Skip to content

feat(sources): update documentation #2199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aws-cdk-automation merged 1 commit into from
Nov 11, 2025
Merged

feat(sources): update documentation #2199

aws-cdk-automation merged 1 commit into from
Nov 11, 2025

Conversation

@aws-cdk-automation
Copy link
Contributor

@aws-cdk-automation aws-cdk-automation commented Nov 11, 2025

⚠️ This Pull Request updates daily and will overwrite all manual changes pushed to the branch

Updates the documentation source from upstream. See details in workflow run.

Automatically created by projen via the "update-source-documentation" workflow

@github-actions
feat(sources): update documentation
2025c88 
> ⚠️ This Pull Request updates daily and will overwrite **all** manual changes pushed to the branch

Updates the documentation source from upstream. See details in [workflow run].

[Workflow Run]: https://github.com/cdklabs/awscdk-service-spec/actions/runs/19254046098

------

*Automatically created by projen via the "update-source-documentation" workflow*

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@github-actions
Copy link
Contributor

github-actions bot commented Nov 11, 2025

To work on this Pull Request, please create a new branch and PR. This prevents your work from being deleted by the automation.

Run the following commands inside the repo:

gh co 2199
git switch -c fix-pr-2199 && git push -u origin HEAD
gh pr create -t "fix: PR #2199" --body "Fixes https://github.com/cdklabs/awscdk-service-spec/pull/2199"

