOidcConfig": { - "$ref": "#/definitions/AuthenticateOidcConfig" - }, - "FixedResponseConfig": { - "$ref": "#/definitions/FixedResponseConfig" - }, - "ForwardConfig": { - "$ref": "#/definitions/ForwardConfig" - }, - "Order": { - "type": "integer" - }, - "RedirectConfig": { - "$ref": "#/definitions/RedirectConfig" - }, - "TargetGroupArn": { - "type": "string" - }, - "Type": { - "type": "string" - } - }, - "required": [ - "Type" - ], - "type": "object" - }, - "AuthenticateCognitoConfig": { - "additionalProperties": false, - "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": false, - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "OnUnauthenticatedRequest": { - "type": "string" - }, - "Scope": { - "type": "string" - }, - "SessionCookieName": { - "type": "string" - }, - "SessionTimeout": { - "type": "integer" - }, - "UserPoolArn": { - "type": "string" - }, - "UserPoolClientId": { - "type": "string" - }, - "UserPoolDomain": { - "type": "string" - } - }, - "required": [ - "UserPoolClientId", - "UserPoolDomain", - "UserPoolArn" - ], - "type": "object" - }, - "AuthenticateOidcConfig": { - "additionalProperties": false, - "properties": { - "AuthenticationRequestExtraParams": { - "additionalProperties": false, - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "AuthorizationEndpoint": { - "type": "string" - }, - "ClientId": { - "type": "string" - }, - "ClientSecret": { - "type": "string" - }, - "Issuer": { - "type": "string" - }, - "OnUnauthenticatedRequest": { - "type": "string" - }, - "Scope": { - "type": "string" - }, - "SessionCookieName": { - "type": "string" - }, - "SessionTimeout": { - "type": "integer" - }, - "TokenEndpoint": { - "type": "string" - }, - "UseExistingClientSecret": { - "type": "boolean" - }, - "UserInfoEndpoint": { - "type": "string" - } - }, - "required": [ - "TokenEndpoint", - "Issuer", - "UserInfoEndpoint", - "ClientId", - "AuthorizationEndpoint" - ], - "type": "object" - }, - "FixedResponseConfig": { - "additionalProperties": false, - "properties": { - "ContentType": { - "type": "string" - }, - "MessageBody": { - "type": "string" - }, - "StatusCode": { - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "ForwardConfig": { - "additionalProperties": false, - "properties": { - "TargetGroupStickinessConfig": { - "$ref": "#/definitions/TargetGroupStickinessConfig" - }, - "TargetGroups": { - "items": { - "$ref": "#/definitions/TargetGroupTuple" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "HostHeaderConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "HttpHeaderConfig": { - "additionalProperties": false, - "properties": { - "HttpHeaderName": { - "type": "string" - }, - "Values": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "HttpRequestMethodConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "PathPatternConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "QueryStringConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "$ref": "#/definitions/QueryStringKeyValue" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "QueryStringKeyValue": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, - "RedirectConfig": { - "additionalProperties": false, - "properties": { - "Host": { - "type": "string" - }, - "Path": { - "type": "string" - }, - "Port": { - "type": "string" - }, - "Protocol": { - "type": "string" - }, - "Query": { - "type": "string" - }, - "StatusCode": { - "type": "string" - } - }, - "required": [ - "StatusCode" - ], - "type": "object" - }, - "RuleCondition": { - "additionalProperties": false, - "properties": { - "Field": { - "type": "string" - }, - "HostHeaderConfig": { - "$ref": "#/definitions/HostHeaderConfig" - }, - "HttpHeaderConfig": { - "$ref": "#/definitions/HttpHeaderConfig" - }, - "HttpRequestMethodConfig": { - "$ref": "#/definitions/HttpRequestMethodConfig" - }, - "PathPatternConfig": { - "$ref": "#/definitions/PathPatternConfig" - }, - "QueryStringConfig": { - "$ref": "#/definitions/QueryStringConfig" - }, - "SourceIpConfig": { - "$ref": "#/definitions/SourceIpConfig" - }, - "Values": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "SourceIpConfig": { - "additionalProperties": false, - "properties": { - "Values": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "TargetGroupStickinessConfig": { - "additionalProperties": false, - "properties": { - "DurationSeconds": { - "type": "integer" - }, - "Enabled": { - "type": "boolean" - } - }, - "type": "object" - }, - "TargetGroupTuple": { - "additionalProperties": false, - "properties": { - "TargetGroupArn": { - "type": "string" - }, - "Weight": { - "type": "integer" - } - }, - "type": "object" - } - }, - "description": "Resource Type definition for AWS::ElasticLoadBalancingV2::ListenerRule", - "handlers": { - "create": { - "permissions": [ - "elasticloadbalancing:CreateRule", - "elasticloadbalancing:DescribeRules" - ] - }, - "delete": { - "permissions": [ - "elasticloadbalancing:DeleteRule" - ] - }, - "list": { - "permissions": [ - "elasticloadbalancing:DescribeRules" - ] - }, - "read": { - "permissions": [ - "elasticloadbalancing:DescribeRules" - ] - }, - "update": { - "permissions": [ - "elasticloadbalancing:ModifyRule", - "elasticloadbalancing:SetRulePriorities", - "elasticloadbalancing:DescribeRules" - ] - } - }, - "primaryIdentifier": [ - "/properties/RuleArn" - ], - "properties": { - "Actions": { - "items": { - "$ref": "#/definitions/Action" - }, - "type": "array", - "uniqueItems": true - }, - "Conditions": { - "items": { - "$ref": "#/definitions/RuleCondition" - }, - "type": "array", - "uniqueItems": true - }, - "IsDefault": { - "type": "boolean" - }, - "ListenerArn": { - "type": "string" - }, - "Priority": { - "maximum": 50000, - "minimum": 1, - "type": "integer" - }, - "RuleArn": { - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/RuleArn", - "/properties/IsDefault" - ], - "required": [ - "ListenerArn", - "Actions", - "Priority", - "Conditions" - ], - "taggable": false, - "typeName": "AWS::ElasticLoadBalancingV2::ListenerRule", - "writeOnlyProperties": [ - "/properties/Actions/*/AuthenticateOidcConfig/ClientSecret", - "/properties/Actions/*/ForwardConfig", - "/properties/Actions/*/TargetGroupArn" - ] -} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-loadbalancer.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-loadbalancer.json deleted file mode 100644 index 7c6b0b1f8c..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-elasticloadbalancingv2-loadbalancer.json +++ /dev/null @@ -1,205 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Name", - "/properties/Type", - "/properties/Scheme" - ], - "definitions": { - "LoadBalancerAttribute": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - }, - "SubnetMapping": { - "additionalProperties": false, - "properties": { - "AllocationId": { - "type": "string" - }, - "IPv6Address": { - "type": "string" - }, - "PrivateIPv4Address": { - "type": "string" - }, - "SubnetId": { - "type": "string" - } - }, - "required": [ - "SubnetId" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::ElasticLoadBalancingV2::LoadBalancer", - "documentationUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html", - "handlers": { - "create": { - "permissions": [ - "elasticloadbalancing:CreateLoadBalancer", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:ModifyLoadBalancerAttributes", - "elasticloadbalancing:AddTags" - ] - }, - "delete": { - "permissions": [ - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DeleteLoadBalancer" - ] - }, - "list": { - "permissions": [ - "elasticloadbalancing:DescribeLoadBalancers" - ] - }, - "read": { - "permissions": [ - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeLoadBalancerAttributes", - "elasticloadbalancing:DescribeTags" - ] - }, - "update": { - "permissions": [ - "elasticloadbalancing:ModifyLoadBalancerAttributes", - "elasticloadbalancing:SetSubnets", - "elasticloadbalancing:SetIpAddressType", - "elasticloadbalancing:SetSecurityGroups", - "elasticloadbalancing:AddTags", - "elasticloadbalancing:RemoveTags" - ] - } - }, - "primaryIdentifier": [ - "/properties/LoadBalancerArn" - ], - "properties": { - "CanonicalHostedZoneID": { - "description": "The ID of the Amazon Route 53 hosted zone associated with the load balancer.", - "type": "string" - }, - "DNSName": { - "description": "The public DNS name of the load balancer.", - "type": "string" - }, - "IpAddressType": { - "description": "The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and IPv6 addresses).", - "type": "string" - }, - "LoadBalancerArn": { - "description": "The Amazon Resource Name (ARN) of the load balancer.", - "type": "string" - }, - "LoadBalancerAttributes": { - "arrayType": "AttributeList", - "description": "The load balancer attributes.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/LoadBalancerAttribute" - }, - "type": "array", - "uniqueItems": true - }, - "LoadBalancerFullName": { - "description": "The full name of the load balancer.", - "type": "string" - }, - "LoadBalancerName": { - "description": "The name of the load balancer.", - "type": "string" - }, - "Name": { - "description": "The name of the load balancer.", - "type": "string" - }, - "Scheme": { - "description": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet. The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer. The default is an Internet-facing load balancer.", - "type": "string" - }, - "SecurityGroups": { - "description": "The IDs of the security groups for the load balancer.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "SubnetMappings": { - "description": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/SubnetMapping" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "The tags to assign to the load balancer.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - }, - "Type": { - "description": "The type of load balancer. The default is application.", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/LoadBalancerName", - "/properties/LoadBalancerFullName", - "/properties/CanonicalHostedZoneID", - "/properties/LoadBalancerArn", - "/properties/DNSName" - ], - "requiredXor": [ - "SubnetMappings", - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-elasticloadbalancingv2", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::ElasticLoadBalancingV2::LoadBalancer" -} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-kinesis-stream.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-kinesis-stream.json index eef9f04cb7..b9db312ab5 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-kinesis-stream.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-kinesis-stream.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::Kinesis::Stream/Properties" + ], "createOnlyProperties": [ "/properties/Name" ], diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py index 3564f2bd59..8a9c5f8ad7 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py @@ -1167,6 +1167,7 @@ "aws-cleanrooms-configuredtableassociation.json", "aws-apigatewayv2-integration.json", "aws-pinpoint-app.json", + "aws-connect-userhierarchygroup.json", "aws-apigatewayv2-apimapping.json", "aws-ce-anomalysubscription.json", "aws-shield-drtaccess.json", @@ -1184,6 +1185,7 @@ "aws-servicecatalog-portfolioprincipalassociation.json", "aws-ram-resourceshare.json", "aws-dms-replicationconfig.json", + "aws-dynamodb-table.json", "aws-amazonmq-configurationassociation.json", "aws-wafregional-ipset.json", "aws-redshiftserverless-namespace.json", @@ -1459,6 +1461,7 @@ "aws-groundstation-missionprofile.json", "aws-cloudformation-customresource.json", "aws-fis-targetaccountconfiguration.json", + "aws-glue-tableoptimizer.json", "aws-refactorspaces-route.json", "aws-kinesisanalytics-applicationoutput.json", "aws-wisdom-assistant.json", @@ -1485,6 +1488,7 @@ "aws-iot-resourcespecificlogging.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-devopsguru-resourcecollection.json", + "aws-dynamodb-globaltable.json", "alexa-ask-skill.json", "aws-backup-backupplan.json", "aws-pinpoint-eventstream.json", @@ -1503,7 +1507,6 @@ "aws-identitystore-group.json", "aws-ram-permission.json", "aws-datasync-task.json", - "aws-ecs-taskdefinition.json", "aws-sagemaker-model.json", "aws-quicksight-refreshschedule.json", "aws-memorydb-parametergroup.json", @@ -1524,6 +1527,7 @@ "aws-timestream-scheduledquery.json", "aws-fms-notificationchannel.json", "aws-msk-batchscramsecret.json", + "aws-connect-hoursofoperation.json", "aws-dms-certificate.json", "aws-iotfleetwise-modelmanifest.json", "aws-s3-bucket.json", @@ -1597,12 +1601,12 @@ "aws-proton-environmenttemplate.json", "aws-ssm-maintenancewindowtask.json", "aws-ec2-transitgatewaymulticastdomain.json", - "aws-verifiedpermissions-policytemplate.json", "aws-eks-cluster.json", "aws-codebuild-project.json", "aws-efs-filesystem.json", "aws-pinpoint-apnsvoipsandboxchannel.json", "aws-config-organizationconformancepack.json", + "aws-connect-quickconnect.json", "aws-logs-querydefinition.json", "aws-iam-instanceprofile.json", "aws-iot-billinggroup.json", @@ -1754,7 +1758,6 @@ "aws-route53resolver-firewallrulegroupassociation.json", "aws-route53resolver-resolverqueryloggingconfig.json", "aws-ec2-snapshotblockpublicaccess.json", - "aws-ec2-subnet.json", "aws-cloudtrail-resourcepolicy.json", "aws-iottwinmaker-componenttype.json", "aws-s3objectlambda-accesspoint.json", @@ -1766,7 +1769,6 @@ "aws-appsync-domainnameapiassociation.json", "aws-appsync-apicache.json", "aws-apigateway-account.json", - "aws-wafv2-webacl.json", "aws-globalaccelerator-endpointgroup.json", "aws-ec2-transitgatewayconnect.json", "aws-networkmanager-sitetositevpnattachment.json", @@ -1856,7 +1858,6 @@ "aws-ec2-localgatewayroutetable.json", "aws-apigateway-resource.json", "aws-sagemaker-appimageconfig.json", - "aws-verifiedpermissions-identitysource.json", "aws-macie-session.json", "aws-elasticloadbalancingv2-targetgroup.json", "aws-applicationautoscaling-scalingpolicy.json", @@ -1877,7 +1878,7 @@ "aws-codedeploy-application.json", "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", - "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-supportapp-slackworkspaceconfiguration.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", @@ -1908,7 +1909,6 @@ "aws-workspacesweb-truststore.json", "aws-customerprofiles-domain.json", "aws-iot-policy.json", - "aws-ec2-transitgatewayroute.json", "aws-ssm-maintenancewindow.json", "aws-datazone-domain.json", "aws-lakeformation-tagassociation.json", @@ -1946,6 +1946,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -2084,6 +2085,7 @@ "aws-connect-routingprofile.json", "aws-ec2-flowlog.json", "aws-events-endpoint.json", + "aws-amazonmq-broker.json", "aws-emr-step.json", "aws-cleanrooms-collaboration.json", "aws-ssm-association.json", @@ -2132,7 +2134,6 @@ "aws-organizations-organizationalunit.json", "aws-appsync-datasource.json", "aws-sqs-queue.json", - "aws-ec2-securitygroupingress.json", "aws-guardduty-detector.json", "aws-sagemaker-modelqualityjobdefinition.json", "aws-iot-provisioningtemplate.json", @@ -2170,7 +2171,6 @@ "aws-quicksight-topic.json", "aws-cloudwatch-metricstream.json", "aws-dms-dataprovider.json", - "aws-location-geofencecollection.json", "aws-ssm-parameter.json", "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", @@ -2260,7 +2260,6 @@ "aws-pinpoint-apnschannel.json", "aws-rds-dbparametergroup.json", "aws-securityhub-hub.json", - "aws-s3-accesspoint.json", "aws-greengrass-groupversion.json", "aws-pinpoint-smschannel.json", "aws-nimblestudio-studio.json", @@ -2272,6 +2271,7 @@ "aws-elasticloadbalancingv2-listener.json", "aws-redshift-eventsubscription.json", "aws-iotfleethub-application.json", + "aws-connect-user.json", "aws-ssmcontacts-contactchannel.json", "aws-memorydb-acl.json", "aws-cloudformation-waitconditionhandle.json", diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-amazonmq-broker.json deleted file mode 100644 index b71851eb27..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-amazonmq-broker.json +++ /dev/null @@ -1,341 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/BrokerName", - "/properties/StorageType", - "/properties/DeploymentMode", - "/properties/EngineType", - "/properties/SubnetIds", - "/properties/AuthenticationStrategy", - "/properties/EncryptionOptions", - "/properties/PubliclyAccessible" - ], - "definitions": { - "ConfigurationId": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - }, - "Revision": { - "type": "integer" - } - }, - "required": [ - "Revision", - "Id" - ], - "type": "object" - }, - "EncryptionOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "type": "string" - }, - "UseAwsOwnedKey": { - "type": "boolean" - } - }, - "required": [ - "UseAwsOwnedKey" - ], - "type": "object" - }, - "LdapServerMetadata": { - "additionalProperties": false, - "properties": { - "Hosts": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleBase": { - "type": "string" - }, - "RoleName": { - "type": "string" - }, - "RoleSearchMatching": { - "type": "string" - }, - "RoleSearchSubtree": { - "type": "boolean" - }, - "ServiceAccountPassword": { - "type": "string" - }, - "ServiceAccountUsername": { - "type": "string" - }, - "UserBase": { - "type": "string" - }, - "UserRoleName": { - "type": "string" - }, - "UserSearchMatching": { - "type": "string" - }, - "UserSearchSubtree": { - "type": "boolean" - } - }, - "required": [ - "Hosts", - "UserSearchMatching", - "UserBase", - "RoleSearchMatching", - "ServiceAccountUsername", - "RoleBase", - "ServiceAccountPassword" - ], - "type": "object" - }, - "LogList": { - "additionalProperties": false, - "properties": { - "Audit": { - "type": "boolean" - }, - "General": { - "type": "boolean" - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "additionalProperties": false, - "properties": { - "DayOfWeek": { - "type": "string" - }, - "TimeOfDay": { - "type": "string" - }, - "TimeZone": { - "type": "string" - } - }, - "required": [ - "DayOfWeek", - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "User": { - "additionalProperties": false, - "properties": { - "ConsoleAccess": { - "type": "boolean" - }, - "Groups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Username", - "Password" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::AmazonMQ::Broker", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AmqpEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Arn": { - "type": "string" - }, - "AuthenticationStrategy": { - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "type": "boolean" - }, - "BrokerName": { - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/ConfigurationId" - }, - "ConfigurationId": { - "type": "string" - }, - "ConfigurationRevision": { - "type": "integer" - }, - "DataReplicationMode": { - "type": "string" - }, - "DataReplicationPrimaryBrokerArn": { - "type": "string" - }, - "DeploymentMode": { - "enum": [ - "SINGLE_INSTANCE", - "ACTIVE_STANDBY_MULTI_AZ", - "CLUSTER_MULTI_AZ" - ], - "type": "string" - }, - "EncryptionOptions": { - "$ref": "#/definitions/EncryptionOptions" - }, - "EngineType": { - "enum": [ - "ACTIVEMQ", - "RABBITMQ" - ], - "type": "string" - }, - "EngineVersion": { - "type": "string" - }, - "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", - "type": "string" - }, - "Id": { - "type": "string" - }, - "IpAddresses": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "LdapServerMetadata": { - "$ref": "#/definitions/LdapServerMetadata" - }, - "Logs": { - "$ref": "#/definitions/LogList" - }, - "MaintenanceWindowStartTime": { - "$ref": "#/definitions/MaintenanceWindow" - }, - "MqttEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "OpenWireEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "PubliclyAccessible": { - "type": "boolean" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StompEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StorageType": { - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "items": { - "$ref": "#/definitions/TagsEntry" - }, - "type": "array", - "uniqueItems": false - }, - "Users": { - "items": { - "$ref": "#/definitions/User" - }, - "type": "array", - "uniqueItems": false - }, - "WssEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/IpAddresses", - "/properties/Id", - "/properties/MqttEndpoints", - "/properties/OpenWireEndpoints", - "/properties/ConfigurationId", - "/properties/ConfigurationRevision", - "/properties/StompEndpoints", - "/properties/WssEndpoints", - "/properties/AmqpEndpoints", - "/properties/Arn" - ], - "required": [ - "EngineVersion", - "DeploymentMode", - "HostInstanceType", - "EngineType", - "AutoMinorVersionUpgrade", - "Users", - "PubliclyAccessible", - "BrokerName" - ], - "typeName": "AWS::AmazonMQ::Broker" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-hoursofoperation.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-hoursofoperation.json deleted file mode 100644 index 3ca96475f7..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-hoursofoperation.json +++ /dev/null @@ -1,195 +0,0 @@ -{ - "additionalProperties": false, - "definitions": { - "HoursOfOperationConfig": { - "additionalProperties": false, - "description": "Contains information about the hours of operation.", - "properties": { - "Day": { - "description": "The day that the hours of operation applies to.", - "enum": [ - "SUNDAY", - "MONDAY", - "TUESDAY", - "WEDNESDAY", - "THURSDAY", - "FRIDAY", - "SATURDAY" - ], - "type": "string" - }, - "EndTime": { - "$ref": "#/definitions/HoursOfOperationTimeSlice", - "description": "The end time that your contact center closes." - }, - "StartTime": { - "$ref": "#/definitions/HoursOfOperationTimeSlice", - "description": "The start time that your contact center opens." - } - }, - "required": [ - "Day", - "StartTime", - "EndTime" - ], - "type": "object" - }, - "HoursOfOperationTimeSlice": { - "additionalProperties": false, - "description": "The start time or end time for an hours of operation.", - "properties": { - "Hours": { - "description": "The hours.", - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "Minutes": { - "description": "The minutes.", - "maximum": 59, - "minimum": 0, - "type": "integer" - } - }, - "required": [ - "Hours", - "Minutes" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "pattern": "^(?!aws:)[a-zA-Z+-=._:/]+$", - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Connect::HoursOfOperation", - "handlers": { - "create": { - "permissions": [ - "connect:CreateHoursOfOperation", - "connect:TagResource" - ] - }, - "delete": { - "permissions": [ - "connect:DeleteHoursOfOperation", - "connect:UntagResource" - ] - }, - "list": { - "handlerSchema": { - "properties": { - "InstanceArn": { - "$ref": "resource-schema.json#/properties/InstanceArn" - } - }, - "required": [ - "InstanceArn" - ] - }, - "permissions": [ - "connect:ListHoursOfOperations" - ] - }, - "read": { - "permissions": [ - "connect:DescribeHoursOfOperation" - ] - }, - "update": { - "permissions": [ - "connect:UpdateHoursOfOperation", - "connect:TagResource", - "connect:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/HoursOfOperationArn" - ], - "properties": { - "Config": { - "description": "Configuration information for the hours of operation: day, start time, and end time.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/HoursOfOperationConfig" - }, - "maxItems": 100, - "type": "array", - "uniqueItems": true - }, - "Description": { - "description": "The description of the hours of operation.", - "maxLength": 250, - "minLength": 1, - "type": "string" - }, - "HoursOfOperationArn": { - "description": "The Amazon Resource Name (ARN) for the hours of operation.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/operating-hours/[-a-zA-Z0-9]*$", - "type": "string" - }, - "InstanceArn": { - "description": "The identifier of the Amazon Connect instance.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$", - "type": "string" - }, - "Name": { - "description": "The name of the hours of operation.", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "One or more tags.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - }, - "TimeZone": { - "description": "The time zone of the hours of operation.", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/HoursOfOperationArn" - ], - "required": [ - "InstanceArn", - "Name", - "TimeZone", - "Config" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::Connect::HoursOfOperation" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-quickconnect.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-quickconnect.json deleted file mode 100644 index fbc13aa0c5..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-quickconnect.json +++ /dev/null @@ -1,237 +0,0 @@ -{ - "additionalProperties": false, - "definitions": { - "ContactFlowArn": { - "description": "The identifier of the contact flow.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/contact-flow/[-a-zA-Z0-9]*$", - "type": "string" - }, - "PhoneNumber": { - "description": "The phone number in E.164 format.", - "pattern": "^\\+[1-9]\\d{1,14}$", - "type": "string" - }, - "PhoneNumberQuickConnectConfig": { - "additionalProperties": false, - "description": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", - "properties": { - "PhoneNumber": { - "$ref": "#/definitions/PhoneNumber" - } - }, - "required": [ - "PhoneNumber" - ], - "type": "object" - }, - "QueueArn": { - "description": "The identifier for the queue.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/queue/[-a-zA-Z0-9]*$", - "type": "string" - }, - "QueueQuickConnectConfig": { - "additionalProperties": false, - "description": "The queue configuration. This is required only if QuickConnectType is QUEUE.", - "properties": { - "ContactFlowArn": { - "$ref": "#/definitions/ContactFlowArn" - }, - "QueueArn": { - "$ref": "#/definitions/QueueArn" - } - }, - "required": [ - "ContactFlowArn", - "QueueArn" - ], - "type": "object" - }, - "QuickConnectConfig": { - "additionalProperties": false, - "description": "Configuration settings for the quick connect.", - "properties": { - "PhoneConfig": { - "$ref": "#/definitions/PhoneNumberQuickConnectConfig" - }, - "QueueConfig": { - "$ref": "#/definitions/QueueQuickConnectConfig" - }, - "QuickConnectType": { - "$ref": "#/definitions/QuickConnectType" - }, - "UserConfig": { - "$ref": "#/definitions/UserQuickConnectConfig" - } - }, - "required": [ - "QuickConnectType" - ], - "type": "object" - }, - "QuickConnectType": { - "description": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", - "enum": [ - "PHONE_NUMBER", - "QUEUE", - "USER" - ], - "type": "string" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "pattern": "^(?!aws:)[a-zA-Z+-=._:/]+$", - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "UserArn": { - "description": "The identifier of the user.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent/[-a-zA-Z0-9]*$", - "type": "string" - }, - "UserQuickConnectConfig": { - "additionalProperties": false, - "description": "The user configuration. This is required only if QuickConnectType is USER.", - "properties": { - "ContactFlowArn": { - "$ref": "#/definitions/ContactFlowArn" - }, - "UserArn": { - "$ref": "#/definitions/UserArn" - } - }, - "required": [ - "ContactFlowArn", - "UserArn" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Connect::QuickConnect", - "handlers": { - "create": { - "permissions": [ - "connect:CreateQuickConnect", - "connect:TagResource" - ] - }, - "delete": { - "permissions": [ - "connect:DeleteQuickConnect", - "connect:UntagResource" - ] - }, - "list": { - "handlerSchema": { - "properties": { - "InstanceArn": { - "$ref": "resource-schema.json#/properties/InstanceArn" - } - }, - "required": [ - "InstanceArn" - ] - }, - "permissions": [ - "connect:ListQuickConnects" - ] - }, - "read": { - "permissions": [ - "connect:DescribeQuickConnect" - ] - }, - "update": { - "permissions": [ - "connect:UpdateQuickConnectName", - "connect:UpdateQuickConnectConfig", - "connect:TagResource", - "connect:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/QuickConnectArn" - ], - "properties": { - "Description": { - "description": "The description of the quick connect.", - "maxLength": 250, - "minLength": 1, - "type": "string" - }, - "InstanceArn": { - "description": "The identifier of the Amazon Connect instance.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$", - "type": "string" - }, - "Name": { - "description": "The name of the quick connect.", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "QuickConnectArn": { - "description": "The Amazon Resource Name (ARN) for the quick connect.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/transfer-destination/[-a-zA-Z0-9]*$", - "type": "string" - }, - "QuickConnectConfig": { - "$ref": "#/definitions/QuickConnectConfig", - "description": "Configuration settings for the quick connect." - }, - "QuickConnectType": { - "description": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", - "enum": [ - "PHONE_NUMBER", - "QUEUE", - "USER" - ], - "type": "string" - }, - "Tags": { - "description": "One or more tags.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 200, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/QuickConnectArn", - "/properties/QuickConnectType" - ], - "required": [ - "Name", - "InstanceArn", - "QuickConnectConfig" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::Connect::QuickConnect" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-user.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-user.json deleted file mode 100644 index caa9c37683..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-user.json +++ /dev/null @@ -1,295 +0,0 @@ -{ - "additionalProperties": false, - "definitions": { - "AfterContactWorkTimeLimit": { - "description": "The After Call Work (ACW) timeout setting, in seconds.", - "minimum": 0, - "type": "integer" - }, - "AttributeName": { - "description": "The name of user's proficiency. You must use name of predefined attribute present in the Amazon Connect instance.", - "maxLength": 64, - "minLength": 1, - "type": "string" - }, - "AttributeValue": { - "description": "The value of user's proficiency. You must use value of predefined attribute present in the Amazon Connect instance.", - "maxLength": 64, - "minLength": 1, - "type": "string" - }, - "AutoAccept": { - "description": "The Auto accept setting.", - "type": "boolean" - }, - "DeskPhoneNumber": { - "description": "The phone number for the user's desk phone.", - "type": "string" - }, - "Email": { - "description": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", - "type": "string" - }, - "FirstName": { - "description": "The first name. This is required if you are using Amazon Connect or SAML for identity management.", - "type": "string" - }, - "LastName": { - "description": "The last name. This is required if you are using Amazon Connect or SAML for identity management.", - "type": "string" - }, - "Level": { - "description": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", - "maximum": 5.0, - "minimum": 1.0, - "type": "number" - }, - "Mobile": { - "description": "The mobile phone number.", - "pattern": "^\\+[1-9]\\d{1,14}$", - "type": "string" - }, - "PhoneType": { - "description": "The phone type.", - "enum": [ - "SOFT_PHONE", - "DESK_PHONE" - ], - "type": "string" - }, - "SecondaryEmail": { - "description": "The secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.", - "pattern": "(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}", - "type": "string" - }, - "SecurityProfileArn": { - "description": "The identifier of the security profile for the user.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/security-profile/[-a-zA-Z0-9]*$", - "type": "string" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "pattern": "^(?!aws:)[a-zA-Z+-=._:/]+$", - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "UserIdentityInfo": { - "additionalProperties": false, - "description": "Contains information about the identity of a user.", - "properties": { - "Email": { - "$ref": "#/definitions/Email" - }, - "FirstName": { - "$ref": "#/definitions/FirstName" - }, - "LastName": { - "$ref": "#/definitions/LastName" - }, - "Mobile": { - "$ref": "#/definitions/Mobile" - }, - "SecondaryEmail": { - "$ref": "#/definitions/SecondaryEmail" - } - }, - "type": "object" - }, - "UserPhoneConfig": { - "additionalProperties": false, - "description": "Contains information about the phone configuration settings for a user.", - "properties": { - "AfterContactWorkTimeLimit": { - "$ref": "#/definitions/AfterContactWorkTimeLimit" - }, - "AutoAccept": { - "$ref": "#/definitions/AutoAccept" - }, - "DeskPhoneNumber": { - "$ref": "#/definitions/DeskPhoneNumber" - }, - "PhoneType": { - "$ref": "#/definitions/PhoneType" - } - }, - "required": [ - "PhoneType" - ], - "type": "object" - }, - "UserProficiency": { - "additionalProperties": false, - "description": "Proficiency of a user.", - "properties": { - "AttributeName": { - "$ref": "#/definitions/AttributeName" - }, - "AttributeValue": { - "$ref": "#/definitions/AttributeValue" - }, - "Level": { - "$ref": "#/definitions/Level" - } - }, - "required": [ - "AttributeName", - "AttributeValue", - "Level" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Connect::User", - "handlers": { - "create": { - "permissions": [ - "connect:CreateUser", - "connect:TagResource", - "connect:AssociateUserProficiencies" - ] - }, - "delete": { - "permissions": [ - "connect:DeleteUser", - "connect:UntagResource" - ] - }, - "read": { - "permissions": [ - "connect:DescribeUser", - "connect:ListUserProficiencies" - ] - }, - "update": { - "permissions": [ - "connect:UpdateUserIdentityInfo", - "connect:UpdateUserPhoneConfig", - "connect:UpdateUserRoutingProfile", - "connect:UpdateUserSecurityProfiles", - "connect:UpdateUserHierarchy", - "connect:TagResource", - "connect:UntagResource", - "connect:AssociateUserProficiencies", - "connect:DisassociateUserProficiencies", - "connect:UpdateUserProficiencies" - ] - } - }, - "primaryIdentifier": [ - "/properties/UserArn" - ], - "properties": { - "DirectoryUserId": { - "description": "The identifier of the user account in the directory used for identity management.", - "type": "string" - }, - "HierarchyGroupArn": { - "description": "The identifier of the hierarchy group for the user.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent-group/[-a-zA-Z0-9]*$", - "type": "string" - }, - "IdentityInfo": { - "$ref": "#/definitions/UserIdentityInfo", - "description": "The information about the identity of the user." - }, - "InstanceArn": { - "description": "The identifier of the Amazon Connect instance.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$", - "type": "string" - }, - "Password": { - "description": "The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password.", - "pattern": "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)[a-zA-Z\\d\\S]{8,64}$", - "type": "string" - }, - "PhoneConfig": { - "$ref": "#/definitions/UserPhoneConfig", - "description": "The phone settings for the user." - }, - "RoutingProfileArn": { - "description": "The identifier of the routing profile for the user.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/routing-profile/[-a-zA-Z0-9]*$", - "type": "string" - }, - "SecurityProfileArns": { - "description": "One or more security profile arns for the user", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/SecurityProfileArn" - }, - "maxItems": 10, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "One or more tags.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - }, - "UserArn": { - "description": "The Amazon Resource Name (ARN) for the user.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent/[-a-zA-Z0-9]*$", - "type": "string" - }, - "UserProficiencies": { - "description": "One or more predefined attributes assigned to a user, with a level that indicates how skilled they are.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/UserProficiency" - }, - "type": "array" - }, - "Username": { - "description": "The user name for the account.", - "maxLength": 64, - "minLength": 1, - "pattern": "[a-zA-Z0-9\\_\\-\\.\\@]+", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/UserArn" - ], - "required": [ - "InstanceArn", - "PhoneConfig", - "RoutingProfileArn", - "SecurityProfileArns", - "Username" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::Connect::User", - "writeOnlyProperties": [ - "/properties/Password" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-userhierarchygroup.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-userhierarchygroup.json deleted file mode 100644 index b95915038d..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-connect-userhierarchygroup.json +++ /dev/null @@ -1,128 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ParentGroupArn" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "pattern": "^(?!aws:)[a-zA-Z+-=._:/]+$", - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "UserHierarchyGroupArn": { - "description": "The Amazon Resource Name (ARN) for the user hierarchy group.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*/agent-group/[-a-zA-Z0-9]*$", - "type": "string" - } - }, - "description": "Resource Type definition for AWS::Connect::UserHierarchyGroup", - "handlers": { - "create": { - "permissions": [ - "connect:CreateUserHierarchyGroup", - "connect:TagResource" - ] - }, - "delete": { - "permissions": [ - "connect:DeleteUserHierarchyGroup", - "connect:UntagResource" - ] - }, - "list": { - "handlerSchema": { - "properties": { - "InstanceArn": { - "$ref": "resource-schema.json#/properties/InstanceArn" - } - }, - "required": [ - "InstanceArn" - ] - }, - "permissions": [ - "connect:ListUserHierarchyGroups" - ] - }, - "read": { - "permissions": [ - "connect:DescribeUserHierarchyGroup" - ] - }, - "update": { - "permissions": [ - "connect:UpdateUserHierarchyGroupName", - "connect:TagResource", - "connect:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/UserHierarchyGroupArn" - ], - "properties": { - "InstanceArn": { - "description": "The identifier of the Amazon Connect instance.", - "pattern": "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$", - "type": "string" - }, - "Name": { - "description": "The name of the user hierarchy group.", - "maxLength": 100, - "minLength": 1, - "type": "string" - }, - "ParentGroupArn": { - "$ref": "#/definitions/UserHierarchyGroupArn", - "description": "The Amazon Resource Name (ARN) for the parent user hierarchy group." - }, - "Tags": { - "description": "One or more tags.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - }, - "UserHierarchyGroupArn": { - "$ref": "#/definitions/UserHierarchyGroupArn", - "description": "The Amazon Resource Name (ARN) for the user hierarchy group." - } - }, - "readOnlyProperties": [ - "/properties/UserHierarchyGroupArn" - ], - "required": [ - "Name", - "InstanceArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::Connect::UserHierarchyGroup" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-securitygroupingress.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-securitygroupingress.json new file mode 100644 index 0000000000..71842bdebb --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-securitygroupingress.json @@ -0,0 +1,130 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::EC2::SecurityGroupIngress/Properties" + ], + "createOnlyProperties": [ + "/properties/GroupName", + "/properties/IpProtocol", + "/properties/SourceSecurityGroupId", + "/properties/SourcePrefixListId", + "/properties/ToPort", + "/properties/CidrIp", + "/properties/SourceSecurityGroupName", + "/properties/SourceSecurityGroupOwnerId", + "/properties/FromPort", + "/properties/GroupId", + "/properties/CidrIpv6" + ], + "description": "Resource Type definition for AWS::EC2::SecurityGroupIngress", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeSecurityGroupRules", + "ec2:AuthorizeSecurityGroupIngress" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeSecurityGroupRules", + "ec2:RevokeSecurityGroupIngress" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeSecurityGroupRules" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "ec2:DescribeSecurityGroupRules" + ] + }, + "update": { + "permissions": [ + "ec2:UpdateSecurityGroupRuleDescriptionsIngress" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "CidrIp": { + "description": "The IPv4 ranges", + "type": "string" + }, + "CidrIpv6": { + "description": "[VPC only] The IPv6 ranges", + "type": "string" + }, + "Description": { + "description": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously", + "type": "string" + }, + "FromPort": { + "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "minimum": -1, + "type": "integer" + }, + "GroupId": { + "description": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.\n\nYou must specify the GroupName property or the GroupId property. For security groups that are in a VPC, you must use the GroupId property.", + "type": "string" + }, + "GroupName": { + "description": "The name of the security group.", + "type": "string" + }, + "Id": { + "description": "The Security Group Rule Id", + "type": "string" + }, + "IpProtocol": { + "description": "The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).\n\n[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "type": "string" + }, + "SourcePrefixListId": { + "description": "[EC2-VPC only] The ID of a prefix list.\n\n", + "type": "string" + }, + "SourceSecurityGroupId": { + "description": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", + "type": "string" + }, + "SourceSecurityGroupName": { + "description": "[EC2-Classic, default VPC] The name of the source security group.\n\nYou must specify the GroupName property or the GroupId property. For security groups that are in a VPC, you must use the GroupId property.", + "type": "string" + }, + "SourceSecurityGroupOwnerId": { + "description": "[nondefault VPC] The AWS account ID that owns the source security group. You can't specify this property with an IP address range.\n\nIf you specify SourceSecurityGroupName or SourceSecurityGroupId and that security group is owned by a different account than the account creating the stack, you must specify the SourceSecurityGroupOwnerId; otherwise, this property is optional.", + "type": "string" + }, + "ToPort": { + "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "minimum": -1, + "type": "integer" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "IpProtocol" + ], + "requiredXor": [ + "CidrIp", + "CidrIpv6", + "SourcePrefixListId", + "SourceSecurityGroupId", + "SourceSecurityGroupName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::SecurityGroupIngress" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-subnet.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-subnet.json new file mode 100644 index 0000000000..3e27979c2c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-subnet.json @@ -0,0 +1,187 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Ipv6CidrBlock" + ], + "createOnlyProperties": [ + "/properties/VpcId", + "/properties/AvailabilityZone", + "/properties/AvailabilityZoneId", + "/properties/CidrBlock", + "/properties/OutpostArn", + "/properties/Ipv6Native", + "/properties/Ipv4IpamPoolId", + "/properties/Ipv4NetmaskLength", + "/properties/Ipv6IpamPoolId", + "/properties/Ipv6NetmaskLength" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::Subnet", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeSubnets", + "ec2:CreateSubnet", + "ec2:CreateTags", + "ec2:ModifySubnetAttribute" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeSubnets", + "ec2:DeleteSubnet" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeSubnets", + "ec2:DescribeNetworkAcls" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeSubnets", + "ec2:DescribeNetworkAcls" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSubnets", + "ec2:ModifySubnetAttribute", + "ec2:CreateTags", + "ec2:DeleteTags", + "ec2:AssociateSubnetCidrBlock", + "ec2:DisassociateSubnetCidrBlock" + ] + } + }, + "primaryIdentifier": [ + "/properties/SubnetId" + ], + "properties": { + "AssignIpv6AddressOnCreation": { + "type": "boolean" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::Subnet/Properties/AvailabilityZone" + ], + "type": "string" + }, + "AvailabilityZoneId": { + "type": "string" + }, + "CidrBlock": { + "type": "string" + }, + "EnableDns64": { + "type": "boolean" + }, + "Ipv4IpamPoolId": { + "description": "The ID of an IPv4 IPAM pool you want to use for allocating this subnet's CIDR", + "type": "string" + }, + "Ipv4NetmaskLength": { + "description": "The netmask length of the IPv4 CIDR you want to allocate to this subnet from an Amazon VPC IP Address Manager (IPAM) pool", + "type": "integer" + }, + "Ipv6CidrBlock": { + "type": "string" + }, + "Ipv6CidrBlocks": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6IpamPoolId": { + "description": "The ID of an IPv6 IPAM pool you want to use for allocating this subnet's CIDR", + "type": "string" + }, + "Ipv6Native": { + "type": "boolean" + }, + "Ipv6NetmaskLength": { + "description": "The netmask length of the IPv6 CIDR you want to allocate to this subnet from an Amazon VPC IP Address Manager (IPAM) pool", + "type": "integer" + }, + "MapPublicIpOnLaunch": { + "type": "boolean" + }, + "NetworkAclAssociationId": { + "description": "The ID of the network ACL that is associated with the subnet's VPC", + "type": "string" + }, + "OutpostArn": { + "type": "string" + }, + "PrivateDnsNameOptionsOnLaunch": { + "additionalProperties": false, + "properties": { + "EnableResourceNameDnsAAAARecord": { + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "type": "boolean" + }, + "HostnameType": { + "type": "string" + } + }, + "type": "object" + }, + "SubnetId": { + "description": "The ID of the subnet", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "VpcId": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/NetworkAclAssociationId", + "/properties/SubnetId" + ], + "required": [ + "VpcId" + ], + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::EC2::Subnet", + "writeOnlyProperties": [ + "/properties/Ipv4IpamPoolId", + "/properties/Ipv4NetmaskLength", + "/properties/Ipv6IpamPoolId", + "/properties/Ipv6NetmaskLength" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-transitgatewayroute.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-transitgatewayroute.json new file mode 100644 index 0000000000..cc97488b72 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-transitgatewayroute.json @@ -0,0 +1,80 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/TransitGatewayRouteTableId", + "/properties/TransitGatewayAttachmentId", + "/properties/DestinationCidrBlock", + "/properties/Blackhole" + ], + "definitions": {}, + "description": "Resource Type definition for AWS::EC2::TransitGatewayRoute", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateTransitGatewayRoute", + "ec2:SearchTransitGatewayRoutes" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteTransitGatewayRoute", + "ec2:SearchTransitGatewayRoutes" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "TransitGatewayRouteTableId": { + "$ref": "resource-schema.json#/properties/TransitGatewayRouteTableId" + } + }, + "required": [ + "TransitGatewayRouteTableId" + ] + }, + "permissions": [ + "ec2:SearchTransitGatewayRoutes" + ] + }, + "read": { + "permissions": [ + "ec2:SearchTransitGatewayRoutes" + ] + } + }, + "primaryIdentifier": [ + "/properties/TransitGatewayRouteTableId", + "/properties/DestinationCidrBlock" + ], + "properties": { + "Blackhole": { + "description": "Indicates whether to drop traffic that matches this route.", + "type": "boolean" + }, + "DestinationCidrBlock": { + "description": "The CIDR range used for destination matches. Routing decisions are based on the most specific match.", + "type": "string" + }, + "TransitGatewayAttachmentId": { + "description": "The ID of transit gateway attachment.", + "type": "string" + }, + "TransitGatewayRouteTableId": { + "description": "The ID of transit gateway route table.", + "type": "string" + } + }, + "replacementStrategy": "delete_then_create", + "required": [ + "TransitGatewayRouteTableId", + "DestinationCidrBlock" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-transitgateway.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::TransitGatewayRoute" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-ecs-taskdefinition.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ecs-taskdefinition.json new file mode 100644 index 0000000000..c08047a7a4 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ecs-taskdefinition.json @@ -0,0 +1,950 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Family", + "/properties/ContainerDefinitions", + "/properties/Cpu", + "/properties/ExecutionRoleArn", + "/properties/InferenceAccelerators", + "/properties/Memory", + "/properties/NetworkMode", + "/properties/PlacementConstraints", + "/properties/ProxyConfiguration", + "/properties/RequiresCompatibilities", + "/properties/RuntimePlatform", + "/properties/TaskRoleArn", + "/properties/Volumes", + "/properties/PidMode", + "/properties/IpcMode", + "/properties/EphemeralStorage" + ], + "definitions": { + "AuthorizationConfig": { + "additionalProperties": false, + "properties": { + "AccessPointId": { + "type": "string" + }, + "IAM": { + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + } + }, + "type": "object" + }, + "ContainerDefinition": { + "additionalProperties": false, + "description": "List of container definitions that are passed to the Docker daemon on a container instance", + "properties": { + "Command": { + "insertionOrder": true, + "items": { + "type": "string" + }, + "type": "array" + }, + "Cpu": { + "type": "integer" + }, + "CredentialSpecs": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + }, + "DependsOn": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ContainerDependency" + }, + "type": "array" + }, + "DisableNetworking": { + "type": "boolean" + }, + "DnsSearchDomains": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + }, + "DnsServers": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + }, + "DockerLabels": { + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "DockerSecurityOptions": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + }, + "EntryPoint": { + "insertionOrder": true, + "items": { + "type": "string" + }, + "type": "array" + }, + "Environment": { + "description": "The environment variables to pass to a container", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/KeyValuePair" + }, + "type": "array", + "uniqueItems": true, + "uniqueKeys": [ + "Name" + ] + }, + "EnvironmentFiles": { + "description": "The list of one or more files that contain the environment variables to pass to a container", + "insertionOrder": true, + "items": { + "$ref": "#/definitions/EnvironmentFile" + }, + "type": "array" + }, + "Essential": { + "type": "boolean" + }, + "ExtraHosts": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/HostEntry" + }, + "type": "array" + }, + "FirelensConfiguration": { + "$ref": "#/definitions/FirelensConfiguration" + }, + "HealthCheck": { + "$ref": "#/definitions/HealthCheck" + }, + "Hostname": { + "type": "string" + }, + "Image": { + "description": "The image used to start a container. This string is passed directly to the Docker daemon.", + "type": "string" + }, + "Interactive": { + "type": "boolean" + }, + "Links": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "LinuxParameters": { + "$ref": "#/definitions/LinuxParameters" + }, + "LogConfiguration": { + "$ref": "#/definitions/LogConfiguration" + }, + "Memory": { + "description": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed.", + "type": "integer" + }, + "MemoryReservation": { + "type": "integer" + }, + "MountPoints": { + "insertionOrder": true, + "items": { + "$ref": "#/definitions/MountPoint" + }, + "type": "array", + "uniqueItems": true + }, + "Name": { + "description": "The name of a container. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed", + "type": "string" + }, + "PortMappings": { + "description": "Port mappings allow containers to access ports on the host container instance to send or receive traffic.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/PortMapping" + }, + "type": "array", + "uniqueItems": true + }, + "Privileged": { + "type": "boolean" + }, + "PseudoTerminal": { + "type": "boolean" + }, + "ReadonlyRootFilesystem": { + "type": "boolean" + }, + "RepositoryCredentials": { + "$ref": "#/definitions/RepositoryCredentials" + }, + "ResourceRequirements": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ResourceRequirement" + }, + "type": "array" + }, + "Secrets": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Secret" + }, + "type": "array" + }, + "StartTimeout": { + "type": "integer" + }, + "StopTimeout": { + "type": "integer" + }, + "SystemControls": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/SystemControl" + }, + "type": "array" + }, + "Ulimits": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Ulimit" + }, + "type": "array" + }, + "User": { + "type": "string" + }, + "VolumesFrom": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/VolumeFrom" + }, + "type": "array", + "uniqueItems": true + }, + "WorkingDirectory": { + "type": "string" + } + }, + "required": [ + "Name", + "Image" + ], + "type": "object" + }, + "ContainerDependency": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "ContainerName": { + "type": "string" + } + }, + "type": "object" + }, + "Device": { + "additionalProperties": false, + "properties": { + "ContainerPath": { + "type": "string" + }, + "HostPath": { + "type": "string" + }, + "Permissions": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DockerVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "Autoprovision": { + "type": "boolean" + }, + "Driver": { + "type": "string" + }, + "DriverOpts": { + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "Labels": { + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "Scope": { + "type": "string" + } + }, + "type": "object" + }, + "EFSVolumeConfiguration": { + "additionalProperties": false, + "properties": { + "AuthorizationConfig": { + "$ref": "#/definitions/AuthorizationConfig" + }, + "FilesystemId": { + "type": "string" + }, + "RootDirectory": { + "type": "string" + }, + "TransitEncryption": { + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + }, + "TransitEncryptionPort": { + "type": "integer" + } + }, + "required": [ + "FilesystemId" + ], + "type": "object" + }, + "EnvironmentFile": { + "additionalProperties": false, + "properties": { + "Type": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "EphemeralStorage": { + "additionalProperties": false, + "properties": { + "SizeInGiB": { + "type": "integer" + } + }, + "type": "object" + }, + "FirelensConfiguration": { + "additionalProperties": false, + "properties": { + "Options": { + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "type": "string" + } + }, + "type": "object" + }, + "HealthCheck": { + "additionalProperties": false, + "description": "The health check command and associated configuration parameters for the container.", + "properties": { + "Command": { + "description": "A string array representing the command that the container runs to determine if it is healthy.", + "insertionOrder": true, + "items": { + "type": "string" + }, + "type": "array" + }, + "Interval": { + "description": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds.", + "type": "integer" + }, + "Retries": { + "description": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is three retries.", + "type": "integer" + }, + "StartPeriod": { + "description": "The optional grace period within which to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You may specify between 0 and 300 seconds. The startPeriod is disabled by default.", + "type": "integer" + }, + "Timeout": { + "description": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5 seconds.", + "type": "integer" + } + }, + "type": "object" + }, + "HostEntry": { + "additionalProperties": false, + "properties": { + "Hostname": { + "type": "string" + }, + "IpAddress": { + "type": "string" + } + }, + "type": "object" + }, + "HostVolumeProperties": { + "additionalProperties": false, + "properties": { + "SourcePath": { + "type": "string" + } + }, + "type": "object" + }, + "InferenceAccelerator": { + "additionalProperties": false, + "properties": { + "DeviceName": { + "type": "string" + }, + "DeviceType": { + "type": "string" + } + }, + "type": "object" + }, + "KernelCapabilities": { + "additionalProperties": false, + "properties": { + "Add": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + }, + "Drop": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "KeyValuePair": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "LinuxParameters": { + "additionalProperties": false, + "properties": { + "Capabilities": { + "$ref": "#/definitions/KernelCapabilities" + }, + "Devices": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Device" + }, + "type": "array" + }, + "InitProcessEnabled": { + "type": "boolean" + }, + "MaxSwap": { + "type": "integer" + }, + "SharedMemorySize": { + "type": "integer" + }, + "Swappiness": { + "type": "integer" + }, + "Tmpfs": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tmpfs" + }, + "type": "array" + } + }, + "type": "object" + }, + "LogConfiguration": { + "additionalProperties": false, + "cfnLint": [ + "AWS::ECS::TaskDefinition/Properties/ContainerDefinitions/LogConfiguration" + ], + "properties": { + "LogDriver": { + "type": "string" + }, + "Options": { + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "SecretOptions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Secret" + }, + "type": "array" + } + }, + "required": [ + "LogDriver" + ], + "type": "object" + }, + "MountPoint": { + "additionalProperties": false, + "properties": { + "ContainerPath": { + "type": "string" + }, + "ReadOnly": { + "type": "boolean" + }, + "SourceVolume": { + "type": "string" + } + }, + "type": "object" + }, + "PortMapping": { + "additionalProperties": false, + "properties": { + "AppProtocol": { + "enum": [ + "http", + "http2", + "grpc" + ], + "type": "string" + }, + "ContainerPort": { + "type": "integer" + }, + "ContainerPortRange": { + "type": "string" + }, + "HostPort": { + "type": "integer" + }, + "Name": { + "type": "string" + }, + "Protocol": { + "type": "string" + } + }, + "type": "object" + }, + "ProxyConfiguration": { + "additionalProperties": false, + "properties": { + "ContainerName": { + "type": "string" + }, + "ProxyConfigurationProperties": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/KeyValuePair" + }, + "type": "array", + "uniqueItems": true + }, + "Type": { + "enum": [ + "APPMESH" + ], + "type": "string" + } + }, + "required": [ + "ContainerName" + ], + "type": "object" + }, + "RepositoryCredentials": { + "additionalProperties": false, + "properties": { + "CredentialsParameter": { + "type": "string" + } + }, + "type": "object" + }, + "ResourceRequirement": { + "additionalProperties": false, + "properties": { + "Type": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Type", + "Value" + ], + "type": "object" + }, + "RuntimePlatform": { + "additionalProperties": false, + "properties": { + "CpuArchitecture": { + "type": "string" + }, + "OperatingSystemFamily": { + "type": "string" + } + }, + "type": "object" + }, + "Secret": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "ValueFrom": { + "type": "string" + } + }, + "required": [ + "Name", + "ValueFrom" + ], + "type": "object" + }, + "SystemControl": { + "additionalProperties": false, + "properties": { + "Namespace": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "TaskDefinitionPlacementConstraint": { + "additionalProperties": false, + "properties": { + "Expression": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "Tmpfs": { + "additionalProperties": false, + "properties": { + "ContainerPath": { + "type": "string" + }, + "MountOptions": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + }, + "Size": { + "type": "integer" + } + }, + "required": [ + "Size" + ], + "type": "object" + }, + "Ulimit": { + "additionalProperties": false, + "properties": { + "HardLimit": { + "type": "integer" + }, + "Name": { + "type": "string" + }, + "SoftLimit": { + "type": "integer" + } + }, + "required": [ + "HardLimit", + "Name", + "SoftLimit" + ], + "type": "object" + }, + "Volume": { + "additionalProperties": false, + "properties": { + "ConfiguredAtLaunch": { + "type": "boolean" + }, + "DockerVolumeConfiguration": { + "$ref": "#/definitions/DockerVolumeConfiguration" + }, + "EFSVolumeConfiguration": { + "$ref": "#/definitions/EFSVolumeConfiguration" + }, + "Host": { + "$ref": "#/definitions/HostVolumeProperties" + }, + "Name": { + "type": "string" + } + }, + "type": "object" + }, + "VolumeFrom": { + "additionalProperties": false, + "properties": { + "ReadOnly": { + "type": "boolean" + }, + "SourceContainer": { + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Resource Schema describing various properties for ECS TaskDefinition", + "handlers": { + "create": { + "permissions": [ + "ecs:RegisterTaskDefinition", + "ecs:DescribeTaskDefinition", + "ecs:TagResource", + "iam:GetRole", + "iam:PassRole" + ] + }, + "delete": { + "permissions": [ + "ecs:DeregisterTaskDefinition", + "ecs:DescribeTaskDefinition", + "iam:GetRole", + "iam:PassRole" + ] + }, + "list": { + "permissions": [ + "ecs:ListTaskDefinitions", + "ecs:DescribeTaskDefinition" + ] + }, + "read": { + "permissions": [ + "ecs:DescribeTaskDefinition" + ] + }, + "update": { + "permissions": [ + "ecs:TagResource", + "ecs:UntagResource", + "ecs:ListTagsForResource", + "ecs:DescribeTaskDefinition", + "iam:GetRole", + "iam:PassRole" + ] + } + }, + "primaryIdentifier": [ + "/properties/TaskDefinitionArn" + ], + "properties": { + "ContainerDefinitions": { + "cfnLint": [ + "AWS::ECS::TaskDefinition/Properties/ContainerDefinitions" + ], + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ContainerDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "Cpu": { + "type": "string" + }, + "EphemeralStorage": { + "$ref": "#/definitions/EphemeralStorage" + }, + "ExecutionRoleArn": { + "cfnLint": [ + "AWS::ECS::TaskDefinition/Properties/ExecutionRoleArn" + ], + "type": "string" + }, + "Family": { + "type": "string" + }, + "InferenceAccelerators": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/InferenceAccelerator" + }, + "type": "array", + "uniqueItems": true + }, + "IpcMode": { + "type": "string" + }, + "Memory": { + "type": "string" + }, + "NetworkMode": { + "enum": [ + "bridge", + "host", + "awsvpc", + "none" + ], + "type": "string" + }, + "PidMode": { + "type": "string" + }, + "PlacementConstraints": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/TaskDefinitionPlacementConstraint" + }, + "type": "array", + "uniqueItems": true + }, + "ProxyConfiguration": { + "$ref": "#/definitions/ProxyConfiguration" + }, + "RequiresCompatibilities": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "RuntimePlatform": { + "$ref": "#/definitions/RuntimePlatform" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TaskDefinitionArn": { + "description": "The Amazon Resource Name (ARN) of the Amazon ECS task definition", + "type": "string" + }, + "TaskRoleArn": { + "type": "string" + }, + "Volumes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Volume" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/TaskRoleArn": "TaskRoleArn $OR $split(TaskRoleArn, \"role/\")[-1]" + }, + "readOnlyProperties": [ + "/properties/TaskDefinitionArn" + ], + "sourceUrl": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::ECS::TaskDefinition" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-iam-managedpolicy.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-iam-managedpolicy.json index a7c2fde113..e53a9ca50b 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-iam-managedpolicy.json +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-iam-managedpolicy.json @@ -106,7 +106,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::ManagedPolicy/Properties/PolicyDocument" + ], "description": "The JSON policy document that you want to use as the content for the new policy.", "maxLength": 6144, "type": [ diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-inspectorv2-cisscanconfiguration.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-inspectorv2-cisscanconfiguration.json deleted file mode 100644 index 90ddab2b7f..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-inspectorv2-cisscanconfiguration.json +++ /dev/null @@ -1,239 +0,0 @@ -{ - "additionalProperties": false, - "definitions": { - "CisSecurityLevel": { - "enum": [ - "LEVEL_1", - "LEVEL_2" - ], - "type": "string" - }, - "CisTagMap": { - "additionalProperties": false, - "patternProperties": { - "^.{2,127}$": { - "pattern": "^.{1,255}$", - "type": "string" - } - }, - "type": "object" - }, - "CisTargets": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "pattern": "^\\d{12}|ALL_MEMBERS|SELF$", - "type": "string" - }, - "maxItems": 10000, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "TargetResourceTags": { - "$ref": "#/definitions/TargetResourceTags" - } - }, - "required": [ - "AccountIds" - ] - }, - "DailySchedule": { - "additionalProperties": false, - "properties": { - "StartTime": { - "$ref": "#/definitions/Time" - } - }, - "required": [ - "StartTime" - ], - "type": "object" - }, - "Day": { - "enum": [ - "MON", - "TUE", - "WED", - "THU", - "FRI", - "SAT", - "SUN" - ], - "type": "string" - }, - "DaysList": { - "items": { - "$ref": "#/definitions/Day" - }, - "maxItems": 7, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "MonthlySchedule": { - "additionalProperties": false, - "properties": { - "Day": { - "$ref": "#/definitions/Day" - }, - "StartTime": { - "$ref": "#/definitions/Time" - } - }, - "required": [ - "StartTime", - "Day" - ], - "type": "object" - }, - "OneTimeSchedule": { - "type": "object" - }, - "Schedule": { - "description": "Choose a Schedule cadence", - "properties": { - "Daily": { - "$ref": "#/definitions/DailySchedule" - }, - "Monthly": { - "$ref": "#/definitions/MonthlySchedule" - }, - "OneTime": { - "$ref": "#/definitions/OneTimeSchedule" - }, - "Weekly": { - "$ref": "#/definitions/WeeklySchedule" - } - } - }, - "TagValueList": { - "items": { - "type": "string" - }, - "maxItems": 5, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "TargetResourceTags": { - "additionalProperties": false, - "maxProperties": 5, - "patternProperties": { - "^.+$": { - "$ref": "#/definitions/TagValueList" - } - } - }, - "Time": { - "additionalProperties": false, - "properties": { - "TimeOfDay": { - "pattern": "^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$", - "type": "string" - }, - "TimeZone": { - "type": "string" - } - }, - "required": [ - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "WeeklySchedule": { - "additionalProperties": false, - "properties": { - "Days": { - "$ref": "#/definitions/DaysList" - }, - "StartTime": { - "$ref": "#/definitions/Time" - } - }, - "required": [ - "StartTime", - "Days" - ], - "type": "object" - } - }, - "description": "CIS Scan Configuration resource schema", - "handlers": { - "create": { - "permissions": [ - "inspector2:CreateCisScanConfiguration", - "inspector2:ListCisScanConfigurations", - "inspector2:TagResource" - ] - }, - "delete": { - "permissions": [ - "inspector2:ListCisScanConfigurations", - "inspector2:DeleteCisScanConfiguration", - "inspector2:UntagResource" - ] - }, - "list": { - "permissions": [ - "inspector2:ListCisScanConfigurations", - "inspector2:ListTagsForResource" - ] - }, - "read": { - "permissions": [ - "inspector2:ListCisScanConfigurations", - "inspector2:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "inspector2:ListCisScanConfigurations", - "inspector2:UpdateCisScanConfiguration", - "inspector2:TagResource", - "inspector2:UntagResource", - "inspector2:ListTagsForResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/Arn" - ], - "properties": { - "Arn": { - "description": "CIS Scan configuration unique identifier", - "type": "string" - }, - "ScanName": { - "description": "Name of the scan", - "minLength": 1, - "type": "string" - }, - "Schedule": { - "$ref": "#/definitions/Schedule" - }, - "SecurityLevel": { - "$ref": "#/definitions/CisSecurityLevel" - }, - "Tags": { - "$ref": "#/definitions/CisTagMap" - }, - "Targets": { - "$ref": "#/definitions/CisTargets" - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-inspector.git", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::InspectorV2::CisScanConfiguration" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-iot-topicrule.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-iot-topicrule.json new file mode 100644 index 0000000000..efaee6ae0f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-iot-topicrule.json @@ -0,0 +1,1005 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/RuleName" + ], + "definitions": { + "Action": { + "additionalProperties": false, + "properties": { + "CloudwatchAlarm": { + "$ref": "#/definitions/CloudwatchAlarmAction" + }, + "CloudwatchLogs": { + "$ref": "#/definitions/CloudwatchLogsAction" + }, + "CloudwatchMetric": { + "$ref": "#/definitions/CloudwatchMetricAction" + }, + "DynamoDB": { + "$ref": "#/definitions/DynamoDBAction" + }, + "DynamoDBv2": { + "$ref": "#/definitions/DynamoDBv2Action" + }, + "Elasticsearch": { + "$ref": "#/definitions/ElasticsearchAction" + }, + "Firehose": { + "$ref": "#/definitions/FirehoseAction" + }, + "Http": { + "$ref": "#/definitions/HttpAction" + }, + "IotAnalytics": { + "$ref": "#/definitions/IotAnalyticsAction" + }, + "IotEvents": { + "$ref": "#/definitions/IotEventsAction" + }, + "IotSiteWise": { + "$ref": "#/definitions/IotSiteWiseAction" + }, + "Kafka": { + "$ref": "#/definitions/KafkaAction" + }, + "Kinesis": { + "$ref": "#/definitions/KinesisAction" + }, + "Lambda": { + "$ref": "#/definitions/LambdaAction" + }, + "Location": { + "$ref": "#/definitions/LocationAction" + }, + "OpenSearch": { + "$ref": "#/definitions/OpenSearchAction" + }, + "Republish": { + "$ref": "#/definitions/RepublishAction" + }, + "S3": { + "$ref": "#/definitions/S3Action" + }, + "Sns": { + "$ref": "#/definitions/SnsAction" + }, + "Sqs": { + "$ref": "#/definitions/SqsAction" + }, + "StepFunctions": { + "$ref": "#/definitions/StepFunctionsAction" + }, + "Timestream": { + "$ref": "#/definitions/TimestreamAction" + } + }, + "type": "object" + }, + "AssetPropertyTimestamp": { + "additionalProperties": false, + "properties": { + "OffsetInNanos": { + "type": "string" + }, + "TimeInSeconds": { + "type": "string" + } + }, + "required": [ + "TimeInSeconds" + ], + "type": "object" + }, + "AssetPropertyValue": { + "additionalProperties": false, + "properties": { + "Quality": { + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/AssetPropertyTimestamp" + }, + "Value": { + "$ref": "#/definitions/AssetPropertyVariant" + } + }, + "required": [ + "Value", + "Timestamp" + ], + "type": "object" + }, + "AssetPropertyVariant": { + "additionalProperties": false, + "properties": { + "BooleanValue": { + "type": "string" + }, + "DoubleValue": { + "type": "string" + }, + "IntegerValue": { + "type": "string" + }, + "StringValue": { + "type": "string" + } + }, + "type": "object" + }, + "CannedAccessControlList": { + "enum": [ + "private", + "public-read", + "public-read-write", + "aws-exec-read", + "authenticated-read", + "bucket-owner-read", + "bucket-owner-full-control", + "log-delivery-write" + ], + "type": "string" + }, + "CloudwatchAlarmAction": { + "additionalProperties": false, + "properties": { + "AlarmName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "StateReason": { + "type": "string" + }, + "StateValue": { + "type": "string" + } + }, + "required": [ + "AlarmName", + "StateReason", + "StateValue", + "RoleArn" + ], + "type": "object" + }, + "CloudwatchLogsAction": { + "additionalProperties": false, + "properties": { + "BatchMode": { + "type": "boolean" + }, + "LogGroupName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "LogGroupName", + "RoleArn" + ], + "type": "object" + }, + "CloudwatchMetricAction": { + "additionalProperties": false, + "properties": { + "MetricName": { + "type": "string" + }, + "MetricNamespace": { + "type": "string" + }, + "MetricTimestamp": { + "type": "string" + }, + "MetricUnit": { + "type": "string" + }, + "MetricValue": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "MetricName", + "MetricValue", + "MetricNamespace", + "MetricUnit", + "RoleArn" + ], + "type": "object" + }, + "DynamoDBAction": { + "additionalProperties": false, + "properties": { + "HashKeyField": { + "type": "string" + }, + "HashKeyType": { + "type": "string" + }, + "HashKeyValue": { + "type": "string" + }, + "PayloadField": { + "type": "string" + }, + "RangeKeyField": { + "type": "string" + }, + "RangeKeyType": { + "type": "string" + }, + "RangeKeyValue": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "TableName": { + "type": "string" + } + }, + "required": [ + "TableName", + "HashKeyField", + "HashKeyValue", + "RoleArn" + ], + "type": "object" + }, + "DynamoDBv2Action": { + "additionalProperties": false, + "properties": { + "PutItem": { + "$ref": "#/definitions/PutItemInput" + }, + "RoleArn": { + "type": "string" + } + }, + "type": "object" + }, + "ElasticsearchAction": { + "additionalProperties": false, + "properties": { + "Endpoint": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Index": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type", + "Endpoint", + "Index", + "Id", + "RoleArn" + ], + "type": "object" + }, + "FirehoseAction": { + "additionalProperties": false, + "properties": { + "BatchMode": { + "type": "boolean" + }, + "DeliveryStreamName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "Separator": { + "type": "string" + } + }, + "required": [ + "DeliveryStreamName", + "RoleArn" + ], + "type": "object" + }, + "HttpAction": { + "additionalProperties": false, + "properties": { + "Auth": { + "$ref": "#/definitions/HttpAuthorization" + }, + "ConfirmationUrl": { + "type": "string" + }, + "Headers": { + "items": { + "$ref": "#/definitions/HttpActionHeader" + }, + "type": "array", + "uniqueItems": true + }, + "Url": { + "type": "string" + } + }, + "required": [ + "Url" + ], + "type": "object" + }, + "HttpActionHeader": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "HttpAuthorization": { + "additionalProperties": false, + "properties": { + "Sigv4": { + "$ref": "#/definitions/SigV4Authorization" + } + }, + "type": "object" + }, + "IotAnalyticsAction": { + "additionalProperties": false, + "properties": { + "BatchMode": { + "type": "boolean" + }, + "ChannelName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "ChannelName", + "RoleArn" + ], + "type": "object" + }, + "IotEventsAction": { + "additionalProperties": false, + "properties": { + "BatchMode": { + "type": "boolean" + }, + "InputName": { + "type": "string" + }, + "MessageId": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "InputName", + "RoleArn" + ], + "type": "object" + }, + "IotSiteWiseAction": { + "additionalProperties": false, + "properties": { + "PutAssetPropertyValueEntries": { + "items": { + "$ref": "#/definitions/PutAssetPropertyValueEntry" + }, + "type": "array", + "uniqueItems": true + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "PutAssetPropertyValueEntries", + "RoleArn" + ], + "type": "object" + }, + "KafkaAction": { + "additionalProperties": false, + "properties": { + "ClientProperties": { + "additionalProperties": false, + "minProperties": 1, + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "DestinationArn": { + "type": "string" + }, + "Headers": { + "items": { + "$ref": "#/definitions/KafkaActionHeader" + }, + "type": "array", + "uniqueItems": true + }, + "Key": { + "type": "string" + }, + "Partition": { + "type": "string" + }, + "Topic": { + "type": "string" + } + }, + "required": [ + "DestinationArn", + "Topic", + "ClientProperties" + ], + "type": "object" + }, + "KafkaActionHeader": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "KinesisAction": { + "additionalProperties": false, + "properties": { + "PartitionKey": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "StreamName": { + "type": "string" + } + }, + "required": [ + "StreamName", + "RoleArn" + ], + "type": "object" + }, + "LambdaAction": { + "additionalProperties": false, + "properties": { + "FunctionArn": { + "type": "string" + } + }, + "type": "object" + }, + "LocationAction": { + "additionalProperties": false, + "properties": { + "DeviceId": { + "type": "string" + }, + "Latitude": { + "type": "string" + }, + "Longitude": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/Timestamp" + }, + "TrackerName": { + "type": "string" + } + }, + "required": [ + "RoleArn", + "TrackerName", + "DeviceId", + "Latitude", + "Longitude" + ], + "type": "object" + }, + "OpenSearchAction": { + "additionalProperties": false, + "properties": { + "Endpoint": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Index": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type", + "Endpoint", + "Index", + "Id", + "RoleArn" + ], + "type": "object" + }, + "PutAssetPropertyValueEntry": { + "additionalProperties": false, + "properties": { + "AssetId": { + "type": "string" + }, + "EntryId": { + "type": "string" + }, + "PropertyAlias": { + "type": "string" + }, + "PropertyId": { + "type": "string" + }, + "PropertyValues": { + "items": { + "$ref": "#/definitions/AssetPropertyValue" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "PropertyValues" + ], + "type": "object" + }, + "PutItemInput": { + "additionalProperties": false, + "properties": { + "TableName": { + "type": "string" + } + }, + "required": [ + "TableName" + ], + "type": "object" + }, + "RepublishAction": { + "additionalProperties": false, + "properties": { + "Headers": { + "$ref": "#/definitions/RepublishActionHeaders" + }, + "Qos": { + "type": "integer" + }, + "RoleArn": { + "type": "string" + }, + "Topic": { + "type": "string" + } + }, + "required": [ + "Topic", + "RoleArn" + ], + "type": "object" + }, + "RepublishActionHeaders": { + "additionalProperties": false, + "properties": { + "ContentType": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "CorrelationData": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "MessageExpiry": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "PayloadFormatIndicator": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "ResponseTopic": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "UserProperties": { + "$ref": "#/definitions/UserProperties" + } + }, + "type": "object" + }, + "RoleArn": { + "type": "string" + }, + "S3Action": { + "additionalProperties": false, + "properties": { + "BucketName": { + "type": "string" + }, + "CannedAcl": { + "$ref": "#/definitions/CannedAccessControlList" + }, + "Key": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "BucketName", + "Key", + "RoleArn" + ], + "type": "object" + }, + "SigV4Authorization": { + "additionalProperties": false, + "properties": { + "RoleArn": { + "type": "string" + }, + "ServiceName": { + "type": "string" + }, + "SigningRegion": { + "type": "string" + } + }, + "required": [ + "ServiceName", + "SigningRegion", + "RoleArn" + ], + "type": "object" + }, + "SnsAction": { + "additionalProperties": false, + "properties": { + "MessageFormat": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "TargetArn": { + "type": "string" + } + }, + "required": [ + "TargetArn", + "RoleArn" + ], + "type": "object" + }, + "SqsAction": { + "additionalProperties": false, + "properties": { + "QueueUrl": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "UseBase64": { + "type": "boolean" + } + }, + "required": [ + "RoleArn", + "QueueUrl" + ], + "type": "object" + }, + "StepFunctionsAction": { + "additionalProperties": false, + "properties": { + "ExecutionNamePrefix": { + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "StateMachineName": { + "type": "string" + } + }, + "required": [ + "StateMachineName", + "RoleArn" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Timestamp": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "TimestreamAction": { + "additionalProperties": false, + "properties": { + "DatabaseName": { + "type": "string" + }, + "Dimensions": { + "$ref": "#/definitions/TimestreamDimensionsList" + }, + "RoleArn": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Timestamp": { + "$ref": "#/definitions/TimestreamTimestamp" + } + }, + "required": [ + "RoleArn", + "DatabaseName", + "TableName", + "Dimensions" + ], + "type": "object" + }, + "TimestreamDimension": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "TimestreamDimensionsList": { + "items": { + "$ref": "#/definitions/TimestreamDimension" + }, + "maxItems": 128, + "minItems": 1, + "type": "array" + }, + "TimestreamTimestamp": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Unit" + ], + "type": "object" + }, + "TopicRulePayload": { + "additionalProperties": false, + "properties": { + "Actions": { + "items": { + "$ref": "#/definitions/Action" + }, + "type": "array" + }, + "AwsIotSqlVersion": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "ErrorAction": { + "$ref": "#/definitions/Action" + }, + "RuleDisabled": { + "type": "boolean" + }, + "Sql": { + "type": "string" + } + }, + "required": [ + "Actions", + "Sql" + ], + "type": "object" + }, + "UserProperties": { + "items": { + "$ref": "#/definitions/UserProperty" + }, + "maxItems": 100, + "minItems": 1, + "type": "array" + }, + "UserProperty": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "Value": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IoT::TopicRule", + "handlers": { + "create": { + "permissions": [ + "iam:PassRole", + "iot:CreateTopicRule", + "iot:GetTopicRule", + "iot:TagResource", + "iot:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "iot:GetTopicRule", + "iot:DeleteTopicRule" + ] + }, + "list": { + "permissions": [ + "iot:ListTopicRules" + ] + }, + "read": { + "permissions": [ + "iot:GetTopicRule", + "iot:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "iam:PassRole", + "iot:GetTopicRule", + "iot:ListTagsForResource", + "iot:ReplaceTopicRule", + "iot:TagResource", + "iot:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/RuleName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "RuleName": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TopicRulePayload": { + "$ref": "#/definitions/TopicRulePayload" + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "required": [ + "TopicRulePayload" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IoT::TopicRule" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-location-geofencecollection.json new file mode 100644 index 0000000000..bb905fef3f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-location-geofencecollection.json @@ -0,0 +1,174 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CollectionName", + "/properties/KmsKeyId" + ], + "definitions": { + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::GeofenceCollection Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "kms:*" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteGeofenceCollection", + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "list": { + "permissions": [ + "geo:ListGeofenceCollections", + "kms:*" + ] + }, + "read": { + "permissions": [ + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "update": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "geo:UpdateGeofenceCollection", + "kms:*" + ] + } + }, + "primaryIdentifier": [ + "/properties/CollectionName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CollectionArn", + "/properties/Arn", + "/properties/CreateTime", + "/properties/UpdateTime" + ], + "required": [ + "CollectionName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::GeofenceCollection" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-managedblockchain-node.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-managedblockchain-node.json index 12fd703165..2f4f07cae3 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-managedblockchain-node.json +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-managedblockchain-node.json @@ -8,7 +8,7 @@ "type": "string" }, "InstanceType": { - "cfnLint": "aws_managedblockchain_node/nodeconfiguration_instancetype_enum", + "cfnLint": "AWS::ManagedBlockchain::Node/Properties/NodeConfiguration/InstanceType", "type": "string" } }, diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-s3-accesspoint.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-s3-accesspoint.json new file mode 100644 index 0000000000..5cc4f66aa8 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-s3-accesspoint.json @@ -0,0 +1,152 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Bucket", + "/properties/BucketAccountId", + "/properties/VpcConfiguration" + ], + "definitions": { + "Arn": { + "description": "the Amazon Resource Name (ARN) of the specified accesspoint.", + "type": "string" + }, + "PublicAccessBlockConfiguration": { + "properties": { + "BlockPublicAcls": { + "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:\n- PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n - PUT Object calls fail if the request includes a public ACL.\n. - PUT Bucket calls fail if the request includes a public ACL.\nEnabling this setting doesn't affect existing policies or ACLs.", + "type": "boolean" + }, + "BlockPublicPolicy": { + "description": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies.", + "type": "boolean" + }, + "IgnorePublicAcls": { + "description": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", + "type": "boolean" + }, + "RestrictPublicBuckets": { + "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", + "type": "boolean" + } + }, + "type": "object" + }, + "VpcConfiguration": { + "description": "The Virtual Private Cloud (VPC) configuration for a bucket access point.", + "properties": { + "VpcId": { + "description": "If this field is specified, this access point will only allow connections from the specified VPC ID.", + "maxLength": 1024, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "The AWS::S3::AccessPoint resource is an Amazon S3 resource type that you can use to access buckets.", + "handlers": { + "create": { + "permissions": [ + "s3:CreateAccessPoint", + "s3:PutAccessPointPolicy", + "s3:PutAccessPointPublicAccessBlock" + ] + }, + "delete": { + "permissions": [ + "s3:DeleteAccessPointPolicy", + "s3:DeleteAccessPoint" + ] + }, + "list": { + "permissions": [ + "s3:ListAccessPoints" + ] + }, + "read": { + "permissions": [ + "s3:GetAccessPoint", + "s3:GetAccessPointPolicy" + ] + }, + "update": { + "permissions": [ + "s3:PutAccessPointPolicy", + "s3:PutAccessPointPublicAccessBlock", + "s3:DeleteAccessPointPolicy", + "s3:GetAccessPoint", + "s3:GetAccessPointPolicy" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name" + ], + "properties": { + "Alias": { + "description": "The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications.", + "maxLength": 63, + "minLength": 3, + "pattern": "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$", + "type": "string" + }, + "Arn": { + "$ref": "#/definitions/Arn", + "description": "The Amazon Resource Name (ARN) of the specified accesspoint.", + "examples": [ + "arn:aws:s3:us-west-2:123456789012:accesspoint/test" + ] + }, + "Bucket": { + "description": "The name of the bucket that you want to associate this Access Point with.", + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "BucketAccountId": { + "description": "The AWS account ID associated with the S3 bucket associated with this access point.", + "maxLength": 64, + "pattern": "^\\d{12}$", + "type": "string" + }, + "Name": { + "description": "The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "maxLength": 50, + "minLength": 3, + "pattern": "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$", + "type": "string" + }, + "NetworkOrigin": { + "description": "Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies.", + "enum": [ + "Internet", + "VPC" + ], + "type": "string" + }, + "Policy": { + "description": "The Access Point Policy you want to apply to this access point.", + "type": "object" + }, + "PublicAccessBlockConfiguration": { + "$ref": "#/definitions/PublicAccessBlockConfiguration", + "description": "The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide." + }, + "VpcConfiguration": { + "$ref": "#/definitions/VpcConfiguration", + "description": "If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC)." + } + }, + "readOnlyProperties": [ + "/properties/Alias", + "/properties/NetworkOrigin", + "/properties/Arn" + ], + "required": [ + "Bucket" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3", + "typeName": "AWS::S3::AccessPoint" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-identitysource.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-identitysource.json new file mode 100644 index 0000000000..1f6069c145 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-identitysource.json @@ -0,0 +1,201 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/PolicyStoreId" + ], + "definitions": { + "CognitoUserPoolConfiguration": { + "additionalProperties": false, + "properties": { + "ClientIds": { + "insertionOrder": false, + "items": { + "maxLength": 255, + "minLength": 1, + "pattern": "^.*$", + "type": "string" + }, + "maxItems": 1000, + "minItems": 0, + "type": "array" + }, + "UserPoolArn": { + "maxLength": 255, + "minLength": 1, + "pattern": "^arn:[a-zA-Z0-9-]+:cognito-idp:(([a-zA-Z0-9-]+:\\d{12}:userpool/[\\w-]+_[0-9a-zA-Z]+))$", + "type": "string" + } + }, + "required": [ + "UserPoolArn" + ], + "type": "object" + }, + "IdentitySourceConfiguration": { + "additionalProperties": false, + "properties": { + "CognitoUserPoolConfiguration": { + "$ref": "#/definitions/CognitoUserPoolConfiguration" + } + }, + "required": [ + "CognitoUserPoolConfiguration" + ], + "title": "CognitoUserPoolConfiguration", + "type": "object" + }, + "IdentitySourceDetails": { + "additionalProperties": false, + "properties": { + "ClientIds": { + "insertionOrder": false, + "items": { + "maxLength": 255, + "minLength": 1, + "pattern": "^.*$", + "type": "string" + }, + "maxItems": 1000, + "minItems": 0, + "type": "array" + }, + "DiscoveryUrl": { + "maxLength": 2048, + "minLength": 1, + "pattern": "^https://.