Skip to content

feat(sources): update documentation #2295

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aws-cdk-automation merged 1 commit into from
Dec 12, 2025
Merged

feat(sources): update documentation #2295

aws-cdk-automation merged 1 commit into from
Dec 12, 2025

Conversation

@aws-cdk-automation
Copy link
Contributor

@aws-cdk-automation aws-cdk-automation commented Dec 12, 2025

⚠️ This Pull Request updates daily and will overwrite all manual changes pushed to the branch

Updates the documentation source from upstream. See details in workflow run.

Automatically created by projen via the "update-source-documentation" workflow

@github-actions
feat(sources): update documentation
cfc7516 
> ⚠️ This Pull Request updates daily and will overwrite **all** manual changes pushed to the branch

Updates the documentation source from upstream. See details in [workflow run].

[Workflow Run]: https://github.com/cdklabs/awscdk-service-spec/actions/runs/20155489308

------

*Automatically created by projen via the "update-source-documentation" workflow*

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@github-actions
Copy link
Contributor

github-actions bot commented Dec 12, 2025

To work on this Pull Request, please create a new branch and PR. This prevents your work from being deleted by the automation.

Run the following commands inside the repo:

gh co 2295
git switch -c fix-pr-2295 && git push -u origin HEAD
gh pr create -t "fix: PR #2295" --body "Fixes https://github.com/cdklabs/awscdk-service-spec/pull/2295"