@github-actions
Copy link
Contributor

github-actions bot commented Nov 11, 2025

@aws-cdk/aws-service-spec: Model database diff detected
📁 Download full diff

├[~] service aws-config
│ └ resources
│    └[~]  resource AWS::Config::ConfigurationRecorder
│       └ properties
│          └ RoleARN: (documentation changed)
├[~] service aws-connect
│ └ resources
│    └[~]  resource AWS::Connect::EvaluationForm
│       ├ properties
│       │  └ AutoEvaluationConfiguration: (documentation changed)
│       └ types
│          ├[~] type AutoEvaluationConfiguration
│          │ └      - documentation: undefined
│          │        + documentation: Configuration information about automated evaluations.
│          ├[~] type AutomaticFailConfiguration
│          │ ├      - documentation: undefined
│          │ │      + documentation: Information about automatic fail configuration for an evaluation form.
│          │ └ properties
│          │    └ TargetSection: (documentation changed)
│          ├[~] type EvaluationFormItemEnablementCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A condition for item enablement.
│          │ └ properties
│          │    ├ Operands: (documentation changed)
│          │    └ Operator: (documentation changed)
│          ├[~] type EvaluationFormItemEnablementConditionOperand
│          │ ├      - documentation: undefined
│          │ │      + documentation: An operand of the enablement condition.
│          │ └ properties
│          │    └ Expression: (documentation changed)
│          ├[~] type EvaluationFormItemEnablementConfiguration
│          │ ├      - documentation: undefined
│          │ │      + documentation: An item enablement configuration.
│          │ └ properties
│          │    ├ Action: (documentation changed)
│          │    ├ Condition: (documentation changed)
│          │    └ DefaultAction: (documentation changed)
│          ├[~] type EvaluationFormItemEnablementExpression
│          │ ├      - documentation: undefined
│          │ │      + documentation: An expression that defines a basic building block of conditional enablement.
│          │ └ properties
│          │    ├ Comparator: (documentation changed)
│          │    ├ Source: (documentation changed)
│          │    └ Values: (documentation changed)
│          ├[~] type EvaluationFormItemEnablementSource
│          │ ├      - documentation: undefined
│          │ │      + documentation: An enablement expression source item.
│          │ └ properties
│          │    ├ RefId: (documentation changed)
│          │    └ Type: (documentation changed)
│          ├[~] type EvaluationFormItemEnablementSourceValue
│          │ ├      - documentation: undefined
│          │ │      + documentation: An enablement expression source value.
│          │ └ properties
│          │    ├ RefId: (documentation changed)
│          │    └ Type: (documentation changed)
│          ├[~] type EvaluationFormNumericQuestionAutomation
│          │ └ properties
│          │    └ AnswerSource: (documentation changed)
│          ├[~] type EvaluationFormNumericQuestionOption
│          │ └ properties
│          │    └ AutomaticFailConfiguration: (documentation changed)
│          ├[~] type EvaluationFormQuestion
│          │ └ properties
│          │    └ Enablement: (documentation changed)
│          ├[~] type EvaluationFormQuestionAutomationAnswerSource
│          │ ├      - documentation: undefined
│          │ │      + documentation: A question automation answer.
│          │ └ properties
│          │    └ SourceType: (documentation changed)
│          ├[~] type EvaluationFormQuestionTypeProperties
│          │ └ properties
│          │    └ Text: (documentation changed)
│          ├[~] type EvaluationFormSingleSelectQuestionAutomation
│          │ └ properties
│          │    └ AnswerSource: (documentation changed)
│          ├[~] type EvaluationFormSingleSelectQuestionOption
│          │ └ properties
│          │    └ AutomaticFailConfiguration: (documentation changed)
│          ├[~] type EvaluationFormTextQuestionAutomation
│          │ ├      - documentation: undefined
│          │ │      + documentation: Information about the automation configuration in text questions.
│          │ └ properties
│          │    └ AnswerSource: (documentation changed)
│          └[~] type EvaluationFormTextQuestionProperties
│            ├      - documentation: undefined
│            │      + documentation: Information about properties for a text question in an evaluation form.
│            └ properties
│               └ Automation: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    └[~]  resource AWS::EC2::Volume
│       └ properties
│          ├ AvailabilityZoneId: (documentation changed)
│          └ SourceVolumeId: (documentation changed)
├[~] service aws-kinesis
│ └ resources
│    └[~]  resource AWS::Kinesis::Stream
│       └ properties
│          └ MaxRecordSizeInKiB: (documentation changed)
├[~] service aws-macie
│ └ resources
│    └[~]  resource AWS::Macie::Session
│       └ properties
│          └ FindingPublishingFrequency: (documentation changed)
├[~] service aws-omics
│ └ resources
│    └[~]  resource AWS::Omics::AnnotationStore
│       └      - documentation: > AWS HealthOmics variant stores and annotation stores will no longer be open to new customers starting November 7, 2025. If you would like to use variant stores or annotation stores, sign up prior to that date. Existing customers can continue to use the service as normal. For more information, see [AWS HealthOmics variant store and annotation store availability change](https://docs.aws.amazon.com/omics/latest/dev/variant-store-availability-change.html) . 
│              Creates an annotation store.
│              + documentation: > AWS HealthOmics variant stores and annotation stores are no longer open to new customers. Existing customers can continue to use the service as normal. For more information, see [AWS HealthOmics variant store and annotation store availability change](https://docs.aws.amazon.com/omics/latest/dev/variant-store-availability-change.html) . 
│              Creates an annotation store.
├[~] service aws-quicksight
│ └ resources
│    └[~]  resource AWS::QuickSight::DataSet
│       ├ properties
│       │  ├ DataPrepConfiguration: (documentation changed)
│       │  └ SemanticModelConfiguration: (documentation changed)
│       └ types
│          ├[~] type AggregateOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that groups rows by specified columns and applies aggregation functions to calculate summary values.
│          │ └ properties
│          │    ├ Aggregations: (documentation changed)
│          │    ├ Alias: (documentation changed)
│          │    ├ GroupByColumnNames: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type Aggregation
│          │ ├      - documentation: undefined
│          │ │      + documentation: Defines an aggregation function to be applied to grouped data, creating a new column with the calculated result.
│          │ └ properties
│          │    ├ AggregationFunction: (documentation changed)
│          │    ├ NewColumnId: (documentation changed)
│          │    └ NewColumnName: (documentation changed)
│          ├[~] type AppendedColumn
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a column that will be included in the result of an append operation, combining data from multiple sources.