*$", + "type": "string" + }, + "OpenIdIssuer": { + "$ref": "#/definitions/OpenIdIssuer" + }, + "UserPoolArn": { + "maxLength": 255, + "minLength": 1, + "pattern": "^arn:[a-zA-Z0-9-]+:cognito-idp:(([a-zA-Z0-9-]+:\\d{12}:userpool/[\\w-]+_[0-9a-zA-Z]+))$", + "type": "string" + } + }, + "type": "object" + }, + "OpenIdIssuer": { + "enum": [ + "COGNITO" + ], + "type": "string" + } + }, + "description": "Definition of AWS::VerifiedPermissions::IdentitySource Resource Type", + "handlers": { + "create": { + "permissions": [ + "verifiedpermissions:CreateIdentitySource", + "verifiedpermissions:GetIdentitySource", + "verifiedpermissions:UpdateIdentitySource", + "verifiedpermissions:DeleteIdentitySource", + "verifiedpermissions:ListIdentitySources", + "cognito-idp:DescribeUserPool", + "cognito-idp:ListUserPoolClients" + ] + }, + "delete": { + "permissions": [ + "verifiedpermissions:CreateIdentitySource", + "verifiedpermissions:GetIdentitySource", + "verifiedpermissions:UpdateIdentitySource", + "verifiedpermissions:DeleteIdentitySource", + "verifiedpermissions:ListIdentitySources", + "cognito-idp:DescribeUserPool", + "cognito-idp:ListUserPoolClients" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "PolicyStoreId": { + "$ref": "resource-schema.json#/properties/PolicyStoreId" + } + }, + "required": [ + "PolicyStoreId" + ] + }, + "permissions": [ + "verifiedpermissions:CreateIdentitySource", + "verifiedpermissions:GetIdentitySource", + "verifiedpermissions:UpdateIdentitySource", + "verifiedpermissions:DeleteIdentitySource", + "verifiedpermissions:ListIdentitySources", + "cognito-idp:DescribeUserPool", + "cognito-idp:ListUserPoolClients" + ] + }, + "read": { + "permissions": [ + "verifiedpermissions:CreateIdentitySource", + "verifiedpermissions:GetIdentitySource", + "verifiedpermissions:UpdateIdentitySource", + "verifiedpermissions:DeleteIdentitySource", + "verifiedpermissions:ListIdentitySources", + "cognito-idp:DescribeUserPool", + "cognito-idp:ListUserPoolClients" + ] + }, + "update": { + "permissions": [ + "verifiedpermissions:CreateIdentitySource", + "verifiedpermissions:GetIdentitySource", + "verifiedpermissions:UpdateIdentitySource", + "verifiedpermissions:DeleteIdentitySource", + "verifiedpermissions:ListIdentitySources", + "cognito-idp:DescribeUserPool", + "cognito-idp:ListUserPoolClients" + ] + } + }, + "primaryIdentifier": [ + "/properties/IdentitySourceId", + "/properties/PolicyStoreId" + ], + "properties": { + "Configuration": { + "$ref": "#/definitions/IdentitySourceConfiguration" + }, + "Details": { + "$ref": "#/definitions/IdentitySourceDetails" + }, + "IdentitySourceId": { + "maxLength": 200, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]*$", + "type": "string" + }, + "PolicyStoreId": { + "maxLength": 200, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]*$", + "type": "string" + }, + "PrincipalEntityType": { + "maxLength": 200, + "minLength": 1, + "pattern": "^.*$", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Details", + "/properties/IdentitySourceId" + ], + "required": [ + "Configuration", + "PolicyStoreId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-avp", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::VerifiedPermissions::IdentitySource" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-policytemplate.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-policytemplate.json new file mode 100644 index 0000000000..06416a7d31 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-verifiedpermissions-policytemplate.json @@ -0,0 +1,103 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/PolicyStoreId" + ], + "description": "Definition of AWS::VerifiedPermissions::PolicyTemplate Resource Type", + "handlers": { + "create": { + "permissions": [ + "verifiedpermissions:CreatePolicyTemplate", + "verifiedpermissions:GetPolicyTemplate", + "verifiedpermissions:UpdatePolicyTemplate", + "verifiedpermissions:DeletePolicyTemplate" + ] + }, + "delete": { + "permissions": [ + "verifiedpermissions:CreatePolicyTemplate", + "verifiedpermissions:GetPolicyTemplate", + "verifiedpermissions:UpdatePolicyTemplate", + "verifiedpermissions:DeletePolicyTemplate" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "PolicyStoreId": { + "$ref": "resource-schema.json#/properties/PolicyStoreId" + } + }, + "required": [ + "PolicyStoreId" + ] + }, + "permissions": [ + "verifiedpermissions:CreatePolicyTemplate", + "verifiedpermissions:GetPolicyTemplate", + "verifiedpermissions:UpdatePolicyTemplate", + "verifiedpermissions:DeletePolicyTemplate", + "verifiedpermissions:ListPolicyTemplates" + ] + }, + "read": { + "permissions": [ + "verifiedpermissions:CreatePolicyTemplate", + "verifiedpermissions:GetPolicyTemplate", + "verifiedpermissions:UpdatePolicyTemplate", + "verifiedpermissions:DeletePolicyTemplate" + ] + }, + "update": { + "permissions": [ + "verifiedpermissions:CreatePolicyTemplate", + "verifiedpermissions:GetPolicyTemplate", + "verifiedpermissions:UpdatePolicyTemplate", + "verifiedpermissions:DeletePolicyTemplate" + ] + } + }, + "primaryIdentifier": [ + "/properties/PolicyStoreId", + "/properties/PolicyTemplateId" + ], + "properties": { + "Description": { + "maxLength": 150, + "minLength": 0, + "type": "string" + }, + "PolicyStoreId": { + "maxLength": 200, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]*$", + "type": "string" + }, + "PolicyTemplateId": { + "maxLength": 200, + "minLength": 1, + "pattern": "^[a-zA-Z0-9-]*$", + "type": "string" + }, + "Statement": { + "maxLength": 10000, + "minLength": 1, + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/PolicyTemplateId" + ], + "required": [ + "Statement", + "PolicyStoreId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-avp", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::VerifiedPermissions::PolicyTemplate" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-wafv2-webacl.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-wafv2-webacl.json new file mode 100644 index 0000000000..df67c3910e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-wafv2-webacl.json @@ -0,0 +1,1970 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Account creation fraud prevention managed rule group in the web ACL", + "properties": { + "CreationPath": { + "type": "string" + }, + "EnableRegexInPath": { + "type": "boolean" + }, + "RegistrationPagePath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/RequestInspectionACFP" + }, + "ResponseInspection": { + "$ref": "#/definitions/ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, + "AWSManagedRulesATPRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Account Takeover Prevention managed rule group in the web ACL", + "properties": { + "EnableRegexInPath": { + "type": "boolean" + }, + "LoginPath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/ResponseInspection" + } + }, + "required": [ + "LoginPath" + ], + "type": "object" + }, + "AWSManagedRulesBotControlRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Bot Control managed rule group in the web ACL", + "properties": { + "EnableMachineLearning": { + "type": "boolean" + }, + "InspectionLevel": { + "enum": [ + "COMMON", + "TARGETED" + ], + "type": "string" + } + }, + "required": [ + "InspectionLevel" + ], + "type": "object" + }, + "AddressField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "AllowAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "AssociationConfig": { + "additionalProperties": false, + "description": "AssociationConfig for body inspection", + "properties": { + "RequestBody": { + "$ref": "#/definitions/RequestBody" + } + }, + "type": "object" + }, + "BlockAction": { + "additionalProperties": false, + "description": "Block traffic towards application.", + "properties": { + "CustomResponse": { + "$ref": "#/definitions/CustomResponse" + } + }, + "type": "object" + }, + "Body": { + "additionalProperties": false, + "description": "The body of a web request. This immediately follows the request headers.", + "properties": { + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "type": "object" + }, + "BodyParsingFallbackBehavior": { + "description": "The inspection behavior to fall back to if the JSON in the request body is invalid.", + "enum": [ + "MATCH", + "NO_MATCH", + "EVALUATE_AS_STRING" + ], + "type": "string" + }, + "ByteMatchStatement": { + "additionalProperties": false, + "description": "Byte Match statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "PositionalConstraint": { + "$ref": "#/definitions/PositionalConstraint" + }, + "SearchString": { + "$ref": "#/definitions/SearchString" + }, + "SearchStringBase64": { + "$ref": "#/definitions/SearchStringBase64" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "CaptchaAction": { + "additionalProperties": false, + "description": "Checks valid token exists with request.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "ChallengeAction": { + "additionalProperties": false, + "description": "Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "CookieMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request cookies.", + "properties": { + "All": { + "description": "Inspect all parts of the web request cookies.", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/CookieMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "CountAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CustomHTTPHeader": { + "additionalProperties": false, + "description": "HTTP header.", + "properties": { + "Name": { + "$ref": "#/definitions/CustomHTTPHeaderName" + }, + "Value": { + "$ref": "#/definitions/CustomHTTPHeaderValue" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "CustomHTTPHeaderName": { + "description": "HTTP header name.", + "maxLength": 64, + "minLength": 1, + "type": "string" + }, + "CustomHTTPHeaderValue": { + "description": "HTTP header value.", + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "CustomRequestHandling": { + "additionalProperties": false, + "description": "Custom request handling.", + "properties": { + "InsertHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "CustomResponse": { + "additionalProperties": false, + "description": "Custom response.", + "properties": { + "CustomResponseBodyKey": { + "description": "Custom response body key.", + "pattern": "^[\\w\\-]+$", + "type": "string" + }, + "ResponseCode": { + "$ref": "#/definitions/ResponseStatusCode" + }, + "ResponseHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "CustomResponseBodies": { + "additionalProperties": false, + "description": "Custom response key and body map.", + "minProperties": 1, + "patternProperties": { + "^[\\w\\-]+$": { + "$ref": "#/definitions/CustomResponseBody" + } + }, + "type": "object" + }, + "CustomResponseBody": { + "additionalProperties": false, + "description": "Custom response body.", + "properties": { + "Content": { + "$ref": "#/definitions/ResponseContent" + }, + "ContentType": { + "$ref": "#/definitions/ResponseContentType" + } + }, + "required": [ + "ContentType", + "Content" + ], + "type": "object" + }, + "DefaultAction": { + "additionalProperties": false, + "description": "Default Action WebACL will take against ingress traffic when there is no matching Rule.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + } + }, + "type": "object" + }, + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the WebACL", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the WebACL.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "ExcludedRule": { + "additionalProperties": false, + "description": "Excluded Rule in the RuleGroup or ManagedRuleGroup will not be evaluated.", + "properties": { + "Name": { + "$ref": "#/definitions/EntityName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "FieldIdentifier": { + "additionalProperties": false, + "properties": { + "Identifier": { + "maxLength": 512, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + } + }, + "required": [ + "Identifier" + ], + "type": "object" + }, + "FieldToMatch": { + "additionalProperties": false, + "description": "Field of the request to match.", + "properties": { + "AllQueryArguments": { + "description": "All query arguments of a web request.", + "type": "object" + }, + "Body": { + "$ref": "#/definitions/Body" + }, + "Cookies": { + "$ref": "#/definitions/Cookies" + }, + "Headers": { + "$ref": "#/definitions/Headers" + }, + "JsonBody": { + "$ref": "#/definitions/JsonBody" + }, + "Method": { + "description": "The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform.", + "type": "object" + }, + "QueryString": { + "description": "The query string of a web request. This is the part of a URL that appears after a ? character, if any.", + "type": "object" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "description": "One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.", + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "UriPath": { + "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.", + "type": "object" + } + }, + "type": "object" + }, + "ForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior" + ], + "type": "object" + }, + "GeoMatchStatement": { + "additionalProperties": false, + "properties": { + "CountryCodes": { + "items": { + "maxLength": 2, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + } + }, + "type": "object" + }, + "HeaderMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request headers.", + "properties": { + "All": { + "description": "Inspect all parts of the web request headers.", + "type": "object" + }, + "ExcludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Headers": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/HeaderMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "IPSetForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + }, + "Position": { + "enum": [ + "FIRST", + "LAST", + "ANY" + ], + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior", + "Position" + ], + "type": "object" + }, + "IPSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/IPSetForwardedIPConfiguration" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "ImmunityTimeProperty": { + "additionalProperties": false, + "properties": { + "ImmunityTime": { + "maximum": 259200, + "minimum": 60, + "type": "integer" + } + }, + "required": [ + "ImmunityTime" + ], + "type": "object" + }, + "JsonBody": { + "additionalProperties": false, + "description": "Inspect the request body as JSON. The request body immediately follows the request headers.", + "properties": { + "InvalidFallbackBehavior": { + "$ref": "#/definitions/BodyParsingFallbackBehavior" + }, + "MatchPattern": { + "$ref": "#/definitions/JsonMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/JsonMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope" + ], + "type": "object" + }, + "JsonMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the JSON body.", + "properties": { + "All": { + "description": "Inspect all parts of the web request's JSON body.", + "type": "object" + }, + "IncludedPaths": { + "items": { + "$ref": "#/definitions/JsonPointerPath" + }, + "type": "array" + } + }, + "type": "object" + }, + "JsonMatchScope": { + "description": "The parts of the JSON to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "JsonPointerPath": { + "description": "JSON pointer path in the web request's JSON body", + "pattern": "^[\\/]+([^~]*(~[01])*){1,512}$", + "type": "string" + }, + "Label": { + "additionalProperties": false, + "properties": { + "Name": { + "$ref": "#/definitions/LabelName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "LabelMatchKey": { + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "LabelMatchScope": { + "enum": [ + "LABEL", + "NAMESPACE" + ], + "type": "string" + }, + "LabelMatchStatement": { + "additionalProperties": false, + "properties": { + "Key": { + "$ref": "#/definitions/LabelMatchKey" + }, + "Scope": { + "$ref": "#/definitions/LabelMatchScope" + } + }, + "required": [ + "Scope", + "Key" + ], + "type": "object" + }, + "LabelName": { + "description": "Name of the Label.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "ManagedRuleGroupConfig": { + "additionalProperties": false, + "description": "ManagedRuleGroupConfig.", + "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWSManagedRulesACFPRuleSet" + }, + "AWSManagedRulesATPRuleSet": { + "$ref": "#/definitions/AWSManagedRulesATPRuleSet" + }, + "AWSManagedRulesBotControlRuleSet": { + "$ref": "#/definitions/AWSManagedRulesBotControlRuleSet" + }, + "LoginPath": { + "maxLength": 256, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "type": "object" + }, + "ManagedRuleGroupStatement": { + "additionalProperties": false, + "properties": { + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "ManagedRuleGroupConfigs": { + "description": "Collection of ManagedRuleGroupConfig.", + "items": { + "$ref": "#/definitions/ManagedRuleGroupConfig" + }, + "type": "array" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "RuleActionOverrides": { + "description": "Action overrides for rules in the rule group.", + "items": { + "$ref": "#/definitions/RuleActionOverride" + }, + "maxItems": 100, + "type": "array" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + }, + "VendorName": { + "type": "string" + }, + "Version": { + "maxLength": 64, + "minLength": 1, + "pattern": "^[\\w#:\\.\\-/]+$", + "type": "string" + } + }, + "required": [ + "VendorName", + "Name" + ], + "type": "object" + }, + "MapMatchScope": { + "description": "The parts of the request to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Statement" + ], + "type": "object" + }, + "OrStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "OverrideAction": { + "additionalProperties": false, + "description": "Override a RuleGroup or ManagedRuleGroup behavior. This can only be applied to Rule that has RuleGroupReferenceStatement or ManagedRuleGroupReferenceStatement.", + "properties": { + "Count": { + "description": "Count traffic towards application.", + "type": "object" + }, + "None": { + "description": "Keep the RuleGroup or ManagedRuleGroup behavior as is.", + "type": "object" + } + }, + "type": "object" + }, + "OversizeHandling": { + "description": "Handling of requests containing oversize fields", + "enum": [ + "CONTINUE", + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "PhoneNumberField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PositionalConstraint": { + "description": "Position of the evaluation in the FieldToMatch of request.", + "enum": [ + "EXACTLY", + "STARTS_WITH", + "ENDS_WITH", + "CONTAINS", + "CONTAINS_WORD" + ], + "type": "string" + }, + "QueryString": { + "type": "object" + }, + "RateBasedStatement": { + "additionalProperties": false, + "properties": { + "AggregateKeyType": { + "enum": [ + "CONSTANT", + "IP", + "FORWARDED_IP", + "CUSTOM_KEYS" + ], + "type": "string" + }, + "CustomKeys": { + "description": "Specifies the aggregate keys to use in a rate-base rule.", + "items": { + "$ref": "#/definitions/RateBasedStatementCustomKey" + }, + "maxItems": 5, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + }, + "Limit": { + "$ref": "#/definitions/RateLimit" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Limit", + "AggregateKeyType" + ], + "type": "object" + }, + "RateBasedStatementCustomKey": { + "additionalProperties": false, + "description": "Specifies a single custom aggregate key for a rate-base rule.", + "properties": { + "Cookie": { + "$ref": "#/definitions/RateLimitCookie" + }, + "ForwardedIP": { + "$ref": "#/definitions/RateLimitForwardedIP" + }, + "HTTPMethod": { + "$ref": "#/definitions/RateLimitHTTPMethod" + }, + "Header": { + "$ref": "#/definitions/RateLimitHeader" + }, + "IP": { + "$ref": "#/definitions/RateLimitIP" + }, + "LabelNamespace": { + "$ref": "#/definitions/RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/RateLimitUriPath" + } + }, + "type": "object" + }, + "RateLimit": { + "maximum": 2000000000, + "minimum": 100, + "type": "integer" + }, + "RateLimitCookie": { + "additionalProperties": false, + "description": "Specifies a cookie as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the cookie to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitForwardedIP": { + "description": "Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHTTPMethod": { + "description": "Specifies the request's HTTP method as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHeader": { + "additionalProperties": false, + "description": "Specifies a header as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the header to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitIP": { + "description": "Specifies the IP address in the web request as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitLabelNamespace": { + "additionalProperties": false, + "description": "Specifies a label namespace to use as an aggregate key for a rate-based rule.", + "properties": { + "Namespace": { + "description": "The namespace to use for aggregation.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "RateLimitQueryArgument": { + "additionalProperties": false, + "description": "Specifies a query argument in the request as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the query argument to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitQueryString": { + "additionalProperties": false, + "description": "Specifies the request's query string as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RateLimitUriPath": { + "additionalProperties": false, + "description": "Specifies the request's URI Path as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RegexMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "RegexString": { + "maxLength": 512, + "minLength": 1, + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "RegexString", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RegexPatternSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Arn", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RequestBody": { + "additionalProperties": false, + "description": "Map of AssociatedResourceType and RequestBodyAssociatedResourceTypeConfig", + "patternProperties": { + "^(CLOUDFRONT)$": { + "$ref": "#/definitions/RequestBodyAssociatedResourceTypeConfig" + } + }, + "type": "object" + }, + "RequestBodyAssociatedResourceTypeConfig": { + "additionalProperties": false, + "description": "Configures the inspection size in the request body.", + "properties": { + "DefaultSizeInspectionLimit": { + "$ref": "#/definitions/SizeInspectionLimit" + } + }, + "required": [ + "DefaultSizeInspectionLimit" + ], + "type": "object" + }, + "RequestInspection": { + "additionalProperties": false, + "description": "Configures the inspection of login requests", + "properties": { + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "required": [ + "PayloadType", + "UsernameField", + "PasswordField" + ], + "type": "object" + }, + "RequestInspectionACFP": { + "additionalProperties": false, + "description": "Configures the inspection of sign-up requests", + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AddressField" + }, + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/PhoneNumberField" + }, + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ResponseContent": { + "description": "Response content.", + "maxLength": 10240, + "minLength": 1, + "type": "string" + }, + "ResponseContentType": { + "description": "Valid values are TEXT_PLAIN, TEXT_HTML, and APPLICATION_JSON.", + "enum": [ + "TEXT_PLAIN", + "TEXT_HTML", + "APPLICATION_JSON" + ], + "type": "string" + }, + "ResponseInspection": { + "additionalProperties": false, + "description": "Configures the inspection of login responses", + "properties": { + "BodyContains": { + "$ref": "#/definitions/ResponseInspectionBodyContains" + }, + "Header": { + "$ref": "#/definitions/ResponseInspectionHeader" + }, + "Json": { + "$ref": "#/definitions/ResponseInspectionJson" + }, + "StatusCode": { + "$ref": "#/definitions/ResponseInspectionStatusCode" + } + }, + "type": "object" + }, + "ResponseInspectionBodyContains": { + "additionalProperties": false, + "description": "Response body contents that indicate success or failure of a login request", + "properties": { + "FailureStrings": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + }, + "SuccessStrings": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "SuccessStrings", + "FailureStrings" + ], + "type": "object" + }, + "ResponseInspectionHeader": { + "additionalProperties": false, + "description": "Response headers that indicate success or failure of a login request", + "properties": { + "FailureValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 3, + "minItems": 1, + "type": "array" + }, + "Name": { + "maxLength": 200, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "SuccessValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 3, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "Name", + "SuccessValues", + "FailureValues" + ], + "type": "object" + }, + "ResponseInspectionJson": { + "additionalProperties": false, + "description": "Response JSON that indicate success or failure of a login request", + "properties": { + "FailureValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + }, + "Identifier": { + "maxLength": 512, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "SuccessValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "Identifier", + "SuccessValues", + "FailureValues" + ], + "type": "object" + }, + "ResponseInspectionStatusCode": { + "additionalProperties": false, + "description": "Response status codes that indicate success or failure of a login request", + "properties": { + "FailureCodes": { + "items": { + "maxLength": 999, + "minLength": 0, + "type": "integer" + }, + "maxItems": 10, + "minItems": 1, + "type": "array" + }, + "SuccessCodes": { + "items": { + "maxLength": 999, + "minLength": 0, + "type": "integer" + }, + "maxItems": 10, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "SuccessCodes", + "FailureCodes" + ], + "type": "object" + }, + "ResponseStatusCode": { + "description": "Custom response code.", + "maximum": 599, + "minimum": 200, + "type": "integer" + }, + "Rule": { + "additionalProperties": false, + "description": "Rule of WebACL that contains condition and action.", + "properties": { + "Action": { + "$ref": "#/definitions/RuleAction" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "OverrideAction": { + "$ref": "#/definitions/OverrideAction" + }, + "Priority": { + "$ref": "#/definitions/RulePriority" + }, + "RuleLabels": { + "description": "Collection of Rule Labels.", + "items": { + "$ref": "#/definitions/Label" + }, + "type": "array" + }, + "Statement": { + "$ref": "#/definitions/Statement" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "required": [ + "Name", + "Priority", + "Statement", + "VisibilityConfig" + ], + "type": "object" + }, + "RuleAction": { + "additionalProperties": false, + "description": "Action taken when Rule matches its condition.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + }, + "Captcha": { + "$ref": "#/definitions/CaptchaAction" + }, + "Challenge": { + "$ref": "#/definitions/ChallengeAction" + }, + "Count": { + "$ref": "#/definitions/CountAction" + } + }, + "type": "object" + }, + "RuleActionOverride": { + "additionalProperties": false, + "description": "Action override for rules in the rule group.", + "properties": { + "ActionToUse": { + "$ref": "#/definitions/RuleAction" + }, + "Name": { + "$ref": "#/definitions/EntityName" + } + }, + "required": [ + "Name", + "ActionToUse" + ], + "type": "object" + }, + "RuleGroupReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "RuleActionOverrides": { + "description": "Action overrides for rules in the rule group.", + "items": { + "$ref": "#/definitions/RuleActionOverride" + }, + "maxItems": 100, + "type": "array" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "RulePriority": { + "description": "Priority of the Rule, Rules get evaluated from lower to higher priority.", + "minimum": 0, + "type": "integer" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront WebACL, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "SearchString": { + "description": "String that is searched to find a match.", + "type": "string" + }, + "SearchStringBase64": { + "description": "Base64 encoded string that is searched to find a match.", + "type": "string" + }, + "SensitivityLevel": { + "description": "Sensitivity Level current only used for sqli match statements.", + "enum": [ + "LOW", + "HIGH" + ], + "type": "string" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "type": "object" + }, + "SizeConstraintStatement": { + "additionalProperties": false, + "description": "Size Constraint statement.", + "properties": { + "ComparisonOperator": { + "enum": [ + "EQ", + "NE", + "LE", + "LT", + "GE", + "GT" + ], + "type": "string" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "Size": { + "maximum": 21474836480, + "minimum": 0, + "type": "number" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "ComparisonOperator", + "Size", + "TextTransformations" + ], + "type": "object" + }, + "SizeInspectionLimit": { + "enum": [ + "KB_16", + "KB_32", + "KB_48", + "KB_64" + ], + "type": "string" + }, + "SqliMatchStatement": { + "additionalProperties": false, + "description": "Sqli Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "SensitivityLevel": { + "$ref": "#/definitions/SensitivityLevel" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "Statement": { + "additionalProperties": false, + "description": "First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc", + "properties": { + "AndStatement": { + "$ref": "#/definitions/AndStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/LabelMatchStatement" + }, + "ManagedRuleGroupStatement": { + "$ref": "#/definitions/ManagedRuleGroupStatement" + }, + "NotStatement": { + "$ref": "#/definitions/NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/RegexPatternSetReferenceStatement" + }, + "RuleGroupReferenceStatement": { + "$ref": "#/definitions/RuleGroupReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/XssMatchStatement" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "TextTransformation": { + "additionalProperties": false, + "description": "Text Transformation on the Search String before match.", + "properties": { + "Priority": { + "$ref": "#/definitions/TextTransformationPriority" + }, + "Type": { + "$ref": "#/definitions/TextTransformationType" + } + }, + "required": [ + "Priority", + "Type" + ], + "type": "object" + }, + "TextTransformationPriority": { + "description": "Priority of Rule being evaluated.", + "minimum": 0, + "type": "integer" + }, + "TextTransformationType": { + "description": "Type of text transformation.", + "enum": [ + "NONE", + "COMPRESS_WHITE_SPACE", + "HTML_ENTITY_DECODE", + "LOWERCASE", + "CMD_LINE", + "URL_DECODE", + "BASE64_DECODE", + "HEX_DECODE", + "MD5", + "REPLACE_COMMENTS", + "ESCAPE_SEQ_DECODE", + "SQL_HEX_DECODE", + "CSS_DECODE", + "JS_DECODE", + "NORMALIZE_PATH", + "NORMALIZE_PATH_WIN", + "REMOVE_NULLS", + "REPLACE_NULLS", + "BASE64_DECODE_EXT", + "URL_DECODE_UNI", + "UTF8_TO_UNICODE" + ], + "type": "string" + }, + "TokenDomains": { + "description": "List of domains to accept in web request tokens, in addition to the domain of the protected resource.", + "items": { + "maxLength": 253, + "minLength": 1, + "pattern": "^[\\w\\.\\-/]+$", + "type": "string" + }, + "type": "array" + }, + "UriPath": { + "type": "object" + }, + "VisibilityConfig": { + "additionalProperties": false, + "description": "Visibility Metric of the WebACL.", + "properties": { + "CloudWatchMetricsEnabled": { + "type": "boolean" + }, + "MetricName": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "SampledRequestsEnabled": { + "type": "boolean" + } + }, + "required": [ + "SampledRequestsEnabled", + "CloudWatchMetricsEnabled", + "MetricName" + ], + "type": "object" + }, + "XssMatchStatement": { + "additionalProperties": false, + "description": "Xss Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + } + }, + "description": "Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted.", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateWebACL", + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteWebACL", + "wafv2:GetWebACL" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listWebACLs" + ] + }, + "read": { + "permissions": [ + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateWebACL", + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "AssociationConfig": { + "$ref": "#/definitions/AssociationConfig" + }, + "Capacity": { + "minimum": 0, + "type": "integer" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "CustomResponseBodies": { + "$ref": "#/definitions/CustomResponseBodies" + }, + "DefaultAction": { + "$ref": "#/definitions/DefaultAction" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "LabelNamespace": { + "$ref": "#/definitions/LabelName" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + }, + "TokenDomains": { + "$ref": "#/definitions/TokenDomains" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Capacity", + "/properties/Id", + "/properties/LabelNamespace" + ], + "required": [ + "DefaultAction", + "Scope", + "VisibilityConfig" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::WebACL" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py b/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py index c02064a608..5608d5c0c6 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py @@ -98,10 +98,12 @@ "AWS::Glue::DevEndpoint", "AWS::EventSchemas::Discoverer", "AWS::ElastiCache::UserGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::ApiGateway::RestApi", "AWS::OpsWorks::ElasticLoadBalancerAttachment", "AWS::S3ObjectLambda::AccessPointPolicy", + "AWS::InspectorV2::Filter", "AWS::ElastiCache::ReplicationGroup", "AWS::StepFunctions::StateMachineAlias", "AWS::RDS::GlobalCluster", @@ -116,6 +118,7 @@ "AWS::SNS::Topic", "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -268,6 +271,7 @@ "AWS::SNS::TopicPolicy", "AWS::NetworkFirewall::RuleGroup", "AWS::KMS::Key", + "AWS::Route53Resolver::ResolverDNSSECConfig", "AWS::ServiceCatalog::AcceptedPortfolioShare", "AWS::Route53Resolver::FirewallRuleGroupAssociation", "AWS::Route53Resolver::ResolverQueryLoggingConfig", @@ -350,6 +354,7 @@ "AWS::Lambda::LayerVersion", "AWS::RDS::OptionGroup", "AWS::OpsWorks::UserProfile", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", @@ -364,6 +369,7 @@ "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::SecretsManager::RotationSchedule", "AWS::Lambda::Permission", "AWS::NetworkFirewall::FirewallPolicy", @@ -523,9 +529,9 @@ "aws-ec2-transitgatewayroutetablepropagation.json", "aws-shield-proactiveengagement.json", "aws-s3-accessgrantslocation.json", + "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-glue-dataqualityruleset.json", "aws-config-configurationrecorder.json", @@ -579,6 +585,7 @@ "aws-events-archive.json", "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-route53resolver-resolverruleassociation.json", @@ -592,9 +599,11 @@ "aws-glue-devendpoint.json", "aws-eventschemas-discoverer.json", "aws-elasticache-usergroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-opsworks-elasticloadbalancerattachment.json", "aws-s3objectlambda-accesspointpolicy.json", + "aws-inspectorv2-filter.json", "aws-elasticache-replicationgroup.json", "aws-stepfunctions-statemachinealias.json", "aws-rds-globalcluster.json", @@ -608,10 +617,10 @@ "aws-sns-topic.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-iam-role.json", "aws-events-apidestination.json", @@ -636,7 +645,6 @@ "aws-xray-resourcepolicy.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-cloudfront-publickey.json", @@ -700,6 +708,7 @@ "aws-cloudformation-hookdefaultversion.json", "aws-config-configrule.json", "aws-imagebuilder-workflow.json", + "aws-ecs-taskset.json", "aws-appsync-apikey.json", "aws-acmpca-certificateauthorityactivation.json", "aws-guardduty-threatintelset.json", @@ -735,6 +744,7 @@ "aws-sns-topicpolicy.json", "aws-networkfirewall-rulegroup.json", "aws-kms-key.json", + "aws-route53resolver-resolverdnssecconfig.json", "aws-route53resolver-firewallrulegroupassociation.json", "aws-route53resolver-resolverqueryloggingconfig.json", "aws-ec2-snapshotblockpublicaccess.json", @@ -770,7 +780,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-xray-group.json", "aws-oam-link.json", "aws-elasticloadbalancingv2-truststorerevocation.json", @@ -804,6 +813,7 @@ "aws-lambda-layerversion.json", "aws-rds-optiongroup.json", "aws-opsworks-userprofile.json", + "aws-logs-delivery.json", "aws-ssm-maintenancewindow.json", "aws-lakeformation-tagassociation.json", "aws-ec2-ipamresourcediscovery.json", @@ -814,6 +824,7 @@ "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-secretsmanager-rotationschedule.json", "aws-lambda-permission.json", "aws-networkfirewall-firewallpolicy.json", @@ -910,7 +921,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-pcaconnectorad-serviceprincipalname.json", @@ -930,4 +940,5 @@ "aws-elasticloadbalancingv2-listener.json", "aws-cloudformation-waitconditionhandle.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-host.json index b343142e92..6ea413000b 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-spotfleet.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-spotfleet.json index 1213b39b19..dce5928f25 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-spotfleet.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ec2-spotfleet.json @@ -433,8 +433,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone" ], "type": "string" }, @@ -666,8 +666,8 @@ "type": "string" }, "IamFleetRole": { - "awsType": [ - "IamRoleArn" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole" ], "type": "string" }, @@ -839,8 +839,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ecs-taskset.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-ecs-taskset.json deleted file mode 100644 index 4dd38f7ef4..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-ecs-taskset.json +++ /dev/null @@ -1,215 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Cluster", - "/properties/ExternalId", - "/properties/LaunchType", - "/properties/LoadBalancers", - "/properties/NetworkConfiguration", - "/properties/PlatformVersion", - "/properties/Service", - "/properties/ServiceRegistries", - "/properties/TaskDefinition" - ], - "definitions": { - "AwsVpcConfiguration": { - "additionalProperties": false, - "description": "The VPC subnets and security groups associated with a task. All specified subnets and security groups must be from the same VPC.", - "properties": { - "AssignPublicIp": { - "description": "Whether the task's elastic network interface receives a public IP address. The default value is DISABLED.", - "enum": [ - "DISABLED", - "ENABLED" - ], - "type": "string" - }, - "SecurityGroups": { - "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. There is a limit of 5 security groups that can be specified per AwsVpcConfiguration.", - "items": { - "type": "string" - }, - "maxItems": 5, - "type": "array" - }, - "Subnets": { - "description": "The subnets associated with the task or service. There is a limit of 16 subnets that can be specified per AwsVpcConfiguration.", - "items": { - "type": "string" - }, - "maxItems": 16, - "type": "array" - } - }, - "required": [ - "Subnets" - ], - "type": "object" - }, - "LoadBalancer": { - "additionalProperties": false, - "description": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer. ", - "properties": { - "ContainerName": { - "description": "The name of the container (as it appears in a container definition) to associate with the load balancer.", - "type": "string" - }, - "ContainerPort": { - "description": "The port on the container to associate with the load balancer. This port must correspond to a containerPort in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they are launched on must allow ingress traffic on the hostPort of the port mapping.", - "type": "integer" - }, - "TargetGroupArn": { - "description": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. If you are using a Classic Load Balancer this should be omitted. For services using the ECS deployment controller, you can specify one or multiple target groups. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY deployment controller, you are required to define two target groups for the load balancer. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html in the Amazon Elastic Container Service Developer Guide. If your service's task definition uses the awsvpc network mode (which is required for the Fargate launch type), you must choose ip as the target type, not instance, when creating your target groups because tasks that use the awsvpc network mode are associated with an elastic network interface, not an Amazon EC2 instance.", - "type": "string" - } - }, - "type": "object" - }, - "NetworkConfiguration": { - "additionalProperties": false, - "description": "An object representing the network configuration for a task or service.", - "properties": { - "AwsVpcConfiguration": { - "$ref": "#/definitions/AwsVpcConfiguration" - } - }, - "type": "object" - }, - "Scale": { - "additionalProperties": false, - "properties": { - "Unit": { - "description": "The unit of measure for the scale value.", - "enum": [ - "PERCENT" - ], - "type": "string" - }, - "Value": { - "description": "The value, specified as a percent total of a service's desiredCount, to scale the task set. Accepted values are numbers between 0 and 100.", - "maximum": 100, - "minimum": 0, - "type": "number" - } - }, - "type": "object" - }, - "ServiceRegistry": { - "additionalProperties": false, - "properties": { - "ContainerName": { - "description": "The container name value, already specified in the task definition, to be used for your service discovery service. If the task definition that your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition that your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both.", - "type": "string" - }, - "ContainerPort": { - "description": "The port value, already specified in the task definition, to be used for your service discovery service. If the task definition your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both.", - "type": "integer" - }, - "Port": { - "description": "The port value used if your service discovery service specified an SRV record. This field may be used if both the awsvpc network mode and SRV records are used.", - "type": "integer" - }, - "RegistryArn": { - "description": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map. For more information, see https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html", - "type": "string" - } - }, - "type": "object" - } - }, - "description": "Create a task set in the specified cluster and service. This is used when a service uses the EXTERNAL deployment controller type. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.htmlin the Amazon Elastic Container Service Developer Guide.", - "handlers": { - "create": { - "permissions": [ - "ecs:CreateTaskSet", - "ecs:DescribeTaskSets" - ] - }, - "delete": { - "permissions": [ - "ecs:DeleteTaskSet", - "ecs:DescribeTaskSets" - ] - }, - "read": { - "permissions": [ - "ecs:DescribeTaskSets" - ] - }, - "update": { - "permissions": [ - "ecs:UpdateTaskSet", - "ecs:DescribeTaskSets" - ] - } - }, - "primaryIdentifier": [ - "/properties/Cluster", - "/properties/Service", - "/properties/Id" - ], - "properties": { - "Cluster": { - "description": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", - "type": "string" - }, - "ExternalId": { - "description": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the ECS_TASK_SET_EXTERNAL_ID AWS Cloud Map attribute set to the provided value. ", - "type": "string" - }, - "Id": { - "description": "The ID of the task set.", - "type": "string" - }, - "LaunchType": { - "description": "The launch type that new tasks in the task set will use. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html in the Amazon Elastic Container Service Developer Guide. ", - "enum": [ - "EC2", - "FARGATE" - ], - "type": "string" - }, - "LoadBalancers": { - "items": { - "$ref": "#/definitions/LoadBalancer" - }, - "type": "array" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/NetworkConfiguration" - }, - "PlatformVersion": { - "description": "The platform version that the tasks in the task set should use. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the LATEST platform version is used by default.", - "type": "string" - }, - "Scale": { - "$ref": "#/definitions/Scale", - "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set." - }, - "Service": { - "description": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", - "type": "string" - }, - "ServiceRegistries": { - "description": "The details of the service discovery registries to assign to this task set. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html.", - "items": { - "$ref": "#/definitions/ServiceRegistry" - }, - "type": "array" - }, - "TaskDefinition": { - "description": "The short name or full Amazon Resource Name (ARN) of the task definition for the tasks in the task set to use.", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Cluster", - "Service", - "TaskDefinition" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ecs.git", - "typeName": "AWS::ECS::TaskSet" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-guardduty-filter.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-guardduty-filter.json deleted file mode 100644 index 0c0c488266..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-guardduty-filter.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DetectorId", - "/properties/Name" - ], - "definitions": { - "Condition": { - "additionalProperties": false, - "properties": { - "Eq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Equals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "GreaterThan": { - "type": "integer" - }, - "GreaterThanOrEqual": { - "type": "integer" - }, - "Gt": { - "type": "integer" - }, - "Gte": { - "type": "integer" - }, - "LessThan": { - "type": "integer" - }, - "LessThanOrEqual": { - "type": "integer" - }, - "Lt": { - "type": "integer" - }, - "Lte": { - "type": "integer" - }, - "Neq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "NotEquals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "type": "object" - }, - "ItemType": { - "$ref": "#/definitions/Condition" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::GuardDuty::Filter", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Action": { - "enum": [ - "NOOP", - "ARCHIVE" - ], - "type": "string" - }, - "Description": { - "type": "string" - }, - "DetectorId": { - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/FindingCriteria" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "Rank": { - "type": "integer" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Action", - "Description", - "DetectorId", - "FindingCriteria", - "Rank", - "Name" - ], - "typeName": "AWS::GuardDuty::Filter" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py index 3c739d8ad2..1130c61d40 100644 --- a/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py @@ -170,6 +170,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -203,6 +204,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -620,6 +622,7 @@ "AWS::OpsWorks::UserProfile", "AWS::Glue::Schema", "AWS::DataZone::Environment", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", @@ -648,6 +651,7 @@ "AWS::DMS::MigrationProject", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1081,6 +1085,7 @@ "aws-networkmanager-connectpeer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1088,6 +1093,7 @@ "aws-mediaconvert-jobtemplate.json", "aws-appmesh-virtualservice.json", "aws-s3objectlambda-accesspointpolicy.json", + "aws-codegurureviewer-repositoryassociation.json", "aws-networkmanager-transitgatewayregistration.json", "aws-amplify-app.json", "aws-inspectorv2-filter.json", @@ -1113,12 +1119,12 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-kafkaconnect-connector.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", @@ -1326,6 +1332,7 @@ "aws-datasync-locationazureblob.json", "aws-logs-logstream.json", "aws-dms-replicationsubnetgroup.json", + "aws-aps-rulegroupsnamespace.json", "aws-s3outposts-bucket.json", "aws-route53-recordsetgroup.json", "aws-ec2-localgatewayroute.json", @@ -1447,7 +1454,6 @@ "aws-transfer-agreement.json", "aws-lightsail-certificate.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1509,6 +1515,7 @@ "aws-opsworks-userprofile.json", "aws-glue-schema.json", "aws-datazone-environment.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-iot-policy.json", "aws-ssm-maintenancewindow.json", @@ -1536,6 +1543,7 @@ "aws-dms-migrationproject.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1641,7 +1649,6 @@ "aws-emr-step.json", "aws-cleanrooms-collaboration.json", "aws-ssm-association.json", - "aws-ec2-clientvpnendpoint.json", "aws-cloudfront-responseheaderspolicy.json", "aws-securityhub-automationrule.json", "aws-msk-clusterpolicy.json", @@ -1710,7 +1717,6 @@ "aws-apigatewayv2-routeresponse.json", "aws-cloudwatch-metricstream.json", "aws-dms-dataprovider.json", - "aws-location-geofencecollection.json", "aws-ssm-parameter.json", "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", @@ -1751,7 +1757,6 @@ "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", "aws-codeartifact-domain.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/eu_north_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/eu_north_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-codegurureviewer-repositoryassociation.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-codegurureviewer-repositoryassociation.json deleted file mode 100644 index 11afc8726f..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_north_1/aws-codegurureviewer-repositoryassociation.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Name", - "/properties/Type", - "/properties/Owner", - "/properties/ConnectionArn", - "/properties/Tags", - "/properties/BucketName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "This resource schema represents the RepositoryAssociation resource in the Amazon CodeGuru Reviewer service.", - "handlers": { - "create": { - "permissions": [ - "codeguru-reviewer:AssociateRepository", - "codeguru-reviewer:TagResource", - "iam:CreateServiceLinkedRole", - "codecommit:TagResource", - "codecommit:GitPull", - "codecommit:TagResource", - "events:PutRule", - "events:PutTargets", - "codestar-connections:ListBranches", - "codestar-connections:ListRepositories", - "codestar-connections:ListTagsForResource", - "codestar-connections:PassConnection", - "codestar-connections:TagResource", - "codestar-connections:UseConnection" - ] - }, - "delete": { - "permissions": [ - "codeguru-reviewer:DisassociateRepository", - "codecommit:UntagResource", - "events:DeleteRule", - "events:RemoveTargets", - "codestar-connections:UntagResource" - ] - }, - "list": { - "permissions": [ - "codeguru-reviewer:ListRepositoryAssociations" - ] - }, - "read": { - "permissions": [ - "codeguru-reviewer:DescribeRepositoryAssociation", - "codeguru-reviewer:ListTagsForResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/AssociationArn" - ], - "properties": { - "AssociationArn": { - "description": "The Amazon Resource Name (ARN) of the repository association.", - "maxLength": 256, - "minLength": 0, - "pattern": "arn:aws(-[\\w]+)*:.+:.+:[0-9]{12}:.+", - "type": "string" - }, - "BucketName": { - "description": "The name of the S3 bucket associated with an associated S3 repository. It must start with `codeguru-reviewer-`.", - "maxLength": 63, - "minLength": 3, - "pattern": "^\\S(.*\\S)?$", - "type": "string" - }, - "ConnectionArn": { - "description": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection.", - "maxLength": 256, - "minLength": 0, - "pattern": "arn:aws(-[\\w]+)*:.+:.+:[0-9]{12}:.+", - "type": "string" - }, - "Name": { - "description": "Name of the repository to be associated.", - "maxLength": 100, - "minLength": 1, - "pattern": "^\\S[\\w.-]*$", - "type": "string" - }, - "Owner": { - "description": "The owner of the repository. For a Bitbucket repository, this is the username for the account that owns the repository.", - "maxLength": 100, - "minLength": 1, - "pattern": "^\\S(.*\\S)?$", - "type": "string" - }, - "Tags": { - "description": "The tags associated with a repository association.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": false - }, - "Type": { - "description": "The type of repository to be associated.", - "enum": [ - "CodeCommit", - "Bitbucket", - "GitHubEnterpriseServer", - "S3Bucket" - ], - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/AssociationArn" - ], - "required": [ - "Name", - "Type" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-codegurureviewer", - "typeName": "AWS::CodeGuruReviewer::RepositoryAssociation" -} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-clientvpnendpoint.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-clientvpnendpoint.json new file mode 100644 index 0000000000..7c71724312 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-clientvpnendpoint.json @@ -0,0 +1,250 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/TransportProtocol", + "/properties/ClientCidrBlock", + "/properties/TagSpecifications", + "/properties/AuthenticationOptions" + ], + "definitions": { + "CertificateAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "ClientRootCertificateChainArn": { + "type": "string" + } + }, + "required": [ + "ClientRootCertificateChainArn" + ], + "type": "object" + }, + "ClientAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "ActiveDirectory": { + "$ref": "#/definitions/DirectoryServiceAuthenticationRequest" + }, + "FederatedAuthentication": { + "$ref": "#/definitions/FederatedAuthenticationRequest" + }, + "MutualAuthentication": { + "$ref": "#/definitions/CertificateAuthenticationRequest" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "ClientConnectOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "LambdaFunctionArn": { + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "ClientLoginBannerOptions": { + "additionalProperties": false, + "properties": { + "BannerText": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "ClientRouteMonitoringOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "ConnectionLogOptions": { + "additionalProperties": false, + "properties": { + "CloudwatchLogGroup": { + "type": "string" + }, + "CloudwatchLogStream": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "DirectoryServiceAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "DirectoryId": { + "type": "string" + } + }, + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "FederatedAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "SAMLProviderArn": { + "type": "string" + }, + "SelfServiceSAMLProviderArn": { + "type": "string" + } + }, + "required": [ + "SAMLProviderArn" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "ResourceType", + "Tags" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::ClientVpnEndpoint", + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "AuthenticationOptions": { + "items": { + "$ref": "#/definitions/ClientAuthenticationRequest" + }, + "type": "array", + "uniqueItems": false + }, + "ClientCidrBlock": { + "type": "string" + }, + "ClientConnectOptions": { + "$ref": "#/definitions/ClientConnectOptions" + }, + "ClientLoginBannerOptions": { + "$ref": "#/definitions/ClientLoginBannerOptions" + }, + "ClientRouteMonitoringOptions": { + "$ref": "#/definitions/ClientRouteMonitoringOptions" + }, + "ConnectionLogOptions": { + "$ref": "#/definitions/ConnectionLogOptions" + }, + "Description": { + "type": "string" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Id": { + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SelfServicePortal": { + "type": "string" + }, + "ServerCertificateArn": { + "type": "string" + }, + "SessionTimeoutHours": { + "type": "integer" + }, + "SplitTunnel": { + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "TransportProtocol": { + "type": "string" + }, + "VpcId": { + "type": "string" + }, + "VpnPort": { + "type": "integer" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "ClientCidrBlock", + "ConnectionLogOptions", + "AuthenticationOptions", + "ServerCertificateArn" + ], + "typeName": "AWS::EC2::ClientVpnEndpoint" +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/eu_north_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-location-geofencecollection.json new file mode 100644 index 0000000000..bb905fef3f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-location-geofencecollection.json @@ -0,0 +1,174 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CollectionName", + "/properties/KmsKeyId" + ], + "definitions": { + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::GeofenceCollection Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "kms:*" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteGeofenceCollection", + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "list": { + "permissions": [ + "geo:ListGeofenceCollections", + "kms:*" + ] + }, + "read": { + "permissions": [ + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "update": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "geo:UpdateGeofenceCollection", + "kms:*" + ] + } + }, + "primaryIdentifier": [ + "/properties/CollectionName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CollectionArn", + "/properties/Arn", + "/properties/CreateTime", + "/properties/UpdateTime" + ], + "required": [ + "CollectionName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::GeofenceCollection" +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/eu_north_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py index acaf390187..f87110cb81 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py @@ -524,6 +524,7 @@ "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", "AWS::Lambda::Permission", @@ -741,10 +742,10 @@ "aws-shield-proactiveengagement.json", "aws-apigateway-basepathmapping.json", "aws-s3-accessgrantslocation.json", + "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-ec2-localgatewayroutetablevpcassociation.json", "aws-config-organizationconfigrule.json", @@ -797,7 +798,6 @@ "aws-cognito-identitypoolroleattachment.json", "aws-route53-recordset.json", "aws-eks-accessentry.json", - "aws-amplifyuibuilder-form.json", "aws-elasticache-securitygroup.json", "aws-backup-framework.json", "aws-kinesisfirehose-deliverystream.json", @@ -829,6 +829,7 @@ "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-cloudformation-moduleversion.json", @@ -878,7 +879,6 @@ "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-ssm-document.json", "aws-iam-role.json", @@ -914,7 +914,6 @@ "aws-networkfirewall-loggingconfiguration.json", "aws-glue-classifier.json", "aws-codedeploy-deploymentgroup.json", - "aws-amplifyuibuilder-component.json", "aws-sagemaker-inferenceexperiment.json", "aws-cloudformation-stackset.json", "aws-ec2-route.json", @@ -925,7 +924,6 @@ "aws-xray-resourcepolicy.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-cloudfront-publickey.json", @@ -1060,7 +1058,6 @@ "aws-iam-grouppolicy.json", "aws-scheduler-schedule.json", "aws-waf-bytematchset.json", - "aws-amplifyuibuilder-theme.json", "aws-emrserverless-application.json", "aws-ec2-host.json", "aws-lambda-codesigningconfig.json", @@ -1134,7 +1131,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", "aws-oam-link.json", @@ -1204,6 +1200,7 @@ "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", "aws-lambda-permission.json", @@ -1351,7 +1348,6 @@ "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", "aws-codeartifact-domain.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", @@ -1380,4 +1376,5 @@ "aws-redshift-eventsubscription.json", "aws-cloudformation-waitconditionhandle.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-component.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-component.json new file mode 100644 index 0000000000..7a6e22ebe4 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-component.json @@ -0,0 +1,567 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "ActionParameters": { + "additionalProperties": false, + "properties": { + "Anchor": { + "$ref": "#/definitions/ComponentProperty" + }, + "Fields": { + "$ref": "#/definitions/ComponentProperties" + }, + "Global": { + "$ref": "#/definitions/ComponentProperty" + }, + "Id": { + "$ref": "#/definitions/ComponentProperty" + }, + "Model": { + "type": "string" + }, + "State": { + "$ref": "#/definitions/MutationActionSetStateParameter" + }, + "Target": { + "$ref": "#/definitions/ComponentProperty" + }, + "Type": { + "$ref": "#/definitions/ComponentProperty" + }, + "Url": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentBindingProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentBindingPropertiesValue" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValue": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingPropertiesValueProperties" + }, + "DefaultValue": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValueProperties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "Field": { + "type": "string" + }, + "Key": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Predicates": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "UserAttribute": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentChild": { + "additionalProperties": false, + "properties": { + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "ComponentType": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Name": { + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + } + }, + "required": [ + "ComponentType", + "Name", + "Properties" + ], + "type": "object" + }, + "ComponentCollectionProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentDataConfiguration" + } + }, + "type": "object" + }, + "ComponentConditionProperty": { + "additionalProperties": false, + "properties": { + "Else": { + "$ref": "#/definitions/ComponentProperty" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "OperandType": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Then": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentDataConfiguration": { + "additionalProperties": false, + "properties": { + "Identifiers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Model": { + "type": "string" + }, + "Predicate": { + "$ref": "#/definitions/Predicate" + }, + "Sort": { + "items": { + "$ref": "#/definitions/SortProperty" + }, + "type": "array" + } + }, + "required": [ + "Model" + ], + "type": "object" + }, + "ComponentEvent": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/ActionParameters" + } + }, + "type": "object" + }, + "ComponentEvents": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentEvent" + } + }, + "type": "object" + }, + "ComponentOverrides": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentOverridesValue" + } + }, + "type": "object" + }, + "ComponentOverridesValue": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentProperty": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "Bindings": { + "$ref": "#/definitions/FormBindings" + }, + "CollectionBindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "ComponentName": { + "type": "string" + }, + "Concat": { + "items": { + "$ref": "#/definitions/ComponentProperty" + }, + "type": "array" + }, + "Condition": { + "$ref": "#/definitions/ComponentConditionProperty" + }, + "Configured": { + "type": "boolean" + }, + "DefaultValue": { + "type": "string" + }, + "Event": { + "type": "string" + }, + "ImportedValue": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Type": { + "type": "string" + }, + "UserAttribute": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentPropertyBindingProperties": { + "additionalProperties": false, + "properties": { + "Field": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Property" + ], + "type": "object" + }, + "ComponentVariant": { + "additionalProperties": false, + "properties": { + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "VariantValues": { + "$ref": "#/definitions/ComponentVariantValues" + } + }, + "type": "object" + }, + "ComponentVariantValues": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "FormBindingElement": { + "additionalProperties": false, + "properties": { + "Element": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Element", + "Property" + ], + "type": "object" + }, + "FormBindings": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FormBindingElement" + } + }, + "type": "object" + }, + "MutationActionSetStateParameter": { + "additionalProperties": false, + "properties": { + "ComponentName": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Set": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "required": [ + "ComponentName", + "Property", + "Set" + ], + "type": "object" + }, + "Predicate": { + "additionalProperties": false, + "properties": { + "And": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Or": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + } + }, + "type": "object" + }, + "SortDirection": { + "enum": [ + "ASC", + "DESC" + ], + "type": "string" + }, + "SortProperty": { + "additionalProperties": false, + "properties": { + "Direction": { + "$ref": "#/definitions/SortDirection" + }, + "Field": { + "type": "string" + } + }, + "required": [ + "Direction", + "Field" + ], + "type": "object" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Component Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:CreateComponent", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:DeleteComponent", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:ListComponents" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:UpdateComponent", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingProperties" + }, + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "CollectionProperties": { + "$ref": "#/definitions/ComponentCollectionProperties" + }, + "ComponentType": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + }, + "SchemaVersion": { + "type": "string" + }, + "SourceId": { + "type": "string" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Variants": { + "items": { + "$ref": "#/definitions/ComponentVariant" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "BindingProperties", + "ComponentType", + "Name", + "Overrides", + "Properties", + "Variants" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Component" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-form.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-form.json new file mode 100644 index 0000000000..673b10c7af --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-form.json @@ -0,0 +1,546 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "FieldConfig": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "InputType": { + "$ref": "#/definitions/FieldInputConfig" + }, + "Label": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Validations": { + "items": { + "$ref": "#/definitions/FieldValidationConfiguration" + }, + "type": "array" + } + }, + "type": "object" + }, + "FieldInputConfig": { + "additionalProperties": false, + "properties": { + "DefaultChecked": { + "type": "boolean" + }, + "DefaultCountryCode": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "DescriptiveText": { + "type": "string" + }, + "FileUploaderConfig": { + "$ref": "#/definitions/FileUploaderFieldConfig" + }, + "IsArray": { + "type": "boolean" + }, + "MaxValue": { + "type": "number" + }, + "MinValue": { + "type": "number" + }, + "Name": { + "type": "string" + }, + "Placeholder": { + "type": "string" + }, + "ReadOnly": { + "type": "boolean" + }, + "Required": { + "type": "boolean" + }, + "Step": { + "type": "number" + }, + "Type": { + "type": "string" + }, + "Value": { + "type": "string" + }, + "ValueMappings": { + "$ref": "#/definitions/ValueMappings" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldPosition": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Fixed": { + "$ref": "#/definitions/FixedPosition" + } + }, + "required": [ + "Fixed" + ], + "title": "Fixed", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "RightOf": { + "type": "string" + } + }, + "required": [ + "RightOf" + ], + "title": "RightOf", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Below": { + "type": "string" + } + }, + "required": [ + "Below" + ], + "title": "Below", + "type": "object" + } + ] + }, + "FieldValidationConfiguration": { + "additionalProperties": false, + "properties": { + "NumValues": { + "items": { + "type": "number" + }, + "type": "array" + }, + "StrValues": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Type": { + "type": "string" + }, + "ValidationMessage": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldsMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FieldConfig" + } + }, + "type": "object" + }, + "FileUploaderFieldConfig": { + "additionalProperties": false, + "properties": { + "AcceptedFileTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "AccessLevel": { + "$ref": "#/definitions/StorageAccessLevel" + }, + "IsResumable": { + "type": "boolean" + }, + "MaxFileCount": { + "type": "number" + }, + "MaxSize": { + "type": "number" + }, + "ShowThumbnails": { + "type": "boolean" + } + }, + "required": [ + "AcceptedFileTypes", + "AccessLevel" + ], + "type": "object" + }, + "FixedPosition": { + "enum": [ + "first" + ], + "type": "string" + }, + "FormActionType": { + "enum": [ + "create", + "update" + ], + "type": "string" + }, + "FormButton": { + "additionalProperties": false, + "properties": { + "Children": { + "type": "string" + }, + "Excluded": { + "type": "boolean" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + } + }, + "type": "object" + }, + "FormButtonsPosition": { + "enum": [ + "top", + "bottom", + "top_and_bottom" + ], + "type": "string" + }, + "FormCTA": { + "additionalProperties": false, + "properties": { + "Cancel": { + "$ref": "#/definitions/FormButton" + }, + "Clear": { + "$ref": "#/definitions/FormButton" + }, + "Position": { + "$ref": "#/definitions/FormButtonsPosition" + }, + "Submit": { + "$ref": "#/definitions/FormButton" + } + }, + "type": "object" + }, + "FormDataSourceType": { + "enum": [ + "DataStore", + "Custom" + ], + "type": "string" + }, + "FormDataTypeConfig": { + "additionalProperties": false, + "properties": { + "DataSourceType": { + "$ref": "#/definitions/FormDataSourceType" + }, + "DataTypeName": { + "type": "string" + } + }, + "required": [ + "DataSourceType", + "DataTypeName" + ], + "type": "object" + }, + "FormInputValueProperty": { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "FormStyle": { + "additionalProperties": false, + "properties": { + "HorizontalGap": { + "$ref": "#/definitions/FormStyleConfig" + }, + "OuterPadding": { + "$ref": "#/definitions/FormStyleConfig" + }, + "VerticalGap": { + "$ref": "#/definitions/FormStyleConfig" + } + }, + "type": "object" + }, + "FormStyleConfig": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "TokenReference": { + "type": "string" + } + }, + "required": [ + "TokenReference" + ], + "title": "TokenReference", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "required": [ + "Value" + ], + "title": "Value", + "type": "object" + } + ] + }, + "LabelDecorator": { + "enum": [ + "required", + "optional", + "none" + ], + "type": "string" + }, + "SectionalElement": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "Level": { + "type": "number" + }, + "Orientation": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Text": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "SectionalElementMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/SectionalElement" + } + }, + "type": "object" + }, + "StorageAccessLevel": { + "enum": [ + "public", + "protected", + "private" + ], + "type": "string" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ValueMapping": { + "additionalProperties": false, + "properties": { + "DisplayValue": { + "$ref": "#/definitions/FormInputValueProperty" + }, + "Value": { + "$ref": "#/definitions/FormInputValueProperty" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "ValueMappings": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/ValueMapping" + }, + "type": "array" + } + }, + "required": [ + "Values" + ], + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Form Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:CreateForm", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:DeleteForm", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:ListForms" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:UpdateForm", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "Cta": { + "$ref": "#/definitions/FormCTA" + }, + "DataType": { + "$ref": "#/definitions/FormDataTypeConfig" + }, + "EnvironmentName": { + "type": "string" + }, + "Fields": { + "$ref": "#/definitions/FieldsMap" + }, + "FormActionType": { + "$ref": "#/definitions/FormActionType" + }, + "Id": { + "type": "string" + }, + "LabelDecorator": { + "$ref": "#/definitions/LabelDecorator" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "SchemaVersion": { + "type": "string" + }, + "SectionalElements": { + "$ref": "#/definitions/SectionalElementMap" + }, + "Style": { + "$ref": "#/definitions/FormStyle" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "DataType", + "Fields", + "FormActionType", + "Name", + "SchemaVersion", + "SectionalElements", + "Style" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Form" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-theme.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-theme.json new file mode 100644 index 0000000000..3336f4d63a --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-amplifyuibuilder-theme.json @@ -0,0 +1,149 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ThemeValue": { + "additionalProperties": false, + "properties": { + "Children": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ThemeValues": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "$ref": "#/definitions/ThemeValue" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Theme Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:CreateTheme", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:DeleteTheme", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:ListThemes" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:UpdateTheme", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Values": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "Name", + "Values" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "taggable": true, + "typeName": "AWS::AmplifyUIBuilder::Theme" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-guardduty-filter.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-guardduty-filter.json deleted file mode 100644 index 0c0c488266..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-guardduty-filter.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DetectorId", - "/properties/Name" - ], - "definitions": { - "Condition": { - "additionalProperties": false, - "properties": { - "Eq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Equals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "GreaterThan": { - "type": "integer" - }, - "GreaterThanOrEqual": { - "type": "integer" - }, - "Gt": { - "type": "integer" - }, - "Gte": { - "type": "integer" - }, - "LessThan": { - "type": "integer" - }, - "LessThanOrEqual": { - "type": "integer" - }, - "Lt": { - "type": "integer" - }, - "Lte": { - "type": "integer" - }, - "Neq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "NotEquals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "type": "object" - }, - "ItemType": { - "$ref": "#/definitions/Condition" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::GuardDuty::Filter", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Action": { - "enum": [ - "NOOP", - "ARCHIVE" - ], - "type": "string" - }, - "Description": { - "type": "string" - }, - "DetectorId": { - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/FindingCriteria" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "Rank": { - "type": "integer" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Action", - "Description", - "DetectorId", - "FindingCriteria", - "Rank", - "Name" - ], - "typeName": "AWS::GuardDuty::Filter" -} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-redshift-cluster.json index c29bc2abdf..c475c20974 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -279,7 +280,7 @@ "type": "boolean" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py b/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py index b2213a6133..0566a56fc9 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py @@ -95,6 +95,7 @@ "AWS::SageMaker::ModelPackage", "AWS::EventSchemas::Discoverer", "AWS::ElastiCache::UserGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::ApiGateway::RestApi", "AWS::OpsWorks::ElasticLoadBalancerAttachment", @@ -113,6 +114,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -319,6 +321,7 @@ "AWS::ElasticLoadBalancingV2::TrustStoreRevocation", "AWS::NetworkFirewall::Firewall", "AWS::EventSchemas::Schema", + "AWS::M2::Application", "AWS::KMS::ReplicaKey", "AWS::Redshift::ClusterSecurityGroup", "AWS::ECR::PullThroughCacheRule", @@ -334,6 +337,7 @@ "AWS::SecretsManager::Secret", "AWS::Route53Resolver::ResolverConfig", "AWS::ElastiCache::User", + "AWS::SageMaker::Image", "AWS::Logs::SubscriptionFilter", "AWS::CodeDeploy::Application", "AWS::IoT::TopicRule", @@ -351,11 +355,13 @@ "AWS::Lambda::LayerVersion", "AWS::RDS::OptionGroup", "AWS::OpsWorks::UserProfile", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::SSM::MaintenanceWindow", "AWS::LakeFormation::TagAssociation", "AWS::EC2::IPAMResourceDiscovery", + "AWS::M2::Environment", "AWS::ImageBuilder::InfrastructureConfiguration", "AWS::CloudFormation::WaitCondition", "AWS::Route53Resolver::ResolverEndpoint", @@ -580,6 +586,7 @@ "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-route53resolver-resolverruleassociation.json", @@ -593,6 +600,7 @@ "aws-sagemaker-modelpackage.json", "aws-eventschemas-discoverer.json", "aws-elasticache-usergroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-opsworks-elasticloadbalancerattachment.json", "aws-s3objectlambda-accesspointpolicy.json", @@ -608,10 +616,11 @@ "aws-sns-topic.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", + "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-iam-role.json", "aws-events-apidestination.json", @@ -683,6 +692,7 @@ "aws-efs-filesystem.json", "aws-logs-querydefinition.json", "aws-datasync-locationnfs.json", + "aws-sagemaker-domain.json", "aws-certificatemanager-certificate.json", "aws-sdb-domain.json", "aws-ec2-subnetroutetableassociation.json", @@ -774,17 +784,18 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-xray-group.json", "aws-oam-link.json", "aws-elasticloadbalancingv2-truststorerevocation.json", "aws-networkfirewall-firewall.json", "aws-eventschemas-schema.json", + "aws-m2-application.json", "aws-kms-replicakey.json", "aws-redshift-clustersecuritygroup.json", "aws-ecr-pullthroughcacherule.json", "aws-glue-mltransform.json", "aws-datasync-locationefs.json", + "aws-sagemaker-appimageconfig.json", "aws-elasticloadbalancingv2-targetgroup.json", "aws-applicationautoscaling-scalingpolicy.json", "aws-pipes-pipe.json", @@ -793,6 +804,7 @@ "aws-secretsmanager-secret.json", "aws-route53resolver-resolverconfig.json", "aws-elasticache-user.json", + "aws-sagemaker-image.json", "aws-logs-subscriptionfilter.json", "aws-codedeploy-application.json", "aws-lakeformation-principalpermissions.json", @@ -809,9 +821,11 @@ "aws-lambda-layerversion.json", "aws-rds-optiongroup.json", "aws-opsworks-userprofile.json", + "aws-logs-delivery.json", "aws-ssm-maintenancewindow.json", "aws-lakeformation-tagassociation.json", "aws-ec2-ipamresourcediscovery.json", + "aws-m2-environment.json", "aws-imagebuilder-infrastructureconfiguration.json", "aws-route53resolver-resolverendpoint.json", "aws-ec2-subnetnetworkaclassociation.json", @@ -919,7 +933,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-pcaconnectorad-serviceprincipalname.json", diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-host.json index b343142e92..6ea413000b 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-app.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-app.json deleted file mode 100644 index feab2f5346..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-app.json +++ /dev/null @@ -1,221 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/AppName", - "/properties/AppType", - "/properties/DomainId", - "/properties/UserProfileName", - "/properties/Tags", - "/properties/ResourceSpec" - ], - "definitions": { - "ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "description": "The instance type that the image version runs on.", - "enum": [ - "system", - "ml.t3.micro", - "ml.t3.small", - "ml.t3.medium", - "ml.t3.large", - "ml.t3.xlarge", - "ml.t3.2xlarge", - "ml.m5.large", - "ml.m5.xlarge", - "ml.m5.2xlarge", - "ml.m5.4xlarge", - "ml.m5.8xlarge", - "ml.m5.12xlarge", - "ml.m5.16xlarge", - "ml.m5.24xlarge", - "ml.c5.large", - "ml.c5.xlarge", - "ml.c5.2xlarge", - "ml.c5.4xlarge", - "ml.c5.9xlarge", - "ml.c5.12xlarge", - "ml.c5.18xlarge", - "ml.c5.24xlarge", - "ml.p3.2xlarge", - "ml.p3.8xlarge", - "ml.p3.16xlarge", - "ml.g4dn.xlarge", - "ml.g4dn.2xlarge", - "ml.g4dn.4xlarge", - "ml.g4dn.8xlarge", - "ml.g4dn.12xlarge", - "ml.g4dn.16xlarge", - "ml.r5.large", - "ml.r5.xlarge", - "ml.r5.2xlarge", - "ml.r5.4xlarge", - "ml.r5.8xlarge", - "ml.r5.12xlarge", - "ml.r5.16xlarge", - "ml.r5.24xlarge", - "ml.p3dn.24xlarge", - "ml.m5d.large", - "ml.m5d.xlarge", - "ml.m5d.2xlarge", - "ml.m5d.4xlarge", - "ml.m5d.8xlarge", - "ml.m5d.12xlarge", - "ml.m5d.16xlarge", - "ml.m5d.24xlarge", - "ml.g5.xlarge", - "ml.g5.2xlarge", - "ml.g5.4xlarge", - "ml.g5.8xlarge", - "ml.g5.12xlarge", - "ml.g5.16xlarge", - "ml.g5.24xlarge", - "ml.g5.48xlarge", - "ml.p4d.24xlarge", - "ml.p4de.24xlarge", - "ml.geospatial.interactive", - "ml.trn1.2xlarge", - "ml.trn1.32xlarge", - "ml.trn1n.32xlarge" - ], - "type": "string" - }, - "SageMakerImageArn": { - "description": "The ARN of the SageMaker image that the image version belongs to.", - "maxLength": 256, - "minLength": 1, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image/[a-z0-9]([-.]?[a-z0-9])*$", - "type": "string" - }, - "SageMakerImageVersionArn": { - "description": "The ARN of the image version created on the instance.", - "maxLength": 256, - "minLength": 1, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image-version/[a-z0-9]([-.]?[a-z0-9])*/[0-9]+$", - "type": "string" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 128, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::SageMaker::App", - "handlers": { - "create": { - "permissions": [ - "sagemaker:CreateApp", - "sagemaker:DescribeApp" - ] - }, - "delete": { - "permissions": [ - "sagemaker:DeleteApp", - "sagemaker:DescribeApp" - ] - }, - "list": { - "permissions": [ - "sagemaker:ListApps" - ] - }, - "read": { - "permissions": [ - "sagemaker:DescribeApp", - "sagemaker:DescribeApp" - ] - } - }, - "primaryIdentifier": [ - "/properties/AppName", - "/properties/AppType", - "/properties/DomainId", - "/properties/UserProfileName" - ], - "properties": { - "AppArn": { - "description": "The Amazon Resource Name (ARN) of the app.", - "maxLength": 256, - "minLength": 1, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:app/.*", - "type": "string" - }, - "AppName": { - "description": "The name of the app.", - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - }, - "AppType": { - "description": "The type of app.", - "enum": [ - "JupyterServer", - "KernelGateway", - "RStudioServerPro", - "RSessionGateway", - "Canvas" - ], - "type": "string" - }, - "DomainId": { - "description": "The domain ID.", - "maxLength": 63, - "minLength": 1, - "type": "string" - }, - "ResourceSpec": { - "$ref": "#/definitions/ResourceSpec", - "description": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance." - }, - "Tags": { - "description": "A list of tags to apply to the app.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "UserProfileName": { - "description": "The user profile name.", - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/AppArn" - ], - "required": [ - "AppName", - "AppType", - "DomainId", - "UserProfileName" - ], - "typeName": "AWS::SageMaker::App", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py index f297df607c..1d6fde4e05 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py @@ -307,6 +307,7 @@ "AWS::GroundStation::MissionProfile", "AWS::CloudFormation::CustomResource", "AWS::FIS::TargetAccountConfiguration", + "AWS::Glue::TableOptimizer", "AWS::RefactorSpaces::Route", "AWS::KinesisAnalytics::ApplicationOutput", "AWS::WAFv2::RuleGroup", @@ -797,6 +798,7 @@ "AWS::AppStream::Entitlement", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1243,7 +1245,6 @@ "aws-fms-resourceset.json", "aws-cognito-userpooldomain.json", "aws-autoscaling-autoscalinggroup.json", - "aws-wafv2-regexpatternset.json", "aws-eks-fargateprofile.json", "aws-workspacesweb-networksettings.json", "aws-route53-dnssec.json", @@ -1395,9 +1396,7 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", - "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-greengrass-subscriptiondefinition.json", "aws-greengrass-group.json", @@ -1445,6 +1444,7 @@ "aws-groundstation-missionprofile.json", "aws-cloudformation-customresource.json", "aws-fis-targetaccountconfiguration.json", + "aws-glue-tableoptimizer.json", "aws-refactorspaces-route.json", "aws-kinesisanalytics-applicationoutput.json", "aws-wafv2-rulegroup.json", @@ -1865,6 +1865,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-supportapp-slackworkspaceconfiguration.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", @@ -1931,6 +1932,7 @@ "aws-appstream-entitlement.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_west_1/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-ipset.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-ipset.json new file mode 100644 index 0000000000..9181872206 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-ipset.json @@ -0,0 +1,166 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the IPSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the IPSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "IPAddress": { + "description": "IP address", + "maxLength": 50, + "minLength": 1, + "type": "string" + }, + "IPAddressVersion": { + "description": "Type of addresses in the IPSet, use IPV4 for IPV4 IP addresses, IPV6 for IPV6 address.", + "enum": [ + "IPV4", + "IPV6" + ], + "type": "string" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront IPSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of IP addresses. This can be either IPV4 or IPV6. The list will be mutually", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteIPSet", + "wafv2:GetIPSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listIPSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Addresses": { + "description": "List of IPAddresses.", + "items": { + "$ref": "#/definitions/IPAddress" + }, + "type": "array" + }, + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "IPAddressVersion": { + "$ref": "#/definitions/IPAddressVersion" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Addresses", + "IPAddressVersion", + "Scope" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::IPSet" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-regexpatternset.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-regexpatternset.json new file mode 100644 index 0000000000..e5467bfd54 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-wafv2-regexpatternset.json @@ -0,0 +1,134 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of Regular expressions based on the provided inputs. RegexPatternSet can be used with other WAF entities with RegexPatternSetReferenceStatement to perform other actions .", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteRegexPatternSet", + "wafv2:GetRegexPatternSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listRegexPatternSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Description": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "Id": { + "description": "Id of the RegexPatternSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "Name": { + "description": "Name of the RegexPatternSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "RegularExpressionList": { + "items": { + "maxLength": 200, + "minLength": 0, + "type": "string" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Scope", + "RegularExpressionList" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::RegexPatternSet" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py b/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py index 8cb2c2ddf5..5a7945db9c 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py @@ -195,6 +195,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -231,6 +232,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -710,6 +712,7 @@ "AWS::Glue::Schema", "AWS::DataZone::Environment", "AWS::DocDB::DBSubnetGroup", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::WorkSpacesWeb::TrustStore", "AWS::CustomerProfiles::Domain", @@ -748,6 +751,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1259,6 +1263,7 @@ "aws-networkmanager-connectpeer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1295,6 +1300,7 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", @@ -1302,7 +1308,6 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", @@ -1554,6 +1559,7 @@ "aws-datasync-locationazureblob.json", "aws-logs-logstream.json", "aws-dms-replicationsubnetgroup.json", + "aws-aps-rulegroupsnamespace.json", "aws-s3outposts-bucket.json", "aws-workspacesweb-identityprovider.json", "aws-route53-recordsetgroup.json", @@ -1691,7 +1697,6 @@ "aws-transfer-agreement.json", "aws-lightsail-certificate.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1735,6 +1740,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-supportapp-slackworkspaceconfiguration.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", @@ -1760,6 +1766,7 @@ "aws-glue-schema.json", "aws-datazone-environment.json", "aws-docdb-dbsubnetgroup.