@github-actions
Copy link
Contributor

github-actions bot commented Dec 12, 2025

@aws-cdk/aws-service-spec: Model database diff detected
📁 Download full diff

├[~] service aws-bedrock
│ └ resources
│    ├[~]  resource AWS::Bedrock::DataAutomationProject
│    │  └ types
│    │     ├[~] type AudioOverrideConfiguration
│    │     │ └ properties
│    │     │    └ SensitiveDataConfiguration: (documentation changed)
│    │     ├[~] type DocumentOverrideConfiguration
│    │     │ └ properties
│    │     │    └ SensitiveDataConfiguration: (documentation changed)
│    │     ├[~] type ImageOverrideConfiguration
│    │     │ └ properties
│    │     │    └ SensitiveDataConfiguration: (documentation changed)
│    │     ├[~] type PIIEntitiesConfiguration
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Configuration for detecting and redacting Personally Identifiable Information (PII) entities. Specify which PII entity types to detect and the redaction mask mode. If not provided, defaults to ALL entity types with ENTITY_TYPE redaction mask mode.
│    │     │ └ properties
│    │     │    ├ PiiEntityTypes: (documentation changed)
│    │     │    └ RedactionMaskMode: (documentation changed)
│    │     ├[~] type SensitiveDataConfiguration
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Configuration for detecting and redacting sensitive data in content. Use this to control whether sensitive data is detected only or both detected and redacted, specify the scope of detection (standard output, custom output, or both), and configure specific PII entity types to detect along with how they should be masked when redacted.
│    │     │ └ properties
│    │     │    ├ DetectionMode: (documentation changed)
│    │     │    ├ DetectionScope: (documentation changed)
│    │     │    └ PiiEntitiesConfiguration: (documentation changed)
│    │     └[~] type VideoOverrideConfiguration
│    │       └ properties
│    │          └ SensitiveDataConfiguration: (documentation changed)
│    └[~]  resource AWS::Bedrock::KnowledgeBase
│       └ types
│          ├[~] type AudioConfiguration
│          │ ├      - documentation: Configure the audio configuration for multi modal ingestion.
│          │ │      + documentation: Configuration settings for processing audio content in multimodal knowledge bases.
│          │ └ properties
│          │    └ SegmentationConfiguration: (documentation changed)
│          ├[~] type AudioSegmentationConfiguration
│          │ ├      - documentation: Configure the audio segmentation configuration for multi modal ingestion.
│          │ │      + documentation: Configuration for segmenting audio content during multimodal knowledge base ingestion. Determines how audio files are divided into chunks for processing.
│          │ └ properties
│          │    └ FixedLengthDuration: (documentation changed)
│          ├[~] type BedrockEmbeddingModelConfiguration
│          │ └ properties
│          │    ├ Audio: (documentation changed)
│          │    └ Video: (documentation changed)
│          ├[~] type VideoConfiguration
│          │ ├      - documentation: Configure the video configuration for multi modal ingestion.
│          │ │      + documentation: Configuration settings for processing video content in multimodal knowledge bases.
│          │ └ properties
│          │    └ SegmentationConfiguration: (documentation changed)
│          └[~] type VideoSegmentationConfiguration
│            ├      - documentation: Configure the video segmentation configuration for multi modal ingestion.
│            │      + documentation: Configuration for segmenting video content during multimodal knowledge base ingestion. Determines how video files are divided into chunks for processing.
│            └ properties
│               └ FixedLengthDuration: (documentation changed)
├[~] service aws-billingconductor
│ └ resources
│    └[~]  resource AWS::BillingConductor::CustomLineItem
│       ├ properties
│       │  ├ ComputationRule: (documentation changed)
│       │  └ PresentationDetails: (documentation changed)
│       └ types
│          ├[~] type LineItemFilter
│          │ └ properties
│          │    └ AttributeValues: (documentation changed)
│          └[~] type PresentationDetails
│            ├      - documentation: undefined
│            │      + documentation: An object that defines how custom line item charges are presented in the bill, containing specifications for service presentation.
│            └ properties
│               └ Service: (documentation changed)
├[~] service aws-ce
│ └ resources
│    └[~]  resource AWS::CE::CostCategory
│       └ properties
│          └ SplitChargeRules: (documentation changed)
├[~] service aws-cleanrooms
│ └ resources
│    ├[~]  resource AWS::CleanRooms::AnalysisTemplate
│    │  ├ properties
│    │  │  └ SyntheticDataParameters: (documentation changed)
│    │  └ types
│    │     ├[~] type ColumnClassificationDetails
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Contains classification information for data columns, including mappings that specify how columns should be handled during synthetic data generation and privacy analysis.
│    │     │ └ properties
│    │     │    └ ColumnMapping: (documentation changed)
│    │     ├[~] type MLSyntheticDataParameters
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Parameters that control the generation of synthetic data for machine learning, including privacy settings and column classification details.
│    │     │ └ properties
│    │     │    ├ ColumnClassification: (documentation changed)
│    │     │    ├ Epsilon: (documentation changed)
│    │     │    └ MaxMembershipInferenceAttackScore: (documentation changed)
│    │     ├[~] type SyntheticDataColumnProperties
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Properties that define how a specific data column should be handled during synthetic data generation, including its name, type, and role in predictive modeling.
│    │     │ └ properties
│    │     │    ├ ColumnName: (documentation changed)
│    │     │    ├ ColumnType: (documentation changed)
│    │     │    └ IsPredictiveValue: (documentation changed)
│    │     └[~] type SyntheticDataParameters
│    │       ├      - documentation: undefined
│    │       │      + documentation: The parameters that control how synthetic data is generated, including privacy settings, column classifications, and other configuration options that affect the data synthesis process.
│    │       └ properties
│    │          └ MlSyntheticDataParameters: (documentation changed)
│    ├[~]  resource AWS::CleanRooms::Collaboration
│    │  └ types
│    │     ├[~] type MLPaymentConfig
│    │     │ └ properties
│    │     │    └ SyntheticDataGeneration: (documentation changed)
│    │     └[~] type SyntheticDataGenerationPaymentConfig
│    │       ├      - documentation: undefined
│    │       │      + documentation: Payment configuration for synthetic data generation.
│    │       └ properties
│    │          └ IsResponsible: (documentation changed)
│    └[~]  resource AWS::CleanRooms::Membership
│       └ types
│          ├[~] type MembershipMLPaymentConfig
│          │ └ properties
│          │    └ SyntheticDataGeneration: (documentation changed)
│          └[~] type MembershipSyntheticDataGenerationPaymentConfig
│            ├      - documentation: undefined
│            │      + documentation: Configuration for payment for synthetic data generation in a membership.
│            └ properties
│               └ IsResponsible: (documentation changed)
├[~] service aws-cloudfront
│ └ resources
│    └[~]  resource AWS::CloudFront::AnycastIpList
│       └ types
│          └[~] type IpamCidrConfig
│            ├      - documentation: undefined
│            │      + documentation: Configuration for an IPAM CIDR that defines a specific IP address range, IPAM pool, and associated Anycast IP address.
│            └ properties
│               ├ Cidr: (documentation changed)
│               └ IpamPoolArn: (documentation changed)
├[~] service aws-config
│ └ resources
│    └[~]  resource AWS::Config::ConfigurationRecorder
│       └ properties
│          └ RoleARN: (documentation changed)
├[~] service aws-connect
│ └ resources
│    ├[~]  resource AWS::Connect::DataTable
│    │  ├      - documentation: Resource Type definition for AWS::Connect::DataTable
│    │  │      + documentation: Represents a data table in Amazon Connect. A data table is a JSON-like data structure where attributes and values are dynamically set by customers. Customers can reference table values within call flows, applications, views, and workspaces to pinpoint dynamic configuration that changes their contact center's behavior in a predetermined and safe way.
│    │  ├ properties
│    │  │  ├ Description: (documentation changed)
│    │  │  ├ InstanceArn: (documentation changed)
│    │  │  ├ Name: (documentation changed)
│    │  │  ├ Status: (documentation changed)
│    │  │  ├ Tags: (documentation changed)
│    │  │  ├ TimeZone: (documentation changed)
│    │  │  └ ValueLockLevel: (documentation changed)
│    │  └ attributes
│    │     ├ Arn: (documentation changed)
│    │     ├ CreatedTime: (documentation changed)
│    │     ├ LastModifiedRegion: (documentation changed)
│    │     └ LastModifiedTime: (documentation changed)
│    ├[~]  resource AWS::Connect::DataTableAttribute
│    │  ├      - documentation: Resource Type definition for AWS::Connect::DataTableAttribute
│    │  │      + documentation: Represents an attribute (column) in a data table. Attributes define the schema and validation rules for values that can be stored in the table. They specify the data type, constraints, and whether the attribute is used as a primary key for record identification.
│    │  ├ properties