│          │ └ properties
│          │    ├ ColumnName: (documentation changed)
│          │    └ NewColumnId: (documentation changed)
│          ├[~] type AppendOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that combines rows from two data sources by stacking them vertically (union operation).
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ AppendedColumns: (documentation changed)
│          │    ├ FirstSource: (documentation changed)
│          │    └ SecondSource: (documentation changed)
│          ├[~] type CastColumnTypesOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that changes the data types of one or more columns in the dataset.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ CastColumnTypeOperations: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type ColumnToUnpivot
│          │ ├      - documentation: undefined
│          │ │      + documentation: Specifies a column to be unpivoted, transforming it from a column into rows with associated values.
│          │ └ properties
│          │    ├ ColumnName: (documentation changed)
│          │    └ NewValue: (documentation changed)
│          ├[~] type CreateColumnsOperation
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type DataPrepAggregationFunction
│          │ ├      - documentation: undefined
│          │ │      + documentation: Defines the type of aggregation function to apply to data during data preparation, supporting simple and list aggregations.
│          │ └ properties
│          │    ├ ListAggregation: (documentation changed)
│          │    └ SimpleAggregation: (documentation changed)
│          ├[~] type DataPrepConfiguration
│          │ ├      - documentation: undefined
│          │ │      + documentation: Configuration for data preparation operations, defining the complete pipeline from source tables through transformations to destination tables.
│          │ └ properties
│          │    ├ DestinationTableMap: (documentation changed)
│          │    ├ SourceTableMap: (documentation changed)
│          │    └ TransformStepMap: (documentation changed)
│          ├[~] type DataPrepListAggregationFunction
│          │ ├      - documentation: undefined
│          │ │      + documentation: An aggregation function that concatenates values from multiple rows into a single string with a specified separator.
│          │ └ properties
│          │    ├ Distinct: (documentation changed)
│          │    ├ InputColumnName: (documentation changed)
│          │    └ Separator: (documentation changed)
│          ├[~] type DataPrepSimpleAggregationFunction
│          │ ├      - documentation: undefined
│          │ │      + documentation: A simple aggregation function that performs standard statistical operations on a column.
│          │ └ properties
│          │    ├ FunctionType: (documentation changed)
│          │    └ InputColumnName: (documentation changed)
│          ├[~] type DataSetDateComparisonFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition that compares date values using operators like `BEFORE` , `AFTER` , or their inclusive variants.
│          │ └ properties
│          │    ├ Operator: (documentation changed)
│          │    └ Value: (documentation changed)
│          ├[~] type DataSetDateFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition for date columns, supporting both comparison and range-based filtering.
│          │ └ properties
│          │    ├ ColumnName: (documentation changed)
│          │    ├ ComparisonFilterCondition: (documentation changed)
│          │    └ RangeFilterCondition: (documentation changed)
│          ├[~] type DataSetDateFilterValue
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a date value used in filter conditions.
│          │ └ properties
│          │    └ StaticValue: (documentation changed)
│          ├[~] type DataSetDateRangeFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition that filters date values within a specified range.
│          │ └ properties
│          │    ├ IncludeMaximum: (documentation changed)
│          │    ├ IncludeMinimum: (documentation changed)
│          │    ├ RangeMaximum: (documentation changed)
│          │    └ RangeMinimum: (documentation changed)
│          ├[~] type DataSetNumericComparisonFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition that compares numeric values using operators like `EQUALS` , `GREATER_THAN` , or `LESS_THAN` .
│          │ └ properties
│          │    ├ Operator: (documentation changed)
│          │    └ Value: (documentation changed)
│          ├[~] type DataSetNumericFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition for numeric columns, supporting both comparison and range-based filtering.
│          │ └ properties
│          │    ├ ColumnName: (documentation changed)
│          │    ├ ComparisonFilterCondition: (documentation changed)
│          │    └ RangeFilterCondition: (documentation changed)
│          ├[~] type DataSetNumericFilterValue
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a numeric value used in filter conditions.
│          │ └ properties
│          │    └ StaticValue: (documentation changed)
│          ├[~] type DataSetNumericRangeFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition that filters numeric values within a specified range.
│          │ └ properties
│          │    ├ IncludeMaximum: (documentation changed)
│          │    ├ IncludeMinimum: (documentation changed)
│          │    ├ RangeMaximum: (documentation changed)
│          │    └ RangeMinimum: (documentation changed)
│          ├[~] type DataSetStringComparisonFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition that compares string values using operators like `EQUALS` , `CONTAINS` , or `STARTS_WITH` .
│          │ └ properties
│          │    ├ Operator: (documentation changed)
│          │    └ Value: (documentation changed)
│          ├[~] type DataSetStringFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition for string columns, supporting both comparison and list-based filtering.
│          │ └ properties
│          │    ├ ColumnName: (documentation changed)
│          │    ├ ComparisonFilterCondition: (documentation changed)
│          │    └ ListFilterCondition: (documentation changed)
│          ├[~] type DataSetStringFilterValue
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a string value used in filter conditions.
│          │ └ properties
│          │    └ StaticValue: (documentation changed)
│          ├[~] type DataSetStringListFilterCondition
│          │ ├      - documentation: undefined
│          │ │      + documentation: A filter condition that includes or excludes string values from a specified list.
│          │ └ properties
│          │    ├ Operator: (documentation changed)
│          │    └ Values: (documentation changed)
│          ├[~] type DataSetStringListFilterValue
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a list of string values used in filter conditions.
│          │ └ properties
│          │    └ StaticValues: (documentation changed)
│          ├[~] type DestinationTable
│          │ ├      - documentation: undefined
│          │ │      + documentation: Defines a destination table in data preparation that receives the final transformed data.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type DestinationTableSource