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-workspacesweb-truststore.json", "aws-customerprofiles-domain.json", @@ -1798,6 +1805,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -2001,7 +2009,6 @@ "aws-apigatewayv2-routeresponse.json", "aws-quicksight-topic.json", "aws-cloudwatch-metricstream.json", - "aws-location-geofencecollection.json", "aws-ssm-parameter.json", "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_2/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/eu_west_2/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_west_2/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_2/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/eu_west_2/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_2/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_2/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-location-geofencecollection.json new file mode 100644 index 0000000000..bb905fef3f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_2/aws-location-geofencecollection.json @@ -0,0 +1,174 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CollectionName", + "/properties/KmsKeyId" + ], + "definitions": { + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::GeofenceCollection Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "kms:*" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteGeofenceCollection", + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "list": { + "permissions": [ + "geo:ListGeofenceCollections", + "kms:*" + ] + }, + "read": { + "permissions": [ + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "update": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "geo:UpdateGeofenceCollection", + "kms:*" + ] + } + }, + "primaryIdentifier": [ + "/properties/CollectionName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CollectionArn", + "/properties/Arn", + "/properties/CreateTime", + "/properties/UpdateTime" + ], + "required": [ + "CollectionName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::GeofenceCollection" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py b/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py index 27f879267f..fc5eaff1ae 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py @@ -625,6 +625,7 @@ "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1073,7 +1074,6 @@ "aws-ec2-vpnconnectionroute.json", "aws-kafkaconnect-connector.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-ssm-document.json", @@ -1388,7 +1388,6 @@ "aws-transfer-agreement.json", "aws-lightsail-certificate.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1430,6 +1429,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", "aws-mediaconvert-preset.json", @@ -1476,6 +1476,7 @@ "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1674,7 +1675,6 @@ "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", "aws-codeartifact-domain.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_3/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_west_3/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_3/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_3/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_3/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/me_central_1/__init__.py b/src/cfnlint/data/schemas/providers/me_central_1/__init__.py index 6a6d526228..ae11e7c072 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/me_central_1/__init__.py @@ -102,6 +102,7 @@ "AWS::EventSchemas::Discoverer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -123,6 +124,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -387,6 +389,7 @@ "AWS::Lambda::LayerVersion", "AWS::RDS::OptionGroup", "AWS::OpsWorks::UserProfile", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", @@ -635,6 +638,7 @@ "aws-msk-cluster.json", "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-route53resolver-resolverruleassociation.json", @@ -649,6 +653,7 @@ "aws-eventschemas-discoverer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-opsworks-elasticloadbalancerattachment.json", @@ -667,11 +672,11 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-ssm-document.json", "aws-iam-role.json", @@ -702,7 +707,6 @@ "aws-iot-resourcespecificlogging.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-cloudfront-publickey.json", @@ -860,7 +864,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", "aws-oam-link.json", @@ -901,6 +904,7 @@ "aws-lambda-layerversion.json", "aws-rds-optiongroup.json", "aws-opsworks-userprofile.json", + "aws-logs-delivery.json", "aws-iot-policy.json", "aws-ssm-maintenancewindow.json", "aws-lakeformation-tagassociation.json", @@ -941,6 +945,7 @@ "aws-ec2-placementgroup.json", "aws-organizations-account.json", "aws-ecr-repository.json", + "aws-iot-fleetmetric.json", "aws-mediaconnect-flowsource.json", "aws-appconfig-extension.json", "aws-elasticloadbalancingv2-listenerrule.json", @@ -1025,7 +1030,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-pcaconnectorad-serviceprincipalname.json", diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-host.json index b343142e92..6ea413000b 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-iot-fleetmetric.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-iot-fleetmetric.json deleted file mode 100644 index 8c25d4941d..0000000000 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-iot-fleetmetric.json +++ /dev/null @@ -1,164 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/MetricName" - ], - "definitions": { - "AggregationType": { - "additionalProperties": false, - "description": "Aggregation types supported by Fleet Indexing", - "properties": { - "Name": { - "description": "Fleet Indexing aggregation type names such as Statistics, Percentiles and Cardinality", - "type": "string" - }, - "Values": { - "description": "Fleet Indexing aggregation type values", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource", - "properties": { - "Key": { - "description": "The tag's key", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The tag's value", - "maxLength": 256, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "An aggregated metric of certain devices in your fleet", - "handlers": { - "create": { - "permissions": [ - "iot:CreateFleetMetric" - ] - }, - "delete": { - "permissions": [ - "iot:DeleteFleetMetric" - ] - }, - "list": { - "permissions": [ - "iot:ListFleetMetrics" - ] - }, - "read": { - "permissions": [ - "iot:DescribeFleetMetric", - "iot:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "iot:UpdateFleetMetric", - "iot:ListTagsForResource", - "iot:UntagResource", - "iot:TagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/MetricName" - ], - "properties": { - "AggregationField": { - "description": "The aggregation field to perform aggregation and metric emission", - "type": "string" - }, - "AggregationType": { - "$ref": "#/definitions/AggregationType" - }, - "CreationDate": { - "description": "The creation date of a fleet metric", - "type": "number" - }, - "Description": { - "description": "The description of a fleet metric", - "type": "string" - }, - "IndexName": { - "description": "The index name of a fleet metric", - "type": "string" - }, - "LastModifiedDate": { - "description": "The last modified date of a fleet metric", - "type": "number" - }, - "MetricArn": { - "description": "The Amazon Resource Number (ARN) of a fleet metric metric", - "type": "string" - }, - "MetricName": { - "description": "The name of the fleet metric", - "type": "string" - }, - "Period": { - "description": "The period of metric emission in seconds", - "type": "integer" - }, - "QueryString": { - "description": "The Fleet Indexing query used by a fleet metric", - "type": "string" - }, - "QueryVersion": { - "description": "The version of a Fleet Indexing query used by a fleet metric", - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - }, - "Unit": { - "description": "The unit of data points emitted by a fleet metric", - "type": "string" - }, - "Version": { - "description": "The version of a fleet metric", - "type": "number" - } - }, - "readOnlyProperties": [ - "/properties/MetricArn", - "/properties/CreationDate", - "/properties/LastModifiedDate", - "/properties/Version" - ], - "required": [ - "MetricName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-iot.git", - "taggable": true, - "typeName": "AWS::IoT::FleetMetric" -} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-opsworks-instance.json index 4f09c87902..7e172a15c1 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-redshift-cluster.json index 960e8bdfee..f04ae8ba95 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/MasterUsername", @@ -127,7 +128,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "type": "string" }, "NumberOfNodes": { diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/me_south_1/__init__.py b/src/cfnlint/data/schemas/providers/me_south_1/__init__.py index 7a63771c71..8337827ad2 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/me_south_1/__init__.py @@ -537,6 +537,7 @@ "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -767,10 +768,10 @@ "aws-shield-proactiveengagement.json", "aws-apigateway-basepathmapping.json", "aws-s3-accessgrantslocation.json", + "aws-guardduty-filter.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", "aws-dms-replicationconfig.json", - "aws-dynamodb-table.json", "aws-ec2-securitygroupegress.json", "aws-ec2-localgatewayroutetablevpcassociation.json", "aws-config-organizationconfigrule.json", @@ -829,7 +830,6 @@ "aws-cognito-identitypoolroleattachment.json", "aws-route53-recordset.json", "aws-eks-accessentry.json", - "aws-amplifyuibuilder-form.json", "aws-elasticache-securitygroup.json", "aws-backup-framework.json", "aws-opsworks-layer.json", @@ -860,6 +860,7 @@ "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", "aws-opsworks-instance.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-cloudformation-moduleversion.json", @@ -909,11 +910,11 @@ "aws-sns-topic.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", + "aws-sagemaker-app.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-ssm-document.json", "aws-iam-role.json", @@ -955,7 +956,6 @@ "aws-networkfirewall-loggingconfiguration.json", "aws-glue-classifier.json", "aws-codedeploy-deploymentgroup.json", - "aws-amplifyuibuilder-component.json", "aws-sagemaker-inferenceexperiment.json", "aws-cloudformation-stackset.json", "aws-ec2-route.json", @@ -967,7 +967,6 @@ "aws-iot-resourcespecificlogging.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", "aws-resourceexplorer2-view.json", @@ -984,6 +983,7 @@ "aws-appsync-functionconfiguration.json", "aws-ec2-spotfleet.json", "aws-glue-schemaversion.json", + "aws-sagemaker-space.json", "aws-iot-policyprincipalattachment.json", "aws-fms-notificationchannel.json", "aws-msk-batchscramsecret.json", @@ -1003,7 +1003,6 @@ "aws-detective-graph.json", "aws-servicecatalog-portfolioshare.json", "aws-networkmanager-customergatewayassociation.json", - "aws-iam-servercertificate.json", "aws-iot-securityprofile.json", "aws-events-eventbus.json", "aws-sqs-queueinlinepolicy.json", @@ -1039,6 +1038,7 @@ "aws-datasync-locationnfs.json", "aws-amplify-domain.json", "aws-kinesisanalyticsv2-applicationoutput.json", + "aws-sagemaker-domain.json", "aws-certificatemanager-certificate.json", "aws-glue-schemaversionmetadata.json", "aws-sdb-domain.json", @@ -1089,7 +1089,6 @@ "aws-kinesis-stream.json", "aws-backup-reportplan.json", "aws-batch-jobdefinition.json", - "aws-iam-samlprovider.json", "aws-cloudfront-keygroup.json", "aws-ec2-networkinterfaceattachment.json", "aws-glue-customentitytype.json", @@ -1106,7 +1105,6 @@ "aws-iam-grouppolicy.json", "aws-scheduler-schedule.json", "aws-waf-bytematchset.json", - "aws-amplifyuibuilder-theme.json", "aws-neptune-dbclusterparametergroup.json", "aws-emrserverless-application.json", "aws-ec2-host.json", @@ -1182,7 +1180,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", "aws-oam-link.json", @@ -1201,6 +1198,7 @@ "aws-datasync-locationefs.json", "aws-ec2-localgatewayroutetable.json", "aws-apigateway-resource.json", + "aws-sagemaker-appimageconfig.json", "aws-verifiedpermissions-identitysource.json", "aws-macie-session.json", "aws-elasticloadbalancingv2-targetgroup.json", @@ -1254,6 +1252,7 @@ "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1283,6 +1282,7 @@ "aws-rds-eventsubscription.json", "aws-config-aggregationauthorization.json", "aws-datasync-agent.json", + "aws-cognito-userpoolidentityprovider.json", "aws-resiliencehub-resiliencypolicy.json", "aws-iot-dimension.json", "aws-logs-loggroup.json", @@ -1336,7 +1336,6 @@ "aws-ec2-flowlog.json", "aws-emr-step.json", "aws-ssm-association.json", - "aws-ec2-clientvpnendpoint.json", "aws-cloudfront-responseheaderspolicy.json", "aws-securityhub-automationrule.json", "aws-msk-clusterpolicy.json", @@ -1395,7 +1394,6 @@ "aws-config-deliverychannel.json", "aws-certificatemanager-account.json", "aws-sagemaker-monitoringschedule.json", - "aws-iam-oidcprovider.json", "aws-lakeformation-tag.json", "aws-ce-anomalymonitor.json", "aws-servicecatalogappregistry-resourceassociation.json", @@ -1419,7 +1417,6 @@ "aws-servicecatalog-cloudformationproduct.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", @@ -1450,4 +1447,5 @@ "aws-redshift-eventsubscription.json", "aws-cloudformation-waitconditionhandle.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-component.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-component.json new file mode 100644 index 0000000000..7a6e22ebe4 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-component.json @@ -0,0 +1,567 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "ActionParameters": { + "additionalProperties": false, + "properties": { + "Anchor": { + "$ref": "#/definitions/ComponentProperty" + }, + "Fields": { + "$ref": "#/definitions/ComponentProperties" + }, + "Global": { + "$ref": "#/definitions/ComponentProperty" + }, + "Id": { + "$ref": "#/definitions/ComponentProperty" + }, + "Model": { + "type": "string" + }, + "State": { + "$ref": "#/definitions/MutationActionSetStateParameter" + }, + "Target": { + "$ref": "#/definitions/ComponentProperty" + }, + "Type": { + "$ref": "#/definitions/ComponentProperty" + }, + "Url": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentBindingProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentBindingPropertiesValue" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValue": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingPropertiesValueProperties" + }, + "DefaultValue": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValueProperties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "Field": { + "type": "string" + }, + "Key": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Predicates": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "UserAttribute": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentChild": { + "additionalProperties": false, + "properties": { + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "ComponentType": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Name": { + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + } + }, + "required": [ + "ComponentType", + "Name", + "Properties" + ], + "type": "object" + }, + "ComponentCollectionProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentDataConfiguration" + } + }, + "type": "object" + }, + "ComponentConditionProperty": { + "additionalProperties": false, + "properties": { + "Else": { + "$ref": "#/definitions/ComponentProperty" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "OperandType": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Then": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentDataConfiguration": { + "additionalProperties": false, + "properties": { + "Identifiers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Model": { + "type": "string" + }, + "Predicate": { + "$ref": "#/definitions/Predicate" + }, + "Sort": { + "items": { + "$ref": "#/definitions/SortProperty" + }, + "type": "array" + } + }, + "required": [ + "Model" + ], + "type": "object" + }, + "ComponentEvent": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/ActionParameters" + } + }, + "type": "object" + }, + "ComponentEvents": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentEvent" + } + }, + "type": "object" + }, + "ComponentOverrides": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentOverridesValue" + } + }, + "type": "object" + }, + "ComponentOverridesValue": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentProperty": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "Bindings": { + "$ref": "#/definitions/FormBindings" + }, + "CollectionBindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "ComponentName": { + "type": "string" + }, + "Concat": { + "items": { + "$ref": "#/definitions/ComponentProperty" + }, + "type": "array" + }, + "Condition": { + "$ref": "#/definitions/ComponentConditionProperty" + }, + "Configured": { + "type": "boolean" + }, + "DefaultValue": { + "type": "string" + }, + "Event": { + "type": "string" + }, + "ImportedValue": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Type": { + "type": "string" + }, + "UserAttribute": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentPropertyBindingProperties": { + "additionalProperties": false, + "properties": { + "Field": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Property" + ], + "type": "object" + }, + "ComponentVariant": { + "additionalProperties": false, + "properties": { + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "VariantValues": { + "$ref": "#/definitions/ComponentVariantValues" + } + }, + "type": "object" + }, + "ComponentVariantValues": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "FormBindingElement": { + "additionalProperties": false, + "properties": { + "Element": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Element", + "Property" + ], + "type": "object" + }, + "FormBindings": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FormBindingElement" + } + }, + "type": "object" + }, + "MutationActionSetStateParameter": { + "additionalProperties": false, + "properties": { + "ComponentName": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Set": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "required": [ + "ComponentName", + "Property", + "Set" + ], + "type": "object" + }, + "Predicate": { + "additionalProperties": false, + "properties": { + "And": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Or": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + } + }, + "type": "object" + }, + "SortDirection": { + "enum": [ + "ASC", + "DESC" + ], + "type": "string" + }, + "SortProperty": { + "additionalProperties": false, + "properties": { + "Direction": { + "$ref": "#/definitions/SortDirection" + }, + "Field": { + "type": "string" + } + }, + "required": [ + "Direction", + "Field" + ], + "type": "object" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Component Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:CreateComponent", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:DeleteComponent", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:ListComponents" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:UpdateComponent", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingProperties" + }, + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "CollectionProperties": { + "$ref": "#/definitions/ComponentCollectionProperties" + }, + "ComponentType": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + }, + "SchemaVersion": { + "type": "string" + }, + "SourceId": { + "type": "string" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Variants": { + "items": { + "$ref": "#/definitions/ComponentVariant" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "BindingProperties", + "ComponentType", + "Name", + "Overrides", + "Properties", + "Variants" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Component" +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-form.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-form.json new file mode 100644 index 0000000000..673b10c7af --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-form.json @@ -0,0 +1,546 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "FieldConfig": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "InputType": { + "$ref": "#/definitions/FieldInputConfig" + }, + "Label": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Validations": { + "items": { + "$ref": "#/definitions/FieldValidationConfiguration" + }, + "type": "array" + } + }, + "type": "object" + }, + "FieldInputConfig": { + "additionalProperties": false, + "properties": { + "DefaultChecked": { + "type": "boolean" + }, + "DefaultCountryCode": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "DescriptiveText": { + "type": "string" + }, + "FileUploaderConfig": { + "$ref": "#/definitions/FileUploaderFieldConfig" + }, + "IsArray": { + "type": "boolean" + }, + "MaxValue": { + "type": "number" + }, + "MinValue": { + "type": "number" + }, + "Name": { + "type": "string" + }, + "Placeholder": { + "type": "string" + }, + "ReadOnly": { + "type": "boolean" + }, + "Required": { + "type": "boolean" + }, + "Step": { + "type": "number" + }, + "Type": { + "type": "string" + }, + "Value": { + "type": "string" + }, + "ValueMappings": { + "$ref": "#/definitions/ValueMappings" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldPosition": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Fixed": { + "$ref": "#/definitions/FixedPosition" + } + }, + "required": [ + "Fixed" + ], + "title": "Fixed", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "RightOf": { + "type": "string" + } + }, + "required": [ + "RightOf" + ], + "title": "RightOf", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Below": { + "type": "string" + } + }, + "required": [ + "Below" + ], + "title": "Below", + "type": "object" + } + ] + }, + "FieldValidationConfiguration": { + "additionalProperties": false, + "properties": { + "NumValues": { + "items": { + "type": "number" + }, + "type": "array" + }, + "StrValues": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Type": { + "type": "string" + }, + "ValidationMessage": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldsMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FieldConfig" + } + }, + "type": "object" + }, + "FileUploaderFieldConfig": { + "additionalProperties": false, + "properties": { + "AcceptedFileTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "AccessLevel": { + "$ref": "#/definitions/StorageAccessLevel" + }, + "IsResumable": { + "type": "boolean" + }, + "MaxFileCount": { + "type": "number" + }, + "MaxSize": { + "type": "number" + }, + "ShowThumbnails": { + "type": "boolean" + } + }, + "required": [ + "AcceptedFileTypes", + "AccessLevel" + ], + "type": "object" + }, + "FixedPosition": { + "enum": [ + "first" + ], + "type": "string" + }, + "FormActionType": { + "enum": [ + "create", + "update" + ], + "type": "string" + }, + "FormButton": { + "additionalProperties": false, + "properties": { + "Children": { + "type": "string" + }, + "Excluded": { + "type": "boolean" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + } + }, + "type": "object" + }, + "FormButtonsPosition": { + "enum": [ + "top", + "bottom", + "top_and_bottom" + ], + "type": "string" + }, + "FormCTA": { + "additionalProperties": false, + "properties": { + "Cancel": { + "$ref": "#/definitions/FormButton" + }, + "Clear": { + "$ref": "#/definitions/FormButton" + }, + "Position": { + "$ref": "#/definitions/FormButtonsPosition" + }, + "Submit": { + "$ref": "#/definitions/FormButton" + } + }, + "type": "object" + }, + "FormDataSourceType": { + "enum": [ + "DataStore", + "Custom" + ], + "type": "string" + }, + "FormDataTypeConfig": { + "additionalProperties": false, + "properties": { + "DataSourceType": { + "$ref": "#/definitions/FormDataSourceType" + }, + "DataTypeName": { + "type": "string" + } + }, + "required": [ + "DataSourceType", + "DataTypeName" + ], + "type": "object" + }, + "FormInputValueProperty": { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "FormStyle": { + "additionalProperties": false, + "properties": { + "HorizontalGap": { + "$ref": "#/definitions/FormStyleConfig" + }, + "OuterPadding": { + "$ref": "#/definitions/FormStyleConfig" + }, + "VerticalGap": { + "$ref": "#/definitions/FormStyleConfig" + } + }, + "type": "object" + }, + "FormStyleConfig": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "TokenReference": { + "type": "string" + } + }, + "required": [ + "TokenReference" + ], + "title": "TokenReference", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "required": [ + "Value" + ], + "title": "Value", + "type": "object" + } + ] + }, + "LabelDecorator": { + "enum": [ + "required", + "optional", + "none" + ], + "type": "string" + }, + "SectionalElement": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "Level": { + "type": "number" + }, + "Orientation": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Text": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "SectionalElementMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/SectionalElement" + } + }, + "type": "object" + }, + "StorageAccessLevel": { + "enum": [ + "public", + "protected", + "private" + ], + "type": "string" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ValueMapping": { + "additionalProperties": false, + "properties": { + "DisplayValue": { + "$ref": "#/definitions/FormInputValueProperty" + }, + "Value": { + "$ref": "#/definitions/FormInputValueProperty" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "ValueMappings": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/ValueMapping" + }, + "type": "array" + } + }, + "required": [ + "Values" + ], + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Form Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:CreateForm", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:DeleteForm", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:ListForms" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:UpdateForm", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "Cta": { + "$ref": "#/definitions/FormCTA" + }, + "DataType": { + "$ref": "#/definitions/FormDataTypeConfig" + }, + "EnvironmentName": { + "type": "string" + }, + "Fields": { + "$ref": "#/definitions/FieldsMap" + }, + "FormActionType": { + "$ref": "#/definitions/FormActionType" + }, + "Id": { + "type": "string" + }, + "LabelDecorator": { + "$ref": "#/definitions/LabelDecorator" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "SchemaVersion": { + "type": "string" + }, + "SectionalElements": { + "$ref": "#/definitions/SectionalElementMap" + }, + "Style": { + "$ref": "#/definitions/FormStyle" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "DataType", + "Fields", + "FormActionType", + "Name", + "SchemaVersion", + "SectionalElements", + "Style" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Form" +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-theme.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-theme.json new file mode 100644 index 0000000000..3336f4d63a --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-amplifyuibuilder-theme.json @@ -0,0 +1,149 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ThemeValue": { + "additionalProperties": false, + "properties": { + "Children": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ThemeValues": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "$ref": "#/definitions/ThemeValue" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Theme Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:CreateTheme", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:DeleteTheme", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:ListThemes" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:UpdateTheme", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Values": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "Name", + "Values" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "taggable": true, + "typeName": "AWS::AmplifyUIBuilder::Theme" +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-cognito-userpoolidentityprovider.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-cognito-userpoolidentityprovider.json deleted file mode 100644 index ba52781eae..0000000000 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-cognito-userpoolidentityprovider.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/UserPoolId", - "/properties/ProviderName", - "/properties/ProviderType" - ], - "description": "Resource Type definition for AWS::Cognito::UserPoolIdentityProvider", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AttributeMapping": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "Id": { - "type": "string" - }, - "IdpIdentifiers": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "ProviderDetails": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "ProviderName": { - "type": "string" - }, - "ProviderType": { - "type": "string" - }, - "UserPoolId": { - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "ProviderName", - "UserPoolId", - "ProviderDetails", - "ProviderType" - ], - "typeName": "AWS::Cognito::UserPoolIdentityProvider" -} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-clientvpnendpoint.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-clientvpnendpoint.json new file mode 100644 index 0000000000..7c71724312 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-clientvpnendpoint.json @@ -0,0 +1,250 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/TransportProtocol", + "/properties/ClientCidrBlock", + "/properties/TagSpecifications", + "/properties/AuthenticationOptions" + ], + "definitions": { + "CertificateAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "ClientRootCertificateChainArn": { + "type": "string" + } + }, + "required": [ + "ClientRootCertificateChainArn" + ], + "type": "object" + }, + "ClientAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "ActiveDirectory": { + "$ref": "#/definitions/DirectoryServiceAuthenticationRequest" + }, + "FederatedAuthentication": { + "$ref": "#/definitions/FederatedAuthenticationRequest" + }, + "MutualAuthentication": { + "$ref": "#/definitions/CertificateAuthenticationRequest" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "ClientConnectOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "LambdaFunctionArn": { + "type": "string" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "ClientLoginBannerOptions": { + "additionalProperties": false, + "properties": { + "BannerText": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "ClientRouteMonitoringOptions": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "ConnectionLogOptions": { + "additionalProperties": false, + "properties": { + "CloudwatchLogGroup": { + "type": "string" + }, + "CloudwatchLogStream": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "DirectoryServiceAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "DirectoryId": { + "type": "string" + } + }, + "required": [ + "DirectoryId" + ], + "type": "object" + }, + "FederatedAuthenticationRequest": { + "additionalProperties": false, + "properties": { + "SAMLProviderArn": { + "type": "string" + }, + "SelfServiceSAMLProviderArn": { + "type": "string" + } + }, + "required": [ + "SAMLProviderArn" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "properties": { + "ResourceType": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "ResourceType", + "Tags" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::ClientVpnEndpoint", + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "AuthenticationOptions": { + "items": { + "$ref": "#/definitions/ClientAuthenticationRequest" + }, + "type": "array", + "uniqueItems": false + }, + "ClientCidrBlock": { + "type": "string" + }, + "ClientConnectOptions": { + "$ref": "#/definitions/ClientConnectOptions" + }, + "ClientLoginBannerOptions": { + "$ref": "#/definitions/ClientLoginBannerOptions" + }, + "ClientRouteMonitoringOptions": { + "$ref": "#/definitions/ClientRouteMonitoringOptions" + }, + "ConnectionLogOptions": { + "$ref": "#/definitions/ConnectionLogOptions" + }, + "Description": { + "type": "string" + }, + "DnsServers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Id": { + "type": "string" + }, + "SecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SelfServicePortal": { + "type": "string" + }, + "ServerCertificateArn": { + "type": "string" + }, + "SessionTimeoutHours": { + "type": "integer" + }, + "SplitTunnel": { + "type": "boolean" + }, + "TagSpecifications": { + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "TransportProtocol": { + "type": "string" + }, + "VpcId": { + "type": "string" + }, + "VpnPort": { + "type": "integer" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "ClientCidrBlock", + "ConnectionLogOptions", + "AuthenticationOptions", + "ServerCertificateArn" + ], + "typeName": "AWS::EC2::ClientVpnEndpoint" +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-guardduty-filter.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-guardduty-filter.json deleted file mode 100644 index 0c0c488266..0000000000 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-guardduty-filter.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DetectorId", - "/properties/Name" - ], - "definitions": { - "Condition": { - "additionalProperties": false, - "properties": { - "Eq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Equals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "GreaterThan": { - "type": "integer" - }, - "GreaterThanOrEqual": { - "type": "integer" - }, - "Gt": { - "type": "integer" - }, - "Gte": { - "type": "integer" - }, - "LessThan": { - "type": "integer" - }, - "LessThanOrEqual": { - "type": "integer" - }, - "Lt": { - "type": "integer" - }, - "Lte": { - "type": "integer" - }, - "Neq": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "NotEquals": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "FindingCriteria": { - "additionalProperties": false, - "properties": { - "Criterion": { - "type": "object" - }, - "ItemType": { - "$ref": "#/definitions/Condition" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::GuardDuty::Filter", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Action": { - "enum": [ - "NOOP", - "ARCHIVE" - ], - "type": "string" - }, - "Description": { - "type": "string" - }, - "DetectorId": { - "type": "string" - }, - "FindingCriteria": { - "$ref": "#/definitions/FindingCriteria" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "Rank": { - "type": "integer" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Action", - "Description", - "DetectorId", - "FindingCriteria", - "Rank", - "Name" - ], - "typeName": "AWS::GuardDuty::Filter" -} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-oidcprovider.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-oidcprovider.json new file mode 100644 index 0000000000..5a24049269 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-oidcprovider.json @@ -0,0 +1,125 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Url" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IAM::OIDCProvider", + "handlers": { + "create": { + "permissions": [ + "iam:CreateOpenIDConnectProvider", + "iam:TagOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider" + ] + }, + "delete": { + "permissions": [ + "iam:DeleteOpenIDConnectProvider" + ] + }, + "list": { + "permissions": [ + "iam:ListOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider" + ] + }, + "read": { + "permissions": [ + "iam:GetOpenIDConnectProvider" + ] + }, + "update": { + "permissions": [ + "iam:UpdateOpenIDConnectProviderThumbprint", + "iam:RemoveClientIDFromOpenIDConnectProvider", + "iam:AddClientIDToOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider", + "iam:TagOpenIDConnectProvider", + "iam:UntagOpenIDConnectProvider", + "iam:ListOpenIDConnectProviderTags" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "description": "Amazon Resource Name (ARN) of the OIDC provider", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ClientIdList": { + "insertionOrder": false, + "items": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "ThumbprintList": { + "insertionOrder": false, + "items": { + "maxLength": 40, + "minLength": 40, + "pattern": "[0-9A-Fa-f]{40}", + "type": "string" + }, + "maxItems": 5, + "type": "array" + }, + "Url": { + "maxLength": 255, + "minLength": 1, + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "required": [ + "ThumbprintList" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IAM::OIDCProvider" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-aps-rulegroupsnamespace.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-samlprovider.json similarity index 50% rename from src/cfnlint/data/schemas/providers/eu_west_2/aws-aps-rulegroupsnamespace.json rename to src/cfnlint/data/schemas/providers/me_south_1/aws-iam-samlprovider.json index 8d00c4be37..9b8efe6834 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_2/aws-aps-rulegroupsnamespace.json +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-samlprovider.json @@ -17,61 +17,49 @@ "Value": { "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 0, + "minLength": 1, "type": "string" } }, "required": [ - "Key", - "Value" + "Value", + "Key" ], "type": "object" } }, - "description": "RuleGroupsNamespace schema for cloudformation.", + "description": "Resource Type definition for AWS::IAM::SAMLProvider", "handlers": { "create": { "permissions": [ - "aps:CreateRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource" + "iam:CreateSAMLProvider", + "iam:GetSAMLProvider", + "iam:TagSAMLProvider" ] }, "delete": { "permissions": [ - "aps:DeleteRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace" + "iam:DeleteSAMLProvider" ] }, "list": { - "handlerSchema": { - "properties": { - "Arn": { - "$ref": "resource-schema.json#/properties/Workspace" - } - }, - "required": [ - "Arn" - ] - }, "permissions": [ - "aps:ListRuleGroupsNamespaces", - "aps:ListTagsForResource" + "iam:ListSAMLProviders", + "iam:GetSAMLProvider" ] }, "read": { "permissions": [ - "aps:DescribeRuleGroupsNamespace", - "aps:ListTagsForResource" + "iam:GetSAMLProvider" ] }, "update": { "permissions": [ - "aps:PutRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource", - "aps:UntagResource", - "aps:ListTagsForResource" + "iam:UpdateSAMLProvider", + "iam:GetSAMLProvider", + "iam:TagSAMLProvider", + "iam:ListSAMLProviderTags", + "iam:UntagSAMLProvider" ] } }, @@ -80,50 +68,42 @@ ], "properties": { "Arn": { - "description": "The RuleGroupsNamespace ARN.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:rulegroupsnamespace/[a-zA-Z0-9-]+/[0-9A-Za-z][-.0-9A-Z_a-z]*$", - "type": "string" - }, - "Data": { - "description": "The RuleGroupsNamespace data.", + "description": "Amazon Resource Name (ARN) of the SAML provider", + "maxLength": 1600, + "minLength": 1, "type": "string" }, "Name": { - "description": "The RuleGroupsNamespace name.", - "maxLength": 64, + "maxLength": 128, "minLength": 1, + "pattern": "[\\w._-]+", + "type": "string" + }, + "SamlMetadataDocument": { + "maxLength": 10000000, + "minLength": 1000, "type": "string" }, "Tags": { - "description": "An array of key-value pairs to apply to this resource.", "insertionOrder": false, "items": { "$ref": "#/definitions/Tag" }, "type": "array", - "uniqueItems": true - }, - "Workspace": { - "description": "Required to identify a specific APS Workspace associated with this RuleGroupsNamespace.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$", - "type": "string" + "uniqueItems": false } }, "readOnlyProperties": [ "/properties/Arn" ], "required": [ - "Workspace", - "Data", - "Name" + "SamlMetadataDocument" ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-aps", "tagging": { - "cloudFormationSystemTags": true, + "cloudFormationSystemTags": false, "tagOnCreate": true, - "tagProperty": "/properties/Tags", "tagUpdatable": true, "taggable": true }, - "typeName": "AWS::APS::RuleGroupsNamespace" + "typeName": "AWS::IAM::SAMLProvider" } diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-servercertificate.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-servercertificate.json new file mode 100644 index 0000000000..5eadc526d8 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-iam-servercertificate.json @@ -0,0 +1,132 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ServerCertificateName", + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IAM::ServerCertificate", + "handlers": { + "create": { + "permissions": [ + "iam:UploadServerCertificate", + "iam:TagServerCertificate", + "iam:GetServerCertificate" + ] + }, + "delete": { + "permissions": [ + "iam:DeleteServerCertificate" + ] + }, + "list": { + "permissions": [ + "iam:ListServerCertificates", + "iam:GetServerCertificate" + ] + }, + "read": { + "permissions": [ + "iam:GetServerCertificate" + ] + }, + "update": { + "permissions": [ + "iam:TagServerCertificate", + "iam:UntagServerCertificate", + "iam:ListServerCertificateTags", + "iam:GetServerCertificate" + ] + } + }, + "primaryIdentifier": [ + "/properties/ServerCertificateName" + ], + "properties": { + "Arn": { + "description": "Amazon Resource Name (ARN) of the server certificate", + "maxLength": 1600, + "minLength": 1, + "type": "string" + }, + "CertificateBody": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "CertificateChain": { + "maxLength": 2097152, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "Path": { + "maxLength": 512, + "minLength": 1, + "pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)", + "type": "string" + }, + "PrivateKey": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "ServerCertificateName": { + "maxLength": 128, + "minLength": 1, + "pattern": "[\\w+=,.@-]+", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IAM::ServerCertificate", + "writeOnlyProperties": [ + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-redshift-cluster.json index c29bc2abdf..c475c20974 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -279,7 +280,7 @@ "type": "boolean" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-domain.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-domain.json deleted file mode 100644 index 6db1ab7299..0000000000 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-domain.json +++ /dev/null @@ -1,814 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/AuthMode", - "/properties/DomainName", - "/properties/DomainSettings/RStudioServerProDomainSettings/DefaultResourceSpec", - "/properties/KmsKeyId", - "/properties/VpcId", - "/properties/Tags" - ], - "definitions": { - "CodeEditorAppSettings": { - "additionalProperties": false, - "description": "The CodeEditor app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec", - "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app." - }, - "LifecycleConfigArns": { - "description": "A list of LifecycleConfigArns available for use with CodeEditor apps.", - "items": { - "$ref": "#/definitions/StudioLifecycleConfigArn" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension.", - "maxLength": 256, - "pattern": "^https://([.\\-_a-zA-Z0-9]+/?){3,1016}$", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "CustomFileSystemConfig": { - "additionalProperties": false, - "properties": { - "EFSFileSystemConfig": { - "$ref": "#/definitions/EFSFileSystemConfig" - } - }, - "type": "object" - }, - "CustomImage": { - "additionalProperties": false, - "description": "A custom SageMaker image.", - "properties": { - "AppImageConfigName": { - "description": "The Name of the AppImageConfig.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - }, - "ImageName": { - "description": "The name of the CustomImage. Must be unique to your account.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$", - "type": "string" - }, - "ImageVersionNumber": { - "description": "The version number of the CustomImage.", - "minimum": 0, - "type": "integer" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "CustomPosixUserConfig": { - "additionalProperties": false, - "properties": { - "Gid": { - "maximum": 4000000, - "minimum": 1001, - "type": "integer" - }, - "Uid": { - "maximum": 4000000, - "minimum": 10000, - "type": "integer" - } - }, - "required": [ - "Uid", - "Gid" - ], - "type": "object" - }, - "DefaultEbsStorageSettings": { - "additionalProperties": false, - "description": "Properties related to the Amazon Elastic Block Store volume. Must be provided if storage type is Amazon EBS and must not be provided if storage type is not Amazon EBS", - "properties": { - "DefaultEbsVolumeSizeInGb": { - "$ref": "#/definitions/SpaceEbsVolumeSizeInGb", - "description": "Default size of the Amazon EBS volume in Gb" - }, - "MaximumEbsVolumeSizeInGb": { - "$ref": "#/definitions/SpaceEbsVolumeSizeInGb", - "description": "Maximum size of the Amazon EBS volume in Gb. Must be greater than or equal to the DefaultEbsVolumeSizeInGb." - } - }, - "required": [ - "DefaultEbsVolumeSizeInGb", - "MaximumEbsVolumeSizeInGb" - ], - "type": "object" - }, - "DefaultSpaceSettings": { - "additionalProperties": false, - "description": "A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the Create/Update Domain API is called.", - "properties": { - "ExecutionRole": { - "description": "The execution role for the space.", - "maxLength": 2048, - "minLength": 20, - "pattern": "^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$", - "type": "string" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/JupyterServerAppSettings", - "description": "The Jupyter server's app settings." - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/KernelGatewayAppSettings", - "description": "The kernel gateway app settings." - }, - "SecurityGroups": { - "description": "The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.", - "insertionOrder": false, - "items": { - "maxLength": 32, - "pattern": "[-0-9a-zA-Z]+", - "type": "string" - }, - "maxItems": 5, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "ExecutionRole" - ], - "type": "object" - }, - "DefaultSpaceStorageSettings": { - "additionalProperties": false, - "description": "Default storage settings for a space.", - "properties": { - "DefaultEbsStorageSettings": { - "$ref": "#/definitions/DefaultEbsStorageSettings" - } - }, - "type": "object" - }, - "DockerSettings": { - "additionalProperties": false, - "description": "A collection of settings that are required to start docker-proxy server.", - "properties": { - "EnableDockerAccess": { - "description": "The flag to enable/disable docker-proxy server", - "enum": [ - "ENABLED", - "DISABLED" - ], - "type": "string" - }, - "VpcOnlyTrustedAccounts": { - "description": "A list of account id's that would be used to pull images from in VpcOnly mode", - "insertionOrder": false, - "items": { - "maxLength": 12, - "pattern": "^[0-9]$", - "type": "string" - }, - "maxItems": 10, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "DomainSettings": { - "additionalProperties": false, - "description": "A collection of Domain settings.", - "properties": { - "DockerSettings": { - "$ref": "#/definitions/DockerSettings" - }, - "RStudioServerProDomainSettings": { - "$ref": "#/definitions/RStudioServerProDomainSettings" - }, - "SecurityGroupIds": { - "description": "The security groups for the Amazon Virtual Private Cloud that the Domain uses for communication between Domain-level apps and user apps.", - "insertionOrder": false, - "items": { - "maxLength": 32, - "pattern": "[-0-9a-zA-Z]+", - "type": "string" - }, - "maxItems": 3, - "minItems": 1, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "EFSFileSystemConfig": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "maxLength": 21, - "minLength": 11, - "pattern": "^(fs-[0-9a-f]{8,})$", - "type": "string" - }, - "FileSystemPath": { - "maxLength": 256, - "minLength": 1, - "pattern": "^\\/\\S*$", - "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "JupyterLabAppSettings": { - "additionalProperties": false, - "description": "The JupyterLab app settings.", - "properties": { - "CodeRepositories": { - "description": "A list of CodeRepositories available for use with JupyterLab apps.", - "items": { - "$ref": "#/definitions/CodeRepository" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "CustomImages": { - "description": "A list of custom images for use for JupyterLab apps.", - "items": { - "$ref": "#/definitions/CustomImage" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec", - "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app." - }, - "LifecycleConfigArns": { - "description": "A list of LifecycleConfigArns available for use with JupyterLab apps.", - "items": { - "$ref": "#/definitions/StudioLifecycleConfigArn" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "JupyterServerAppSettings": { - "additionalProperties": false, - "description": "The JupyterServer app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "KernelGatewayAppSettings": { - "additionalProperties": false, - "description": "The kernel gateway app settings.", - "properties": { - "CustomImages": { - "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/CustomImage" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec", - "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app." - } - }, - "type": "object" - }, - "RSessionAppSettings": { - "additionalProperties": false, - "description": "A collection of settings that apply to an RSessionGateway app.", - "properties": { - "CustomImages": { - "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/CustomImage" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "RStudioServerProAppSettings": { - "additionalProperties": false, - "description": "A collection of settings that configure user interaction with the RStudioServerPro app.", - "properties": { - "AccessStatus": { - "description": "Indicates whether the current user has access to the RStudioServerPro app.", - "enum": [ - "ENABLED", - "DISABLED" - ], - "type": "string" - }, - "UserGroup": { - "description": "The level of permissions that the user has within the RStudioServerPro app. This value defaults to User. The Admin value allows the user access to the RStudio Administrative Dashboard.", - "enum": [ - "R_STUDIO_ADMIN", - "R_STUDIO_USER" - ], - "type": "string" - } - }, - "type": "object" - }, - "RStudioServerProDomainSettings": { - "additionalProperties": false, - "description": "A collection of settings that update the current configuration for the RStudioServerPro Domain-level app.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - }, - "DomainExecutionRoleArn": { - "description": "The ARN of the execution role for the RStudioServerPro Domain-level app.", - "maxLength": 2048, - "minLength": 20, - "pattern": "^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$", - "type": "string" - }, - "RStudioConnectUrl": { - "description": "A URL pointing to an RStudio Connect server.", - "pattern": "^(https:|http:|www\\.)\\S*", - "type": "string" - }, - "RStudioPackageManagerUrl": { - "description": "A URL pointing to an RStudio Package Manager server.", - "pattern": "^(https:|http:|www\\.)\\S*", - "type": "string" - } - }, - "required": [ - "DomainExecutionRoleArn" - ], - "type": "object" - }, - "ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "description": "The instance type that the image version runs on.", - "enum": [ - "system", - "ml.t3.micro", - "ml.t3.small", - "ml.t3.medium", - "ml.t3.large", - "ml.t3.xlarge", - "ml.t3.2xlarge", - "ml.m5.large", - "ml.m5.xlarge", - "ml.m5.2xlarge", - "ml.m5.4xlarge", - "ml.m5.8xlarge", - "ml.m5.12xlarge", - "ml.m5.16xlarge", - "ml.m5.24xlarge", - "ml.c5.large", - "ml.c5.xlarge", - "ml.c5.2xlarge", - "ml.c5.4xlarge", - "ml.c5.9xlarge", - "ml.c5.12xlarge", - "ml.c5.18xlarge", - "ml.c5.24xlarge", - "ml.p3.2xlarge", - "ml.p3.8xlarge", - "ml.p3.16xlarge", - "ml.g4dn.xlarge", - "ml.g4dn.2xlarge", - "ml.g4dn.4xlarge", - "ml.g4dn.8xlarge", - "ml.g4dn.12xlarge", - "ml.g4dn.16xlarge", - "ml.r5.large", - "ml.r5.xlarge", - "ml.r5.2xlarge", - "ml.r5.4xlarge", - "ml.r5.8xlarge", - "ml.r5.12xlarge", - "ml.r5.16xlarge", - "ml.r5.24xlarge", - "ml.p3dn.24xlarge", - "ml.m5d.large", - "ml.m5d.xlarge", - "ml.m5d.2xlarge", - "ml.m5d.4xlarge", - "ml.m5d.8xlarge", - "ml.m5d.12xlarge", - "ml.m5d.16xlarge", - "ml.m5d.24xlarge", - "ml.g5.xlarge", - "ml.g5.2xlarge", - "ml.g5.4xlarge", - "ml.g5.8xlarge", - "ml.g5.12xlarge", - "ml.g5.16xlarge", - "ml.g5.24xlarge", - "ml.g5.48xlarge", - "ml.p4d.24xlarge", - "ml.p4de.24xlarge", - "ml.geospatial.interactive", - "ml.trn1.2xlarge", - "ml.trn1.32xlarge", - "ml.trn1n.32xlarge" - ], - "type": "string" - }, - "LifecycleConfigArn": { - "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource.", - "maxLength": 256, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:studio-lifecycle-config/.*", - "type": "string" - }, - "SageMakerImageArn": { - "description": "The Amazon Resource Name (ARN) of the SageMaker image that the image version belongs to.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image/[a-z0-9]([-.]?[a-z0-9])*$", - "type": "string" - }, - "SageMakerImageVersionArn": { - "description": "The Amazon Resource Name (ARN) of the image version created on the instance.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image-version/[a-z0-9]([-.]?[a-z0-9])*/[0-9]+$", - "type": "string" - } - }, - "type": "object" - }, - "SharingSettings": { - "additionalProperties": false, - "description": "Specifies options when sharing an Amazon SageMaker Studio notebook. These settings are specified as part of DefaultUserSettings when the CreateDomain API is called, and as part of UserSettings when the CreateUserProfile API is called.", - "properties": { - "NotebookOutputOption": { - "description": "Whether to include the notebook cell output when sharing the notebook. The default is Disabled.", - "enum": [ - "Allowed", - "Disabled" - ], - "type": "string" - }, - "S3KmsKeyId": { - "description": "When NotebookOutputOption is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", - "maxLength": 2048, - "pattern": ".*", - "type": "string" - }, - "S3OutputPath": { - "description": "When NotebookOutputOption is Allowed, the Amazon S3 bucket used to store the shared notebook snapshots.", - "maxLength": 1024, - "pattern": "^(https|s3)://([^/]+)/?(.*)$", - "type": "string" - } - }, - "type": "object" - }, - "SpaceEbsVolumeSizeInGb": { - "maximum": 16384, - "minimum": 5, - "type": "integer" - }, - "StudioLifecycleConfigArn": { - "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource.", - "maxLength": 256, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:studio-lifecycle-config/.*", - "type": "string" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 128, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "UserSettings": { - "additionalProperties": false, - "description": "A collection of settings that apply to users of Amazon SageMaker Studio. These settings are specified when the CreateUserProfile API is called, and as DefaultUserSettings when the CreateDomain API is called.", - "properties": { - "CodeEditorAppSettings": { - "$ref": "#/definitions/CodeEditorAppSettings" - }, - "CustomFileSystemConfigs": { - "items": { - "$ref": "#/definitions/CustomFileSystemConfig" - }, - "maxItems": 2, - "minItems": 0, - "type": "array", - "uniqueItems": true - }, - "CustomPosixUserConfig": { - "$ref": "#/definitions/CustomPosixUserConfig" - }, - "DefaultLandingUri": { - "description": "Defines which Amazon SageMaker application users are directed to by default.", - "maxLength": 1023, - "type": "string" - }, - "ExecutionRole": { - "description": "The execution role for the user.", - "maxLength": 2048, - "minLength": 20, - "pattern": "^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$", - "type": "string" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/JupyterLabAppSettings" - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/JupyterServerAppSettings", - "description": "The Jupyter server's app settings." - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/KernelGatewayAppSettings", - "description": "The kernel gateway app settings." - }, - "RSessionAppSettings": { - "$ref": "#/definitions/RSessionAppSettings" - }, - "RStudioServerProAppSettings": { - "$ref": "#/definitions/RStudioServerProAppSettings" - }, - "SecurityGroups": { - "description": "The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.", - "insertionOrder": false, - "items": { - "maxLength": 32, - "pattern": "[-0-9a-zA-Z]+", - "type": "string" - }, - "maxItems": 5, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "SharingSettings": { - "$ref": "#/definitions/SharingSettings", - "description": "The sharing settings." - }, - "SpaceStorageSettings": { - "$ref": "#/definitions/DefaultSpaceStorageSettings" - }, - "StudioWebPortal": { - "description": "Indicates whether the Studio experience is available to users. If not, users cannot access Studio.", - "enum": [ - "ENABLED", - "DISABLED" - ], - "type": "string" - } - }, - "required": [ - "ExecutionRole" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::SageMaker::Domain", - "handlers": { - "create": { - "permissions": [ - "sagemaker:CreateApp", - "sagemaker:CreateDomain", - "sagemaker:DescribeDomain", - "sagemaker:DescribeImage", - "sagemaker:DescribeImageVersion", - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "efs:CreateFileSystem", - "kms:CreateGrant", - "kms:Decrypt", - "kms:DescribeKey", - "kms:GenerateDataKeyWithoutPlainText" - ] - }, - "delete": { - "permissions": [ - "sagemaker:DeleteApp", - "sagemaker:DeleteDomain", - "sagemaker:DescribeDomain" - ] - }, - "list": { - "permissions": [ - "sagemaker:ListDomains" - ] - }, - "read": { - "permissions": [ - "sagemaker:DescribeDomain" - ] - }, - "update": { - "permissions": [ - "sagemaker:CreateApp", - "sagemaker:UpdateDomain", - "sagemaker:DescribeDomain", - "sagemaker:DescribeImage", - "sagemaker:DescribeImageVersion", - "iam:PassRole" - ] - } - }, - "primaryIdentifier": [ - "/properties/DomainId" - ], - "properties": { - "AppNetworkAccessType": { - "description": "Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly.", - "enum": [ - "PublicInternetOnly", - "VpcOnly" - ], - "type": "string" - }, - "AppSecurityGroupManagement": { - "description": "The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided.", - "enum": [ - "Service", - "Customer" - ], - "type": "string" - }, - "AuthMode": { - "description": "The mode of authentication that members use to access the domain.", - "enum": [ - "SSO", - "IAM" - ], - "type": "string" - }, - "DefaultSpaceSettings": { - "$ref": "#/definitions/DefaultSpaceSettings", - "description": "The default space settings." - }, - "DefaultUserSettings": { - "$ref": "#/definitions/UserSettings", - "description": "The default user settings." - }, - "DomainArn": { - "description": "The Amazon Resource Name (ARN) of the created domain.", - "maxLength": 256, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:domain/.*", - "type": "string" - }, - "DomainId": { - "description": "The domain name.", - "maxLength": 63, - "pattern": "^d-(-*[a-z0-9])+", - "type": "string" - }, - "DomainName": { - "description": "A name for the domain.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - }, - "DomainSettings": { - "$ref": "#/definitions/DomainSettings" - }, - "HomeEfsFileSystemId": { - "description": "The ID of the Amazon Elastic File System (EFS) managed by this Domain.", - "maxLength": 32, - "type": "string" - }, - "KmsKeyId": { - "description": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the domain with an AWS managed customer master key (CMK) by default.", - "maxLength": 2048, - "pattern": ".*", - "type": "string" - }, - "SecurityGroupIdForDomainBoundary": { - "description": "The ID of the security group that authorizes traffic between the RSessionGateway apps and the RStudioServerPro app.", - "maxLength": 32, - "pattern": "[-0-9a-zA-Z]+", - "type": "string" - }, - "SingleSignOnApplicationArn": { - "description": "The ARN of the application managed by SageMaker in IAM Identity Center. This value is only returned for domains created after October 1, 2023.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso::[0-9]+:application/[a-zA-Z0-9-_.]+/apl-[a-zA-Z0-9]+$", - "type": "string" - }, - "SingleSignOnManagedApplicationInstanceId": { - "description": "The SSO managed application instance ID.", - "maxLength": 256, - "type": "string" - }, - "SubnetIds": { - "description": "The VPC subnets that Studio uses for communication.", - "insertionOrder": false, - "items": { - "maxLength": 32, - "pattern": "[-0-9a-zA-Z]+", - "type": "string" - }, - "maxItems": 16, - "minItems": 1, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "description": "A list of tags to apply to the user profile.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "Url": { - "description": "The URL to the created domain.", - "maxLength": 1024, - "type": "string" - }, - "VpcId": { - "description": "The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.", - "maxLength": 32, - "pattern": "[-0-9a-zA-Z]+", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/DomainArn", - "/properties/Url", - "/properties/DomainId", - "/properties/HomeEfsFileSystemId", - "/properties/SecurityGroupIdForDomainBoundary", - "/properties/SingleSignOnManagedApplicationInstanceId", - "/properties/SingleSignOnApplicationArn" - ], - "required": [ - "AuthMode", - "DefaultUserSettings", - "DomainName", - "SubnetIds", - "VpcId" - ], - "typeName": "AWS::SageMaker::Domain", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-space.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-space.json deleted file mode 100644 index 8a05d4cb73..0000000000 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-space.json +++ /dev/null @@ -1,465 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DomainId", - "/properties/SpaceName", - "/properties/SpaceSharingSettings", - "/properties/OwnershipSettings" - ], - "definitions": { - "AppType": { - "enum": [ - "JupyterServer", - "KernelGateway", - "TensorBoard", - "RStudioServerPro", - "RSessionGateway", - "JupyterLab", - "CodeEditor" - ], - "type": "string" - }, - "CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension.", - "maxLength": 256, - "pattern": "^https://([.\\-_a-zA-Z0-9]+/?){3,1016}$", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "CustomFileSystem": { - "additionalProperties": false, - "properties": { - "EFSFileSystem": { - "$ref": "#/definitions/EFSFileSystem" - } - }, - "type": "object" - }, - "CustomFileSystems": { - "items": { - "$ref": "#/definitions/CustomFileSystem" - }, - "maxItems": 1, - "minItems": 0, - "type": "array", - "uniqueItems": true - }, - "CustomImage": { - "additionalProperties": false, - "description": "A custom SageMaker image.", - "properties": { - "AppImageConfigName": { - "description": "The Name of the AppImageConfig.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - }, - "ImageName": { - "description": "The name of the CustomImage. Must be unique to your account.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$", - "type": "string" - }, - "ImageVersionNumber": { - "description": "The version number of the CustomImage.", - "minimum": 0, - "type": "integer" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "EFSFileSystem": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "maxLength": 21, - "minLength": 11, - "pattern": "^(fs-[0-9a-f]{8,})$", - "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "EbsStorageSettings": { - "additionalProperties": false, - "description": "Properties related to the space's Amazon Elastic Block Store volume.", - "properties": { - "EbsVolumeSizeInGb": { - "$ref": "#/definitions/SpaceEbsVolumeSizeInGb", - "description": "Size of the Amazon EBS volume in Gb" - } - }, - "required": [ - "EbsVolumeSizeInGb" - ], - "type": "object" - }, - "JupyterServerAppSettings": { - "additionalProperties": false, - "description": "The JupyterServer app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "KernelGatewayAppSettings": { - "additionalProperties": false, - "description": "The kernel gateway app settings.", - "properties": { - "CustomImages": { - "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", - "items": { - "$ref": "#/definitions/CustomImage" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec", - "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app." - } - }, - "type": "object" - }, - "OwnershipSettings": { - "additionalProperties": false, - "properties": { - "OwnerUserProfileName": { - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - } - }, - "required": [ - "OwnerUserProfileName" - ], - "type": "object" - }, - "ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "description": "The instance type that the image version runs on.", - "enum": [ - "system", - "ml.t3.micro", - "ml.t3.small", - "ml.t3.medium", - "ml.t3.large", - "ml.t3.xlarge", - "ml.t3.2xlarge", - "ml.m5.large", - "ml.m5.xlarge", - "ml.m5.2xlarge", - "ml.m5.4xlarge", - "ml.m5.8xlarge", - "ml.m5.12xlarge", - "ml.m5.16xlarge", - "ml.m5.24xlarge", - "ml.c5.large", - "ml.c5.xlarge", - "ml.c5.2xlarge", - "ml.c5.4xlarge", - "ml.c5.9xlarge", - "ml.c5.12xlarge", - "ml.c5.18xlarge", - "ml.c5.24xlarge", - "ml.p3.2xlarge", - "ml.p3.8xlarge", - "ml.p3.16xlarge", - "ml.g4dn.xlarge", - "ml.g4dn.2xlarge", - "ml.g4dn.4xlarge", - "ml.g4dn.8xlarge", - "ml.g4dn.12xlarge", - "ml.g4dn.16xlarge", - "ml.r5.large", - "ml.r5.xlarge", - "ml.r5.2xlarge", - "ml.r5.4xlarge", - "ml.r5.8xlarge", - "ml.r5.12xlarge", - "ml.r5.16xlarge", - "ml.r5.24xlarge", - "ml.p3dn.24xlarge", - "ml.m5d.large", - "ml.m5d.xlarge", - "ml.m5d.2xlarge", - "ml.m5d.4xlarge", - "ml.m5d.8xlarge", - "ml.m5d.12xlarge", - "ml.m5d.16xlarge", - "ml.m5d.24xlarge", - "ml.g5.xlarge", - "ml.g5.2xlarge", - "ml.g5.4xlarge", - "ml.g5.8xlarge", - "ml.g5.12xlarge", - "ml.g5.16xlarge", - "ml.g5.24xlarge", - "ml.g5.48xlarge", - "ml.p4d.24xlarge", - "ml.p4de.24xlarge", - "ml.geospatial.interactive", - "ml.trn1.2xlarge", - "ml.trn1.32xlarge", - "ml.trn1n.32xlarge" - ], - "type": "string" - }, - "SageMakerImageArn": { - "description": "The ARN of the SageMaker image that the image version belongs to.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image/[a-z0-9]([-.]?[a-z0-9])*$", - "type": "string" - }, - "SageMakerImageVersionArn": { - "description": "The ARN of the image version created on the instance.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image-version/[a-z0-9]([-.]?[a-z0-9])*/[0-9]+$", - "type": "string" - } - }, - "type": "object" - }, - "SpaceCodeEditorAppSettings": { - "additionalProperties": false, - "description": "The CodeEditor app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "SpaceEbsVolumeSizeInGb": { - "maximum": 16384, - "minimum": 5, - "type": "integer" - }, - "SpaceJupyterLabAppSettings": { - "additionalProperties": false, - "description": "The JupyterServer app settings.", - "properties": { - "CodeRepositories": { - "description": "A list of CodeRepositories available for use with JupyterLab apps.", - "items": { - "$ref": "#/definitions/CodeRepository" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "SpaceSettings": { - "additionalProperties": false, - "description": "A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the CreateSpace API is called.", - "properties": { - "AppType": { - "$ref": "#/definitions/AppType" - }, - "CodeEditorAppSettings": { - "$ref": "#/definitions/SpaceCodeEditorAppSettings", - "description": "The CodeEditor app settings." - }, - "CustomFileSystems": { - "$ref": "#/definitions/CustomFileSystems" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/SpaceJupyterLabAppSettings", - "description": "The JupyterLab app settings." - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/JupyterServerAppSettings", - "description": "The Jupyter server's app settings." - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/KernelGatewayAppSettings", - "description": "The kernel gateway app settings." - }, - "SpaceStorageSettings": { - "$ref": "#/definitions/SpaceStorageSettings", - "description": "Default storage settings for a space." - } - }, - "type": "object" - }, - "SpaceSharingSettings": { - "additionalProperties": false, - "properties": { - "SharingType": { - "enum": [ - "Private", - "Shared" - ], - "type": "string" - } - }, - "required": [ - "SharingType" - ], - "type": "object" - }, - "SpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "EbsStorageSettings": { - "$ref": "#/definitions/EbsStorageSettings" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 128, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::SageMaker::Space", - "handlers": { - "create": { - "permissions": [ - "sagemaker:CreateSpace", - "sagemaker:DescribeSpace" - ] - }, - "delete": { - "permissions": [ - "sagemaker:DeleteSpace", - "sagemaker:DescribeSpace" - ] - }, - "list": { - "permissions": [ - "sagemaker:ListSpaces" - ] - }, - "read": { - "permissions": [ - "sagemaker:DescribeSpace" - ] - }, - "update": { - "permissions": [ - "sagemaker:UpdateSpace", - "sagemaker:DescribeSpace" - ] - } - }, - "primaryIdentifier": [ - "/properties/DomainId", - "/properties/SpaceName" - ], - "properties": { - "DomainId": { - "description": "The ID of the associated Domain.", - "maxLength": 63, - "minLength": 1, - "type": "string" - }, - "OwnershipSettings": { - "$ref": "#/definitions/OwnershipSettings" - }, - "SpaceArn": { - "description": "The space Amazon Resource Name (ARN).", - "maxLength": 256, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:space/.*", - "type": "string" - }, - "SpaceDisplayName": { - "maxLength": 64, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "SpaceName": { - "description": "A name for the Space.", - "maxLength": 63, - "minLength": 1, - "type": "string" - }, - "SpaceSettings": { - "$ref": "#/definitions/SpaceSettings", - "description": "A collection of settings.", - "maxItems": 50, - "minItems": 0, - "uniqueItems": false - }, - "SpaceSharingSettings": { - "$ref": "#/definitions/SpaceSharingSettings" - }, - "Tags": { - "description": "A list of tags to apply to the space.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "Url": { - "maxLength": 1024, - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/SpaceArn", - "/properties/Url" - ], - "required": [ - "DomainId", - "SpaceName" - ], - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::SageMaker::Space", - "writeOnlyProperties": [ - "/properties/SpaceSettings", - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py b/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py index 6d6d1eb8f2..30727e5470 100644 --- a/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py @@ -165,6 +165,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -196,6 +197,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -607,6 +609,7 @@ "AWS::Glue::Schema", "AWS::DataZone::Environment", "AWS::DocDB::DBSubnetGroup", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", @@ -635,6 +638,7 @@ "AWS::AppStream::Entitlement", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", "AWS::EC2::VerifiedAccessInstance", @@ -980,7 +984,6 @@ "aws-fms-resourceset.json", "aws-cognito-userpooldomain.json", "aws-autoscaling-autoscalinggroup.json", - "aws-wafv2-regexpatternset.json", "aws-eks-fargateprofile.json", "aws-route53-dnssec.json", "aws-redshift-endpointauthorization.json", @@ -1057,6 +1060,7 @@ "aws-eventschemas-discoverer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1087,6 +1091,7 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", @@ -1094,7 +1099,6 @@ "aws-gamelift-gameservergroup.json", "aws-ec2-internetgateway.json", "aws-ec2-gatewayroutetableassociation.json", - "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-ssm-document.json", "aws-iam-role.json", @@ -1132,7 +1136,6 @@ "aws-fis-targetaccountconfiguration.json", "aws-refactorspaces-route.json", "aws-kinesisanalytics-applicationoutput.json", - "aws-wafv2-rulegroup.json", "aws-sagemaker-modelpackagegroup.json", "aws-ses-configurationset.json", "aws-elasticache-parametergroup.json", @@ -1483,6 +1486,7 @@ "aws-glue-schema.json", "aws-datazone-environment.json", "aws-docdb-dbsubnetgroup.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-iot-policy.json", "aws-ec2-transitgatewayroute.json", @@ -1511,6 +1515,7 @@ "aws-appstream-entitlement.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", "aws-ec2-verifiedaccessinstance.json", @@ -1612,6 +1617,7 @@ "aws-ec2-transitgatewayvpcattachment.json", "aws-ec2-flowlog.json", "aws-events-endpoint.json", + "aws-amazonmq-broker.json", "aws-emr-step.json", "aws-ssm-association.json", "aws-ec2-clientvpnendpoint.json", @@ -1679,7 +1685,6 @@ "aws-mediapackage-channel.json", "aws-apigatewayv2-routeresponse.json", "aws-cloudwatch-metricstream.json", - "aws-location-geofencecollection.json", "aws-ssm-parameter.json", "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-amazonmq-broker.json deleted file mode 100644 index b71851eb27..0000000000 --- a/src/cfnlint/data/schemas/providers/sa_east_1/aws-amazonmq-broker.json +++ /dev/null @@ -1,341 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/BrokerName", - "/properties/StorageType", - "/properties/DeploymentMode", - "/properties/EngineType", - "/properties/SubnetIds", - "/properties/AuthenticationStrategy", - "/properties/EncryptionOptions", - "/properties/PubliclyAccessible" - ], - "definitions": { - "ConfigurationId": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - }, - "Revision": { - "type": "integer" - } - }, - "required": [ - "Revision", - "Id" - ], - "type": "object" - }, - "EncryptionOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "type": "string" - }, - "UseAwsOwnedKey": { - "type": "boolean" - } - }, - "required": [ - "UseAwsOwnedKey" - ], - "type": "object" - }, - "LdapServerMetadata": { - "additionalProperties": false, - "properties": { - "Hosts": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleBase": { - "type": "string" - }, - "RoleName": { - "type": "string" - }, - "RoleSearchMatching": { - "type": "string" - }, - "RoleSearchSubtree": { - "type": "boolean" - }, - "ServiceAccountPassword": { - "type": "string" - }, - "ServiceAccountUsername": { - "type": "string" - }, - "UserBase": { - "type": "string" - }, - "UserRoleName": { - "type": "string" - }, - "UserSearchMatching": { - "type": "string" - }, - "UserSearchSubtree": { - "type": "boolean" - } - }, - "required": [ - "Hosts", - "UserSearchMatching", - "UserBase", - "RoleSearchMatching", - "ServiceAccountUsername", - "RoleBase", - "ServiceAccountPassword" - ], - "type": "object" - }, - "LogList": { - "additionalProperties": false, - "properties": { - "Audit": { - "type": "boolean" - }, - "General": { - "type": "boolean" - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "additionalProperties": false, - "properties": { - "DayOfWeek": { - "type": "string" - }, - "TimeOfDay": { - "type": "string" - }, - "TimeZone": { - "type": "string" - } - }, - "required": [ - "DayOfWeek", - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "User": { - "additionalProperties": false, - "properties": { - "ConsoleAccess": { - "type": "boolean" - }, - "Groups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Username", - "Password" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::AmazonMQ::Broker", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AmqpEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Arn": { - "type": "string" - }, - "AuthenticationStrategy": { - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "type": "boolean" - }, - "BrokerName": { - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/ConfigurationId" - }, - "ConfigurationId": { - "type": "string" - }, - "ConfigurationRevision": { - "type": "integer" - }, - "DataReplicationMode": { - "type": "string" - }, - "DataReplicationPrimaryBrokerArn": { - "type": "string" - }, - "DeploymentMode": { - "enum": [ - "SINGLE_INSTANCE", - "ACTIVE_STANDBY_MULTI_AZ", - "CLUSTER_MULTI_AZ" - ], - "type": "string" - }, - "EncryptionOptions": { - "$ref": "#/definitions/EncryptionOptions" - }, - "EngineType": { - "enum": [ - "ACTIVEMQ", - "RABBITMQ" - ], - "type": "string" - }, - "EngineVersion": { - "type": "string" - }, - "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", - "type": "string" - }, - "Id": { - "type": "string" - }, - "IpAddresses": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "LdapServerMetadata": { - "$ref": "#/definitions/LdapServerMetadata" - }, - "Logs": { - "$ref": "#/definitions/LogList" - }, - "MaintenanceWindowStartTime": { - "$ref": "#/definitions/MaintenanceWindow" - }, - "MqttEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "OpenWireEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "PubliclyAccessible": { - "type": "boolean" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StompEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StorageType": { - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "items": { - "$ref": "#/definitions/TagsEntry" - }, - "type": "array", - "uniqueItems": false - }, - "Users": { - "items": { - "$ref": "#/definitions/User" - }, - "type": "array", - "uniqueItems": false - }, - "WssEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/IpAddresses", - "/properties/Id", - "/properties/MqttEndpoints", - "/properties/OpenWireEndpoints", - "/properties/ConfigurationId", - "/properties/ConfigurationRevision", - "/properties/StompEndpoints", - "/properties/WssEndpoints", - "/properties/AmqpEndpoints", - "/properties/Arn" - ], - "required": [ - "EngineVersion", - "DeploymentMode", - "HostInstanceType", - "EngineType", - "AutoMinorVersionUpgrade", - "Users", - "PubliclyAccessible", - "BrokerName" - ], - "typeName": "AWS::AmazonMQ::Broker" -} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-location-geofencecollection.json new file mode 100644 index 0000000000..bb905fef3f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/sa_east_1/aws-location-geofencecollection.json @@ -0,0 +1,174 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CollectionName", + "/properties/KmsKeyId" + ], + "definitions": { + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::GeofenceCollection Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "kms:*" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteGeofenceCollection", + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "list": { + "permissions": [ + "geo:ListGeofenceCollections", + "kms:*" + ] + }, + "read": { + "permissions": [ + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "update": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "geo:UpdateGeofenceCollection", + "kms:*" + ] + } + }, + "primaryIdentifier": [ + "/properties/CollectionName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CollectionArn", + "/properties/Arn", + "/properties/CreateTime", + "/properties/UpdateTime" + ], + "required": [ + "CollectionName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::GeofenceCollection" +} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/sa_east_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/sa_east_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-ipset.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-ipset.json new file mode 100644 index 0000000000..9181872206 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-ipset.json @@ -0,0 +1,166 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the IPSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the IPSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "IPAddress": { + "description": "IP address", + "maxLength": 50, + "minLength": 1, + "type": "string" + }, + "IPAddressVersion": { + "description": "Type of addresses in the IPSet, use IPV4 for IPV4 IP addresses, IPV6 for IPV6 address.", + "enum": [ + "IPV4", + "IPV6" + ], + "type": "string" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront IPSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of IP addresses. This can be either IPV4 or IPV6. The list will be mutually", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteIPSet", + "wafv2:GetIPSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listIPSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Addresses": { + "description": "List of IPAddresses.", + "items": { + "$ref": "#/definitions/IPAddress" + }, + "type": "array" + }, + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "IPAddressVersion": { + "$ref": "#/definitions/IPAddressVersion" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Addresses", + "IPAddressVersion", + "Scope" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::IPSet" +} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-regexpatternset.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-regexpatternset.json new file mode 100644 index 0000000000..e5467bfd54 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-regexpatternset.json @@ -0,0 +1,134 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of Regular expressions based on the provided inputs. RegexPatternSet can be used with other WAF entities with RegexPatternSetReferenceStatement to perform other actions .", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteRegexPatternSet", + "wafv2:GetRegexPatternSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listRegexPatternSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Description": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "Id": { + "description": "Id of the RegexPatternSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "Name": { + "description": "Name of the RegexPatternSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "RegularExpressionList": { + "items": { + "maxLength": 200, + "minLength": 0, + "type": "string" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Scope", + "RegularExpressionList" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::RegexPatternSet" +} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-rulegroup.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-rulegroup.json new file mode 100644 index 0000000000..ca7496f6ca --- /dev/null +++ b/src/cfnlint/data/schemas/providers/sa_east_1/aws-wafv2-rulegroup.json @@ -0,0 +1,1432 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "AllowAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "BlockAction": { + "additionalProperties": false, + "description": "Block traffic towards application.", + "properties": { + "CustomResponse": { + "$ref": "#/definitions/CustomResponse" + } + }, + "type": "object" + }, + "Body": { + "additionalProperties": false, + "description": "The body of a web request. This immediately follows the request headers.", + "properties": { + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "type": "object" + }, + "BodyParsingFallbackBehavior": { + "description": "The inspection behavior to fall back to if the JSON in the request body is invalid.", + "enum": [ + "MATCH", + "NO_MATCH", + "EVALUATE_AS_STRING" + ], + "type": "string" + }, + "ByteMatchStatement": { + "additionalProperties": false, + "description": "Byte Match statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "PositionalConstraint": { + "$ref": "#/definitions/PositionalConstraint" + }, + "SearchString": { + "$ref": "#/definitions/SearchString" + }, + "SearchStringBase64": { + "$ref": "#/definitions/SearchStringBase64" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "CaptchaAction": { + "additionalProperties": false, + "description": "Checks valid token exists with request.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "ChallengeAction": { + "additionalProperties": false, + "description": "Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "CookieMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request cookies.", + "properties": { + "All": { + "description": "Inspect all parts of the web request cookies.", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/CookieMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "CountAction": { + "additionalProperties": false, + "description": "Count traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CustomHTTPHeader": { + "additionalProperties": false, + "description": "HTTP header.", + "properties": { + "Name": { + "$ref": "#/definitions/CustomHTTPHeaderName" + }, + "Value": { + "$ref": "#/definitions/CustomHTTPHeaderValue" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "CustomHTTPHeaderName": { + "description": "HTTP header name.", + "maxLength": 64, + "minLength": 1, + "type": "string" + }, + "CustomHTTPHeaderValue": { + "description": "HTTP header value.", + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "CustomRequestHandling": { + "additionalProperties": false, + "description": "Custom request handling.", + "properties": { + "InsertHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "CustomResponse": { + "additionalProperties": false, + "description": "Custom response.", + "properties": { + "CustomResponseBodyKey": { + "description": "Custom response body key.", + "pattern": "^[\\w\\-]+$", + "type": "string" + }, + "ResponseCode": { + "$ref": "#/definitions/ResponseStatusCode" + }, + "ResponseHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "CustomResponseBodies": { + "additionalProperties": false, + "description": "Custom response key and body map.", + "minProperties": 1, + "patternProperties": { + "^[\\w\\-]+$": { + "$ref": "#/definitions/CustomResponseBody" + } + }, + "type": "object" + }, + "CustomResponseBody": { + "additionalProperties": false, + "description": "Custom response body.", + "properties": { + "Content": { + "$ref": "#/definitions/ResponseContent" + }, + "ContentType": { + "$ref": "#/definitions/ResponseContentType" + } + }, + "required": [ + "ContentType", + "Content" + ], + "type": "object" + }, + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the RuleGroup", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the RuleGroup.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "FieldToMatch": { + "additionalProperties": false, + "description": "Field of the request to match.", + "properties": { + "AllQueryArguments": { + "description": "All query arguments of a web request.", + "type": "object" + }, + "Body": { + "$ref": "#/definitions/Body" + }, + "Cookies": { + "$ref": "#/definitions/Cookies" + }, + "Headers": { + "$ref": "#/definitions/Headers" + }, + "JsonBody": { + "$ref": "#/definitions/JsonBody" + }, + "Method": { + "description": "The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform.", + "type": "object" + }, + "QueryString": { + "description": "The query string of a web request. This is the part of a URL that appears after a ? character, if any.", + "type": "object" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "description": "One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.", + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "UriPath": { + "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.", + "type": "object" + } + }, + "type": "object" + }, + "ForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior" + ], + "type": "object" + }, + "GeoMatchStatement": { + "additionalProperties": false, + "properties": { + "CountryCodes": { + "items": { + "maxLength": 2, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + } + }, + "type": "object" + }, + "HeaderMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request headers.", + "properties": { + "All": { + "description": "Inspect all parts of the web request headers.", + "type": "object" + }, + "ExcludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Headers": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/HeaderMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "IPSetForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + }, + "Position": { + "enum": [ + "FIRST", + "LAST", + "ANY" + ], + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior", + "Position" + ], + "type": "object" + }, + "IPSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/IPSetForwardedIPConfiguration" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "ImmunityTimeProperty": { + "additionalProperties": false, + "properties": { + "ImmunityTime": { + "maximum": 259200, + "minimum": 60, + "type": "integer" + } + }, + "required": [ + "ImmunityTime" + ], + "type": "object" + }, + "JsonBody": { + "additionalProperties": false, + "description": "Inspect the request body as JSON. The request body immediately follows the request headers.", + "properties": { + "InvalidFallbackBehavior": { + "$ref": "#/definitions/BodyParsingFallbackBehavior" + }, + "MatchPattern": { + "$ref": "#/definitions/JsonMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/JsonMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope" + ], + "type": "object" + }, + "JsonMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the JSON body.", + "properties": { + "All": { + "description": "Inspect all parts of the web request's JSON body.", + "type": "object" + }, + "IncludedPaths": { + "items": { + "$ref": "#/definitions/JsonPointerPath" + }, + "type": "array" + } + }, + "type": "object" + }, + "JsonMatchScope": { + "description": "The parts of the JSON to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "JsonPointerPath": { + "description": "JSON pointer path in the web request's JSON body", + "pattern": "^[\\/]+([^~]*(~[01])*){1,512}$", + "type": "string" + }, + "Label": { + "additionalProperties": false, + "properties": { + "Name": { + "$ref": "#/definitions/LabelName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "LabelMatchKey": { + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "LabelMatchScope": { + "enum": [ + "LABEL", + "NAMESPACE" + ], + "type": "string" + }, + "LabelMatchStatement": { + "additionalProperties": false, + "properties": { + "Key": { + "$ref": "#/definitions/LabelMatchKey" + }, + "Scope": { + "$ref": "#/definitions/LabelMatchScope" + } + }, + "required": [ + "Scope", + "Key" + ], + "type": "object" + }, + "LabelName": { + "description": "Name of the Label.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "LabelSummary": { + "additionalProperties": false, + "properties": { + "Name": { + "$ref": "#/definitions/LabelName" + } + }, + "type": "object" + }, + "MapMatchScope": { + "description": "The parts of the request to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Statement" + ], + "type": "object" + }, + "OrStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "OversizeHandling": { + "description": "Handling of requests containing oversize fields", + "enum": [ + "CONTINUE", + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "PositionalConstraint": { + "description": "Position of the evaluation in the FieldToMatch of request.", + "enum": [ + "EXACTLY", + "STARTS_WITH", + "ENDS_WITH", + "CONTAINS", + "CONTAINS_WORD" + ], + "type": "string" + }, + "RateBasedStatement": { + "additionalProperties": false, + "properties": { + "AggregateKeyType": { + "enum": [ + "IP", + "FORWARDED_IP", + "CONSTANT", + "CUSTOM_KEYS" + ], + "type": "string" + }, + "CustomKeys": { + "description": "Specifies the aggregate keys to use in a rate-base rule.", + "items": { + "$ref": "#/definitions/RateBasedStatementCustomKey" + }, + "maxItems": 5, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + }, + "Limit": { + "$ref": "#/definitions/RateLimit" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Limit", + "AggregateKeyType" + ], + "type": "object" + }, + "RateBasedStatementCustomKey": { + "additionalProperties": false, + "description": "Specifies a single custom aggregate key for a rate-base rule.", + "properties": { + "Cookie": { + "$ref": "#/definitions/RateLimitCookie" + }, + "ForwardedIP": { + "$ref": "#/definitions/RateLimitForwardedIP" + }, + "HTTPMethod": { + "$ref": "#/definitions/RateLimitHTTPMethod" + }, + "Header": { + "$ref": "#/definitions/RateLimitHeader" + }, + "IP": { + "$ref": "#/definitions/RateLimitIP" + }, + "LabelNamespace": { + "$ref": "#/definitions/RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/RateLimitUriPath" + } + }, + "type": "object" + }, + "RateLimit": { + "maximum": 2000000000, + "minimum": 100, + "type": "integer" + }, + "RateLimitCookie": { + "additionalProperties": false, + "description": "Specifies a cookie as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the cookie to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitForwardedIP": { + "description": "Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHTTPMethod": { + "description": "Specifies the request's HTTP method as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHeader": { + "additionalProperties": false, + "description": "Specifies a header as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the header to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitIP": { + "description": "Specifies the IP address in the web request as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitLabelNamespace": { + "additionalProperties": false, + "description": "Specifies a label namespace to use as an aggregate key for a rate-based rule.", + "properties": { + "Namespace": { + "description": "The namespace to use for aggregation.