Skip to content

feat: update L1 CloudFormation resource definitions #35646

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 1, 2025
Merged

feat: update L1 CloudFormation resource definitions #35646

merged 1 commit into from
Oct 1, 2025

Conversation

@aws-cdk-automation
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation commented Oct 1, 2025
edited by vishaalmehrishi
Loading

Updates the L1 CloudFormation resource definitions with the latest changes from @aws-cdk/aws-service-spec

L1 CloudFormation resource definition changes:

├[~] service aws-apigateway
│ └ resources
│    └[~]  resource AWS::ApiGateway::DomainNameV2
│       └      - arnTemplate: arn:${Partition}:apigateway:${Region}::/domainnames
│              + arnTemplate: arn:${Partition}:apigateway:${Region}::/domainnames/${DomainName}
├[~] service aws-bedrock
│ └ resources
│    └[~]  resource AWS::Bedrock::DataAutomationProject
│       └ types
│          ├[~] type AudioExtractionCategory
│          │ └ properties
│          │    └[+] TypeConfiguration: AudioExtractionCategoryTypeConfiguration
│          ├[+]  type AudioExtractionCategoryTypeConfiguration
│          │  ├      name: AudioExtractionCategoryTypeConfiguration
│          │  └ properties
│          │     └ Transcript: TranscriptConfiguration
│          ├[+]  type ChannelLabelingConfiguration
│          │  ├      name: ChannelLabelingConfiguration
│          │  └ properties
│          │     └ State: string (required)
│          ├[+]  type SpeakerLabelingConfiguration
│          │  ├      name: SpeakerLabelingConfiguration
│          │  └ properties
│          │     └ State: string (required)
│          └[+]  type TranscriptConfiguration
│             ├      name: TranscriptConfiguration
│             └ properties
│                ├ SpeakerLabeling: SpeakerLabelingConfiguration
│                └ ChannelLabeling: ChannelLabelingConfiguration
├[~] service aws-bedrockagentcore
│ └ resources
│    ├[~]  resource AWS::BedrockAgentCore::BrowserCustom
│    │  ├      - documentation: Resource definition for AWS::BedrockAgentCore::BrowserCustom
│    │  │      + documentation: > Amazon Bedrock AgentCore is in preview release and is subject to change. 
│    │  │      AgentCore Browser tool provides a fast, secure, cloud-based browser runtime to enable AI agents to interact with websites at scale.
│    │  │      For more information about using the custom browser, see [Interact with web applications using Amazon Bedrock AgentCore Browser](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/browser-tool.html) .
│    │  │      See the *Properties* section below for descriptions of both the required and optional properties.
│    │  ├ properties
│    │  │  ├ Description: (documentation changed)
│    │  │  ├ ExecutionRoleArn: (documentation changed)
│    │  │  ├ Name: (documentation changed)
│    │  │  ├ NetworkConfiguration: (documentation changed)
│    │  │  ├ RecordingConfig: (documentation changed)
│    │  │  └ Tags: (documentation changed)
│    │  ├ attributes
│    │  │  ├ BrowserArn: (documentation changed)
│    │  │  ├ BrowserId: (documentation changed)
│    │  │  ├ CreatedAt: (documentation changed)
│    │  │  ├ LastUpdatedAt: (documentation changed)
│    │  │  └ Status: (documentation changed)
│    │  └ types
│    │     ├[~] type BrowserNetworkConfiguration
│    │     │ ├      - documentation: Network configuration for browser
│    │     │ │      + documentation: The network configuration.
│    │     │ └ properties
│    │     │    └ NetworkMode: (documentation changed)
│    │     ├[~] type RecordingConfig
│    │     │ ├      - documentation: Recording configuration for browser
│    │     │ │      + documentation: The recording configuration.
│    │     │ └ properties
│    │     │    ├ Enabled: (documentation changed)
│    │     │    └ S3Location: (documentation changed)
│    │     └[~] type S3Location
│    │       ├      - documentation: S3 Location Configuration
│    │       │      + documentation: The S3 location.
│    │       └ properties