│          │ ├      - documentation: undefined
│          │ │      + documentation: Specifies the source of data for a destination table, including the transform operation and column mappings.
│          │ └ properties
│          │    └ TransformOperationId: (documentation changed)
│          ├[~] type FilterOperation
│          │ └ properties
│          │    ├ DateFilterCondition: (documentation changed)
│          │    ├ NumericFilterCondition: (documentation changed)
│          │    └ StringFilterCondition: (documentation changed)
│          ├[~] type FiltersOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that applies one or more filter conditions.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ FilterOperations: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type ImportTableOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that imports data from a source table.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type ImportTableOperationSource
│          │ ├      - documentation: undefined
│          │ │      + documentation: Specifies the source table and column mappings for an import table operation.
│          │ └ properties
│          │    ├ ColumnIdMappings: (documentation changed)
│          │    └ SourceTableId: (documentation changed)
│          ├[~] type InputColumn
│          │ └ properties
│          │    └ Id: (documentation changed)
│          ├[~] type JoinOperandProperties
│          │ ├      - documentation: undefined
│          │ │      + documentation: Properties that control how columns are handled for a join operand, including column name overrides.
│          │ └ properties
│          │    └ OutputColumnNameOverrides: (documentation changed)
│          ├[~] type JoinOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that combines data from two sources based on specified join conditions.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ LeftOperand: (documentation changed)
│          │    ├ LeftOperandProperties: (documentation changed)
│          │    ├ OnClause: (documentation changed)
│          │    ├ RightOperand: (documentation changed)
│          │    ├ RightOperandProperties: (documentation changed)
│          │    └ Type: (documentation changed)
│          ├[~] type OutputColumn
│          │ └ properties
│          │    └ Id: (documentation changed)
│          ├[~] type OutputColumnNameOverride
│          │ ├      - documentation: undefined
│          │ │      + documentation: Specifies a mapping to override the name of an output column from a transform operation.
│          │ └ properties
│          │    ├ OutputColumnName: (documentation changed)
│          │    └ SourceColumnName: (documentation changed)
│          ├[~] type ParentDataSet
│          │ ├      - documentation: undefined
│          │ │      + documentation: References a parent dataset that serves as a data source, including its columns and metadata.
│          │ └ properties
│          │    ├ DataSetArn: (documentation changed)
│          │    └ InputColumns: (documentation changed)
│          ├[~] type PhysicalTable
│          │ └ properties
│          │    └ SaaSTable: (documentation changed)
│          ├[~] type PivotConfiguration
│          │ ├      - documentation: undefined
│          │ │      + documentation: Configuration for a pivot operation, specifying which column contains labels and how to pivot them.
│          │ └ properties
│          │    ├ LabelColumnName: (documentation changed)
│          │    └ PivotedLabels: (documentation changed)
│          ├[~] type PivotedLabel
│          │ ├      - documentation: undefined
│          │ │      + documentation: Specifies a label value to be pivoted into a separate column, including the new column name and identifier.
│          │ └ properties
│          │    ├ LabelName: (documentation changed)
│          │    ├ NewColumnId: (documentation changed)
│          │    └ NewColumnName: (documentation changed)
│          ├[~] type PivotOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that pivots data by converting row values into columns.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ GroupByColumnNames: (documentation changed)
│          │    ├ PivotConfiguration: (documentation changed)
│          │    ├ Source: (documentation changed)
│          │    └ ValueColumnConfiguration: (documentation changed)
│          ├[~] type ProjectOperation
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type RenameColumnsOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that renames one or more columns in the dataset.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ RenameColumnOperations: (documentation changed)
│          │    └ Source: (documentation changed)
│          ├[~] type RowLevelPermissionConfiguration
│          │ └      - documentation: undefined
│          │        + documentation: Configuration for row level security.
│          ├[~] type SaaSTable
│          │ ├      - documentation: undefined
│          │ │      + documentation: A table from a Software-as-a-Service (SaaS) data source, including connection details and column definitions.
│          │ └ properties
│          │    ├ DataSourceArn: (documentation changed)
│          │    ├ InputColumns: (documentation changed)
│          │    └ TablePath: (documentation changed)
│          ├[~] type SemanticModelConfiguration
│          │ ├      - documentation: undefined
│          │ │      + documentation: Configuration for the semantic model that defines how prepared data is structured for analysis and reporting.
│          │ └ properties
│          │    └ TableMap: (documentation changed)
│          ├[~] type SemanticTable
│          │ ├      - documentation: undefined
│          │ │      + documentation: A semantic table that represents the final analytical structure of the data.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ DestinationTableId: (documentation changed)
│          │    └ RowLevelPermissionConfiguration: (documentation changed)
│          ├[~] type SourceTable
│          │ ├      - documentation: undefined
│          │ │      + documentation: A source table that provides initial data from either a physical table or parent dataset.
│          │ └ properties
│          │    ├ DataSet: (documentation changed)
│          │    └ PhysicalTableId: (documentation changed)
│          ├[~] type TablePathElement
│          │ ├      - documentation: undefined
│          │ │      + documentation: An element in the hierarchical path to a table within a data source, containing both name and identifier.
│          │ └ properties
│          │    ├ Id: (documentation changed)
│          │    └ Name: (documentation changed)
│          ├[~] type TransformOperationSource
│          │ ├      - documentation: undefined
│          │ │      + documentation: Specifies the source of data for a transform operation, including the source operation and column mappings.
│          │ └ properties
│          │    ├ ColumnIdMappings: (documentation changed)
│          │    └ TransformOperationId: (documentation changed)
│          ├[~] type TransformStep
│          │ ├      - documentation: undefined
│          │ │      + documentation: A step in data preparation that performs a specific operation on the data.
│          │ └ properties
│          │    ├ AggregateStep: (documentation changed)
│          │    ├ AppendStep: (documentation changed)