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "RateLimitQueryArgument": { + "additionalProperties": false, + "description": "Specifies a query argument in the request as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the query argument to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitQueryString": { + "additionalProperties": false, + "description": "Specifies the request's query string as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RateLimitUriPath": { + "additionalProperties": false, + "description": "Specifies the request's URI Path as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RegexMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "RegexString": { + "maxLength": 512, + "minLength": 1, + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "RegexString", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RegexPatternSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Arn", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ResponseContent": { + "description": "Response content.", + "maxLength": 10240, + "minLength": 1, + "type": "string" + }, + "ResponseContentType": { + "description": "Valid values are TEXT_PLAIN, TEXT_HTML, and APPLICATION_JSON.", + "enum": [ + "TEXT_PLAIN", + "TEXT_HTML", + "APPLICATION_JSON" + ], + "type": "string" + }, + "ResponseStatusCode": { + "description": "Custom response code.", + "maximum": 599, + "minimum": 200, + "type": "integer" + }, + "Rule": { + "additionalProperties": false, + "description": "Rule of RuleGroup that contains condition and action.", + "properties": { + "Action": { + "$ref": "#/definitions/RuleAction" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Priority": { + "$ref": "#/definitions/RulePriority" + }, + "RuleLabels": { + "description": "Collection of Rule Labels.", + "items": { + "$ref": "#/definitions/Label" + }, + "type": "array" + }, + "Statement": { + "$ref": "#/definitions/Statement" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "required": [ + "Name", + "Priority", + "Statement", + "VisibilityConfig" + ], + "type": "object" + }, + "RuleAction": { + "additionalProperties": false, + "description": "Action taken when Rule matches its condition.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + }, + "Captcha": { + "$ref": "#/definitions/CaptchaAction" + }, + "Challenge": { + "$ref": "#/definitions/ChallengeAction" + }, + "Count": { + "$ref": "#/definitions/CountAction" + } + }, + "type": "object" + }, + "RuleGroup": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "Capacity": { + "minimum": 0, + "type": "integer" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "type": "object" + }, + "RulePriority": { + "description": "Priority of the Rule, Rules get evaluated from lower to higher priority.", + "minimum": 0, + "type": "integer" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront RuleGroup, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "SearchString": { + "description": "String that is searched to find a match.", + "type": "string" + }, + "SearchStringBase64": { + "description": "Base64 encoded string that is searched to find a match.", + "type": "string" + }, + "SensitivityLevel": { + "description": "Sensitivity Level current only used for sqli match statements.", + "enum": [ + "LOW", + "HIGH" + ], + "type": "string" + }, + "SizeConstraintStatement": { + "additionalProperties": false, + "description": "Size Constraint statement.", + "properties": { + "ComparisonOperator": { + "enum": [ + "EQ", + "NE", + "LE", + "LT", + "GE", + "GT" + ], + "type": "string" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "Size": { + "maximum": 21474836480, + "minimum": 0, + "type": "number" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "ComparisonOperator", + "Size", + "TextTransformations" + ], + "type": "object" + }, + "SqliMatchStatement": { + "additionalProperties": false, + "description": "Sqli Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "SensitivityLevel": { + "$ref": "#/definitions/SensitivityLevel" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "Statement": { + "additionalProperties": false, + "description": "First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc", + "properties": { + "AndStatement": { + "$ref": "#/definitions/AndStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/LabelMatchStatement" + }, + "NotStatement": { + "$ref": "#/definitions/NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/RegexPatternSetReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/XssMatchStatement" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "TextTransformation": { + "additionalProperties": false, + "description": "Text Transformation on the Search String before match.", + "properties": { + "Priority": { + "$ref": "#/definitions/TextTransformationPriority" + }, + "Type": { + "$ref": "#/definitions/TextTransformationType" + } + }, + "required": [ + "Priority", + "Type" + ], + "type": "object" + }, + "TextTransformationPriority": { + "description": "Priority of Rule being evaluated.", + "minimum": 0, + "type": "integer" + }, + "TextTransformationType": { + "description": "Type of text transformation.", + "enum": [ + "NONE", + "COMPRESS_WHITE_SPACE", + "HTML_ENTITY_DECODE", + "LOWERCASE", + "CMD_LINE", + "URL_DECODE", + "BASE64_DECODE", + "HEX_DECODE", + "MD5", + "REPLACE_COMMENTS", + "ESCAPE_SEQ_DECODE", + "SQL_HEX_DECODE", + "CSS_DECODE", + "JS_DECODE", + "NORMALIZE_PATH", + "NORMALIZE_PATH_WIN", + "REMOVE_NULLS", + "REPLACE_NULLS", + "BASE64_DECODE_EXT", + "URL_DECODE_UNI", + "UTF8_TO_UNICODE" + ], + "type": "string" + }, + "VisibilityConfig": { + "additionalProperties": false, + "description": "Visibility Metric of the RuleGroup.", + "properties": { + "CloudWatchMetricsEnabled": { + "type": "boolean" + }, + "MetricName": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "SampledRequestsEnabled": { + "type": "boolean" + } + }, + "required": [ + "SampledRequestsEnabled", + "CloudWatchMetricsEnabled", + "MetricName" + ], + "type": "object" + }, + "XssMatchStatement": { + "additionalProperties": false, + "description": "Xss Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + } + }, + "description": "Contains the Rules that identify the requests that you want to allow, block, or count. In a RuleGroup, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a RuleGroup, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the RuleGroup with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a RuleGroup, a request needs to match only one of the specifications to be allowed, blocked, or counted.", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateRuleGroup", + "wafv2:GetRuleGroup", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteRuleGroup", + "wafv2:GetRuleGroup" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listRuleGroups" + ] + }, + "read": { + "permissions": [ + "wafv2:GetRuleGroup", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateRuleGroup", + "wafv2:GetRuleGroup", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "AvailableLabels": { + "description": "Collection of Available Labels.", + "items": { + "$ref": "#/definitions/LabelSummary" + }, + "type": "array" + }, + "Capacity": { + "minimum": 0, + "type": "integer" + }, + "ConsumedLabels": { + "description": "Collection of Consumed Labels.", + "items": { + "$ref": "#/definitions/LabelSummary" + }, + "type": "array" + }, + "CustomResponseBodies": { + "$ref": "#/definitions/CustomResponseBodies" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "LabelNamespace": { + "$ref": "#/definitions/LabelName" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id", + "/properties/LabelNamespace", + "/properties/AvailableLabels/*/Name", + "/properties/ConsumedLabels/*/Name" + ], + "required": [ + "Capacity", + "Scope", + "VisibilityConfig" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::RuleGroup" +} diff --git a/src/cfnlint/data/schemas/providers/us_east_1/__init__.py b/src/cfnlint/data/schemas/providers/us_east_1/__init__.py index f599449843..08cbd81bfe 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_east_1/__init__.py @@ -314,6 +314,7 @@ "AWS::GroundStation::MissionProfile", "AWS::CloudFormation::CustomResource", "AWS::FIS::TargetAccountConfiguration", + "AWS::Glue::TableOptimizer", "AWS::RefactorSpaces::Route", "AWS::NimbleStudio::LaunchProfile", "AWS::KinesisAnalytics::ApplicationOutput", @@ -846,6 +847,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-amazonmq-broker.json index 0ee3c082a1..17970dcc1b 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-amazonmq-broker.json @@ -233,7 +233,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-component.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-component.json index 7a6e22ebe4..c8f9879313 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-component.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-component.json @@ -1,7 +1,8 @@ { "additionalProperties": false, "createOnlyProperties": [ - "/properties/Tags" + "/properties/AppId", + "/properties/EnvironmentName" ], "definitions": { "ActionParameters": { @@ -85,6 +86,9 @@ }, "type": "array" }, + "SlotName": { + "type": "string" + }, "UserAttribute": { "type": "string" } @@ -111,6 +115,9 @@ }, "Properties": { "$ref": "#/definitions/ComponentProperties" + }, + "SourceId": { + "type": "string" } }, "required": [ @@ -189,6 +196,9 @@ "Action": { "type": "string" }, + "BindingEvent": { + "type": "string" + }, "Parameters": { "$ref": "#/definitions/ActionParameters" } @@ -381,6 +391,10 @@ "Operand": { "type": "string" }, + "OperandType": { + "pattern": "^boolean|string|number$", + "type": "string" + }, "Operator": { "type": "string" }, @@ -433,16 +447,16 @@ "create": { "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetComponent", "amplifyuibuilder:CreateComponent", + "amplifyuibuilder:GetComponent", "amplifyuibuilder:TagResource" ] }, "delete": { "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetComponent", "amplifyuibuilder:DeleteComponent", + "amplifyuibuilder:GetComponent", "amplifyuibuilder:UntagResource" ] }, @@ -463,7 +477,6 @@ }, "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetComponent", "amplifyuibuilder:ListComponents" ] }, @@ -477,8 +490,9 @@ "permissions": [ "amplify:GetApp", "amplifyuibuilder:GetComponent", - "amplifyuibuilder:UpdateComponent", - "amplifyuibuilder:TagResource" + "amplifyuibuilder:TagResource", + "amplifyuibuilder:UntagResource", + "amplifyuibuilder:UpdateComponent" ] } }, @@ -508,6 +522,10 @@ "minLength": 1, "type": "string" }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, "EnvironmentName": { "type": "string" }, @@ -517,6 +535,10 @@ "Id": { "type": "string" }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, "Name": { "maxLength": 255, "minLength": 1, @@ -545,22 +567,16 @@ } }, "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "BindingProperties", - "ComponentType", - "Name", - "Overrides", - "Properties", - "Variants" + "/properties/CreatedAt", + "/properties/Id", + "/properties/ModifiedAt" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", "tagging": { - "cloudFormationSystemTags": false, + "cloudFormationSystemTags": true, "tagOnCreate": true, - "tagProperty": "#/properties/Tags", - "tagUpdatable": false, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, "taggable": true }, "typeName": "AWS::AmplifyUIBuilder::Component" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-form.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-form.json index 673b10c7af..60bcf5dbe6 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-form.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-form.json @@ -1,7 +1,8 @@ { "additionalProperties": false, "createOnlyProperties": [ - "/properties/Tags" + "/properties/AppId", + "/properties/EnvironmentName" ], "definitions": { "FieldConfig": { @@ -272,15 +273,69 @@ ], "type": "object" }, + "FormInputBindingProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FormInputBindingPropertiesValue" + } + }, + "type": "object" + }, + "FormInputBindingPropertiesValue": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/FormInputBindingPropertiesValueProperties" + }, + "Type": { + "type": "string" + } + }, + "type": "object" + }, + "FormInputBindingPropertiesValueProperties": { + "additionalProperties": false, + "properties": { + "Model": { + "type": "string" + } + }, + "type": "object" + }, "FormInputValueProperty": { "additionalProperties": false, "properties": { + "BindingProperties": { + "$ref": "#/definitions/FormInputValuePropertyBindingProperties" + }, + "Concat": { + "items": { + "$ref": "#/definitions/FormInputValueProperty" + }, + "type": "array" + }, "Value": { "type": "string" } }, "type": "object" }, + "FormInputValuePropertyBindingProperties": { + "additionalProperties": false, + "properties": { + "Field": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Property" + ], + "type": "object" + }, "FormStyle": { "additionalProperties": false, "properties": { @@ -407,6 +462,9 @@ "ValueMappings": { "additionalProperties": false, "properties": { + "BindingProperties": { + "$ref": "#/definitions/FormInputBindingProperties" + }, "Values": { "items": { "$ref": "#/definitions/ValueMapping" @@ -425,16 +483,17 @@ "create": { "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetForm", "amplifyuibuilder:CreateForm", - "amplifyuibuilder:TagResource" + "amplifyuibuilder:GetForm", + "amplifyuibuilder:TagResource", + "amplifyuibuilder:UntagResource" ] }, "delete": { "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetForm", "amplifyuibuilder:DeleteForm", + "amplifyuibuilder:TagResource", "amplifyuibuilder:UntagResource" ] }, @@ -455,22 +514,23 @@ }, "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetForm", "amplifyuibuilder:ListForms" ] }, "read": { "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetForm" + "amplifyuibuilder:GetForm", + "amplifyuibuilder:TagResource" ] }, "update": { "permissions": [ "amplify:GetApp", "amplifyuibuilder:GetForm", - "amplifyuibuilder:UpdateForm", - "amplifyuibuilder:TagResource" + "amplifyuibuilder:TagResource", + "amplifyuibuilder:UntagResource", + "amplifyuibuilder:UpdateForm" ] } }, @@ -525,21 +585,12 @@ "readOnlyProperties": [ "/properties/Id" ], - "required": [ - "DataType", - "Fields", - "FormActionType", - "Name", - "SchemaVersion", - "SectionalElements", - "Style" - ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", "tagging": { - "cloudFormationSystemTags": false, + "cloudFormationSystemTags": true, "tagOnCreate": true, - "tagProperty": "#/properties/Tags", - "tagUpdatable": false, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, "taggable": true }, "typeName": "AWS::AmplifyUIBuilder::Form" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-theme.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-theme.json index 3336f4d63a..f74b10ba77 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-theme.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-amplifyuibuilder-theme.json @@ -1,7 +1,8 @@ { "additionalProperties": false, "createOnlyProperties": [ - "/properties/Tags" + "/properties/AppId", + "/properties/EnvironmentName" ], "definitions": { "Tags": { @@ -19,7 +20,6 @@ "additionalProperties": false, "properties": { "Children": { - "insertionOrder": false, "items": { "$ref": "#/definitions/ThemeValues" }, @@ -49,15 +49,14 @@ "create": { "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetTheme", "amplifyuibuilder:CreateTheme", + "amplifyuibuilder:GetTheme", "amplifyuibuilder:TagResource" ] }, "delete": { "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetTheme", "amplifyuibuilder:DeleteTheme", "amplifyuibuilder:UntagResource" ] @@ -79,7 +78,6 @@ }, "permissions": [ "amplify:GetApp", - "amplifyuibuilder:GetTheme", "amplifyuibuilder:ListThemes" ] }, @@ -93,8 +91,9 @@ "permissions": [ "amplify:GetApp", "amplifyuibuilder:GetTheme", - "amplifyuibuilder:UpdateTheme", - "amplifyuibuilder:TagResource" + "amplifyuibuilder:TagResource", + "amplifyuibuilder:UntagResource", + "amplifyuibuilder:UpdateTheme" ] } }, @@ -107,19 +106,26 @@ "AppId": { "type": "string" }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, "EnvironmentName": { "type": "string" }, "Id": { "type": "string" }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, "Name": { "maxLength": 255, "minLength": 1, "type": "string" }, "Overrides": { - "insertionOrder": false, "items": { "$ref": "#/definitions/ThemeValues" }, @@ -129,7 +135,6 @@ "$ref": "#/definitions/Tags" }, "Values": { - "insertionOrder": false, "items": { "$ref": "#/definitions/ThemeValues" }, @@ -137,13 +142,17 @@ } }, "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "Name", - "Values" + "/properties/CreatedAt", + "/properties/Id", + "/properties/ModifiedAt" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", - "taggable": true, + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::AmplifyUIBuilder::Theme" } diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-apprunner-vpcconnector.json index 714e40ac54..a7b99a0c40 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-apprunner-vpcconnector.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-apprunner-vpcconnector.json @@ -24,6 +24,7 @@ "handlers": { "create": { "permissions": [ + "iam:CreateServiceLinkedRole", "apprunner:CreateVpcConnector", "apprunner:DescribeVpcConnector", "apprunner:TagResource", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-appstream-fleet.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-appstream-fleet.json index c5d955a3c7..480aa43aad 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-appstream-fleet.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-appstream-fleet.json @@ -128,7 +128,7 @@ "type": "string" }, "InstanceType": { - "cfnLint": "aws_appstream_fleet/instancetype_enum", + "cfnLint": "AWS::AppStream::Fleet/Properties/InstanceType", "type": "string" }, "MaxConcurrentSessions": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-autoscaling-autoscalinggroup.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-autoscaling-autoscalinggroup.json index c129c5c3b7..475f0c19e7 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-autoscaling-autoscalinggroup.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-autoscaling-autoscalinggroup.json @@ -550,10 +550,11 @@ "type": "string" }, "AvailabilityZones": { - "awsType": "AvailabilityZones", + "cfnLint": [ + "AWS::AutoScaling::AutoScalingGroup/Properties/AvailabilityZones" + ], "insertionOrder": false, "items": { - "awsType": "AvailabilityZone", "type": "string" }, "type": "array", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupplan.json index 03f400bce2..172d3458a1 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupplan.json @@ -140,7 +140,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupselection.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupselection.json index 1a3debf62b..fac7c45138 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupselection.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-backup-backupselection.json @@ -47,7 +47,9 @@ "type": "object" }, "IamRoleArn": { - "awsType": "IamRoleArn", + "cfnLint": [ + "AWS::Backup::BackupSelection/Properties/BackupSelection/IamRoleArn" + ], "type": "string" }, "ListOfTags": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-batch-computeenvironment.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-batch-computeenvironment.json index 3b9e5b9b28..3f8a9feadb 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-batch-computeenvironment.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-batch-computeenvironment.json @@ -86,7 +86,9 @@ "uniqueItems": false }, "SpotIamFleetRole": { - "awsType": "IamRoleArn", + "cfnLint": [ + "AWS::Batch::ComputeEnvironment/Properties/ComputeResources/SpotIamFleetRole" + ], "type": "string" }, "Subnets": { @@ -251,7 +253,9 @@ "type": "boolean" }, "ServiceRole": { - "awsType": "IamRoleArn", + "cfnLint": [ + "AWS::Batch::ComputeEnvironment/Properties/ServiceRole" + ], "type": "string" }, "State": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-cassandra-table.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-cassandra-table.json index 365c8e3fdb..ebe51fddc1 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-cassandra-table.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-cassandra-table.json @@ -8,6 +8,41 @@ "/properties/ClientSideTimestampsEnabled" ], "definitions": { + "AutoScalingSetting": { + "additionalProperties": false, + "description": "Represents configuration for auto scaling.", + "properties": { + "AutoScalingDisabled": { + "default": false, + "type": "boolean" + }, + "MaximumUnits": { + "minimum": 1, + "type": "integer" + }, + "MinimumUnits": { + "minimum": 1, + "type": "integer" + }, + "ScalingPolicy": { + "$ref": "#/definitions/ScalingPolicy" + } + }, + "type": "object" + }, + "AutoScalingSpecification": { + "additionalProperties": false, + "description": "Represents the read and write settings used for AutoScaling.", + "properties": { + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AutoScalingSetting" + }, + "WriteCapacityAutoScaling": { + "$ref": "#/definitions/AutoScalingSetting" + } + }, + "type": "object" + }, "BillingMode": { "additionalProperties": false, "properties": { @@ -117,6 +152,37 @@ ], "type": "object" }, + "ReplicaSpecification": { + "additionalProperties": false, + "description": "Represents replica specifications.", + "properties": { + "ReadCapacityAutoScaling": { + "$ref": "#/definitions/AutoScalingSetting" + }, + "ReadCapacityUnits": { + "type": "integer" + }, + "Region": { + "maxLength": 25, + "minLength": 2, + "type": "string" + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "ScalingPolicy": { + "additionalProperties": false, + "description": "Represents scaling policy.", + "properties": { + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "type": "object" + }, "Tag": { "additionalProperties": false, "description": "A key-value pair to apply to the resource", @@ -137,6 +203,31 @@ "Key" ], "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "description": "Represents configuration for target tracking scaling policy.", + "properties": { + "DisableScaleIn": { + "default": "false", + "type": "boolean" + }, + "ScaleInCooldown": { + "default": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "default": 0, + "type": "integer" + }, + "TargetValue": { + "type": "integer" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" } }, "description": "Resource schema for AWS::Cassandra::Table", @@ -152,7 +243,16 @@ "kms:CreateGrant", "kms:DescribeKey", "kms:Encrypt", - "kms:Decrypt" + "kms:Decrypt", + "application-autoscaling:DescribeScalableTargets", + "application-autoscaling:DescribeScalingPolicies", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:RegisterScalableTarget", + "application-autoscaling:PutScalingPolicy", + "cloudwatch:DeleteAlarms", + "cloudwatch:DescribeAlarms", + "cloudwatch:GetMetricData", + "cloudwatch:PutMetricAlarm" ] }, "delete": { @@ -160,19 +260,46 @@ "cassandra:Drop", "cassandra:DropMultiRegionResource", "cassandra:Select", - "cassandra:SelectMultiRegionResource" + "cassandra:SelectMultiRegionResource", + "application-autoscaling:DescribeScalableTargets", + "application-autoscaling:DescribeScalingPolicies", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:RegisterScalableTarget", + "application-autoscaling:PutScalingPolicy", + "cloudwatch:DeleteAlarms", + "cloudwatch:DescribeAlarms", + "cloudwatch:GetMetricData", + "cloudwatch:PutMetricAlarm" ] }, "list": { "permissions": [ "cassandra:Select", - "cassandra:SelectMultiRegionResource" + "cassandra:SelectMultiRegionResource", + "application-autoscaling:DescribeScalableTargets", + "application-autoscaling:DescribeScalingPolicies", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:RegisterScalableTarget", + "application-autoscaling:PutScalingPolicy", + "cloudwatch:DeleteAlarms", + "cloudwatch:DescribeAlarms", + "cloudwatch:GetMetricData", + "cloudwatch:PutMetricAlarm" ] }, "read": { "permissions": [ "cassandra:Select", - "cassandra:SelectMultiRegionResource" + "cassandra:SelectMultiRegionResource", + "application-autoscaling:DescribeScalableTargets", + "application-autoscaling:DescribeScalingPolicies", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:RegisterScalableTarget", + "application-autoscaling:PutScalingPolicy", + "cloudwatch:DeleteAlarms", + "cloudwatch:DescribeAlarms", + "cloudwatch:GetMetricData", + "cloudwatch:PutMetricAlarm" ] }, "update": { @@ -188,7 +315,16 @@ "kms:CreateGrant", "kms:DescribeKey", "kms:Encrypt", - "kms:Decrypt" + "kms:Decrypt", + "application-autoscaling:DescribeScalableTargets", + "application-autoscaling:DescribeScalingPolicies", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:RegisterScalableTarget", + "application-autoscaling:PutScalingPolicy", + "cloudwatch:DeleteAlarms", + "cloudwatch:DescribeAlarms", + "cloudwatch:GetMetricData", + "cloudwatch:PutMetricAlarm" ] } }, @@ -197,6 +333,9 @@ "/properties/TableName" ], "properties": { + "AutoScalingSpecifications": { + "$ref": "#/definitions/AutoScalingSpecification" + }, "BillingMode": { "$ref": "#/definitions/BillingMode" }, @@ -249,6 +388,15 @@ "type": "array", "uniqueItems": true }, + "ReplicaSpecifications": { + "insertionOrder": true, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, "TableName": { "description": "Name for Cassandra table", "pattern": "^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$", @@ -269,5 +417,9 @@ "KeyspaceName", "PartitionKeyColumns" ], - "typeName": "AWS::Cassandra::Table" + "typeName": "AWS::Cassandra::Table", + "writeOnlyProperties": [ + "/properties/AutoScalingSpecifications", + "/properties/ReplicaSpecifications" + ] } diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudfront-distribution.json index 75bb25b92e..7e98b52b2d 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudfront-distribution.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudfront-distribution.json @@ -413,6 +413,7 @@ "$ref": "#/definitions/OriginGroups" }, "Origins": { + "insertionOrder": false, "items": { "$ref": "#/definitions/Origin" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudwatch-alarm.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudwatch-alarm.json index 6cbe2803f9..0f730b109a 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudwatch-alarm.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-cloudwatch-alarm.json @@ -1,7 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_cloudwatch_alarm/aws_namespace_period" + "AWS::CloudWatch::Alarm/Properties" ], "createOnlyProperties": [ "/properties/AlarmName" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-hoursofoperation.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-hoursofoperation.json index 541626584a..3ca96475f7 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-hoursofoperation.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-hoursofoperation.json @@ -184,5 +184,12 @@ "Config" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Connect::HoursOfOperation" } diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-quickconnect.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-quickconnect.json index dba591bdc7..fbc13aa0c5 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-quickconnect.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-quickconnect.json @@ -226,5 +226,12 @@ "QuickConnectConfig" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Connect::QuickConnect" } diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-user.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-user.json index 546e21910e..caa9c37683 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-user.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-user.json @@ -281,6 +281,13 @@ "Username" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::Connect::User", "writeOnlyProperties": [ "/properties/Password" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-userhierarchygroup.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-userhierarchygroup.json index 7e4dbad3a7..b95915038d 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-userhierarchygroup.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-connect-userhierarchygroup.json @@ -118,6 +118,10 @@ ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, "taggable": true }, "typeName": "AWS::Connect::UserHierarchyGroup" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-dax-cluster.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-dax-cluster.json index 1a7921973e..d9694880cc 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-dax-cluster.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-dax-cluster.json @@ -28,9 +28,10 @@ "type": "string" }, "AvailabilityZones": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::DAX::Cluster/Properties/AvailabilityZones" + ], "items": { - "awsType": "AvailabilityZones", "type": "string" }, "type": "array", @@ -58,7 +59,7 @@ "type": "string" }, "NodeType": { - "cfnLint": "aws_dax_cluster/nodetype_enum", + "cfnLint": "AWS::DAX::Cluster/Properties/NodeType", "type": "string" }, "NotificationTopicARN": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationinstance.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationinstance.json index 37deb2a40c..0cbf3cdaf9 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationinstance.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationinstance.json @@ -39,8 +39,8 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::DMS::ReplicationInstance/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbcluster.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbcluster.json index 5579c03100..e25e3aeb0e 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbcluster.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::DocDB::DBCluster/Properties" + ], "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/SnapshotIdentifier", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbinstance.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbinstance.json index 3fbc548703..4a9c7a1507 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-docdb-dbinstance.json @@ -44,7 +44,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_docdb_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::DocDB::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-globaltable.json index 7e1a23d878..d9e133125d 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-globaltable.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-globaltable.json @@ -122,6 +122,13 @@ "KinesisStreamSpecification": { "additionalProperties": false, "properties": { + "ApproximateCreationDateTimePrecision": { + "enum": [ + "MICROSECOND", + "MILLISECOND" + ], + "type": "string" + }, "StreamArn": { "type": "string" } @@ -465,6 +472,7 @@ "dynamodb:EnableKinesisStreamingDestination", "dynamodb:DisableKinesisStreamingDestination", "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:UpdateKinesisStreamingDestination", "application-autoscaling:DeleteScalingPolicy", "application-autoscaling:DeleteScheduledAction", "application-autoscaling:DeregisterScalableTarget", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-table.json index 24f3b4e7b0..2aaa38cd8d 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-table.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-dynamodb-table.json @@ -1,7 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_dynamodb_table/billingmode_exclusive" + "AWS::DynamoDB::Table/Properties" ], "createOnlyProperties": [ "/properties/TableName", @@ -169,6 +169,13 @@ "KinesisStreamSpecification": { "additionalProperties": false, "properties": { + "ApproximateCreationDateTimePrecision": { + "enum": [ + "MICROSECOND", + "MILLISECOND" + ], + "type": "string" + }, "StreamArn": { "type": "string" } @@ -404,6 +411,7 @@ "dynamodb:UpdateTimeToLive", "dynamodb:UpdateContinuousBackups", "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateKinesisStreamingDestination", "dynamodb:DescribeContinuousBackups", "dynamodb:DescribeKinesisStreamingDestination", "dynamodb:ListTagsOfResource", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-gatewayroutetableassociation.json index 82e6509392..bbda0ce683 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-gatewayroutetableassociation.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-gatewayroutetableassociation.json @@ -54,5 +54,11 @@ "GatewayId" ], "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, "typeName": "AWS::EC2::GatewayRouteTableAssociation" } diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-host.json index 0def8fcfa2..bdb356b456 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-host.json @@ -55,8 +55,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "description": "The Availability Zone in which to allocate the Dedicated Host.", "type": "string" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-instance.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-instance.json index 3a762bb553..f290a7cafe 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-instance.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-instance.json @@ -373,8 +373,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Instance/Properties/AvailabilityZone" ], "type": "string" }, @@ -437,7 +437,7 @@ }, "InstanceType": { "cfnLint": [ - "aws_ec2_instance/instancetype_enum" + "AWS::EC2::Instance/Properties/InstanceType" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json index 37f2b78239..fa3c665a37 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json @@ -386,6 +386,10 @@ "type": "array", "uniqueItems": false }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, "MemoryGiBPerVCpu": { "$ref": "#/definitions/MemoryGiBPerVCpu" }, @@ -885,8 +889,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" ], "description": "The Availability Zone for the instance.", "type": "string" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroup.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroup.json index 05fd219739..a9a5e2ee37 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroup.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroup.json @@ -9,9 +9,7 @@ "Egress": { "additionalProperties": false, "cfnLint": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroup/Properties/Egress" ], "properties": { "CidrIp": { @@ -55,9 +53,7 @@ "Ingress": { "additionalProperties": false, "cfnLint": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroup/Properties/Ingress" ], "properties": { "CidrIp": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupegress.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupegress.json index 8c2a008ed7..9426b027b4 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupegress.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupegress.json @@ -1,9 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroupEgress/Properties" ], "createOnlyProperties": [ "/properties/IpProtocol", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupingress.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupingress.json index 9c65c2241f..fa06a63a0a 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupingress.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-securitygroupingress.json @@ -1,9 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroupIngress/Properties" ], "createOnlyProperties": [ "/properties/GroupName", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-spotfleet.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-spotfleet.json index 9675a8c585..a44d6f2245 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-spotfleet.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-spotfleet.json @@ -437,8 +437,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone" ], "type": "string" }, @@ -670,8 +670,8 @@ "type": "string" }, "IamFleetRole": { - "awsType": [ - "IamRoleArn" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole" ], "type": "string" }, @@ -843,8 +843,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-subnet.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-subnet.json index f01de4dc4e..52c608e196 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-subnet.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-subnet.json @@ -80,7 +80,9 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::EC2::Subnet/Properties/AvailabilityZone" + ], "type": "string" }, "AvailabilityZoneId": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-volume.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-volume.json index 396c8f215f..5527f9cecb 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-volume.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-volume.json @@ -78,7 +78,9 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::EC2::Volume/Properties/AvailabilityZone" + ], "description": "The Availability Zone in which to create the volume.", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ecr-repository.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ecr-repository.json index 47d512691d..d2bee3bb18 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ecr-repository.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ecr-repository.json @@ -190,7 +190,9 @@ "type": "string" }, "RepositoryPolicyText": { - "awsType": "IamResourceEcrPolicy", + "cfnLint": [ + "AWS::ECR::Repository/Properties/RepositoryPolicyText" + ], "description": "The JSON repository policy text to apply to the repository. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html in the Amazon Elastic Container Registry User Guide. ", "type": [ "object", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-service.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-service.json index 5011918c17..bfb67a24b2 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-service.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-service.json @@ -1,7 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_ecs_service/fargate" + "AWS::ECS::Service/Properties" ], "createOnlyProperties": [ "/properties/Cluster", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-taskdefinition.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-taskdefinition.json index 358c3a91ba..3b4b03fa4a 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-taskdefinition.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ecs-taskdefinition.json @@ -517,7 +517,7 @@ "LogConfiguration": { "additionalProperties": false, "cfnLint": [ - "aws_ecs_taskdefinition/logging_configuration" + "AWS::ECS::TaskDefinition/Properties/ContainerDefinitions/LogConfiguration" ], "properties": { "LogDriver": { @@ -830,7 +830,7 @@ "properties": { "ContainerDefinitions": { "cfnLint": [ - "aws_ecs_taskdefinition/containerdefinitions_essential" + "AWS::ECS::TaskDefinition/Properties/ContainerDefinitions" ], "insertionOrder": false, "items": { @@ -846,7 +846,9 @@ "$ref": "#/definitions/EphemeralStorage" }, "ExecutionRoleArn": { - "awsType": "IamRoleArn", + "cfnLint": [ + "AWS::ECS::TaskDefinition/Properties/ExecutionRoleArn" + ], "type": "string" }, "Family": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticache-cachecluster.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticache-cachecluster.json index 11bcd66b82..2f554656f5 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticache-cachecluster.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticache-cachecluster.json @@ -99,7 +99,7 @@ "type": "boolean" }, "CacheNodeType": { - "cfnLint": "aws_elasticache_cachecluster/cachenodetype_enum", + "cfnLint": "AWS::ElastiCache::CacheCluster/Properties/CacheNodeType", "type": "string" }, "CacheParameterGroupName": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancing-loadbalancer.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancing-loadbalancer.json index 7e3112e67d..9ced3d78df 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancing-loadbalancer.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancing-loadbalancer.json @@ -214,9 +214,10 @@ "uniqueItems": true }, "AvailabilityZones": { - "awsType": "AvailabilityZones", + "cfnLint": [ + "AWS::ElasticLoadBalancing::LoadBalancer/Properties/AvailabilityZones" + ], "items": { - "awsType": "AvailabilityZone", "type": "string" }, "type": "array", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancingv2-targetgroup.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancingv2-targetgroup.json index 4c14e960a3..ceb8410a07 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancingv2-targetgroup.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticloadbalancingv2-targetgroup.json @@ -46,7 +46,9 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::ElasticLoadBalancingV2::TargetGroup/Properties/Targets/AvailabilityZone" + ], "description": "An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticsearch-domain.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticsearch-domain.json index d5d184e7a9..e51d1083b9 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticsearch-domain.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-elasticsearch-domain.json @@ -107,7 +107,7 @@ "type": "integer" }, "InstanceType": { - "cfnLint": "aws_elasticsearch_domain/elasticsearchclusterconfig_instancetype_enum", + "cfnLint": "AWS::Elasticsearch::Domain/Properties/ElasticsearchClusterConfig/InstanceType", "type": "string" }, "WarmCount": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-emr-cluster.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-emr-cluster.json index 052d84af71..88196f9ed4 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-emr-cluster.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-emr-cluster.json @@ -350,7 +350,12 @@ "$ref": "#/definitions/EbsConfiguration" }, "InstanceType": { - "cfnLint": "aws_emr_cluster/instancetypeconfig_instancetype_enum", + "cfnLint": [ + "AWS::EMR::Cluster/Properties/CoreInstanceFleet/InstanceTypeConfigs/InstanceType", + "AWS::EMR::Cluster/Properties/TaskInstanceFleets/InstanceTypeConfigs/InstanceType", + "AWS::EMR::Cluster/Properties/CoreInstanceGroup/InstanceType", + "AWS::EMR::Cluster/Properties/TaskInstanceGroups/InstanceType" + ], "type": "string" }, "WeightedCapacity": { @@ -535,7 +540,7 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": "AWS::EMR::Cluster/Properties/Instances/Placement/AvailabilityZone", "type": "string" } }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-gamelift-fleet.json index d2b3af3e44..2022bb1c95 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-gamelift-fleet.json @@ -445,7 +445,7 @@ "type": "array" }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "description": "The name of an EC2 instance type that is supported in Amazon GameLift. A fleet instance type determines the computing resources of each instance in the fleet, including CPU, memory, storage, and networking capacity. Amazon GameLift supports the following EC2 instance types. See Amazon EC2 Instance Types for detailed descriptions.", "pattern": "^.*..*$", "type": "string" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-glue-connection.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-glue-connection.json index fc9afeacdb..8bface60f3 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-glue-connection.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-glue-connection.json @@ -48,7 +48,9 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::Glue::Connection/Properties/ConnectionInput/PhysicalConnectionRequirements/AvailabilityZone" + ], "type": "string" }, "SecurityGroupIdList": { diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-glue-tableoptimizer.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-glue-tableoptimizer.json similarity index 100% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-glue-tableoptimizer.json rename to src/cfnlint/data/schemas/providers/us_east_1/aws-glue-tableoptimizer.json diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-group.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-group.json index 0406c712d5..cbfe9b0a0a 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-group.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-group.json @@ -8,7 +8,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Group/Properties/Policies/PolicyDocument" + ], "description": "The policy document.", "type": [ "string", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-managedpolicy.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-managedpolicy.json index 47f7937c41..b19b7abf87 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-managedpolicy.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-managedpolicy.json @@ -105,7 +105,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::ManagedPolicy/Properties/PolicyDocument" + ], "description": "The JSON policy document that you want to use as the content for the new policy.", "maxLength": 6144, "type": [ diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-policy.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-policy.json index 3a8dea55e0..d38328dd6c 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-policy.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-policy.json @@ -51,7 +51,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Policy/Properties/PolicyDocument" + ], "description": "The policy document. You must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.", "maxLength": 131072, "minLength": 1, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-role.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-role.json index 7a6098ac0e..b851a5e88e 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-role.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-role.json @@ -11,7 +11,9 @@ "description": "The inline policy document that is embedded in the specified IAM role.", "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Role/Properties/Policies/PolicyDocument" + ], "description": "The policy document.", "type": [ "string", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-user.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-user.json index 4853cc346b..b09659bf93 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-user.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-iam-user.json @@ -27,7 +27,9 @@ "description": "Contains information about an attached policy.", "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::User/Properties/Policies/PolicyDocument" + ], "description": "The policy document.", "type": [ "object", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-inspectorv2-cisscanconfiguration.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-inspectorv2-cisscanconfiguration.json similarity index 100% rename from src/cfnlint/data/schemas/providers/ap_northeast_1/aws-inspectorv2-cisscanconfiguration.json rename to src/cfnlint/data/schemas/providers/us_east_1/aws-inspectorv2-cisscanconfiguration.json diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-kinesis-stream.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-kinesis-stream.json index a0f0c6701f..42841733f3 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-kinesis-stream.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-kinesis-stream.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::Kinesis::Stream/Properties" + ], "createOnlyProperties": [ "/properties/Name" ], diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-kms-key.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-kms-key.json index b2bac98695..d9737e1d66 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-kms-key.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-kms-key.json @@ -101,7 +101,9 @@ "type": "string" }, "KeyPolicy": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::KMS::Key/Properties/KeyPolicy" + ], "default": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"key-default\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn::iam:::root\"\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\"\n }\n ]\n}", "description": "The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.", "type": [ diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-eventsourcemapping.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-eventsourcemapping.json index cba9c5cb8a..dbb015e1d6 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-eventsourcemapping.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-eventsourcemapping.json @@ -1,8 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive", - "aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive" + "AWS::Lambda::EventSourceMapping/Properties" ], "createOnlyProperties": [ "/properties/EventSourceArn", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-function.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-function.json index 7f9906070a..aab64a4b68 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-function.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-lambda-function.json @@ -1,8 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_lambda_function/zipfile_runtime_exists", - "aws_lambda_function/zipfile_runtime_enum" + "AWS::Lambda::Function/Properties" ], "createOnlyProperties": [ "/properties/FunctionName" @@ -514,7 +513,7 @@ "type": "string" }, "Runtime": { - "cfnLint": "aws_lambda_function/runtime", + "cfnLint": "AWS::Lambda::Function/Properties/Runtime", "description": "The identifier of the function's runtime.", "enum": [ "nodejs", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-location-geofencecollection.json index bb905fef3f..7c5a6a8c02 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-location-geofencecollection.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-location-geofencecollection.json @@ -67,26 +67,25 @@ "geo:DescribeGeofenceCollection", "geo:TagResource", "geo:UntagResource", - "kms:*" + "kms:DescribeKey", + "kms:CreateGrant" ] }, "delete": { "permissions": [ "geo:DeleteGeofenceCollection", - "geo:DescribeGeofenceCollection", - "kms:*" + "geo:DescribeGeofenceCollection" ] }, "list": { "permissions": [ - "geo:ListGeofenceCollections", - "kms:*" + "geo:ListGeofenceCollections" ] }, "read": { "permissions": [ "geo:DescribeGeofenceCollection", - "kms:*" + "kms:DescribeKey" ] }, "update": { @@ -95,8 +94,9 @@ "geo:DescribeGeofenceCollection", "geo:TagResource", "geo:UntagResource", - "geo:UpdateGeofenceCollection", - "kms:*" + "kms:DescribeKey", + "kms:CreateGrant", + "geo:UpdateGeofenceCollection" ] } }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-location-map.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-location-map.json index cf5ed3a844..89acc99120 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-location-map.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-location-map.json @@ -8,6 +8,16 @@ "MapConfiguration": { "additionalProperties": false, "properties": { + "CustomLayers": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "maxItems": 10, + "type": "array" + }, "PoliticalView": { "maxLength": 3, "minLength": 3, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-managedblockchain-node.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-managedblockchain-node.json index e4ea2d2ab0..e3d08e4f57 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-managedblockchain-node.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-managedblockchain-node.json @@ -8,7 +8,7 @@ "type": "string" }, "InstanceType": { - "cfnLint": "aws_managedblockchain_node/nodeconfiguration_instancetype_enum", + "cfnLint": "AWS::ManagedBlockchain::Node/Properties/NodeConfiguration/InstanceType", "type": "string" } }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-neptune-dbinstance.json index ff6be703bf..9563ae9318 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-opensearchservice-domain.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-opensearchservice-domain.json index b87e9ea5c0..0967d4aa19 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-opensearchservice-domain.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-opensearchservice-domain.json @@ -418,7 +418,9 @@ ], "properties": { "AccessPolicies": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::OpenSearchService::Domain/Properties/AccessPolicies" + ], "type": "object" }, "AdvancedOptions": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-opsworks-instance.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-opsworks-instance.json index 3cd5f716d1..40da79bc63 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-opsworks-instance.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-opsworks-instance.json @@ -147,7 +147,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::OpsWorks::Instance/Properties/AvailabilityZone" + ], "type": "string" }, "BlockDeviceMappings": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json index c438778d72..9d894c9dd3 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json @@ -1,7 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_rds_dbcluster/serverless_exclusive" + "AWS::RDS::DBCluster/Properties" ], "conditionalCreateOnlyProperties": [ "/properties/Engine", @@ -251,10 +251,11 @@ "type": "boolean" }, "AvailabilityZones": { - "awsType": "AvailabilityZones", + "cfnLint": [ + "AWS::RDS::DBCluster/Properties/AvailabilityZones" + ], "description": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see Choosing the Regions and Availability Zones in the Amazon Aurora User Guide.", "items": { - "awsType": "AvailabilityZone", "type": "string" }, "type": "array", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json index 4ed185228f..2b11c9945b 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json @@ -1,9 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_rds_dbinstance/aurora_exclusive", - "aws_rds_dbinstance/backupretentionperiod", - "aws_rds_dbinstance/dbinstanceclass_enum" + "AWS::RDS::DBInstance/Properties" ], "conditionalCreateOnlyProperties": [ "/properties/AutoMinorVersionUpgrade", @@ -300,7 +298,9 @@ "type": "string" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::RDS::DBInstance/Properties/AvailabilityZone" + ], "description": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones.", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-redshift-cluster.json index 5ed50e8c78..a291590c26 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -327,7 +328,7 @@ "type": "object" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-route53-healthcheck.json index 6669210593..9e7246505e 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-route53-healthcheck.json @@ -92,7 +92,7 @@ "HealthCheckConfig": { "additionalProperties": false, "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ], "description": "A complex type that contains information about the health check.", "properties": { diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucket.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucket.json index f11b8fcc8e..569854e4e2 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucket.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucket.json @@ -830,7 +830,9 @@ "description": "A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB.", "properties": { "Role": { - "awsType": "IamRoleArn", + "cfnLint": [ + "AWS::S3::Bucket/Properties/ReplicationConfiguration/Role" + ], "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects.", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucketpolicy.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucketpolicy.json index ac621c3a65..566402c790 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucketpolicy.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-s3-bucketpolicy.json @@ -44,7 +44,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::S3::BucketPolicy/Properties/PolicyDocument" + ], "description": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.", "type": [ "object", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-app.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-app.json index 9dd1feabc4..feab2f5346 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-app.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-app.json @@ -129,7 +129,8 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteApp" + "sagemaker:DeleteApp", + "sagemaker:DescribeApp" ] }, "list": { @@ -139,6 +140,7 @@ }, "read": { "permissions": [ + "sagemaker:DescribeApp", "sagemaker:DescribeApp" ] } diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-appimageconfig.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-appimageconfig.json index ee2ec766af..f15ffe6f0e 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-appimageconfig.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-appimageconfig.json @@ -5,6 +5,79 @@ "/properties/Tags" ], "definitions": { + "ContainerConfig": { + "additionalProperties": false, + "description": "The container configuration for a SageMaker image.", + "properties": { + "ContainerArguments": { + "description": "A list of arguments to apply to the container.", + "items": { + "$ref": "#/definitions/CustomImageContainerArguments" + }, + "maxItems": 50, + "minItems": 0, + "type": "array", + "uniqueItems": false + }, + "ContainerEntrypoint": { + "description": "The custom entry point to use on container.", + "items": { + "$ref": "#/definitions/CustomImageContainerEntrypoint" + }, + "maxItems": 1, + "minItems": 0, + "type": "array", + "uniqueItems": false + }, + "ContainerEnvironmentVariables": { + "description": "A list of variables to apply to the custom container.", + "items": { + "$ref": "#/definitions/CustomImageContainerEnvironmentVariable" + }, + "maxItems": 25, + "minItems": 0, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "CustomImageContainerArguments": { + "description": "The container image arguments", + "maxLength": 64, + "minLength": 1, + "pattern": "^(?!\\s*$).+", + "type": "string" + }, + "CustomImageContainerEntrypoint": { + "description": "The container entry point", + "maxLength": 256, + "minLength": 1, + "pattern": "^(?!\\s*$).+", + "type": "string" + }, + "CustomImageContainerEnvironmentVariable": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 256, + "minLength": 1, + "pattern": "^(?!\\s*$).+", + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "pattern": "^(?!\\s*$).+", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, "FileSystemConfig": { "additionalProperties": false, "description": "The Amazon Elastic File System (EFS) storage configuration for a SageMaker image.", @@ -31,6 +104,17 @@ }, "type": "object" }, + "JupyterLabAppImageConfig": { + "additionalProperties": false, + "description": "The configuration for the file system and kernels in a SageMaker image running as a JupyterLab app.", + "properties": { + "ContainerConfig": { + "$ref": "#/definitions/ContainerConfig", + "description": "The container configuration for a SageMaker image." + } + }, + "type": "object" + }, "KernelGatewayImageConfig": { "additionalProperties": false, "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app.", @@ -106,7 +190,8 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteAppImageConfig" + "sagemaker:DeleteAppImageConfig", + "sagemaker:DescribeAppImageConfig" ] }, "list": { @@ -144,6 +229,10 @@ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", "type": "string" }, + "JupyterLabAppImageConfig": { + "$ref": "#/definitions/JupyterLabAppImageConfig", + "description": "The JupyterLabAppImageConfig." + }, "KernelGatewayImageConfig": { "$ref": "#/definitions/KernelGatewayImageConfig", "description": "The KernelGatewayImageConfig." diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-domain.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-domain.json index 3599972fb9..6db1ab7299 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-domain.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-domain.json @@ -169,10 +169,41 @@ }, "type": "object" }, + "DockerSettings": { + "additionalProperties": false, + "description": "A collection of settings that are required to start docker-proxy server.", + "properties": { + "EnableDockerAccess": { + "description": "The flag to enable/disable docker-proxy server", + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + }, + "VpcOnlyTrustedAccounts": { + "description": "A list of account id's that would be used to pull images from in VpcOnly mode", + "insertionOrder": false, + "items": { + "maxLength": 12, + "pattern": "^[0-9]$", + "type": "string" + }, + "maxItems": 10, + "minItems": 0, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, "DomainSettings": { "additionalProperties": false, "description": "A collection of Domain settings.", "properties": { + "DockerSettings": { + "$ref": "#/definitions/DockerSettings" + }, "RStudioServerProDomainSettings": { "$ref": "#/definitions/RStudioServerProDomainSettings" }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-space.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-space.json index 5162e05d36..8a05d4cb73 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-space.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sagemaker-space.json @@ -2,9 +2,56 @@ "additionalProperties": false, "createOnlyProperties": [ "/properties/DomainId", - "/properties/SpaceName" + "/properties/SpaceName", + "/properties/SpaceSharingSettings", + "/properties/OwnershipSettings" ], "definitions": { + "AppType": { + "enum": [ + "JupyterServer", + "KernelGateway", + "TensorBoard", + "RStudioServerPro", + "RSessionGateway", + "JupyterLab", + "CodeEditor" + ], + "type": "string" + }, + "CodeRepository": { + "additionalProperties": false, + "properties": { + "RepositoryUrl": { + "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension.", + "maxLength": 256, + "pattern": "^https://([.\\-_a-zA-Z0-9]+/?){3,1016}$", + "type": "string" + } + }, + "required": [ + "RepositoryUrl" + ], + "type": "object" + }, + "CustomFileSystem": { + "additionalProperties": false, + "properties": { + "EFSFileSystem": { + "$ref": "#/definitions/EFSFileSystem" + } + }, + "type": "object" + }, + "CustomFileSystems": { + "items": { + "$ref": "#/definitions/CustomFileSystem" + }, + "maxItems": 1, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, "CustomImage": { "additionalProperties": false, "description": "A custom SageMaker image.", @@ -33,6 +80,35 @@ ], "type": "object" }, + "EFSFileSystem": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "maxLength": 21, + "minLength": 11, + "pattern": "^(fs-[0-9a-f]{8,})$", + "type": "string" + } + }, + "required": [ + "FileSystemId" + ], + "type": "object" + }, + "EbsStorageSettings": { + "additionalProperties": false, + "description": "Properties related to the space's Amazon Elastic Block Store volume.", + "properties": { + "EbsVolumeSizeInGb": { + "$ref": "#/definitions/SpaceEbsVolumeSizeInGb", + "description": "Size of the Amazon EBS volume in Gb" + } + }, + "required": [ + "EbsVolumeSizeInGb" + ], + "type": "object" + }, "JupyterServerAppSettings": { "additionalProperties": false, "description": "The JupyterServer app settings.", @@ -64,6 +140,20 @@ }, "type": "object" }, + "OwnershipSettings": { + "additionalProperties": false, + "properties": { + "OwnerUserProfileName": { + "maxLength": 63, + "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", + "type": "string" + } + }, + "required": [ + "OwnerUserProfileName" + ], + "type": "object" + }, "ResourceSpec": { "additionalProperties": false, "properties": { @@ -129,7 +219,10 @@ "ml.g5.48xlarge", "ml.p4d.24xlarge", "ml.p4de.24xlarge", - "ml.geospatial.interactive" + "ml.geospatial.interactive", + "ml.trn1.2xlarge", + "ml.trn1.32xlarge", + "ml.trn1n.32xlarge" ], "type": "string" }, @@ -148,10 +241,59 @@ }, "type": "object" }, + "SpaceCodeEditorAppSettings": { + "additionalProperties": false, + "description": "The CodeEditor app settings.", + "properties": { + "DefaultResourceSpec": { + "$ref": "#/definitions/ResourceSpec" + } + }, + "type": "object" + }, + "SpaceEbsVolumeSizeInGb": { + "maximum": 16384, + "minimum": 5, + "type": "integer" + }, + "SpaceJupyterLabAppSettings": { + "additionalProperties": false, + "description": "The JupyterServer app settings.", + "properties": { + "CodeRepositories": { + "description": "A list of CodeRepositories available for use with JupyterLab apps.", + "items": { + "$ref": "#/definitions/CodeRepository" + }, + "maxItems": 30, + "minItems": 0, + "type": "array", + "uniqueItems": false + }, + "DefaultResourceSpec": { + "$ref": "#/definitions/ResourceSpec" + } + }, + "type": "object" + }, "SpaceSettings": { "additionalProperties": false, "description": "A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the CreateSpace API is called.", "properties": { + "AppType": { + "$ref": "#/definitions/AppType" + }, + "CodeEditorAppSettings": { + "$ref": "#/definitions/SpaceCodeEditorAppSettings", + "description": "The CodeEditor app settings." + }, + "CustomFileSystems": { + "$ref": "#/definitions/CustomFileSystems" + }, + "JupyterLabAppSettings": { + "$ref": "#/definitions/SpaceJupyterLabAppSettings", + "description": "The JupyterLab app settings." + }, "JupyterServerAppSettings": { "$ref": "#/definitions/JupyterServerAppSettings", "description": "The Jupyter server's app settings." @@ -159,6 +301,35 @@ "KernelGatewayAppSettings": { "$ref": "#/definitions/KernelGatewayAppSettings", "description": "The kernel gateway app settings." + }, + "SpaceStorageSettings": { + "$ref": "#/definitions/SpaceStorageSettings", + "description": "Default storage settings for a space." + } + }, + "type": "object" + }, + "SpaceSharingSettings": { + "additionalProperties": false, + "properties": { + "SharingType": { + "enum": [ + "Private", + "Shared" + ], + "type": "string" + } + }, + "required": [ + "SharingType" + ], + "type": "object" + }, + "SpaceStorageSettings": { + "additionalProperties": false, + "properties": { + "EbsStorageSettings": { + "$ref": "#/definitions/EbsStorageSettings" } }, "type": "object" @@ -226,12 +397,20 @@ "minLength": 1, "type": "string" }, + "OwnershipSettings": { + "$ref": "#/definitions/OwnershipSettings" + }, "SpaceArn": { "description": "The space Amazon Resource Name (ARN).", "maxLength": 256, "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:space/.*", "type": "string" }, + "SpaceDisplayName": { + "maxLength": 64, + "pattern": "^(?!\\s*$).+", + "type": "string" + }, "SpaceName": { "description": "A name for the Space.", "maxLength": 63, @@ -245,6 +424,9 @@ "minItems": 0, "uniqueItems": false }, + "SpaceSharingSettings": { + "$ref": "#/definitions/SpaceSharingSettings" + }, "Tags": { "description": "A list of tags to apply to the space.", "items": { @@ -254,10 +436,15 @@ "minItems": 0, "type": "array", "uniqueItems": false + }, + "Url": { + "maxLength": 1024, + "type": "string" } }, "readOnlyProperties": [ - "/properties/SpaceArn" + "/properties/SpaceArn", + "/properties/Url" ], "required": [ "DomainId", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sns-topicpolicy.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sns-topicpolicy.json index 5cae2897cc..f150f436cd 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sns-topicpolicy.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sns-topicpolicy.json @@ -27,7 +27,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::SNS::TopicPolicy/Properties/PolicyDocument" + ], "description": "A policy document that contains permissions to add to the specified SNS topics.", "type": [ "object", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queue.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queue.json index 4603de27bd..5e04677238 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queue.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queue.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::SQS::Queue/Properties" + ], "createOnlyProperties": [ "/properties/FifoQueue", "/properties/QueueName" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queuepolicy.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queuepolicy.json index b61bdbb311..06fb1758b0 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queuepolicy.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sqs-queuepolicy.json @@ -27,7 +27,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::SQS::QueuePolicy/Properties/PolicyDocument" + ], "description": "A policy document that contains the permissions for the specified SQS queues. For more information about SQS policies, see [Using custom policies with the access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Developer Guide*.", "type": [ "object", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-sso-permissionset.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-sso-permissionset.json index 7432cf0f22..98ef86b537 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-sso-permissionset.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-sso-permissionset.json @@ -152,7 +152,9 @@ "type": "string" }, "InlinePolicy": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::SSO::PermissionSet/Properties/InlinePolicy" + ], "description": "The inline policy to put in permission set.", "type": [ "object", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-synthetics-canary.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-synthetics-canary.json index 4cc7d65faa..013165a95a 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-synthetics-canary.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-synthetics-canary.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::Synthetics::Canary/Properties" + ], "createOnlyProperties": [ "/properties/Name" ], diff --git a/src/cfnlint/data/schemas/providers/us_east_2/__init__.py b/src/cfnlint/data/schemas/providers/us_east_2/__init__.py index a609e8ae66..7074aa55d8 100644 --- a/src/cfnlint/data/schemas/providers/us_east_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_east_2/__init__.py @@ -193,6 +193,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -229,6 +230,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -285,6 +287,7 @@ "AWS::GroundStation::MissionProfile", "AWS::CloudFormation::CustomResource", "AWS::FIS::TargetAccountConfiguration", + "AWS::Glue::TableOptimizer", "AWS::RefactorSpaces::Route", "AWS::KinesisAnalytics::ApplicationOutput", "AWS::WAFv2::RuleGroup", @@ -711,6 +714,7 @@ "AWS::Glue::Schema", "AWS::DataZone::Environment", "AWS::DocDB::DBSubnetGroup", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", @@ -745,6 +749,7 @@ "AWS::AppStream::Entitlement", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1259,6 +1264,7 @@ "aws-networkmanager-connectpeer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1294,6 +1300,8 @@ "aws-sns-topic.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", + "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", @@ -1348,6 +1356,7 @@ "aws-groundstation-missionprofile.json", "aws-cloudformation-customresource.json", "aws-fis-targetaccountconfiguration.json", + "aws-glue-tableoptimizer.json", "aws-refactorspaces-route.json", "aws-kinesisanalytics-applicationoutput.json", "aws-wafv2-rulegroup.json", @@ -1359,7 +1368,6 @@ "aws-glue-classifier.json", "aws-codedeploy-deploymentgroup.json", "aws-amplifyuibuilder-component.json", - "aws-location-trackerconsumer.json", "aws-vpclattice-servicenetwork.json", "aws-sagemaker-inferenceexperiment.json", "aws-cloudformation-stackset.json", @@ -1405,12 +1413,14 @@ "aws-comprehend-documentclassifier.json", "aws-vpclattice-authpolicy.json", "aws-glue-schemaversion.json", + "aws-sagemaker-space.json", "aws-iot-policyprincipalattachment.json", "aws-timestream-scheduledquery.json", "aws-frauddetector-list.json", "aws-fms-notificationchannel.json", "aws-msk-batchscramsecret.json", "aws-dms-certificate.json", + "aws-s3-bucket.json", "aws-guardduty-ipset.json", "aws-servicediscovery-httpnamespace.json", "aws-emr-securityconfiguration.json", @@ -1488,6 +1498,7 @@ "aws-datasync-locationnfs.json", "aws-amplify-domain.json", "aws-kinesisanalyticsv2-applicationoutput.json", + "aws-sagemaker-domain.json", "aws-greengrass-coredefinitionversion.json", "aws-codebuild-fleet.json", "aws-certificatemanager-certificate.json", @@ -1687,7 +1698,6 @@ "aws-transfer-agreement.json", "aws-lightsail-certificate.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1714,6 +1724,7 @@ "aws-datasync-locationefs.json", "aws-ec2-localgatewayroutetable.json", "aws-apigateway-resource.json", + "aws-sagemaker-appimageconfig.json", "aws-verifiedpermissions-identitysource.json", "aws-macie-session.json", "aws-elasticloadbalancingv2-targetgroup.json", @@ -1736,6 +1747,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-supportapp-slackworkspaceconfiguration.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", @@ -1762,6 +1774,7 @@ "aws-glue-schema.json", "aws-datazone-environment.json", "aws-docdb-dbsubnetgroup.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-iot-policy.json", "aws-ec2-transitgatewayroute.json", @@ -1796,6 +1809,7 @@ "aws-appstream-entitlement.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1842,7 +1856,6 @@ "aws-datasync-agent.json", "aws-cognito-userpoolidentityprovider.json", "aws-resiliencehub-resiliencypolicy.json", - "aws-location-tracker.json", "aws-iot-dimension.json", "aws-logs-loggroup.json", "aws-evidently-experiment.json", @@ -2060,7 +2073,6 @@ "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", "aws-codeartifact-domain.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-location-tracker.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-location-tracker.json new file mode 100644 index 0000000000..dff6b9e9f6 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-location-tracker.json @@ -0,0 +1,191 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/KmsKeyId", + "/properties/TrackerName" + ], + "definitions": { + "PositionFiltering": { + "enum": [ + "TimeBased", + "DistanceBased", + "AccuracyBased" + ], + "type": "string" + }, + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::Tracker Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateTracker", + "geo:DescribeTracker", + "geo:TagResource", + "geo:UntagResource", + "kms:DescribeKey", + "kms:CreateGrant" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteTracker", + "geo:DescribeTracker" + ] + }, + "list": { + "permissions": [ + "geo:ListTrackers" + ] + }, + "read": { + "permissions": [ + "geo:DescribeTracker", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "geo:CreateTracker", + "geo:DescribeTracker", + "geo:TagResource", + "geo:UntagResource", + "kms:DescribeKey", + "kms:CreateGrant", + "geo:UpdateTracker" + ] + } + }, + "primaryIdentifier": [ + "/properties/TrackerName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "EventBridgeEnabled": { + "type": "boolean" + }, + "KmsKeyEnableGeospatialQueries": { + "type": "boolean" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PositionFiltering": { + "$ref": "#/definitions/PositionFiltering" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "TrackerArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "TrackerName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CreateTime", + "/properties/Arn", + "/properties/TrackerArn", + "/properties/UpdateTime" + ], + "required": [ + "TrackerName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::Tracker" +} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-location-trackerconsumer.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-location-trackerconsumer.json new file mode 100644 index 0000000000..8ee7f91b35 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-location-trackerconsumer.json @@ -0,0 +1,60 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/TrackerName", + "/properties/ConsumerArn" + ], + "description": "Definition of AWS::Location::TrackerConsumer Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:AssociateTrackerConsumer", + "geo:ListTrackerConsumers" + ] + }, + "delete": { + "permissions": [ + "geo:DisassociateTrackerConsumer", + "geo:ListTrackerConsumers" + ] + }, + "list": { + "permissions": [ + "geo:ListTrackerConsumers" + ] + }, + "read": { + "permissions": [ + "geo:ListTrackerConsumers" + ] + } + }, + "primaryIdentifier": [ + "/properties/TrackerName", + "/properties/ConsumerArn" + ], + "properties": { + "ConsumerArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "TrackerName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + } + }, + "required": [ + "ConsumerArn", + "TrackerName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::Location::TrackerConsumer" +} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-s3-bucket.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-s3-bucket.json deleted file mode 100644 index d52db9dd64..0000000000 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-s3-bucket.json +++ /dev/null @@ -1,1683 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/BucketName", - "/properties/ObjectLockEnabled" - ], - "definitions": { - "AbortIncompleteMultipartUpload": { - "additionalProperties": false, - "description": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.", - "properties": { - "DaysAfterInitiation": { - "description": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.", - "minimum": 0, - "type": "integer" - } - }, - "required": [ - "DaysAfterInitiation" - ], - "type": "object" - }, - "AccelerateConfiguration": { - "additionalProperties": false, - "properties": { - "AccelerationStatus": { - "description": "Configures the transfer acceleration state for an Amazon S3 bucket.", - "enum": [ - "Enabled", - "Suspended" - ], - "type": "string" - } - }, - "required": [ - "AccelerationStatus" - ], - "type": "object" - }, - "AccessControlTranslation": { - "additionalProperties": false, - "description": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", - "properties": { - "Owner": { - "const": "Destination", - "type": "string" - } - }, - "required": [ - "Owner" - ], - "type": "object" - }, - "AnalyticsConfiguration": { - "additionalProperties": false, - "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", - "properties": { - "Id": { - "description": "The ID that identifies the analytics configuration.", - "type": "string" - }, - "Prefix": { - "description": "The prefix that an object must have to be included in the analytics results.", - "type": "string" - }, - "StorageClassAnalysis": { - "$ref": "#/definitions/StorageClassAnalysis" - }, - "TagFilters": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/TagFilter" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "StorageClassAnalysis", - "Id" - ], - "type": "object" - }, - "Arn": { - "description": "the Amazon Resource Name (ARN) of the specified bucket.", - "type": "string" - }, - "BucketEncryption": { - "additionalProperties": false, - "description": "Specifies default encryption for a bucket using server-side encryption with either Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS).", - "properties": { - "ServerSideEncryptionConfiguration": { - "description": "Specifies the default server-side-encryption configuration.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/ServerSideEncryptionRule" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "ServerSideEncryptionConfiguration" - ], - "type": "object" - }, - "CorsConfiguration": { - "additionalProperties": false, - "properties": { - "CorsRules": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/CorsRule", - "maxLength": 100 - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "CorsRules" - ], - "type": "object" - }, - "CorsRule": { - "additionalProperties": false, - "description": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", - "properties": { - "AllowedHeaders": { - "description": "Headers that are specified in the Access-Control-Request-Headers header.", - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AllowedMethods": { - "description": "An HTTP method that you allow the origin to execute.", - "insertionOrder": true, - "items": { - "enum": [ - "GET", - "PUT", - "HEAD", - "POST", - "DELETE" - ], - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AllowedOrigins": { - "description": "One or more origins you want customers to be able to access the bucket from.", - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "ExposedHeaders": { - "description": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).", - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Id": { - "description": "A unique identifier for this rule.", - "maxLength": 255, - "type": "string" - }, - "MaxAge": { - "description": "The time in seconds that your browser is to cache the preflight response for the specified resource.", - "minimum": 0, - "type": "integer" - } - }, - "required": [ - "AllowedMethods", - "AllowedOrigins" - ], - "type": "object" - }, - "DataExport": { - "additionalProperties": false, - "description": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", - "properties": { - "Destination": { - "$ref": "#/definitions/Destination" - }, - "OutputSchemaVersion": { - "const": "V_1", - "description": "The version of the output schema to use when exporting data.", - "type": "string" - } - }, - "required": [ - "Destination", - "OutputSchemaVersion" - ], - "type": "object" - }, - "DefaultRetention": { - "additionalProperties": false, - "description": "The default retention period that you want to apply to new objects placed in the specified bucket.", - "properties": { - "Days": { - "type": "integer" - }, - "Mode": { - "enum": [ - "COMPLIANCE", - "GOVERNANCE" - ], - "type": "string" - }, - "Years": { - "type": "integer" - } - }, - "type": "object" - }, - "DeleteMarkerReplication": { - "additionalProperties": false, - "properties": { - "Status": { - "enum": [ - "Disabled", - "Enabled" - ], - "type": "string" - } - }, - "type": "object" - }, - "Destination": { - "additionalProperties": false, - "description": "Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket and S3 Replication Time Control (S3 RTC).", - "properties": { - "BucketAccountId": { - "description": "The account ID that owns the destination S3 bucket. ", - "type": "string" - }, - "BucketArn": { - "description": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", - "type": "string" - }, - "Format": { - "description": "Specifies the file format used when exporting data to Amazon S3.", - "enum": [ - "CSV", - "ORC", - "Parquet" - ], - "type": "string" - }, - "Prefix": { - "description": "The prefix to use when exporting data. The prefix is prepended to all results.", - "type": "string" - } - }, - "required": [ - "BucketArn", - "Format" - ], - "type": "object" - }, - "EncryptionConfiguration": { - "additionalProperties": false, - "description": "Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.", - "properties": { - "ReplicaKmsKeyID": { - "description": "Specifies the ID (Key ARN or Alias ARN) of the customer managed customer master key (CMK) stored in AWS Key Management Service (KMS) for the destination bucket.", - "type": "string" - } - }, - "required": [ - "ReplicaKmsKeyID" - ], - "type": "object" - }, - "EventBridgeConfiguration": { - "additionalProperties": false, - "description": "Describes the Amazon EventBridge notification configuration for an Amazon S3 bucket.", - "properties": { - "EventBridgeEnabled": { - "default": "true", - "description": "Specifies whether to send notifications to Amazon EventBridge when events occur in an Amazon S3 bucket.", - "type": "boolean" - } - }, - "required": [ - "EventBridgeEnabled" - ], - "type": "object" - }, - "FilterRule": { - "additionalProperties": false, - "description": "Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or prefix of the key name.", - "properties": { - "Name": { - "maxLength": 1024, - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Name" - ], - "type": "object" - }, - "IntelligentTieringConfiguration": { - "additionalProperties": false, - "properties": { - "Id": { - "description": "The ID used to identify the S3 Intelligent-Tiering configuration.", - "type": "string" - }, - "Prefix": { - "description": "An object key name prefix that identifies the subset of objects to which the rule applies.", - "type": "string" - }, - "Status": { - "description": "Specifies the status of the configuration.", - "enum": [ - "Disabled", - "Enabled" - ], - "type": "string" - }, - "TagFilters": { - "description": "A container for a key-value pair.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/TagFilter" - }, - "type": "array", - "uniqueItems": true - }, - "Tierings": { - "description": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/Tiering" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "Id", - "Status", - "Tierings" - ], - "type": "object" - }, - "InventoryConfiguration": { - "additionalProperties": false, - "properties": { - "Destination": { - "$ref": "#/definitions/Destination" - }, - "Enabled": { - "description": "Specifies whether the inventory is enabled or disabled.", - "type": "boolean" - }, - "Id": { - "description": "The ID used to identify the inventory configuration.", - "type": "string" - }, - "IncludedObjectVersions": { - "description": "Object versions to include in the inventory list.", - "enum": [ - "All", - "Current" - ], - "type": "string" - }, - "OptionalFields": { - "description": "Contains the optional fields that are included in the inventory results.", - "insertionOrder": true, - "items": { - "enum": [ - "Size", - "LastModifiedDate", - "StorageClass", - "ETag", - "IsMultipartUploaded", - "ReplicationStatus", - "EncryptionStatus", - "ObjectLockRetainUntilDate", - "ObjectLockMode", - "ObjectLockLegalHoldStatus", - "IntelligentTieringAccessTier", - "BucketKeyStatus", - "ChecksumAlgorithm" - ], - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Prefix": { - "description": "The prefix that is prepended to all inventory results.", - "type": "string" - }, - "ScheduleFrequency": { - "description": "Specifies the schedule for generating inventory results.", - "enum": [ - "Daily", - "Weekly" - ], - "type": "string" - } - }, - "required": [ - "Destination", - "Enabled", - "Id", - "IncludedObjectVersions", - "ScheduleFrequency" - ], - "type": "object" - }, - "LambdaConfiguration": { - "additionalProperties": false, - "description": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", - "properties": { - "Event": { - "description": "The Amazon S3 bucket event for which to invoke the AWS Lambda function.", - "type": "string" - }, - "Filter": { - "$ref": "#/definitions/NotificationFilter", - "description": "The filtering rules that determine which objects invoke the AWS Lambda function." - }, - "Function": { - "description": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", - "type": "string" - } - }, - "required": [ - "Function", - "Event" - ], - "type": "object" - }, - "LifecycleConfiguration": { - "additionalProperties": false, - "properties": { - "Rules": { - "description": "A lifecycle rule for individual objects in an Amazon S3 bucket.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/Rule" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "LoggingConfiguration": { - "additionalProperties": false, - "properties": { - "DestinationBucketName": { - "description": "The name of an Amazon S3 bucket where Amazon S3 store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the LoggingConfiguration property is defined.", - "type": "string" - }, - "LogFilePrefix": { - "type": "string" - }, - "TargetObjectKeyFormat": { - "$ref": "#/definitions/TargetObjectKeyFormat" - } - }, - "type": "object" - }, - "Metrics": { - "additionalProperties": false, - "properties": { - "EventThreshold": { - "$ref": "#/definitions/ReplicationTimeValue" - }, - "Status": { - "enum": [ - "Disabled", - "Enabled" - ], - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "MetricsConfiguration": { - "additionalProperties": false, - "properties": { - "AccessPointArn": { - "type": "string" - }, - "Id": { - "type": "string" - }, - "Prefix": { - "type": "string" - }, - "TagFilters": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/TagFilter" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "Id" - ], - "type": "object" - }, - "NoncurrentVersionExpiration": { - "additionalProperties": false, - "description": "Container for the expiration rule that describes when noncurrent objects are expired. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 expire noncurrent object versions at a specific period in the object's lifetime", - "properties": { - "NewerNoncurrentVersions": { - "description": "Specified the number of newer noncurrent and current versions that must exists before performing the associated action", - "type": "integer" - }, - "NoncurrentDays": { - "description": "Specified the number of days an object is noncurrent before Amazon S3 can perform the associated action", - "type": "integer" - } - }, - "required": [ - "NoncurrentDays" - ], - "type": "object" - }, - "NoncurrentVersionTransition": { - "additionalProperties": false, - "description": "Container for the transition rule that describes when noncurrent objects transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's lifetime.", - "properties": { - "NewerNoncurrentVersions": { - "description": "Specified the number of newer noncurrent and current versions that must exists before performing the associated action", - "type": "integer" - }, - "StorageClass": { - "description": "The class of storage used to store the object.", - "enum": [ - "DEEP_ARCHIVE", - "GLACIER", - "Glacier", - "GLACIER_IR", - "INTELLIGENT_TIERING", - "ONEZONE_IA", - "STANDARD_IA" - ], - "type": "string" - }, - "TransitionInDays": { - "description": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action.", - "type": "integer" - } - }, - "required": [ - "StorageClass", - "TransitionInDays" - ], - "type": "object" - }, - "NotificationConfiguration": { - "additionalProperties": false, - "description": "Describes the notification configuration for an Amazon S3 bucket.", - "properties": { - "EventBridgeConfiguration": { - "$ref": "#/definitions/EventBridgeConfiguration" - }, - "LambdaConfigurations": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/LambdaConfiguration" - }, - "type": "array", - "uniqueItems": true - }, - "QueueConfigurations": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/QueueConfiguration" - }, - "type": "array", - "uniqueItems": true - }, - "TopicConfigurations": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/TopicConfiguration" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "NotificationFilter": { - "additionalProperties": false, - "description": "Specifies object key name filtering rules.", - "properties": { - "S3Key": { - "$ref": "#/definitions/S3KeyFilter" - } - }, - "required": [ - "S3Key" - ], - "type": "object" - }, - "ObjectLockConfiguration": { - "additionalProperties": false, - "properties": { - "ObjectLockEnabled": { - "const": "Enabled", - "type": "string" - }, - "Rule": { - "$ref": "#/definitions/ObjectLockRule" - } - }, - "type": "object" - }, - "ObjectLockRule": { - "additionalProperties": false, - "description": "The Object Lock rule in place for the specified object.", - "properties": { - "DefaultRetention": { - "$ref": "#/definitions/DefaultRetention" - } - }, - "type": "object" - }, - "OwnershipControls": { - "additionalProperties": false, - "properties": { - "Rules": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/OwnershipControlsRule" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "OwnershipControlsRule": { - "additionalProperties": false, - "properties": { - "ObjectOwnership": { - "description": "Specifies an object ownership rule.", - "enum": [ - "ObjectWriter", - "BucketOwnerPreferred", - "BucketOwnerEnforced" - ], - "type": "string" - } - }, - "type": "object" - }, - "PartitionedPrefix": { - "additionalProperties": false, - "description": "This format appends a time based prefix to the given log file prefix for delivering server access log file.", - "properties": { - "PartitionDateSource": { - "description": "Date Source for creating a partitioned prefix. This can be event time or delivery time.", - "enum": [ - "EventTime", - "DeliveryTime" - ], - "type": "string" - } - }, - "type": "object" - }, - "PublicAccessBlockConfiguration": { - "additionalProperties": false, - "description": "Configuration that defines how Amazon S3 handles public access.", - "properties": { - "BlockPublicAcls": { - "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to TRUE causes the following behavior:\n- PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n - PUT Object calls fail if the request includes a public ACL.\nEnabling this setting doesn't affect existing policies or ACLs.", - "type": "boolean" - }, - "BlockPublicPolicy": { - "description": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\nEnabling this setting doesn't affect existing bucket policies.", - "type": "boolean" - }, - "IgnorePublicAcls": { - "description": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", - "type": "boolean" - }, - "RestrictPublicBuckets": { - "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", - "type": "boolean" - } - }, - "type": "object" - }, - "QueueConfiguration": { - "additionalProperties": false, - "description": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", - "properties": { - "Event": { - "description": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS.", - "type": "string" - }, - "Filter": { - "$ref": "#/definitions/NotificationFilter", - "description": "The filtering rules that determine which objects trigger notifications." - }, - "Queue": { - "description": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type.", - "type": "string" - } - }, - "required": [ - "Event", - "Queue" - ], - "type": "object" - }, - "RedirectAllRequestsTo": { - "additionalProperties": false, - "dependentExcluded": { - "RedirectAllRequestsTo": [ - "ErrorDocument", - "IndexDocument", - "RoutingRules" - ] - }, - "description": "Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.", - "properties": { - "HostName": { - "description": "Name of the host where requests are redirected.", - "type": "string" - }, - "Protocol": { - "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "enum": [ - "http", - "https" - ], - "type": "string" - } - }, - "required": [ - "HostName" - ], - "type": "object" - }, - "RedirectRule": { - "additionalProperties": false, - "description": "Specifies how requests are redirected. In the event of an error, you can specify a different error code to return.", - "properties": { - "HostName": { - "description": "The host name to use in the redirect request.", - "type": "string" - }, - "HttpRedirectCode": { - "description": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", - "type": "string" - }, - "Protocol": { - "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", - "enum": [ - "http", - "https" - ], - "type": "string" - }, - "ReplaceKeyPrefixWith": { - "description": "The object key prefix to use in the redirect request.", - "type": "string" - }, - "ReplaceKeyWith": { - "description": "The specific object key to use in the redirect request.d", - "type": "string" - } - }, - "type": "object" - }, - "ReplicaModifications": { - "additionalProperties": false, - "properties": { - "Status": { - "description": "Specifies whether Amazon S3 replicates modifications on replicas.", - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "ReplicationConfiguration": { - "additionalProperties": false, - "description": "A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB.", - "properties": { - "Role": { - "awsType": "IamRoleArn", - "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects.", - "type": "string" - }, - "Rules": { - "description": "A container for one or more replication rules.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/ReplicationRule", - "maxLength": 1000, - "minLength": 1 - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "Role", - "Rules" - ], - "type": "object" - }, - "ReplicationDestination": { - "additionalProperties": false, - "description": "Specifies which Amazon S3 bucket to store replicated objects in and their storage class.", - "properties": { - "AccessControlTranslation": { - "$ref": "#/definitions/AccessControlTranslation" - }, - "Account": { - "type": "string" - }, - "Bucket": { - "type": "string" - }, - "EncryptionConfiguration": { - "$ref": "#/definitions/EncryptionConfiguration" - }, - "Metrics": { - "$ref": "#/definitions/Metrics" - }, - "ReplicationTime": { - "$ref": "#/definitions/ReplicationTime" - }, - "StorageClass": { - "description": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy.", - "enum": [ - "DEEP_ARCHIVE", - "GLACIER", - "GLACIER_IR", - "INTELLIGENT_TIERING", - "ONEZONE_IA", - "REDUCED_REDUNDANCY", - "STANDARD", - "STANDARD_IA" - ], - "type": "string" - } - }, - "required": [ - "Bucket" - ], - "type": "object" - }, - "ReplicationRule": { - "additionalProperties": false, - "description": "Specifies which Amazon S3 objects to replicate and where to store the replicas.", - "properties": { - "DeleteMarkerReplication": { - "$ref": "#/definitions/DeleteMarkerReplication" - }, - "Destination": { - "$ref": "#/definitions/ReplicationDestination" - }, - "Filter": { - "$ref": "#/definitions/ReplicationRuleFilter" - }, - "Id": { - "description": "A unique identifier for the rule.", - "maxLength": 255, - "type": "string" - }, - "Prefix": { - "description": "An object key name prefix that identifies the object or objects to which the rule applies.", - "maxLength": 1024, - "type": "string" - }, - "Priority": { - "type": "integer" - }, - "SourceSelectionCriteria": { - "$ref": "#/definitions/SourceSelectionCriteria" - }, - "Status": { - "description": "Specifies whether the rule is enabled.", - "enum": [ - "Disabled", - "Enabled" - ], - "type": "string" - } - }, - "required": [ - "Destination", - "Status" - ], - "type": "object" - }, - "ReplicationRuleAndOperator": { - "additionalProperties": false, - "properties": { - "Prefix": { - "type": "string" - }, - "TagFilters": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/TagFilter" - }, - "type": "array", - "uniqueItems": true - } - }, - "type": "object" - }, - "ReplicationRuleFilter": { - "additionalProperties": false, - "properties": { - "And": { - "$ref": "#/definitions/ReplicationRuleAndOperator" - }, - "Prefix": { - "type": "string" - }, - "TagFilter": { - "$ref": "#/definitions/TagFilter" - } - }, - "type": "object" - }, - "ReplicationTime": { - "additionalProperties": false, - "properties": { - "Status": { - "enum": [ - "Disabled", - "Enabled" - ], - "type": "string" - }, - "Time": { - "$ref": "#/definitions/ReplicationTimeValue" - } - }, - "required": [ - "Status", - "Time" - ], - "type": "object" - }, - "ReplicationTimeValue": { - "additionalProperties": false, - "properties": { - "Minutes": { - "type": "integer" - } - }, - "required": [ - "Minutes" - ], - "type": "object" - }, - "RoutingRule": { - "additionalProperties": false, - "description": "Specifies the redirect behavior and when a redirect is applied.", - "properties": { - "RedirectRule": { - "$ref": "#/definitions/RedirectRule", - "description": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return." - }, - "RoutingRuleCondition": { - "$ref": "#/definitions/RoutingRuleCondition" - } - }, - "required": [ - "RedirectRule" - ], - "type": "object" - }, - "RoutingRuleCondition": { - "additionalProperties": false, - "description": "A container for describing a condition that must be met for the specified redirect to apply.You must specify at least one of HttpErrorCodeReturnedEquals and KeyPrefixEquals", - "properties": { - "HttpErrorCodeReturnedEquals": { - "description": "The HTTP error code when the redirect is applied. ", - "type": "string" - }, - "KeyPrefixEquals": { - "description": "The object key name prefix when the redirect is applied.", - "type": "string" - } - }, - "requiredOr": [ - "HttpErrorCodeReturnedEquals", - "KeyPrefixEquals" - ], - "type": "object" - }, - "Rule": { - "additionalProperties": false, - "description": "You must specify at least one of the following properties: AbortIncompleteMultipartUpload, ExpirationDate, ExpirationInDays, NoncurrentVersionExpirationInDays, NoncurrentVersionTransition, NoncurrentVersionTransitions, Transition, or Transitions.", - "properties": { - "AbortIncompleteMultipartUpload": { - "$ref": "#/definitions/AbortIncompleteMultipartUpload" - }, - "ExpirationDate": { - "$ref": "#/definitions/iso8601UTC" - }, - "ExpirationInDays": { - "type": "integer" - }, - "ExpiredObjectDeleteMarker": { - "type": "boolean" - }, - "Id": { - "maxLength": 255, - "type": "string" - }, - "NoncurrentVersionExpiration": { - "$ref": "#/definitions/NoncurrentVersionExpiration" - }, - "NoncurrentVersionExpirationInDays": { - "type": "integer" - }, - "NoncurrentVersionTransition": { - "$ref": "#/definitions/NoncurrentVersionTransition" - }, - "NoncurrentVersionTransitions": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/NoncurrentVersionTransition" - }, - "type": "array", - "uniqueItems": true - }, - "ObjectSizeGreaterThan": { - "maxLength": 20, - "pattern": "[0-9]+", - "type": "string" - }, - "ObjectSizeLessThan": { - "maxLength": 20, - "pattern": "[0-9]+", - "type": "string" - }, - "Prefix": { - "type": "string" - }, - "Status": { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - "TagFilters": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/TagFilter" - }, - "type": "array", - "uniqueItems": true - }, - "Transition": { - "$ref": "#/definitions/Transition" - }, - "Transitions": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/Transition" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "S3KeyFilter": { - "additionalProperties": false, - "description": "A container for object key name prefix and suffix filtering rules.", - "properties": { - "Rules": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/FilterRule" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "Rules" - ], - "type": "object" - }, - "ServerSideEncryptionByDefault": { - "additionalProperties": false, - "description": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", - "properties": { - "KMSMasterKeyID": { - "description": "\"KMSMasterKeyID\" can only be used when you set the value of SSEAlgorithm as aws:kms or aws:kms:dsse.", - "type": "string" - }, - "SSEAlgorithm": { - "enum": [ - "aws:kms", - "AES256", - "aws:kms:dsse" - ], - "type": "string" - } - }, - "required": [ - "SSEAlgorithm" - ], - "type": "object" - }, - "ServerSideEncryptionRule": { - "additionalProperties": false, - "description": "Specifies the default server-side encryption configuration.", - "properties": { - "BucketKeyEnabled": { - "description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the BucketKeyEnabled element to true causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.", - "type": "boolean" - }, - "ServerSideEncryptionByDefault": { - "$ref": "#/definitions/ServerSideEncryptionByDefault" - } - }, - "type": "object" - }, - "SourceSelectionCriteria": { - "additionalProperties": false, - "description": "A container that describes additional filters for identifying the source objects that you want to replicate.", - "properties": { - "ReplicaModifications": { - "$ref": "#/definitions/ReplicaModifications", - "description": "A filter that you can specify for selection for modifications on replicas." - }, - "SseKmsEncryptedObjects": { - "$ref": "#/definitions/SseKmsEncryptedObjects", - "description": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS." - } - }, - "type": "object" - }, - "SseKmsEncryptedObjects": { - "additionalProperties": false, - "description": "A container for filter information for the selection of S3 objects encrypted with AWS KMS.", - "properties": { - "Status": { - "description": "Specifies whether Amazon S3 replicates objects created with server-side encryption using a customer master key (CMK) stored in AWS Key Management Service.", - "enum": [ - "Disabled", - "Enabled" - ], - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "StorageClassAnalysis": { - "additionalProperties": false, - "description": "Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.", - "properties": { - "DataExport": { - "$ref": "#/definitions/DataExport" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 256, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "TagFilter": { - "additionalProperties": false, - "description": "Tags to use to identify a subset of objects for an Amazon S3 bucket.", - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "TargetObjectKeyFormat": { - "description": "Describes the key format for server access log file in the target bucket. You can choose between SimplePrefix and PartitionedPrefix.", - "oneOf": [ - { - "additionalProperties": false, - "properties": { - "SimplePrefix": { - "additionalProperties": false, - "description": "This format defaults the prefix to the given log file prefix for delivering server access log file.", - "type": "object" - } - }, - "required": [ - "SimplePrefix" - ] - }, - { - "additionalProperties": false, - "properties": { - "PartitionedPrefix": { - "$ref": "#/definitions/PartitionedPrefix" - } - }, - "required": [ - "PartitionedPrefix" - ] - } - ], - "type": "object" - }, - "Tiering": { - "additionalProperties": false, - "properties": { - "AccessTier": { - "description": "S3 Intelligent-Tiering access tier. See Storage class for automatically optimizing frequently and infrequently accessed objects for a list of access tiers in the S3 Intelligent-Tiering storage class.", - "enum": [ - "ARCHIVE_ACCESS", - "DEEP_ARCHIVE_ACCESS" - ], - "type": "string" - }, - "Days": { - "description": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", - "type": "integer" - } - }, - "required": [ - "AccessTier", - "Days" - ], - "type": "object" - }, - "TopicConfiguration": { - "additionalProperties": false, - "description": "The topic to which notifications are sent and the events for which notifications are generated.", - "properties": { - "Event": { - "description": "The Amazon S3 bucket event about which to send notifications.", - "type": "string" - }, - "Filter": { - "$ref": "#/definitions/NotificationFilter", - "description": "The filtering rules that determine for which objects to send notifications." - }, - "Topic": { - "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", - "type": "string" - } - }, - "required": [ - "Event", - "Topic" - ], - "type": "object" - }, - "Transition": { - "additionalProperties": false, - "description": "You must specify at least one of \"TransitionDate\" and \"TransitionInDays\"", - "properties": { - "StorageClass": { - "enum": [ - "DEEP_ARCHIVE", - "GLACIER", - "Glacier", - "GLACIER_IR", - "INTELLIGENT_TIERING", - "ONEZONE_IA", - "STANDARD_IA" - ], - "type": "string" - }, - "TransitionDate": { - "$ref": "#/definitions/iso8601UTC" - }, - "TransitionInDays": { - "type": "integer" - } - }, - "required": [ - "StorageClass" - ], - "type": "object" - }, - "VersioningConfiguration": { - "additionalProperties": false, - "description": "Describes the versioning state of an Amazon S3 bucket.", - "properties": { - "Status": { - "default": "Suspended", - "description": "The versioning state of the bucket.", - "enum": [ - "Enabled", - "Suspended" - ], - "type": "string" - } - }, - "required": [ - "Status" - ], - "type": "object" - }, - "WebsiteConfiguration": { - "additionalProperties": false, - "description": "Specifies website configuration parameters for an Amazon S3 bucket.", - "properties": { - "ErrorDocument": { - "description": "The name of the error document for the website.", - "type": "string" - }, - "IndexDocument": { - "description": "The name of the index document for the website.", - "type": "string" - }, - "RedirectAllRequestsTo": { - "$ref": "#/definitions/RedirectAllRequestsTo" - }, - "RoutingRules": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/RoutingRule" - }, - "type": "array" - } - }, - "type": "object" - }, - "iso8601UTC": { - "description": "The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)", - "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", - "type": "string" - } - }, - "description": "Resource Type definition for AWS::S3::Bucket", - "handlers": { - "create": { - "permissions": [ - "s3:CreateBucket", - "s3:PutBucketTagging", - "s3:PutAnalyticsConfiguration", - "s3:PutEncryptionConfiguration", - "s3:PutBucketCORS", - "s3:PutInventoryConfiguration", - "s3:PutLifecycleConfiguration", - "s3:PutMetricsConfiguration", - "s3:PutBucketNotification", - "s3:PutBucketReplication", - "s3:PutBucketWebsite", - "s3:PutAccelerateConfiguration", - "s3:PutBucketPublicAccessBlock", - "s3:PutReplicationConfiguration", - "s3:PutObjectAcl", - "s3:PutBucketObjectLockConfiguration", - "s3:GetBucketAcl", - "s3:ListBucket", - "iam:PassRole", - "s3:DeleteObject", - "s3:PutBucketLogging", - "s3:PutBucketVersioning", - "s3:PutObjectLockConfiguration", - "s3:PutBucketOwnershipControls", - "s3:PutIntelligentTieringConfiguration" - ] - }, - "delete": { - "permissions": [ - "s3:DeleteBucket", - "s3:ListBucket" - ] - }, - "list": { - "permissions": [ - "s3:ListAllMyBuckets" - ] - }, - "read": { - "permissions": [ - "s3:GetAccelerateConfiguration", - "s3:GetLifecycleConfiguration", - "s3:GetBucketPublicAccessBlock", - "s3:GetAnalyticsConfiguration", - "s3:GetBucketCORS", - "s3:GetEncryptionConfiguration", - "s3:GetInventoryConfiguration", - "s3:GetBucketLogging", - "s3:GetMetricsConfiguration", - "s3:GetBucketNotification", - "s3:GetBucketVersioning", - "s3:GetReplicationConfiguration", - "S3:GetBucketWebsite", - "s3:GetBucketPublicAccessBlock", - "s3:GetBucketObjectLockConfiguration", - "s3:GetBucketTagging", - "s3:GetBucketOwnershipControls", - "s3:GetIntelligentTieringConfiguration", - "s3:ListBucket" - ] - }, - "update": { - "permissions": [ - "s3:PutBucketAcl", - "s3:PutBucketTagging", - "s3:PutAnalyticsConfiguration", - "s3:PutEncryptionConfiguration", - "s3:PutBucketCORS", - "s3:PutInventoryConfiguration", - "s3:PutLifecycleConfiguration", - "s3:PutMetricsConfiguration", - "s3:PutBucketNotification", - "s3:PutBucketReplication", - "s3:PutBucketWebsite", - "s3:PutAccelerateConfiguration", - "s3:PutBucketPublicAccessBlock", - "s3:PutReplicationConfiguration", - "s3:PutBucketOwnershipControls", - "s3:PutIntelligentTieringConfiguration", - "s3:DeleteBucketWebsite", - "s3:PutBucketLogging", - "s3:PutBucketVersioning", - "s3:PutObjectLockConfiguration", - "s3:PutBucketObjectLockConfiguration", - "s3:DeleteBucketAnalyticsConfiguration", - "s3:DeleteBucketCors", - "s3:DeleteBucketMetricsConfiguration", - "s3:DeleteBucketEncryption", - "s3:DeleteBucketLifecycle", - "s3:DeleteBucketReplication", - "iam:PassRole", - "s3:ListBucket" - ] - } - }, - "primaryIdentifier": [ - "/properties/BucketName" - ], - "properties": { - "AccelerateConfiguration": { - "$ref": "#/definitions/AccelerateConfiguration", - "description": "Configuration for the transfer acceleration state." - }, - "AccessControl": { - "description": "A canned access control list (ACL) that grants predefined permissions to the bucket.", - "enum": [ - "AuthenticatedRead", - "AwsExecRead", - "BucketOwnerFullControl", - "BucketOwnerRead", - "LogDeliveryWrite", - "Private", - "PublicRead", - "PublicReadWrite" - ], - "type": "string" - }, - "AnalyticsConfigurations": { - "description": "The configuration and any analyses for the analytics filter of an Amazon S3 bucket.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/AnalyticsConfiguration" - }, - "type": "array", - "uniqueItems": true - }, - "Arn": { - "$ref": "#/definitions/Arn", - "description": "The Amazon Resource Name (ARN) of the specified bucket.", - "examples": [ - "arn:aws:s3:::mybucket" - ] - }, - "BucketEncryption": { - "$ref": "#/definitions/BucketEncryption" - }, - "BucketName": { - "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.", - "maxLength": 63, - "minLength": 3, - "pattern": "^[a-z0-9][a-z0-9.-]*[a-z0-9]$", - "type": "string" - }, - "CorsConfiguration": { - "$ref": "#/definitions/CorsConfiguration", - "description": "Rules that define cross-origin resource sharing of objects in this bucket." - }, - "DomainName": { - "description": "The IPv4 DNS name of the specified bucket.", - "examples": [ - "mystack-mybucket-kdwwxmddtr2g.s3.amazonaws.com" - ], - "type": "string" - }, - "DualStackDomainName": { - "description": "The IPv6 DNS name of the specified bucket. For more information about dual-stack endpoints, see [Using Amazon S3 Dual-Stack Endpoints](https://docs.aws.amazon.com/AmazonS3/latest/dev/dual-stack-endpoints.html).", - "examples": [ - "mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com" - ], - "type": "string" - }, - "IntelligentTieringConfigurations": { - "description": "Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/IntelligentTieringConfiguration" - }, - "type": "array", - "uniqueItems": true - }, - "InventoryConfigurations": { - "description": "The inventory configuration for an Amazon S3 bucket.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/InventoryConfiguration" - }, - "type": "array", - "uniqueItems": true - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/LifecycleConfiguration", - "description": "Rules that define how Amazon S3 manages objects during their lifetime." - }, - "LoggingConfiguration": { - "$ref": "#/definitions/LoggingConfiguration", - "description": "Settings that define where logs are stored." - }, - "MetricsConfigurations": { - "description": "Settings that define a metrics configuration for the CloudWatch request metrics from the bucket.", - "insertionOrder": true, - "items": { - "$ref": "#/definitions/MetricsConfiguration" - }, - "type": "array", - "uniqueItems": true - }, - "NotificationConfiguration": { - "$ref": "#/definitions/NotificationConfiguration", - "description": "Configuration that defines how Amazon S3 handles bucket notifications." - }, - "ObjectLockConfiguration": { - "$ref": "#/definitions/ObjectLockConfiguration", - "description": "Places an Object Lock configuration on the specified bucket." - }, - "ObjectLockEnabled": { - "description": "Indicates whether this bucket has an Object Lock configuration enabled.", - "type": "boolean" - }, - "OwnershipControls": { - "$ref": "#/definitions/OwnershipControls", - "description": "Specifies the container element for object ownership rules." - }, - "PublicAccessBlockConfiguration": { - "$ref": "#/definitions/PublicAccessBlockConfiguration" - }, - "RegionalDomainName": { - "description": "Returns the regional domain name of the specified bucket.", - "examples": [ - "mystack-mybucket-kdwwxmddtr2g.s3.us-east-2.amazonaws.com" - ], - "type": "string" - }, - "ReplicationConfiguration": { - "$ref": "#/definitions/ReplicationConfiguration", - "description": "Configuration for replicating objects in an S3 bucket." - }, - "Tags": { - "description": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VersioningConfiguration": { - "$ref": "#/definitions/VersioningConfiguration" - }, - "WebsiteConfiguration": { - "$ref": "#/definitions/WebsiteConfiguration" - }, - "WebsiteURL": { - "description": "The Amazon S3 website endpoint for the specified bucket.", - "examples": [ - "Example (IPv4): http://mystack-mybucket-kdwwxmddtr2g.s3-website-us-east-2.amazonaws.com/", - "Example (IPv6): http://mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com/" - ], - "format": "uri", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Arn", - "/properties/DomainName", - "/properties/DualStackDomainName", - "/properties/RegionalDomainName", - "/properties/WebsiteURL" - ], - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::S3::Bucket", - "writeOnlyProperties": [ - "/properties/AccessControl", - "/properties/LifecycleConfiguration/Rules/*/NoncurrentVersionExpirationInDays", - "/properties/LifecycleConfiguration/Rules/*/NoncurrentVersionTransition", - "/properties/LifecycleConfiguration/Rules/*/Transition", - "/properties/ReplicationConfiguration/Rules/*/Prefix", - "/properties/LifecycleConfiguration/Rules/*/ExpiredObjectDeleteMarker" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-appimageconfig.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-appimageconfig.json deleted file mode 100644 index f15ffe6f0e..0000000000 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-appimageconfig.json +++ /dev/null @@ -1,261 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/AppImageConfigName", - "/properties/Tags" - ], - "definitions": { - "ContainerConfig": { - "additionalProperties": false, - "description": "The container configuration for a SageMaker image.", - "properties": { - "ContainerArguments": { - "description": "A list of arguments to apply to the container.", - "items": { - "$ref": "#/definitions/CustomImageContainerArguments" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEntrypoint": { - "description": "The custom entry point to use on container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEntrypoint" - }, - "maxItems": 1, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEnvironmentVariables": { - "description": "A list of variables to apply to the custom container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEnvironmentVariable" - }, - "maxItems": 25, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "CustomImageContainerArguments": { - "description": "The container image arguments", - "maxLength": 64, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEntrypoint": { - "description": "The container entry point", - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "Value": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "FileSystemConfig": { - "additionalProperties": false, - "description": "The Amazon Elastic File System (EFS) storage configuration for a SageMaker image.", - "properties": { - "DefaultGid": { - "description": "The default POSIX group ID (GID). If not specified, defaults to 100.", - "maximum": 65535, - "minimum": 0, - "type": "integer" - }, - "DefaultUid": { - "description": "The default POSIX user ID (UID). If not specified, defaults to 1000.", - "maximum": 65535, - "minimum": 0, - "type": "integer" - }, - "MountPath": { - "description": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to /home/sagemaker-user.", - "maxLength": 1024, - "minLength": 1, - "pattern": "^/.*", - "type": "string" - } - }, - "type": "object" - }, - "JupyterLabAppImageConfig": { - "additionalProperties": false, - "description": "The configuration for the file system and kernels in a SageMaker image running as a JupyterLab app.", - "properties": { - "ContainerConfig": { - "$ref": "#/definitions/ContainerConfig", - "description": "The container configuration for a SageMaker image." - } - }, - "type": "object" - }, - "KernelGatewayImageConfig": { - "additionalProperties": false, - "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app.", - "properties": { - "FileSystemConfig": { - "$ref": "#/definitions/FileSystemConfig", - "description": "The Amazon Elastic File System (EFS) storage configuration for a SageMaker image." - }, - "KernelSpecs": { - "description": "The specification of the Jupyter kernels in the image.", - "items": { - "$ref": "#/definitions/KernelSpec" - }, - "maxItems": 1, - "minItems": 1, - "type": "array" - } - }, - "required": [ - "KernelSpecs" - ], - "type": "object" - }, - "KernelSpec": { - "additionalProperties": false, - "properties": { - "DisplayName": { - "description": "The display name of the kernel.", - "maxLength": 1024, - "minLength": 1, - "type": "string" - }, - "Name": { - "description": "The name of the kernel.", - "maxLength": 1024, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Name" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 128, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::SageMaker::AppImageConfig", - "handlers": { - "create": { - "permissions": [ - "sagemaker:CreateAppImageConfig", - "sagemaker:DescribeAppImageConfig" - ] - }, - "delete": { - "permissions": [ - "sagemaker:DeleteAppImageConfig", - "sagemaker:DescribeAppImageConfig" - ] - }, - "list": { - "permissions": [ - "sagemaker:ListAppImageConfigs" - ] - }, - "read": { - "permissions": [ - "sagemaker:DescribeAppImageConfig" - ] - }, - "update": { - "permissions": [ - "sagemaker:UpdateAppImageConfig", - "sagemaker:DescribeAppImageConfig" - ] - } - }, - "primaryIdentifier": [ - "/properties/AppImageConfigName" - ], - "properties": { - "AppImageConfigArn": { - "description": "The Amazon Resource Name (ARN) of the AppImageConfig.", - "maxLength": 256, - "minLength": 1, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:app-image-config/.*", - "type": "string" - }, - "AppImageConfigName": { - "description": "The Name of the AppImageConfig.", - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/JupyterLabAppImageConfig", - "description": "The JupyterLabAppImageConfig." - }, - "KernelGatewayImageConfig": { - "$ref": "#/definitions/KernelGatewayImageConfig", - "description": "The KernelGatewayImageConfig." - }, - "Tags": { - "description": "A list of tags to apply to the AppImageConfig.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/AppImageConfigArn" - ], - "required": [ - "AppImageConfigName" - ], - "typeName": "AWS::SageMaker::AppImageConfig", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-space.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-space.json deleted file mode 100644 index 8a05d4cb73..0000000000 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-space.json +++ /dev/null @@ -1,465 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/DomainId", - "/properties/SpaceName", - "/properties/SpaceSharingSettings", - "/properties/OwnershipSettings" - ], - "definitions": { - "AppType": { - "enum": [ - "JupyterServer", - "KernelGateway", - "TensorBoard", - "RStudioServerPro", - "RSessionGateway", - "JupyterLab", - "CodeEditor" - ], - "type": "string" - }, - "CodeRepository": { - "additionalProperties": false, - "properties": { - "RepositoryUrl": { - "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension.", - "maxLength": 256, - "pattern": "^https://([.\\-_a-zA-Z0-9]+/?){3,1016}$", - "type": "string" - } - }, - "required": [ - "RepositoryUrl" - ], - "type": "object" - }, - "CustomFileSystem": { - "additionalProperties": false, - "properties": { - "EFSFileSystem": { - "$ref": "#/definitions/EFSFileSystem" - } - }, - "type": "object" - }, - "CustomFileSystems": { - "items": { - "$ref": "#/definitions/CustomFileSystem" - }, - "maxItems": 1, - "minItems": 0, - "type": "array", - "uniqueItems": true - }, - "CustomImage": { - "additionalProperties": false, - "description": "A custom SageMaker image.", - "properties": { - "AppImageConfigName": { - "description": "The Name of the AppImageConfig.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - }, - "ImageName": { - "description": "The name of the CustomImage. Must be unique to your account.", - "maxLength": 63, - "pattern": "^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$", - "type": "string" - }, - "ImageVersionNumber": { - "description": "The version number of the CustomImage.", - "minimum": 0, - "type": "integer" - } - }, - "required": [ - "AppImageConfigName", - "ImageName" - ], - "type": "object" - }, - "EFSFileSystem": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "maxLength": 21, - "minLength": 11, - "pattern": "^(fs-[0-9a-f]{8,})$", - "type": "string" - } - }, - "required": [ - "FileSystemId" - ], - "type": "object" - }, - "EbsStorageSettings": { - "additionalProperties": false, - "description": "Properties related to the space's Amazon Elastic Block Store volume.", - "properties": { - "EbsVolumeSizeInGb": { - "$ref": "#/definitions/SpaceEbsVolumeSizeInGb", - "description": "Size of the Amazon EBS volume in Gb" - } - }, - "required": [ - "EbsVolumeSizeInGb" - ], - "type": "object" - }, - "JupyterServerAppSettings": { - "additionalProperties": false, - "description": "The JupyterServer app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "KernelGatewayAppSettings": { - "additionalProperties": false, - "description": "The kernel gateway app settings.", - "properties": { - "CustomImages": { - "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", - "items": { - "$ref": "#/definitions/CustomImage" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec", - "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app." - } - }, - "type": "object" - }, - "OwnershipSettings": { - "additionalProperties": false, - "properties": { - "OwnerUserProfileName": { - "maxLength": 63, - "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", - "type": "string" - } - }, - "required": [ - "OwnerUserProfileName" - ], - "type": "object" - }, - "ResourceSpec": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "description": "The instance type that the image version runs on.", - "enum": [ - "system", - "ml.t3.micro", - "ml.t3.small", - "ml.t3.medium", - "ml.t3.large", - "ml.t3.xlarge", - "ml.t3.2xlarge", - "ml.m5.large", - "ml.m5.xlarge", - "ml.m5.2xlarge", - "ml.m5.4xlarge", - "ml.m5.8xlarge", - "ml.m5.12xlarge", - "ml.m5.16xlarge", - "ml.m5.24xlarge", - "ml.c5.large", - "ml.c5.xlarge", - "ml.c5.2xlarge", - "ml.c5.4xlarge", - "ml.c5.9xlarge", - "ml.c5.12xlarge", - "ml.c5.18xlarge", - "ml.c5.24xlarge", - "ml.p3.2xlarge", - "ml.p3.8xlarge", - "ml.p3.16xlarge", - "ml.g4dn.xlarge", - "ml.g4dn.2xlarge", - "ml.g4dn.4xlarge", - "ml.g4dn.8xlarge", - "ml.g4dn.12xlarge", - "ml.g4dn.16xlarge", - "ml.r5.large", - "ml.r5.xlarge", - "ml.r5.2xlarge", - "ml.r5.4xlarge", - "ml.r5.8xlarge", - "ml.r5.12xlarge", - "ml.r5.16xlarge", - "ml.r5.24xlarge", - "ml.p3dn.24xlarge", - "ml.m5d.large", - "ml.m5d.xlarge", - "ml.m5d.2xlarge", - "ml.m5d.4xlarge", - "ml.m5d.8xlarge", - "ml.m5d.12xlarge", - "ml.m5d.16xlarge", - "ml.m5d.24xlarge", - "ml.g5.xlarge", - "ml.g5.2xlarge", - "ml.g5.4xlarge", - "ml.g5.8xlarge", - "ml.g5.12xlarge", - "ml.g5.16xlarge", - "ml.g5.24xlarge", - "ml.g5.48xlarge", - "ml.p4d.24xlarge", - "ml.p4de.24xlarge", - "ml.geospatial.interactive", - "ml.trn1.2xlarge", - "ml.trn1.32xlarge", - "ml.trn1n.32xlarge" - ], - "type": "string" - }, - "SageMakerImageArn": { - "description": "The ARN of the SageMaker image that the image version belongs to.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image/[a-z0-9]([-.]?[a-z0-9])*$", - "type": "string" - }, - "SageMakerImageVersionArn": { - "description": "The ARN of the image version created on the instance.", - "maxLength": 256, - "pattern": "^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image-version/[a-z0-9]([-.]?[a-z0-9])*/[0-9]+$", - "type": "string" - } - }, - "type": "object" - }, - "SpaceCodeEditorAppSettings": { - "additionalProperties": false, - "description": "The CodeEditor app settings.", - "properties": { - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "SpaceEbsVolumeSizeInGb": { - "maximum": 16384, - "minimum": 5, - "type": "integer" - }, - "SpaceJupyterLabAppSettings": { - "additionalProperties": false, - "description": "The JupyterServer app settings.", - "properties": { - "CodeRepositories": { - "description": "A list of CodeRepositories available for use with JupyterLab apps.", - "items": { - "$ref": "#/definitions/CodeRepository" - }, - "maxItems": 30, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "DefaultResourceSpec": { - "$ref": "#/definitions/ResourceSpec" - } - }, - "type": "object" - }, - "SpaceSettings": { - "additionalProperties": false, - "description": "A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the CreateSpace API is called.", - "properties": { - "AppType": { - "$ref": "#/definitions/AppType" - }, - "CodeEditorAppSettings": { - "$ref": "#/definitions/SpaceCodeEditorAppSettings", - "description": "The CodeEditor app settings." - }, - "CustomFileSystems": { - "$ref": "#/definitions/CustomFileSystems" - }, - "JupyterLabAppSettings": { - "$ref": "#/definitions/SpaceJupyterLabAppSettings", - "description": "The JupyterLab app settings." - }, - "JupyterServerAppSettings": { - "$ref": "#/definitions/JupyterServerAppSettings", - "description": "The Jupyter server's app settings." - }, - "KernelGatewayAppSettings": { - "$ref": "#/definitions/KernelGatewayAppSettings", - "description": "The kernel gateway app settings." - }, - "SpaceStorageSettings": { - "$ref": "#/definitions/SpaceStorageSettings", - "description": "Default storage settings for a space." - } - }, - "type": "object" - }, - "SpaceSharingSettings": { - "additionalProperties": false, - "properties": { - "SharingType": { - "enum": [ - "Private", - "Shared" - ], - "type": "string" - } - }, - "required": [ - "SharingType" - ], - "type": "object" - }, - "SpaceStorageSettings": { - "additionalProperties": false, - "properties": { - "EbsStorageSettings": { - "$ref": "#/definitions/EbsStorageSettings" - } - }, - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 128, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::SageMaker::Space", - "handlers": { - "create": { - "permissions": [ - "sagemaker:CreateSpace", - "sagemaker:DescribeSpace" - ] - }, - "delete": { - "permissions": [ - "sagemaker:DeleteSpace", - "sagemaker:DescribeSpace" - ] - }, - "list": { - "permissions": [ - "sagemaker:ListSpaces" - ] - }, - "read": { - "permissions": [ - "sagemaker:DescribeSpace" - ] - }, - "update": { - "permissions": [ - "sagemaker:UpdateSpace", - "sagemaker:DescribeSpace" - ] - } - }, - "primaryIdentifier": [ - "/properties/DomainId", - "/properties/SpaceName" - ], - "properties": { - "DomainId": { - "description": "The ID of the associated Domain.", - "maxLength": 63, - "minLength": 1, - "type": "string" - }, - "OwnershipSettings": { - "$ref": "#/definitions/OwnershipSettings" - }, - "SpaceArn": { - "description": "The space Amazon Resource Name (ARN).", - "maxLength": 256, - "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:space/.*", - "type": "string" - }, - "SpaceDisplayName": { - "maxLength": 64, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "SpaceName": { - "description": "A name for the Space.", - "maxLength": 63, - "minLength": 1, - "type": "string" - }, - "SpaceSettings": { - "$ref": "#/definitions/SpaceSettings", - "description": "A collection of settings.", - "maxItems": 50, - "minItems": 0, - "uniqueItems": false - }, - "SpaceSharingSettings": { - "$ref": "#/definitions/SpaceSharingSettings" - }, - "Tags": { - "description": "A list of tags to apply to the space.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "Url": { - "maxLength": 1024, - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/SpaceArn", - "/properties/Url" - ], - "required": [ - "DomainId", - "SpaceName" - ], - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::SageMaker::Space", - "writeOnlyProperties": [ - "/properties/SpaceSettings", - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py b/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py index 93a77aff24..d1e3c44834 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py @@ -112,6 +112,7 @@ "AWS::AppMesh::VirtualService", "AWS::S3ObjectLambda::AccessPointPolicy", "AWS::NetworkManager::TransitGatewayRegistration", + "AWS::InspectorV2::Filter", "AWS::ElastiCache::ReplicationGroup", "AWS::StepFunctions::StateMachineAlias", "AWS::Cassandra::Table", @@ -415,13 +416,16 @@ "AWS::IoT::ScheduledAudit", "AWS::NetworkManager::Link", "AWS::SSO::InstanceAccessControlAttributeConfiguration", + "AWS::EC2::VerifiedAccessEndpoint", "AWS::CloudWatch::AnomalyDetector", "AWS::EC2::SubnetNetworkAclAssociation", "AWS::ServiceCatalog::ServiceAction", "AWS::AppStream::Entitlement", "AWS::IAM::UserPolicy", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::SecretsManager::RotationSchedule", + "AWS::EC2::VerifiedAccessInstance", "AWS::Lambda::Permission", "AWS::NetworkFirewall::FirewallPolicy", "AWS::EKS::IdentityProviderConfig", @@ -471,6 +475,7 @@ "AWS::StepFunctions::StateMachine", "AWS::RDS::DBClusterParameterGroup", "AWS::WAF::XssMatchSet", + "AWS::EC2::VerifiedAccessTrustProvider", "AWS::AppMesh::VirtualRouter", "AWS::IoT::CertificateProvider", "AWS::AppStream::DirectoryConfig", @@ -575,6 +580,7 @@ "AWS::Greengrass::ResourceDefinition", "AWS::DMS::ReplicationInstance", "AWS::ServiceCatalog::CloudFormationProduct", + "AWS::EC2::VerifiedAccessGroup", "AWS::EC2::VPCEndpointService", "AWS::IAM::ManagedPolicy", "AWS::EC2::LaunchTemplate", @@ -618,7 +624,6 @@ "aws-s3-accessgrantslocation.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", - "aws-dynamodb-table.json", "aws-ec2-localgatewayroutetablevpcassociation.json", "aws-config-organizationconfigrule.json", "aws-glue-dataqualityruleset.json", @@ -651,6 +656,7 @@ "aws-transfer-server.json", "aws-apigateway-domainname.json", "aws-ecs-primarytaskset.json", + "aws-autoscaling-autoscalinggroup.json", "aws-wafv2-regexpatternset.json", "aws-s3-accessgrantsinstance.json", "aws-route53-recordset.json", @@ -671,6 +677,7 @@ "aws-appstream-appblockbuilder.json", "aws-ec2-vpcendpointconnectionnotification.json", "aws-opsworks-instance.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-cloudformation-moduleversion.json", @@ -690,6 +697,7 @@ "aws-opsworks-elasticloadbalancerattachment.json", "aws-appmesh-virtualservice.json", "aws-s3objectlambda-accesspointpolicy.json", + "aws-inspectorv2-filter.json", "aws-elasticache-replicationgroup.json", "aws-stepfunctions-statemachinealias.json", "aws-cassandra-table.json", @@ -700,11 +708,10 @@ "aws-glue-table.json", "aws-logs-metricfilter.json", "aws-lambda-function.json", + "aws-sns-topic.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", - "aws-sagemaker-app.json", "aws-cloudtrail-trail.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-ssm-document.json", "aws-iam-role.json", @@ -740,7 +747,6 @@ "aws-iot-resourcespecificlogging.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-imagebuilder-distributionconfiguration.json", "aws-identitystore-group.json", "aws-ram-permission.json", @@ -763,7 +769,6 @@ "aws-sagemaker-imageversion.json", "aws-detective-graph.json", "aws-servicecatalog-portfolioshare.json", - "aws-iam-servercertificate.json", "aws-codestarconnections-connection.json", "aws-iot-securityprofile.json", "aws-docdb-eventsubscription.json", @@ -791,7 +796,6 @@ "aws-appstream-application.json", "aws-datasync-locationnfs.json", "aws-kinesisanalyticsv2-applicationoutput.json", - "aws-sagemaker-domain.json", "aws-greengrass-coredefinitionversion.json", "aws-certificatemanager-certificate.json", "aws-glue-schemaversionmetadata.json", @@ -829,7 +833,6 @@ "aws-kinesis-stream.json", "aws-backup-reportplan.json", "aws-batch-jobdefinition.json", - "aws-iam-samlprovider.json", "aws-glue-customentitytype.json", "aws-codedeploy-deploymentconfig.json", "aws-networkmanager-globalnetwork.json", @@ -890,7 +893,6 @@ "aws-appconfig-hostedconfigurationversion.json", "aws-datasync-locationefs.json", "aws-ec2-localgatewayroutetable.json", - "aws-sagemaker-appimageconfig.json", "aws-elasticloadbalancingv2-targetgroup.json", "aws-applicationautoscaling-scalingpolicy.json", "aws-emr-studiosessionmapping.json", @@ -924,13 +926,16 @@ "aws-route53resolver-resolverendpoint.json", "aws-iot-scheduledaudit.json", "aws-sso-instanceaccesscontrolattributeconfiguration.json", + "aws-ec2-verifiedaccessendpoint.json", "aws-cloudwatch-anomalydetector.json", "aws-ec2-subnetnetworkaclassociation.json", "aws-servicecatalog-serviceaction.json", "aws-appstream-entitlement.json", "aws-iam-userpolicy.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-secretsmanager-rotationschedule.json", + "aws-ec2-verifiedaccessinstance.json", "aws-lambda-permission.json", "aws-networkfirewall-firewallpolicy.json", "aws-eks-identityproviderconfig.json", @@ -968,6 +973,7 @@ "aws-stepfunctions-statemachine.json", "aws-rds-dbclusterparametergroup.json", "aws-waf-xssmatchset.json", + "aws-ec2-verifiedaccesstrustprovider.json", "aws-appmesh-virtualrouter.json", "aws-iot-certificateprovider.json", "aws-appstream-directoryconfig.json", @@ -1023,7 +1029,6 @@ "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", "aws-certificatemanager-account.json", - "aws-iam-oidcprovider.json", "aws-servicecatalogappregistry-resourceassociation.json", "aws-resourcegroups-group.json", "aws-cloudformation-resourcedefaultversion.json", @@ -1038,9 +1043,9 @@ "aws-greengrass-resourcedefinition.json", "aws-dms-replicationinstance.json", "aws-servicecatalog-cloudformationproduct.json", + "aws-ec2-verifiedaccessgroup.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-datasync-locationfsxontap.json", "aws-lambda-version.json", "aws-ec2-dhcpoptions.json", @@ -1061,4 +1066,5 @@ "aws-elasticloadbalancingv2-listener.json", "aws-redshift-eventsubscription.json", "aws-cloudformation-waitconditionhandle.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-amazonmq-broker.json index b71851eb27..6027b3416d 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-amazonmq-broker.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-amazonmq-broker.json @@ -230,7 +230,7 @@ "type": "string" }, "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", + "cfnLint": "AWS::AmazonMQ::Broker/Properties/HostInstanceType", "type": "string" }, "Id": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-autoscaling-autoscalinggroup.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-autoscaling-autoscalinggroup.json deleted file mode 100644 index f305da8f45..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-autoscaling-autoscalinggroup.json +++ /dev/null @@ -1,708 +0,0 @@ -{ - "additionalProperties": false, - "conditionalCreateOnlyProperties": [ - "/properties/LaunchConfigurationName", - "/properties/VPCZoneIdentifier", - "/properties/PlacementGroup", - "/properties/LaunchTemplate", - "/properties/MixedInstancesPolicy" - ], - "createOnlyProperties": [ - "/properties/InstanceId", - "/properties/AutoScalingGroupName" - ], - "definitions": { - "AcceleratorCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "AcceleratorTotalMemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "BaselineEbsBandwidthMbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "InstanceMaintenancePolicy": { - "additionalProperties": false, - "dependencies": { - "MaxHealthyPercentage": [ - "MinHealthyPercentage" - ], - "MinHealthyPercentage": [ - "MaxHealthyPercentage" - ] - }, - "properties": { - "MaxHealthyPercentage": { - "type": "integer" - }, - "MinHealthyPercentage": { - "type": "integer" - } - }, - "type": "object" - }, - "InstanceRequirements": { - "additionalProperties": false, - "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AcceleratorCountRequest" - }, - "AcceleratorManufacturers": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AcceleratorNames": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AcceleratorTotalMemoryMiBRequest" - }, - "AcceleratorTypes": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AllowedInstanceTypes": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "BareMetal": { - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/BaselineEbsBandwidthMbpsRequest" - }, - "BurstablePerformance": { - "type": "string" - }, - "CpuManufacturers": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "ExcludedInstanceTypes": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "InstanceGenerations": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "LocalStorage": { - "type": "string" - }, - "LocalStorageTypes": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/MemoryGiBPerVCpuRequest" - }, - "MemoryMiB": { - "$ref": "#/definitions/MemoryMiBRequest" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/NetworkBandwidthGbpsRequest" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/NetworkInterfaceCountRequest" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "type": "integer" - }, - "RequireHibernateSupport": { - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "type": "integer" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/TotalLocalStorageGBRequest" - }, - "VCpuCount": { - "$ref": "#/definitions/VCpuCountRequest" - } - }, - "required": [ - "MemoryMiB", - "VCpuCount" - ], - "type": "object" - }, - "InstancesDistribution": { - "additionalProperties": false, - "properties": { - "OnDemandAllocationStrategy": { - "type": "string" - }, - "OnDemandBaseCapacity": { - "type": "integer" - }, - "OnDemandPercentageAboveBaseCapacity": { - "type": "integer" - }, - "SpotAllocationStrategy": { - "type": "string" - }, - "SpotInstancePools": { - "type": "integer" - }, - "SpotMaxPrice": { - "type": "string" - } - }, - "type": "object" - }, - "LaunchTemplate": { - "additionalProperties": false, - "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/LaunchTemplateSpecification" - }, - "Overrides": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/LaunchTemplateOverrides" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "LaunchTemplateSpecification" - ], - "type": "object" - }, - "LaunchTemplateOverrides": { - "additionalProperties": false, - "properties": { - "InstanceRequirements": { - "$ref": "#/definitions/InstanceRequirements" - }, - "InstanceType": { - "type": "string" - }, - "LaunchTemplateSpecification": { - "$ref": "#/definitions/LaunchTemplateSpecification" - }, - "WeightedCapacity": { - "type": "string" - } - }, - "type": "object" - }, - "LaunchTemplateSpecification": { - "additionalProperties": false, - "properties": { - "LaunchTemplateId": { - "type": "string" - }, - "LaunchTemplateName": { - "type": "string" - }, - "Version": { - "type": "string" - } - }, - "required": [ - "Version" - ], - "requiredXor": [ - "LaunchTemplateID", - "LaunchTemplateName" - ], - "type": "object" - }, - "LifecycleHookSpecification": { - "additionalProperties": false, - "properties": { - "DefaultResult": { - "type": "string" - }, - "HeartbeatTimeout": { - "type": "integer" - }, - "LifecycleHookName": { - "type": "string" - }, - "LifecycleTransition": { - "type": "string" - }, - "NotificationMetadata": { - "type": "string" - }, - "NotificationTargetARN": { - "type": "string" - }, - "RoleARN": { - "type": "string" - } - }, - "required": [ - "LifecycleHookName", - "LifecycleTransition" - ], - "type": "object" - }, - "MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "number" - }, - "Min": { - "type": "number" - } - }, - "type": "object" - }, - "MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "MetricsCollection": { - "additionalProperties": false, - "properties": { - "Granularity": { - "type": "string" - }, - "Metrics": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "Granularity" - ], - "type": "object" - }, - "MixedInstancesPolicy": { - "additionalProperties": false, - "properties": { - "InstancesDistribution": { - "$ref": "#/definitions/InstancesDistribution" - }, - "LaunchTemplate": { - "$ref": "#/definitions/LaunchTemplate" - } - }, - "required": [ - "LaunchTemplate" - ], - "type": "object" - }, - "NetworkBandwidthGbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "number" - }, - "Min": { - "type": "number" - } - }, - "type": "object" - }, - "NetworkInterfaceCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "NotificationConfiguration": { - "additionalProperties": false, - "properties": { - "NotificationTypes": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "TopicARN": { - "items": { - "type": "string" - }, - "type": [ - "string", - "array" - ] - } - }, - "required": [ - "TopicARN" - ], - "type": "object" - }, - "TagProperty": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "PropagateAtLaunch": { - "type": "boolean" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key", - "PropagateAtLaunch" - ], - "type": "object" - }, - "TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "number" - }, - "Min": { - "type": "number" - } - }, - "type": "object" - }, - "VCpuCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - } - }, - "dependentExcluded": { - "InstanceId": [ - "LaunchConfigurationName", - "LaunchTemplate", - "MixedInstancesPolicy" - ], - "LaunchConfigurationName": [ - "InstanceId", - "LaunchTemplate", - "MixedInstancesPolicy" - ], - "LaunchTemplate": [ - "InstanceId", - "LaunchConfigurationName", - "MixedInstancesPolicy" - ], - "MixedInstancesPolicy": [ - "InstanceId", - "LaunchConfigurationName", - "LaunchTemplate" - ] - }, - "deprecatedProperties": [ - "/properties/NotificationConfiguration" - ], - "description": "Resource Type definition for AWS::AutoScaling::AutoScalingGroup", - "handlers": { - "create": { - "permissions": [ - "autoscaling:*", - "cloudwatch:PutMetricAlarm", - "ec2:Describe*", - "ec2:GetInstanceTypesFromInstanceRequirements", - "ec2:RunInstances", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeTargetGroups", - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "managed-fleets:GetAutoScalingGroup", - "managed-fleets:CreateAutoScalingGroup", - "ssm:GetParameters" - ], - "timeoutInMinutes": 360 - }, - "delete": { - "permissions": [ - "autoscaling:*", - "managed-fleets:GetAutoScalingGroup", - "managed-fleets:DeleteAutoScalingGroup" - ], - "timeoutInMinutes": 180 - }, - "list": { - "permissions": [ - "autoscaling:*" - ] - }, - "read": { - "permissions": [ - "autoscaling:*", - "managed-fleets:GetAutoScalingGroup" - ] - }, - "update": { - "permissions": [ - "autoscaling:*", - "cloudwatch:PutMetricAlarm", - "ec2:Describe*", - "ec2:GetInstanceTypesFromInstanceRequirements", - "ec2:RunInstances", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeTargetGroups", - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "managed-fleets:GetAutoScalingGroup", - "managed-fleets:RegisterAutoScalingGroup", - "managed-fleets:DeregisterAutoScalingGroup", - "managed-fleets:UpdateAutoScalingGroup", - "ssm:GetParameters" - ], - "timeoutInMinutes": 660 - } - }, - "primaryIdentifier": [ - "/properties/AutoScalingGroupName" - ], - "properties": { - "AutoScalingGroupName": { - "type": "string" - }, - "AvailabilityZones": { - "awsType": "AvailabilityZones", - "insertionOrder": false, - "items": { - "awsType": "AvailabilityZone", - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "CapacityRebalance": { - "type": "boolean" - }, - "Context": { - "type": "string" - }, - "Cooldown": { - "type": "string" - }, - "DefaultInstanceWarmup": { - "type": "integer" - }, - "DesiredCapacity": { - "pattern": "^[0-9]+$", - "type": "string" - }, - "DesiredCapacityType": { - "type": "string" - }, - "HealthCheckGracePeriod": { - "type": "integer" - }, - "HealthCheckType": { - "enum": [ - "EC2", - "ELB" - ], - "type": "string" - }, - "InstanceId": { - "type": "string" - }, - "InstanceMaintenancePolicy": { - "$ref": "#/definitions/InstanceMaintenancePolicy" - }, - "LaunchConfigurationName": { - "type": "string" - }, - "LaunchTemplate": { - "$ref": "#/definitions/LaunchTemplateSpecification" - }, - "LifecycleHookSpecificationList": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/LifecycleHookSpecification" - }, - "type": "array", - "uniqueItems": false - }, - "LoadBalancerNames": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "MaxInstanceLifetime": { - "type": "integer" - }, - "MaxSize": { - "pattern": "^[0-9]+$", - "type": "string" - }, - "MetricsCollection": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/MetricsCollection" - }, - "type": "array", - "uniqueItems": false - }, - "MinSize": { - "pattern": "^[0-9]+$", - "type": "string" - }, - "MixedInstancesPolicy": { - "$ref": "#/definitions/MixedInstancesPolicy" - }, - "NewInstancesProtectedFromScaleIn": { - "type": "boolean" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/NotificationConfiguration" - }, - "NotificationConfigurations": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/NotificationConfiguration" - }, - "type": "array", - "uniqueItems": false - }, - "PlacementGroup": { - "type": "string" - }, - "ServiceLinkedRoleARN": { - "type": "string" - }, - "Tags": { - "insertionOrder": false, - "items": { - "$ref": "#/definitions/TagProperty" - }, - "type": "array" - }, - "TargetGroupARNs": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "TerminationPolicies": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "VPCZoneIdentifier": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "propertyTransform": { - "/properties/LaunchConfigurationName": "InstanceId? AutoScalingGroupName : LaunchConfigurationName" - }, - "required": [ - "MinSize", - "MaxSize" - ], - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::AutoScaling::AutoScalingGroup", - "writeOnlyProperties": [ - "/properties/InstanceId" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-docdb-dbcluster.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-docdb-dbcluster.json index e4fe252a86..b6ad9fa0c9 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-docdb-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-docdb-dbcluster.json @@ -1,5 +1,8 @@ { "additionalProperties": false, + "cfnLint": [ + "AWS::DocDB::DBCluster/Properties" + ], "createOnlyProperties": [ "/properties/KmsKeyId", "/properties/SnapshotIdentifier", diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-host.json index cff765ea41..0d87691180 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-securitygroupegress.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-securitygroupegress.json index f30a3dd38d..78976b3827 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-securitygroupegress.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-securitygroupegress.json @@ -1,9 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroupEgress/Properties" ], "createOnlyProperties": [ "/properties/IpProtocol", diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-spotfleet.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-spotfleet.json index 1213b39b19..dce5928f25 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-spotfleet.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-spotfleet.json @@ -433,8 +433,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone" ], "type": "string" }, @@ -666,8 +666,8 @@ "type": "string" }, "IamFleetRole": { - "awsType": [ - "IamRoleArn" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole" ], "type": "string" }, @@ -839,8 +839,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-volume.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-volume.json index 6126f7c814..7529e88cce 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-volume.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-ec2-volume.json @@ -27,7 +27,9 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::EC2::Volume/Properties/AvailabilityZone" + ], "type": "string" }, "Encrypted": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-group.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-group.json index 12aba3b316..613533135e 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-group.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-group.json @@ -8,7 +8,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Group/Properties/Policies/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-oidcprovider.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-oidcprovider.json new file mode 100644 index 0000000000..5a24049269 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-oidcprovider.json @@ -0,0 +1,125 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Url" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IAM::OIDCProvider", + "handlers": { + "create": { + "permissions": [ + "iam:CreateOpenIDConnectProvider", + "iam:TagOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider" + ] + }, + "delete": { + "permissions": [ + "iam:DeleteOpenIDConnectProvider" + ] + }, + "list": { + "permissions": [ + "iam:ListOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider" + ] + }, + "read": { + "permissions": [ + "iam:GetOpenIDConnectProvider" + ] + }, + "update": { + "permissions": [ + "iam:UpdateOpenIDConnectProviderThumbprint", + "iam:RemoveClientIDFromOpenIDConnectProvider", + "iam:AddClientIDToOpenIDConnectProvider", + "iam:GetOpenIDConnectProvider", + "iam:TagOpenIDConnectProvider", + "iam:UntagOpenIDConnectProvider", + "iam:ListOpenIDConnectProviderTags" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "description": "Amazon Resource Name (ARN) of the OIDC provider", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ClientIdList": { + "insertionOrder": false, + "items": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "ThumbprintList": { + "insertionOrder": false, + "items": { + "maxLength": 40, + "minLength": 40, + "pattern": "[0-9A-Fa-f]{40}", + "type": "string" + }, + "maxItems": 5, + "type": "array" + }, + "Url": { + "maxLength": 255, + "minLength": 1, + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "required": [ + "ThumbprintList" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IAM::OIDCProvider" +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-policy.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-policy.json index 2b1df2fc3c..16fa7dc9e8 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-policy.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-policy.json @@ -16,7 +16,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Policy/Properties/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-aps-rulegroupsnamespace.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-samlprovider.json similarity index 50% rename from src/cfnlint/data/schemas/providers/ap_southeast_1/aws-aps-rulegroupsnamespace.json rename to src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-samlprovider.json index 8d00c4be37..9b8efe6834 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-aps-rulegroupsnamespace.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-samlprovider.json @@ -17,61 +17,49 @@ "Value": { "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", "maxLength": 256, - "minLength": 0, + "minLength": 1, "type": "string" } }, "required": [ - "Key", - "Value" + "Value", + "Key" ], "type": "object" } }, - "description": "RuleGroupsNamespace schema for cloudformation.", + "description": "Resource Type definition for AWS::IAM::SAMLProvider", "handlers": { "create": { "permissions": [ - "aps:CreateRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource" + "iam:CreateSAMLProvider", + "iam:GetSAMLProvider", + "iam:TagSAMLProvider" ] }, "delete": { "permissions": [ - "aps:DeleteRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace" + "iam:DeleteSAMLProvider" ] }, "list": { - "handlerSchema": { - "properties": { - "Arn": { - "$ref": "resource-schema.json#/properties/Workspace" - } - }, - "required": [ - "Arn" - ] - }, "permissions": [ - "aps:ListRuleGroupsNamespaces", - "aps:ListTagsForResource" + "iam:ListSAMLProviders", + "iam:GetSAMLProvider" ] }, "read": { "permissions": [ - "aps:DescribeRuleGroupsNamespace", - "aps:ListTagsForResource" + "iam:GetSAMLProvider" ] }, "update": { "permissions": [ - "aps:PutRuleGroupsNamespace", - "aps:DescribeRuleGroupsNamespace", - "aps:TagResource", - "aps:UntagResource", - "aps:ListTagsForResource" + "iam:UpdateSAMLProvider", + "iam:GetSAMLProvider", + "iam:TagSAMLProvider", + "iam:ListSAMLProviderTags", + "iam:UntagSAMLProvider" ] } }, @@ -80,50 +68,42 @@ ], "properties": { "Arn": { - "description": "The RuleGroupsNamespace ARN.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:rulegroupsnamespace/[a-zA-Z0-9-]+/[0-9A-Za-z][-.0-9A-Z_a-z]*$", - "type": "string" - }, - "Data": { - "description": "The RuleGroupsNamespace data.", + "description": "Amazon Resource Name (ARN) of the SAML provider", + "maxLength": 1600, + "minLength": 1, "type": "string" }, "Name": { - "description": "The RuleGroupsNamespace name.", - "maxLength": 64, + "maxLength": 128, "minLength": 1, + "pattern": "[\\w._-]+", + "type": "string" + }, + "SamlMetadataDocument": { + "maxLength": 10000000, + "minLength": 1000, "type": "string" }, "Tags": { - "description": "An array of key-value pairs to apply to this resource.", "insertionOrder": false, "items": { "$ref": "#/definitions/Tag" }, "type": "array", - "uniqueItems": true - }, - "Workspace": { - "description": "Required to identify a specific APS Workspace associated with this RuleGroupsNamespace.", - "pattern": "^arn:(aws|aws-us-gov|aws-cn):aps:[a-z0-9-]+:[0-9]+:workspace/[a-zA-Z0-9-]+$", - "type": "string" + "uniqueItems": false } }, "readOnlyProperties": [ "/properties/Arn" ], "required": [ - "Workspace", - "Data", - "Name" + "SamlMetadataDocument" ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-aps", "tagging": { - "cloudFormationSystemTags": true, + "cloudFormationSystemTags": false, "tagOnCreate": true, - "tagProperty": "/properties/Tags", "tagUpdatable": true, "taggable": true }, - "typeName": "AWS::APS::RuleGroupsNamespace" + "typeName": "AWS::IAM::SAMLProvider" } diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-servercertificate.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-servercertificate.json new file mode 100644 index 0000000000..5eadc526d8 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-servercertificate.json @@ -0,0 +1,132 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ServerCertificateName", + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + } + }, + "description": "Resource Type definition for AWS::IAM::ServerCertificate", + "handlers": { + "create": { + "permissions": [ + "iam:UploadServerCertificate", + "iam:TagServerCertificate", + "iam:GetServerCertificate" + ] + }, + "delete": { + "permissions": [ + "iam:DeleteServerCertificate" + ] + }, + "list": { + "permissions": [ + "iam:ListServerCertificates", + "iam:GetServerCertificate" + ] + }, + "read": { + "permissions": [ + "iam:GetServerCertificate" + ] + }, + "update": { + "permissions": [ + "iam:TagServerCertificate", + "iam:UntagServerCertificate", + "iam:ListServerCertificateTags", + "iam:GetServerCertificate" + ] + } + }, + "primaryIdentifier": [ + "/properties/ServerCertificateName" + ], + "properties": { + "Arn": { + "description": "Amazon Resource Name (ARN) of the server certificate", + "maxLength": 1600, + "minLength": 1, + "type": "string" + }, + "CertificateBody": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "CertificateChain": { + "maxLength": 2097152, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "Path": { + "maxLength": 512, + "minLength": 1, + "pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)", + "type": "string" + }, + "PrivateKey": { + "maxLength": 16384, + "minLength": 1, + "pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+", + "type": "string" + }, + "ServerCertificateName": { + "maxLength": 128, + "minLength": 1, + "pattern": "[\\w+=,.@-]+", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::IAM::ServerCertificate", + "writeOnlyProperties": [ + "/properties/PrivateKey", + "/properties/CertificateBody", + "/properties/CertificateChain" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-user.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-user.json index e023690766..6692fe696d 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-user.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-iam-user.json @@ -23,7 +23,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::User/Properties/Policies/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-redshift-cluster.json index c29bc2abdf..c475c20974 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -279,7 +280,7 @@ "type": "boolean" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-app.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-app.json similarity index 98% rename from src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-app.json rename to src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-app.json index feab2f5346..9dd1feabc4 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-app.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-app.json @@ -129,8 +129,7 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteApp", - "sagemaker:DescribeApp" + "sagemaker:DeleteApp" ] }, "list": { @@ -140,7 +139,6 @@ }, "read": { "permissions": [ - "sagemaker:DescribeApp", "sagemaker:DescribeApp" ] } diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-appimageconfig.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-appimageconfig.json similarity index 62% rename from src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-appimageconfig.json rename to src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-appimageconfig.json index f15ffe6f0e..ee2ec766af 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-appimageconfig.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-appimageconfig.json @@ -5,79 +5,6 @@ "/properties/Tags" ], "definitions": { - "ContainerConfig": { - "additionalProperties": false, - "description": "The container configuration for a SageMaker image.", - "properties": { - "ContainerArguments": { - "description": "A list of arguments to apply to the container.", - "items": { - "$ref": "#/definitions/CustomImageContainerArguments" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEntrypoint": { - "description": "The custom entry point to use on container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEntrypoint" - }, - "maxItems": 1, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEnvironmentVariables": { - "description": "A list of variables to apply to the custom container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEnvironmentVariable" - }, - "maxItems": 25, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "CustomImageContainerArguments": { - "description": "The container image arguments", - "maxLength": 64, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEntrypoint": { - "description": "The container entry point", - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "Value": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, "FileSystemConfig": { "additionalProperties": false, "description": "The Amazon Elastic File System (EFS) storage configuration for a SageMaker image.", @@ -104,17 +31,6 @@ }, "type": "object" }, - "JupyterLabAppImageConfig": { - "additionalProperties": false, - "description": "The configuration for the file system and kernels in a SageMaker image running as a JupyterLab app.", - "properties": { - "ContainerConfig": { - "$ref": "#/definitions/ContainerConfig", - "description": "The container configuration for a SageMaker image." - } - }, - "type": "object" - }, "KernelGatewayImageConfig": { "additionalProperties": false, "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app.", @@ -190,8 +106,7 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteAppImageConfig", - "sagemaker:DescribeAppImageConfig" + "sagemaker:DeleteAppImageConfig" ] }, "list": { @@ -229,10 +144,6 @@ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", "type": "string" }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/JupyterLabAppImageConfig", - "description": "The JupyterLabAppImageConfig." - }, "KernelGatewayImageConfig": { "$ref": "#/definitions/KernelGatewayImageConfig", "description": "The KernelGatewayImageConfig." diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-domain.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-domain.json similarity index 96% rename from src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-domain.json rename to src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-domain.json index 6db1ab7299..3599972fb9 100644 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-domain.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sagemaker-domain.json @@ -169,41 +169,10 @@ }, "type": "object" }, - "DockerSettings": { - "additionalProperties": false, - "description": "A collection of settings that are required to start docker-proxy server.", - "properties": { - "EnableDockerAccess": { - "description": "The flag to enable/disable docker-proxy server", - "enum": [ - "ENABLED", - "DISABLED" - ], - "type": "string" - }, - "VpcOnlyTrustedAccounts": { - "description": "A list of account id's that would be used to pull images from in VpcOnly mode", - "insertionOrder": false, - "items": { - "maxLength": 12, - "pattern": "^[0-9]$", - "type": "string" - }, - "maxItems": 10, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, "DomainSettings": { "additionalProperties": false, "description": "A collection of Domain settings.", "properties": { - "DockerSettings": { - "$ref": "#/definitions/DockerSettings" - }, "RStudioServerProDomainSettings": { "$ref": "#/definitions/RStudioServerProDomainSettings" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topic.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topic.json deleted file mode 100644 index fe4aa9ac32..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topic.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/FifoTopic", - "/properties/TopicName" - ], - "definitions": { - "Subscription": { - "additionalProperties": false, - "properties": { - "Endpoint": { - "type": "string" - }, - "Protocol": { - "type": "string" - } - }, - "required": [ - "Endpoint", - "Protocol" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::SNS::Topic", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "ContentBasedDeduplication": { - "type": "boolean" - }, - "DisplayName": { - "type": "string" - }, - "FifoTopic": { - "type": "boolean" - }, - "Id": { - "type": "string" - }, - "KmsMasterKeyId": { - "type": "string" - }, - "Subscription": { - "items": { - "$ref": "#/definitions/Subscription" - }, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - }, - "TopicName": { - "maxLength": 256, - "minLength": 1, - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "typeName": "AWS::SNS::Topic" -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topicpolicy.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topicpolicy.json index 71b51a2057..458f84e0ce 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topicpolicy.json +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-sns-topicpolicy.json @@ -9,7 +9,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::SNS::TopicPolicy/Properties/PolicyDocument" + ], "type": "object" }, "Topics": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py b/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py index ca944383c7..7732f1ae0c 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py @@ -133,6 +133,7 @@ "AWS::S3ObjectLambda::AccessPointPolicy", "AWS::RoboMaker::SimulationApplication", "AWS::NetworkManager::TransitGatewayRegistration", + "AWS::InspectorV2::Filter", "AWS::ElastiCache::ReplicationGroup", "AWS::StepFunctions::StateMachineAlias", "AWS::Cassandra::Table", @@ -505,9 +506,11 @@ "AWS::AppStream::Entitlement", "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", + "AWS::EC2::VerifiedAccessInstance", "AWS::Lambda::Permission", "AWS::NetworkFirewall::FirewallPolicy", "AWS::EKS::IdentityProviderConfig", @@ -565,6 +568,7 @@ "AWS::StepFunctions::StateMachine", "AWS::RDS::DBClusterParameterGroup", "AWS::WAF::XssMatchSet", + "AWS::EC2::VerifiedAccessTrustProvider", "AWS::AppMesh::VirtualRouter", "AWS::IoT::CertificateProvider", "AWS::Pinpoint::EmailTemplate", @@ -685,6 +689,7 @@ "AWS::Greengrass::ResourceDefinition", "AWS::DMS::ReplicationInstance", "AWS::ServiceCatalog::CloudFormationProduct", + "AWS::EC2::VerifiedAccessGroup", "AWS::EC2::VPCEndpointService", "AWS::IAM::ManagedPolicy", "AWS::EC2::LaunchTemplate", @@ -738,7 +743,6 @@ "aws-s3-accessgrantslocation.json", "aws-ecs-service.json", "aws-ram-resourceshare.json", - "aws-dynamodb-table.json", "aws-ec2-localgatewayroutetablevpcassociation.json", "aws-config-organizationconfigrule.json", "aws-glue-dataqualityruleset.json", @@ -779,6 +783,7 @@ "aws-apigateway-domainname.json", "aws-ecs-primarytaskset.json", "aws-cognito-userpooldomain.json", + "aws-autoscaling-autoscalinggroup.json", "aws-wafv2-regexpatternset.json", "aws-s3-accessgrantsinstance.json", "aws-cognito-identitypoolroleattachment.json", @@ -811,6 +816,7 @@ "aws-ec2-vpcendpointconnectionnotification.json", "aws-codepipeline-pipeline.json", "aws-opsworks-instance.json", + "aws-config-configurationaggregator.json", "aws-imagebuilder-imagepipeline.json", "aws-elasticloadbalancingv2-listenercertificate.json", "aws-cloudformation-moduleversion.json", @@ -833,6 +839,7 @@ "aws-appmesh-virtualservice.json", "aws-s3objectlambda-accesspointpolicy.json", "aws-robomaker-simulationapplication.json", + "aws-inspectorv2-filter.json", "aws-elasticache-replicationgroup.json", "aws-stepfunctions-statemachinealias.json", "aws-cassandra-table.json", @@ -847,10 +854,8 @@ "aws-lambda-function.json", "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", - "aws-sagemaker-app.json", "aws-cloudtrail-trail.json", "aws-appstream-stack.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-wafv2-ipset.json", "aws-greengrass-subscriptiondefinition.json", "aws-greengrass-group.json", @@ -894,7 +899,6 @@ "aws-iot-resourcespecificlogging.json", "aws-servicecatalog-launchtemplateconstraint.json", "aws-wafv2-loggingconfiguration.json", - "aws-dynamodb-globaltable.json", "aws-pinpoint-eventstream.json", "aws-imagebuilder-distributionconfiguration.json", "aws-lakeformation-permissions.json", @@ -967,7 +971,6 @@ "aws-appstream-application.json", "aws-datasync-locationnfs.json", "aws-kinesisanalyticsv2-applicationoutput.json", - "aws-sagemaker-domain.json", "aws-greengrass-coredefinitionversion.json", "aws-certificatemanager-certificate.json", "aws-glue-schemaversionmetadata.json", @@ -993,7 +996,6 @@ "aws-secretsmanager-resourcepolicy.json", "aws-ec2-clientvpnroute.json", "aws-imagebuilder-workflow.json", - "aws-location-map.json", "aws-acmpca-certificateauthorityactivation.json", "aws-kinesisvideo-signalingchannel.json", "aws-msk-vpcconnection.json", @@ -1037,6 +1039,7 @@ "aws-elasticache-globalreplicationgroup.json", "aws-networkfirewall-rulegroup.json", "aws-kms-key.json", + "aws-route53resolver-resolverdnssecconfig.json", "aws-route53resolver-firewallrulegroupassociation.json", "aws-route53resolver-resolverqueryloggingconfig.json", "aws-ec2-snapshotblockpublicaccess.json", @@ -1086,7 +1089,6 @@ "aws-appconfig-hostedconfigurationversion.json", "aws-datasync-locationefs.json", "aws-ec2-localgatewayroutetable.json", - "aws-sagemaker-appimageconfig.json", "aws-elasticloadbalancingv2-targetgroup.json", "aws-applicationautoscaling-scalingpolicy.json", "aws-iotsitewise-gateway.json", @@ -1134,9 +1136,11 @@ "aws-appstream-entitlement.json", "aws-iam-userpolicy.json", "aws-connect-viewversion.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", + "aws-ec2-verifiedaccessinstance.json", "aws-lambda-permission.json", "aws-networkfirewall-firewallpolicy.json", "aws-eks-identityproviderconfig.json", @@ -1161,6 +1165,7 @@ "aws-ec2-trafficmirrorfilterrule.json", "aws-ecr-repository.json", "aws-ses-dedicatedippool.json", + "aws-iot-fleetmetric.json", "aws-appstream-fleet.json", "aws-greengrass-subscriptiondefinitionversion.json", "aws-appconfig-extension.json", @@ -1181,6 +1186,7 @@ "aws-stepfunctions-statemachine.json", "aws-rds-dbclusterparametergroup.json", "aws-waf-xssmatchset.json", + "aws-ec2-verifiedaccesstrustprovider.json", "aws-appmesh-virtualrouter.json", "aws-iot-certificateprovider.json", "aws-pinpoint-emailtemplate.json", @@ -1192,6 +1198,7 @@ "aws-detective-organizationadmin.json", "aws-simspaceweaver-simulation.json", "aws-athena-datacatalog.json", + "aws-docdb-dbcluster.json", "aws-greengrass-functiondefinitionversion.json", "aws-glue-workflow.json", "aws-iot-accountauditconfiguration.json", @@ -1241,7 +1248,6 @@ "aws-redshift-scheduledaction.json", "aws-rds-dbsecuritygroup.json", "aws-cloudwatch-metricstream.json", - "aws-location-geofencecollection.json", "aws-ssm-parameter.json", "aws-apigatewayv2-apigatewaymanagedoverrides.json", "aws-config-deliverychannel.json", @@ -1268,9 +1274,9 @@ "aws-greengrass-resourcedefinition.json", "aws-dms-replicationinstance.json", "aws-servicecatalog-cloudformationproduct.json", + "aws-ec2-verifiedaccessgroup.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-pinpoint-voicechannel.json", "aws-datasync-locationfsxontap.json", "aws-cognito-userpoolclient.json", @@ -1298,4 +1304,5 @@ "aws-connect-user.json", "aws-cloudformation-waitconditionhandle.json", "aws-pinpoint-smstemplate.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-autoscaling-autoscalinggroup.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-autoscaling-autoscalinggroup.json deleted file mode 100644 index f305da8f45..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-autoscaling-autoscalinggroup.json +++ /dev/null @@ -1,708 +0,0 @@ -{ - "additionalProperties": false, - "conditionalCreateOnlyProperties": [ - "/properties/LaunchConfigurationName", - "/properties/VPCZoneIdentifier", - "/properties/PlacementGroup", - "/properties/LaunchTemplate", - "/properties/MixedInstancesPolicy" - ], - "createOnlyProperties": [ - "/properties/InstanceId", - "/properties/AutoScalingGroupName" - ], - "definitions": { - "AcceleratorCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "AcceleratorTotalMemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "BaselineEbsBandwidthMbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "InstanceMaintenancePolicy": { - "additionalProperties": false, - "dependencies": { - "MaxHealthyPercentage": [ - "MinHealthyPercentage" - ], - "MinHealthyPercentage": [ - "MaxHealthyPercentage" - ] - }, - "properties": { - "MaxHealthyPercentage": { - "type": "integer" - }, - "MinHealthyPercentage": { - "type": "integer" - } - }, - "type": "object" - }, - "InstanceRequirements": { - "additionalProperties": false, - "properties": { - "AcceleratorCount": { - "$ref": "#/definitions/AcceleratorCountRequest" - }, - "AcceleratorManufacturers": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AcceleratorNames": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AcceleratorTotalMemoryMiB": { - "$ref": "#/definitions/AcceleratorTotalMemoryMiBRequest" - }, - "AcceleratorTypes": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "AllowedInstanceTypes": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "BareMetal": { - "type": "string" - }, - "BaselineEbsBandwidthMbps": { - "$ref": "#/definitions/BaselineEbsBandwidthMbpsRequest" - }, - "BurstablePerformance": { - "type": "string" - }, - "CpuManufacturers": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "ExcludedInstanceTypes": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "InstanceGenerations": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "LocalStorage": { - "type": "string" - }, - "LocalStorageTypes": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "MemoryGiBPerVCpu": { - "$ref": "#/definitions/MemoryGiBPerVCpuRequest" - }, - "MemoryMiB": { - "$ref": "#/definitions/MemoryMiBRequest" - }, - "NetworkBandwidthGbps": { - "$ref": "#/definitions/NetworkBandwidthGbpsRequest" - }, - "NetworkInterfaceCount": { - "$ref": "#/definitions/NetworkInterfaceCountRequest" - }, - "OnDemandMaxPricePercentageOverLowestPrice": { - "type": "integer" - }, - "RequireHibernateSupport": { - "type": "boolean" - }, - "SpotMaxPricePercentageOverLowestPrice": { - "type": "integer" - }, - "TotalLocalStorageGB": { - "$ref": "#/definitions/TotalLocalStorageGBRequest" - }, - "VCpuCount": { - "$ref": "#/definitions/VCpuCountRequest" - } - }, - "required": [ - "MemoryMiB", - "VCpuCount" - ], - "type": "object" - }, - "InstancesDistribution": { - "additionalProperties": false, - "properties": { - "OnDemandAllocationStrategy": { - "type": "string" - }, - "OnDemandBaseCapacity": { - "type": "integer" - }, - "OnDemandPercentageAboveBaseCapacity": { - "type": "integer" - }, - "SpotAllocationStrategy": { - "type": "string" - }, - "SpotInstancePools": { - "type": "integer" - }, - "SpotMaxPrice": { - "type": "string" - } - }, - "type": "object" - }, - "LaunchTemplate": { - "additionalProperties": false, - "properties": { - "LaunchTemplateSpecification": { - "$ref": "#/definitions/LaunchTemplateSpecification" - }, - "Overrides": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/LaunchTemplateOverrides" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "LaunchTemplateSpecification" - ], - "type": "object" - }, - "LaunchTemplateOverrides": { - "additionalProperties": false, - "properties": { - "InstanceRequirements": { - "$ref": "#/definitions/InstanceRequirements" - }, - "InstanceType": { - "type": "string" - }, - "LaunchTemplateSpecification": { - "$ref": "#/definitions/LaunchTemplateSpecification" - }, - "WeightedCapacity": { - "type": "string" - } - }, - "type": "object" - }, - "LaunchTemplateSpecification": { - "additionalProperties": false, - "properties": { - "LaunchTemplateId": { - "type": "string" - }, - "LaunchTemplateName": { - "type": "string" - }, - "Version": { - "type": "string" - } - }, - "required": [ - "Version" - ], - "requiredXor": [ - "LaunchTemplateID", - "LaunchTemplateName" - ], - "type": "object" - }, - "LifecycleHookSpecification": { - "additionalProperties": false, - "properties": { - "DefaultResult": { - "type": "string" - }, - "HeartbeatTimeout": { - "type": "integer" - }, - "LifecycleHookName": { - "type": "string" - }, - "LifecycleTransition": { - "type": "string" - }, - "NotificationMetadata": { - "type": "string" - }, - "NotificationTargetARN": { - "type": "string" - }, - "RoleARN": { - "type": "string" - } - }, - "required": [ - "LifecycleHookName", - "LifecycleTransition" - ], - "type": "object" - }, - "MemoryGiBPerVCpuRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "number" - }, - "Min": { - "type": "number" - } - }, - "type": "object" - }, - "MemoryMiBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "MetricsCollection": { - "additionalProperties": false, - "properties": { - "Granularity": { - "type": "string" - }, - "Metrics": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "Granularity" - ], - "type": "object" - }, - "MixedInstancesPolicy": { - "additionalProperties": false, - "properties": { - "InstancesDistribution": { - "$ref": "#/definitions/InstancesDistribution" - }, - "LaunchTemplate": { - "$ref": "#/definitions/LaunchTemplate" - } - }, - "required": [ - "LaunchTemplate" - ], - "type": "object" - }, - "NetworkBandwidthGbpsRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "number" - }, - "Min": { - "type": "number" - } - }, - "type": "object" - }, - "NetworkInterfaceCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - }, - "NotificationConfiguration": { - "additionalProperties": false, - "properties": { - "NotificationTypes": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "TopicARN": { - "items": { - "type": "string" - }, - "type": [ - "string", - "array" - ] - } - }, - "required": [ - "TopicARN" - ], - "type": "object" - }, - "TagProperty": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "PropagateAtLaunch": { - "type": "boolean" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key", - "PropagateAtLaunch" - ], - "type": "object" - }, - "TotalLocalStorageGBRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "number" - }, - "Min": { - "type": "number" - } - }, - "type": "object" - }, - "VCpuCountRequest": { - "additionalProperties": false, - "properties": { - "Max": { - "type": "integer" - }, - "Min": { - "type": "integer" - } - }, - "type": "object" - } - }, - "dependentExcluded": { - "InstanceId": [ - "LaunchConfigurationName", - "LaunchTemplate", - "MixedInstancesPolicy" - ], - "LaunchConfigurationName": [ - "InstanceId", - "LaunchTemplate", - "MixedInstancesPolicy" - ], - "LaunchTemplate": [ - "InstanceId", - "LaunchConfigurationName", - "MixedInstancesPolicy" - ], - "MixedInstancesPolicy": [ - "InstanceId", - "LaunchConfigurationName", - "LaunchTemplate" - ] - }, - "deprecatedProperties": [ - "/properties/NotificationConfiguration" - ], - "description": "Resource Type definition for AWS::AutoScaling::AutoScalingGroup", - "handlers": { - "create": { - "permissions": [ - "autoscaling:*", - "cloudwatch:PutMetricAlarm", - "ec2:Describe*", - "ec2:GetInstanceTypesFromInstanceRequirements", - "ec2:RunInstances", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeTargetGroups", - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "managed-fleets:GetAutoScalingGroup", - "managed-fleets:CreateAutoScalingGroup", - "ssm:GetParameters" - ], - "timeoutInMinutes": 360 - }, - "delete": { - "permissions": [ - "autoscaling:*", - "managed-fleets:GetAutoScalingGroup", - "managed-fleets:DeleteAutoScalingGroup" - ], - "timeoutInMinutes": 180 - }, - "list": { - "permissions": [ - "autoscaling:*" - ] - }, - "read": { - "permissions": [ - "autoscaling:*", - "managed-fleets:GetAutoScalingGroup" - ] - }, - "update": { - "permissions": [ - "autoscaling:*", - "cloudwatch:PutMetricAlarm", - "ec2:Describe*", - "ec2:GetInstanceTypesFromInstanceRequirements", - "ec2:RunInstances", - "elasticloadbalancing:DescribeLoadBalancers", - "elasticloadbalancing:DescribeTargetGroups", - "iam:CreateServiceLinkedRole", - "iam:PassRole", - "managed-fleets:GetAutoScalingGroup", - "managed-fleets:RegisterAutoScalingGroup", - "managed-fleets:DeregisterAutoScalingGroup", - "managed-fleets:UpdateAutoScalingGroup", - "ssm:GetParameters" - ], - "timeoutInMinutes": 660 - } - }, - "primaryIdentifier": [ - "/properties/AutoScalingGroupName" - ], - "properties": { - "AutoScalingGroupName": { - "type": "string" - }, - "AvailabilityZones": { - "awsType": "AvailabilityZones", - "insertionOrder": false, - "items": { - "awsType": "AvailabilityZone", - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "CapacityRebalance": { - "type": "boolean" - }, - "Context": { - "type": "string" - }, - "Cooldown": { - "type": "string" - }, - "DefaultInstanceWarmup": { - "type": "integer" - }, - "DesiredCapacity": { - "pattern": "^[0-9]+$", - "type": "string" - }, - "DesiredCapacityType": { - "type": "string" - }, - "HealthCheckGracePeriod": { - "type": "integer" - }, - "HealthCheckType": { - "enum": [ - "EC2", - "ELB" - ], - "type": "string" - }, - "InstanceId": { - "type": "string" - }, - "InstanceMaintenancePolicy": { - "$ref": "#/definitions/InstanceMaintenancePolicy" - }, - "LaunchConfigurationName": { - "type": "string" - }, - "LaunchTemplate": { - "$ref": "#/definitions/LaunchTemplateSpecification" - }, - "LifecycleHookSpecificationList": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/LifecycleHookSpecification" - }, - "type": "array", - "uniqueItems": false - }, - "LoadBalancerNames": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "MaxInstanceLifetime": { - "type": "integer" - }, - "MaxSize": { - "pattern": "^[0-9]+$", - "type": "string" - }, - "MetricsCollection": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/MetricsCollection" - }, - "type": "array", - "uniqueItems": false - }, - "MinSize": { - "pattern": "^[0-9]+$", - "type": "string" - }, - "MixedInstancesPolicy": { - "$ref": "#/definitions/MixedInstancesPolicy" - }, - "NewInstancesProtectedFromScaleIn": { - "type": "boolean" - }, - "NotificationConfiguration": { - "$ref": "#/definitions/NotificationConfiguration" - }, - "NotificationConfigurations": { - "insertionOrder": true, - "items": { - "$ref": "#/definitions/NotificationConfiguration" - }, - "type": "array", - "uniqueItems": false - }, - "PlacementGroup": { - "type": "string" - }, - "ServiceLinkedRoleARN": { - "type": "string" - }, - "Tags": { - "insertionOrder": false, - "items": { - "$ref": "#/definitions/TagProperty" - }, - "type": "array" - }, - "TargetGroupARNs": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "TerminationPolicies": { - "insertionOrder": true, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "VPCZoneIdentifier": { - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "propertyTransform": { - "/properties/LaunchConfigurationName": "InstanceId? AutoScalingGroupName : LaunchConfigurationName" - }, - "required": [ - "MinSize", - "MaxSize" - ], - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::AutoScaling::AutoScalingGroup", - "writeOnlyProperties": [ - "/properties/InstanceId" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-config-configurationaggregator.