│    │          ├ Bucket: (documentation changed)
│    │          └ Prefix: (documentation changed)
│    ├[~]  resource AWS::BedrockAgentCore::CodeInterpreterCustom
│    │  ├      - documentation: Resource definition for AWS::BedrockAgentCore::CodeInterpreterCustom
│    │  │      + documentation: > Amazon Bedrock AgentCore is in preview release and is subject to change. 
│    │  │      The AgentCore Code Interpreter tool enables agents to securely execute code in isolated sandbox environments. It offers advanced configuration support and seamless integration with popular frameworks.
│    │  │      For more information about using the custom code interpreter, see [Execute code and analyze data using Amazon Bedrock AgentCore Code Interpreter](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/code-interpreter-tool.html) .
│    │  │      See the *Properties* section below for descriptions of both the required and optional properties.
│    │  ├ properties
│    │  │  ├ Description: (documentation changed)
│    │  │  ├ ExecutionRoleArn: (documentation changed)
│    │  │  ├ Name: (documentation changed)
│    │  │  ├ NetworkConfiguration: (documentation changed)
│    │  │  └ Tags: (documentation changed)
│    │  ├ attributes
│    │  │  ├ CodeInterpreterArn: (documentation changed)
│    │  │  ├ CodeInterpreterId: (documentation changed)
│    │  │  ├ CreatedAt: (documentation changed)
│    │  │  ├ LastUpdatedAt: (documentation changed)
│    │  │  └ Status: (documentation changed)
│    │  └ types
│    │     └[~] type CodeInterpreterNetworkConfiguration
│    │       ├      - documentation: Network configuration for code interpreter
│    │       │      + documentation: The network configuration.
│    │       └ properties
│    │          └ NetworkMode: (documentation changed)
│    ├[~]  resource AWS::BedrockAgentCore::Runtime
│    │  ├      - documentation: Resource Type definition for AWS::BedrockAgentCore::Runtime
│    │  │      + documentation: > Amazon Bedrock AgentCore is in preview release and is subject to change. 
│    │  │      Contains information about an agent runtime. An agent runtime is the execution environment for a Amazon Bedrock Agent.
│    │  │      AgentCore Runtime is a secure, serverless runtime purpose-built for deploying and scaling dynamic AI agents and tools using any open-source framework including LangGraph, CrewAI, and Strands Agents, any protocol, and any model.
│    │  │      For more information about using agent runtime in Amazon Bedrock AgentCore, see [Host agent or tools with Amazon Bedrock AgentCore Runtime](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/agents-tools-runtime.html) .
│    │  │      See the *Properties* section below for descriptions of both the required and optional properties.
│    │  ├ properties
│    │  │  ├ AgentRuntimeArtifact: (documentation changed)
│    │  │  ├ AgentRuntimeName: (documentation changed)
│    │  │  ├ AuthorizerConfiguration: (documentation changed)
│    │  │  ├ Description: (documentation changed)
│    │  │  ├ EnvironmentVariables: (documentation changed)
│    │  │  ├ NetworkConfiguration: (documentation changed)
│    │  │  ├ ProtocolConfiguration: (documentation changed)
│    │  │  ├ RoleArn: (documentation changed)
│    │  │  └ Tags: (documentation changed)
│    │  ├ attributes
│    │  │  ├ AgentRuntimeArn: (documentation changed)
│    │  │  ├ AgentRuntimeId: (documentation changed)
│    │  │  ├ AgentRuntimeVersion: (documentation changed)
│    │  │  ├ CreatedAt: (documentation changed)
│    │  │  ├ LastUpdatedAt: (documentation changed)
│    │  │  └ Status: (documentation changed)
│    │  └ types
│    │     ├[~] type AgentRuntimeArtifact
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: The artifact of the agent.
│    │     │ └ properties
│    │     │    └ ContainerConfiguration: (documentation changed)
│    │     ├[~] type AuthorizerConfiguration
│    │     │ ├      - documentation: Configuration for the authorizer
│    │     │ │      + documentation: The authorizer configuration.