│    │  │  ├ DataTableArn: (documentation changed)
│    │  │  ├ Description: (documentation changed)
│    │  │  ├ InstanceArn: (documentation changed)
│    │  │  ├ Name: (documentation changed)
│    │  │  ├ Primary: (documentation changed)
│    │  │  ├ Validation: (documentation changed)
│    │  │  └ ValueType: (documentation changed)
│    │  ├ attributes
│    │  │  ├ AttributeId: (documentation changed)
│    │  │  ├ LastModifiedRegion: (documentation changed)
│    │  │  └ LastModifiedTime: (documentation changed)
│    │  └ types
│    │     └[~] type Validation
│    │       ├      - documentation: undefined
│    │       │      + documentation: Defines validation rules for data table attribute values. Based on JSON Schema Draft 2020-12 with additional Connect-specific validations. Validation rules ensure data integrity and consistency across the data table.
│    │       └ properties
│    │          ├ Enum: (documentation changed)
│    │          ├ ExclusiveMaximum: (documentation changed)
│    │          ├ ExclusiveMinimum: (documentation changed)
│    │          ├ Maximum: (documentation changed)
│    │          ├ MaxLength: (documentation changed)
│    │          ├ MaxValues: (documentation changed)
│    │          ├ Minimum: (documentation changed)
│    │          ├ MinLength: (documentation changed)
│    │          ├ MinValues: (documentation changed)
│    │          └ MultipleOf: (documentation changed)
│    ├[~]  resource AWS::Connect::DataTableRecord
│    │  └ properties
│    │     ├ DataTableArn: (documentation changed)
│    │     └ InstanceArn: (documentation changed)
│    ├[~]  resource AWS::Connect::EvaluationForm
│    │  ├ properties
│    │  │  ├ LanguageConfiguration: (documentation changed)
│    │  │  └ TargetConfiguration: (documentation changed)
│    │  └ types
│    │     ├[~] type EvaluationFormLanguageConfiguration
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Language configuration for an evaluation form.
│    │     │ └ properties
│    │     │    └ FormLanguage: (documentation changed)
│    │     ├[~] type EvaluationFormMultiSelectQuestionAutomation
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Automation configuration for multi-select questions.
│    │     │ └ properties
│    │     │    ├ DefaultOptionRefIds: (documentation changed)
│    │     │    └ Options: (documentation changed)
│    │     ├[~] type EvaluationFormMultiSelectQuestionAutomationOption
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: An automation option for a multi-select question.
│    │     │ └ properties
│    │     │    └ RuleCategory: (documentation changed)
│    │     ├[~] type EvaluationFormMultiSelectQuestionOption
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: An option for a multi-select question in an evaluation form.
│    │     │ └ properties
│    │     │    ├ RefId: (documentation changed)
│    │     │    └ Text: (documentation changed)
│    │     ├[~] type EvaluationFormMultiSelectQuestionProperties
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Properties for a multi-select question in an evaluation form.
│    │     │ └ properties
│    │     │    ├ Automation: (documentation changed)
│    │     │    ├ DisplayAs: (documentation changed)
│    │     │    └ Options: (documentation changed)
│    │     ├[~] type EvaluationFormQuestionTypeProperties
│    │     │ └ properties
│    │     │    └ MultiSelect: (documentation changed)
│    │     ├[~] type EvaluationFormTargetConfiguration
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Configuration that specifies the target for an evaluation form.
│    │     │ └ properties
│    │     │    └ ContactInteractionType: (documentation changed)
│    │     └[~] type MultiSelectQuestionRuleCategoryAutomation
│    │       ├      - documentation: undefined
│    │       │      + documentation: Automation rule for multi-select questions based on rule categories.
│    │       └ properties
│    │          ├ Category: (documentation changed)
│    │          ├ Condition: (documentation changed)
│    │          └ OptionRefIds: (documentation changed)
│    └[~]  resource AWS::Connect::Workspace
│       ├      - documentation: Resource Type definition for AWS::Connect::Workspace
│       │      + documentation: Contains information about a workspace, which defines the user experience by mapping views to pages.
│       ├ properties
│       │  ├ Description: (documentation changed)
│       │  ├ InstanceArn: (documentation changed)
│       │  ├ Tags: (documentation changed)
│       │  ├ Theme: (documentation changed)
│       │  ├ Title: (documentation changed)
│       │  └ Visibility: (documentation changed)
│       ├ attributes
│       │  ├ Arn: (documentation changed)
│       │  └ Id: (documentation changed)
│       └ types
│          ├[~] type FontFamily
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains font family configuration for workspace themes.
│          │ └ properties
│          │    └ Default: (documentation changed)
│          ├[~] type MediaItem
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains information about a media asset used in a workspace.
│          │ └ properties
│          │    ├ Source: (documentation changed)
│          │    └ Type: (documentation changed)
│          ├[~] type PaletteCanvas
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains color configuration for canvas elements in a workspace theme.
│          │ └ properties
│          │    ├ ActiveBackground: (documentation changed)
│          │    ├ ContainerBackground: (documentation changed)
│          │    └ PageBackground: (documentation changed)
│          ├[~] type PaletteHeader
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains color configuration for header elements in a workspace theme.
│          │ └ properties
│          │    ├ Background: (documentation changed)
│          │    ├ InvertActionsColors: (documentation changed)
│          │    ├ Text: (documentation changed)
│          │    └ TextHover: (documentation changed)
│          ├[~] type PaletteNavigation
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains color configuration for navigation elements in a workspace theme.
│          │ └ properties
│          │    ├ Background: (documentation changed)
│          │    ├ InvertActionsColors: (documentation changed)
│          │    ├ Text: (documentation changed)
│          │    ├ TextActive: (documentation changed)
│          │    ├ TextBackgroundActive: (documentation changed)
│          │    ├ TextBackgroundHover: (documentation changed)
│          │    └ TextHover: (documentation changed)
│          ├[~] type PalettePrimary
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains primary color configuration for a workspace theme.
│          │ └ properties
│          │    ├ Active: (documentation changed)
│          │    ├ ContrastText: (documentation changed)
│          │    └ Default: (documentation changed)
│          ├[~] type WorkspacePage
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains information about a page configuration in a workspace, including the view assigned to the page.
│          │ └ properties
│          │    ├ InputData: (documentation changed)
│          │    ├ Page: (documentation changed)
│          │    ├ ResourceArn: (documentation changed)
│          │    └ Slug: (documentation changed)
│          ├[~] type WorkspaceTheme
│          │ ├      - documentation: The theme configuration for the Connect workspace
│          │ │      + documentation: Contains theme configuration for a workspace, supporting both light and dark modes.
│          │ └ properties
│          │    ├ Dark: (documentation changed)
│          │    └ Light: (documentation changed)
│          ├[~] type WorkspaceThemeConfig
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains detailed theme configuration for a workspace, including colors, images, and typography.
│          │ └ properties
│          │    ├ Palette: (documentation changed)
│          │    └ Typography: (documentation changed)
│          ├[~] type WorkspaceThemePalette
│          │ ├      - documentation: undefined
│          │ │      + documentation: Contains color palette configuration for different areas of a workspace.
│          │ └ properties
│          │    ├ Canvas: (documentation changed)
│          │    ├ Header: (documentation changed)
│          │    ├ Navigation: (documentation changed)
│          │    └ Primary: (documentation changed)
│          └[~] type WorkspaceThemeTypography
│            ├      - documentation: undefined
│            │      + documentation: Contains typography configuration for a workspace theme.
│            └ properties
│               └ FontFamily: (documentation changed)
├[~] service aws-connectcampaignsv2
│ └ resources
│    └[~]  resource AWS::ConnectCampaignsV2::Campaign
│       └ types
│          └[~] type TelephonyOutboundConfig
│            └ properties
│               └ RingTimeout: (documentation changed)
├[~] service aws-customerprofiles
│ └ resources
│    └[~]  resource AWS::CustomerProfiles::SegmentDefinition
│       └ attributes
│          └ SegmentType: (documentation changed)
├[~] service aws-devopsagent
│ └ resources
│    ├[~]  resource AWS::DevOpsAgent::AgentSpace
│    │  ├      - documentation: Resource Type definition for AWS::DevOpsAgent::AgentSpace
│    │  │      + documentation: The `AWS::DevOpsAgent::AgentSpace` resource specifies an Agent Space for the AWS DevOps Agent Service.
│    │  ├ properties
│    │  │  ├ Description: (documentation changed)
│    │  │  └ Name: (documentation changed)
│    │  └ attributes
│    │     ├ AgentSpaceId: (documentation changed)
│    │     └ Arn: (documentation changed)
│    └[~]  resource AWS::DevOpsAgent::Association