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-config-configurationaggregator.json deleted file mode 100644 index 5624c0bfff..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-config-configurationaggregator.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ConfigurationAggregatorName" - ], - "definitions": { - "AccountAggregationSource": { - "additionalProperties": false, - "properties": { - "AccountIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "required": [ - "AccountIds" - ], - "type": "object" - }, - "OrganizationAggregationSource": { - "additionalProperties": false, - "properties": { - "AllAwsRegions": { - "type": "boolean" - }, - "AwsRegions": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleArn": { - "type": "string" - } - }, - "required": [ - "RoleArn" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Config::ConfigurationAggregator", - "handlers": { - "create": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - }, - "delete": { - "permissions": [ - "config:DeleteConfigurationAggregator", - "config:UntagResource" - ] - }, - "list": { - "permissions": [ - "config:DescribeConfigurationAggregators" - ] - }, - "read": { - "permissions": [ - "config:DescribeConfigurationAggregators", - "config:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "config:PutConfigurationAggregator", - "config:DescribeConfigurationAggregators", - "config:TagResource", - "config:UntagResource", - "config:ListTagsForResource", - "iam:PassRole", - "organizations:EnableAWSServiceAccess", - "organizations:ListDelegatedAdministrators" - ] - } - }, - "primaryIdentifier": [ - "/properties/ConfigurationAggregatorName" - ], - "properties": { - "AccountAggregationSources": { - "items": { - "$ref": "#/definitions/AccountAggregationSource" - }, - "type": "array", - "uniqueItems": false - }, - "ConfigurationAggregatorArn": { - "description": "The Amazon Resource Name (ARN) of the aggregator.", - "type": "string" - }, - "ConfigurationAggregatorName": { - "description": "The name of the aggregator.", - "maxLength": 256, - "minLength": 1, - "pattern": "[\\w\\-]+", - "type": "string" - }, - "OrganizationAggregationSource": { - "$ref": "#/definitions/OrganizationAggregationSource" - }, - "Tags": { - "description": "The tags for the configuration aggregator.", - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/ConfigurationAggregatorArn" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-config.git", - "typeName": "AWS::Config::ConfigurationAggregator" -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-docdb-dbcluster.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-docdb-dbcluster.json deleted file mode 100644 index e4fe252a86..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-docdb-dbcluster.json +++ /dev/null @@ -1,149 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/KmsKeyId", - "/properties/SnapshotIdentifier", - "/properties/MasterUsername", - "/properties/SourceDBClusterIdentifier", - "/properties/DBClusterIdentifier", - "/properties/AvailabilityZones", - "/properties/DBSubnetGroupName", - "/properties/EngineVersion", - "/properties/StorageEncrypted" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::DocDB::DBCluster", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AvailabilityZones": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "BackupRetentionPeriod": { - "maximum": 35, - "minimum": 1, - "type": "integer" - }, - "ClusterResourceId": { - "type": "string" - }, - "CopyTagsToSnapshot": { - "type": "boolean" - }, - "DBClusterIdentifier": { - "type": "string" - }, - "DBClusterParameterGroupName": { - "type": "string" - }, - "DBSubnetGroupName": { - "type": "string" - }, - "DeletionProtection": { - "type": "boolean" - }, - "EnableCloudwatchLogsExports": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Endpoint": { - "type": "string" - }, - "EngineVersion": { - "enum": [ - "3.6.0", - "4.0", - "4.0.0" - ], - "type": "string" - }, - "Id": { - "type": "string" - }, - "KmsKeyId": { - "type": "string" - }, - "MasterUserPassword": { - "type": "string" - }, - "MasterUsername": { - "type": "string" - }, - "Port": { - "type": "integer" - }, - "PreferredBackupWindow": { - "type": "string" - }, - "PreferredMaintenanceWindow": { - "type": "string" - }, - "ReadEndpoint": { - "type": "string" - }, - "RestoreToTime": { - "type": "string" - }, - "RestoreType": { - "type": "string" - }, - "SnapshotIdentifier": { - "type": "string" - }, - "SourceDBClusterIdentifier": { - "type": "string" - }, - "StorageEncrypted": { - "type": "boolean" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": false - }, - "UseLatestRestorableTime": { - "type": "boolean" - }, - "VpcSecurityGroupIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/ReadEndpoint", - "/properties/Id", - "/properties/Endpoint", - "/properties/ClusterResourceId" - ], - "typeName": "AWS::DocDB::DBCluster" -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-globaltable.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-globaltable.json new file mode 100644 index 0000000000..7e1a23d878 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-globaltable.json @@ -0,0 +1,579 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/Arn" + ], + [ + "/properties/StreamArn" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LocalSecondaryIndexes", + "/properties/TableName", + "/properties/KeySchema" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "CapacityAutoScalingSettings": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "minimum": 1, + "type": "integer" + }, + "MinCapacity": { + "minimum": 1, + "type": "integer" + }, + "SeedCapacity": { + "minimum": 1, + "type": "integer" + }, + "TargetTrackingScalingPolicyConfiguration": { + "$ref": "#/definitions/TargetTrackingScalingPolicyConfiguration" + } + }, + "required": [ + "MinCapacity", + "MaxCapacity", + "TargetTrackingScalingPolicyConfiguration" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "KeyType": { + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "maxItems": 20, + "type": "array", + "uniqueItems": true + }, + "ProjectionType": { + "type": "string" + } + }, + "type": "object" + }, + "ReadProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "ReadCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + }, + "ReadCapacityUnits": { + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "ReplicaGlobalSecondaryIndexSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "maxLength": 255, + "minLength": 3, + "type": "string" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + } + }, + "required": [ + "IndexName" + ], + "type": "object" + }, + "ReplicaSSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + } + }, + "required": [ + "KMSMasterKeyId" + ], + "type": "object" + }, + "ReplicaSpecification": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaGlobalSecondaryIndexSpecification" + }, + "type": "array", + "uniqueItems": true + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ReadProvisionedThroughputSettings": { + "$ref": "#/definitions/ReadProvisionedThroughputSettings" + }, + "Region": { + "type": "string" + }, + "SSESpecification": { + "$ref": "#/definitions/ReplicaSSESpecification" + }, + "TableClass": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Region" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TargetTrackingScalingPolicyConfiguration": { + "additionalProperties": false, + "properties": { + "DisableScaleIn": { + "type": "boolean" + }, + "ScaleInCooldown": { + "minimum": 0, + "type": "integer" + }, + "ScaleOutCooldown": { + "minimum": 0, + "type": "integer" + }, + "TargetValue": { + "format": "double", + "type": "number" + } + }, + "required": [ + "TargetValue" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "WriteProvisionedThroughputSettings": { + "additionalProperties": false, + "properties": { + "WriteCapacityAutoScalingSettings": { + "$ref": "#/definitions/CapacityAutoScalingSettings" + } + }, + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::GlobalTable", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:CreateTableReplica", + "dynamodb:Describe*", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:TagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "dynamodb:TagResource", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Decrypt", + "kms:RevokeGrant", + "cloudwatch:PutMetricData", + "iam:CreateServiceLinkedRole" + ] + }, + "delete": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:DeleteTable", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget" + ] + }, + "list": { + "permissions": [ + "dynamodb:ListTables", + "cloudwatch:PutMetricData" + ] + }, + "read": { + "permissions": [ + "dynamodb:Describe*", + "application-autoscaling:Describe*", + "cloudwatch:PutMetricData", + "dynamodb:ListTagsOfResource", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "dynamodb:Describe*", + "dynamodb:CreateTableReplica", + "dynamodb:UpdateTable", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:ListTagsOfResource", + "dynamodb:Query", + "dynamodb:Scan", + "dynamodb:UpdateItem", + "dynamodb:PutItem", + "dynamodb:GetItem", + "dynamodb:DeleteItem", + "dynamodb:BatchWriteItem", + "dynamodb:DeleteTable", + "dynamodb:DeleteTableReplica", + "dynamodb:UpdateItem", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:UpdateTableReplicaAutoScaling", + "application-autoscaling:DeleteScalingPolicy", + "application-autoscaling:DeleteScheduledAction", + "application-autoscaling:DeregisterScalableTarget", + "application-autoscaling:Describe*", + "application-autoscaling:PutScalingPolicy", + "application-autoscaling:PutScheduledAction", + "application-autoscaling:RegisterScalableTarget", + "kinesis:ListStreams", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant", + "cloudwatch:PutMetricData" + ], + "timeoutInMinutes": 1200 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "type": "string" + }, + "GlobalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "maxItems": 2, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "LocalSecondaryIndexes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": true + }, + "Replicas": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ReplicaSpecification" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableId": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + }, + "WriteProvisionedThroughputSettings": { + "$ref": "#/definitions/WriteProvisionedThroughputSettings" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn", + "/properties/TableId" + ], + "required": [ + "KeySchema", + "AttributeDefinitions", + "Replicas" + ], + "typeName": "AWS::DynamoDB::GlobalTable", + "writeOnlyProperties": [ + "/properties/Replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/Replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "/properties/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "/properties/GlobalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-table.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-table.json new file mode 100644 index 0000000000..aacbc7f216 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-dynamodb-table.json @@ -0,0 +1,540 @@ +{ + "additionalProperties": false, + "cfnLint": [ + "AWS::DynamoDB::Table/Properties" + ], + "createOnlyProperties": [ + "/properties/TableName", + "/properties/ImportSourceSpecification" + ], + "definitions": { + "AttributeDefinition": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "enum": [ + "S", + "N", + "B" + ], + "type": "string" + } + }, + "required": [ + "AttributeName", + "AttributeType" + ], + "type": "object" + }, + "ContributorInsightsSpecification": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, + "Csv": { + "additionalProperties": false, + "properties": { + "Delimiter": { + "type": "string" + }, + "HeaderList": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "type": "object" + }, + "DeprecatedHashKeyElement": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "AttributeType": { + "type": "string" + } + }, + "required": [ + "AttributeType", + "AttributeName" + ], + "type": "object" + }, + "DeprecatedKeySchema": { + "additionalProperties": false, + "properties": { + "HashKeyElement": { + "$ref": "#/definitions/DeprecatedHashKeyElement" + } + }, + "required": [ + "HashKeyElement" + ], + "type": "object" + }, + "GlobalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "ImportSourceSpecification": { + "additionalProperties": false, + "properties": { + "InputCompressionType": { + "type": "string" + }, + "InputFormat": { + "type": "string" + }, + "InputFormatOptions": { + "$ref": "#/definitions/InputFormatOptions" + }, + "S3BucketSource": { + "$ref": "#/definitions/S3BucketSource" + } + }, + "required": [ + "S3BucketSource", + "InputFormat" + ], + "type": "object" + }, + "InputFormatOptions": { + "additionalProperties": false, + "properties": { + "Csv": { + "$ref": "#/definitions/Csv" + } + }, + "type": "object" + }, + "KeySchema": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "KeyType": { + "enum": [ + "HASH", + "RANGE" + ], + "type": "string" + } + }, + "required": [ + "KeyType", + "AttributeName" + ], + "type": "object" + }, + "KinesisStreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamArn": { + "type": "string" + } + }, + "required": [ + "StreamArn" + ], + "type": "object" + }, + "LocalSecondaryIndex": { + "additionalProperties": false, + "properties": { + "IndexName": { + "type": "string" + }, + "KeySchema": { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + "Projection": { + "$ref": "#/definitions/Projection" + } + }, + "required": [ + "IndexName", + "Projection", + "KeySchema" + ], + "type": "object" + }, + "PointInTimeRecoverySpecification": { + "additionalProperties": false, + "properties": { + "PointInTimeRecoveryEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Projection": { + "additionalProperties": false, + "properties": { + "NonKeyAttributes": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ProjectionType": { + "enum": [ + "ALL", + "KEYS_ONLY", + "INCLUDE" + ], + "type": "string" + } + }, + "type": "object" + }, + "ProvisionedThroughput": { + "additionalProperties": false, + "properties": { + "ReadCapacityUnits": { + "type": "integer" + }, + "WriteCapacityUnits": { + "type": "integer" + } + }, + "required": [ + "WriteCapacityUnits", + "ReadCapacityUnits" + ], + "type": "object" + }, + "S3BucketSource": { + "additionalProperties": false, + "properties": { + "S3Bucket": { + "type": "string" + }, + "S3BucketOwner": { + "type": "string" + }, + "S3KeyPrefix": { + "type": "string" + } + }, + "required": [ + "S3Bucket" + ], + "type": "object" + }, + "SSESpecification": { + "additionalProperties": false, + "properties": { + "KMSMasterKeyId": { + "type": "string" + }, + "SSEEnabled": { + "type": "boolean" + }, + "SSEType": { + "type": "string" + } + }, + "required": [ + "SSEEnabled" + ], + "type": "object" + }, + "StreamSpecification": { + "additionalProperties": false, + "properties": { + "StreamViewType": { + "enum": [ + "NEW_IMAGE", + "OLD_IMAGE", + "NEW_AND_OLD_IMAGES", + "KEYS_ONLY" + ], + "type": "string" + } + }, + "required": [ + "StreamViewType" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TimeToLiveSpecification": { + "additionalProperties": false, + "properties": { + "AttributeName": { + "type": "string" + }, + "Enabled": { + "type": "boolean" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + } + }, + "description": "Version: None. Resource Type definition for AWS::DynamoDB::Table", + "handlers": { + "create": { + "permissions": [ + "dynamodb:CreateTable", + "dynamodb:DescribeImport", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContributorInsights", + "dynamodb:UpdateContinuousBackups", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ImportTable", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UpdateTable", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:Decrypt", + "kms:DescribeKey", + "kms:ListAliases", + "kms:Encrypt", + "kms:RevokeGrant", + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogGroups", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + "logs:PutRetentionPolicy", + "s3:GetObject", + "s3:GetObjectMetadata", + "s3:ListBucket" + ], + "timeoutInMinutes": 720 + }, + "delete": { + "permissions": [ + "dynamodb:DeleteTable", + "dynamodb:DescribeTable" + ], + "timeoutInMinutes": 720 + }, + "list": { + "permissions": [ + "dynamodb:ListTables" + ] + }, + "read": { + "permissions": [ + "dynamodb:DescribeTable", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeContributorInsights", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource" + ] + }, + "update": { + "permissions": [ + "dynamodb:UpdateTable", + "dynamodb:DescribeTable", + "dynamodb:DescribeTimeToLive", + "dynamodb:UpdateTimeToLive", + "dynamodb:UpdateContinuousBackups", + "dynamodb:UpdateContributorInsights", + "dynamodb:DescribeContinuousBackups", + "dynamodb:DescribeKinesisStreamingDestination", + "dynamodb:ListTagsOfResource", + "dynamodb:TagResource", + "dynamodb:UntagResource", + "dynamodb:DescribeContributorInsights", + "dynamodb:EnableKinesisStreamingDestination", + "dynamodb:DisableKinesisStreamingDestination", + "kinesis:DescribeStream", + "kinesis:PutRecords", + "iam:CreateServiceLinkedRole", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:ListAliases", + "kms:RevokeGrant" + ], + "timeoutInMinutes": 720 + } + }, + "primaryIdentifier": [ + "/properties/TableName" + ], + "properties": { + "Arn": { + "type": "string" + }, + "AttributeDefinitions": { + "items": { + "$ref": "#/definitions/AttributeDefinition" + }, + "type": "array", + "uniqueItems": true + }, + "BillingMode": { + "enum": [ + "PROVISIONED", + "PAY_PER_REQUEST" + ], + "type": "string" + }, + "ContributorInsightsSpecification": { + "$ref": "#/definitions/ContributorInsightsSpecification" + }, + "DeletionProtectionEnabled": { + "type": "boolean" + }, + "GlobalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/GlobalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "ImportSourceSpecification": { + "$ref": "#/definitions/ImportSourceSpecification" + }, + "KeySchema": { + "oneOf": [ + { + "items": { + "$ref": "#/definitions/KeySchema" + }, + "type": "array", + "uniqueItems": true + }, + { + "type": "object" + } + ] + }, + "KinesisStreamSpecification": { + "$ref": "#/definitions/KinesisStreamSpecification" + }, + "LocalSecondaryIndexes": { + "items": { + "$ref": "#/definitions/LocalSecondaryIndex" + }, + "type": "array", + "uniqueItems": false + }, + "PointInTimeRecoverySpecification": { + "$ref": "#/definitions/PointInTimeRecoverySpecification" + }, + "ProvisionedThroughput": { + "$ref": "#/definitions/ProvisionedThroughput" + }, + "SSESpecification": { + "$ref": "#/definitions/SSESpecification" + }, + "StreamArn": { + "type": "string" + }, + "StreamSpecification": { + "$ref": "#/definitions/StreamSpecification" + }, + "TableClass": { + "type": "string" + }, + "TableName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TimeToLiveSpecification": { + "$ref": "#/definitions/TimeToLiveSpecification" + } + }, + "propertyTransform": { + "/properties/SSESpecification/KMSMasterKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", SSESpecification.KMSMasterKeyId]) $OR $join([\"arn:(aws)[-]{0,1}[a-z]{0,3}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,4}[-]{1}[1-4]{1}:[0-9]{12}[:]{1}key\\/\", KMSMasterKeyId])" + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/StreamArn" + ], + "required": [ + "KeySchema" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DynamoDB::Table", + "writeOnlyProperties": [ + "/properties/ImportSourceSpecification" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-ec2fleet.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-ec2fleet.json index 246f05c2ab..3b7b6a0ab6 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-ec2fleet.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-ec2fleet.json @@ -152,9 +152,10 @@ "AcceleratorManufacturers": { "items": { "enum": [ - "nvidia", - "amd", "amazon-web-services", + "amd", + "habana", + "nvidia", "xilinx" ], "type": "string" @@ -165,15 +166,18 @@ "AcceleratorNames": { "items": { "enum": [ + "a10g", "a100", - "v100", + "h100", + "inferentia", + "k520", "k80", - "t4", "m60", "radeon-pro-v520", + "t4", + "t4g", "vu9p", - "inferentia", - "k520" + "v100" ], "type": "string" }, @@ -276,6 +280,9 @@ "type": "array", "uniqueItems": false }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "type": "integer" + }, "MemoryGiBPerVCpu": { "$ref": "#/definitions/MemoryGiBPerVCpuRequest" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-host.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-host.json index cff765ea41..0d87691180 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-host.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-host.json @@ -17,8 +17,8 @@ "type": "string" }, "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::Host/Properties/AvailabilityZone" ], "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-securitygroupegress.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-securitygroupegress.json index f30a3dd38d..78976b3827 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-securitygroupegress.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-securitygroupegress.json @@ -1,9 +1,7 @@ { "additionalProperties": false, "cfnLint": [ - "aws_ec2_securitygroup/protocols_and_port_ranges_include", - "aws_ec2_securitygroup/protocols_and_port_ranges_exclude", - "aws_ec2_securitygroup/all_to_and_from_ports" + "AWS::EC2::SecurityGroupEgress/Properties" ], "createOnlyProperties": [ "/properties/IpProtocol", diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-spotfleet.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-spotfleet.json index 1213b39b19..205f4ee5cf 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-spotfleet.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-spotfleet.json @@ -259,9 +259,10 @@ "AcceleratorManufacturers": { "items": { "enum": [ - "nvidia", - "amd", "amazon-web-services", + "amd", + "habana", + "nvidia", "xilinx" ], "type": "string" @@ -272,15 +273,18 @@ "AcceleratorNames": { "items": { "enum": [ + "a10g", "a100", - "v100", + "h100", + "inferentia", + "k520", "k80", - "t4", "m60", "radeon-pro-v520", + "t4", + "t4g", "vu9p", - "inferentia", - "k520" + "v100" ], "type": "string" }, @@ -383,6 +387,9 @@ "type": "array", "uniqueItems": false }, + "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "type": "integer" + }, "MemoryGiBPerVCpu": { "$ref": "#/definitions/MemoryGiBPerVCpuRequest" }, @@ -433,8 +440,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone" ], "type": "string" }, @@ -666,8 +673,8 @@ "type": "string" }, "IamFleetRole": { - "awsType": [ - "IamRoleArn" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole" ], "type": "string" }, @@ -839,8 +846,8 @@ "additionalProperties": false, "properties": { "AvailabilityZone": { - "awsType": [ - "AvailabilityZone" + "cfnLint": [ + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone" ], "type": "string" }, @@ -931,8 +938,11 @@ "handlers": { "create": { "permissions": [ + "iam:PassRole", + "ec2:CreateTags", "ec2:RequestSpotFleet", - "ec2:DescribeSpotFleetRequests" + "ec2:DescribeSpotFleetRequests", + "ec2:RunInstances" ] }, "delete": { @@ -979,5 +989,9 @@ "LaunchSpecifications", "LaunchTemplateConfigs" ], - "typeName": "AWS::EC2::SpotFleet" + "typeName": "AWS::EC2::SpotFleet", + "writeOnlyProperties": [ + "/properties/SpotFleetRequestConfigData/TagSpecifications", + "/properties/SpotFleetRequestConfigData/LaunchSpecifications/*/NetworkInterfaces/*/Groups" + ] } diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-volume.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-volume.json index 6126f7c814..7529e88cce 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-volume.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-ec2-volume.json @@ -27,7 +27,9 @@ "type": "boolean" }, "AvailabilityZone": { - "awsType": "AvailabilityZone", + "cfnLint": [ + "AWS::EC2::Volume/Properties/AvailabilityZone" + ], "type": "string" }, "Encrypted": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-gamelift-fleet.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-gamelift-fleet.json index 9551ef0828..4489c391a2 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-gamelift-fleet.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-gamelift-fleet.json @@ -126,7 +126,7 @@ "uniqueItems": true }, "EC2InstanceType": { - "cfnLint": "aws_gamelift_fleet/ec2instancetype_enum", + "cfnLint": "AWS::GameLift::Fleet/EC2InstanceType", "type": "string" }, "FleetType": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-group.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-group.json index 12aba3b316..613533135e 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-group.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-group.json @@ -8,7 +8,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Group/Properties/Policies/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-policy.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-policy.json index 2b1df2fc3c..16fa7dc9e8 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-policy.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-policy.json @@ -16,7 +16,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::Policy/Properties/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-user.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-user.json index e023690766..6692fe696d 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-user.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iam-user.json @@ -23,7 +23,9 @@ "additionalProperties": false, "properties": { "PolicyDocument": { - "awsType": "IamIdentityPolicy", + "cfnLint": [ + "AWS::IAM::User/Properties/Policies/PolicyDocument" + ], "type": "object" }, "PolicyName": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iot-fleetmetric.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iot-fleetmetric.json deleted file mode 100644 index 8c25d4941d..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-iot-fleetmetric.json +++ /dev/null @@ -1,164 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/MetricName" - ], - "definitions": { - "AggregationType": { - "additionalProperties": false, - "description": "Aggregation types supported by Fleet Indexing", - "properties": { - "Name": { - "description": "Fleet Indexing aggregation type names such as Statistics, Percentiles and Cardinality", - "type": "string" - }, - "Values": { - "description": "Fleet Indexing aggregation type values", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "Name", - "Values" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource", - "properties": { - "Key": { - "description": "The tag's key", - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The tag's value", - "maxLength": 256, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - } - }, - "description": "An aggregated metric of certain devices in your fleet", - "handlers": { - "create": { - "permissions": [ - "iot:CreateFleetMetric" - ] - }, - "delete": { - "permissions": [ - "iot:DeleteFleetMetric" - ] - }, - "list": { - "permissions": [ - "iot:ListFleetMetrics" - ] - }, - "read": { - "permissions": [ - "iot:DescribeFleetMetric", - "iot:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "iot:UpdateFleetMetric", - "iot:ListTagsForResource", - "iot:UntagResource", - "iot:TagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/MetricName" - ], - "properties": { - "AggregationField": { - "description": "The aggregation field to perform aggregation and metric emission", - "type": "string" - }, - "AggregationType": { - "$ref": "#/definitions/AggregationType" - }, - "CreationDate": { - "description": "The creation date of a fleet metric", - "type": "number" - }, - "Description": { - "description": "The description of a fleet metric", - "type": "string" - }, - "IndexName": { - "description": "The index name of a fleet metric", - "type": "string" - }, - "LastModifiedDate": { - "description": "The last modified date of a fleet metric", - "type": "number" - }, - "MetricArn": { - "description": "The Amazon Resource Number (ARN) of a fleet metric metric", - "type": "string" - }, - "MetricName": { - "description": "The name of the fleet metric", - "type": "string" - }, - "Period": { - "description": "The period of metric emission in seconds", - "type": "integer" - }, - "QueryString": { - "description": "The Fleet Indexing query used by a fleet metric", - "type": "string" - }, - "QueryVersion": { - "description": "The version of a Fleet Indexing query used by a fleet metric", - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "type": "array", - "uniqueItems": true - }, - "Unit": { - "description": "The unit of data points emitted by a fleet metric", - "type": "string" - }, - "Version": { - "description": "The version of a fleet metric", - "type": "number" - } - }, - "readOnlyProperties": [ - "/properties/MetricArn", - "/properties/CreationDate", - "/properties/LastModifiedDate", - "/properties/Version" - ], - "required": [ - "MetricName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-iot.git", - "taggable": true, - "typeName": "AWS::IoT::FleetMetric" -} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-location-geofencecollection.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-location-geofencecollection.json new file mode 100644 index 0000000000..bb905fef3f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-location-geofencecollection.json @@ -0,0 +1,174 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CollectionName", + "/properties/KmsKeyId" + ], + "definitions": { + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::GeofenceCollection Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "kms:*" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteGeofenceCollection", + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "list": { + "permissions": [ + "geo:ListGeofenceCollections", + "kms:*" + ] + }, + "read": { + "permissions": [ + "geo:DescribeGeofenceCollection", + "kms:*" + ] + }, + "update": { + "permissions": [ + "geo:CreateGeofenceCollection", + "geo:DescribeGeofenceCollection", + "geo:TagResource", + "geo:UntagResource", + "geo:UpdateGeofenceCollection", + "kms:*" + ] + } + }, + "primaryIdentifier": [ + "/properties/CollectionName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CollectionName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CollectionArn", + "/properties/Arn", + "/properties/CreateTime", + "/properties/UpdateTime" + ], + "required": [ + "CollectionName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::GeofenceCollection" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-location-map.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-location-map.json similarity index 95% rename from src/cfnlint/data/schemas/providers/us_west_2/aws-location-map.json rename to src/cfnlint/data/schemas/providers/us_gov_west_1/aws-location-map.json index 89acc99120..cf5ed3a844 100644 --- a/src/cfnlint/data/schemas/providers/us_west_2/aws-location-map.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-location-map.json @@ -8,16 +8,6 @@ "MapConfiguration": { "additionalProperties": false, "properties": { - "CustomLayers": { - "items": { - "maxLength": 100, - "minLength": 1, - "pattern": "^[-._\\w]+$", - "type": "string" - }, - "maxItems": 10, - "type": "array" - }, "PoliticalView": { "maxLength": 3, "minLength": 3, diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-redshift-cluster.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-redshift-cluster.json index c29bc2abdf..c475c20974 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-redshift-cluster.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-redshift-cluster.json @@ -1,5 +1,6 @@ { "additionalProperties": false, + "cfnLint": "AWS::Redshift::Cluster/Properties", "createOnlyProperties": [ "/properties/ClusterIdentifier", "/properties/OwnerAccount", @@ -279,7 +280,7 @@ "type": "boolean" }, "NodeType": { - "cfnLint": "aws_redshift_cluster/nodetype_enum", + "cfnLint": "AWS::Redshift::Cluster/Properties/NodeType", "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge", "type": "string" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53-healthcheck.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53-healthcheck.json index 2ddd4be8f2..084d644abf 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53-healthcheck.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53-healthcheck.json @@ -107,7 +107,7 @@ "HealthCheckConfig": { "$ref": "#/definitions/HealthCheckConfig", "cfnLint": [ - "aws_route53_healthcheck/healthcheckconfig_type_inclusive" + "AWS::Route53::HealthCheck/Properties/HealthCheckConfig" ] }, "HealthCheckTags": { diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53resolver-resolverdnssecconfig.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53resolver-resolverdnssecconfig.json deleted file mode 100644 index 0442aad040..0000000000 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-route53resolver-resolverdnssecconfig.json +++ /dev/null @@ -1,76 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ResourceId" - ], - "description": "Resource schema for AWS::Route53Resolver::ResolverDNSSECConfig.", - "handlers": { - "create": { - "permissions": [ - "resolverdnssec:CreateConfig", - "route53resolver:UpdateResolverDnssecConfig", - "route53resolver:GetResolverDnssecConfig", - "ec2:*" - ] - }, - "delete": { - "permissions": [ - "resolverdnssec:DeleteConfig", - "route53resolver:UpdateResolverDnssecConfig", - "route53resolver:ListResolverDnssecConfigs", - "ec2:*" - ] - }, - "list": { - "permissions": [ - "resolverdnssec:ListConfig", - "route53resolver:ListResolverDnssecConfigs" - ] - }, - "read": { - "permissions": [ - "resolverdnssec:GetConfig", - "route53resolver:ListResolverDnssecConfigs" - ] - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Id": { - "description": "Id", - "maxLength": 64, - "minLength": 1, - "type": "string" - }, - "OwnerId": { - "description": "AccountId", - "maxLength": 32, - "minLength": 12, - "type": "string" - }, - "ResourceId": { - "description": "ResourceId", - "maxLength": 64, - "minLength": 1, - "type": "string" - }, - "ValidationStatus": { - "description": "ResolverDNSSECValidationStatus, possible values are ENABLING, ENABLED, DISABLING AND DISABLED.", - "enum": [ - "ENABLING", - "ENABLED", - "DISABLING", - "DISABLED" - ], - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/OwnerId", - "/properties/Id", - "/properties/ValidationStatus" - ], - "typeName": "AWS::Route53Resolver::ResolverDNSSECConfig" -} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-app.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-app.json similarity index 98% rename from src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-app.json rename to src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-app.json index feab2f5346..9dd1feabc4 100644 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-sagemaker-app.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-app.json @@ -129,8 +129,7 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteApp", - "sagemaker:DescribeApp" + "sagemaker:DeleteApp" ] }, "list": { @@ -140,7 +139,6 @@ }, "read": { "permissions": [ - "sagemaker:DescribeApp", "sagemaker:DescribeApp" ] } diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-appimageconfig.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-appimageconfig.json similarity index 62% rename from src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-appimageconfig.json rename to src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-appimageconfig.json index f15ffe6f0e..ee2ec766af 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/aws-sagemaker-appimageconfig.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-appimageconfig.json @@ -5,79 +5,6 @@ "/properties/Tags" ], "definitions": { - "ContainerConfig": { - "additionalProperties": false, - "description": "The container configuration for a SageMaker image.", - "properties": { - "ContainerArguments": { - "description": "A list of arguments to apply to the container.", - "items": { - "$ref": "#/definitions/CustomImageContainerArguments" - }, - "maxItems": 50, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEntrypoint": { - "description": "The custom entry point to use on container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEntrypoint" - }, - "maxItems": 1, - "minItems": 0, - "type": "array", - "uniqueItems": false - }, - "ContainerEnvironmentVariables": { - "description": "A list of variables to apply to the custom container.", - "items": { - "$ref": "#/definitions/CustomImageContainerEnvironmentVariable" - }, - "maxItems": 25, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, - "CustomImageContainerArguments": { - "description": "The container image arguments", - "maxLength": 64, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEntrypoint": { - "description": "The container entry point", - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "CustomImageContainerEnvironmentVariable": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - }, - "Value": { - "maxLength": 256, - "minLength": 1, - "pattern": "^(?!\\s*$).+", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, "FileSystemConfig": { "additionalProperties": false, "description": "The Amazon Elastic File System (EFS) storage configuration for a SageMaker image.", @@ -104,17 +31,6 @@ }, "type": "object" }, - "JupyterLabAppImageConfig": { - "additionalProperties": false, - "description": "The configuration for the file system and kernels in a SageMaker image running as a JupyterLab app.", - "properties": { - "ContainerConfig": { - "$ref": "#/definitions/ContainerConfig", - "description": "The container configuration for a SageMaker image." - } - }, - "type": "object" - }, "KernelGatewayImageConfig": { "additionalProperties": false, "description": "The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app.", @@ -190,8 +106,7 @@ }, "delete": { "permissions": [ - "sagemaker:DeleteAppImageConfig", - "sagemaker:DescribeAppImageConfig" + "sagemaker:DeleteAppImageConfig" ] }, "list": { @@ -229,10 +144,6 @@ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}", "type": "string" }, - "JupyterLabAppImageConfig": { - "$ref": "#/definitions/JupyterLabAppImageConfig", - "description": "The JupyterLabAppImageConfig." - }, "KernelGatewayImageConfig": { "$ref": "#/definitions/KernelGatewayImageConfig", "description": "The KernelGatewayImageConfig." diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-domain.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-domain.json similarity index 96% rename from src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-domain.json rename to src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-domain.json index 6db1ab7299..3599972fb9 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-sagemaker-domain.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sagemaker-domain.json @@ -169,41 +169,10 @@ }, "type": "object" }, - "DockerSettings": { - "additionalProperties": false, - "description": "A collection of settings that are required to start docker-proxy server.", - "properties": { - "EnableDockerAccess": { - "description": "The flag to enable/disable docker-proxy server", - "enum": [ - "ENABLED", - "DISABLED" - ], - "type": "string" - }, - "VpcOnlyTrustedAccounts": { - "description": "A list of account id's that would be used to pull images from in VpcOnly mode", - "insertionOrder": false, - "items": { - "maxLength": 12, - "pattern": "^[0-9]$", - "type": "string" - }, - "maxItems": 10, - "minItems": 0, - "type": "array", - "uniqueItems": false - } - }, - "type": "object" - }, "DomainSettings": { "additionalProperties": false, "description": "A collection of Domain settings.", "properties": { - "DockerSettings": { - "$ref": "#/definitions/DockerSettings" - }, "RStudioServerProDomainSettings": { "$ref": "#/definitions/RStudioServerProDomainSettings" }, diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sns-topicpolicy.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sns-topicpolicy.json index 71b51a2057..458f84e0ce 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sns-topicpolicy.json +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-sns-topicpolicy.json @@ -9,7 +9,9 @@ "type": "string" }, "PolicyDocument": { - "awsType": "IamResourcePolicy", + "cfnLint": [ + "AWS::SNS::TopicPolicy/Properties/PolicyDocument" + ], "type": "object" }, "Topics": { diff --git a/src/cfnlint/data/schemas/providers/us_west_1/__init__.py b/src/cfnlint/data/schemas/providers/us_west_1/__init__.py index 6ea449b685..db6c4e3d50 100644 --- a/src/cfnlint/data/schemas/providers/us_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_west_1/__init__.py @@ -160,6 +160,7 @@ "AWS::NetworkManager::ConnectPeer", "AWS::ElastiCache::UserGroup", "AWS::IoT::ThingGroup", + "AWS::Logs::DeliveryDestination", "AWS::ImageBuilder::ImageRecipe", "AWS::IoT::SoftwarePackage", "AWS::ApiGateway::RestApi", @@ -191,6 +192,7 @@ "AWS::Backup::BackupSelection", "AWS::DataSync::LocationFSxLustre", "AWS::SageMaker::App", + "AWS::Logs::DeliverySource", "AWS::EC2::VPCGatewayAttachment", "AWS::CloudTrail::Trail", "AWS::EC2::VPNConnectionRoute", @@ -586,6 +588,7 @@ "AWS::RDS::OptionGroup", "AWS::OpsWorks::UserProfile", "AWS::Glue::Schema", + "AWS::Logs::Delivery", "AWS::ServiceCatalog::Portfolio", "AWS::IoT::Policy", "AWS::EC2::TransitGatewayRoute", @@ -611,6 +614,7 @@ "AWS::ServiceCatalog::ServiceAction", "AWS::IAM::UserPolicy", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -965,7 +969,6 @@ "aws-cognito-identitypoolroleattachment.json", "aws-route53-recordset.json", "aws-eks-accessentry.json", - "aws-amplifyuibuilder-form.json", "aws-elasticache-securitygroup.json", "aws-backup-framework.json", "aws-appflow-connectorprofile.json", @@ -1029,6 +1032,7 @@ "aws-networkmanager-connectpeer.json", "aws-elasticache-usergroup.json", "aws-iot-thinggroup.json", + "aws-logs-deliverydestination.json", "aws-imagebuilder-imagerecipe.json", "aws-iot-softwarepackage.json", "aws-apigateway-restapi.json", @@ -1060,6 +1064,7 @@ "aws-backup-backupselection.json", "aws-datasync-locationfsxlustre.json", "aws-sagemaker-app.json", + "aws-logs-deliverysource.json", "aws-ec2-vpcgatewayattachment.json", "aws-cloudtrail-trail.json", "aws-ec2-vpnconnectionroute.json", @@ -1109,7 +1114,6 @@ "aws-networkfirewall-loggingconfiguration.json", "aws-glue-classifier.json", "aws-codedeploy-deploymentgroup.json", - "aws-amplifyuibuilder-component.json", "aws-sagemaker-inferenceexperiment.json", "aws-cloudformation-stackset.json", "aws-ec2-route.json", @@ -1291,7 +1295,6 @@ "aws-iam-grouppolicy.json", "aws-scheduler-schedule.json", "aws-waf-bytematchset.json", - "aws-amplifyuibuilder-theme.json", "aws-emrserverless-application.json", "aws-ec2-host.json", "aws-lambda-codesigningconfig.json", @@ -1378,7 +1381,6 @@ "aws-servicecatalog-resourceupdateconstraint.json", "aws-transfer-agreement.json", "aws-chatbot-slackchannelconfiguration.json", - "aws-cloudfront-distribution.json", "aws-ssmcontacts-plan.json", "aws-elasticache-subnetgroup.json", "aws-xray-group.json", @@ -1438,6 +1440,7 @@ "aws-rds-optiongroup.json", "aws-opsworks-userprofile.json", "aws-glue-schema.json", + "aws-logs-delivery.json", "aws-servicecatalog-portfolio.json", "aws-iot-policy.json", "aws-ec2-transitgatewayroute.json", @@ -1463,6 +1466,7 @@ "aws-servicecatalog-serviceaction.json", "aws-iam-userpolicy.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -1669,7 +1673,6 @@ "aws-ec2-verifiedaccessgroup.json", "aws-ec2-vpcendpointservice.json", "aws-iam-managedpolicy.json", - "aws-ec2-launchtemplate.json", "aws-cloudfront-originrequestpolicy.json", "aws-datasync-locationfsxontap.json", "aws-networkmanager-linkassociation.json", @@ -1708,4 +1711,5 @@ "aws-memorydb-acl.json", "aws-cloudformation-waitconditionhandle.json", "aws-globalaccelerator-accelerator.json", + "aws-eks-addon.json", ] diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-component.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-component.json new file mode 100644 index 0000000000..7a6e22ebe4 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-component.json @@ -0,0 +1,567 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "ActionParameters": { + "additionalProperties": false, + "properties": { + "Anchor": { + "$ref": "#/definitions/ComponentProperty" + }, + "Fields": { + "$ref": "#/definitions/ComponentProperties" + }, + "Global": { + "$ref": "#/definitions/ComponentProperty" + }, + "Id": { + "$ref": "#/definitions/ComponentProperty" + }, + "Model": { + "type": "string" + }, + "State": { + "$ref": "#/definitions/MutationActionSetStateParameter" + }, + "Target": { + "$ref": "#/definitions/ComponentProperty" + }, + "Type": { + "$ref": "#/definitions/ComponentProperty" + }, + "Url": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentBindingProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentBindingPropertiesValue" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValue": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingPropertiesValueProperties" + }, + "DefaultValue": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentBindingPropertiesValueProperties": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "Field": { + "type": "string" + }, + "Key": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Predicates": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "UserAttribute": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentChild": { + "additionalProperties": false, + "properties": { + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "ComponentType": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Name": { + "type": "string" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + } + }, + "required": [ + "ComponentType", + "Name", + "Properties" + ], + "type": "object" + }, + "ComponentCollectionProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentDataConfiguration" + } + }, + "type": "object" + }, + "ComponentConditionProperty": { + "additionalProperties": false, + "properties": { + "Else": { + "$ref": "#/definitions/ComponentProperty" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "OperandType": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Then": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentDataConfiguration": { + "additionalProperties": false, + "properties": { + "Identifiers": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Model": { + "type": "string" + }, + "Predicate": { + "$ref": "#/definitions/Predicate" + }, + "Sort": { + "items": { + "$ref": "#/definitions/SortProperty" + }, + "type": "array" + } + }, + "required": [ + "Model" + ], + "type": "object" + }, + "ComponentEvent": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "Parameters": { + "$ref": "#/definitions/ActionParameters" + } + }, + "type": "object" + }, + "ComponentEvents": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentEvent" + } + }, + "type": "object" + }, + "ComponentOverrides": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentOverridesValue" + } + }, + "type": "object" + }, + "ComponentOverridesValue": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentProperties": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "type": "object" + }, + "ComponentProperty": { + "additionalProperties": false, + "properties": { + "BindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "Bindings": { + "$ref": "#/definitions/FormBindings" + }, + "CollectionBindingProperties": { + "$ref": "#/definitions/ComponentPropertyBindingProperties" + }, + "ComponentName": { + "type": "string" + }, + "Concat": { + "items": { + "$ref": "#/definitions/ComponentProperty" + }, + "type": "array" + }, + "Condition": { + "$ref": "#/definitions/ComponentConditionProperty" + }, + "Configured": { + "type": "boolean" + }, + "DefaultValue": { + "type": "string" + }, + "Event": { + "type": "string" + }, + "ImportedValue": { + "type": "string" + }, + "Model": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Type": { + "type": "string" + }, + "UserAttribute": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ComponentPropertyBindingProperties": { + "additionalProperties": false, + "properties": { + "Field": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Property" + ], + "type": "object" + }, + "ComponentVariant": { + "additionalProperties": false, + "properties": { + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "VariantValues": { + "$ref": "#/definitions/ComponentVariantValues" + } + }, + "type": "object" + }, + "ComponentVariantValues": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "type": "string" + } + }, + "type": "object" + }, + "FormBindingElement": { + "additionalProperties": false, + "properties": { + "Element": { + "type": "string" + }, + "Property": { + "type": "string" + } + }, + "required": [ + "Element", + "Property" + ], + "type": "object" + }, + "FormBindings": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FormBindingElement" + } + }, + "type": "object" + }, + "MutationActionSetStateParameter": { + "additionalProperties": false, + "properties": { + "ComponentName": { + "type": "string" + }, + "Property": { + "type": "string" + }, + "Set": { + "$ref": "#/definitions/ComponentProperty" + } + }, + "required": [ + "ComponentName", + "Property", + "Set" + ], + "type": "object" + }, + "Predicate": { + "additionalProperties": false, + "properties": { + "And": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + }, + "Field": { + "type": "string" + }, + "Operand": { + "type": "string" + }, + "Operator": { + "type": "string" + }, + "Or": { + "items": { + "$ref": "#/definitions/Predicate" + }, + "type": "array" + } + }, + "type": "object" + }, + "SortDirection": { + "enum": [ + "ASC", + "DESC" + ], + "type": "string" + }, + "SortProperty": { + "additionalProperties": false, + "properties": { + "Direction": { + "$ref": "#/definitions/SortDirection" + }, + "Field": { + "type": "string" + } + }, + "required": [ + "Direction", + "Field" + ], + "type": "object" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Component Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:CreateComponent", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:DeleteComponent", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:ListComponents" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetComponent", + "amplifyuibuilder:UpdateComponent", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "BindingProperties": { + "$ref": "#/definitions/ComponentBindingProperties" + }, + "Children": { + "items": { + "$ref": "#/definitions/ComponentChild" + }, + "type": "array" + }, + "CollectionProperties": { + "$ref": "#/definitions/ComponentCollectionProperties" + }, + "ComponentType": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Events": { + "$ref": "#/definitions/ComponentEvents" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "$ref": "#/definitions/ComponentOverrides" + }, + "Properties": { + "$ref": "#/definitions/ComponentProperties" + }, + "SchemaVersion": { + "type": "string" + }, + "SourceId": { + "type": "string" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Variants": { + "items": { + "$ref": "#/definitions/ComponentVariant" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "BindingProperties", + "ComponentType", + "Name", + "Overrides", + "Properties", + "Variants" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Component" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-form.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-form.json new file mode 100644 index 0000000000..673b10c7af --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-form.json @@ -0,0 +1,546 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "FieldConfig": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "InputType": { + "$ref": "#/definitions/FieldInputConfig" + }, + "Label": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Validations": { + "items": { + "$ref": "#/definitions/FieldValidationConfiguration" + }, + "type": "array" + } + }, + "type": "object" + }, + "FieldInputConfig": { + "additionalProperties": false, + "properties": { + "DefaultChecked": { + "type": "boolean" + }, + "DefaultCountryCode": { + "type": "string" + }, + "DefaultValue": { + "type": "string" + }, + "DescriptiveText": { + "type": "string" + }, + "FileUploaderConfig": { + "$ref": "#/definitions/FileUploaderFieldConfig" + }, + "IsArray": { + "type": "boolean" + }, + "MaxValue": { + "type": "number" + }, + "MinValue": { + "type": "number" + }, + "Name": { + "type": "string" + }, + "Placeholder": { + "type": "string" + }, + "ReadOnly": { + "type": "boolean" + }, + "Required": { + "type": "boolean" + }, + "Step": { + "type": "number" + }, + "Type": { + "type": "string" + }, + "Value": { + "type": "string" + }, + "ValueMappings": { + "$ref": "#/definitions/ValueMappings" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldPosition": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Fixed": { + "$ref": "#/definitions/FixedPosition" + } + }, + "required": [ + "Fixed" + ], + "title": "Fixed", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "RightOf": { + "type": "string" + } + }, + "required": [ + "RightOf" + ], + "title": "RightOf", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Below": { + "type": "string" + } + }, + "required": [ + "Below" + ], + "title": "Below", + "type": "object" + } + ] + }, + "FieldValidationConfiguration": { + "additionalProperties": false, + "properties": { + "NumValues": { + "items": { + "type": "number" + }, + "type": "array" + }, + "StrValues": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Type": { + "type": "string" + }, + "ValidationMessage": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "FieldsMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/FieldConfig" + } + }, + "type": "object" + }, + "FileUploaderFieldConfig": { + "additionalProperties": false, + "properties": { + "AcceptedFileTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "AccessLevel": { + "$ref": "#/definitions/StorageAccessLevel" + }, + "IsResumable": { + "type": "boolean" + }, + "MaxFileCount": { + "type": "number" + }, + "MaxSize": { + "type": "number" + }, + "ShowThumbnails": { + "type": "boolean" + } + }, + "required": [ + "AcceptedFileTypes", + "AccessLevel" + ], + "type": "object" + }, + "FixedPosition": { + "enum": [ + "first" + ], + "type": "string" + }, + "FormActionType": { + "enum": [ + "create", + "update" + ], + "type": "string" + }, + "FormButton": { + "additionalProperties": false, + "properties": { + "Children": { + "type": "string" + }, + "Excluded": { + "type": "boolean" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + } + }, + "type": "object" + }, + "FormButtonsPosition": { + "enum": [ + "top", + "bottom", + "top_and_bottom" + ], + "type": "string" + }, + "FormCTA": { + "additionalProperties": false, + "properties": { + "Cancel": { + "$ref": "#/definitions/FormButton" + }, + "Clear": { + "$ref": "#/definitions/FormButton" + }, + "Position": { + "$ref": "#/definitions/FormButtonsPosition" + }, + "Submit": { + "$ref": "#/definitions/FormButton" + } + }, + "type": "object" + }, + "FormDataSourceType": { + "enum": [ + "DataStore", + "Custom" + ], + "type": "string" + }, + "FormDataTypeConfig": { + "additionalProperties": false, + "properties": { + "DataSourceType": { + "$ref": "#/definitions/FormDataSourceType" + }, + "DataTypeName": { + "type": "string" + } + }, + "required": [ + "DataSourceType", + "DataTypeName" + ], + "type": "object" + }, + "FormInputValueProperty": { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "FormStyle": { + "additionalProperties": false, + "properties": { + "HorizontalGap": { + "$ref": "#/definitions/FormStyleConfig" + }, + "OuterPadding": { + "$ref": "#/definitions/FormStyleConfig" + }, + "VerticalGap": { + "$ref": "#/definitions/FormStyleConfig" + } + }, + "type": "object" + }, + "FormStyleConfig": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "TokenReference": { + "type": "string" + } + }, + "required": [ + "TokenReference" + ], + "title": "TokenReference", + "type": "object" + }, + { + "additionalProperties": false, + "properties": { + "Value": { + "type": "string" + } + }, + "required": [ + "Value" + ], + "title": "Value", + "type": "object" + } + ] + }, + "LabelDecorator": { + "enum": [ + "required", + "optional", + "none" + ], + "type": "string" + }, + "SectionalElement": { + "additionalProperties": false, + "properties": { + "Excluded": { + "type": "boolean" + }, + "Level": { + "type": "number" + }, + "Orientation": { + "type": "string" + }, + "Position": { + "$ref": "#/definitions/FieldPosition" + }, + "Text": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "SectionalElementMap": { + "additionalProperties": false, + "patternProperties": { + ".+": { + "$ref": "#/definitions/SectionalElement" + } + }, + "type": "object" + }, + "StorageAccessLevel": { + "enum": [ + "public", + "protected", + "private" + ], + "type": "string" + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ValueMapping": { + "additionalProperties": false, + "properties": { + "DisplayValue": { + "$ref": "#/definitions/FormInputValueProperty" + }, + "Value": { + "$ref": "#/definitions/FormInputValueProperty" + } + }, + "required": [ + "Value" + ], + "type": "object" + }, + "ValueMappings": { + "additionalProperties": false, + "properties": { + "Values": { + "items": { + "$ref": "#/definitions/ValueMapping" + }, + "type": "array" + } + }, + "required": [ + "Values" + ], + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Form Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:CreateForm", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:DeleteForm", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:ListForms" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetForm", + "amplifyuibuilder:UpdateForm", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "Cta": { + "$ref": "#/definitions/FormCTA" + }, + "DataType": { + "$ref": "#/definitions/FormDataTypeConfig" + }, + "EnvironmentName": { + "type": "string" + }, + "Fields": { + "$ref": "#/definitions/FieldsMap" + }, + "FormActionType": { + "$ref": "#/definitions/FormActionType" + }, + "Id": { + "type": "string" + }, + "LabelDecorator": { + "$ref": "#/definitions/LabelDecorator" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "SchemaVersion": { + "type": "string" + }, + "SectionalElements": { + "$ref": "#/definitions/SectionalElementMap" + }, + "Style": { + "$ref": "#/definitions/FormStyle" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "DataType", + "Fields", + "FormActionType", + "Name", + "SchemaVersion", + "SectionalElements", + "Style" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "#/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::AmplifyUIBuilder::Form" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-theme.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-theme.json new file mode 100644 index 0000000000..3336f4d63a --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-amplifyuibuilder-theme.json @@ -0,0 +1,149 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Tags" + ], + "definitions": { + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^(?!aws:)[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "ThemeValue": { + "additionalProperties": false, + "properties": { + "Children": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "ThemeValues": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "$ref": "#/definitions/ThemeValue" + } + }, + "type": "object" + } + }, + "description": "Definition of AWS::AmplifyUIBuilder::Theme Resource Type", + "handlers": { + "create": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:CreateTheme", + "amplifyuibuilder:TagResource" + ] + }, + "delete": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:DeleteTheme", + "amplifyuibuilder:UntagResource" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "AppId": { + "$ref": "resource-schema.json#/properties/AppId" + }, + "EnvironmentName": { + "$ref": "resource-schema.json#/properties/EnvironmentName" + } + }, + "required": [ + "AppId", + "EnvironmentName" + ] + }, + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:ListThemes" + ] + }, + "read": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme" + ] + }, + "update": { + "permissions": [ + "amplify:GetApp", + "amplifyuibuilder:GetTheme", + "amplifyuibuilder:UpdateTheme", + "amplifyuibuilder:TagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/AppId", + "/properties/EnvironmentName", + "/properties/Id" + ], + "properties": { + "AppId": { + "type": "string" + }, + "EnvironmentName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Name": { + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "Overrides": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + }, + "Tags": { + "$ref": "#/definitions/Tags" + }, + "Values": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/ThemeValues" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "Name", + "Values" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-amplifyuibuilder", + "taggable": true, + "typeName": "AWS::AmplifyUIBuilder::Theme" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-appstream-fleet.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-appstream-fleet.json index 34f57f5d36..cc6c760960 100644 --- a/src/cfnlint/data/schemas/providers/us_west_1/aws-appstream-fleet.json +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-appstream-fleet.json @@ -128,7 +128,7 @@ "type": "string" }, "InstanceType": { - "cfnLint": "aws_appstream_fleet/instancetype_enum", + "cfnLint": "AWS::AppStream::Fleet/Properties/InstanceType", "type": "string" }, "MaxConcurrentSessions": { diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-backup-backupplan.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-backup-backupplan.json index 2d406bc98d..322416cf3e 100644 --- a/src/cfnlint/data/schemas/providers/us_west_1/aws-backup-backupplan.json +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-backup-backupplan.json @@ -137,7 +137,7 @@ } }, "then": { - "cfnLint": "aws_backup_backupplan/lifecycle_resource_type" + "cfnLint": "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" }, "type": "object" } diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-cloudfront-distribution.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-cloudfront-distribution.json new file mode 100644 index 0000000000..75bb25b92e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-cloudfront-distribution.json @@ -0,0 +1,1232 @@ +{ + "additionalProperties": false, + "definitions": { + "CacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "type": "string" + }, + "PathPattern": { + "type": "string" + }, + "RealtimeLogConfigArn": { + "type": "string" + }, + "ResponseHeadersPolicyId": { + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ], + "type": "string" + } + }, + "required": [ + "PathPattern", + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "properties": { + "Forward": { + "type": "string" + }, + "WhitelistedNames": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Forward" + ], + "type": "object" + }, + "CustomErrorResponse": { + "additionalProperties": false, + "dependentRequired": { + "ResponseCode": [ + "ResponsePagePath" + ] + }, + "properties": { + "ErrorCachingMinTTL": { + "default": 300, + "type": "number" + }, + "ErrorCode": { + "enum": [ + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponseCode": { + "enum": [ + 200, + 400, + 403, + 404, + 405, + 414, + 416, + 500, + 501, + 502, + 503, + 504 + ], + "type": "integer" + }, + "ResponsePagePath": { + "type": "string" + } + }, + "required": [ + "ErrorCode" + ], + "type": "object" + }, + "CustomOriginConfig": { + "additionalProperties": false, + "properties": { + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginKeepaliveTimeout": { + "default": 5, + "type": "integer" + }, + "OriginProtocolPolicy": { + "type": "string" + }, + "OriginReadTimeout": { + "default": 30, + "type": "integer" + }, + "OriginSSLProtocols": { + "default": [ + "TLSv1", + "SSLv3" + ], + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "OriginProtocolPolicy" + ], + "type": "object" + }, + "DefaultCacheBehavior": { + "additionalProperties": false, + "properties": { + "AllowedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CachePolicyId": { + "default": "", + "type": "string" + }, + "CachedMethods": { + "default": [ + "GET", + "HEAD" + ], + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Compress": { + "default": false, + "type": "boolean" + }, + "DefaultTTL": { + "default": 86400, + "type": "number" + }, + "FieldLevelEncryptionId": { + "default": "", + "type": "string" + }, + "ForwardedValues": { + "$ref": "#/definitions/ForwardedValues" + }, + "FunctionAssociations": { + "items": { + "$ref": "#/definitions/FunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "LambdaFunctionAssociations": { + "items": { + "$ref": "#/definitions/LambdaFunctionAssociation" + }, + "type": "array", + "uniqueItems": false + }, + "MaxTTL": { + "default": 31536000, + "type": "number" + }, + "MinTTL": { + "default": 0, + "type": "number" + }, + "OriginRequestPolicyId": { + "default": "", + "type": "string" + }, + "RealtimeLogConfigArn": { + "default": "", + "type": "string" + }, + "ResponseHeadersPolicyId": { + "default": "", + "type": "string" + }, + "SmoothStreaming": { + "default": false, + "type": "boolean" + }, + "TargetOriginId": { + "type": "string" + }, + "TrustedKeyGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TrustedSigners": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ViewerProtocolPolicy": { + "type": "string" + } + }, + "required": [ + "TargetOriginId", + "ViewerProtocolPolicy" + ], + "type": "object" + }, + "DistributionConfig": { + "additionalProperties": false, + "properties": { + "Aliases": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CNAMEs": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "CacheBehaviors": { + "items": { + "$ref": "#/definitions/CacheBehavior" + }, + "type": "array", + "uniqueItems": false + }, + "Comment": { + "default": "", + "type": "string" + }, + "ContinuousDeploymentPolicyId": { + "type": "string" + }, + "CustomErrorResponses": { + "items": { + "$ref": "#/definitions/CustomErrorResponse" + }, + "type": "array", + "uniqueItems": false + }, + "CustomOrigin": { + "$ref": "#/definitions/LegacyCustomOrigin" + }, + "DefaultCacheBehavior": { + "$ref": "#/definitions/DefaultCacheBehavior" + }, + "DefaultRootObject": { + "default": "", + "type": "string" + }, + "Enabled": { + "type": "boolean" + }, + "HttpVersion": { + "default": "http1.1", + "enum": [ + "http1.1", + "http2", + "http3", + "http2and3" + ], + "type": "string" + }, + "IPV6Enabled": { + "type": "boolean" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "OriginGroups": { + "$ref": "#/definitions/OriginGroups" + }, + "Origins": { + "items": { + "$ref": "#/definitions/Origin" + }, + "type": "array", + "uniqueItems": false + }, + "PriceClass": { + "default": "PriceClass_All", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ], + "type": "string" + }, + "Restrictions": { + "$ref": "#/definitions/Restrictions", + "default": { + "GeoRestriction": { + "RestrictionType": "none" + } + } + }, + "S3Origin": { + "$ref": "#/definitions/LegacyS3Origin" + }, + "Staging": { + "type": "boolean" + }, + "ViewerCertificate": { + "$ref": "#/definitions/ViewerCertificate", + "default": { + "CloudFrontDefaultCertificate": true + } + }, + "WebACLId": { + "default": "", + "type": "string" + } + }, + "required": [ + "Enabled", + "DefaultCacheBehavior" + ], + "type": "object" + }, + "ForwardedValues": { + "additionalProperties": false, + "properties": { + "Cookies": { + "$ref": "#/definitions/Cookies", + "default": { + "Forward": "none" + } + }, + "Headers": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "QueryString": { + "type": "boolean" + }, + "QueryStringCacheKeys": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "QueryString" + ], + "type": "object" + }, + "FunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ], + "type": "string" + }, + "FunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "GeoRestriction": { + "additionalProperties": false, + "properties": { + "Locations": { + "items": { + "enum": [ + "AD", + "AE", + "AF", + "AG", + "AI", + "AL", + "AM", + "AO", + "AQ", + "AR", + "AS", + "AT", + "AU", + "AW", + "AX", + "AZ", + "BA", + "BB", + "BD", + "BE", + "BF", + "BG", + "BH", + "BI", + "BJ", + "BL", + "BM", + "BN", + "BO", + "BQ", + "BR", + "BS", + "BT", + "BV", + "BW", + "BY", + "BZ", + "CA", + "CC", + "CD", + "CF", + "CG", + "CH", + "CI", + "CK", + "CL", + "CM", + "CN", + "CO", + "CR", + "CU", + "CV", + "CW", + "CX", + "CY", + "CZ", + "DE", + "DJ", + "DK", + "DM", + "DO", + "DZ", + "EC", + "EE", + "EG", + "EH", + "ER", + "ES", + "ET", + "FI", + "FJ", + "FK", + "FM", + "FO", + "FR", + "GA", + "GB", + "GD", + "GE", + "GF", + "GG", + "GH", + "GI", + "GL", + "GM", + "GN", + "GP", + "GQ", + "GR", + "GS", + "GT", + "GU", + "GW", + "GY", + "HK", + "HM", + "HN", + "HR", + "HT", + "HU", + "ID", + "IE", + "IL", + "IM", + "IN", + "IO", + "IQ", + "IR", + "IS", + "IT", + "JE", + "JM", + "JO", + "JP", + "KE", + "KG", + "KH", + "KI", + "KM", + "KN", + "KP", + "KR", + "KW", + "KY", + "KZ", + "LA", + "LB", + "LC", + "LI", + "LK", + "LR", + "LS", + "LT", + "LU", + "LV", + "LY", + "MA", + "MC", + "MD", + "ME", + "MF", + "MG", + "MH", + "MK", + "ML", + "MM", + "MN", + "MO", + "MP", + "MQ", + "MR", + "MS", + "MT", + "MU", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NC", + "NE", + "NF", + "NG", + "NI", + "NL", + "NO", + "NP", + "NR", + "NU", + "NZ", + "OM", + "PA", + "PE", + "PF", + "PG", + "PH", + "PK", + "PL", + "PM", + "PN", + "PR", + "PS", + "PT", + "PW", + "PY", + "QA", + "RE", + "RO", + "RS", + "RU", + "RW", + "SA", + "SB", + "SC", + "SD", + "SE", + "SG", + "SH", + "SI", + "SJ", + "SK", + "SL", + "SM", + "SN", + "SO", + "SR", + "SS", + "ST", + "SV", + "SX", + "SY", + "SZ", + "TC", + "TD", + "TF", + "TG", + "TH", + "TJ", + "TK", + "TL", + "TM", + "TN", + "TO", + "TR", + "TT", + "TV", + "TW", + "TZ", + "UA", + "UG", + "UM", + "US", + "UY", + "UZ", + "VA", + "VC", + "VE", + "VG", + "VI", + "VN", + "VU", + "WF", + "WS", + "YE", + "YT", + "ZA", + "ZM", + "ZW" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "RestrictionType": { + "enum": [ + "blacklist", + "whitelist", + "none" + ], + "type": "string" + } + }, + "required": [ + "RestrictionType" + ], + "type": "object" + }, + "LambdaFunctionAssociation": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "IncludeBody": { + "type": "boolean" + }, + "LambdaFunctionARN": { + "type": "string" + } + }, + "type": "object" + }, + "LegacyCustomOrigin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "HTTPPort": { + "default": 80, + "type": "integer" + }, + "HTTPSPort": { + "default": 443, + "type": "integer" + }, + "OriginProtocolPolicy": { + "enum": [ + "http-only", + "match-viewer", + "https-only" + ], + "type": "string" + }, + "OriginSSLProtocols": { + "items": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ], + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "DNSName", + "OriginProtocolPolicy", + "OriginSSLProtocols" + ], + "type": "object" + }, + "LegacyS3Origin": { + "additionalProperties": false, + "properties": { + "DNSName": { + "type": "string" + }, + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "required": [ + "DNSName" + ], + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "Bucket": { + "type": "string" + }, + "IncludeCookies": { + "default": false, + "type": "boolean" + }, + "Prefix": { + "default": "", + "type": "string" + } + }, + "required": [ + "Bucket" + ], + "type": "object" + }, + "Origin": { + "additionalProperties": false, + "dependentExcluded": { + "CustomOriginConfig": [ + "S3OriginConfig" + ], + "S3OriginConfig": [ + "CustomOriginConfig" + ] + }, + "properties": { + "ConnectionAttempts": { + "type": "integer" + }, + "ConnectionTimeout": { + "type": "integer" + }, + "CustomOriginConfig": { + "$ref": "#/definitions/CustomOriginConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "OriginAccessControlId": { + "type": "string" + }, + "OriginCustomHeaders": { + "items": { + "$ref": "#/definitions/OriginCustomHeader" + }, + "type": "array", + "uniqueItems": false + }, + "OriginPath": { + "default": "", + "type": "string" + }, + "OriginShield": { + "$ref": "#/definitions/OriginShield" + }, + "S3OriginConfig": { + "$ref": "#/definitions/S3OriginConfig" + } + }, + "required": [ + "DomainName", + "Id" + ], + "type": "object" + }, + "OriginCustomHeader": { + "additionalProperties": false, + "properties": { + "HeaderName": { + "type": "string" + }, + "HeaderValue": { + "type": "string" + } + }, + "required": [ + "HeaderValue", + "HeaderName" + ], + "type": "object" + }, + "OriginGroup": { + "additionalProperties": false, + "properties": { + "FailoverCriteria": { + "$ref": "#/definitions/OriginGroupFailoverCriteria" + }, + "Id": { + "type": "string" + }, + "Members": { + "$ref": "#/definitions/OriginGroupMembers" + } + }, + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "type": "object" + }, + "OriginGroupFailoverCriteria": { + "additionalProperties": false, + "properties": { + "StatusCodes": { + "$ref": "#/definitions/StatusCodes" + } + }, + "required": [ + "StatusCodes" + ], + "type": "object" + }, + "OriginGroupMember": { + "additionalProperties": false, + "properties": { + "OriginId": { + "type": "string" + } + }, + "required": [ + "OriginId" + ], + "type": "object" + }, + "OriginGroupMembers": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroupMember" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "OriginGroups": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "$ref": "#/definitions/OriginGroup" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity" + ], + "type": "object" + }, + "OriginShield": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "OriginShieldRegion": { + "type": "string" + } + }, + "type": "object" + }, + "Restrictions": { + "additionalProperties": false, + "properties": { + "GeoRestriction": { + "$ref": "#/definitions/GeoRestriction" + } + }, + "required": [ + "GeoRestriction" + ], + "type": "object" + }, + "S3OriginConfig": { + "additionalProperties": false, + "properties": { + "OriginAccessIdentity": { + "default": "", + "type": "string" + } + }, + "type": "object" + }, + "StatusCodes": { + "additionalProperties": false, + "properties": { + "Items": { + "items": { + "type": "integer" + }, + "type": "array", + "uniqueItems": false + }, + "Quantity": { + "type": "integer" + } + }, + "required": [ + "Quantity", + "Items" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "ViewerCertificate": { + "additionalProperties": false, + "dependentRequired": { + "AcmCertificateArn": [ + "SslSupportMethod" + ], + "IamCertificateId": [ + "SslSupportMethod" + ] + }, + "properties": { + "AcmCertificateArn": { + "type": "string" + }, + "CloudFrontDefaultCertificate": { + "type": "boolean" + }, + "IamCertificateId": { + "type": "string" + }, + "MinimumProtocolVersion": { + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018", + "TLSv1.2_2019", + "TLSv1.2_2021" + ], + "type": "string" + }, + "SslSupportMethod": { + "enum": [ + "sni-only", + "vip", + "static-ip" + ], + "type": "string" + } + }, + "requiredXor": [ + "AcmCertificateArn", + "CloudFrontDefaultCertificate", + "IamCertificateId" + ], + "type": "object" + } + }, + "deprecatedProperties": [ + "/properties/DistributionConfig/CustomOrigin", + "/properties/DistributionConfig/S3Origin" + ], + "description": "Resource Type definition for AWS::CloudFront::Distribution", + "handlers": { + "create": { + "permissions": [ + "cloudfront:CreateDistribution", + "cloudfront:CreateDistributionWithTags", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:TagResource" + ] + }, + "delete": { + "permissions": [ + "cloudfront:DeleteDistribution", + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "list": { + "permissions": [ + "cloudfront:ListDistributions" + ] + }, + "read": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig" + ] + }, + "update": { + "permissions": [ + "cloudfront:GetDistribution", + "cloudfront:GetDistributionConfig", + "cloudfront:UpdateDistribution", + "cloudfront:UpdateDistributionWithStagingConfig", + "cloudfront:ListTagsForResource", + "cloudfront:TagResource", + "cloudfront:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "DistributionConfig": { + "$ref": "#/definitions/DistributionConfig" + }, + "DomainName": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/DomainName" + ], + "required": [ + "DistributionConfig" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::CloudFront::Distribution" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-ec2-launchtemplate.json new file mode 100644 index 0000000000..9b3fa9915c --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-ec2-launchtemplate.json @@ -0,0 +1,1240 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/LaunchTemplateName" + ], + "definitions": { + "AcceleratorCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferential chips) on an instance.", + "properties": { + "Max": { + "description": "The maximum number of accelerators.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of accelerators.", + "type": "integer" + } + }, + "type": "object" + }, + "AcceleratorTotalMemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total accelerator memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of accelerator memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of accelerator memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "BaselineEbsBandwidthMbps": { + "additionalProperties": false, + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps.", + "properties": { + "Max": { + "description": "The maximum baseline bandwidth, in Mbps.", + "type": "integer" + }, + "Min": { + "description": "The minimum baseline bandwidth, in Mbps.", + "type": "integer" + } + }, + "type": "object" + }, + "BlockDeviceMapping": { + "additionalProperties": false, + "description": "Information about a block device mapping for an Amazon EC2 launch template.", + "properties": { + "DeviceName": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "Ebs": { + "$ref": "#/definitions/Ebs" + }, + "NoDevice": { + "description": "To omit the device from the block device mapping, specify an empty string.", + "type": "string" + }, + "VirtualName": { + "description": "The virtual device name (ephemeralN).", + "type": "string" + } + }, + "requiredXor": [ + "VirtualName", + "Ebs", + "NoDevice" + ], + "type": "object" + }, + "CapacityReservationSpecification": { + "additionalProperties": false, + "description": "Specifies an instance's Capacity Reservation targeting option.", + "properties": { + "CapacityReservationPreference": { + "description": "Indicates the instance's Capacity Reservation preferences.", + "type": "string" + }, + "CapacityReservationTarget": { + "$ref": "#/definitions/CapacityReservationTarget" + } + }, + "type": "object" + }, + "CapacityReservationTarget": { + "additionalProperties": false, + "description": "Specifies a target Capacity Reservation.", + "properties": { + "CapacityReservationId": { + "description": "The ID of the Capacity Reservation in which to run the instance.", + "type": "string" + }, + "CapacityReservationResourceGroupArn": { + "description": "The ARN of the Capacity Reservation resource group in which to run the instance.", + "type": "string" + } + }, + "type": "object" + }, + "ConnectionTrackingSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify Connection Tracking options", + "properties": { + "TcpEstablishedTimeout": { + "description": "Integer value for TCP Established Timeout", + "type": "integer" + }, + "UdpStreamTimeout": { + "description": "Integer value for UDP Stream Timeout", + "type": "integer" + }, + "UdpTimeout": { + "description": "Integer value for UDP Timeout", + "type": "integer" + } + }, + "type": "object" + }, + "CpuOptions": { + "additionalProperties": false, + "description": "specifies the CPU options for an instance.", + "properties": { + "AmdSevSnp": { + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only.", + "enum": [ + "enabled", + "disabled" + ], + "type": "string" + }, + "CoreCount": { + "description": "The number of CPU cores for the instance.", + "type": "integer" + }, + "ThreadsPerCore": { + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.", + "type": "integer" + } + }, + "type": "object" + }, + "CreditSpecification": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "CpuCredits": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "type": "object" + }, + "Ebs": { + "additionalProperties": false, + "description": "Parameters for a block device for an EBS volume in an Amazon EC2 launch template.", + "properties": { + "DeleteOnTermination": { + "description": "Indicates whether the EBS volume is deleted on instance termination.", + "type": "boolean" + }, + "Encrypted": { + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", + "type": "boolean" + }, + "Iops": { + "description": "The number of I/O operations per second (IOPS).", + "type": "integer" + }, + "KmsKeyId": { + "description": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.", + "type": "string" + }, + "SnapshotId": { + "description": "The ID of the snapshot.", + "type": "string" + }, + "Throughput": { + "description": "The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.", + "type": "integer" + }, + "VolumeSize": { + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size.", + "type": "integer" + }, + "VolumeType": { + "description": "The volume type.", + "enum": [ + "standard", + "io1", + "io2", + "gp2", + "sc1", + "st1", + "gp3" + ], + "type": "string" + } + }, + "type": "object" + }, + "ElasticGpuSpecification": { + "additionalProperties": false, + "description": "Specifies a specification for an Elastic GPU for launch template.", + "properties": { + "Type": { + "description": "The type of Elastic Graphics accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "EnaSrdSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD options", + "properties": { + "EnaSrdEnabled": { + "description": "Enables TCP ENA-SRD", + "type": "boolean" + }, + "EnaSrdUdpSpecification": { + "$ref": "#/definitions/EnaSrdUdpSpecification" + } + }, + "type": "object" + }, + "EnaSrdUdpSpecification": { + "additionalProperties": false, + "description": "Allows customer to specify ENA-SRD (UDP) options", + "properties": { + "EnaSrdUdpEnabled": { + "description": "Enables UDP ENA-SRD", + "type": "boolean" + } + }, + "type": "object" + }, + "EnclaveOptions": { + "additionalProperties": false, + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "properties": { + "Enabled": { + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", + "type": "boolean" + } + }, + "type": "object" + }, + "HibernationOptions": { + "additionalProperties": false, + "description": "Specifies whether your instance is configured for hibernation.", + "properties": { + "Configured": { + "description": "TIf you set this parameter to true, the instance is enabled for hibernation.", + "type": "boolean" + } + }, + "type": "object" + }, + "IamInstanceProfile": { + "additionalProperties": false, + "description": "Specifies an IAM instance profile, which is a container for an IAM role for your instance.", + "properties": { + "Arn": { + "description": "The Amazon Resource Name (ARN) of the instance profile.", + "type": "string" + }, + "Name": { + "description": "The name of the instance profile.", + "type": "string" + } + }, + "type": "object" + }, + "InstanceMarketOptions": { + "additionalProperties": false, + "description": "The market (purchasing) option for the instances.", + "properties": { + "MarketType": { + "description": "The market type.", + "enum": [ + "spot", + "capacity-block" + ], + "type": "string" + }, + "SpotOptions": { + "$ref": "#/definitions/SpotOptions" + } + }, + "type": "object" + }, + "InstanceRequirements": { + "additionalProperties": false, + "description": "The attributes for the instance types.", + "properties": { + "AcceleratorCount": { + "$ref": "#/definitions/AcceleratorCount" + }, + "AcceleratorManufacturers": { + "description": "Indicates whether instance types must have accelerators by specific manufacturers.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorNames": { + "description": "The accelerators that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AcceleratorTotalMemoryMiB": { + "$ref": "#/definitions/AcceleratorTotalMemoryMiB" + }, + "AcceleratorTypes": { + "description": "The accelerator types that must be on the instance type.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "AllowedInstanceTypes": { + "description": "The instance types to apply your specified attributes against.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "BareMetal": { + "description": "Indicates whether bare metal instance types must be included, excluded, or required.", + "type": "string" + }, + "BaselineEbsBandwidthMbps": { + "$ref": "#/definitions/BaselineEbsBandwidthMbps" + }, + "BurstablePerformance": { + "type": "string" + }, + "CpuManufacturers": { + "description": "The CPU manufacturers to include.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "ExcludedInstanceTypes": { + "description": "The instance types to exclude.", + "items": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InstanceGenerations": { + "description": "Indicates whether current or previous generation instance types are included.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "LocalStorage": { + "description": "The user data to make available to the instance.", + "type": "string" + }, + "LocalStorageTypes": { + "description": "The type of local storage that is required.