│          │    ├ CastColumnTypesStep: (documentation changed)
│          │    ├ FiltersStep: (documentation changed)
│          │    ├ ImportTableStep: (documentation changed)
│          │    ├ JoinStep: (documentation changed)
│          │    ├ PivotStep: (documentation changed)
│          │    ├ RenameColumnsStep: (documentation changed)
│          │    └ UnpivotStep: (documentation changed)
│          ├[~] type UnpivotOperation
│          │ ├      - documentation: undefined
│          │ │      + documentation: A transform operation that converts columns into rows, normalizing the data structure.
│          │ └ properties
│          │    ├ Alias: (documentation changed)
│          │    ├ ColumnsToUnpivot: (documentation changed)
│          │    ├ Source: (documentation changed)
│          │    ├ UnpivotedLabelColumnId: (documentation changed)
│          │    ├ UnpivotedLabelColumnName: (documentation changed)
│          │    ├ UnpivotedValueColumnId: (documentation changed)
│          │    └ UnpivotedValueColumnName: (documentation changed)
│          └[~] type ValueColumnConfiguration
│            ├      - documentation: undefined
│            │      + documentation: Configuration for how to handle value columns in pivot operations, including aggregation settings.
│            └ properties
│               └ AggregationFunction: (documentation changed)
├[~] service aws-refactorspaces
│ └ resources
│    ├[~]  resource AWS::RefactorSpaces::Application
│    │  └      - documentation: > AWS Migration Hub will no longer be open to new customers starting November 7, 2025. To continue using the service, sign up prior to November 7, 2025. For capabilities similar to AWS Migration Hub , explore [AWS Migration Hub](https://docs.aws.amazon.com/https://aws.amazon.com/transform) . 
│    │         Creates an AWS Migration Hub Refactor Spaces application. The account that owns the environment also owns the applications created inside the environment, regardless of the account that creates the application. Refactor Spaces provisions an Amazon API Gateway, API Gateway VPC link, and Network Load Balancer for the application proxy inside your account.
│    │         In environments created with a [CreateEnvironment:NetworkFabricType](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html#migrationhubrefactorspaces-CreateEnvironment-request-NetworkFabricType) of `NONE` you need to configure [VPC to VPC connectivity](https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/amazon-vpc-to-amazon-vpc-connectivity-options.html) between your service VPC and the application proxy VPC to route traffic through the application proxy to a service with a private URL endpoint. For more information, see [Create an application](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/getting-started-create-application.html) in the *Refactor Spaces User Guide* .
│    │         + documentation: > AWS Migration Hub is no longer open to new customers as of November 7, 2025. For capabilities similar to AWS Migration Hub , explore [AWS Migration Hub](https://docs.aws.amazon.com/https://aws.amazon.com/transform) . 
│    │         Creates an AWS Migration Hub Refactor Spaces application. The account that owns the environment also owns the applications created inside the environment, regardless of the account that creates the application. Refactor Spaces provisions an Amazon API Gateway, API Gateway VPC link, and Network Load Balancer for the application proxy inside your account.
│    │         In environments created with a [CreateEnvironment:NetworkFabricType](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html#migrationhubrefactorspaces-CreateEnvironment-request-NetworkFabricType) of `NONE` you need to configure [VPC to VPC connectivity](https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/amazon-vpc-to-amazon-vpc-connectivity-options.html) between your service VPC and the application proxy VPC to route traffic through the application proxy to a service with a private URL endpoint. For more information, see [Create an application](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/getting-started-create-application.html) in the *Refactor Spaces User Guide* .
│    ├[~]  resource AWS::RefactorSpaces::Environment
│    │  └      - documentation: > AWS Migration Hub will no longer be open to new customers starting November 7, 2025. To continue using the service, sign up prior to November 7, 2025. For capabilities similar to AWS Migration Hub , explore [AWS Migration Hub](https://docs.aws.amazon.com/https://aws.amazon.com/transform) . 
│    │         Creates an AWS Migration Hub Refactor Spaces environment. The caller owns the environment resource, and all Refactor Spaces applications, services, and routes created within the environment. They are referred to as the *environment owner* . The environment owner has cross-account visibility and control of Refactor Spaces resources that are added to the environment by other accounts that the environment is shared with.
│    │         When creating an environment with a [CreateEnvironment:NetworkFabricType](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html#migrationhubrefactorspaces-CreateEnvironment-request-NetworkFabricType) of `TRANSIT_GATEWAY` , Refactor Spaces provisions a transit gateway to enable services in VPCs to communicate directly across accounts. If [CreateEnvironment:NetworkFabricType](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html#migrationhubrefactorspaces-CreateEnvironment-request-NetworkFabricType) is `NONE` , Refactor Spaces does not create a transit gateway and you must use your network infrastructure to route traffic to services with private URL endpoints.
│    │         + documentation: > AWS Migration Hub is no longer open to new customers as of November 7, 2025. For capabilities similar to AWS Migration Hub , explore [AWS Migration Hub](https://docs.aws.amazon.com/https://aws.amazon.com/transform) . 
│    │         Creates an AWS Migration Hub Refactor Spaces environment. The caller owns the environment resource, and all Refactor Spaces applications, services, and routes created within the environment. They are referred to as the *environment owner* . The environment owner has cross-account visibility and control of Refactor Spaces resources that are added to the environment by other accounts that the environment is shared with.
│    │         When creating an environment with a [CreateEnvironment:NetworkFabricType](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html#migrationhubrefactorspaces-CreateEnvironment-request-NetworkFabricType) of `TRANSIT_GATEWAY` , Refactor Spaces provisions a transit gateway to enable services in VPCs to communicate directly across accounts. If [CreateEnvironment:NetworkFabricType](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/APIReference/API_CreateEnvironment.html#migrationhubrefactorspaces-CreateEnvironment-request-NetworkFabricType) is `NONE` , Refactor Spaces does not create a transit gateway and you must use your network infrastructure to route traffic to services with private URL endpoints.
│    └[~]  resource AWS::RefactorSpaces::Service
│       └      - documentation: > AWS Migration Hub will no longer be open to new customers starting November 7, 2025. To continue using the service, sign up prior to November 7, 2025. For capabilities similar to AWS Migration Hub , explore [AWS Migration Hub](https://docs.aws.amazon.com/https://aws.amazon.com/transform) . 