│    │     │ └ properties
│    │     │    └ CustomJWTAuthorizer: (documentation changed)
│    │     ├[~] type ContainerConfiguration
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: The container configuration.
│    │     │ └ properties
│    │     │    └ ContainerUri: (documentation changed)
│    │     ├[~] type CustomJWTAuthorizerConfiguration
│    │     │ └ properties
│    │     │    ├ AllowedAudience: (documentation changed)
│    │     │    ├ AllowedClients: (documentation changed)
│    │     │    └ DiscoveryUrl: (documentation changed)
│    │     ├[~] type NetworkConfiguration
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: The network configuration for the agent.
│    │     │ └ properties
│    │     │    └ NetworkMode: (documentation changed)
│    │     └[~] type WorkloadIdentityDetails
│    │       ├      - documentation: Configuration for workload identity
│    │       │      + documentation: The workload identity details for the agent.
│    │       └ properties
│    │          └ WorkloadIdentityArn: (documentation changed)
│    └[~]  resource AWS::BedrockAgentCore::RuntimeEndpoint
│       ├      - documentation: Resource definition for AWS::BedrockAgentCore::RuntimeEndpoint
│       │      + documentation: > Amazon Bedrock AgentCore is in preview release and is subject to change. 
│       │      AgentCore Runtime is a secure, serverless runtime purpose-built for deploying and scaling dynamic AI agents and tools using any open-source framework including LangGraph, CrewAI, and Strands Agents, any protocol, and any model.
│       │      For more information about using agent runtime endpoints in Amazon Bedrock AgentCore, see [AgentCore Runtime versioning and endpoints](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/agent-runtime-versioning.html) .
│       │      See the *Properties* section below for descriptions of both the required and optional properties.
│       ├ properties
│       │  ├ AgentRuntimeId: (documentation changed)
│       │  ├ AgentRuntimeVersion: (documentation changed)
│       │  ├ Description: (documentation changed)
│       │  ├ Name: (documentation changed)
│       │  └ Tags: (documentation changed)
│       └ attributes
│          ├ AgentRuntimeArn: (documentation changed)
│          ├ AgentRuntimeEndpointArn: (documentation changed)
│          ├ CreatedAt: (documentation changed)
│          ├ FailureReason: (documentation changed)
│          ├ Id: (documentation changed)
│          ├ LastUpdatedAt: (documentation changed)
│          ├ LiveVersion: (documentation changed)
│          ├ Status: (documentation changed)
│          └ TargetVersion: (documentation changed)
├[~] service aws-connect
│ └ resources
│    ├[~]  resource AWS::Connect::RoutingProfile
│    │  ├ properties
│    │  │  └ ManualAssignmentQueueConfigs: (documentation changed)
│    │  └ types
│    │     └[~] type RoutingProfileManualAssignmentQueueConfig
│    │       ├      - documentation: Contains information about the manual assignment queue and channel
│    │       │      + documentation: Contains information about the queue and channel for manual assignment behaviour can be enabled.
│    │       └ properties
│    │          └ QueueReference: (documentation changed)
│    └[~]  resource AWS::Connect::User
│       └ types
│          └[~] type UserPhoneConfig
│            └ properties
│               └ PersistentConnection: (documentation changed)
├[~] service aws-cur
│ └ resources
│    └[~]  resource AWS::CUR::ReportDefinition
│       └ properties
│          └ Tags: (documentation changed)
├[~] service aws-datasync
│ └ resources
│    ├[~]  resource AWS::DataSync::LocationEFS
│    │  └      - arnTemplate: undefined
│    │         + arnTemplate: arn:${Partition}:datasync:${Region}:${AccountId}:location/${LocationId}
│    ├[~]  resource AWS::DataSync::LocationS3
│    │  └      - arnTemplate: arn:${Partition}:datasync:${Region}:${AccountId}:location/${LocationId}
│    │         + arnTemplate: undefined
│    └[~]  resource AWS::DataSync::LocationSMB
│       ├ properties