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "MemoryGiBPerVCpu": { + "$ref": "#/definitions/MemoryGiBPerVCpu" + }, + "MemoryMiB": { + "$ref": "#/definitions/MemoryMiB" + }, + "NetworkBandwidthGbps": { + "$ref": "#/definitions/NetworkBandwidthGbps" + }, + "NetworkInterfaceCount": { + "$ref": "#/definitions/NetworkInterfaceCount" + }, + "OnDemandMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for On-Demand Instances.", + "type": "integer" + }, + "RequireHibernateSupport": { + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.", + "type": "boolean" + }, + "SpotMaxPricePercentageOverLowestPrice": { + "description": "The price protection threshold for Spot Instances.", + "type": "integer" + }, + "TotalLocalStorageGB": { + "$ref": "#/definitions/TotalLocalStorageGB" + }, + "VCpuCount": { + "$ref": "#/definitions/VCpuCount" + } + }, + "type": "object" + }, + "Ipv4PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv4 prefix for a network interface.", + "properties": { + "Ipv4Prefix": { + "description": "The IPv4 prefix.", + "type": "string" + } + }, + "type": "object" + }, + "Ipv6Add": { + "additionalProperties": false, + "description": "Specifies an IPv6 address.", + "properties": { + "Ipv6Address": { + "type": "string" + } + }, + "type": "object" + }, + "Ipv6PrefixSpecification": { + "additionalProperties": false, + "description": "Specifies an IPv6 prefix for a network interface.", + "properties": { + "Ipv6Prefix": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateData": { + "additionalProperties": false, + "description": "The information for the launch template.", + "properties": { + "BlockDeviceMappings": { + "description": "The block device mapping.", + "items": { + "$ref": "#/definitions/BlockDeviceMapping" + }, + "type": "array", + "uniqueItems": false + }, + "CapacityReservationSpecification": { + "$ref": "#/definitions/CapacityReservationSpecification" + }, + "CpuOptions": { + "$ref": "#/definitions/CpuOptions" + }, + "CreditSpecification": { + "$ref": "#/definitions/CreditSpecification" + }, + "DisableApiStop": { + "description": "Indicates whether to enable the instance for stop protection.", + "type": "boolean" + }, + "DisableApiTermination": { + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API.", + "type": "boolean" + }, + "EbsOptimized": { + "description": "Indicates whether the instance is optimized for Amazon EBS I/O.", + "type": "boolean" + }, + "ElasticGpuSpecifications": { + "description": "An elastic GPU to associate with the instance.", + "items": { + "$ref": "#/definitions/ElasticGpuSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "ElasticInferenceAccelerators": { + "description": "The elastic inference accelerator for the instance.", + "items": { + "$ref": "#/definitions/LaunchTemplateElasticInferenceAccelerator" + }, + "type": "array", + "uniqueItems": false + }, + "EnclaveOptions": { + "$ref": "#/definitions/EnclaveOptions" + }, + "HibernationOptions": { + "$ref": "#/definitions/HibernationOptions" + }, + "IamInstanceProfile": { + "$ref": "#/definitions/IamInstanceProfile" + }, + "ImageId": { + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.", + "type": "string" + }, + "InstanceInitiatedShutdownBehavior": { + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).", + "enum": [ + "stop", + "terminate" + ], + "type": "string" + }, + "InstanceMarketOptions": { + "$ref": "#/definitions/InstanceMarketOptions" + }, + "InstanceRequirements": { + "$ref": "#/definitions/InstanceRequirements" + }, + "InstanceType": { + "type": "string" + }, + "KernelId": { + "description": "The ID of the kernel.", + "type": "string" + }, + "KeyName": { + "description": "The name of the EC2 key pair", + "type": "string" + }, + "LicenseSpecifications": { + "description": "The license configurations.", + "items": { + "$ref": "#/definitions/LicenseSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "MaintenanceOptions": { + "$ref": "#/definitions/MaintenanceOptions" + }, + "MetadataOptions": { + "$ref": "#/definitions/MetadataOptions" + }, + "Monitoring": { + "$ref": "#/definitions/Monitoring" + }, + "NetworkInterfaces": { + "description": "If you specify a network interface, you must specify any security groups and subnets as part of the network interface.", + "items": { + "$ref": "#/definitions/NetworkInterface" + }, + "type": "array", + "uniqueItems": false + }, + "Placement": { + "$ref": "#/definitions/Placement" + }, + "PrivateDnsNameOptions": { + "$ref": "#/definitions/PrivateDnsNameOptions" + }, + "RamDiskId": { + "type": "string" + }, + "SecurityGroupIds": { + "description": "One or more security group IDs. ", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "SecurityGroups": { + "description": "One or more security group names.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "TagSpecifications": { + "description": "The tags to apply to the resources that are created during instance launch.", + "items": { + "$ref": "#/definitions/TagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "UserData": { + "description": "The user data to make available to the instance.", + "type": "string" + } + }, + "requiredXor": [ + "SecurityGroups", + "SecurityGroupIds", + "NetworkInterfaces" + ], + "type": "object" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "additionalProperties": false, + "description": "Specifies an elastic inference accelerator.", + "properties": { + "Count": { + "description": "The number of elastic inference accelerators to attach to the instance.", + "type": "integer" + }, + "Type": { + "description": "The type of elastic inference accelerator.", + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplateTagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to the launch template during creation.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "LicenseSpecification": { + "additionalProperties": false, + "description": "Specifies a license configuration for an instance.", + "properties": { + "LicenseConfigurationArn": { + "description": "The Amazon Resource Name (ARN) of the license configuration.", + "type": "string" + } + }, + "type": "object" + }, + "MaintenanceOptions": { + "additionalProperties": false, + "description": "The maintenance options of your instance.", + "properties": { + "AutoRecovery": { + "description": "Disables the automatic recovery behavior of your instance or sets it to default.", + "type": "string" + }, + "RebootMigration": { + "description": "Disables the automatic reboot-migration behavior of your instance or sets it to default.", + "type": "string" + } + }, + "type": "object" + }, + "MemoryGiBPerVCpu": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory per vCPU, in GiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory per vCPU, in GiB.", + "type": "number" + }, + "Min": { + "description": "TThe minimum amount of memory per vCPU, in GiB.", + "type": "number" + } + }, + "type": "object" + }, + "MemoryMiB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of memory, in MiB.", + "properties": { + "Max": { + "description": "The maximum amount of memory, in MiB.", + "type": "integer" + }, + "Min": { + "description": "The minimum amount of memory, in MiB.", + "type": "integer" + } + }, + "type": "object" + }, + "MetadataOptions": { + "additionalProperties": false, + "description": "The metadata options for the instance.", + "properties": { + "HttpEndpoint": { + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled.", + "type": "string" + }, + "HttpProtocolIpv6": { + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.", + "type": "string" + }, + "HttpPutResponseHopLimit": { + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.", + "type": "integer" + }, + "HttpTokens": { + "description": "IMDSv2 uses token-backed sessions.", + "type": "string" + }, + "InstanceMetadataTags": { + "description": "Set to enabled to allow access to instance tags from the instance metadata.", + "type": "string" + } + }, + "type": "object" + }, + "Monitoring": { + "additionalProperties": false, + "description": "Specifies whether detailed monitoring is enabled for an instance.", + "properties": { + "Enabled": { + "description": "Specify true to enable detailed monitoring.", + "type": "boolean" + } + }, + "type": "object" + }, + "NetworkBandwidthGbps": { + "additionalProperties": false, + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).", + "properties": { + "Max": { + "description": "The maximum amount of network bandwidth, in Gbps.", + "type": "number" + }, + "Min": { + "description": "The minimum amount of network bandwidth, in Gbps.", + "type": "number" + } + }, + "type": "object" + }, + "NetworkInterface": { + "additionalProperties": false, + "description": "Specifies the parameters for a network interface.", + "properties": { + "AssociateCarrierIpAddress": { + "description": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.", + "type": "boolean" + }, + "AssociatePublicIpAddress": { + "description": "Associates a public IPv4 address with eth0 for a new network interface.", + "type": "boolean" + }, + "ConnectionTrackingSpecification": { + "$ref": "#/definitions/ConnectionTrackingSpecification" + }, + "DeleteOnTermination": { + "description": "Indicates whether the network interface is deleted when the instance is terminated.", + "type": "boolean" + }, + "Description": { + "description": "A description for the network interface.", + "type": "string" + }, + "DeviceIndex": { + "description": "The device index for the network interface attachment.", + "type": "integer" + }, + "EnaSrdSpecification": { + "$ref": "#/definitions/EnaSrdSpecification" + }, + "Groups": { + "description": "The IDs of one or more security groups.", + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "InterfaceType": { + "description": "The type of network interface.", + "type": "string" + }, + "Ipv4PrefixCount": { + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv4Prefixes": { + "description": "One or more IPv4 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv4PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6AddressCount": { + "description": "The number of IPv6 addresses to assign to a network interface.", + "type": "integer" + }, + "Ipv6Addresses": { + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet.", + "items": { + "$ref": "#/definitions/Ipv6Add" + }, + "type": "array", + "uniqueItems": false + }, + "Ipv6PrefixCount": { + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface.", + "type": "integer" + }, + "Ipv6Prefixes": { + "description": "One or more IPv6 prefixes to be assigned to the network interface.", + "items": { + "$ref": "#/definitions/Ipv6PrefixSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "NetworkCardIndex": { + "description": "The index of the network card.", + "type": "integer" + }, + "NetworkInterfaceId": { + "description": "The ID of the network interface.", + "type": "string" + }, + "PrimaryIpv6": { + "description": "Enables the first IPv6 global unique address (GUA) on a dual stack or IPv6-only ENI immutable.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The primary private IPv4 address of the network interface.", + "type": "string" + }, + "PrivateIpAddresses": { + "description": "One or more private IPv4 addresses.", + "items": { + "$ref": "#/definitions/PrivateIpAdd" + }, + "type": "array", + "uniqueItems": false + }, + "SecondaryPrivateIpAddressCount": { + "description": "The number of secondary private IPv4 addresses to assign to a network interface.", + "type": "integer" + }, + "SubnetId": { + "description": "The ID of the subnet for the network interface.", + "type": "string" + } + }, + "type": "object" + }, + "NetworkInterfaceCount": { + "additionalProperties": false, + "description": "TThe minimum and maximum number of network interfaces.", + "properties": { + "Max": { + "type": "integer" + }, + "Min": { + "type": "integer" + } + }, + "type": "object" + }, + "Placement": { + "additionalProperties": false, + "description": "Specifies the placement of an instance.", + "properties": { + "Affinity": { + "description": "The affinity setting for an instance on a Dedicated Host.", + "type": "string" + }, + "AvailabilityZone": { + "cfnLint": [ + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone" + ], + "description": "The Availability Zone for the instance.", + "type": "string" + }, + "GroupId": { + "description": "The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement group.", + "type": "string" + }, + "GroupName": { + "description": "The name of the placement group for the instance.", + "type": "string" + }, + "HostId": { + "description": "The ID of the Dedicated Host for the instance.", + "type": "string" + }, + "HostResourceGroupArn": { + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "type": "string" + }, + "PartitionNumber": { + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition.", + "type": "integer" + }, + "SpreadDomain": { + "description": "Reserved for future use.", + "type": "string" + }, + "Tenancy": { + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.", + "enum": [ + "default", + "dedicated", + "host" + ], + "type": "string" + } + }, + "type": "object" + }, + "PrivateDnsNameOptions": { + "additionalProperties": false, + "description": "Describes the options for instance hostnames.", + "properties": { + "EnableResourceNameDnsAAAARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", + "type": "boolean" + }, + "EnableResourceNameDnsARecord": { + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", + "type": "boolean" + }, + "HostnameType": { + "description": "The type of hostname for EC2 instances.", + "type": "string" + } + }, + "type": "object" + }, + "PrivateIpAdd": { + "additionalProperties": false, + "description": "Specifies a secondary private IPv4 address for a network interface.", + "properties": { + "Primary": { + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", + "type": "boolean" + }, + "PrivateIpAddress": { + "description": "The private IPv4 address.", + "type": "string" + } + }, + "type": "object" + }, + "SpotOptions": { + "additionalProperties": false, + "description": "Specifies options for Spot Instances.", + "properties": { + "BlockDurationMinutes": { + "description": "Deprecated", + "type": "integer" + }, + "InstanceInterruptionBehavior": { + "description": "The behavior when a Spot Instance is interrupted. The default is terminate.", + "enum": [ + "hibernate", + "stop", + "terminate" + ], + "type": "string" + }, + "MaxPrice": { + "description": "The maximum hourly price you're willing to pay for the Spot Instances.", + "type": "string" + }, + "SpotInstanceType": { + "description": "The Spot Instance request type.", + "enum": [ + "one-time", + "persistent" + ], + "type": "string" + }, + "ValidUntil": { + "description": "The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests.", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "description": "The user data to make available to the instance.", + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Value", + "Key" + ], + "type": "object" + }, + "TagSpecification": { + "additionalProperties": false, + "description": "Specifies the tags to apply to a resource when the resource is created for the launch template.", + "properties": { + "ResourceType": { + "description": "The type of resource to tag.", + "enum": [ + "capacity-reservation", + "client-vpn-endpoint", + "customer-gateway", + "carrier-gateway", + "coip-pool", + "dedicated-host", + "dhcp-options", + "egress-only-internet-gateway", + "elastic-ip", + "elastic-gpu", + "export-image-task", + "export-instance-task", + "fleet", + "fpga-image", + "host-reservation", + "image", + "import-image-task", + "import-snapshot-task", + "instance", + "instance-event-window", + "internet-gateway", + "ipam", + "ipam-pool", + "ipam-scope", + "ipv4pool-ec2", + "ipv6pool-ec2", + "key-pair", + "launch-template", + "local-gateway", + "local-gateway-route-table", + "local-gateway-virtual-interface", + "local-gateway-virtual-interface-group", + "local-gateway-route-table-vpc-association", + "local-gateway-route-table-virtual-interface-group-association", + "natgateway", + "network-acl", + "network-interface", + "network-insights-analysis", + "network-insights-path", + "network-insights-access-scope", + "network-insights-access-scope-analysis", + "placement-group", + "prefix-list", + "replace-root-volume-task", + "reserved-instances", + "route-table", + "security-group", + "security-group-rule", + "snapshot", + "spot-fleet-request", + "spot-instances-request", + "subnet", + "subnet-cidr-reservation", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-connect-peer", + "transit-gateway-multicast-domain", + "transit-gateway-policy-table", + "transit-gateway-route-table", + "transit-gateway-route-table-announcement", + "volume", + "vpc", + "vpc-endpoint", + "vpc-endpoint-connection", + "vpc-endpoint-service", + "vpc-endpoint-service-permission", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway", + "vpc-flow-log", + "capacity-reservation-fleet", + "traffic-mirror-filter-rule", + "vpc-endpoint-connection-device-type", + "verified-access-instance", + "verified-access-group", + "verified-access-endpoint", + "verified-access-policy", + "verified-access-trust-provider", + "vpn-connection-device-type", + "vpc-block-public-access-exclusion", + "ipam-resource-discovery", + "ipam-resource-discovery-association", + "instance-connect-endpoint" + ], + "type": "string" + }, + "Tags": { + "description": "The tags for the resource.", + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + } + }, + "type": "object" + }, + "TotalLocalStorageGB": { + "additionalProperties": false, + "description": "The minimum and maximum amount of total local storage, in GB.", + "properties": { + "Max": { + "type": "number" + }, + "Min": { + "type": "number" + } + }, + "type": "object" + }, + "VCpuCount": { + "additionalProperties": false, + "description": "The minimum and maximum number of vCPUs.", + "properties": { + "Max": { + "description": "The maximum number of vCPUs.", + "type": "integer" + }, + "Min": { + "description": "The minimum number of vCPUs.", + "type": "integer" + } + }, + "type": "object" + } + }, + "description": "Resource Type definition for AWS::EC2::LaunchTemplate", + "handlers": { + "create": { + "permissions": [ + "ec2:CreateLaunchTemplate", + "ec2:CreateTags" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteLaunchTemplate", + "ec2:DeleteTags", + "ec2:DescribeLaunchTemplates" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeLaunchTemplates" + ] + }, + "update": { + "permissions": [ + "ec2:CreateLaunchTemplateVersion" + ] + } + }, + "primaryIdentifier": [ + "/properties/LaunchTemplateId" + ], + "properties": { + "DefaultVersionNumber": { + "description": "The default version of the launch template", + "type": "string" + }, + "LatestVersionNumber": { + "description": "The latest version of the launch template", + "type": "string" + }, + "LaunchTemplateData": { + "$ref": "#/definitions/LaunchTemplateData" + }, + "LaunchTemplateId": { + "description": "LaunchTemplate ID generated by service", + "type": "string" + }, + "LaunchTemplateName": { + "description": "A name for the launch template.", + "type": "string" + }, + "TagSpecifications": { + "description": "The tags to apply to the launch template on creation.", + "items": { + "$ref": "#/definitions/LaunchTemplateTagSpecification" + }, + "type": "array", + "uniqueItems": false + }, + "VersionDescription": { + "description": "A description for the first version of the launch template.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/DefaultVersionNumber", + "/properties/LaunchTemplateId", + "/properties/LatestVersionNumber" + ], + "required": [ + "LaunchTemplateData" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::LaunchTemplate", + "writeOnlyProperties": [ + "/properties/LaunchTemplateData", + "/properties/VersionDescription", + "/properties/TagSpecifications" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-eks-addon.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-eks-addon.json deleted file mode 100644 index 02626266c6..0000000000 --- a/src/cfnlint/data/schemas/providers/us_west_1/aws-eks-addon.json +++ /dev/null @@ -1,148 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "description": "A key-value pair to associate with a resource.", - "properties": { - "Key": { - "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 127, - "minLength": 1, - "type": "string" - }, - "Value": { - "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ", - "maxLength": 255, - "minLength": 1, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "description": "Resource Schema for AWS::EKS::Addon", - "handlers": { - "create": { - "permissions": [ - "eks:CreateAddon", - "eks:DescribeAddon", - "eks:TagResource", - "iam:PassRole" - ] - }, - "delete": { - "permissions": [ - "eks:DeleteAddon", - "eks:DescribeAddon" - ] - }, - "list": { - "permissions": [ - "eks:ListAddons" - ] - }, - "read": { - "permissions": [ - "eks:DescribeAddon" - ] - }, - "update": { - "permissions": [ - "iam:PassRole", - "eks:UpdateAddon", - "eks:DescribeAddon", - "eks:DescribeUpdate", - "eks:ListTagsForResource", - "eks:TagResource", - "eks:UntagResource" - ] - } - }, - "primaryIdentifier": [ - "/properties/ClusterName", - "/properties/AddonName" - ], - "properties": { - "AddonName": { - "description": "Name of Addon", - "minLength": 1, - "type": "string" - }, - "AddonVersion": { - "description": "Version of Addon", - "minLength": 1, - "type": "string" - }, - "Arn": { - "description": "Amazon Resource Name (ARN) of the add-on", - "type": "string" - }, - "ClusterName": { - "description": "Name of Cluster", - "minLength": 1, - "type": "string" - }, - "ConfigurationValues": { - "description": "The configuration values to use with the add-on", - "minLength": 1, - "type": "string" - }, - "PreserveOnDelete": { - "description": "PreserveOnDelete parameter value", - "type": "boolean" - }, - "ResolveConflicts": { - "description": "Resolve parameter value conflicts", - "enum": [ - "NONE", - "OVERWRITE", - "PRESERVE" - ], - "minLength": 1, - "type": "string" - }, - "ServiceAccountRoleArn": { - "description": "IAM role to bind to the add-on's service account", - "minLength": 1, - "type": "string" - }, - "Tags": { - "description": "An array of key-value pairs to apply to this resource.", - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array", - "uniqueItems": true - } - }, - "readOnlyProperties": [ - "/properties/Arn" - ], - "required": [ - "ClusterName", - "AddonName" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::EKS::Addon", - "writeOnlyProperties": [ - "/properties/ResolveConflicts", - "/properties/PreserveOnDelete" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-neptune-dbinstance.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-neptune-dbinstance.json index e59579a720..36baa58fbd 100644 --- a/src/cfnlint/data/schemas/providers/us_west_1/aws-neptune-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-neptune-dbinstance.json @@ -43,7 +43,7 @@ "type": "string" }, "DBInstanceClass": { - "cfnLint": "aws_neptune_dbinstance/dbinstanceclass_enum", + "cfnLint": "AWS::Neptune::DBInstance/Properties/DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { diff --git a/src/cfnlint/data/schemas/providers/us_west_2/__init__.py b/src/cfnlint/data/schemas/providers/us_west_2/__init__.py index 2abd83f27d..cd00a7021e 100644 --- a/src/cfnlint/data/schemas/providers/us_west_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_west_2/__init__.py @@ -837,6 +837,7 @@ "AWS::IAM::UserPolicy", "AWS::Connect::ViewVersion", "AWS::CloudFront::OriginAccessControl", + "AWS::InspectorV2::CisScanConfiguration", "AWS::IoT::MitigationAction", "AWS::Cognito::UserPool", "AWS::SecretsManager::RotationSchedule", @@ -1302,7 +1303,6 @@ "aws-fms-resourceset.json", "aws-cognito-userpooldomain.json", "aws-autoscaling-autoscalinggroup.json", - "aws-wafv2-regexpatternset.json", "aws-eks-fargateprofile.json", "aws-workspacesweb-networksettings.json", "aws-route53-dnssec.json", @@ -1458,9 +1458,7 @@ "aws-gamelift-gameservergroup.json", "aws-appstream-stack.json", "aws-ec2-internetgateway.json", - "aws-ec2-gatewayroutetableassociation.json", "aws-vpclattice-listener.json", - "aws-wafv2-ipset.json", "aws-mediaconnect-bridgeoutput.json", "aws-greengrass-subscriptiondefinition.json", "aws-greengrass-group.json", @@ -1508,6 +1506,7 @@ "aws-groundstation-missionprofile.json", "aws-cloudformation-customresource.json", "aws-fis-targetaccountconfiguration.json", + "aws-glue-tableoptimizer.json", "aws-refactorspaces-route.json", "aws-nimblestudio-launchprofile.json", "aws-kinesisanalytics-applicationoutput.json", @@ -1522,7 +1521,6 @@ "aws-connect-securityprofile.json", "aws-codedeploy-deploymentgroup.json", "aws-amplifyuibuilder-component.json", - "aws-location-trackerconsumer.json", "aws-vpclattice-servicenetwork.json", "aws-sagemaker-inferenceexperiment.json", "aws-cloudformation-stackset.json", @@ -1539,7 +1537,6 @@ "aws-servicecatalog-launchtemplateconstraint.json", "aws-devopsguru-resourcecollection.json", "aws-healthlake-fhirdatastore.json", - "aws-wafv2-loggingconfiguration.json", "aws-dynamodb-globaltable.json", "alexa-ask-skill.json", "aws-backup-backupplan.json", @@ -1720,6 +1717,7 @@ "aws-appsync-apikey.json", "aws-cloudformation-typeactivation.json", "aws-groundstation-dataflowendpointgroup.json", + "aws-location-map.json", "aws-acmpca-certificateauthorityactivation.json", "aws-msk-serverlesscluster.json", "aws-guardduty-threatintelset.json", @@ -1832,7 +1830,6 @@ "aws-appsync-domainnameapiassociation.json", "aws-appsync-apicache.json", "aws-apigateway-account.json", - "aws-wafv2-webacl.json", "aws-globalaccelerator-endpointgroup.json", "aws-ec2-transitgatewayconnect.json", "aws-networkmanager-sitetositevpnattachment.json", @@ -1951,6 +1948,7 @@ "aws-dms-eventsubscription.json", "aws-ssmincidents-replicationset.json", "aws-iot-topicrule.json", + "aws-apprunner-vpcconnector.json", "aws-supportapp-slackworkspaceconfiguration.json", "aws-lakeformation-principalpermissions.json", "aws-datasync-locations3.json", @@ -2019,6 +2017,7 @@ "aws-iam-userpolicy.json", "aws-connect-viewversion.json", "aws-cloudfront-originaccesscontrol.json", + "aws-inspectorv2-cisscanconfiguration.json", "aws-iot-mitigationaction.json", "aws-cognito-userpool.json", "aws-secretsmanager-rotationschedule.json", @@ -2070,9 +2069,9 @@ "aws-config-aggregationauthorization.json", "aws-datasync-agent.json", "aws-iotwireless-destination.json", + "aws-cognito-userpoolidentityprovider.json", "aws-appstream-stackuserassociation.json", "aws-resiliencehub-resiliencypolicy.json", - "aws-location-tracker.json", "aws-iot-dimension.json", "aws-logs-loggroup.json", "aws-evidently-experiment.json", @@ -2166,6 +2165,7 @@ "aws-connect-routingprofile.json", "aws-ec2-flowlog.json", "aws-events-endpoint.json", + "aws-amazonmq-broker.json", "aws-emr-step.json", "aws-cleanrooms-collaboration.json", "aws-ssm-association.json", @@ -2185,7 +2185,6 @@ "aws-appmesh-virtualnode.json", "aws-apigateway-documentationversion.json", "aws-licensemanager-grant.json", - "aws-wafv2-webaclassociation.json", "aws-lookoutmetrics-anomalydetector.json", "aws-oam-sink.json", "aws-codebuild-reportgroup.json", diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-amazonmq-broker.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-amazonmq-broker.json deleted file mode 100644 index b71851eb27..0000000000 --- a/src/cfnlint/data/schemas/providers/us_west_2/aws-amazonmq-broker.json +++ /dev/null @@ -1,341 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/BrokerName", - "/properties/StorageType", - "/properties/DeploymentMode", - "/properties/EngineType", - "/properties/SubnetIds", - "/properties/AuthenticationStrategy", - "/properties/EncryptionOptions", - "/properties/PubliclyAccessible" - ], - "definitions": { - "ConfigurationId": { - "additionalProperties": false, - "properties": { - "Id": { - "type": "string" - }, - "Revision": { - "type": "integer" - } - }, - "required": [ - "Revision", - "Id" - ], - "type": "object" - }, - "EncryptionOptions": { - "additionalProperties": false, - "properties": { - "KmsKeyId": { - "type": "string" - }, - "UseAwsOwnedKey": { - "type": "boolean" - } - }, - "required": [ - "UseAwsOwnedKey" - ], - "type": "object" - }, - "LdapServerMetadata": { - "additionalProperties": false, - "properties": { - "Hosts": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "RoleBase": { - "type": "string" - }, - "RoleName": { - "type": "string" - }, - "RoleSearchMatching": { - "type": "string" - }, - "RoleSearchSubtree": { - "type": "boolean" - }, - "ServiceAccountPassword": { - "type": "string" - }, - "ServiceAccountUsername": { - "type": "string" - }, - "UserBase": { - "type": "string" - }, - "UserRoleName": { - "type": "string" - }, - "UserSearchMatching": { - "type": "string" - }, - "UserSearchSubtree": { - "type": "boolean" - } - }, - "required": [ - "Hosts", - "UserSearchMatching", - "UserBase", - "RoleSearchMatching", - "ServiceAccountUsername", - "RoleBase", - "ServiceAccountPassword" - ], - "type": "object" - }, - "LogList": { - "additionalProperties": false, - "properties": { - "Audit": { - "type": "boolean" - }, - "General": { - "type": "boolean" - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "additionalProperties": false, - "properties": { - "DayOfWeek": { - "type": "string" - }, - "TimeOfDay": { - "type": "string" - }, - "TimeZone": { - "type": "string" - } - }, - "required": [ - "DayOfWeek", - "TimeOfDay", - "TimeZone" - ], - "type": "object" - }, - "TagsEntry": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "User": { - "additionalProperties": false, - "properties": { - "ConsoleAccess": { - "type": "boolean" - }, - "Groups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Password": { - "type": "string" - }, - "Username": { - "type": "string" - } - }, - "required": [ - "Username", - "Password" - ], - "type": "object" - } - }, - "description": "Resource Type definition for AWS::AmazonMQ::Broker", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AmqpEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Arn": { - "type": "string" - }, - "AuthenticationStrategy": { - "type": "string" - }, - "AutoMinorVersionUpgrade": { - "type": "boolean" - }, - "BrokerName": { - "type": "string" - }, - "Configuration": { - "$ref": "#/definitions/ConfigurationId" - }, - "ConfigurationId": { - "type": "string" - }, - "ConfigurationRevision": { - "type": "integer" - }, - "DataReplicationMode": { - "type": "string" - }, - "DataReplicationPrimaryBrokerArn": { - "type": "string" - }, - "DeploymentMode": { - "enum": [ - "SINGLE_INSTANCE", - "ACTIVE_STANDBY_MULTI_AZ", - "CLUSTER_MULTI_AZ" - ], - "type": "string" - }, - "EncryptionOptions": { - "$ref": "#/definitions/EncryptionOptions" - }, - "EngineType": { - "enum": [ - "ACTIVEMQ", - "RABBITMQ" - ], - "type": "string" - }, - "EngineVersion": { - "type": "string" - }, - "HostInstanceType": { - "cfnLint": "aws_amazonmq_broker/instancetype_enum", - "type": "string" - }, - "Id": { - "type": "string" - }, - "IpAddresses": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "LdapServerMetadata": { - "$ref": "#/definitions/LdapServerMetadata" - }, - "Logs": { - "$ref": "#/definitions/LogList" - }, - "MaintenanceWindowStartTime": { - "$ref": "#/definitions/MaintenanceWindow" - }, - "MqttEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "OpenWireEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "PubliclyAccessible": { - "type": "boolean" - }, - "SecurityGroups": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StompEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "StorageType": { - "type": "string" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "Tags": { - "items": { - "$ref": "#/definitions/TagsEntry" - }, - "type": "array", - "uniqueItems": false - }, - "Users": { - "items": { - "$ref": "#/definitions/User" - }, - "type": "array", - "uniqueItems": false - }, - "WssEndpoints": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - } - }, - "readOnlyProperties": [ - "/properties/IpAddresses", - "/properties/Id", - "/properties/MqttEndpoints", - "/properties/OpenWireEndpoints", - "/properties/ConfigurationId", - "/properties/ConfigurationRevision", - "/properties/StompEndpoints", - "/properties/WssEndpoints", - "/properties/AmqpEndpoints", - "/properties/Arn" - ], - "required": [ - "EngineVersion", - "DeploymentMode", - "HostInstanceType", - "EngineType", - "AutoMinorVersionUpgrade", - "Users", - "PubliclyAccessible", - "BrokerName" - ], - "typeName": "AWS::AmazonMQ::Broker" -} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-apprunner-vpcconnector.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-apprunner-vpcconnector.json deleted file mode 100644 index a7b99a0c40..0000000000 --- a/src/cfnlint/data/schemas/providers/us_west_2/aws-apprunner-vpcconnector.json +++ /dev/null @@ -1,119 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/VpcConnectorName", - "/properties/Subnets", - "/properties/SecurityGroups", - "/properties/Tags" - ], - "definitions": { - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "The AWS::AppRunner::VpcConnector resource specifies an App Runner VpcConnector.", - "handlers": { - "create": { - "permissions": [ - "iam:CreateServiceLinkedRole", - "apprunner:CreateVpcConnector", - "apprunner:DescribeVpcConnector", - "apprunner:TagResource", - "ec2:DescribeSubnets", - "ec2:DescribeSecurityGroups" - ] - }, - "delete": { - "permissions": [ - "apprunner:DeleteVpcConnector" - ] - }, - "list": { - "permissions": [ - "apprunner:ListVpcConnectors" - ] - }, - "read": { - "permissions": [ - "apprunner:DescribeVpcConnector" - ] - } - }, - "primaryIdentifier": [ - "/properties/VpcConnectorArn" - ], - "properties": { - "SecurityGroups": { - "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": true - }, - "Subnets": { - "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", - "insertionOrder": false, - "items": { - "type": "string" - }, - "minItems": 1, - "type": "array", - "uniqueItems": true - }, - "Tags": { - "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", - "items": { - "$ref": "#/definitions/Tag" - }, - "type": "array" - }, - "VpcConnectorArn": { - "description": "The Amazon Resource Name (ARN) of this VPC connector.", - "maxLength": 1011, - "minLength": 44, - "pattern": "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}", - "type": "string" - }, - "VpcConnectorName": { - "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", - "maxLength": 40, - "minLength": 4, - "pattern": "^[A-Za-z0-9][A-Za-z0-9-\\\\_]{3,39}$", - "type": "string" - }, - "VpcConnectorRevision": { - "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name.", - "type": "integer" - } - }, - "readOnlyProperties": [ - "/properties/VpcConnectorArn", - "/properties/VpcConnectorRevision" - ], - "required": [ - "Subnets" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-apprunner.git", - "tagging": { - "cloudFormationSystemTags": false, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": false, - "taggable": true - }, - "typeName": "AWS::AppRunner::VpcConnector", - "writeOnlyProperties": [ - "/properties/Tags" - ] -} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-cognito-userpoolidentityprovider.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-cognito-userpoolidentityprovider.json deleted file mode 100644 index ba52781eae..0000000000 --- a/src/cfnlint/data/schemas/providers/us_west_2/aws-cognito-userpoolidentityprovider.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/UserPoolId", - "/properties/ProviderName", - "/properties/ProviderType" - ], - "description": "Resource Type definition for AWS::Cognito::UserPoolIdentityProvider", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "AttributeMapping": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "Id": { - "type": "string" - }, - "IdpIdentifiers": { - "items": { - "type": "string" - }, - "type": "array", - "uniqueItems": false - }, - "ProviderDetails": { - "patternProperties": { - "[a-zA-Z0-9]+": { - "type": "string" - } - }, - "type": "object" - }, - "ProviderName": { - "type": "string" - }, - "ProviderType": { - "type": "string" - }, - "UserPoolId": { - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "ProviderName", - "UserPoolId", - "ProviderDetails", - "ProviderType" - ], - "typeName": "AWS::Cognito::UserPoolIdentityProvider" -} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-ec2-gatewayroutetableassociation.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-ec2-gatewayroutetableassociation.json new file mode 100644 index 0000000000..82e6509392 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-ec2-gatewayroutetableassociation.json @@ -0,0 +1,58 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/GatewayId" + ], + "description": "Associates a gateway with a route table. The gateway and route table must be in the same VPC. This association causes the incoming traffic to the gateway to be routed according to the routes in the route table.", + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:AssociateRouteTable" + ] + }, + "delete": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:DisassociateRouteTable" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeRouteTables", + "ec2:ReplaceRouteTableAssociation" + ] + } + }, + "primaryIdentifier": [ + "/properties/GatewayId" + ], + "properties": { + "AssociationId": { + "description": "The route table association ID.", + "type": "string" + }, + "GatewayId": { + "description": "The ID of the gateway.", + "type": "string" + }, + "RouteTableId": { + "description": "The ID of the route table.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociationId" + ], + "required": [ + "RouteTableId", + "GatewayId" + ], + "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-gatewayroutetableassociation.html", + "typeName": "AWS::EC2::GatewayRouteTableAssociation" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-glue-tableoptimizer.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-glue-tableoptimizer.json deleted file mode 100644 index a9ba811214..0000000000 --- a/src/cfnlint/data/schemas/providers/us_west_2/aws-glue-tableoptimizer.json +++ /dev/null @@ -1,58 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/TableName", - "/properties/DatabaseName", - "/properties/Type", - "/properties/CatalogId" - ], - "definitions": { - "TableOptimizerConfiguration": { - "additionalProperties": false, - "properties": { - "Enabled": { - "type": "boolean" - }, - "RoleArn": { - "type": "string" - } - }, - "type": "object" - } - }, - "description": "Resource Type definition for AWS::Glue::TableOptimizer", - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "CatalogId": { - "type": "string" - }, - "DatabaseName": { - "type": "string" - }, - "Id": { - "type": "string" - }, - "TableName": { - "type": "string" - }, - "TableOptimizerConfiguration": { - "$ref": "#/definitions/TableOptimizerConfiguration" - }, - "Type": { - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "TableName", - "Type", - "DatabaseName", - "TableOptimizerConfiguration", - "CatalogId" - ], - "typeName": "AWS::Glue::TableOptimizer" -} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-location-tracker.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-location-tracker.json new file mode 100644 index 0000000000..dff6b9e9f6 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-location-tracker.json @@ -0,0 +1,191 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/KmsKeyId", + "/properties/TrackerName" + ], + "definitions": { + "PositionFiltering": { + "enum": [ + "TimeBased", + "DistanceBased", + "AccuracyBased" + ], + "type": "string" + }, + "PricingPlan": { + "enum": [ + "RequestBasedUsage" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Key": { + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 128, + "minLength": 1, + "pattern": "\\A(?!aws:)[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + }, + "Value": { + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.", + "maxLength": 256, + "minLength": 0, + "pattern": "\\A[a-zA-Z0-9+\\-=\\._\\:\\/@]+$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "TagMap": { + "additionalProperties": false, + "maxProperties": 50, + "patternProperties": { + "^[a-zA-Z+-=._:/]+$": { + "maxLength": 256, + "minLength": 0, + "pattern": "^[A-Za-z0-9 _=@:.+-/]*$", + "type": "string" + } + }, + "type": "object" + }, + "iso8601UTC": { + "description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)", + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "deprecatedProperties": [ + "/properties/PricingPlan", + "/properties/PricingPlanDataSource" + ], + "description": "Definition of AWS::Location::Tracker Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:CreateTracker", + "geo:DescribeTracker", + "geo:TagResource", + "geo:UntagResource", + "kms:DescribeKey", + "kms:CreateGrant" + ] + }, + "delete": { + "permissions": [ + "geo:DeleteTracker", + "geo:DescribeTracker" + ] + }, + "list": { + "permissions": [ + "geo:ListTrackers" + ] + }, + "read": { + "permissions": [ + "geo:DescribeTracker", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "geo:CreateTracker", + "geo:DescribeTracker", + "geo:TagResource", + "geo:UntagResource", + "kms:DescribeKey", + "kms:CreateGrant", + "geo:UpdateTracker" + ] + } + }, + "primaryIdentifier": [ + "/properties/TrackerName" + ], + "properties": { + "Arn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "CreateTime": { + "$ref": "#/definitions/iso8601UTC" + }, + "Description": { + "maxLength": 1000, + "minLength": 0, + "type": "string" + }, + "EventBridgeEnabled": { + "type": "boolean" + }, + "KmsKeyEnableGeospatialQueries": { + "type": "boolean" + }, + "KmsKeyId": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "PositionFiltering": { + "$ref": "#/definitions/PositionFiltering" + }, + "PricingPlan": { + "$ref": "#/definitions/PricingPlan" + }, + "PricingPlanDataSource": { + "type": "string" + }, + "Tags": { + "description": "An array of key-value pairs to apply to this resource.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array", + "uniqueItems": true + }, + "TrackerArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "TrackerName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + }, + "UpdateTime": { + "$ref": "#/definitions/iso8601UTC" + } + }, + "readOnlyProperties": [ + "/properties/CreateTime", + "/properties/Arn", + "/properties/TrackerArn", + "/properties/UpdateTime" + ], + "required": [ + "TrackerName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::Location::Tracker" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-location-trackerconsumer.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-location-trackerconsumer.json new file mode 100644 index 0000000000..8ee7f91b35 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-location-trackerconsumer.json @@ -0,0 +1,60 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/TrackerName", + "/properties/ConsumerArn" + ], + "description": "Definition of AWS::Location::TrackerConsumer Resource Type", + "handlers": { + "create": { + "permissions": [ + "geo:AssociateTrackerConsumer", + "geo:ListTrackerConsumers" + ] + }, + "delete": { + "permissions": [ + "geo:DisassociateTrackerConsumer", + "geo:ListTrackerConsumers" + ] + }, + "list": { + "permissions": [ + "geo:ListTrackerConsumers" + ] + }, + "read": { + "permissions": [ + "geo:ListTrackerConsumers" + ] + } + }, + "primaryIdentifier": [ + "/properties/TrackerName", + "/properties/ConsumerArn" + ], + "properties": { + "ConsumerArn": { + "maxLength": 1600, + "pattern": "^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)?$", + "type": "string" + }, + "TrackerName": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[-._\\w]+$", + "type": "string" + } + }, + "required": [ + "ConsumerArn", + "TrackerName" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::Location::TrackerConsumer" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-ipset.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-ipset.json new file mode 100644 index 0000000000..9181872206 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-ipset.json @@ -0,0 +1,166 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the IPSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the IPSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "IPAddress": { + "description": "IP address", + "maxLength": 50, + "minLength": 1, + "type": "string" + }, + "IPAddressVersion": { + "description": "Type of addresses in the IPSet, use IPV4 for IPV4 IP addresses, IPV6 for IPV6 address.", + "enum": [ + "IPV4", + "IPV6" + ], + "type": "string" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront IPSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of IP addresses. This can be either IPV4 or IPV6. The list will be mutually", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteIPSet", + "wafv2:GetIPSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listIPSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateIPSet", + "wafv2:GetIPSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Addresses": { + "description": "List of IPAddresses.", + "items": { + "$ref": "#/definitions/IPAddress" + }, + "type": "array" + }, + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "IPAddressVersion": { + "$ref": "#/definitions/IPAddressVersion" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Addresses", + "IPAddressVersion", + "Scope" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::IPSet" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-loggingconfiguration.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-loggingconfiguration.json new file mode 100644 index 0000000000..535275813a --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-loggingconfiguration.json @@ -0,0 +1,238 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceArn" + ], + "definitions": { + "Condition": { + "additionalProperties": false, + "properties": { + "ActionCondition": { + "additionalProperties": false, + "description": "A single action condition.", + "properties": { + "Action": { + "description": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "enum": [ + "ALLOW", + "BLOCK", + "COUNT", + "CAPTCHA", + "CHALLENGE", + "EXCLUDED_AS_COUNT" + ], + "type": "string" + } + }, + "required": [ + "Action" + ], + "type": "object" + }, + "LabelNameCondition": { + "additionalProperties": false, + "description": "A single label name condition.", + "properties": { + "LabelName": { + "description": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. ", + "type": "string" + } + }, + "required": [ + "LabelName" + ], + "type": "object" + } + }, + "type": "object" + }, + "FieldToMatch": { + "additionalProperties": false, + "description": "A key-value pair to associate with a resource.", + "properties": { + "Method": { + "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform. ", + "type": "object" + }, + "QueryString": { + "description": "Inspect the query string. This is the part of a URL that appears after a ? character, if any. ", + "type": "object" + }, + "SingleHeader": { + "additionalProperties": false, + "description": "Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.", + "properties": { + "Name": { + "description": "The name of the query header to inspect.", + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "UriPath": { + "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg. ", + "type": "object" + } + }, + "type": "object" + }, + "Filter": { + "additionalProperties": false, + "properties": { + "Behavior": { + "description": "How to handle logs that satisfy the filter's conditions and requirement. ", + "enum": [ + "KEEP", + "DROP" + ], + "type": "string" + }, + "Conditions": { + "description": "Match conditions for the filter.", + "items": { + "$ref": "#/definitions/Condition" + }, + "minItems": 1, + "type": "array" + }, + "Requirement": { + "description": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", + "enum": [ + "MEETS_ALL", + "MEETS_ANY" + ], + "type": "string" + } + }, + "required": [ + "Behavior", + "Conditions", + "Requirement" + ], + "type": "object" + } + }, + "description": "A WAFv2 Logging Configuration Resource Provider", + "handlers": { + "create": { + "permissions": [ + "wafv2:PutLoggingConfiguration", + "wafv2:GetLoggingConfiguration", + "firehose:ListDeliveryStreams", + "iam:CreateServiceLinkedRole", + "iam:DescribeOrganization", + "logs:CreateLogDelivery", + "s3:PutBucketPolicy", + "s3:GetBucketPolicy", + "logs:PutResourcePolicy", + "logs:DescribeResourcePolicies", + "logs:DescribeLogGroups" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteLoggingConfiguration", + "wafv2:GetLoggingConfiguration", + "logs:DeleteLogDelivery" + ] + }, + "list": { + "permissions": [ + "wafv2:ListLoggingConfigurations" + ] + }, + "read": { + "permissions": [ + "wafv2:GetLoggingConfiguration" + ] + }, + "update": { + "permissions": [ + "wafv2:PutLoggingConfiguration", + "wafv2:GetLoggingConfiguration", + "firehose:ListDeliveryStreams", + "iam:CreateServiceLinkedRole", + "iam:DescribeOrganization", + "logs:CreateLogDelivery", + "s3:PutBucketPolicy", + "s3:GetBucketPolicy", + "logs:PutResourcePolicy", + "logs:DescribeResourcePolicies", + "logs:DescribeLogGroups" + ] + } + }, + "primaryIdentifier": [ + "/properties/ResourceArn" + ], + "properties": { + "LogDestinationConfigs": { + "description": "The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.", + "items": { + "type": "string" + }, + "type": "array" + }, + "LoggingFilter": { + "additionalProperties": false, + "description": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", + "properties": { + "DefaultBehavior": { + "description": "Default handling for logs that don't match any of the specified filtering conditions.", + "enum": [ + "KEEP", + "DROP" + ], + "type": "string" + }, + "Filters": { + "description": "The filters that you want to apply to the logs.", + "items": { + "$ref": "#/definitions/Filter" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "DefaultBehavior", + "Filters" + ], + "type": "object" + }, + "ManagedByFirewallManager": { + "description": "Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.", + "type": "boolean" + }, + "RedactedFields": { + "description": "The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.", + "insertionOrder": false, + "items": { + "$ref": "#/definitions/FieldToMatch" + }, + "type": "array" + }, + "ResourceArn": { + "description": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ManagedByFirewallManager" + ], + "required": [ + "ResourceArn", + "LogDestinationConfigs" + ], + "sourceUrl": "https://github.com/advaj/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::LoggingConfiguration" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-regexpatternset.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-regexpatternset.json new file mode 100644 index 0000000000..e5467bfd54 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-regexpatternset.json @@ -0,0 +1,134 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + } + }, + "description": "Contains a list of Regular expressions based on the provided inputs. RegexPatternSet can be used with other WAF entities with RegexPatternSetReferenceStatement to perform other actions .", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteRegexPatternSet", + "wafv2:GetRegexPatternSet" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listRegexPatternSets" + ] + }, + "read": { + "permissions": [ + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateRegexPatternSet", + "wafv2:GetRegexPatternSet", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "description": "ARN of the WAF entity.", + "type": "string" + }, + "Description": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "Id": { + "description": "Id of the RegexPatternSet", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "Name": { + "description": "Name of the RegexPatternSet.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "RegularExpressionList": { + "items": { + "maxLength": 200, + "minLength": 0, + "type": "string" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Id" + ], + "required": [ + "Scope", + "RegularExpressionList" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::RegexPatternSet" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-rulegroup.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-rulegroup.json index 8ff98d2940..ca7496f6ca 100644 --- a/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-rulegroup.json +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-rulegroup.json @@ -1422,5 +1422,11 @@ "VisibilityConfig" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, "typeName": "AWS::WAFv2::RuleGroup" } diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webacl.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webacl.json new file mode 100644 index 0000000000..df67c3910e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webacl.json @@ -0,0 +1,1970 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name", + "/properties/Scope" + ], + "definitions": { + "AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Account creation fraud prevention managed rule group in the web ACL", + "properties": { + "CreationPath": { + "type": "string" + }, + "EnableRegexInPath": { + "type": "boolean" + }, + "RegistrationPagePath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/RequestInspectionACFP" + }, + "ResponseInspection": { + "$ref": "#/definitions/ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, + "AWSManagedRulesATPRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Account Takeover Prevention managed rule group in the web ACL", + "properties": { + "EnableRegexInPath": { + "type": "boolean" + }, + "LoginPath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/RequestInspection" + }, + "ResponseInspection": { + "$ref": "#/definitions/ResponseInspection" + } + }, + "required": [ + "LoginPath" + ], + "type": "object" + }, + "AWSManagedRulesBotControlRuleSet": { + "additionalProperties": false, + "description": "Configures how to use the Bot Control managed rule group in the web ACL", + "properties": { + "EnableMachineLearning": { + "type": "boolean" + }, + "InspectionLevel": { + "enum": [ + "COMMON", + "TARGETED" + ], + "type": "string" + } + }, + "required": [ + "InspectionLevel" + ], + "type": "object" + }, + "AddressField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "AllowAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "AndStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "AssociationConfig": { + "additionalProperties": false, + "description": "AssociationConfig for body inspection", + "properties": { + "RequestBody": { + "$ref": "#/definitions/RequestBody" + } + }, + "type": "object" + }, + "BlockAction": { + "additionalProperties": false, + "description": "Block traffic towards application.", + "properties": { + "CustomResponse": { + "$ref": "#/definitions/CustomResponse" + } + }, + "type": "object" + }, + "Body": { + "additionalProperties": false, + "description": "The body of a web request. This immediately follows the request headers.", + "properties": { + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "type": "object" + }, + "BodyParsingFallbackBehavior": { + "description": "The inspection behavior to fall back to if the JSON in the request body is invalid.", + "enum": [ + "MATCH", + "NO_MATCH", + "EVALUATE_AS_STRING" + ], + "type": "string" + }, + "ByteMatchStatement": { + "additionalProperties": false, + "description": "Byte Match statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "PositionalConstraint": { + "$ref": "#/definitions/PositionalConstraint" + }, + "SearchString": { + "$ref": "#/definitions/SearchString" + }, + "SearchStringBase64": { + "$ref": "#/definitions/SearchStringBase64" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "PositionalConstraint", + "TextTransformations" + ], + "type": "object" + }, + "CaptchaAction": { + "additionalProperties": false, + "description": "Checks valid token exists with request.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CaptchaConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "ChallengeAction": { + "additionalProperties": false, + "description": "Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "ChallengeConfig": { + "additionalProperties": false, + "properties": { + "ImmunityTimeProperty": { + "$ref": "#/definitions/ImmunityTimeProperty" + } + }, + "type": "object" + }, + "CookieMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request cookies.", + "properties": { + "All": { + "description": "Inspect all parts of the web request cookies.", + "type": "object" + }, + "ExcludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedCookies": { + "items": { + "maxLength": 60, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Cookies": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/CookieMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "CountAction": { + "additionalProperties": false, + "description": "Allow traffic towards application.", + "properties": { + "CustomRequestHandling": { + "$ref": "#/definitions/CustomRequestHandling" + } + }, + "type": "object" + }, + "CustomHTTPHeader": { + "additionalProperties": false, + "description": "HTTP header.", + "properties": { + "Name": { + "$ref": "#/definitions/CustomHTTPHeaderName" + }, + "Value": { + "$ref": "#/definitions/CustomHTTPHeaderValue" + } + }, + "required": [ + "Name", + "Value" + ], + "type": "object" + }, + "CustomHTTPHeaderName": { + "description": "HTTP header name.", + "maxLength": 64, + "minLength": 1, + "type": "string" + }, + "CustomHTTPHeaderValue": { + "description": "HTTP header value.", + "maxLength": 255, + "minLength": 1, + "type": "string" + }, + "CustomRequestHandling": { + "additionalProperties": false, + "description": "Custom request handling.", + "properties": { + "InsertHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "InsertHeaders" + ], + "type": "object" + }, + "CustomResponse": { + "additionalProperties": false, + "description": "Custom response.", + "properties": { + "CustomResponseBodyKey": { + "description": "Custom response body key.", + "pattern": "^[\\w\\-]+$", + "type": "string" + }, + "ResponseCode": { + "$ref": "#/definitions/ResponseStatusCode" + }, + "ResponseHeaders": { + "description": "Collection of HTTP headers.", + "items": { + "$ref": "#/definitions/CustomHTTPHeader" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "ResponseCode" + ], + "type": "object" + }, + "CustomResponseBodies": { + "additionalProperties": false, + "description": "Custom response key and body map.", + "minProperties": 1, + "patternProperties": { + "^[\\w\\-]+$": { + "$ref": "#/definitions/CustomResponseBody" + } + }, + "type": "object" + }, + "CustomResponseBody": { + "additionalProperties": false, + "description": "Custom response body.", + "properties": { + "Content": { + "$ref": "#/definitions/ResponseContent" + }, + "ContentType": { + "$ref": "#/definitions/ResponseContentType" + } + }, + "required": [ + "ContentType", + "Content" + ], + "type": "object" + }, + "DefaultAction": { + "additionalProperties": false, + "description": "Default Action WebACL will take against ingress traffic when there is no matching Rule.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + } + }, + "type": "object" + }, + "EntityDescription": { + "description": "Description of the entity.", + "pattern": "^[a-zA-Z0-9=:#@/\\-,.][a-zA-Z0-9+=:#@/\\-,.\\s]+[a-zA-Z0-9+=:#@/\\-,.]{1,256}$", + "type": "string" + }, + "EntityId": { + "description": "Id of the WebACL", + "pattern": "^[0-9a-f]{8}-(?:[0-9a-f]{4}-){3}[0-9a-f]{12}$", + "type": "string" + }, + "EntityName": { + "description": "Name of the WebACL.", + "pattern": "^[0-9A-Za-z_-]{1,128}$", + "type": "string" + }, + "ExcludedRule": { + "additionalProperties": false, + "description": "Excluded Rule in the RuleGroup or ManagedRuleGroup will not be evaluated.", + "properties": { + "Name": { + "$ref": "#/definitions/EntityName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "FieldIdentifier": { + "additionalProperties": false, + "properties": { + "Identifier": { + "maxLength": 512, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + } + }, + "required": [ + "Identifier" + ], + "type": "object" + }, + "FieldToMatch": { + "additionalProperties": false, + "description": "Field of the request to match.", + "properties": { + "AllQueryArguments": { + "description": "All query arguments of a web request.", + "type": "object" + }, + "Body": { + "$ref": "#/definitions/Body" + }, + "Cookies": { + "$ref": "#/definitions/Cookies" + }, + "Headers": { + "$ref": "#/definitions/Headers" + }, + "JsonBody": { + "$ref": "#/definitions/JsonBody" + }, + "Method": { + "description": "The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform.", + "type": "object" + }, + "QueryString": { + "description": "The query string of a web request. This is the part of a URL that appears after a ? character, if any.", + "type": "object" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "description": "One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive.", + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "UriPath": { + "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.", + "type": "object" + } + }, + "type": "object" + }, + "ForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior" + ], + "type": "object" + }, + "GeoMatchStatement": { + "additionalProperties": false, + "properties": { + "CountryCodes": { + "items": { + "maxLength": 2, + "minLength": 1, + "type": "string" + }, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + } + }, + "type": "object" + }, + "HeaderMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the request headers.", + "properties": { + "All": { + "description": "Inspect all parts of the web request headers.", + "type": "object" + }, + "ExcludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + }, + "IncludedHeaders": { + "items": { + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 199, + "minItems": 1, + "type": "array" + } + }, + "type": "object" + }, + "Headers": { + "additionalProperties": false, + "description": "Includes headers of a web request.", + "properties": { + "MatchPattern": { + "$ref": "#/definitions/HeaderMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/MapMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope", + "OversizeHandling" + ], + "type": "object" + }, + "IPSetForwardedIPConfiguration": { + "additionalProperties": false, + "properties": { + "FallbackBehavior": { + "enum": [ + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "HeaderName": { + "pattern": "^[a-zA-Z0-9-]{1,255}$", + "type": "string" + }, + "Position": { + "enum": [ + "FIRST", + "LAST", + "ANY" + ], + "type": "string" + } + }, + "required": [ + "HeaderName", + "FallbackBehavior", + "Position" + ], + "type": "object" + }, + "IPSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "IPSetForwardedIPConfig": { + "$ref": "#/definitions/IPSetForwardedIPConfiguration" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "ImmunityTimeProperty": { + "additionalProperties": false, + "properties": { + "ImmunityTime": { + "maximum": 259200, + "minimum": 60, + "type": "integer" + } + }, + "required": [ + "ImmunityTime" + ], + "type": "object" + }, + "JsonBody": { + "additionalProperties": false, + "description": "Inspect the request body as JSON. The request body immediately follows the request headers.", + "properties": { + "InvalidFallbackBehavior": { + "$ref": "#/definitions/BodyParsingFallbackBehavior" + }, + "MatchPattern": { + "$ref": "#/definitions/JsonMatchPattern" + }, + "MatchScope": { + "$ref": "#/definitions/JsonMatchScope" + }, + "OversizeHandling": { + "$ref": "#/definitions/OversizeHandling" + } + }, + "required": [ + "MatchPattern", + "MatchScope" + ], + "type": "object" + }, + "JsonMatchPattern": { + "additionalProperties": false, + "description": "The pattern to look for in the JSON body.", + "properties": { + "All": { + "description": "Inspect all parts of the web request's JSON body.", + "type": "object" + }, + "IncludedPaths": { + "items": { + "$ref": "#/definitions/JsonPointerPath" + }, + "type": "array" + } + }, + "type": "object" + }, + "JsonMatchScope": { + "description": "The parts of the JSON to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "JsonPointerPath": { + "description": "JSON pointer path in the web request's JSON body", + "pattern": "^[\\/]+([^~]*(~[01])*){1,512}$", + "type": "string" + }, + "Label": { + "additionalProperties": false, + "properties": { + "Name": { + "$ref": "#/definitions/LabelName" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "LabelMatchKey": { + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "LabelMatchScope": { + "enum": [ + "LABEL", + "NAMESPACE" + ], + "type": "string" + }, + "LabelMatchStatement": { + "additionalProperties": false, + "properties": { + "Key": { + "$ref": "#/definitions/LabelMatchKey" + }, + "Scope": { + "$ref": "#/definitions/LabelMatchScope" + } + }, + "required": [ + "Scope", + "Key" + ], + "type": "object" + }, + "LabelName": { + "description": "Name of the Label.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + }, + "ManagedRuleGroupConfig": { + "additionalProperties": false, + "description": "ManagedRuleGroupConfig.", + "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWSManagedRulesACFPRuleSet" + }, + "AWSManagedRulesATPRuleSet": { + "$ref": "#/definitions/AWSManagedRulesATPRuleSet" + }, + "AWSManagedRulesBotControlRuleSet": { + "$ref": "#/definitions/AWSManagedRulesBotControlRuleSet" + }, + "LoginPath": { + "maxLength": 256, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "type": "object" + }, + "ManagedRuleGroupStatement": { + "additionalProperties": false, + "properties": { + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "ManagedRuleGroupConfigs": { + "description": "Collection of ManagedRuleGroupConfig.", + "items": { + "$ref": "#/definitions/ManagedRuleGroupConfig" + }, + "type": "array" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "RuleActionOverrides": { + "description": "Action overrides for rules in the rule group.", + "items": { + "$ref": "#/definitions/RuleActionOverride" + }, + "maxItems": 100, + "type": "array" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + }, + "VendorName": { + "type": "string" + }, + "Version": { + "maxLength": 64, + "minLength": 1, + "pattern": "^[\\w#:\\.\\-/]+$", + "type": "string" + } + }, + "required": [ + "VendorName", + "Name" + ], + "type": "object" + }, + "MapMatchScope": { + "description": "The parts of the request to match against using the MatchPattern.", + "enum": [ + "ALL", + "KEY", + "VALUE" + ], + "type": "string" + }, + "NotStatement": { + "additionalProperties": false, + "properties": { + "Statement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Statement" + ], + "type": "object" + }, + "OrStatement": { + "additionalProperties": false, + "properties": { + "Statements": { + "items": { + "$ref": "#/definitions/Statement" + }, + "type": "array" + } + }, + "required": [ + "Statements" + ], + "type": "object" + }, + "OverrideAction": { + "additionalProperties": false, + "description": "Override a RuleGroup or ManagedRuleGroup behavior. This can only be applied to Rule that has RuleGroupReferenceStatement or ManagedRuleGroupReferenceStatement.", + "properties": { + "Count": { + "description": "Count traffic towards application.", + "type": "object" + }, + "None": { + "description": "Keep the RuleGroup or ManagedRuleGroup behavior as is.", + "type": "object" + } + }, + "type": "object" + }, + "OversizeHandling": { + "description": "Handling of requests containing oversize fields", + "enum": [ + "CONTINUE", + "MATCH", + "NO_MATCH" + ], + "type": "string" + }, + "PhoneNumberField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PositionalConstraint": { + "description": "Position of the evaluation in the FieldToMatch of request.", + "enum": [ + "EXACTLY", + "STARTS_WITH", + "ENDS_WITH", + "CONTAINS", + "CONTAINS_WORD" + ], + "type": "string" + }, + "QueryString": { + "type": "object" + }, + "RateBasedStatement": { + "additionalProperties": false, + "properties": { + "AggregateKeyType": { + "enum": [ + "CONSTANT", + "IP", + "FORWARDED_IP", + "CUSTOM_KEYS" + ], + "type": "string" + }, + "CustomKeys": { + "description": "Specifies the aggregate keys to use in a rate-base rule.", + "items": { + "$ref": "#/definitions/RateBasedStatementCustomKey" + }, + "maxItems": 5, + "type": "array" + }, + "ForwardedIPConfig": { + "$ref": "#/definitions/ForwardedIPConfiguration" + }, + "Limit": { + "$ref": "#/definitions/RateLimit" + }, + "ScopeDownStatement": { + "$ref": "#/definitions/Statement" + } + }, + "required": [ + "Limit", + "AggregateKeyType" + ], + "type": "object" + }, + "RateBasedStatementCustomKey": { + "additionalProperties": false, + "description": "Specifies a single custom aggregate key for a rate-base rule.", + "properties": { + "Cookie": { + "$ref": "#/definitions/RateLimitCookie" + }, + "ForwardedIP": { + "$ref": "#/definitions/RateLimitForwardedIP" + }, + "HTTPMethod": { + "$ref": "#/definitions/RateLimitHTTPMethod" + }, + "Header": { + "$ref": "#/definitions/RateLimitHeader" + }, + "IP": { + "$ref": "#/definitions/RateLimitIP" + }, + "LabelNamespace": { + "$ref": "#/definitions/RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/RateLimitUriPath" + } + }, + "type": "object" + }, + "RateLimit": { + "maximum": 2000000000, + "minimum": 100, + "type": "integer" + }, + "RateLimitCookie": { + "additionalProperties": false, + "description": "Specifies a cookie as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the cookie to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitForwardedIP": { + "description": "Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHTTPMethod": { + "description": "Specifies the request's HTTP method as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitHeader": { + "additionalProperties": false, + "description": "Specifies a header as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the header to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitIP": { + "description": "Specifies the IP address in the web request as an aggregate key for a rate-based rule.", + "type": "object" + }, + "RateLimitLabelNamespace": { + "additionalProperties": false, + "description": "Specifies a label namespace to use as an aggregate key for a rate-based rule.", + "properties": { + "Namespace": { + "description": "The namespace to use for aggregation.", + "pattern": "^[0-9A-Za-z_:-]{1,1024}$", + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "RateLimitQueryArgument": { + "additionalProperties": false, + "description": "Specifies a query argument in the request as an aggregate key for a rate-based rule.", + "properties": { + "Name": { + "description": "The name of the query argument to use.", + "maxLength": 64, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "RateLimitQueryString": { + "additionalProperties": false, + "description": "Specifies the request's query string as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RateLimitUriPath": { + "additionalProperties": false, + "description": "Specifies the request's URI Path as an aggregate key for a rate-based rule.", + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "RegexMatchStatement": { + "additionalProperties": false, + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "RegexString": { + "maxLength": 512, + "minLength": 1, + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "RegexString", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RegexPatternSetReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Arn", + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "RequestBody": { + "additionalProperties": false, + "description": "Map of AssociatedResourceType and RequestBodyAssociatedResourceTypeConfig", + "patternProperties": { + "^(CLOUDFRONT)$": { + "$ref": "#/definitions/RequestBodyAssociatedResourceTypeConfig" + } + }, + "type": "object" + }, + "RequestBodyAssociatedResourceTypeConfig": { + "additionalProperties": false, + "description": "Configures the inspection size in the request body.", + "properties": { + "DefaultSizeInspectionLimit": { + "$ref": "#/definitions/SizeInspectionLimit" + } + }, + "required": [ + "DefaultSizeInspectionLimit" + ], + "type": "object" + }, + "RequestInspection": { + "additionalProperties": false, + "description": "Configures the inspection of login requests", + "properties": { + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "required": [ + "PayloadType", + "UsernameField", + "PasswordField" + ], + "type": "object" + }, + "RequestInspectionACFP": { + "additionalProperties": false, + "description": "Configures the inspection of sign-up requests", + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AddressField" + }, + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PasswordField": { + "$ref": "#/definitions/FieldIdentifier" + }, + "PayloadType": { + "enum": [ + "JSON", + "FORM_ENCODED" + ], + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/PhoneNumberField" + }, + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/FieldIdentifier" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, + "ResourceArn": { + "description": "ARN of the WAF entity.", + "maxLength": 2048, + "minLength": 20, + "type": "string" + }, + "ResponseContent": { + "description": "Response content.", + "maxLength": 10240, + "minLength": 1, + "type": "string" + }, + "ResponseContentType": { + "description": "Valid values are TEXT_PLAIN, TEXT_HTML, and APPLICATION_JSON.", + "enum": [ + "TEXT_PLAIN", + "TEXT_HTML", + "APPLICATION_JSON" + ], + "type": "string" + }, + "ResponseInspection": { + "additionalProperties": false, + "description": "Configures the inspection of login responses", + "properties": { + "BodyContains": { + "$ref": "#/definitions/ResponseInspectionBodyContains" + }, + "Header": { + "$ref": "#/definitions/ResponseInspectionHeader" + }, + "Json": { + "$ref": "#/definitions/ResponseInspectionJson" + }, + "StatusCode": { + "$ref": "#/definitions/ResponseInspectionStatusCode" + } + }, + "type": "object" + }, + "ResponseInspectionBodyContains": { + "additionalProperties": false, + "description": "Response body contents that indicate success or failure of a login request", + "properties": { + "FailureStrings": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + }, + "SuccessStrings": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "SuccessStrings", + "FailureStrings" + ], + "type": "object" + }, + "ResponseInspectionHeader": { + "additionalProperties": false, + "description": "Response headers that indicate success or failure of a login request", + "properties": { + "FailureValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 3, + "minItems": 1, + "type": "array" + }, + "Name": { + "maxLength": 200, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "SuccessValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 3, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "Name", + "SuccessValues", + "FailureValues" + ], + "type": "object" + }, + "ResponseInspectionJson": { + "additionalProperties": false, + "description": "Response JSON that indicate success or failure of a login request", + "properties": { + "FailureValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + }, + "Identifier": { + "maxLength": 512, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "SuccessValues": { + "items": { + "maxLength": 100, + "minLength": 1, + "pattern": ".*\\S.*", + "type": "string" + }, + "maxItems": 5, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "Identifier", + "SuccessValues", + "FailureValues" + ], + "type": "object" + }, + "ResponseInspectionStatusCode": { + "additionalProperties": false, + "description": "Response status codes that indicate success or failure of a login request", + "properties": { + "FailureCodes": { + "items": { + "maxLength": 999, + "minLength": 0, + "type": "integer" + }, + "maxItems": 10, + "minItems": 1, + "type": "array" + }, + "SuccessCodes": { + "items": { + "maxLength": 999, + "minLength": 0, + "type": "integer" + }, + "maxItems": 10, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "SuccessCodes", + "FailureCodes" + ], + "type": "object" + }, + "ResponseStatusCode": { + "description": "Custom response code.", + "maximum": 599, + "minimum": 200, + "type": "integer" + }, + "Rule": { + "additionalProperties": false, + "description": "Rule of WebACL that contains condition and action.", + "properties": { + "Action": { + "$ref": "#/definitions/RuleAction" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "OverrideAction": { + "$ref": "#/definitions/OverrideAction" + }, + "Priority": { + "$ref": "#/definitions/RulePriority" + }, + "RuleLabels": { + "description": "Collection of Rule Labels.", + "items": { + "$ref": "#/definitions/Label" + }, + "type": "array" + }, + "Statement": { + "$ref": "#/definitions/Statement" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "required": [ + "Name", + "Priority", + "Statement", + "VisibilityConfig" + ], + "type": "object" + }, + "RuleAction": { + "additionalProperties": false, + "description": "Action taken when Rule matches its condition.", + "properties": { + "Allow": { + "$ref": "#/definitions/AllowAction" + }, + "Block": { + "$ref": "#/definitions/BlockAction" + }, + "Captcha": { + "$ref": "#/definitions/CaptchaAction" + }, + "Challenge": { + "$ref": "#/definitions/ChallengeAction" + }, + "Count": { + "$ref": "#/definitions/CountAction" + } + }, + "type": "object" + }, + "RuleActionOverride": { + "additionalProperties": false, + "description": "Action override for rules in the rule group.", + "properties": { + "ActionToUse": { + "$ref": "#/definitions/RuleAction" + }, + "Name": { + "$ref": "#/definitions/EntityName" + } + }, + "required": [ + "Name", + "ActionToUse" + ], + "type": "object" + }, + "RuleGroupReferenceStatement": { + "additionalProperties": false, + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "ExcludedRules": { + "items": { + "$ref": "#/definitions/ExcludedRule" + }, + "type": "array" + }, + "RuleActionOverrides": { + "description": "Action overrides for rules in the rule group.", + "items": { + "$ref": "#/definitions/RuleActionOverride" + }, + "maxItems": 100, + "type": "array" + } + }, + "required": [ + "Arn" + ], + "type": "object" + }, + "RulePriority": { + "description": "Priority of the Rule, Rules get evaluated from lower to higher priority.", + "minimum": 0, + "type": "integer" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "description": "Use CLOUDFRONT for CloudFront WebACL, use REGIONAL for Application Load Balancer and API Gateway.", + "enum": [ + "CLOUDFRONT", + "REGIONAL" + ], + "type": "string" + }, + "SearchString": { + "description": "String that is searched to find a match.", + "type": "string" + }, + "SearchStringBase64": { + "description": "Base64 encoded string that is searched to find a match.", + "type": "string" + }, + "SensitivityLevel": { + "description": "Sensitivity Level current only used for sqli match statements.", + "enum": [ + "LOW", + "HIGH" + ], + "type": "string" + }, + "SingleHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "type": "object" + }, + "SingleQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "type": "object" + }, + "SizeConstraintStatement": { + "additionalProperties": false, + "description": "Size Constraint statement.", + "properties": { + "ComparisonOperator": { + "enum": [ + "EQ", + "NE", + "LE", + "LT", + "GE", + "GT" + ], + "type": "string" + }, + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "Size": { + "maximum": 21474836480, + "minimum": 0, + "type": "number" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "ComparisonOperator", + "Size", + "TextTransformations" + ], + "type": "object" + }, + "SizeInspectionLimit": { + "enum": [ + "KB_16", + "KB_32", + "KB_48", + "KB_64" + ], + "type": "string" + }, + "SqliMatchStatement": { + "additionalProperties": false, + "description": "Sqli Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "SensitivityLevel": { + "$ref": "#/definitions/SensitivityLevel" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + }, + "Statement": { + "additionalProperties": false, + "description": "First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc", + "properties": { + "AndStatement": { + "$ref": "#/definitions/AndStatement" + }, + "ByteMatchStatement": { + "$ref": "#/definitions/ByteMatchStatement" + }, + "GeoMatchStatement": { + "$ref": "#/definitions/GeoMatchStatement" + }, + "IPSetReferenceStatement": { + "$ref": "#/definitions/IPSetReferenceStatement" + }, + "LabelMatchStatement": { + "$ref": "#/definitions/LabelMatchStatement" + }, + "ManagedRuleGroupStatement": { + "$ref": "#/definitions/ManagedRuleGroupStatement" + }, + "NotStatement": { + "$ref": "#/definitions/NotStatement" + }, + "OrStatement": { + "$ref": "#/definitions/OrStatement" + }, + "RateBasedStatement": { + "$ref": "#/definitions/RateBasedStatement" + }, + "RegexMatchStatement": { + "$ref": "#/definitions/RegexMatchStatement" + }, + "RegexPatternSetReferenceStatement": { + "$ref": "#/definitions/RegexPatternSetReferenceStatement" + }, + "RuleGroupReferenceStatement": { + "$ref": "#/definitions/RuleGroupReferenceStatement" + }, + "SizeConstraintStatement": { + "$ref": "#/definitions/SizeConstraintStatement" + }, + "SqliMatchStatement": { + "$ref": "#/definitions/SqliMatchStatement" + }, + "XssMatchStatement": { + "$ref": "#/definitions/XssMatchStatement" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "TextTransformation": { + "additionalProperties": false, + "description": "Text Transformation on the Search String before match.", + "properties": { + "Priority": { + "$ref": "#/definitions/TextTransformationPriority" + }, + "Type": { + "$ref": "#/definitions/TextTransformationType" + } + }, + "required": [ + "Priority", + "Type" + ], + "type": "object" + }, + "TextTransformationPriority": { + "description": "Priority of Rule being evaluated.", + "minimum": 0, + "type": "integer" + }, + "TextTransformationType": { + "description": "Type of text transformation.", + "enum": [ + "NONE", + "COMPRESS_WHITE_SPACE", + "HTML_ENTITY_DECODE", + "LOWERCASE", + "CMD_LINE", + "URL_DECODE", + "BASE64_DECODE", + "HEX_DECODE", + "MD5", + "REPLACE_COMMENTS", + "ESCAPE_SEQ_DECODE", + "SQL_HEX_DECODE", + "CSS_DECODE", + "JS_DECODE", + "NORMALIZE_PATH", + "NORMALIZE_PATH_WIN", + "REMOVE_NULLS", + "REPLACE_NULLS", + "BASE64_DECODE_EXT", + "URL_DECODE_UNI", + "UTF8_TO_UNICODE" + ], + "type": "string" + }, + "TokenDomains": { + "description": "List of domains to accept in web request tokens, in addition to the domain of the protected resource.", + "items": { + "maxLength": 253, + "minLength": 1, + "pattern": "^[\\w\\.\\-/]+$", + "type": "string" + }, + "type": "array" + }, + "UriPath": { + "type": "object" + }, + "VisibilityConfig": { + "additionalProperties": false, + "description": "Visibility Metric of the WebACL.", + "properties": { + "CloudWatchMetricsEnabled": { + "type": "boolean" + }, + "MetricName": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "SampledRequestsEnabled": { + "type": "boolean" + } + }, + "required": [ + "SampledRequestsEnabled", + "CloudWatchMetricsEnabled", + "MetricName" + ], + "type": "object" + }, + "XssMatchStatement": { + "additionalProperties": false, + "description": "Xss Match Statement.", + "properties": { + "FieldToMatch": { + "$ref": "#/definitions/FieldToMatch" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "FieldToMatch", + "TextTransformations" + ], + "type": "object" + } + }, + "description": "Contains the Rules that identify the requests that you want to allow, block, or count. In a WebACL, you also specify a default action (ALLOW or BLOCK), and the action for each Rule that you add to a WebACL, for example, block requests from specified IP addresses or block requests from specified referrers. You also associate the WebACL with a CloudFront distribution to identify the requests that you want AWS WAF to filter. If you add more than one Rule to a WebACL, a request needs to match only one of the specifications to be allowed, blocked, or counted.", + "handlers": { + "create": { + "permissions": [ + "wafv2:CreateWebACL", + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + }, + "delete": { + "permissions": [ + "wafv2:DeleteWebACL", + "wafv2:GetWebACL" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "Scope": { + "$ref": "resource-schema.json#/properties/Scope" + } + }, + "required": [ + "Scope" + ] + }, + "permissions": [ + "wafv2:listWebACLs" + ] + }, + "read": { + "permissions": [ + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "wafv2:UpdateWebACL", + "wafv2:GetWebACL", + "wafv2:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/Name", + "/properties/Id", + "/properties/Scope" + ], + "properties": { + "Arn": { + "$ref": "#/definitions/ResourceArn" + }, + "AssociationConfig": { + "$ref": "#/definitions/AssociationConfig" + }, + "Capacity": { + "minimum": 0, + "type": "integer" + }, + "CaptchaConfig": { + "$ref": "#/definitions/CaptchaConfig" + }, + "ChallengeConfig": { + "$ref": "#/definitions/ChallengeConfig" + }, + "CustomResponseBodies": { + "$ref": "#/definitions/CustomResponseBodies" + }, + "DefaultAction": { + "$ref": "#/definitions/DefaultAction" + }, + "Description": { + "$ref": "#/definitions/EntityDescription" + }, + "Id": { + "$ref": "#/definitions/EntityId" + }, + "LabelNamespace": { + "$ref": "#/definitions/LabelName" + }, + "Name": { + "$ref": "#/definitions/EntityName" + }, + "Rules": { + "description": "Collection of Rules.", + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array" + }, + "Scope": { + "$ref": "#/definitions/Scope" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "minItems": 1, + "type": "array" + }, + "TokenDomains": { + "$ref": "#/definitions/TokenDomains" + }, + "VisibilityConfig": { + "$ref": "#/definitions/VisibilityConfig" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/Capacity", + "/properties/Id", + "/properties/LabelNamespace" + ], + "required": [ + "DefaultAction", + "Scope", + "VisibilityConfig" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::WebACL" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webaclassociation.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webaclassociation.json new file mode 100644 index 0000000000..babaacd7a1 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-wafv2-webaclassociation.json @@ -0,0 +1,125 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceArn", + "/properties/WebACLArn" + ], + "definitions": { + "ResourceArn": { + "maxLength": 2048, + "minLength": 20, + "type": "string" + } + }, + "description": "Associates WebACL to Application Load Balancer, CloudFront or API Gateway.", + "handlers": { + "create": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + }, + "delete": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + }, + "read": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + }, + "update": { + "permissions": [ + "wafv2:AssociateWebACL", + "wafv2:GetWebACLForResource", + "wafv2:GetWebACL", + "wafv2:DisassociateWebACL", + "elasticloadbalancing:SetWebACL", + "apigateway:SetWebACL", + "appsync:SetWebACL", + "cognito-idp:AssociateWebACL", + "cognito-idp:DisassociateWebACL", + "cognito-idp:GetWebACLForResource", + "apprunner:AssociateWebAcl", + "apprunner:DisassociateWebAcl", + "apprunner:DescribeWebAclForService", + "ec2:AssociateVerifiedAccessInstanceWebAcl", + "ec2:DisassociateVerifiedAccessInstanceWebAcl", + "ec2:DescribeVerifiedAccessInstanceWebAclAssociations", + "ec2:GetVerifiedAccessInstanceWebAcl" + ] + } + }, + "primaryIdentifier": [ + "/properties/ResourceArn", + "/properties/WebACLArn" + ], + "properties": { + "ResourceArn": { + "$ref": "#/definitions/ResourceArn" + }, + "WebACLArn": { + "$ref": "#/definitions/ResourceArn" + } + }, + "required": [ + "ResourceArn", + "WebACLArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::WAFv2::WebACLAssociation" +} diff --git a/src/cfnlint/decode/node.py b/src/cfnlint/decode/node.py index 25a03538a1..f46323d125 100644 --- a/src/cfnlint/decode/node.py +++ b/src/cfnlint/decode/node.py @@ -3,10 +3,12 @@ SPDX-License-Identifier: MIT-0 """ +from __future__ import annotations + import logging from collections import namedtuple from copy import deepcopy -from typing import Any, Dict, Protocol, Set +from typing import Protocol from cfnlint.decode.exceptions import TemplateAttributeError diff --git a/src/cfnlint/jsonschema/_filter.py b/src/cfnlint/jsonschema/_filter.py index a1547ff67f..a7cf91add9 100644 --- a/src/cfnlint/jsonschema/_filter.py +++ b/src/cfnlint/jsonschema/_filter.py @@ -65,7 +65,7 @@ def _filter_schemas(self, schema, validator: Any) -> Tuple[Any, Any]: # it will do by using {"type": "object"} with no properties # Adding these items to the schema # will allow us to continue to check the nested elements - if "awsType" not in standard_schema: + if "cfnLint" not in standard_schema: if ( "object" in ensure_list(standard_schema.get("type", [])) and "properties" not in standard_schema diff --git a/src/cfnlint/jsonschema/exceptions.py b/src/cfnlint/jsonschema/exceptions.py index 7d6f3d80e0..460fefbe81 100644 --- a/src/cfnlint/jsonschema/exceptions.py +++ b/src/cfnlint/jsonschema/exceptions.py @@ -111,8 +111,6 @@ def __eq__(self, __value: object) -> bool: and self.context == __value.context and self.cause == __value.cause and self.validator == __value.validator - and self.validator_value == __value.validator_value - and self.instance == __value.instance and self.parent == __value.parent and self.path_override == __value.path_override ) diff --git a/src/cfnlint/jsonschema/protocols.py b/src/cfnlint/jsonschema/protocols.py index 704e3c93fb..b224bdf224 100644 --- a/src/cfnlint/jsonschema/protocols.py +++ b/src/cfnlint/jsonschema/protocols.py @@ -65,7 +65,8 @@ class Validator(Protocol): def __init__( self, schema: Mapping | bool, - ) -> None: ... + ) -> None: + ... @classmethod def check_schema(cls, schema: Mapping | bool) -> None: diff --git a/src/cfnlint/rules/jsonschema/AwsType.py b/src/cfnlint/rules/jsonschema/AwsType.py index 2c6f098276..3dada2ac6b 100644 --- a/src/cfnlint/rules/jsonschema/AwsType.py +++ b/src/cfnlint/rules/jsonschema/AwsType.py @@ -19,7 +19,6 @@ class AwsType(CloudFormationLintRule): def __init__(self) -> None: super().