│              Creates an AWS Migration Hub Refactor Spaces service. The account owner of the service is always the environment owner, regardless of which account in the environment creates the service. Services have either a URL endpoint in a virtual private cloud (VPC), or a Lambda function endpoint.
│              > If an AWS resource is launched in a service VPC, and you want it to be accessible to all of an environment’s services with VPCs and routes, apply the `RefactorSpacesSecurityGroup` to the resource. Alternatively, to add more cross-account constraints, apply your own security group.
│              + documentation: > AWS Migration Hub is no longer open to new customers as of November 7, 2025. For capabilities similar to AWS Migration Hub , explore [AWS Migration Hub](https://docs.aws.amazon.com/https://aws.amazon.com/transform) . 
│              Creates an AWS Migration Hub Refactor Spaces service. The account owner of the service is always the environment owner, regardless of which account in the environment creates the service. Services have either a URL endpoint in a virtual private cloud (VPC), or a Lambda function endpoint.
│              > If an AWS resource is launched in a service VPC, and you want it to be accessible to all of an environment’s services with VPCs and routes, apply the `RefactorSpacesSecurityGroup` to the resource. Alternatively, to add more cross-account constraints, apply your own security group.
├[~] service aws-securityhub
│ └ resources
│    ├[~]  resource AWS::SecurityHub::AutomationRule
│    │  ├      - documentation: The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .
│    │  │      + documentation: The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *Security Hub User Guide* .
│    │  └ types
│    │     ├[~] type AutomationRulesAction
│    │     │ └      - documentation: One or more actions that AWS Security Hub takes when a finding matches the defined criteria of a rule.
│    │     │        + documentation: One or more actions that Security Hub takes when a finding matches the defined criteria of a rule.
│    │     ├[~] type AutomationRulesFindingFilters
│    │     │ └ properties
│    │     │    ├ Confidence: (documentation changed)
│    │     │    ├ CreatedAt: (documentation changed)
│    │     │    ├ Criticality: (documentation changed)
│    │     │    ├ FirstObservedAt: (documentation changed)
│    │     │    ├ LastObservedAt: (documentation changed)
│    │     │    ├ NoteUpdatedAt: (documentation changed)
│    │     │    ├ Type: (documentation changed)
│    │     │    └ UpdatedAt: (documentation changed)
│    │     ├[~] type DateFilter
│    │     │ └ properties
│    │     │    ├ End: (documentation changed)
│    │     │    └ Start: (documentation changed)
│    │     ├[~] type MapFilter
│    │     │ ├      - documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ │      + documentation: A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ └ properties
│    │     │    └ Comparison: (documentation changed)
│    │     └[~] type StringFilter
│    │       ├      - documentation: A string filter for filtering AWS Security Hub findings.
│    │       │      + documentation: A string filter for filtering Security Hub findings.
│    │       └ properties
│    │          └ Comparison: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::AutomationRuleV2
│    │  └ types
│    │     ├[~] type DateFilter
│    │     │ └ properties
│    │     │    ├ End: (documentation changed)
│    │     │    └ Start: (documentation changed)
│    │     ├[~] type MapFilter
│    │     │ ├      - documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ │      + documentation: A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ └ properties
│    │     │    └ Comparison: (documentation changed)
│    │     └[~] type StringFilter
│    │       ├      - documentation: A string filter for filtering AWS Security Hub findings.
│    │       │      + documentation: A string filter for filtering Security Hub findings.
│    │       └ properties
│    │          └ Comparison: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::ConfigurationPolicy
│    │  ├      - documentation: The `AWS::SecurityHub::ConfigurationPolicy` resource creates a central configuration policy with the defined settings. Only the AWS Security Hub delegated administrator can create this resource in the home Region. For more information, see [Central configuration in Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in the *AWS Security Hub User Guide* .
│    │  │      + documentation: The `AWS::SecurityHub::ConfigurationPolicy` resource creates a central configuration policy with the defined settings. Only the Security Hub delegated administrator can create this resource in the home Region. For more information, see [Central configuration in Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in the *Security Hub User Guide* .
│    │  ├ properties
│    │  │  ├ ConfigurationPolicy: (documentation changed)
│    │  │  └ Tags: (documentation changed)
│    │  └ types
│    │     ├[~] type ParameterConfiguration
│    │     │ └ properties
│    │     │    └ ValueType: (documentation changed)
│    │     ├[~] type Policy
│    │     │ └      - documentation: An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
│    │     │        + documentation: An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
│    │     ├[~] type SecurityControlsConfiguration
│    │     │ └      - documentation: An object that defines which security controls are enabled in an AWS Security Hub configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
│    │     │        This property is required only if `ServiceEnabled` is set to `true` in your configuration policy.
│    │     │        + documentation: An object that defines which security controls are enabled in an Security Hub configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
│    │     │        This property is required only if `ServiceEnabled` is set to `true` in your configuration policy.
│    │     └[~] type SecurityHubPolicy
│    │       └      - documentation: An object that defines how AWS Security Hub is configured. The configuration policy includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
│    │              + documentation: An object that defines how Security Hub is configured. The configuration policy includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
│    ├[~]  resource AWS::SecurityHub::DelegatedAdmin
│    │  └      - documentation: The `AWS::SecurityHub::DelegatedAdmin` resource designates the delegated AWS Security Hub administrator account for an organization. You must enable the integration between Security Hub and AWS Organizations before you can designate a delegated Security Hub administrator. Only the management account for an organization can designate the delegated Security Hub administrator account. For more information, see [Designating the delegated Security Hub administrator](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html#designate-admin-instructions) in the *AWS Security Hub User Guide* .
│    │         To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account.
│    │         To designate multiple delegated administrators in different organizations and AWS Regions , we recommend using [AWS CloudFormation mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html) .