│       ├      - documentation: Resource Type definition for AWS::DevOpsAgent::Association defining how the AgentSpace interacts with external services like GitHub, Slack, AWS accounts, and others.
│       │      + documentation: The `AWS::DevOpsAgent::Association` resource specifies an association between an Agent Space and a service, defining how the Agent Space interacts with external services like GitHub, Slack, AWS accounts, and others.
│       ├ properties
│       │  ├ AgentSpaceId: (documentation changed)
│       │  ├ Configuration: (documentation changed)
│       │  ├ LinkedAssociationIds: (documentation changed)
│       │  └ ServiceId: (documentation changed)
│       ├ attributes
│       │  ├ AssociationId: (documentation changed)
│       │  ├ CreatedAt: (documentation changed)
│       │  └ UpdatedAt: (documentation changed)
│       └ types
│          ├[~] type AWSConfiguration
│          │ ├      - documentation: AWS association for 'monitor' account
│          │ │      + documentation: Configuration for AWS monitor account integration. Specifies the account ID, assumable role ARN, and resources to be monitored in the primary monitoring account.
│          │ └ properties
│          │    ├ AccountId: (documentation changed)
│          │    ├ AccountType: (documentation changed)
│          │    ├ AssumableRoleArn: (documentation changed)
│          │    ├ Resources: (documentation changed)
│          │    └ Tags: (documentation changed)
│          ├[~] type AWSResource
│          │ ├      - documentation: AWS resource definition
│          │ │      + documentation: Defines an AWS resource to be monitored, including its type, ARN, and optional metadata.
│          │ └ properties
│          │    ├ ResourceArn: (documentation changed)
│          │    ├ ResourceMetadata: (documentation changed)
│          │    └ ResourceType: (documentation changed)
│          ├[~] type DynatraceConfiguration
│          │ ├      - documentation: Dynatrace monitoring configuration
│          │ │      + documentation: Configuration for Dynatrace monitoring integration. Defines the Dynatrace environment ID, list of resources to monitor, and webhook update settings required for the Agent Space to access metrics, traces, and logs from Dynatrace.
│          │ └ properties
│          │    ├ EnableWebhookUpdates: (documentation changed)
│          │    ├ EnvId: (documentation changed)
│          │    └ Resources: (documentation changed)
│          ├[~] type EventChannelConfiguration
│          │ ├      - documentation: EventChannelconfiguration
│          │ │      + documentation: Configuration for Event Channel integration. Defines webhook update settings to enable the Agent Space to receive real-time event notifications from event channel integrations.
│          │ └ properties
│          │    └ EnableWebhookUpdates: (documentation changed)
│          ├[~] type GitHubConfiguration
│          │ ├      - documentation: GitHub repository integration configuration
│          │ │      + documentation: Configuration for GitHub repository integration. Defines the repository name, numeric repository ID, owner name, and owner type (user or organization) required for the Agent Space to access and interact with the GitHub repository.
│          │ └ properties
│          │    ├ Owner: (documentation changed)
│          │    ├ OwnerType: (documentation changed)
│          │    ├ RepoId: (documentation changed)
│          │    └ RepoName: (documentation changed)
│          ├[~] type GitLabConfiguration
│          │ ├      - documentation: GitLab project integration configuration
│          │ │      + documentation: Configuration for GitLab project integration. Defines the numeric project ID, full project path (namespace/project-name), GitLab instance identifier, and webhook update settings required for the Agent Space to access and interact with the GitLab project.
│          │ └ properties
│          │    ├ EnableWebhookUpdates: (documentation changed)
│          │    ├ InstanceIdentifier: (documentation changed)
│          │    ├ ProjectId: (documentation changed)
│          │    └ ProjectPath: (documentation changed)
│          ├[~] type KeyValuePair
│          │ ├      - documentation: A key-value pair for tags
│          │ │      + documentation: A key-value pair for tags.
│          │ └ properties
│          │    ├ Key: (documentation changed)
│          │    └ Value: (documentation changed)
│          ├[~] type MCPServerConfiguration
│          │ ├      - documentation: MCP server configuration
│          │ │      + documentation: Configuration for MCP (Model Context Protocol) server integration. Defines the server name, endpoint URL, available tools, optional description, and webhook update settings for custom MCP servers.
│          │ └ properties
│          │    ├ Description: (documentation changed)
│          │    ├ EnableWebhookUpdates: (documentation changed)
│          │    ├ Endpoint: (documentation changed)
│          │    ├ Name: (documentation changed)
│          │    └ Tools: (documentation changed)
│          ├[~] type MCPServerDatadogConfiguration
│          │ ├      - documentation: Datadog MCP server configuration
│          │ │      + documentation: Configuration for Datadog MCP server integration. Defines the server name, endpoint URL, optional description, and webhook update settings.
│          │ └ properties
│          │    ├ Description: (documentation changed)
│          │    ├ EnableWebhookUpdates: (documentation changed)
│          │    ├ Endpoint: (documentation changed)
│          │    └ Name: (documentation changed)
│          ├[~] type MCPServerNewRelicConfiguration
│          │ ├      - documentation: NewRelic MCP server configuration
│          │ │      + documentation: Configuration for New Relic MCP server integration. Defines the New Relic account ID and MCP server endpoint URL required for the Agent Space to authenticate and query observability data from New Relic.
│          │ └ properties
│          │    ├ AccountId: (documentation changed)
│          │    └ Endpoint: (documentation changed)
│          ├[~] type MCPServerSplunkConfiguration
│          │ ├      - documentation: Splunk MCP server configuration
│          │ │      + documentation: Configuration for Splunk MCP server integration. Defines the server name, endpoint URL, optional description, and webhook update settings.
│          │ └ properties
│          │    ├ Description: (documentation changed)
│          │    ├ EnableWebhookUpdates: (documentation changed)
│          │    ├ Endpoint: (documentation changed)
│          │    └ Name: (documentation changed)
│          ├[~] type ServiceConfiguration
│          │ ├      - documentation: undefined
│          │ │      + documentation: The configuration that directs how Agent Space interacts with the given service. You can specify only one configuration type per association.
│          │ └ properties
│          │    ├ Aws: (documentation changed)
│          │    ├ Dynatrace: (documentation changed)
│          │    ├ EventChannel: (documentation changed)
│          │    ├ GitHub: (documentation changed)
│          │    ├ GitLab: (documentation changed)
│          │    ├ MCPServer: (documentation changed)
│          │    ├ MCPServerDatadog: (documentation changed)
│          │    ├ MCPServerNewRelic: (documentation changed)
│          │    ├ MCPServerSplunk: (documentation changed)
│          │    ├ ServiceNow: (documentation changed)
│          │    ├ Slack: (documentation changed)
│          │    └ SourceAws: (documentation changed)
│          ├[~] type ServiceNowConfiguration
│          │ ├      - documentation: ServiceNow integration configuration
│          │ │      + documentation: Configuration for ServiceNow integration. Defines the ServiceNow instance URL, instance ID, and webhook update settings required for the Agent Space to create, update, and manage incidents and change requests.
│          │ └ properties
│          │    ├ EnableWebhookUpdates: (documentation changed)
│          │    └ InstanceId: (documentation changed)
│          ├[~] type SlackChannel
│          │ ├      - documentation: Slack channel configuration
│          │ │      + documentation: Represents a Slack channel with its unique identifier and optional display name.
│          │ └ properties
│          │    ├ ChannelId: (documentation changed)
│          │    └ ChannelName: (documentation changed)
│          ├[~] type SlackConfiguration
│          │ ├      - documentation: Slack workspace integration configuration
│          │ │      + documentation: Configuration for Slack workspace integration. Defines the workspace ID, workspace name, and transmission targets that specify which Slack channels receive notifications.
│          │ └ properties
│          │    ├ TransmissionTarget: (documentation changed)
│          │    ├ WorkspaceId: (documentation changed)
│          │    └ WorkspaceName: (documentation changed)
│          ├[~] type SlackTransmissionTarget
│          │ ├      - documentation: Transmission targets for agent notifications
│          │ │      + documentation: Defines the Slack channels where different types of agent notifications will be sent.
│          │ └ properties
│          │    └ IncidentResponseTarget: (documentation changed)
│          └[~] type SourceAwsConfiguration
│            ├      - documentation: AWS association for 'source' account
│            │      + documentation: Configuration for AWS source account integration. Specifies the account ID, assumable role ARN, and resources to be monitored in the source account.
│            └ properties
│               ├ AccountId: (documentation changed)
│               ├ AccountType: (documentation changed)
│               ├ AssumableRoleArn: (documentation changed)