│       │  ├ CmkSecretConfig: (documentation changed)
│       │  └ CustomSecretConfig: (documentation changed)
│       ├ attributes
│       │  └ CmkSecretConfig.SecretArn: (documentation changed)
│       └ types
│          ├[~] type CmkSecretConfig
│          │ ├      - documentation: Specifies configuration information for a DataSync-managed secret, such as a password or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
│          │ │      + documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .
│          │ │      > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
│          │ └ properties
│          │    ├ KmsKeyArn: (documentation changed)
│          │    └ SecretArn: (documentation changed)
│          ├[~] type CustomSecretConfig
│          │ ├      - documentation: Specifies configuration information for a customer-managed secret, such as a password or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
│          │ │      + documentation: Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
│          │ │      > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
│          │ └ properties
│          │    ├ SecretAccessRoleArn: (documentation changed)
│          │    └ SecretArn: (documentation changed)
│          └[~] type ManagedSecretConfig
│            └      - documentation: Specifies configuration information for a DataSync-managed secret, such as a password or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager.
│                   + documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS -managed KMS key to encrypt this secret in AWS Secrets Manager .
├[~] service aws-datazone
│ └ resources
│    ├[~]  resource AWS::DataZone::FormType
│    │  ├      - documentation: Create and manage form types in Amazon Datazone
│    │  │      + documentation: The details of the metadata form type.
│    │  ├ properties
│    │  │  ├ Description: (documentation changed)
│    │  │  ├ DomainIdentifier: (documentation changed)
│    │  │  ├ Model: (documentation changed)
│    │  │  ├ Name: (documentation changed)
│    │  │  ├ OwningProjectIdentifier: (documentation changed)
│    │  │  └ Status: (documentation changed)
│    │  └ attributes
│    │     ├ CreatedAt: (documentation changed)
│    │     ├ CreatedBy: (documentation changed)
│    │     ├ DomainId: (documentation changed)
│    │     ├ FormTypeIdentifier: (documentation changed)
│    │     ├ OwningProjectId: (documentation changed)
│    │     └ Revision: (documentation changed)
│    └[~]  resource AWS::DataZone::Owner
│       └ attributes
│          ├ OwnerIdentifier: (documentation changed)
│          └ OwnerType: (documentation changed)
├[~] service aws-directoryservice
│ └ resources
│    └[~]  resource AWS::DirectoryService::MicrosoftAD
│       └      - arnTemplate: arn:${Partition}:ds:${Region}:${Account}:directory/${DirectoryId}
│              + arnTemplate: arn:${Partition}:ds:${Region}:${Account}:${DirectoryId}
├[~] service aws-dms
│ └ resources
│    └[~]  resource AWS::DMS::InstanceProfile
│       └ properties
│          └ KmsKeyArn: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    ├[~]  resource AWS::EC2::EC2Fleet
│    │  └ types
│    │     └[~] type EbsBlockDevice
│    │       └ properties
│    │          ├ Iops: (documentation changed)
│    │          └ VolumeSize: (documentation changed)
│    ├[~]  resource AWS::EC2::LaunchTemplate
│    │  └ types
│    │     └[~] type Ebs
│    │       └ properties
│    │          ├ Iops: (documentation changed)
│    │          ├ Throughput: (documentation changed)
│    │          └ VolumeSize: (documentation changed)
│    ├[+]  resource AWS::EC2::LocalGatewayVirtualInterface
│    │  ├      name: LocalGatewayVirtualInterface
│    │  │      cloudFormationType: AWS::EC2::LocalGatewayVirtualInterface
│    │  │      documentation: Describes a local gateway virtual interface.
│    │  │      tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│    │  │      arnTemplate: arn:${Partition}:ec2:${Region}:${Account}:local-gateway-virtual-interface/${LocalGatewayVirtualInterfaceId}