│    │         Tags aren't supported for this resource.
│    │         + documentation: The `AWS::SecurityHub::DelegatedAdmin` resource designates the delegated Security Hub administrator account for an organization. You must enable the integration between Security Hub and AWS Organizations before you can designate a delegated Security Hub administrator. Only the management account for an organization can designate the delegated Security Hub administrator account. For more information, see [Designating the delegated Security Hub administrator](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html#designate-admin-instructions) in the *Security Hub User Guide* .
│    │         To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account.
│    │         To designate multiple delegated administrators in different organizations and AWS Regions , we recommend using [AWS CloudFormation mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html) .
│    │         Tags aren't supported for this resource.
│    ├[~]  resource AWS::SecurityHub::FindingAggregator
│    │  └      - documentation: The `AWS::SecurityHub::FindingAggregator` resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see [Cross-Region aggregation](https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html) in the *AWS Security Hub User Guide*
│    │         This resource must be created in the Region that you want to designate as your aggregation Region.
│    │         Cross-Region aggregation is also a prerequisite for using [central configuration](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in Security Hub .
│    │         + documentation: The `AWS::SecurityHub::FindingAggregator` resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see [Cross-Region aggregation](https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html) in the *Security Hub User Guide*
│    │         This resource must be created in the Region that you want to designate as your aggregation Region.
│    │         Cross-Region aggregation is also a prerequisite for using [central configuration](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in Security Hub .
│    ├[~]  resource AWS::SecurityHub::Hub
│    │  └      - documentation: The `AWS::SecurityHub::Hub` resource specifies the enablement of the AWS Security Hub service in your AWS account . The service is enabled in the current AWS Region or the specified Region. You create a separate `Hub` resource in each Region in which you want to enable Security Hub .
│    │         When you use this resource to enable Security Hub , default security standards are enabled. To disable default standards, set the `EnableDefaultStandards` property to `false` . You can use the [`AWS::SecurityHub::Standard`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html) resource to enable additional standards.
│    │         When you use this resource to enable Security Hub , new controls are automatically enabled for your enabled standards. To disable automatic enablement of new controls, set the `AutoEnableControls` property to `false` .
│    │         You must create an `AWS::SecurityHub::Hub` resource for an account before you can create other types of Security Hub resources for the account through AWS CloudFormation . Use a [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , such as `"DependsOn": "Hub"` , to ensure that you've created an `AWS::SecurityHub::Hub` resource before creating other Security Hub resources for an account.
│    │         + documentation: The `AWS::SecurityHub::Hub` resource specifies the enablement of the Security Hub service in your AWS account . The service is enabled in the current AWS Region or the specified Region. You create a separate `Hub` resource in each Region in which you want to enable Security Hub .
│    │         When you use this resource to enable Security Hub , default security standards are enabled. To disable default standards, set the `EnableDefaultStandards` property to `false` . You can use the [`AWS::SecurityHub::Standard`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html) resource to enable additional standards.
│    │         When you use this resource to enable Security Hub , new controls are automatically enabled for your enabled standards. To disable automatic enablement of new controls, set the `AutoEnableControls` property to `false` .
│    │         You must create an `AWS::SecurityHub::Hub` resource for an account before you can create other types of Security Hub resources for the account through AWS CloudFormation . Use a [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , such as `"DependsOn": "Hub"` , to ensure that you've created an `AWS::SecurityHub::Hub` resource before creating other Security Hub resources for an account.
│    ├[~]  resource AWS::SecurityHub::Insight
│    │  ├      - documentation: The `AWS::SecurityHub::Insight` resource creates a custom insight in AWS Security Hub . An insight is a collection of findings that relate to a security issue that requires attention or remediation. For more information, see [Insights in AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html) in the *AWS Security Hub User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  │      + documentation: The `AWS::SecurityHub::Insight` resource creates a custom insight in Security Hub . An insight is a collection of findings that relate to a security issue that requires attention or remediation. For more information, see [Insights in Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html) in the *Security Hub User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  └ types
│    │     ├[~] type AwsSecurityFindingFilters
│    │     │ ├      - documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub .
│    │     │ │      You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
│    │     │ │      + documentation: A collection of filters that are applied to all active findings aggregated by Security Hub .
│    │     │ │      You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
│    │     │ └ properties
│    │     │    ├ CreatedAt: (documentation changed)
│    │     │    ├ FirstObservedAt: (documentation changed)
│    │     │    ├ LastObservedAt: (documentation changed)
│    │     │    ├ ProcessLaunchedAt: (documentation changed)
│    │     │    ├ ProcessTerminatedAt: (documentation changed)
│    │     │    ├ ResourceContainerLaunchedAt: (documentation changed)
│    │     │    ├ ThreatIntelIndicatorLastObservedAt: (documentation changed)
│    │     │    └ UpdatedAt: (documentation changed)
│    │     ├[~] type DateFilter
│    │     │ └ properties
│    │     │    ├ End: (documentation changed)
│    │     │    └ Start: (documentation changed)
│    │     ├[~] type MapFilter
│    │     │ ├      - documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ │      + documentation: A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ └ properties
│    │     │    └ Comparison: (documentation changed)
│    │     └[~] type StringFilter
│    │       ├      - documentation: A string filter for filtering AWS Security Hub findings.
│    │       │      + documentation: A string filter for filtering Security Hub findings.
│    │       └ properties
│    │          └ Comparison: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::OrganizationConfiguration