__init__() self.types = { - "BackupRetentionPeriod": "I3013", "CfnConditions": "E8001", "CfnInitCommand": "E3009", "CfnInitFiles": "E3009", @@ -39,14 +38,6 @@ def __init__(self) -> None: "CfnResourceProperties": "E3002", "CfnResourceUpdatePolicy": "E3016", "CfnResourceUpdateReplacePolicy": "E3036", - "AvailabilityZone": "W3010", - "AvailabilityZones": "W3010", - "IamIdentityPolicy": "E3510", - "IamPolicyStatementAction": "W3037", - "IamPolicyVersion": "W2511", - "IamResourcePolicy": "E3512", - "IamResourceEcrPolicy": "E3513", - "IamRoleArn": "E3511", } self.child_rules = dict.fromkeys(list(self.types.values())) diff --git a/src/cfnlint/rules/jsonschema/Base.py b/src/cfnlint/rules/jsonschema/Base.py index dbf93a3cba..6b87c49fd9 100644 --- a/src/cfnlint/rules/jsonschema/Base.py +++ b/src/cfnlint/rules/jsonschema/Base.py @@ -67,6 +67,10 @@ def json_schema_validate(self, validator, properties, path): return matches + @property + def schema(self) -> Any: + return {} + # pylint: disable=unused-argument def validate(self, validator: Validator, _, instance: Any, schema): validator = self.extend_validator(validator, self.schema, validator.context) diff --git a/src/cfnlint/rules/jsonschema/CfnLint.py b/src/cfnlint/rules/jsonschema/CfnLint.py index d4004d71d0..2ef681bcd8 100644 --- a/src/cfnlint/rules/jsonschema/CfnLint.py +++ b/src/cfnlint/rules/jsonschema/CfnLint.py @@ -51,8 +51,4 @@ def cfnLint(self, validator, keywords, instance, schema): for rule_keyword in rule.keywords: if rule_keyword == keyword: - fn_name = _pattern.sub("", rule_keyword).lower() - fn = getattr(rule, fn_name) - if not fn: - raise ValueError(f"{fn_name!r} not found in {rule.id!r}") - yield from fn(validator, keyword, instance, schema) + yield from rule.validate(validator, keyword, instance, schema) diff --git a/src/cfnlint/rules/jsonschema/CfnLintJsonSchema.py b/src/cfnlint/rules/jsonschema/CfnLintJsonSchema.py index 8302481896..fcc2c61a21 100644 --- a/src/cfnlint/rules/jsonschema/CfnLintJsonSchema.py +++ b/src/cfnlint/rules/jsonschema/CfnLintJsonSchema.py @@ -5,16 +5,14 @@ from __future__ import annotations -from typing import Any, Sequence, Dict +from collections import namedtuple +from typing import Any, Sequence from cfnlint.helpers import load_resource from cfnlint.jsonschema import ValidationError from cfnlint.jsonschema._validators import type from cfnlint.jsonschema.exceptions import best_match from cfnlint.rules.jsonschema.Base import BaseJsonSchema -from cfnlint.rules.jsonschema.CfnLint import _pattern -from cfnlint.rules.jsonschema.CfnLintKeyword import CfnLintKeyword -from collections import namedtuple SchemaDetails = namedtuple("SchemaDetails", ["module", "filename"]) @@ -29,6 +27,7 @@ def __init__( super().__init__() self.keywords = keywords or [] self.all_matches = all_matches + self._use_schema_arg = True self._schema: Any = {} if schema_details: @@ -36,10 +35,7 @@ def __init__( schema_details.module, filename=schema_details.filename, ) - - for keyword in self.keywords: - fn_name = _pattern.sub("", keyword) - setattr(self, fn_name, self.iter_errors) + self._use_schema_arg = False self.validators["type"] = type @@ -57,17 +53,22 @@ def _iter_errors(self, validator, instance): if err is not None: err.message = self.message(instance, err) err.rule = self - errs = [err] + yield err + return - yield from iter(errs) + for err in errs: + err.rule = self + yield err - def iter_errors(self, validator, keywords, instance, schema): + def validate(self, validator, keywords, instance, schema): # if the schema has a description will only replace the message with that # description and use the best error for the location information + if not self._use_schema_arg: + schema = self._schema cfn_validator = self.extend_validator( validator=validator, - schema=self.schema, + schema=schema, context=validator.context.evolve(functions=[]), ) diff --git a/src/cfnlint/rules/jsonschema/CfnLintJsonSchemaRegional.py b/src/cfnlint/rules/jsonschema/CfnLintJsonSchemaRegional.py index b487510147..8dbd5780af 100644 --- a/src/cfnlint/rules/jsonschema/CfnLintJsonSchemaRegional.py +++ b/src/cfnlint/rules/jsonschema/CfnLintJsonSchemaRegional.py @@ -15,7 +15,7 @@ class CfnLintJsonSchemaRegional(CfnLintJsonSchema): def message(self, instance: Any, err: ValidationError) -> str: return err.message - def iter_errors(self, validator, keywords, instance, schema): + def validate(self, validator, keywords, instance, schema): for region in validator.context.regions: region_validator = validator.evolve( context=validator.context.evolve(regions=[region]), diff --git a/src/cfnlint/rules/jsonschema/JsonSchema.py b/src/cfnlint/rules/jsonschema/JsonSchema.py index 71e6a2a751..24aba57f99 100644 --- a/src/cfnlint/rules/jsonschema/JsonSchema.py +++ b/src/cfnlint/rules/jsonschema/JsonSchema.py @@ -64,12 +64,10 @@ def match(self, cfn): """Check CloudFormation Parameters""" matches = [] - cfn_validator = self.setup_validator( - validator=CfnTemplateValidator, + cfn_validator = self.extend_validator( + validator=CfnTemplateValidator({}).evolve(cfn=cfn), schema=self.schema, context=cfn.context.create_context_for_template(cfn.regions), - ).evolve( - cfn=cfn, ) matches.extend(self.json_schema_validate(cfn_validator, cfn.template, [])) diff --git a/src/cfnlint/rules/outputs/Value.py b/src/cfnlint/rules/outputs/Value.py index 0f106870da..f66fc3de29 100644 --- a/src/cfnlint/rules/outputs/Value.py +++ b/src/cfnlint/rules/outputs/Value.py @@ -24,10 +24,7 @@ def cfnoutputvalue(self, validator, tS, instance, schema): ), )({"type": "string"}) - for err in validator.iter_errors(instance): - if not err.validator.startswith("fn"): - err.rule_override = self - yield err + yield from validator.iter_errors(instance) # pylint: disable=unused-argument def _type(self, validator, types, instance, schema): diff --git a/src/cfnlint/rules/resources/RetentionPeriodOnResourceTypesWithAutoExpiringContent.py b/src/cfnlint/rules/resources/RetentionPeriodOnResourceTypesWithAutoExpiringContent.py index a39fb2343b..bb237393a3 100644 --- a/src/cfnlint/rules/resources/RetentionPeriodOnResourceTypesWithAutoExpiringContent.py +++ b/src/cfnlint/rules/resources/RetentionPeriodOnResourceTypesWithAutoExpiringContent.py @@ -5,11 +5,12 @@ from typing import Any, Dict, List -from cfnlint.jsonschema import Validator -from cfnlint.rules.jsonschema.Base import BaseJsonSchema +import cfnlint.data.schemas.extensions.aws_rds_dbinstance +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails -class RetentionPeriodOnResourceTypesWithAutoExpiringContent(BaseJsonSchema): +class RetentionPeriodOnResourceTypesWithAutoExpiringContent(CfnLintJsonSchema): """Check Base Resource Configuration""" id = "I3013" @@ -26,7 +27,22 @@ class RetentionPeriodOnResourceTypesWithAutoExpiringContent(BaseJsonSchema): tags = ["resources", "retentionperiod"] def __init__(self) -> None: - super().__init__() + super().__init__( + [ + "AWS::RDS::DBInstance/Properties", + "AWS::Kinesis::Stream/Properties", + "AWS::SQS::Queue/Properties", + "AWS::DocDB::DBCluster/Properties", + "AWS::Synthetics::Canary/Properties", + "AWS::Redshift::Cluster/Properties", + "AWS::RDS::DBInstance/Properties", + "AWS::RDS::DBCluster/Properties", + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_rds_dbinstance, + filename="backupretentionperiod.json", + ), + ) self._properties: Dict[str, List[Dict[str, str]]] = { "AWS::Kinesis::Stream": [ { @@ -76,23 +92,14 @@ def __init__(self) -> None: ], } - def _schema(self, resource_type: str): - required = [] - for properties in self._properties.get(resource_type, []): - property = properties.get("Attribute") - if property: - required.append(property) - - return {"required": required} + def message(self, instance: Any, err: ValidationError) -> str: + return ( + "The default retention period will delete the data after a " + "pre-defined time. Set an explicit values to avoid data " + "loss on resource. " + err.message + ) - # pylint: disable=unused-argument - def backupretentionperiod( - self, - validator: Validator, - resource_type: str, - instance: Any, - schema: Dict[str, Any], - ): + def validate(self, validator, keywords, instance, schema): if validator.cfn is None: return resource_type = ( @@ -103,12 +110,13 @@ def backupretentionperiod( if not validator.is_type(resource_type, "string"): return - validator = validator.evolve(schema=self._schema(resource_type=resource_type)) - for err in validator.iter_errors(instance): - err.rule = self - err.message = ( - "The default retention period will delete the data after a " - "pre-defined time. Set an explicit values to avoid data " - "loss on resource. " + err.message - ) - yield err + if resource_type != "AWS::RDS::DBInstance": + required = [] + for properties in self._properties.get(resource_type, []): + property = properties.get("Attribute") + if property: + required.append(property) + + self._schema = {"required": required} + + return super().validate(validator, keywords, instance, schema) diff --git a/src/cfnlint/rules/resources/amazonmq/BrokerInstanceTypeEnum.py b/src/cfnlint/rules/resources/amazonmq/BrokerInstanceTypeEnum.py index ad0e0b7135..262c51efa6 100644 --- a/src/cfnlint/rules/resources/amazonmq/BrokerInstanceTypeEnum.py +++ b/src/cfnlint/rules/resources/amazonmq/BrokerInstanceTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_amazonmq_broker +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class BrokerInstanceTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_amazonmq_broker/instancetype_enum"]) + super().__init__( + keywords=["AWS::AmazonMQ::Broker/Properties/HostInstanceType"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_amazonmq_broker, + filename="instancetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/appstream/FleetInstanceTypeEnum.py b/src/cfnlint/rules/resources/appstream/FleetInstanceTypeEnum.py index e558278092..f09f7cdeed 100644 --- a/src/cfnlint/rules/resources/appstream/FleetInstanceTypeEnum.py +++ b/src/cfnlint/rules/resources/appstream/FleetInstanceTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_appstream_fleet +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class FleetInstanceTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_appstream_fleet/instancetype_enum"]) + super().__init__( + keywords=["AWS::AppStream::Fleet/Properties/InstanceType"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_appstream_fleet, + filename="instancetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/backup/BackupPlanLifecycleRule.py b/src/cfnlint/rules/resources/backup/BackupPlanLifecycleRule.py index a5659d944b..028b5df316 100644 --- a/src/cfnlint/rules/resources/backup/BackupPlanLifecycleRule.py +++ b/src/cfnlint/rules/resources/backup/BackupPlanLifecycleRule.py @@ -25,7 +25,11 @@ class BackupPlanLifecycleRule(CfnLintKeyword): tags = ["properties", "backup", "plan", "lifecycle"] def __init__(self) -> None: - super().__init__(["aws_backup_backupplan/lifecycle_resource_type"]) + super().__init__( + [ + "AWS::Backup::BackupPlan/Properties/BackupPlanResourceType/BackupRuleResourceType/Lifecycle" + ] + ) def backupbackupplanlifecycle(self, validator, uI, instance, schema): delete_after_days = instance.get("DeleteAfterDays") diff --git a/src/cfnlint/rules/resources/cloudwatch/AlarmAwsNamespacePeriod.py b/src/cfnlint/rules/resources/cloudwatch/AlarmAwsNamespacePeriod.py index 74c8633d26..078c3456f7 100644 --- a/src/cfnlint/rules/resources/cloudwatch/AlarmAwsNamespacePeriod.py +++ b/src/cfnlint/rules/resources/cloudwatch/AlarmAwsNamespacePeriod.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_cloudwatch_alarm +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class AlarmAwsNamespacePeriod(CfnLintJsonSchema): @@ -17,4 +21,13 @@ class AlarmAwsNamespacePeriod(CfnLintJsonSchema): tags = ["resources"] def __init__(self) -> None: - super().__init__(keywords=["aws_cloudwatch_alarm/aws_namespace_period"]) + super().__init__( + keywords=["AWS::CloudWatch::Alarm/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_cloudwatch_alarm, + filename="aws_namespace_period.json", + ), + ) + + def message(self, instance: Any, err: ValidationError) -> str: + return err.message diff --git a/src/cfnlint/rules/resources/dax/ClusterNodeTypeEnum.py b/src/cfnlint/rules/resources/dax/ClusterNodeTypeEnum.py index 9c5bfb76f4..32e15f717c 100644 --- a/src/cfnlint/rules/resources/dax/ClusterNodeTypeEnum.py +++ b/src/cfnlint/rules/resources/dax/ClusterNodeTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_dax_cluster +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class ClusterNodeTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_dax_cluster/nodetype_enum"]) + super().__init__( + keywords=["AWS::DAX::Cluster/Properties/NodeType"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_dax_cluster, + filename="nodetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/docdb/DBInstanceClassEnum.py b/src/cfnlint/rules/resources/docdb/DBInstanceClassEnum.py index f0bf1377eb..594cf22f7d 100644 --- a/src/cfnlint/rules/resources/docdb/DBInstanceClassEnum.py +++ b/src/cfnlint/rules/resources/docdb/DBInstanceClassEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_docdb_dbinstance +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class DBInstanceClassEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_docdb_dbinstance/dbinstanceclass_enum"]) + super().__init__( + keywords=["AWS::DocDB::DBInstance/Properties/DBInstanceClass"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_docdb_dbinstance, + filename="dbinstanceclass_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/dynamodb/TableBillingModeExclusive.py b/src/cfnlint/rules/resources/dynamodb/TableBillingModeExclusive.py index 8434cff5cc..4c0a9eaa0e 100644 --- a/src/cfnlint/rules/resources/dynamodb/TableBillingModeExclusive.py +++ b/src/cfnlint/rules/resources/dynamodb/TableBillingModeExclusive.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_dynamodb_table +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class TableBillingModeExclusive(CfnLintJsonSchema): @@ -17,4 +21,13 @@ class TableBillingModeExclusive(CfnLintJsonSchema): tags = ["resources"] def __init__(self) -> None: - super().__init__(keywords=["aws_dynamodb_table/billingmode_exclusive"]) + super().__init__( + keywords=["AWS::DynamoDB::Table/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_dynamodb_table, + filename="billingmode_exclusive.json", + ), + ) + + def message(self, instance: Any, err: ValidationError) -> str: + return "Additional properties are not allowed ('ProvisionedThroughput'}" diff --git a/src/cfnlint/rules/resources/ecs/FargateDeploymentSchedulingStrategy.py b/src/cfnlint/rules/resources/ecs/FargateDeploymentSchedulingStrategy.py index 7bba02c052..dc72912a9d 100644 --- a/src/cfnlint/rules/resources/ecs/FargateDeploymentSchedulingStrategy.py +++ b/src/cfnlint/rules/resources/ecs/FargateDeploymentSchedulingStrategy.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_ecs_service +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class FargateDeploymentSchedulingStrategy(CfnLintJsonSchema): @@ -22,4 +26,13 @@ class FargateDeploymentSchedulingStrategy(CfnLintJsonSchema): tags = ["properties", "ecs", "service", "container", "fargate"] def __init__(self) -> None: - super().__init__(keywords=["aws_ecs_service/fargate"]) + super().__init__( + keywords=["AWS::ECS::Service/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_ecs_service, + filename="fargate.json", + ), + ) + + def message(self, instance: Any, err: ValidationError) -> str: + return err.message diff --git a/src/cfnlint/rules/resources/ecs/LogConfiguration.py b/src/cfnlint/rules/resources/ecs/LogConfiguration.py index 7516f30670..38e380340c 100644 --- a/src/cfnlint/rules/resources/ecs/LogConfiguration.py +++ b/src/cfnlint/rules/resources/ecs/LogConfiguration.py @@ -7,10 +7,11 @@ from typing import Sequence -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +import cfnlint.data.schemas.extensions.aws_ecs_taskdefinition +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails -class TableBillingModeExclusive(CfnLintJsonSchema): +class LogConfiguration(CfnLintJsonSchema): id = "E3046" shortdesc = "Validate ECS task logging configuration for awslogs" description = ( @@ -22,5 +23,12 @@ def __init__( self, keywords: Sequence[str] | None = None, all_matches: bool = False ) -> None: super().__init__( - keywords=["aws_ecs_taskdefinition/logging_configuration"], all_matches=True + keywords=[ + "AWS::ECS::TaskDefinition/Properties/ContainerDefinitions/LogConfiguration" + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_ecs_taskdefinition, + filename="logging_configuration.json", + ), + all_matches=True, ) diff --git a/src/cfnlint/rules/resources/ecs/TaskDefinitionEssentialContainer.py b/src/cfnlint/rules/resources/ecs/TaskDefinitionEssentialContainer.py index d23ec4146e..270a4bacc6 100644 --- a/src/cfnlint/rules/resources/ecs/TaskDefinitionEssentialContainer.py +++ b/src/cfnlint/rules/resources/ecs/TaskDefinitionEssentialContainer.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_ecs_taskdefinition +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class TaskDefinitionEssentialContainer(CfnLintJsonSchema): @@ -24,5 +28,12 @@ class TaskDefinitionEssentialContainer(CfnLintJsonSchema): def __init__(self) -> None: super().__init__( - keywords=["aws_ecs_taskdefinition/containerdefinitions_essential"] + keywords=["AWS::ECS::TaskDefinition/Properties/ContainerDefinitions"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_ecs_taskdefinition, + filename="containerdefinitions_essential.json", + ), ) + + def message(self, instance: Any, err: ValidationError) -> str: + return "At least one essential container is required" diff --git a/src/cfnlint/rules/resources/ectwo/InstanceInstanceTypeEnum.py b/src/cfnlint/rules/resources/ectwo/InstanceInstanceTypeEnum.py index 976c129381..1a017ec332 100644 --- a/src/cfnlint/rules/resources/ectwo/InstanceInstanceTypeEnum.py +++ b/src/cfnlint/rules/resources/ectwo/InstanceInstanceTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_ec2_instance +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class InstanceInstanceTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_ec2_instance/instancetype_enum"]) + super().__init__( + keywords=["AWS::EC2::Instance/Properties/InstanceType"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_ec2_instance, + filename="instancetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/ectwo/SecurityGroupAllToAndFromPorts.py b/src/cfnlint/rules/resources/ectwo/SecurityGroupAllToAndFromPorts.py index cee76aa4bd..3095fabccc 100644 --- a/src/cfnlint/rules/resources/ectwo/SecurityGroupAllToAndFromPorts.py +++ b/src/cfnlint/rules/resources/ectwo/SecurityGroupAllToAndFromPorts.py @@ -7,8 +7,9 @@ from typing import Any +import cfnlint.data.schemas.extensions.aws_ec2_securitygroup from cfnlint.jsonschema import ValidationError -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class SecurityGroupAllToAndFromPorts(CfnLintJsonSchema): @@ -18,10 +19,18 @@ class SecurityGroupAllToAndFromPorts(CfnLintJsonSchema): tags = ["resources"] def __init__(self) -> None: - super().__init__(keywords=["aws_ec2_securitygroup/all_to_and_from_ports"]) + super().__init__( + keywords=[ + "AWS::EC2::SecurityGroup/Properties/Ingress", + "AWS::EC2::SecurityGroup/Properties/Egress", + "AWS::EC2::SecurityGroupEgress/Properties", + "AWS::EC2::SecurityGroupIngress/Properties", + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_ec2_securitygroup, + filename="all_to_and_from_ports.json", + ), + ) def message(self, instance: Any, err: ValidationError) -> str: - if not isinstance(instance, dict): - return self.description - return "Both ['FromPort', 'ToPort'] must be -1 when one is -1" diff --git a/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsExclusive.py b/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsExclusive.py index 1e47a710af..3a1c1cb321 100644 --- a/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsExclusive.py +++ b/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsExclusive.py @@ -7,8 +7,9 @@ from typing import Any +import cfnlint.data.schemas.extensions.aws_ec2_securitygroup from cfnlint.jsonschema import ValidationError -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class SecurityGroupProtocolsAndPortsExclusive(CfnLintJsonSchema): @@ -22,13 +23,19 @@ class SecurityGroupProtocolsAndPortsExclusive(CfnLintJsonSchema): def __init__(self) -> None: super().__init__( - keywords=["aws_ec2_securitygroup/protocols_and_port_ranges_exclude"] + keywords=[ + "AWS::EC2::SecurityGroup/Properties/Ingress", + "AWS::EC2::SecurityGroup/Properties/Egress", + "AWS::EC2::SecurityGroupEgress/Properties", + "AWS::EC2::SecurityGroupIngress/Properties", + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_ec2_securitygroup, + filename="protocols_and_port_ranges_exclude.json", + ), ) def message(self, instance: Any, err: ValidationError) -> str: - if not isinstance(instance, dict): - return self.description - return ( "['FromPort', 'ToPort'] are ignored when using " f"'IpProtocol' value {instance.get('IpProtocol')!r}" diff --git a/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsInclusive.py b/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsInclusive.py index 791403c38b..9412f3e723 100644 --- a/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsInclusive.py +++ b/src/cfnlint/rules/resources/ectwo/SecurityGroupProtocolsAndPortsInclusive.py @@ -7,8 +7,9 @@ from typing import Any +import cfnlint.data.schemas.extensions.aws_ec2_securitygroup from cfnlint.jsonschema import ValidationError -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class SecurityGroupProtocolsAndPortsInclusive(CfnLintJsonSchema): @@ -22,14 +23,20 @@ class SecurityGroupProtocolsAndPortsInclusive(CfnLintJsonSchema): def __init__(self) -> None: super().__init__( - keywords=["aws_ec2_securitygroup/protocols_and_port_ranges_include"] + keywords=[ + "AWS::EC2::SecurityGroup/Properties/Ingress", + "AWS::EC2::SecurityGroup/Properties/Egress", + "AWS::EC2::SecurityGroupEgress/Properties", + "AWS::EC2::SecurityGroupIngress/Properties", + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_ec2_securitygroup, + filename="protocols_and_port_ranges_include.json", + ), ) def message(self, instance: Any, err: ValidationError) -> str: - if not isinstance(instance, dict): - return self.description - return ( - "['FromPort', 'ToPort'] is a required property when using " + "['FromPort', 'ToPort'] are required properties when using " f"'IpProtocol' value {instance.get('IpProtocol')!r}" ) diff --git a/src/cfnlint/rules/resources/elasticache/CacheClusterCacheNodeTypeEnum.py b/src/cfnlint/rules/resources/elasticache/CacheClusterCacheNodeTypeEnum.py index 386f7b16da..aa1fadb69b 100644 --- a/src/cfnlint/rules/resources/elasticache/CacheClusterCacheNodeTypeEnum.py +++ b/src/cfnlint/rules/resources/elasticache/CacheClusterCacheNodeTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_elasticache_cachecluster +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class CacheClusterCacheNodeTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_elasticache_cachecluster/cachenodetype_enum"]) + super().__init__( + keywords=["AWS::ElastiCache::CacheCluster/Properties/CacheNodeType"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_elasticache_cachecluster, + filename="cachenodetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/elasticsearch/DomainClusterConfigInstanceTypeEnum.py b/src/cfnlint/rules/resources/elasticsearch/DomainClusterConfigInstanceTypeEnum.py index fb3c7a8683..a0d656569e 100644 --- a/src/cfnlint/rules/resources/elasticsearch/DomainClusterConfigInstanceTypeEnum.py +++ b/src/cfnlint/rules/resources/elasticsearch/DomainClusterConfigInstanceTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_elasticsearch_domain +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -17,5 +19,11 @@ class DomainClusterConfigInstanceTypeEnum(CfnLintJsonSchemaRegional): def __init__(self) -> None: super().__init__( - ["aws_elasticsearch_domain/elasticsearchclusterconfig_instancetype_enum"] + keywords=[ + "AWS::Elasticsearch::Domain/Properties/ElasticsearchClusterConfig/InstanceType" + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_elasticsearch_domain, + filename="elasticsearchclusterconfig_instancetype_enum.json", + ), ) diff --git a/src/cfnlint/rules/resources/emr/ClusterInstanceTypeConfigInstanceTypeEnum.py b/src/cfnlint/rules/resources/emr/ClusterInstanceTypeConfigInstanceTypeEnum.py index 15d188362e..792eaeadbe 100644 --- a/src/cfnlint/rules/resources/emr/ClusterInstanceTypeConfigInstanceTypeEnum.py +++ b/src/cfnlint/rules/resources/emr/ClusterInstanceTypeConfigInstanceTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_emr_cluster +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,15 @@ class ClusterInstanceTypeConfigInstanceTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_emr_cluster/instancetypeconfig_instancetype_enum"]) + super().__init__( + keywords=[ + "AWS::EMR::Cluster/Properties/CoreInstanceFleet/InstanceTypeConfigs/InstanceType", + "AWS::EMR::Cluster/Properties/TaskInstanceFleets/InstanceTypeConfigs/InstanceType", + "AWS::EMR::Cluster/Properties/CoreInstanceGroup/InstanceType", + "AWS::EMR::Cluster/Properties/TaskInstanceGroups/InstanceType", + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_emr_cluster, + filename="instancetypeconfig_instancetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/gamelift/FleetEc2InstanceTypeEnum.py b/src/cfnlint/rules/resources/gamelift/FleetEc2InstanceTypeEnum.py index 113332f0ba..dced24555c 100644 --- a/src/cfnlint/rules/resources/gamelift/FleetEc2InstanceTypeEnum.py +++ b/src/cfnlint/rules/resources/gamelift/FleetEc2InstanceTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_gamelift_fleet +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class FleetEc2InstanceTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_gamelift_fleet/ec2instancetype_enum"]) + super().__init__( + keywords=["AWS::GameLift::Fleet/EC2InstanceType"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_gamelift_fleet, + filename="ec2instancetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/iam/IdentityPolicy.py b/src/cfnlint/rules/resources/iam/IdentityPolicy.py index 98d1afd795..96b12cc71d 100644 --- a/src/cfnlint/rules/resources/iam/IdentityPolicy.py +++ b/src/cfnlint/rules/resources/iam/IdentityPolicy.py @@ -19,7 +19,15 @@ class IdentityPolicy(Policy): tags = ["resources", "iam"] def __init__(self): - super().__init__("identity", "policy_identity.json") - - # remap validator to the correct function name - self.iamidentitypolicy = self.validator + super().__init__( + [ + "AWS::IAM::Group/Properties/Policies/PolicyDocument", + "AWS::IAM::ManagedPolicy/Properties/PolicyDocument", + "AWS::IAM::Policy/Properties/PolicyDocument", + "AWS::IAM::Role/Properties/Policies/PolicyDocument", + "AWS::IAM::User/Properties/Policies/PolicyDocument", + "AWS::SSO::PermissionSet/Properties/InlinePolicy", + ], + "identity", + "policy_identity.json", + ) diff --git a/src/cfnlint/rules/resources/iam/Permissions.py b/src/cfnlint/rules/resources/iam/Permissions.py index 8335e999bb..67fae52eb7 100644 --- a/src/cfnlint/rules/resources/iam/Permissions.py +++ b/src/cfnlint/rules/resources/iam/Permissions.py @@ -7,10 +7,10 @@ from cfnlint.helpers import load_resource from cfnlint.jsonschema import ValidationError from cfnlint.jsonschema._utils import ensure_list -from cfnlint.rules import CloudFormationLintRule +from cfnlint.rules.jsonschema.CfnLintKeyword import CfnLintKeyword -class Permissions(CloudFormationLintRule): +class Permissions(CfnLintKeyword): """Check IAM Permission configuration""" id = "W3037" @@ -22,10 +22,12 @@ class Permissions(CloudFormationLintRule): def __init__(self): """Init""" - super().__init__() + super().__init__( + ["AWS::IAM::Policy/Properties/PolicyDocument/Statement/Action"] + ) self.service_map = self.load_service_map() - def iampolicystatementaction(self, validator, _, instance, schema): + def validate(self, validator, _, instance, schema): actions = ensure_list(instance) for action in actions: diff --git a/src/cfnlint/rules/resources/iam/Policy.py b/src/cfnlint/rules/resources/iam/Policy.py index 82262e8c0a..d5030b77e0 100644 --- a/src/cfnlint/rules/resources/iam/Policy.py +++ b/src/cfnlint/rules/resources/iam/Policy.py @@ -6,10 +6,11 @@ from __future__ import annotations import json +from typing import List from cfnlint.helpers import load_resource from cfnlint.jsonschema import RefResolver -from cfnlint.rules.jsonschema.Base import BaseJsonSchema +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema # pylint: disable=unused-argument @@ -21,11 +22,16 @@ def _scalar_or_array(validator, subschema, instance, schema): yield from validator.descend(instance, subschema) -class Policy(BaseJsonSchema): +class Policy(CfnLintJsonSchema): """Check IAM policies""" - def __init__(self, schema_name: str | None = None, schema_file: str | None = None): - super().__init__() + def __init__( + self, + keywords: List[str] | None = None, + schema_name: str | None = None, + schema_file: str | None = None, + ): + super().__init__(keywords) if schema_name and schema_file: policy_schema = load_resource( @@ -43,7 +49,7 @@ def __init__(self, schema_name: str | None = None, schema_file: str | None = Non self.resolver = RefResolver.from_schema(self.identity_schema, store=store) # pylint: disable=unused-argument - def validator(self, validator, policy_type, policy, schema): + def validate(self, validator, policy_type, policy, schema): # First time child rules are configured against the rule # so we can run this now if validator.is_type(policy, "string"): @@ -71,6 +77,6 @@ def validator(self, validator, policy_type, policy, schema): ) for err in iam_validator.iter_errors(policy): - if not err.validator.startswith("fn_") and err.validator not in ["awsType"]: + if not err.validator.startswith("fn_") and err.validator not in ["cfnLint"]: err.rule = self yield err diff --git a/src/cfnlint/rules/resources/iam/PolicyVersion.py b/src/cfnlint/rules/resources/iam/PolicyVersion.py index fda3510393..5f1425c0d5 100644 --- a/src/cfnlint/rules/resources/iam/PolicyVersion.py +++ b/src/cfnlint/rules/resources/iam/PolicyVersion.py @@ -7,10 +7,10 @@ from typing import Any from cfnlint.jsonschema import ValidationError, Validator -from cfnlint.rules import CloudFormationLintRule +from cfnlint.rules.jsonschema.CfnLintKeyword import CfnLintKeyword -class PolicyVersion(CloudFormationLintRule): +class PolicyVersion(CfnLintKeyword): """Check if IAM Policy Version is correct""" id = "W2511" @@ -21,8 +21,11 @@ class PolicyVersion(CloudFormationLintRule): source_url = "https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html" tags = ["properties", "iam"] + def __init__(self) -> None: + super().__init__(["AWS::IAM::Policy/Properties/PolicyDocument/Version"]) + # pylint: disable=unused-argument - def iampolicyversion(self, validator: Validator, _, instance: Any, schema): + def validate(self, validator: Validator, _, instance: Any, schema): if not isinstance(instance, (date, str)): return diff --git a/src/cfnlint/rules/resources/iam/ResourceEcrPolicy.py b/src/cfnlint/rules/resources/iam/ResourceEcrPolicy.py index ea270edaf0..4e3c5b8120 100644 --- a/src/cfnlint/rules/resources/iam/ResourceEcrPolicy.py +++ b/src/cfnlint/rules/resources/iam/ResourceEcrPolicy.py @@ -12,13 +12,16 @@ class ResourceEcrPolicy(Policy): id = "E3513" shortdesc = "Validate ECR repository policy" description = ( - "Private ECR repositories have a policy. " "This rule validates those policies." + "Private ECR repositories have a policy. This rule validates those policies." ) source_url = "https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html" tags = ["resources", "iam", "ecr"] def __init__(self): - super().__init__("resource", "policy_resource_ecr.json") - - # remap validator to the correct function name - self.iamresourceecrpolicy = self.validator + super().__init__( + [ + "AWS::ECR::Repository/Properties/RepositoryPolicyText", + ], + "resource", + "policy_resource_ecr.json", + ) diff --git a/src/cfnlint/rules/resources/iam/ResourcePolicy.py b/src/cfnlint/rules/resources/iam/ResourcePolicy.py index 7ba101b81d..e269db4584 100644 --- a/src/cfnlint/rules/resources/iam/ResourcePolicy.py +++ b/src/cfnlint/rules/resources/iam/ResourcePolicy.py @@ -19,7 +19,14 @@ class ResourcePolicy(Policy): tags = ["resources", "iam"] def __init__(self): - super().__init__("resource", "policy_resource.json") - - # remap validator to the correct function name - self.iamresourcepolicy = self.validator + super().__init__( + [ + "AWS::KMS::Key/Properties/KeyPolicy", + "AWS::OpenSearchService::Domain/Properties/AccessPolicies", + "AWS::S3::BucketPolicy/Properties/PolicyDocument", + "AWS::SNS::TopicPolicy/Properties/PolicyDocument", + "AWS::SQS::QueuePolicy/Properties/PolicyDocument", + ], + "resource", + "policy_resource.json", + ) diff --git a/src/cfnlint/rules/resources/iam/RoleArnPattern.py b/src/cfnlint/rules/resources/iam/RoleArnPattern.py index 8229d4d017..235d51b1cc 100644 --- a/src/cfnlint/rules/resources/iam/RoleArnPattern.py +++ b/src/cfnlint/rules/resources/iam/RoleArnPattern.py @@ -6,10 +6,10 @@ import regex as re from cfnlint.jsonschema import ValidationError -from cfnlint.rules.jsonschema.Base import BaseJsonSchema +from cfnlint.rules.jsonschema.CfnLintKeyword import CfnLintKeyword -class RoleArnPattern(BaseJsonSchema): +class RoleArnPattern(CfnLintKeyword): """Check role arn pattern""" id = "E3511" @@ -20,8 +20,20 @@ class RoleArnPattern(BaseJsonSchema): ) tags = ["parameters", "iam"] + def __init__(self) -> None: + super().__init__( + [ + "AWS::Backup::BackupSelection/Properties/BackupSelection/IamRoleArn", + "AWS::Batch::ComputeEnvironment/Properties/ComputeResources/SpotIamFleetRole", + "AWS::Batch::ComputeEnvironment/Properties/ServiceRole", + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/IamFleetRole", + "AWS::ECS::TaskDefinition/Properties/ExecutionRoleArn", + "AWS::S3::Bucket/Properties/ReplicationConfiguration/Role", + ] + ) + # pylint: disable=unused-argument - def iamrolearn(self, validator, aZ, arn, schema): + def validate(self, validator, aZ, arn, schema): if not validator.is_type(arn, "string"): return diff --git a/src/cfnlint/rules/resources/lmbd/DeprecatedRuntimeEnd.py b/src/cfnlint/rules/resources/lmbd/DeprecatedRuntimeEnd.py index 7fddd91acd..a1be6e0240 100644 --- a/src/cfnlint/rules/resources/lmbd/DeprecatedRuntimeEnd.py +++ b/src/cfnlint/rules/resources/lmbd/DeprecatedRuntimeEnd.py @@ -26,7 +26,7 @@ class DeprecatedRuntimeEnd(CfnLintKeyword): def __init__(self): """Init""" - super().__init__(["aws_lambda_function/runtime"]) + super().__init__(["AWS::Lambda::Function/Properties/Runtime"]) self.child_rules = { "W2531": None, } @@ -36,7 +36,7 @@ def __init__(self): ) # pylint: disable=unused-argument - def awslambdafunctionruntime(self, validator, v, runtime, schema): + def validate(self, validator, v, runtime, schema): runtime_data = self.deprecated_runtimes.get(runtime) if not runtime_data: return diff --git a/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnSqsExclusive.py b/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnSqsExclusive.py index 0da12181e3..52edf538dd 100644 --- a/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnSqsExclusive.py +++ b/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnSqsExclusive.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_lambda_eventsourcemapping +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class EventSourceMappingEventSourceArnSqsExclusive(CfnLintJsonSchema): @@ -20,5 +24,12 @@ class EventSourceMappingEventSourceArnSqsExclusive(CfnLintJsonSchema): def __init__(self) -> None: super().__init__( - keywords=["aws_lambda_eventsourcemapping/eventsourcearn_sqs_exclusive"] + keywords=["AWS::Lambda::EventSourceMapping/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_lambda_eventsourcemapping, + filename="eventsourcearn_sqs_exclusive.json", + ), ) + + def message(self, instance: Any, err: ValidationError) -> str: + return "Additional properties are not allowed ('StartingPosition')" diff --git a/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnStreamInclusive.py b/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnStreamInclusive.py index f46179b8ae..4833bd5de1 100644 --- a/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnStreamInclusive.py +++ b/src/cfnlint/rules/resources/lmbd/EventSourceMappingEventSourceArnStreamInclusive.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_lambda_eventsourcemapping +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class EventSourceMappingEventSourceArnStreamInclusive(CfnLintJsonSchema): @@ -21,5 +25,12 @@ class EventSourceMappingEventSourceArnStreamInclusive(CfnLintJsonSchema): def __init__(self) -> None: super().__init__( - keywords=["aws_lambda_eventsourcemapping/eventsourcearn_stream_inclusive"] + keywords=["AWS::Lambda::EventSourceMapping/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_lambda_eventsourcemapping, + filename="eventsourcearn_stream_inclusive.json", + ), ) + + def message(self, instance: Any, err: ValidationError) -> str: + return "'StartingPosition' is a required property" diff --git a/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeEnum.py b/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeEnum.py index 9b58f74990..27f935d478 100644 --- a/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeEnum.py +++ b/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeEnum.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_lambda_function +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class FunctionZipfileRuntimeEnum(CfnLintJsonSchema): @@ -18,4 +22,13 @@ class FunctionZipfileRuntimeEnum(CfnLintJsonSchema): tags = ["resources"] def __init__(self) -> None: - super().__init__(keywords=["aws_lambda_function/zipfile_runtime_enum"]) + super().__init__( + keywords=["AWS::Lambda::Function/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_lambda_function, + filename="zipfile_runtime_enum.json", + ), + ) + + def message(self, instance: Any, err: ValidationError) -> str: + return err.message diff --git a/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeExists.py b/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeExists.py index 9f68cc3fe6..a5854d911e 100644 --- a/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeExists.py +++ b/src/cfnlint/rules/resources/lmbd/FunctionZipfileRuntimeExists.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_lambda_function +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class FunctionZipfileRuntimeExists(CfnLintJsonSchema): @@ -15,4 +19,13 @@ class FunctionZipfileRuntimeExists(CfnLintJsonSchema): tags = ["resources"] def __init__(self) -> None: - super().__init__(keywords=["aws_lambda_function/zipfile_runtime_exists"]) + super().__init__( + keywords=["AWS::Lambda::Function/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_lambda_function, + filename="zipfile_runtime_exists.json", + ), + ) + + def message(self, instance: Any, err: ValidationError) -> str: + return err.message diff --git a/src/cfnlint/rules/resources/managedblockchain/NodeNodeConfigurationInstanceTypeEnum.py b/src/cfnlint/rules/resources/managedblockchain/NodeNodeConfigurationInstanceTypeEnum.py index 9209aa6d36..79cf630dc5 100644 --- a/src/cfnlint/rules/resources/managedblockchain/NodeNodeConfigurationInstanceTypeEnum.py +++ b/src/cfnlint/rules/resources/managedblockchain/NodeNodeConfigurationInstanceTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_managedblockchain_node +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -17,5 +19,11 @@ class NodeNodeConfigurationInstanceTypeEnum(CfnLintJsonSchemaRegional): def __init__(self) -> None: super().__init__( - ["aws_managedblockchain_node/nodeconfiguration_instancetype_enum"] + keywords=[ + "AWS::ManagedBlockchain::Node/Properties/NodeConfiguration/InstanceType" + ], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_managedblockchain_node, + filename="nodeconfiguration_instancetype_enum.json", + ), ) diff --git a/src/cfnlint/rules/resources/neptune/DBInstanceDBInstanceClassEnum.py b/src/cfnlint/rules/resources/neptune/DBInstanceDBInstanceClassEnum.py index 6c6480a309..44d15a96da 100644 --- a/src/cfnlint/rules/resources/neptune/DBInstanceDBInstanceClassEnum.py +++ b/src/cfnlint/rules/resources/neptune/DBInstanceDBInstanceClassEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_neptune_dbinstance +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class DBInstanceDBInstanceClassEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_neptune_dbinstance/dbinstanceclass_enum"]) + super().__init__( + keywords=["AWS::Neptune::DBInstance/Properties/DBInstanceClass"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_neptune_dbinstance, + filename="dbinstanceclass_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/properties/AvailabilityZone.py b/src/cfnlint/rules/resources/properties/AvailabilityZone.py index ed93331d2b..330fca9b20 100644 --- a/src/cfnlint/rules/resources/properties/AvailabilityZone.py +++ b/src/cfnlint/rules/resources/properties/AvailabilityZone.py @@ -5,10 +5,11 @@ from cfnlint.helpers import FUNCTIONS from cfnlint.jsonschema import ValidationError -from cfnlint.rules import CloudFormationLintRule +from cfnlint.jsonschema._utils import ensure_list +from cfnlint.rules.jsonschema.CfnLintKeyword import CfnLintKeyword -class AvailabilityZone(CloudFormationLintRule): +class AvailabilityZone(CfnLintKeyword): """Check Availibility Zone parameter checks""" id = "W3010" @@ -19,32 +20,45 @@ class AvailabilityZone(CloudFormationLintRule): def __init__(self): """Init""" - super().__init__() + super().__init__( + keywords=[ + "AWS::AutoScaling::AutoScalingGroup/Properties/AvailabilityZones", + "AWS::DAX::Cluster/Properties/AvailabilityZones", + "AWS::DMS::ReplicationInstance/Properties/AvailabilityZone", + "AWS::EC2::Host/Properties/AvailabilityZone", + "AWS::EC2::Instance/Properties/AvailabilityZone", + "AWS::EC2::LaunchTemplate/LaunchTemplateData/Placement/AvailabilityZone", + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchSpecifications/Placement/AvailabilityZone", + "AWS::EC2::SpotFleet/Properties/SpotFleetRequestConfigData/LaunchTemplateConfigs/Overrides/AvailabilityZone", + "AWS::EC2::Subnet/Properties/AvailabilityZone", + "AWS::EC2::Volume/Properties/AvailabilityZone", + "AWS::ElasticLoadBalancing::LoadBalancer/Properties/AvailabilityZones", + "AWS::ElasticLoadBalancingV2::TargetGroup/Properties/Targets/AvailabilityZone", + "AWS::EMR::Cluster/Properties/Instances/Placement/AvailabilityZone", + "AWS::Glue::Connection/Properties/ConnectionInput/PhysicalConnectionRequirements/AvailabilityZone", + "AWS::OpsWorks::Instance/Properties/AvailabilityZone", + "AWS::RDS::DBCluster/Properties/AvailabilityZones", + "AWS::RDS::DBInstance/Properties/AvailabilityZone", + ] + ) self.exceptions = ["all"] - # pylint: disable=unused-argument - def availabilityzone(self, validator, aZ, zone, schema): - if not validator.is_type(zone, "string"): - return - - if zone in self.exceptions: - return - - if any(fn in validator.context.path for fn in FUNCTIONS): + def validate(self, validator, keywords, zones, schema): + if not isinstance(zones, (str, list)): return + zones = ensure_list(zones) - yield ValidationError( - f"Avoid hardcoding availability zones {zone!r}", - rule=self, - ) + for zone in zones: + if not validator.is_type(zone, "string"): + continue - # pylint: disable=unused-argument - def availabilityzones(self, validator, aZ, zones, schema): - if not validator.is_type(zones, "array"): - return + if zone in self.exceptions: + continue - if any(fn in validator.context.path for fn in FUNCTIONS): - return + if any(fn in validator.context.path for fn in FUNCTIONS): + continue - for zone in zones: - yield from self.availabilityzone(validator, aZ, zone, schema) + yield ValidationError( + f"Avoid hardcoding availability zones {zone!r}", + rule=self, + ) diff --git a/src/cfnlint/rules/resources/rds/DbClusterServerlessExclusive.py b/src/cfnlint/rules/resources/rds/DbClusterServerlessExclusive.py index 52825fd134..bb3297885b 100644 --- a/src/cfnlint/rules/resources/rds/DbClusterServerlessExclusive.py +++ b/src/cfnlint/rules/resources/rds/DbClusterServerlessExclusive.py @@ -5,7 +5,11 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_rds_dbcluster +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class DbClusterServerlessExclusive(CfnLintJsonSchema): @@ -19,4 +23,13 @@ class DbClusterServerlessExclusive(CfnLintJsonSchema): tags = ["resources"] def __init__(self) -> None: - super().__init__(keywords=["aws_rds_dbcluster/serverless_exclusive"]) + super().__init__( + keywords=["AWS::RDS::DBCluster/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_rds_dbcluster, + filename="serverless_exclusive.json", + ), + ) + + def message(self, instance: Any, err: ValidationError) -> str: + return "Additional properties are not allowed ('ScalingConfiguration')" diff --git a/src/cfnlint/rules/resources/rds/DbInstanceAuroraExclusive.py b/src/cfnlint/rules/resources/rds/DbInstanceAuroraExclusive.py index eacc206e70..257e0ec31e 100644 --- a/src/cfnlint/rules/resources/rds/DbInstanceAuroraExclusive.py +++ b/src/cfnlint/rules/resources/rds/DbInstanceAuroraExclusive.py @@ -5,12 +5,16 @@ from __future__ import annotations -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_rds_dbinstance +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class DbInstanceAuroraExclusive(CfnLintJsonSchema): id = "E3682" - shortdesc = "Validate when using Aurora certain properies aren't required " + shortdesc = "Validate when using Aurora certain properies aren't required" description = ( "When creating an aurora DBInstance don't specify " "'AllocatedStorage', 'BackupRetentionPeriod', 'CopyTagsToSnapshot', " @@ -20,4 +24,30 @@ class DbInstanceAuroraExclusive(CfnLintJsonSchema): tags = ["resources"] def __init__(self) -> None: - super().__init__(keywords=["aws_rds_dbinstance/aurora_exclusive"]) + super().__init__( + keywords=["AWS::RDS::DBInstance/Properties"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_rds_dbinstance, + filename="aurora_exclusive.json", + ), + ) + + def message(self, instance: Any, err: ValidationError) -> str: + keys = [ + "AllocatedStorage", + "BackupRetentionPeriod", + "CopyTagsToSnapshot", + "DeletionProtection", + "EnableIAMDatabaseAuthentication", + "MasterUserPassword", + "StorageEncrypted", + ] + extra = [] + for property in instance.keys(): + if property in keys: + extra.append(property) + + return f"Additional properties are not allowed ({extra!r})" + + def validate(self, validator, keywords, instance, schema): + yield from super().validate(validator, keywords, instance, schema) diff --git a/src/cfnlint/rules/resources/rds/DbInstanceBackupRetentionPeriod.py b/src/cfnlint/rules/resources/rds/DbInstanceBackupRetentionPeriod.py deleted file mode 100644 index 8c45f3e6bd..0000000000 --- a/src/cfnlint/rules/resources/rds/DbInstanceBackupRetentionPeriod.py +++ /dev/null @@ -1,37 +0,0 @@ -""" -Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -SPDX-License-Identifier: MIT-0 -""" - -from typing import Any - -from cfnlint.jsonschema import ValidationError -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema - - -class DbInstanceBackupRetentionPeriod(CfnLintJsonSchema): - id = "E3683" - shortdesc = ( - "Check RDS DB instances with auto expiring content " - "have explicit retention period" - ) - description = ( - "The behaviour for data retention is different across AWS Services.If no" - " retention period is specified the default for some services is to delete the" - " data after a period of time.This check requires you to explicitly set the" - " retention period for those resources to avoid unexpected data losses" - ) - tags = ["resources", "retentionperiod", "rds"] - source_url = "https://github.com/aws-cloudformation/cfn-python-lint" - - def __init__(self) -> None: - super().__init__(keywords=["aws_rds_dbinstance/backupretentionperiod"]) - - def message(self, instance: Any, err: ValidationError) -> str: - return err.message - - def awsrdsdbinstancebackupretentionperiod(self, validator, _, instance, schema): - # We can't support functions in this schema check as it can be valid - # but we don't know the values - validator = validator.evolve(context=validator.context.evolve(functions=[])) - yield from super().validate(validator, instance) diff --git a/src/cfnlint/rules/resources/rds/DbInstanceDbInstanceClassEnum.py b/src/cfnlint/rules/resources/rds/DbInstanceDbInstanceClassEnum.py index 47faf9f331..1bbf42a301 100644 --- a/src/cfnlint/rules/resources/rds/DbInstanceDbInstanceClassEnum.py +++ b/src/cfnlint/rules/resources/rds/DbInstanceDbInstanceClassEnum.py @@ -4,8 +4,8 @@ """ import cfnlint.data.schemas.extensions.aws_rds_dbinstance -from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails +from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional class DbInstanceDbInstanceClassEnum(CfnLintJsonSchemaRegional): @@ -19,8 +19,8 @@ class DbInstanceDbInstanceClassEnum(CfnLintJsonSchemaRegional): def __init__(self) -> None: super().__init__( - ["aws_rds_dbinstance/dbinstanceclass_enum"], - SchemaDetails( + keywords=["AWS::RDS::DBInstance/Properties"], + schema_details=SchemaDetails( cfnlint.data.schemas.extensions.aws_rds_dbinstance, "dbinstanceclass_enum.json", ), diff --git a/src/cfnlint/rules/resources/redshift/ClusterNodeTypeEnum.py b/src/cfnlint/rules/resources/redshift/ClusterNodeTypeEnum.py index 008ed2e586..2344b4ca91 100644 --- a/src/cfnlint/rules/resources/redshift/ClusterNodeTypeEnum.py +++ b/src/cfnlint/rules/resources/redshift/ClusterNodeTypeEnum.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +import cfnlint.data.schemas.extensions.aws_redshift_cluster +from cfnlint.rules.jsonschema.CfnLintJsonSchema import SchemaDetails from cfnlint.rules.jsonschema.CfnLintJsonSchemaRegional import CfnLintJsonSchemaRegional @@ -16,4 +18,10 @@ class ClusterNodeTypeEnum(CfnLintJsonSchemaRegional): tags = ["resources"] def __init__(self) -> None: - super().__init__(["aws_redshift_cluster/nodetype_enum"]) + super().__init__( + keywords=["AWS::Redshift::Cluster/Properties/NodeType"], + schema_details=SchemaDetails( + cfnlint.data.schemas.extensions.aws_redshift_cluster, + "nodetype_enum.json", + ), + ) diff --git a/src/cfnlint/rules/resources/route53/HealthCheckHealthCheckConfigTypeInclusive.py b/src/cfnlint/rules/resources/route53/HealthCheckHealthCheckConfigTypeInclusive.py index aa8933fd4e..e0145485c2 100644 --- a/src/cfnlint/rules/resources/route53/HealthCheckHealthCheckConfigTypeInclusive.py +++ b/src/cfnlint/rules/resources/route53/HealthCheckHealthCheckConfigTypeInclusive.py @@ -3,7 +3,11 @@ SPDX-License-Identifier: MIT-0 """ -from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema +from typing import Any + +import cfnlint.data.schemas.extensions.aws_route53_healthcheck +from cfnlint.jsonschema import ValidationError +from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails class HealthCheckHealthCheckConfigTypeInclusive(CfnLintJsonSchema): @@ -18,5 +22,12 @@ class HealthCheckHealthCheckConfigTypeInclusive(CfnLintJsonSchema): def __init__(self) -> None: super().__init__( - keywords=["aws_route53_healthcheck/healthcheckconfig_type_inclusive"] + keywords=["AWS::Route53::HealthCheck/Properties/HealthCheckConfig"], + schema_details=SchemaDetails( + module=cfnlint.data.schemas.extensions.aws_route53_healthcheck, + filename="healthcheckconfig_type_inclusive.json", + ), ) + + def message(self, instance: Any, err: ValidationError) -> str: + return err.message diff --git a/test/fixtures/schemas/providers/base.definition.schema.v1.json b/test/fixtures/schemas/providers/base.definition.schema.v1.json index 203b9da2be..deee0c12f2 100644 --- a/test/fixtures/schemas/providers/base.definition.schema.v1.json +++ b/test/fixtures/schemas/providers/base.definition.schema.v1.json @@ -112,10 +112,10 @@ "$ref": "http://json-schema.org/draft-07/schema#/properties/default" }, "if": { - "$ref": "http://json-schema.org/draft-07/schema#/properties/if" + "$ref": "#" }, "then": { - "$ref": "http://json-schema.org/draft-07/schema#/properties/then" + "$ref": "#" }, "multipleOf": { "$ref": "http://json-schema.org/draft-07/schema#/properties/multipleOf" @@ -239,7 +239,10 @@ "cfnLint": "true" }, "awsType": { - "type": "string", + "type": ["string", "array"], + "items": { + "type": "string" + }, "awsType": "true" } }, diff --git a/test/integration/test_schema_files.py b/test/integration/test_schema_files.py index 07ca6f1249..08a985f582 100644 --- a/test/integration/test_schema_files.py +++ b/test/integration/test_schema_files.py @@ -6,6 +6,7 @@ import fnmatch import json import os +import pathlib from typing import List from unittest import TestCase @@ -13,7 +14,7 @@ import regex as re import cfnlint -from cfnlint.helpers import REGIONS, load_resource +from cfnlint.helpers import REGIONS, load_plugins, load_resource from cfnlint.jsonschema import RefResolver, StandardValidator, ValidationError from cfnlint.jsonschema._utils import ensure_list from cfnlint.schema._pointer import resolve_pointer @@ -23,7 +24,7 @@ class TestSchemaFiles(TestCase): """Test schema files""" - used_cfn_schemas: List[str] = [] + found_keywords: List[str] = [] def setUp(self) -> None: schema_path = os.path.join(os.path.dirname(cfnlint.__file__), "data", "schemas") @@ -45,10 +46,6 @@ def setUp(self) -> None: d = json.load(fh) self.schema_draft7 = d - for dirpath, filename in self.get_files(self.paths["extensions"]): - filename = os.path.join(dirpath, filename) - with open(filename, "r") as fh: - self.used_cfn_schemas.append(filename) super().setUp() def get_files(self, dir): @@ -62,18 +59,6 @@ def pattern(self, validator, patrn, instance, schema): except Exception: yield ValidationError(f"Pattern doesn't compile: {patrn}") - def cfn_schema(self, validator, cSs, schemas, schema): - schemas = ensure_list(schemas) - for schema in schemas: - filename = os.path.join( - self.paths["extensions"], *"".join([schema, ".json"]).split("/") - ) - if not os.path.exists(filename): - yield ValidationError(f"CfnSchema doesn't exist: {filename}") - - if filename in self.used_cfn_schemas: - self.used_cfn_schemas.remove(filename) - def validate_basic_schema_details(self, d, filepath): """ Validate that readOnly, writeOnly, etc are valid @@ -115,8 +100,7 @@ def test_data_module_specs(self): StandardValidator({}) .extend( validators={ - "cfnSchema": self.cfn_schema, - "cfnRegionSchema": self.cfn_schema, + "cfnLint": self.cfn_lint, "pattern": self.pattern, }, )(schema=store["provider.definition.schema.v1.json"]) @@ -140,4 +124,67 @@ def test_data_module_specs(self): errs, [], f"Error with {dirpath}/{filename}: {errs}" ) self.validate_basic_schema_details(d, f"{dirpath}/{filename}") - self.assertListEqual(self.used_cfn_schemas, []) + + def cfn_lint(self, validator, _, keywords, schema): + keywords = ensure_list(keywords) + self.found_keywords.extend(keywords) + + def test_extension_module_specs(self): + """Test data file formats""" + + draft7_schema = load_resource( + "cfnlint.data.schemas.other.draft7", "schema.json" + ) + store = {"http://json-schema.org/draft-07/schema": draft7_schema} + dir = self.paths["fixtures"] + for dirpath, filename in self.get_files(dir): + with open(os.path.join(dirpath, filename), "r", encoding="utf8") as fh: + store[filename] = json.load(fh) + + resolver = RefResolver.from_schema( + store["http://json-schema.org/draft-07/schema"], store=store + ) + + validator = ( + StandardValidator({}) + .extend( + validators={ + "cfnLint": self.cfn_lint, + "pattern": self.pattern, + }, + )(schema=store["http://json-schema.org/draft-07/schema"]) + .evolve(resolver=resolver) + ) + + dir = self.paths["extensions"] + + for dirpath, filename in self.get_files(dir): + with open(os.path.join(dirpath, filename), "r", encoding="utf8") as fh: + d = json.load(fh) + # not allowed but true with this resource + if filename == "aws-cloudformation-customresource.json": + d["additionalProperties"] = False + errs = list(validator.iter_errors(d)) + self.assertListEqual( + errs, [], f"Error with {dirpath}/{filename}: {errs}" + ) + self.validate_basic_schema_details(d, f"{dirpath}/{filename}") + + def test_keywords(self): + root_dir = pathlib.Path(__file__).parent.parent.parent / "src/cfnlint/rules" + rules = load_plugins( + str(root_dir), + "CfnLintKeyword", + "cfnlint.rules.jsonschema.CfnLintKeyword", + ) + rules.extend( + load_plugins( + str(root_dir), + "CfnLintJsonSchema", + "cfnlint.rules.jsonschema.CfnLintJsonSchema", + ) + ) + + for rule in rules: + for keyword in rule.keywords: + self.assertIn(keyword, self.found_keywords) diff --git a/test/unit/rules/jsonschema/test_cfn_region_schema.py b/test/unit/rules/jsonschema/test_cfn_region_schema.py index 684de97ca1..58fbda44d4 100644 --- a/test/unit/rules/jsonschema/test_cfn_region_schema.py +++ b/test/unit/rules/jsonschema/test_cfn_region_schema.py @@ -47,7 +47,7 @@ def test_cfn_region_schema(name, rule, instance, regions, expected_errs): context = Context(regions) validator = CfnTemplateValidator(schema=_schema, context=context) - errs = list(rule.iter_errors(validator, [], instance, {})) + errs = list(rule.validate(validator, [], instance, {})) assert len(errs) == len(expected_errs), name for i, expected_err in enumerate(expected_errs): assert errs[i].message == expected_err.message, name diff --git a/test/unit/rules/jsonschema/test_cfn_schema.py b/test/unit/rules/jsonschema/test_cfn_schema.py index 013da687a0..ec847473da 100644 --- a/test/unit/rules/jsonschema/test_cfn_schema.py +++ b/test/unit/rules/jsonschema/test_cfn_schema.py @@ -3,6 +3,8 @@ SPDX-License-Identifier: MIT-0 """ +from collections import deque + import pytest from cfnlint.context import Context @@ -27,7 +29,6 @@ class _Error(CfnLintJsonSchema): def __init__(self) -> None: super().__init__([], None, True) - self._schema = _schema class _BestError(CfnLintJsonSchema): @@ -37,7 +38,6 @@ class _BestError(CfnLintJsonSchema): def __init__(self) -> None: super().__init__([], None, False) - self._schema = _schema @pytest.mark.parametrize( @@ -48,8 +48,20 @@ def __init__(self) -> None: _Error(), {"a": [], "b": []}, [ - ValidationError("[] is not of type 'string'"), - ValidationError("[] is not of type 'object'"), + ValidationError( + message="[] is not of type 'string'", + rule=_Error(), + validator="type", + path=deque(["a"]), + schema_path=deque(["properties", "a", "type"]), + ), + ValidationError( + message="[] is not of type 'object'", + rule=_Error(), + validator="type", + path=deque(["b"]), + schema_path=deque(["properties", "b", "type"]), + ), ], ), ( @@ -57,15 +69,20 @@ def __init__(self) -> None: _BestError(), {"a": [], "b": []}, [ - ValidationError(_BestError.shortdesc), + ValidationError( + message="Rule that returns the best error", + validator="type", + path=deque(["a"]), + rule=_BestError(), + schema_path=deque(["properties", "a", "type"]), + ), ], ), ], ) def test_cfn_schema(name, rule, instance, expected_errs): - context = Context("us-east-1") + context = Context(regions=["us-east-1"]) validator = CfnTemplateValidator(schema=_schema, context=context) - errs = list(rule.iter_errors(validator, {}, instance, {})) - for i, expected_err in enumerate(expected_errs): - assert errs[i].message == expected_err.message, name + errs = list(rule.validate(validator, {}, instance, _schema)) + assert errs == expected_errs diff --git a/test/unit/rules/resources/cloudwatch/__init__.py b/test/unit/rules/resources/cloudwatch/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/test/unit/rules/resources/cloudwatch/test_alarm_aws_namespace_period.py b/test/unit/rules/resources/cloudwatch/test_alarm_aws_namespace_period.py new file mode 100644 index 0000000000..2964ef9ac7 --- /dev/null +++ b/test/unit/rules/resources/cloudwatch/test_alarm_aws_namespace_period.py @@ -0,0 +1,76 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.cloudwatch.AlarmAwsNamespacePeriod import ( + AlarmAwsNamespacePeriod, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = AlarmAwsNamespacePeriod() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "Namespace": "AWS/foo", + "Period": 60, + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "Namespace": "AWS/foo", + "Period": {"Ref": "Period"}, # ignore when object + }, + [], + ), + ( + { + "Namespace": {"Ref": "Namespace"}, # ignore when object + "Period": 30, + }, + [], + ), + ( + { + "Namespace": "AWS/foo", + "Period": 30, + }, + [ + ValidationError( + "30 is less than the minimum of 60", + rule=AlarmAwsNamespacePeriod(), + path=deque(["Period"]), + validator="minimum", + schema={"minimum": 60, "type": ["number", "string"]}, + schema_path=deque(["then", "properties", "Period", "minimum"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/dynamodb/test_table_billingmode_exclusive.py b/test/unit/rules/resources/dynamodb/test_table_billingmode_exclusive.py new file mode 100644 index 0000000000..547e6c898b --- /dev/null +++ b/test/unit/rules/resources/dynamodb/test_table_billingmode_exclusive.py @@ -0,0 +1,60 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.dynamodb.TableBillingModeExclusive import ( + TableBillingModeExclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = TableBillingModeExclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "BillingMode": "PAY_PER_REQUEST", + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "BillingMode": "PAY_PER_REQUEST", + "ProvisionedThroughput": "Foo", + }, + [ + ValidationError( + "Additional properties are not allowed ('ProvisionedThroughput'}", + rule=TableBillingModeExclusive(), + path=deque([]), + validator="not", + schema_path=deque(["then", "not"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/ec2/test_sg_all_to_and_from_ports.py b/test/unit/rules/resources/ec2/test_sg_all_to_and_from_ports.py new file mode 100644 index 0000000000..6aec9b9d3b --- /dev/null +++ b/test/unit/rules/resources/ec2/test_sg_all_to_and_from_ports.py @@ -0,0 +1,133 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.ectwo.SecurityGroupAllToAndFromPorts import ( + SecurityGroupAllToAndFromPorts, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = SecurityGroupAllToAndFromPorts() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "ToPort": -1, + "FromPort": -1, + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "ToPort": "-1", + "FromPort": -1, + }, + [], + ), + ( + { + "ToPort": -1, + }, + [ + ValidationError( + ("Both ['FromPort', 'ToPort'] must " "be -1 when one is -1"), + rule=SecurityGroupAllToAndFromPorts(), + path=deque([]), + validator="required", + validator_value=["FromPort"], + instance={"ToPort": -1}, + schema={ + "properties": {"FromPort": {"enum": [-1, "-1"]}}, + "required": ["FromPort"], + }, + schema_path=deque(["allOf", 0, "then", "required"]), + ) + ], + ), + ( + { + "FromPort": -1, + }, + [ + ValidationError( + ("Both ['FromPort', 'ToPort'] must " "be -1 when one is -1"), + rule=SecurityGroupAllToAndFromPorts(), + path=deque([]), + validator="required", + validator_value=["ToPort"], + instance={"FromPort": -1}, + schema={ + "properties": {"ToPort": {"enum": [-1, "-1"]}}, + "required": ["ToPort"], + }, + schema_path=deque(["allOf", 1, "then", "required"]), + ) + ], + ), + ( + { + "ToPort": -1, + "FromPort": 5, + }, + [ + ValidationError( + ("Both ['FromPort', 'ToPort'] must " "be -1 when one is -1"), + rule=SecurityGroupAllToAndFromPorts(), + path=deque(["FromPort"]), + validator="enum", + validator_value=[-1, "-1"], + instance=5, + schema={"enum": [-1, "-1"]}, + schema_path=deque( + ["allOf", 0, "then", "properties", "FromPort", "enum"] + ), + ) + ], + ), + ( + { + "ToPort": 5, + "FromPort": -1, + }, + [ + ValidationError( + ("Both ['FromPort', 'ToPort'] must " "be -1 when one is -1"), + rule=SecurityGroupAllToAndFromPorts(), + path=deque(["ToPort"]), + validator="enum", + validator_value=[-1, "-1"], + instance=5, + schema={"enum": [-1, "-1"]}, + schema_path=deque( + ["allOf", 1, "then", "properties", "ToPort", "enum"] + ), + ) + ], + ), + ], +) +def test_backup_lifecycle(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/ec2/test_sg_protocols_ports_exclusive.py b/test/unit/rules/resources/ec2/test_sg_protocols_ports_exclusive.py new file mode 100644 index 0000000000..3969124e7e --- /dev/null +++ b/test/unit/rules/resources/ec2/test_sg_protocols_ports_exclusive.py @@ -0,0 +1,73 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.ectwo.SecurityGroupProtocolsAndPortsExclusive import ( + SecurityGroupProtocolsAndPortsExclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = SecurityGroupProtocolsAndPortsExclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "IpProtocol": -1, + }, + [], + ), + ( + { + "IpProtocol": 9, + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "IpProtocol": -1, + "FromPort": -1, + "ToPort": -1, + }, + [ + ValidationError( + ( + "['FromPort', 'ToPort'] are ignored when using " + "'IpProtocol' value -1" + ), + rule=SecurityGroupProtocolsAndPortsExclusive(), + path=deque(["FromPort"]), + instance=-1, + schema=False, + validator=None, + validator_value=None, + schema_path=deque(["then", "properties", "FromPort"]), + ) + ], + ), + ], +) +def test_backup_lifecycle(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/ec2/test_sg_protocols_ports_inclusive.py b/test/unit/rules/resources/ec2/test_sg_protocols_ports_inclusive.py new file mode 100644 index 0000000000..c7fcb36ca4 --- /dev/null +++ b/test/unit/rules/resources/ec2/test_sg_protocols_ports_inclusive.py @@ -0,0 +1,71 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.ectwo.SecurityGroupProtocolsAndPortsInclusive import ( + SecurityGroupProtocolsAndPortsInclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = SecurityGroupProtocolsAndPortsInclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "IpProtocol": -1, + }, + [], + ), + ( + { + "IpProtocol": 9, + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "IpProtocol": "tcp", + "FromPort": 1, + }, + [ + ValidationError( + ( + "['FromPort', 'ToPort'] are required properties " + "when using 'IpProtocol' value 'tcp'" + ), + rule=SecurityGroupProtocolsAndPortsInclusive(), + path=deque([]), + instance={"IpProtocol": "tcp", "FromPort": 1}, + validator="required", + validator_value=["FromPort", "ToPort"], + schema_path=deque(["then", "required"]), + ) + ], + ), + ], +) +def test_backup_lifecycle(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/ecs/__init__.py b/test/unit/rules/resources/ecs/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/test/unit/rules/resources/ecs/test_ecs_fargate.py b/test/unit/rules/resources/ecs/test_ecs_fargate.py new file mode 100644 index 0000000000..4fc7394682 --- /dev/null +++ b/test/unit/rules/resources/ecs/test_ecs_fargate.py @@ -0,0 +1,76 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.ecs.FargateDeploymentSchedulingStrategy import ( + FargateDeploymentSchedulingStrategy, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = FargateDeploymentSchedulingStrategy() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "LaunchType": "FARGATE", + }, + [], + ), + ( + { + "LaunchType": "FARGATE", + "SchedulingStrategy": "REPLICA", + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "LaunchType": "FARGATE", + "SchedulingStrategy": {"Ref": "Replica"}, + }, + [], + ), + ( + { + "LaunchType": "FARGATE", + "SchedulingStrategy": "Foo", + }, + [ + ValidationError( + "'REPLICA' was expected", + rule=FargateDeploymentSchedulingStrategy(), + path=deque(["SchedulingStrategy"]), + validator="const", + schema_path=deque( + ["then", "properties", "SchedulingStrategy", "const"] + ), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/ecs/test_task_definition_essentials.py b/test/unit/rules/resources/ecs/test_task_definition_essentials.py new file mode 100644 index 0000000000..83230e37b2 --- /dev/null +++ b/test/unit/rules/resources/ecs/test_task_definition_essentials.py @@ -0,0 +1,75 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.ecs.TaskDefinitionEssentialContainer import ( + TaskDefinitionEssentialContainer, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = TaskDefinitionEssentialContainer() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + [{"Essential": True}], + [], + ), + ( + [{"Essential": True}, {"Essential": False}], + [], + ), + ( + {}, # wrong type + [], + ), + ( + [{"Essential": {"Ref": "Essential"}}, {"Essential": False}], + [], + ), + ( + [{"Essential": False}], + [ + ValidationError( + "At least one essential container is required", + rule=TaskDefinitionEssentialContainer(), + path=deque([]), + validator="contains", + schema_path=deque(["contains"]), + ) + ], + ), + ( + [], + [ + ValidationError( + "At least one essential container is required", + rule=TaskDefinitionEssentialContainer(), + path=deque([]), + validator="contains", + schema_path=deque(["contains"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/ecs/test_task_definition_log_configuration.py b/test/unit/rules/resources/ecs/test_task_definition_log_configuration.py new file mode 100644 index 0000000000..8b422ed60d --- /dev/null +++ b/test/unit/rules/resources/ecs/test_task_definition_log_configuration.py @@ -0,0 +1,61 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.ecs.LogConfiguration import LogConfiguration + + +@pytest.fixture(scope="module") +def rule(): + rule = LogConfiguration() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": "foo", + "awslogs-region": "us-east-1", + }, + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "LogDriver": "awslogs", + }, + [ + ValidationError( + "'Options' is a required property", + rule=LogConfiguration(), + path=deque([]), + validator="required", + schema_path=deque(["then", "required"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/iam/test_iam_permissions.py b/test/unit/rules/resources/iam/test_iam_permissions.py index f65375c72c..ee1fd41388 100644 --- a/test/unit/rules/resources/iam/test_iam_permissions.py +++ b/test/unit/rules/resources/iam/test_iam_permissions.py @@ -26,17 +26,17 @@ def validator(): ("Valid string", "s3:GetObject", 0), ("Valid list", ["s3:GetObject"], 0), ("Invalid string", "s3:Foo", 1), - ("Invlid list", ["s3:Foo"], 1), + ("Invalid list", ["s3:Foo"], 1), ("Valid astrisk for permission", ["s3:*"], 0), ("Valid all astrisk", ["*"], 0), ("Valid string with ending astrisk", "s3:Get*", 0), ("Valid string with starting astrisk", "s3:*Object", 0), - ("Invlid list", ["s3:Foo"], 1), + ("Invalid list", ["s3:Foo"], 1), ("Invalid string with ending astrisk", "s3:Foo*", 1), - ("Invlid string with starting astrisk", "s3:*Foo", 1), + ("Invalid string with starting astrisk", "s3:*Foo", 1), ("Invalid service", "foo:Bar", 1), ], ) def test_permissions(name, instance, err_count, rule, validator): - errors = list(rule.iampolicystatementaction(validator, {}, instance, {})) + errors = list(rule.validate(validator, {}, instance, {})) assert len(errors) == err_count, f"Test {name!r} got {errors!r}" diff --git a/test/unit/rules/resources/iam/test_iam_policy_version.py b/test/unit/rules/resources/iam/test_iam_policy_version.py index 135bbc717e..b8a1ad3972 100644 --- a/test/unit/rules/resources/iam/test_iam_policy_version.py +++ b/test/unit/rules/resources/iam/test_iam_policy_version.py @@ -38,5 +38,5 @@ def validator(): ], ) def test_policy_version(name, instance, expected, rule, validator): - errors = list(rule.iampolicyversion(validator, {}, instance, {})) + errors = list(rule.validate(validator, {}, instance, {})) assert errors == expected, f"Test {name!r} got {errors!r}" diff --git a/test/unit/rules/resources/iam/test_identity_policy.py b/test/unit/rules/resources/iam/test_identity_policy.py index a1d9b4b44d..6ca702f6e0 100644 --- a/test/unit/rules/resources/iam/test_identity_policy.py +++ b/test/unit/rules/resources/iam/test_identity_policy.py @@ -25,7 +25,7 @@ def test_object_basic(self): policy = {"Version": "2012-10-18"} errs = list( - self.rule.iamidentitypolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) @@ -55,7 +55,7 @@ def test_object_multiple_effect(self): } errs = list( - self.rule.iamidentitypolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) @@ -103,7 +103,7 @@ def test_object_statements(self): } errs = list( - self.rule.iamidentitypolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) @@ -142,7 +142,7 @@ def test_string_statements(self): """ errs = list( - self.rule.iamidentitypolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) diff --git a/test/unit/rules/resources/iam/test_resource_ecr_policy.py b/test/unit/rules/resources/iam/test_resource_ecr_policy.py index 2b420f5a69..957c50022f 100644 --- a/test/unit/rules/resources/iam/test_resource_ecr_policy.py +++ b/test/unit/rules/resources/iam/test_resource_ecr_policy.py @@ -45,7 +45,7 @@ def test_string_statements(self): """ errs = list( - self.rule.iamresourceecrpolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) diff --git a/test/unit/rules/resources/iam/test_resource_policy.py b/test/unit/rules/resources/iam/test_resource_policy.py index 9670abd5ad..dcec3395cc 100644 --- a/test/unit/rules/resources/iam/test_resource_policy.py +++ b/test/unit/rules/resources/iam/test_resource_policy.py @@ -25,7 +25,7 @@ def test_object_basic(self): policy = {"Version": "2012-10-18"} errs = list( - self.rule.iamresourcepolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) @@ -55,7 +55,7 @@ def test_object_multiple_effect(self): } errs = list( - self.rule.iamresourcepolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) @@ -103,7 +103,7 @@ def test_object_statements(self): } errs = list( - self.rule.iamresourcepolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) @@ -142,7 +142,7 @@ def test_string_statements(self): """ errs = list( - self.rule.iamresourcepolicy( + self.rule.validate( validator=validator, policy=policy, schema={}, policy_type=None ) ) diff --git a/test/unit/rules/resources/iam/test_role_arn_pattern.py b/test/unit/rules/resources/iam/test_role_arn_pattern.py index 5e56feb0ba..b3970ec7da 100644 --- a/test/unit/rules/resources/iam/test_role_arn_pattern.py +++ b/test/unit/rules/resources/iam/test_role_arn_pattern.py @@ -12,7 +12,7 @@ def _message_errors(name, arn, errors, **kwargs): validator = CfnTemplateValidator().evolve(**kwargs) - i_errors = list(RoleArnPattern().iamrolearn(validator, {}, arn, {})) + i_errors = list(RoleArnPattern().validate(validator, {}, arn, {})) assert len(errors) == len(i_errors), ( f"{name}: Expected exactly {len(errors)} error, " diff --git a/test/unit/rules/resources/lmbd/test_deprecated_runtime_end.py b/test/unit/rules/resources/lmbd/test_deprecated_runtime_end.py index 86b4a7fcb2..dc00aff45a 100644 --- a/test/unit/rules/resources/lmbd/test_deprecated_runtime_end.py +++ b/test/unit/rules/resources/lmbd/test_deprecated_runtime_end.py @@ -50,5 +50,5 @@ def validator(): ], ) def test_lambda_runtime(instance, expected, rule, validator): - errs = list(rule.awslambdafunctionruntime(validator, "LambdaRuntime", instance, {})) + errs = list(rule.validate(validator, "LambdaRuntime", instance, {})) assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/lmbd/test_deprecated_runtime_eol.py b/test/unit/rules/resources/lmbd/test_deprecated_runtime_eol.py index 09ff8f15a7..8353558764 100644 --- a/test/unit/rules/resources/lmbd/test_deprecated_runtime_eol.py +++ b/test/unit/rules/resources/lmbd/test_deprecated_runtime_eol.py @@ -55,5 +55,5 @@ def validator(): ], ) def test_lambda_runtime(instance, expected, rule, validator): - errs = list(rule.awslambdafunctionruntime(validator, "LambdaRuntime", instance, {})) + errs = list(rule.validate(validator, "LambdaRuntime", instance, {})) assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_sqs_exclusive.py b/test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_sqs_exclusive.py new file mode 100644 index 0000000000..f5edba0d3f --- /dev/null +++ b/test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_sqs_exclusive.py @@ -0,0 +1,60 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.lmbd.EventSourceMappingEventSourceArnSqsExclusive import ( + EventSourceMappingEventSourceArnSqsExclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = EventSourceMappingEventSourceArnSqsExclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "EventSourceArn": "arn:aws:sqs:us-east-1:123456789012:sqs-arn", + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "EventSourceArn": "arn:aws:sqs:us-east-1:123456789012:sqs-arn", + "StartingPosition": "1", + }, + [ + ValidationError( + "Additional properties are not allowed ('StartingPosition')", + rule=EventSourceMappingEventSourceArnSqsExclusive(), + path=deque(["StartingPosition"]), + validator=None, + schema_path=deque(["then", "properties", "StartingPosition"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_stream_inclusive.py b/test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_stream_inclusive.py new file mode 100644 index 0000000000..2b22a24aab --- /dev/null +++ b/test/unit/rules/resources/lmbd/test_event_source_mapping_event_source_arn_stream_inclusive.py @@ -0,0 +1,60 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.lmbd.EventSourceMappingEventSourceArnStreamInclusive import ( # noqa: E501 + EventSourceMappingEventSourceArnStreamInclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = EventSourceMappingEventSourceArnStreamInclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "EventSourceArn": "arn:aws:kinesis:us-east-1:123456789012:kinesis-arn", + "StartingPosition": "1", + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "EventSourceArn": "arn:aws:kinesis:us-east-1:123456789012:kinesis-arn", + }, + [ + ValidationError( + "'StartingPosition' is a required property", + rule=EventSourceMappingEventSourceArnStreamInclusive(), + path=deque([]), + validator="required", + schema_path=deque(["then", "required"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/lmbd/test_function_zipfile_runtime_enum.py b/test/unit/rules/resources/lmbd/test_function_zipfile_runtime_enum.py new file mode 100644 index 0000000000..45b594de49 --- /dev/null +++ b/test/unit/rules/resources/lmbd/test_function_zipfile_runtime_enum.py @@ -0,0 +1,59 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.lmbd.FunctionZipfileRuntimeEnum import ( + FunctionZipfileRuntimeEnum, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = FunctionZipfileRuntimeEnum() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + {"Code": {"ZipFile": "foo"}, "Runtime": "python3.10"}, + [], + ), + ( + [], # wrong type + [], + ), + ( + {"Code": {"ZipFile": "foo"}, "Runtime": {"Ref": "Runtime"}}, + [], + ), + ( + {"Code": {"ZipFile": "foo"}, "Runtime": "bar"}, + [ + ValidationError( + "'bar' does not match '^(nodejs.*|python.*)$'", + rule=FunctionZipfileRuntimeEnum(), + path=deque(["Runtime"]), + validator="pattern", + schema_path=deque(["then", "properties", "Runtime", "pattern"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/lmbd/test_function_zipfile_runtime_exists.py b/test/unit/rules/resources/lmbd/test_function_zipfile_runtime_exists.py new file mode 100644 index 0000000000..6de7decb63 --- /dev/null +++ b/test/unit/rules/resources/lmbd/test_function_zipfile_runtime_exists.py @@ -0,0 +1,62 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.lmbd.FunctionZipfileRuntimeExists import ( + FunctionZipfileRuntimeExists, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = FunctionZipfileRuntimeExists() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "Code": { + "ZipFile": "foo", + }, + "Runtime": "foo", + }, + [], + ), + ( + [], # wrong type + [], + ), + ( + { + "Code": {"ZipFile": "foo"}, + }, + [ + ValidationError( + "'Runtime' is a required property", + rule=FunctionZipfileRuntimeExists(), + path=deque([]), + validator="required", + schema_path=deque(["then", "required"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/properties/test_availability_zone.py b/test/unit/rules/resources/properties/test_availability_zone.py index bf5fbd5bed..e434ef0dad 100644 --- a/test/unit/rules/resources/properties/test_availability_zone.py +++ b/test/unit/rules/resources/properties/test_availability_zone.py @@ -3,71 +3,113 @@ SPDX-License-Identifier: MIT-0 """ -from test.unit.rules import BaseRuleTestCase +from collections import deque -from cfnlint.jsonschema import CfnTemplateValidator +import pytest + +from cfnlint.context import ContextManager +from cfnlint.helpers import FUNCTIONS +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError from cfnlint.rules.resources.properties.AvailabilityZone import ( AvailabilityZone, # pylint: disable=E0401 ) +from cfnlint.template import Template -class TestAvailabilityZone(BaseRuleTestCase): - """Test Password Property Configuration""" - - def setUp(self): - """Setup""" - self.rule = AvailabilityZone() +@pytest.fixture(scope="module") +def rule(): + rule = AvailabilityZone() + yield rule - def test_availability_zones(self): - validator = CfnTemplateValidator({}) - # hard coded string - self.assertEqual( - len(list(self.rule.availabilityzones(validator, {}, ["us-east-1"], {}))), 1 - ) +@pytest.fixture(scope="module") +def validator(): + cfn = Template( + "", + { + "Resources": { + "MySqs": { + "Type": "AWS::SQS::Queue", + } + } + }, + ) + context_manager = ContextManager(cfn) + context = context_manager.create_context_for_template(["us-east-1"]).evolve( + functions=FUNCTIONS + ) + context.path = deque(["Resources", "MySqs", "Properties"]) + yield CfnTemplateValidator(schema={}, context=context, cfn=cfn) - # proper function - self.assertEqual( - len( - list( - self.rule.availabilityzones( - validator, {}, {"Fn::GetAZs": "us-east-1"}, {} - ) - ) - ), - 0, - ) - - # not a string - self.assertEqual( - len(list(self.rule.availabilityzones(validator, {}, True, {}))), 0 - ) - # not a string - self.assertEqual( - len( - list( - self.rule.availabilityzones( - validator, {}, [{"Ref": "Parameter"}], {} - ) +@pytest.mark.parametrize( + "name,instance,path,expected", + [ + ( + "Valid ref", + {"Ref": "AZ"}, + None, + [], + ), + ( + "Valid list ref", + [{"Ref": "AZ"}], + None, + [], + ), + ( + "Valid inside Ref", + "us-east-1a", + "Ref", + [], + ), + ( + "Valid GetAZs", + ["us-east-1a", "us-east-1b"], + "Fn::GetAZs", + [], + ), + ( + "Invalid type", + True, + deque(["Resources", "MySqs", "Properties"]), + [], + ), + ( + "Invalid hardcoded string", + "us-east-1a", + deque(["Resources", "MySqs", "Properties"]), + [ + ValidationError( + ("Avoid hardcoding availability zones 'us-east-1a'"), + rule=AvailabilityZone(), ) - ), - 0, - ) - - # exception - self.assertEqual( - len(list(self.rule.availabilityzones(validator, {}, ["all"], {}))), 0 - ) - - # more than 1 - self.assertEqual( - len( - list( - self.rule.availabilityzones( - validator, {}, ["us-east-1", "us-west-2"], {} - ) - ) - ), - 2, + ], + ), + ( + "Invalid hardcoded array", + ["us-east-1a", "us-east-1b"], + deque(["Resources", "MySqs", "Properties"]), + [ + ValidationError( + ("Avoid hardcoding availability zones 'us-east-1a'"), + rule=AvailabilityZone(), + ), + ValidationError( + ("Avoid hardcoding availability zones 'us-east-1b'"), + rule=AvailabilityZone(), + ), + ], + ), + ], +) +def test_validate(name, instance, path, expected, rule, validator): + validator = validator.evolve( + context=validator.context.evolve( + path=path, ) + ) + errors = list(rule.validate(validator, False, instance, {})) + # we use error counts in this one as the instance types are + # always changing so we aren't going to hold ourselves up by that + assert errors == expected, f"Test {name!r} got {errors!r}" diff --git a/test/unit/rules/resources/rds/test_db_cluster_serverless_exclusive.py b/test/unit/rules/resources/rds/test_db_cluster_serverless_exclusive.py new file mode 100644 index 0000000000..eb645fded9 --- /dev/null +++ b/test/unit/rules/resources/rds/test_db_cluster_serverless_exclusive.py @@ -0,0 +1,53 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.rds.DbClusterServerlessExclusive import ( + DbClusterServerlessExclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = DbClusterServerlessExclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "EngineMode": "serverless", + }, + [], + ), + ( + {"EngineMode": "serverless", "ScalingConfiguration": "foo"}, + [ + ValidationError( + "Additional properties are not allowed ('ScalingConfiguration')", + rule=DbClusterServerlessExclusive(), + path=deque([]), + validator="not", + schema_path=deque(["then", "not"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/rds/test_db_instance_aurora_exclusive.py b/test/unit/rules/resources/rds/test_db_instance_aurora_exclusive.py new file mode 100644 index 0000000000..b1469cd8d8 --- /dev/null +++ b/test/unit/rules/resources/rds/test_db_instance_aurora_exclusive.py @@ -0,0 +1,86 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.rds.DbInstanceAuroraExclusive import ( + DbInstanceAuroraExclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = DbInstanceAuroraExclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + { + "Engine": "aurora", + }, + [], + ), + ( + { + "Engine": "aurora", + "DeletionProtection": True, + }, + [ + ValidationError( + "Additional properties are not allowed (['DeletionProtection'])", + rule=DbInstanceAuroraExclusive(), + path=deque([]), + instance={"Engine": "aurora", "DeletionProtection": True}, + validator="not", + schema_path=deque(["then", "not"]), + ) + ], + ), + ( + { + "Engine": "aurora", + "DeletionProtection": True, + "CopyTagsToSnapshot": True, + }, + [ + ValidationError( + ( + "Additional properties are not " + "allowed (['DeletionProtection', " + "'CopyTagsToSnapshot'])" + ), + rule=DbInstanceAuroraExclusive(), + path=deque([]), + instance={ + "Engine": "aurora", + "DeletionProtection": True, + "CopyTagsToSnapshot": True, + }, + validator="not", + schema_path=deque(["then", "not"]), + ) + ], + ), + ( + [], + [], + ), + ], +) +def test_backup_lifecycle(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/rds/test_db_instance_db_instance_class_enum.py b/test/unit/rules/resources/rds/test_db_instance_db_instance_class_enum.py index b0593037c6..ea0b18ed60 100644 --- a/test/unit/rules/resources/rds/test_db_instance_db_instance_class_enum.py +++ b/test/unit/rules/resources/rds/test_db_instance_db_instance_class_enum.py @@ -87,7 +87,7 @@ def validator(): ) def test_validate(name, instance, regions, err_count, rule, validator): validator = validator.evolve(context=validator.context.evolve(regions=regions)) - errors = list(rule.awsrdsdbinstancedbinstanceclassenum(validator, "", instance, {})) + errors = list(rule.validate(validator, "", instance, {})) # we use error counts in this one as the instance types are # always changing so we aren't going to hold ourselves up by that diff --git a/test/unit/rules/resources/route53/test_health_check_health_check_config_type_inclusive.py b/test/unit/rules/resources/route53/test_health_check_health_check_config_type_inclusive.py new file mode 100644 index 0000000000..4ddba8ed4d --- /dev/null +++ b/test/unit/rules/resources/route53/test_health_check_health_check_config_type_inclusive.py @@ -0,0 +1,63 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.route53.HealthCheckHealthCheckConfigTypeInclusive import ( + HealthCheckHealthCheckConfigTypeInclusive, +) + + +@pytest.fixture(scope="module") +def rule(): + rule = HealthCheckHealthCheckConfigTypeInclusive() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + yield CfnTemplateValidator(schema={}) + + +@pytest.mark.parametrize( + "instance,expected", + [ + ( + {"Type": "CLOUDWATCH_METRIC", "AlarmIdentifier": "Foo"}, + [], + ), + ( + { + "Type": {"Ref": "AWS::Region"}, + }, + [], + ), + ( + [], + [], + ), + ( + { + "Type": "CLOUDWATCH_METRIC", + }, + [ + ValidationError( + "'AlarmIdentifier' is a required property", + rule=HealthCheckHealthCheckConfigTypeInclusive(), + path=deque([]), + validator="required", + schema_path=deque(["then", "required"]), + ) + ], + ), + ], +) +def test_validate(instance, expected, rule, validator): + errs = list(rule.validate(validator, "", instance, {})) + + assert errs == expected, f"Expected {expected} got {errs}" diff --git a/test/unit/rules/resources/test_retentionperiod.py b/test/unit/rules/resources/test_retentionperiod.py index 94a6cbf269..13705a315a 100644 --- a/test/unit/rules/resources/test_retentionperiod.py +++ b/test/unit/rules/resources/test_retentionperiod.py @@ -50,6 +50,11 @@ def validator(): {"MessageRetentionPeriod": "90"}, [], ), + ( + "Invalid type ", + [], + [], + ), ( "Invalid when not specified", {}, @@ -69,29 +74,10 @@ def validator(): ) ], ), - ( - "Invalid specified with Ref AWS::NoValue", - {"MessageRetentionPeriod": {"Ref": "AWS::NoValue"}}, - [ - ValidationError( - ( - "The default retention period will delete the data after " - "a pre-defined time. Set an explicit values to avoid " - "data loss on resource. 'MessageRetentionPeriod' is a " - "required property" - ), - rule=RetentionPeriodOnResourceTypesWithAutoExpiringContent(), - schema_path=deque(["required"]), - validator="required", - validator_value=["MessageRetentionPeriod"], - instance={}, - ) - ], - ), ], ) def test_validate(name, instance, expected, rule, validator): - errors = list(rule.backupretentionperiod(validator, False, instance, {})) + errors = list(rule.validate(validator, False, instance, {})) # we use error counts in this one as the instance types are # always changing so we aren't going to hold ourselves up by that assert errors == expected, f"Test {name!r} got {errors!r}" diff --git a/test/unit/rules/resources/test_retentionperiod_rds.py b/test/unit/rules/resources/test_retentionperiod_rds.py new file mode 100644 index 0000000000..4962d99212 --- /dev/null +++ b/test/unit/rules/resources/test_retentionperiod_rds.py @@ -0,0 +1,78 @@ +""" +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +SPDX-License-Identifier: MIT-0 +""" + +from collections import deque + +import pytest + +from cfnlint.context import ContextManager +from cfnlint.helpers import FUNCTIONS +from cfnlint.jsonschema import CfnTemplateValidator, ValidationError +from cfnlint.rules.resources.RetentionPeriodOnResourceTypesWithAutoExpiringContent import ( # noqa: E501 + RetentionPeriodOnResourceTypesWithAutoExpiringContent, +) +from cfnlint.template import Template + + +@pytest.fixture(scope="module") +def rule(): + rule = RetentionPeriodOnResourceTypesWithAutoExpiringContent() + yield rule + + +@pytest.fixture(scope="module") +def validator(): + cfn = Template( + "", + { + "Resources": { + "MyRdsDbInstance": { + "Type": "AWS::RDS::DBInstance", + } + } + }, + ) + context_manager = ContextManager(cfn) + context = context_manager.create_context_for_template(["us-east-1"]).evolve( + functions=FUNCTIONS + ) + context.path = deque(["Resources", "MyRdsDbInstance", "Properties"]) + yield CfnTemplateValidator(schema={}, context=context, cfn=cfn) + + +@pytest.mark.parametrize( + "name,instance,expected", + [ + ( + "Valid version", + {"MessageRetentionPeriod": "90"}, + [], + ), + ( + "Invalid when not specified", + { + "Engine": "mysql", + }, + [ + ValidationError( + ( + "The default retention period will delete the data after " + "a pre-defined time. Set an explicit values to avoid data " + "loss on resource. 'BackupRetentionPeriod' is a " + "required property" + ), + rule=RetentionPeriodOnResourceTypesWithAutoExpiringContent(), + schema_path=deque(["then", "required"]), + validator="required", + validator_value=["BackupRetentionPeriod"], + ) + ], + ), + ], +) +def test_validate(name, instance, expected, rule, validator): + errs = list(rule.validate(validator, False, instance, {})) + + assert errs == expected, f"Test {name!r} got {errs!r}"