│               ├ Resources: (documentation changed)
│               └ Tags: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    ├[~]  resource AWS::EC2::EC2Fleet
│    │  └ types
│    │     └[~] type InstanceRequirementsRequest
│    │       └ properties
│    │          └ RequireEncryptionInTransit: (documentation changed)
│    └[~]  resource AWS::EC2::SpotFleet
│       ├ properties
│       │  └ Tags: (documentation changed)
│       └ types
│          └[~] type InstanceRequirementsRequest
│            └ properties
│               └ RequireEncryptionInTransit: (documentation changed)
├[~] service aws-eks
│ └ resources
│    └[~]  resource AWS::EKS::Capability
│       ├      - documentation: Resource Type definition for EKS Capability.
│       │      + documentation: An object representing a managed capability in an Amazon EKS cluster. This includes all configuration, status, and health information for the capability.
│       ├ properties
│       │  ├ CapabilityName: (documentation changed)
│       │  ├ ClusterName: (documentation changed)
│       │  ├ Configuration: (documentation changed)
│       │  ├ DeletePropagationPolicy: (documentation changed)
│       │  ├ RoleArn: (documentation changed)
│       │  └ Type: (documentation changed)
│       ├ attributes
│       │  └ Status: (documentation changed)
│       └ types
│          ├[~] type ArgoCdRoleMapping
│          │ ├      - documentation: A mapping between an Argo CD role and IAM Identity Center identities. This defines which users or groups have specific permissions in Argo CD.
│          │ │      + documentation: A mapping between an Argo CD role and IAM Identity CenterIAM; Identity Center identities. This defines which users or groups have specific permissions in Argo CD.
│          │ └ properties
│          │    ├ Identities: (documentation changed)
│          │    └ Role: (documentation changed)
│          └[~] type SsoIdentity
│            ├      - documentation: An IAM Identity Center identity (user or group) that can be assigned permissions in a capability.
│            │      + documentation: An IAM Identity CenterIAM; Identity Center identity (user or group) that can be assigned permissions in a capability.
│            └ properties
│               ├ Id: (documentation changed)
│               └ Type: (documentation changed)
├[~] service aws-glue
│ └ resources
│    └[~]  resource AWS::Glue::IdentityCenterConfiguration
│       ├      - documentation: Resource Type definition for AWS::Glue::IdentityCenterConfiguration
│       │      + documentation: Creates a new AWS Glue Identity Center configuration to enable integration between AWS Glue and AWS IAM Identity Center for authentication and authorization.
│       ├ properties
│       │  ├ InstanceArn: (documentation changed)
│       │  ├ Scopes: (documentation changed)
│       │  └ UserBackgroundSessionsEnabled: (documentation changed)
│       └ attributes
│          └ ApplicationArn: (documentation changed)
├[~] service aws-lambda
│ └ resources
│    ├[~]  resource AWS::Lambda::CapacityProvider
│    │  ├      - documentation: Resource Type definition for AWS::Lambda::CapacityProvider
│    │  │      + documentation: Creates a capacity provider that manages compute resources for Lambda functions
│    │  ├ properties
│    │  │  ├ InstanceRequirements: (documentation changed)
│    │  │  ├ KmsKeyArn: (documentation changed)
│    │  │  ├ PermissionsConfig: (documentation changed)
│    │  │  ├ Tags: (documentation changed)
│    │  │  └ VpcConfig: (documentation changed)
│    │  ├ attributes
│    │  │  └ State: (documentation changed)
│    │  └ types
│    │     ├[~] type CapacityProviderPermissionsConfig
│    │     │ ├      - documentation: IAM permissions configuration for the capacity provider.
│    │     │ │      + documentation: Configuration that specifies the permissions required for the capacity provider to manage compute resources.
│    │     │ └ properties
│    │     │    └ CapacityProviderOperatorRoleArn: (documentation changed)
│    │     ├[~] type CapacityProviderScalingConfig
│    │     │ ├      - documentation: The scaling configuration for the capacity provider.
│    │     │ │      + documentation: Configuration that defines how the capacity provider scales compute instances based on demand and policies.
│    │     │ └ properties
│    │     │    ├ MaxVCpuCount: (documentation changed)
│    │     │    └ ScalingMode: (documentation changed)
│    │     ├[~] type CapacityProviderVpcConfig
│    │     │ ├      - documentation: VPC configuration for the capacity provider.
│    │     │ │      + documentation: VPC configuration that specifies the network settings for compute instances managed by the capacity provider.
│    │     │ └ properties
│    │     │    ├ SecurityGroupIds: (documentation changed)
│    │     │    └ SubnetIds: (documentation changed)
│    │     ├[~] type InstanceRequirements
│    │     │ ├      - documentation: Specifications for the types of EC2 instances that the capacity provider can use.
│    │     │ │      + documentation: Specifications that define the characteristics and constraints for compute instances used by the capacity provider.
│    │     │ └ properties
│    │     │    ├ AllowedInstanceTypes: (documentation changed)
│    │     │    ├ Architectures: (documentation changed)
│    │     │    └ ExcludedInstanceTypes: (documentation changed)
│    │     └[~] type TargetTrackingScalingPolicy
│    │       ├      - documentation: A target tracking scaling policy for the capacity provider.
│    │       │      + documentation: A scaling policy for the capacity provider that automatically adjusts capacity to maintain a target value for a specific metric.
│    │       └ properties
│    │          ├ PredefinedMetricType: (documentation changed)
│    │          └ TargetValue: (documentation changed)
│    └[~]  resource AWS::Lambda::Function
│       ├ properties
│       │  ├ CapacityProviderConfig: (documentation changed)
│       │  ├ DurableConfig: (documentation changed)
│       │  └ FunctionScalingConfig: (documentation changed)
│       └ types
│          ├[~] type CapacityProviderConfig
│          │ ├      - documentation: undefined
│          │ │      + documentation: Configuration for the capacity provider that manages compute resources for Lambda functions.
│          │ └ properties
│          │    └ LambdaManagedInstancesCapacityProviderConfig: (documentation changed)
│          ├[~] type DurableConfig
│          │ ├      - documentation: undefined
│          │ │      + documentation: Configuration settings for [durable functions](https://docs.aws.amazon.com/lambda/latest/dg/durable-functions.html) , including execution timeout and retention period for execution history.
│          │ └ properties
│          │    ├ ExecutionTimeout: (documentation changed)
│          │    └ RetentionPeriodInDays: (documentation changed)
│          ├[~] type FunctionScalingConfig
│          │ └      - documentation: undefined
│          │        + documentation: Configuration that defines the scaling behavior for a Lambda Managed Instances function, including the minimum and maximum number of execution environments that can be provisioned.
│          └[~] type LambdaManagedInstancesCapacityProviderConfig
│            ├      - documentation: undefined
│            │      + documentation: Configuration for Lambda-managed instances used by the capacity provider.
│            └ properties
│               └ PerExecutionEnvironmentMaxConcurrency: (documentation changed)
├[~] service aws-macie
│ └ resources
│    └[~]  resource AWS::Macie::Session
│       └ properties
│          └ FindingPublishingFrequency: (documentation changed)
├[~] service aws-observabilityadmin
│ └ resources
│    ├[~]  resource AWS::ObservabilityAdmin::S3TableIntegration
│    │  ├      - documentation: Resource Type definition for a CloudWatch Observability Admin S3 Table Integration.
│    │  │      + documentation: Creates an integration between CloudWatch and S3 Tables for analytics. This integration enables querying CloudWatch telemetry data using analytics engines like Amazon Athena, Amazon Redshift, and Apache Spark.
│    │  └ properties
│    │     └ Encryption: (documentation changed)
│    └[~]  resource AWS::ObservabilityAdmin::TelemetryPipelines
│       └ types
│          ├[~] type TelemetryPipeline
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a complete telemetry pipeline resource with configuration, status, and metadata for data processing and transformation.
│          │ └ properties
│          │    ├ Arn: (documentation changed)
│          │    ├ Configuration: (documentation changed)
│          │    ├ CreatedTimeStamp: (documentation changed)
│          │    ├ LastUpdateTimeStamp: (documentation changed)
│          │    ├ Name: (documentation changed)
│          │    ├ Status: (documentation changed)
│          │    ├ StatusReason: (documentation changed)
│          │    └ Tags: (documentation changed)
│          ├[~] type TelemetryPipelineConfiguration
│          │ ├      - documentation: undefined
│          │ │      + documentation: Defines the configuration for a telemetry pipeline, including how data flows from sources through processors to destinations.
│          │ └ properties
│          │    └ Body: (documentation changed)
│          └[~] type TelemetryPipelineStatusReason
│            ├      - documentation: undefined
│            │      + documentation: Provides detailed information about the status of a telemetry pipeline, including reasons for specific states.
│            └ properties
│               └ Description: (documentation changed)
├[~] service aws-paymentcryptography
│ └ resources
│    └[~]  resource AWS::PaymentCryptography::Key
│       ├ properties
│       │  └ ReplicationRegions: (documentation changed)