│    │  ├ properties
│    │  │  ├ LocalGatewayVirtualInterfaceGroupId: string (required, immutable)
│    │  │  ├ OutpostLagId: string (required, immutable)
│    │  │  ├ Vlan: integer (required, immutable)
│    │  │  ├ LocalAddress: string (required, immutable)
│    │  │  ├ PeerAddress: string (required, immutable)
│    │  │  ├ PeerBgpAsn: integer (immutable)
│    │  │  ├ PeerBgpAsnExtended: integer (immutable)
│    │  │  └ Tags: Array<tag>
│    │  └ attributes
│    │     ├ LocalGatewayVirtualInterfaceId: string
│    │     ├ LocalGatewayId: string
│    │     ├ LocalBgpAsn: integer
│    │     ├ OwnerId: string
│    │     └ ConfigurationState: string
│    ├[+]  resource AWS::EC2::LocalGatewayVirtualInterfaceGroup
│    │  ├      name: LocalGatewayVirtualInterfaceGroup
│    │  │      cloudFormationType: AWS::EC2::LocalGatewayVirtualInterfaceGroup
│    │  │      documentation: Describes a local gateway virtual interface group.
│    │  │      tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│    │  │      arnTemplate: arn:${Partition}:ec2:${Region}:${Account}:local-gateway-virtual-interface-group/${LocalGatewayVirtualInterfaceGroupId}
│    │  ├ properties
│    │  │  ├ LocalGatewayId: string (required, immutable)
│    │  │  ├ LocalBgpAsn: integer (immutable)
│    │  │  ├ LocalBgpAsnExtended: integer (immutable)
│    │  │  └ Tags: Array<tag>
│    │  └ attributes
│    │     ├ LocalGatewayVirtualInterfaceGroupArn: string
│    │     ├ LocalGatewayVirtualInterfaceGroupId: string
│    │     ├ LocalGatewayVirtualInterfaceIds: Array<string>
│    │     ├ OwnerId: string
│    │     └ ConfigurationState: string
│    ├[~]  resource AWS::EC2::SpotFleet
│    │  └ types
│    │     └[~] type EbsBlockDevice
│    │       └ properties
│    │          ├ Iops: (documentation changed)
│    │          └ VolumeSize: (documentation changed)
│    ├[~]  resource AWS::EC2::TransitGatewayPeeringAttachment
│    │  └      - arnTemplate: undefined
│    │         + arnTemplate: arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-attachment/${TransitGatewayAttachmentId}
│    ├[~]  resource AWS::EC2::TransitGatewayVpcAttachment
│    │  └      - arnTemplate: arn:${Partition}:ec2:${Region}:${Account}:transit-gateway-attachment/${TransitGatewayAttachmentId}
│    │         + arnTemplate: undefined
│    ├[~]  resource AWS::EC2::Volume
│    │  └ properties
│    │     ├ Iops: (documentation changed)
│    │     └ Size: (documentation changed)
│    └[~]  resource AWS::EC2::VPCEndpoint
│       └ properties
│          └ PolicyDocument: (documentation changed)
├[~] service aws-ecs
│ └ resources
│    └[~]  resource AWS::ECS::CapacityProvider
│       ├ properties
│       │  ├[+] ClusterName: string (immutable)
│       │  └[+] ManagedInstancesProvider: ManagedInstancesProvider
│       └ types
│          ├[+]  type AcceleratorCountRequest
│          │  ├      name: AcceleratorCountRequest
│          │  └ properties
│          │     ├ Min: integer
│          │     └ Max: integer
│          ├[+]  type AcceleratorTotalMemoryMiBRequest
│          │  ├      name: AcceleratorTotalMemoryMiBRequest
│          │  └ properties
│          │     ├ Min: integer
│          │     └ Max: integer
│          ├[+]  type BaselineEbsBandwidthMbpsRequest
│          │  ├      name: BaselineEbsBandwidthMbpsRequest
│          │  └ properties
│          │     ├ Min: integer
│          │     └ Max: integer
│          ├[+]  type InstanceLaunchTemplate
│          │  ├      name: InstanceLaunchTemplate
│          │  └ properties
│          │     ├ Ec2InstanceProfileArn: string (required)
│          │     ├ StorageConfiguration: ManagedInstancesStorageConfiguration
│          │     ├ NetworkConfiguration: ManagedInstancesNetworkConfiguration (required)
│          │     ├ InstanceRequirements: InstanceRequirementsRequest
│          │     └ Monitoring: string
│          ├[+]  type InstanceRequirementsRequest
│          │  ├      name: InstanceRequirementsRequest
│          │  └ properties
│          │     ├ LocalStorageTypes: Array<string>