│    │  └      - documentation: The `AWS::SecurityHub::OrganizationConfiguration` resource specifies the way that your AWS organization is configured in AWS Security Hub . Specifically, you can use this resource to specify the configuration type for your organization and whether to automatically Security Hub and security standards in new member accounts. For more information, see [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) in the *AWS Security Hub User Guide* .
│    │         + documentation: The `AWS::SecurityHub::OrganizationConfiguration` resource specifies the way that your AWS organization is configured in Security Hub . Specifically, you can use this resource to specify the configuration type for your organization and whether to automatically Security Hub and security standards in new member accounts. For more information, see [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) in the *Security Hub User Guide* .
│    ├[~]  resource AWS::SecurityHub::PolicyAssociation
│    │  ├      - documentation: The `AWS::SecurityHub::PolicyAssociation` resource specifies associations for a configuration policy or a self-managed configuration. You can associate a AWS Security Hub configuration policy or self-managed configuration with the organization root, organizational units (OUs), or AWS accounts . After a successful association, the configuration policy takes effect in the specified targets. For more information, see [Creating and associating Security Hub configuration policies](https://docs.aws.amazon.com/securityhub/latest/userguide/create-associate-policy.html) in the *AWS Security Hub User Guide* .
│    │  │      + documentation: The `AWS::SecurityHub::PolicyAssociation` resource specifies associations for a configuration policy or a self-managed configuration. You can associate a Security Hub configuration policy or self-managed configuration with the organization root, organizational units (OUs), or AWS accounts . After a successful association, the configuration policy takes effect in the specified targets. For more information, see [Creating and associating Security Hub configuration policies](https://docs.aws.amazon.com/securityhub/latest/userguide/create-associate-policy.html) in the *Security Hub User Guide* .
│    │  └ attributes
│    │     └ AssociationType: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::ProductSubscription
│    │  └      - documentation: The `AWS::SecurityHub::ProductSubscription` resource creates a subscription to a third-party product that generates findings that you want to receive in AWS Security Hub . For a list of integrations to third-party products, see [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) in the *AWS Security Hub User Guide* .
│    │         To change a product subscription, remove the current product subscription resource, and then create a new one.
│    │         Tags aren't supported for this resource.
│    │         + documentation: The `AWS::SecurityHub::ProductSubscription` resource creates a subscription to a third-party product that generates findings that you want to receive in Security Hub . For a list of integrations to third-party products, see [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) in the *Security Hub User Guide* .
│    │         To change a product subscription, remove the current product subscription resource, and then create a new one.
│    │         Tags aren't supported for this resource.
│    ├[~]  resource AWS::SecurityHub::SecurityControl
│    │  ├      - documentation: The `AWS::SecurityHub::SecurityControl` resource specifies custom parameter values for an AWS Security Hub control. For a list of controls that support custom parameters, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) . You can also use this resource to specify the use of default parameter values for a control. For more information about custom parameters, see [Custom control parameters](https://docs.aws.amazon.com/securityhub/latest/userguide/custom-control-parameters.html) in the *AWS Security Hub User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  │      + documentation: The `AWS::SecurityHub::SecurityControl` resource specifies custom parameter values for an Security Hub control. For a list of controls that support custom parameters, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) . You can also use this resource to specify the use of default parameter values for a control. For more information about custom parameters, see [Custom control parameters](https://docs.aws.amazon.com/securityhub/latest/userguide/custom-control-parameters.html) in the *Security Hub User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  └ types
│    │     └[~] type ParameterConfiguration
│    │       └ properties
│    │          └ ValueType: (documentation changed)
│    └[~]  resource AWS::SecurityHub::Standard
│       ├      - documentation: The `AWS::SecurityHub::Standard` resource specifies the enablement of a security standard. The standard is identified by the `StandardsArn` property. To view a list of Security Hub standards and their Amazon Resource Names (ARNs), use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.
│       │      You must create a separate `AWS::SecurityHub::Standard` resource for each standard that you want to enable.
│       │      For more information about Security Hub standards, see [Security Hub standards reference](https://docs.aws.amazon.com/securityhub/latest/userguide/standards-reference.html) in the *AWS Security Hub User Guide* .
│       │      + documentation: The `AWS::SecurityHub::Standard` resource specifies the enablement of a security standard. The standard is identified by the `StandardsArn` property. To view a list of Security Hub standards and their Amazon Resource Names (ARNs), use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.
│       │      You must create a separate `AWS::SecurityHub::Standard` resource for each standard that you want to enable.
│       │      For more information about Security Hub standards, see [Security Hub standards reference](https://docs.aws.amazon.com/securityhub/latest/userguide/standards-reference.html) in the *Security Hub User Guide* .
│       └ types
│          └[~] type StandardsControl
│            └      - documentation: Provides details about an individual security control. For a list of Security Hub controls, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the *AWS Security Hub User Guide* .
│                   + documentation: Provides details about an individual security control. For a list of Security Hub controls, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the *Security Hub User Guide* .
└[~] service aws-workspacesthinclient
  └ resources
     └[~]  resource AWS::WorkSpacesThinClient::Environment
        └ properties
           ├ DesktopArn: (documentation changed)
           └ DesktopEndpoint: (documentation changed)

@aws-cdk-automation aws-cdk-automation added this pull request to the merge queue Nov 11, 2025
Merged via the queue into main with commit ff93723 Nov 11, 2025
13 checks passed
@aws-cdk-automation aws-cdk-automation deleted the update-source/documentation branch November 11, 2025 03:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

auto-approve

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aws-cdk-automation