│       └ types
│          └[~] type ReplicationStatusType
│            ├      - documentation: undefined
│            │      + documentation: Represents the replication status information for a key in a replication region for [Multi-Region key replication](https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-multi-region-replication.html) .
│            │      This structure contains details about the current state of key replication, including any status messages and operational information about the replication process.
│            └ properties
│               ├ Status: (documentation changed)
│               └ StatusMessage: (documentation changed)
├[~] service aws-route53
│ └ resources
│    └[~]  resource AWS::Route53::HostedZone
│       ├ properties
│       │  └ HostedZoneFeatures: (documentation changed)
│       └ types
│          └[~] type HostedZoneFeatures
│            └      - documentation: undefined
│                   + documentation: Represents the features configuration for a hosted zone, including the status of various features and any associated failure reasons.
├[~] service aws-s3tables
│ └ resources
│    ├[~]  resource AWS::S3Tables::Table
│    │  ├ properties
│    │  │  └ StorageClassConfiguration: (documentation changed)
│    │  └ types
│    │     └[~] type StorageClassConfiguration
│    │       ├      - documentation: Specifies storage class settings for the table
│    │       │      + documentation: The configuration details for the storage class of tables or table buckets. This allows you to optimize storage costs by selecting the appropriate storage class based on your access patterns and performance requirements.
│    │       └ properties
│    │          └ StorageClass: (documentation changed)
│    └[~]  resource AWS::S3Tables::TableBucket
│       ├ properties
│       │  └ StorageClassConfiguration: (documentation changed)
│       └ types
│          └[~] type StorageClassConfiguration
│            ├      - documentation: Specifies storage class settings for the table bucket
│            │      + documentation: The configuration details for the storage class of tables or table buckets. This allows you to optimize storage costs by selecting the appropriate storage class based on your access patterns and performance requirements.
│            └ properties
│               └ StorageClass: (documentation changed)
├[~] service aws-s3vectors
│ └ resources
│    └[~]  resource AWS::S3Vectors::Index
│       ├ properties
│       │  └ EncryptionConfiguration: (documentation changed)
│       └ types
│          └[~] type EncryptionConfiguration
│            ├      - documentation: The encryption configuration for the index.
│            │      + documentation: The encryption configuration for a vector bucket or index. By default, if you don't specify, all new vectors in Amazon S3 vector buckets use server-side encryption with Amazon S3 managed keys (SSE-S3), specifically `AES256` . You can optionally override bucket level encryption settings, and set a specific encryption configuration for a vector index at the time of index creation.
│            └ properties
│               ├ KmsKeyArn: (documentation changed)
│               └ SseType: (documentation changed)
├[~] service aws-securityhub
│ └ resources
│    ├[~]  resource AWS::SecurityHub::AutomationRule
│    │  ├      - documentation: The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *Security Hub User Guide* .
│    │  │      + documentation: The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub CSPM User Guide* .
│    │  ├ properties
│    │  │  ├ Criteria: (documentation changed)
│    │  │  ├ IsTerminal: (documentation changed)
│    │  │  ├ RuleOrder: (documentation changed)
│    │  │  └ RuleStatus: (documentation changed)
│    │  └ types
│    │     ├[~] type AutomationRulesAction
│    │     │ ├      - documentation: One or more actions that Security Hub takes when a finding matches the defined criteria of a rule.
│    │     │ │      + documentation: One or more actions that AWS Security Hub CSPM takes when a finding matches the defined criteria of a rule.
│    │     │ └ properties
│    │     │    └ Type: (documentation changed)
│    │     ├[~] type AutomationRulesFindingFilters
│    │     │ └ properties
│    │     │    ├ Confidence: (documentation changed)
│    │     │    ├ CreatedAt: (documentation changed)
│    │     │    ├ Criticality: (documentation changed)
│    │     │    ├ FirstObservedAt: (documentation changed)
│    │     │    ├ LastObservedAt: (documentation changed)
│    │     │    ├ NoteUpdatedAt: (documentation changed)
│    │     │    ├ ProductArn: (documentation changed)
│    │     │    ├ ProductName: (documentation changed)
│    │     │    ├ Type: (documentation changed)
│    │     │    └ UpdatedAt: (documentation changed)
│    │     ├[~] type DateFilter
│    │     │ └ properties
│    │     │    ├ End: (documentation changed)
│    │     │    └ Start: (documentation changed)
│    │     ├[~] type MapFilter
│    │     │ ├      - documentation: A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ │      + documentation: A map filter for filtering AWS Security Hub CSPM findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ └ properties
│    │     │    └ Comparison: (documentation changed)
│    │     ├[~] type StringFilter
│    │     │ ├      - documentation: A string filter for filtering Security Hub findings.
│    │     │ │      + documentation: A string filter for filtering AWS Security Hub CSPM findings.
│    │     │ └ properties
│    │     │    ├ Comparison: (documentation changed)
│    │     │    └ Value: (documentation changed)
│    │     └[~] type WorkflowUpdate
│    │       └ properties
│    │          └ Status: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::AutomationRuleV2
│    │  └ types
│    │     ├[~] type AutomationRulesActionV2
│    │     │ └ properties
│    │     │    └ Type: (documentation changed)
│    │     ├[~] type DateFilter
│    │     │ └ properties
│    │     │    ├ End: (documentation changed)
│    │     │    └ Start: (documentation changed)
│    │     ├[~] type MapFilter
│    │     │ ├      - documentation: A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ │      + documentation: A map filter for filtering AWS Security Hub CSPM findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ └ properties
│    │     │    └ Comparison: (documentation changed)
│    │     └[~] type StringFilter
│    │       ├      - documentation: A string filter for filtering Security Hub findings.
│    │       │      + documentation: A string filter for filtering AWS Security Hub CSPM findings.
│    │       └ properties
│    │          ├ Comparison: (documentation changed)
│    │          └ Value: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::ConfigurationPolicy
│    │  ├      - documentation: The `AWS::SecurityHub::ConfigurationPolicy` resource creates a central configuration policy with the defined settings. Only the Security Hub delegated administrator can create this resource in the home Region. For more information, see [Central configuration in Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in the *Security Hub User Guide* .
│    │  │      + documentation: The `AWS::SecurityHub::ConfigurationPolicy` resource creates a central configuration policy with the defined settings. Only the AWS Security Hub CSPM delegated administrator can create this resource in the home Region. For more information, see [Central configuration in Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in the *AWS Security Hub CSPM User Guide* .
│    │  ├ properties
│    │  │  ├ ConfigurationPolicy: (documentation changed)
│    │  │  └ Tags: (documentation changed)
│    │  └ types
│    │     ├[~] type ParameterConfiguration
│    │     │ └ properties
│    │     │    └ ValueType: (documentation changed)
│    │     ├[~] type Policy
│    │     │ └      - documentation: An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
│    │     │        + documentation: An object that defines how AWS Security Hub CSPM is configured. It includes whether Security Hub CSPM is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub CSPM disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub CSPM enables all other controls (including newly released controls).
│    │     ├[~] type SecurityControlsConfiguration
│    │     │ ├      - documentation: An object that defines which security controls are enabled in an Security Hub configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
│    │     │ │      This property is required only if `ServiceEnabled` is set to `true` in your configuration policy.
│    │     │ │      + documentation: An object that defines which security controls are enabled in an AWS Security Hub CSPM configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
│    │     │ │      This property is required only if `ServiceEnabled` is set to `true` in your configuration policy.
│    │     │ └ properties
│    │     │    ├ DisabledSecurityControlIdentifiers: (documentation changed)
│    │     │    └ EnabledSecurityControlIdentifiers: (documentation changed)
│    │     └[~] type SecurityHubPolicy
│    │       ├      - documentation: An object that defines how Security Hub is configured. The configuration policy includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
│    │       │      + documentation: An object that defines how AWS Security Hub CSPM is configured. The configuration policy includes whether Security Hub CSPM is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub CSPM disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub CSPM enables all other controls (including newly released controls).
│    │       └ properties