│          │     ├ InstanceGenerations: Array<string>
│          │     ├ NetworkInterfaceCount: NetworkInterfaceCountRequest
│          │     ├ MemoryGiBPerVCpu: MemoryGiBPerVCpuRequest
│          │     ├ AcceleratorTypes: Array<string>
│          │     ├ VCpuCount: VCpuCountRangeRequest (required)
│          │     ├ ExcludedInstanceTypes: Array<string>
│          │     ├ AcceleratorManufacturers: Array<string>
│          │     ├ AllowedInstanceTypes: Array<string>
│          │     ├ LocalStorage: string
│          │     ├ CpuManufacturers: Array<string>
│          │     ├ NetworkBandwidthGbps: NetworkBandwidthGbpsRequest
│          │     ├ AcceleratorCount: AcceleratorCountRequest
│          │     ├ BareMetal: string
│          │     ├ RequireHibernateSupport: boolean
│          │     ├ MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: integer
│          │     ├ SpotMaxPricePercentageOverLowestPrice: integer
│          │     ├ BaselineEbsBandwidthMbps: BaselineEbsBandwidthMbpsRequest
│          │     ├ OnDemandMaxPricePercentageOverLowestPrice: integer
│          │     ├ AcceleratorNames: Array<string>
│          │     ├ AcceleratorTotalMemoryMiB: AcceleratorTotalMemoryMiBRequest
│          │     ├ BurstablePerformance: string
│          │     ├ MemoryMiB: MemoryMiBRequest (required)
│          │     └ TotalLocalStorageGB: TotalLocalStorageGBRequest
│          ├[+]  type ManagedInstancesNetworkConfiguration
│          │  ├      name: ManagedInstancesNetworkConfiguration
│          │  └ properties
│          │     ├ SecurityGroups: Array<string>
│          │     └ Subnets: Array<string> (required)
│          ├[+]  type ManagedInstancesProvider
│          │  ├      name: ManagedInstancesProvider
│          │  └ properties
│          │     ├ InfrastructureRoleArn: string (required)
│          │     ├ PropagateTags: string
│          │     └ InstanceLaunchTemplate: InstanceLaunchTemplate (required)
│          ├[+]  type ManagedInstancesStorageConfiguration
│          │  ├      name: ManagedInstancesStorageConfiguration
│          │  └ properties
│          │     └ StorageSizeGiB: integer (required)
│          ├[+]  type MemoryGiBPerVCpuRequest
│          │  ├      name: MemoryGiBPerVCpuRequest
│          │  └ properties
│          │     ├ Min: number
│          │     └ Max: number
│          ├[+]  type MemoryMiBRequest
│          │  ├      name: MemoryMiBRequest
│          │  └ properties
│          │     ├ Min: integer (required)
│          │     └ Max: integer
│          ├[+]  type NetworkBandwidthGbpsRequest
│          │  ├      name: NetworkBandwidthGbpsRequest
│          │  └ properties
│          │     ├ Min: number
│          │     └ Max: number
│          ├[+]  type NetworkInterfaceCountRequest
│          │  ├      name: NetworkInterfaceCountRequest
│          │  └ properties
│          │     ├ Min: integer
│          │     └ Max: integer
│          ├[+]  type TotalLocalStorageGBRequest
│          │  ├      name: TotalLocalStorageGBRequest
│          │  └ properties
│          │     ├ Min: number
│          │     └ Max: number
│          └[+]  type VCpuCountRangeRequest
│             ├      name: VCpuCountRangeRequest
│             └ properties
│                ├ Min: integer (required)
│                └ Max: integer
├[~] service aws-elasticloadbalancingv2
│ └ resources
│    └[~]  resource AWS::ElasticLoadBalancingV2::ListenerRule
│       └      - arnTemplate: arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener-rule/${LoadBalancerType}/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}/${ListenerRuleId}
│              + arnTemplate: arn:${Partition}:elasticloadbalancing:${Region}:${Account}:listener-rule/net/${LoadBalancerName}/${LoadBalancerId}/${ListenerId}/${ListenerRuleId}
├[~] service aws-events
│ └ resources
│    └[~]  resource AWS::Events::Rule
│       └      - arnTemplate: arn:${Partition}:events:${Region}:${Account}:rule/[${EventBusName}/]${RuleName}
│              + arnTemplate: arn:${Partition}:events:${Region}:${Account}:rule/${RuleName}