│    │          └ ServiceEnabled: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::ConnectorV2
│    │  ├      - documentation: Resource schema for AWS::SecurityHub::ConnectorV2
│    │  │      + documentation: Grants permission to create a connectorV2 based on input parameters.
│    │  ├ properties
│    │  │  ├ Description: (documentation changed)
│    │  │  ├ KmsKeyArn: (documentation changed)
│    │  │  ├ Name: (documentation changed)
│    │  │  ├ Provider: (documentation changed)
│    │  │  └ Tags: (documentation changed)
│    │  ├ attributes
│    │  │  ├ ConnectorArn: (documentation changed)
│    │  │  ├ ConnectorId: (documentation changed)
│    │  │  ├ ConnectorStatus: (documentation changed)
│    │  │  ├ CreatedAt: (documentation changed)
│    │  │  ├ LastCheckedAt: (documentation changed)
│    │  │  ├ LastUpdatedAt: (documentation changed)
│    │  │  ├ Message: (documentation changed)
│    │  │  ├ Provider.JiraCloud.AuthStatus: (documentation changed)
│    │  │  ├ Provider.JiraCloud.AuthUrl: (documentation changed)
│    │  │  ├ Provider.JiraCloud.CloudId: (documentation changed)
│    │  │  ├ Provider.JiraCloud.Domain: (documentation changed)
│    │  │  └ Provider.ServiceNow.AuthStatus: (documentation changed)
│    │  └ types
│    │     ├[~] type JiraCloud
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: Information about the configuration and status of a Jira Cloud integration.
│    │     │ └ properties
│    │     │    ├ AuthStatus: (documentation changed)
│    │     │    ├ AuthUrl: (documentation changed)
│    │     │    ├ CloudId: (documentation changed)
│    │     │    ├ Domain: (documentation changed)
│    │     │    └ ProjectKey: (documentation changed)
│    │     ├[~] type Provider
│    │     │ ├      - documentation: undefined
│    │     │ │      + documentation: The third-party provider detail for a service configuration.
│    │     │ └ properties
│    │     │    ├ JiraCloud: (documentation changed)
│    │     │    └ ServiceNow: (documentation changed)
│    │     └[~] type ServiceNow
│    │       ├      - documentation: undefined
│    │       │      + documentation: Information about a ServiceNow ITSM integration.
│    │       └ properties
│    │          ├ AuthStatus: (documentation changed)
│    │          ├ InstanceName: (documentation changed)
│    │          └ SecretArn: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::DelegatedAdmin
│    │  ├      - documentation: The `AWS::SecurityHub::DelegatedAdmin` resource designates the delegated Security Hub administrator account for an organization. You must enable the integration between Security Hub and AWS Organizations before you can designate a delegated Security Hub administrator. Only the management account for an organization can designate the delegated Security Hub administrator account. For more information, see [Designating the delegated Security Hub administrator](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html#designate-admin-instructions) in the *Security Hub User Guide* .
│    │  │      To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account.
│    │  │      To designate multiple delegated administrators in different organizations and AWS Regions , we recommend using [AWS CloudFormation mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html) .
│    │  │      Tags aren't supported for this resource.
│    │  │      + documentation: The `AWS::SecurityHub::DelegatedAdmin` resource designates the delegated AWS Security Hub CSPM administrator account for an organization. You must enable the integration between Security Hub CSPM and AWS Organizations before you can designate a delegated Security Hub CSPM administrator. Only the management account for an organization can designate the delegated Security Hub CSPM administrator account. For more information, see [Designating the delegated Security Hub CSPM administrator](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html#designate-admin-instructions) in the *AWS Security Hub CSPM User Guide* .
│    │  │      To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account.
│    │  │      To designate multiple delegated administrators in different organizations and AWS Regions , we recommend using [AWS CloudFormation mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html) .
│    │  │      Tags aren't supported for this resource.
│    │  ├ properties
│    │  │  └ AdminAccountId: (documentation changed)
│    │  └ attributes
│    │     ├ DelegatedAdminIdentifier: (documentation changed)
│    │     └ Status: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::FindingAggregator
│    │  └      - documentation: The `AWS::SecurityHub::FindingAggregator` resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see [Cross-Region aggregation](https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html) in the *Security Hub User Guide*
│    │         This resource must be created in the Region that you want to designate as your aggregation Region.
│    │         Cross-Region aggregation is also a prerequisite for using [central configuration](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in Security Hub .
│    │         + documentation: The `AWS::SecurityHub::FindingAggregator` resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see [Cross-Region aggregation](https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html) in the *AWS Security Hub CSPM User Guide*
│    │         This resource must be created in the Region that you want to designate as your aggregation Region.
│    │         Cross-Region aggregation is also a prerequisite for using [central configuration](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in Security Hub CSPM .
│    ├[~]  resource AWS::SecurityHub::Hub
│    │  ├      - documentation: The `AWS::SecurityHub::Hub` resource specifies the enablement of the Security Hub service in your AWS account . The service is enabled in the current AWS Region or the specified Region. You create a separate `Hub` resource in each Region in which you want to enable Security Hub .
│    │  │      When you use this resource to enable Security Hub , default security standards are enabled. To disable default standards, set the `EnableDefaultStandards` property to `false` . You can use the [`AWS::SecurityHub::Standard`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html) resource to enable additional standards.
│    │  │      When you use this resource to enable Security Hub , new controls are automatically enabled for your enabled standards. To disable automatic enablement of new controls, set the `AutoEnableControls` property to `false` .
│    │  │      You must create an `AWS::SecurityHub::Hub` resource for an account before you can create other types of Security Hub resources for the account through CloudFormation . Use a [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , such as `"DependsOn": "Hub"` , to ensure that you've created an `AWS::SecurityHub::Hub` resource before creating other Security Hub resources for an account.
│    │  │      + documentation: The `AWS::SecurityHub::Hub` resource specifies the enablement of the AWS Security Hub CSPM service in your AWS account . The service is enabled in the current AWS Region or the specified Region. You create a separate `Hub` resource in each Region in which you want to enable Security Hub CSPM .
│    │  │      When you use this resource to enable Security Hub CSPM , default security standards are enabled. To disable default standards, set the `EnableDefaultStandards` property to `false` . You can use the [`AWS::SecurityHub::Standard`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html) resource to enable additional standards.
│    │  │      When you use this resource to enable Security Hub CSPM , new controls are automatically enabled for your enabled standards. To disable automatic enablement of new controls, set the `AutoEnableControls` property to `false` .
│    │  │      You must create an `AWS::SecurityHub::Hub` resource for an account before you can create other types of Security Hub CSPM resources for the account through CloudFormation . Use a [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , such as `"DependsOn": "Hub"` , to ensure that you've created an `AWS::SecurityHub::Hub` resource before creating other Security Hub CSPM resources for an account.
│    │  ├ properties
│    │  │  ├ AutoEnableControls: (documentation changed)
│    │  │  ├ ControlFindingGenerator: (documentation changed)
│    │  │  └ EnableDefaultStandards: (documentation changed)
│    │  └ attributes
│    │     └ SubscribedAt: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::HubV2
│    │  └ properties
│    │     └ Tags: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::Insight
│    │  ├      - documentation: The `AWS::SecurityHub::Insight` resource creates a custom insight in Security Hub . An insight is a collection of findings that relate to a security issue that requires attention or remediation. For more information, see [Insights in Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html) in the *Security Hub User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  │      + documentation: The `AWS::SecurityHub::Insight` resource creates a custom insight in AWS Security Hub CSPM . An insight is a collection of findings that relate to a security issue that requires attention or remediation. For more information, see [Insights in AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html) in the *AWS Security Hub CSPM User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  ├ properties
│    │  │  └ Name: (documentation changed)
│    │  ├ attributes
│    │  │  └ InsightArn: (documentation changed)
│    │  └ types
│    │     ├[~] type AwsSecurityFindingFilters