├[~] service aws-imagebuilder
│ └ resources
│    └[~]  resource AWS::ImageBuilder::Image
│       └      - arnTemplate: arn:${Partition}:imagebuilder:${Region}:${Account}:image/${ImageName}/${ImageVersion}/${ImageBuildVersion}
│              + arnTemplate: arn:${Partition}:imagebuilder:${Region}:${Account}:image/${ImageName}/${ImageVersion}
├[~] service aws-iot
│ └ resources
│    └[~]  resource AWS::IoT::DomainConfiguration
│       └      - arnTemplate: arn:${Partition}:iot:${Region}:${Account}:domainconfiguration/${DomainConfigurationName}/${Id}
│              + arnTemplate: arn:${Partition}:iot:${Region}:${Account}:domainconfiguration/${DomainConfigurationName}
├[~] service aws-iotwireless
│ └ resources
│    └[~]  resource AWS::IoTWireless::WirelessDeviceImportTask
│       └      - arnTemplate: arn:${Partition}:iotwireless:${Region}:${Account}:WirelessDeviceImportTask/${WirelessDeviceImportTaskId}
│              + arnTemplate: arn:${Partition}:iotwireless:${Region}:${Account}:ImportTask/${ImportTaskId}
├[~] service aws-msk
│ └ resources
│    └[~]  resource AWS::MSK::ClusterPolicy
│       └ properties
│          └ Policy: (documentation changed)
├[~] service aws-networkfirewall
│ └ resources
│    └[~]  resource AWS::NetworkFirewall::RuleGroup
│       ├      - arnTemplate: arn:${Partition}:network-firewall:${Region}:${Account}:stateful-rulegroup/${Name}
│       │      + arnTemplate: arn:${Partition}:network-firewall:${Region}:${Account}:stateless-rulegroup/${Name}
│       └ types
│          └[~] type RulesSourceList
│            └ properties
│               └ GeneratedRulesType: (documentation changed)
├[~] service aws-pinpoint
│ └ resources
│    └[~]  resource AWS::Pinpoint::InAppTemplate
│       └      - arnTemplate: undefined
│              + arnTemplate: arn:${Partition}:mobiletargeting:${Region}:${Account}:templates
├[~] service aws-quicksight
│ └ resources
│    └[~]  resource AWS::QuickSight::CustomPermissions
│       └ types
│          └[~] type Capabilities
│            └ properties
│               ├ Analysis: (documentation changed)
│               └ Dashboard: (documentation changed)
├[~] service aws-rds
│ └ resources
│    ├[~]  resource AWS::RDS::DBCluster
│    │  └ properties
│    │     └ MasterUserAuthenticationType: (documentation changed)
│    ├[~]  resource AWS::RDS::DBInstance
│    │  └ properties
│    │     └ MasterUserAuthenticationType: (documentation changed)
│    ├[~]  resource AWS::RDS::DBProxy
│    │  └ properties
│    │     ├ DefaultAuthScheme: (documentation changed)
│    │     ├ EndpointNetworkType: (documentation changed)
│    │     └ TargetConnectionNetworkType: (documentation changed)
│    └[~]  resource AWS::RDS::DBProxyEndpoint
│       └ properties
│          └ EndpointNetworkType: (documentation changed)
├[~] service aws-redshift
│ └ resources
│    └[~]  resource AWS::Redshift::ClusterSecurityGroupIngress
│       └      - arnTemplate: arn:${Partition}:redshift:${Region}:${Account}:securitygroupingress:${SecurityGroupName}/ec2securitygroup/${Owner}/${Ece2SecuritygroupId}
│              + arnTemplate: arn:${Partition}:redshift:${Region}:${Account}:securitygroupingress:${SecurityGroupName}/cidrip/${IpRange}
├[~] service aws-route53
│ └ resources
│    └[~]  resource AWS::Route53::RecordSet
│       └ types
│          └[~] type AliasTarget
│            └ properties
│               └ EvaluateTargetHealth: (documentation changed)
├[~] service aws-servicecatalog
│ └ resources
│    └[~]  resource AWS::ServiceCatalog::PortfolioPrincipalAssociation
│       └ properties
│          ├ PortfolioId: - string (immutable)
│          │              + string (required, immutable)
│          └ PrincipalARN: - string (immutable)
│                          + string (required, immutable)
└[~] service aws-xray
  └ resources
     └[~]  resource AWS::XRay::Group
        └      - arnTemplate: arn:${Partition}:xray:${Region}:${AccountId}:group/${GroupName}/${Id}
               + arnTemplate: arn:${Partition}:xray:${Region}:${AccountId}:group/${GroupName}

CHANGES TO L1 RESOURCES: L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-servicecatalog: AWS::ServiceCatalog::PortfolioPrincipalAssociation: PortfolioId property is now required.
aws-servicecatalog: AWS::ServiceCatalog::PortfolioPrincipalAssociation: PrincipalARN property is now required.

@aws-cdk-automation @github-actions
feat: update L1 CloudFormation resource definitions
9e0c773 
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
@aws-cdk-automation aws-cdk-automation added contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes pr-linter/exempt-integ-test The PR linter will not require integ test changes labels Oct 1, 2025
@aws-cdk-automation aws-cdk-automation requested a review from a team October 1, 2025 08:26
@github-actions github-actions bot added the p2 label Oct 1, 2025
@aws-cdk-automation aws-cdk-automation requested a review from a team October 1, 2025 08:26
@vishaalmehrishi
Copy link
Contributor

vishaalmehrishi commented Oct 1, 2025
edited
Loading

This PR is the result of a manually-triggered workflow run to import the AWS::ECS::CapacityProvider spec update.

@vishaalmehrishi
Copy link
Contributor

vishaalmehrishi commented Oct 1, 2025

Added the breaking changes announcement to the PR description.

@mergify
Copy link
Contributor

mergify bot commented Oct 1, 2025

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@vishaalmehrishi vishaalmehrishi merged commit 860ce0d into main Oct 1, 2025
91 of 92 checks passed
@vishaalmehrishi vishaalmehrishi deleted the automation/spec-update branch October 1, 2025 08:57
@github-actions
Copy link
Contributor

github-actions bot commented Oct 1, 2025

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 1, 2025
@vishaalmehrishi vishaalmehrishi self-assigned this Oct 1, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@vishaalmehrishi vishaalmehrishi vishaalmehrishi approved these changes

Assignees

@vishaalmehrishi vishaalmehrishi

Labels

contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. p2 pr-linter/exempt-integ-test The PR linter will not require integ test changes pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aws-cdk-automation @vishaalmehrishi