│    │     │ ├      - documentation: A collection of filters that are applied to all active findings aggregated by Security Hub .
│    │     │ │      You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
│    │     │ │      + documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub CSPM .
│    │     │ │      You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
│    │     │ └ properties
│    │     │    ├ CreatedAt: (documentation changed)
│    │     │    ├ FirstObservedAt: (documentation changed)
│    │     │    ├ LastObservedAt: (documentation changed)
│    │     │    ├ ProcessLaunchedAt: (documentation changed)
│    │     │    ├ ProcessTerminatedAt: (documentation changed)
│    │     │    ├ ProductArn: (documentation changed)
│    │     │    ├ ResourceContainerLaunchedAt: (documentation changed)
│    │     │    ├ ThreatIntelIndicatorLastObservedAt: (documentation changed)
│    │     │    ├ UpdatedAt: (documentation changed)
│    │     │    ├ VulnerabilitiesExploitAvailable: (documentation changed)
│    │     │    ├ VulnerabilitiesFixAvailable: (documentation changed)
│    │     │    └ WorkflowStatus: (documentation changed)
│    │     ├[~] type DateFilter
│    │     │ └ properties
│    │     │    ├ End: (documentation changed)
│    │     │    └ Start: (documentation changed)
│    │     ├[~] type MapFilter
│    │     │ ├      - documentation: A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ │      + documentation: A map filter for filtering AWS Security Hub CSPM findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
│    │     │ └ properties
│    │     │    └ Comparison: (documentation changed)
│    │     └[~] type StringFilter
│    │       ├      - documentation: A string filter for filtering Security Hub findings.
│    │       │      + documentation: A string filter for filtering AWS Security Hub CSPM findings.
│    │       └ properties
│    │          ├ Comparison: (documentation changed)
│    │          └ Value: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::OrganizationConfiguration
│    │  ├      - documentation: The `AWS::SecurityHub::OrganizationConfiguration` resource specifies the way that your AWS organization is configured in Security Hub . Specifically, you can use this resource to specify the configuration type for your organization and whether to automatically Security Hub and security standards in new member accounts. For more information, see [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) in the *Security Hub User Guide* .
│    │  │      + documentation: The `AWS::SecurityHub::OrganizationConfiguration` resource specifies the way that your AWS organization is configured in AWS Security Hub CSPM . Specifically, you can use this resource to specify the configuration type for your organization and whether to automatically Security Hub CSPM and security standards in new member accounts. For more information, see [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) in the *AWS Security Hub CSPM User Guide* .
│    │  ├ properties
│    │  │  ├ AutoEnable: (documentation changed)
│    │  │  ├ AutoEnableStandards: (documentation changed)
│    │  │  └ ConfigurationType: (documentation changed)
│    │  └ attributes
│    │     └ MemberAccountLimitReached: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::PolicyAssociation
│    │  ├      - documentation: The `AWS::SecurityHub::PolicyAssociation` resource specifies associations for a configuration policy or a self-managed configuration. You can associate a Security Hub configuration policy or self-managed configuration with the organization root, organizational units (OUs), or AWS accounts . After a successful association, the configuration policy takes effect in the specified targets. For more information, see [Creating and associating Security Hub configuration policies](https://docs.aws.amazon.com/securityhub/latest/userguide/create-associate-policy.html) in the *Security Hub User Guide* .
│    │  │      + documentation: The `AWS::SecurityHub::PolicyAssociation` resource specifies associations for a configuration policy or a self-managed configuration. You can associate a AWS Security Hub CSPM configuration policy or self-managed configuration with the organization root, organizational units (OUs), or AWS accounts . After a successful association, the configuration policy takes effect in the specified targets. For more information, see [Creating and associating Security Hub CSPM configuration policies](https://docs.aws.amazon.com/securityhub/latest/userguide/create-associate-policy.html) in the *AWS Security Hub CSPM User Guide* .
│    │  └ attributes
│    │     └ AssociationType: (documentation changed)
│    ├[~]  resource AWS::SecurityHub::ProductSubscription
│    │  └      - documentation: The `AWS::SecurityHub::ProductSubscription` resource creates a subscription to a third-party product that generates findings that you want to receive in Security Hub . For a list of integrations to third-party products, see [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) in the *Security Hub User Guide* .
│    │         To change a product subscription, remove the current product subscription resource, and then create a new one.
│    │         Tags aren't supported for this resource.
│    │         + documentation: The `AWS::SecurityHub::ProductSubscription` resource creates a subscription to a third-party product that generates findings that you want to receive in AWS Security Hub CSPM . For a list of integrations to third-party products, see [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) in the *AWS Security Hub CSPM User Guide* .
│    │         To change a product subscription, remove the current product subscription resource, and then create a new one.
│    │         Tags aren't supported for this resource.
│    ├[~]  resource AWS::SecurityHub::SecurityControl
│    │  ├      - documentation: The `AWS::SecurityHub::SecurityControl` resource specifies custom parameter values for an Security Hub control. For a list of controls that support custom parameters, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) . You can also use this resource to specify the use of default parameter values for a control. For more information about custom parameters, see [Custom control parameters](https://docs.aws.amazon.com/securityhub/latest/userguide/custom-control-parameters.html) in the *Security Hub User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  │      + documentation: The `AWS::SecurityHub::SecurityControl` resource specifies custom parameter values for an AWS Security Hub CSPM control. For a list of controls that support custom parameters, see [Security Hub CSPM controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) . You can also use this resource to specify the use of default parameter values for a control. For more information about custom parameters, see [Custom control parameters](https://docs.aws.amazon.com/securityhub/latest/userguide/custom-control-parameters.html) in the *AWS Security Hub CSPM User Guide* .
│    │  │      Tags aren't supported for this resource.
│    │  └ types
│    │     └[~] type ParameterConfiguration
│    │       └ properties
│    │          └ ValueType: (documentation changed)
│    └[~]  resource AWS::SecurityHub::Standard
│       ├      - documentation: The `AWS::SecurityHub::Standard` resource specifies the enablement of a security standard. The standard is identified by the `StandardsArn` property. To view a list of Security Hub standards and their Amazon Resource Names (ARNs), use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.
│       │      You must create a separate `AWS::SecurityHub::Standard` resource for each standard that you want to enable.
│       │      For more information about Security Hub standards, see [Security Hub standards reference](https://docs.aws.amazon.com/securityhub/latest/userguide/standards-reference.html) in the *Security Hub User Guide* .
│       │      + documentation: The `AWS::SecurityHub::Standard` resource specifies the enablement of a security standard. The standard is identified by the `StandardsArn` property. To view a list of Security Hub CSPM standards and their Amazon Resource Names (ARNs), use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.
│       │      You must create a separate `AWS::SecurityHub::Standard` resource for each standard that you want to enable.
│       │      For more information about Security Hub CSPM standards, see [Security Hub CSPM standards reference](https://docs.aws.amazon.com/securityhub/latest/userguide/standards-reference.html) in the *AWS Security Hub CSPM User Guide* .
│       ├ properties
│       │  └ StandardsArn: (documentation changed)
│       └ types
│          └[~] type StandardsControl
│            └      - documentation: Provides details about an individual security control. For a list of Security Hub controls, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the *Security Hub User Guide* .
│                   + documentation: Provides details about an individual security control. For a list of Security Hub CSPM controls, see [Security Hub CSPM controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the *AWS Security Hub CSPM User Guide* .
└[~] service aws-transfer
  └ resources
     └[~]  resource AWS::Transfer::Connector
        └ attributes
           └ ErrorMessage: (documentation changed)

@aws-cdk-automation aws-cdk-automation added this pull request to the merge queue Dec 12, 2025
Merged via the queue into main with commit 2437fa6 Dec 12, 2025
13 checks passed
@aws-cdk-automation aws-cdk-automation deleted the update-source/documentation branch December 12, 2025 04:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

auto-approve

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@aws-cdk-automation